mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-08 06:10:47 +02:00
Merge pull request #7234 from douzzer/20240208-test-config-and-linuxkm-tweaks
20240208-test-config-and-linuxkm-tweaks
This commit is contained in:
+22
-15
@@ -720,6 +720,7 @@ then
|
||||
# this set is also enabled by enable-all-crypto:
|
||||
test "$enable_atomicuser" = "" && enable_atomicuser=yes
|
||||
test "$enable_aesgcm" = "" && enable_aesgcm=yes
|
||||
test "$enable_aesgcm_stream" = "" && test "$enable_aesgcm" = "yes" && enable_aesgcm_stream=yes
|
||||
test "$enable_aesccm" = "" && enable_aesccm=yes
|
||||
test "$enable_aesctr" = "" && enable_aesctr=yes
|
||||
test "$enable_aeseax" = "" && enable_aeseax=yes
|
||||
@@ -745,7 +746,6 @@ then
|
||||
test "$enable_psk" = "" && enable_psk=yes
|
||||
test "$enable_cmac" = "" && enable_cmac=yes
|
||||
test "$enable_siphash" = "" && enable_siphash=yes
|
||||
test "$enable_aesxts" = "" && enable_aesxts=yes
|
||||
test "$enable_ocsp" = "" && enable_ocsp=yes
|
||||
test "$enable_ocspstapling" = "" && test "$enable_ocsp" != "no" && enable_ocspstapling=yes
|
||||
test "$enable_ocspstapling2" = "" && test "$enable_ocsp" != "no" && enable_ocspstapling2=yes
|
||||
@@ -787,6 +787,7 @@ then
|
||||
test "$enable_session_ticket" = "" && enable_session_ticket=yes
|
||||
test "$enable_earlydata" = "" && enable_earlydata=yes
|
||||
test "$enable_ech" = "" && enable_ech=yes
|
||||
test "$enable_srtp" = "" && enable_srtp=yes
|
||||
|
||||
if test "$ENABLED_32BIT" != "yes"
|
||||
then
|
||||
@@ -796,7 +797,6 @@ then
|
||||
|
||||
if test "$ENABLED_LINUXKM_DEFAULTS" != "yes"
|
||||
then
|
||||
test "$enable_aesgcm_stream" = "" && test "$enable_aesgcm" = "yes" && enable_aesgcm_stream=yes
|
||||
test "$enable_compkey" = "" && enable_compkey=yes
|
||||
test "$enable_quic" = "" && test "$enable_cryptonly" != "yes" && enable_quic=yes
|
||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL_IO -DHAVE_IO_TIMEOUT"
|
||||
@@ -861,7 +861,8 @@ then
|
||||
fi
|
||||
fi
|
||||
|
||||
if test "$ENABLED_FIPS" = "no" || test "$ENABLED_FIPS" = "dev"; then
|
||||
if test "$ENABLED_FIPS" = "no" || test "$FIPS_VERSION" = "dev"; then
|
||||
test "$enable_aesxts" = "" && enable_aesxts=yes
|
||||
test "$enable_aessiv" = "" && enable_aessiv=yes
|
||||
fi
|
||||
|
||||
@@ -908,6 +909,7 @@ if test "$ENABLED_ALL_CRYPT" = "yes"
|
||||
then
|
||||
test "$enable_atomicuser" = "" && enable_atomicuser=yes
|
||||
test "$enable_aesgcm" = "" && enable_aesgcm=yes
|
||||
test "$enable_aesgcm_stream" = "" && test "$enable_aesgcm" = "yes" && enable_aesgcm_stream=yes
|
||||
test "$enable_aesccm" = "" && enable_aesccm=yes
|
||||
test "$enable_aesctr" = "" && enable_aesctr=yes
|
||||
test "$enable_aeseax" = "" && enable_aeseax=yes
|
||||
@@ -933,7 +935,6 @@ then
|
||||
test "$enable_psk" = "" && enable_psk=yes
|
||||
test "$enable_cmac" = "" && enable_cmac=yes
|
||||
test "$enable_siphash" = "" && enable_siphash=yes
|
||||
test "$enable_aesxts" = "" && enable_aesxts=yes
|
||||
test "$enable_ocsp" = "" && enable_ocsp=yes
|
||||
test "$enable_ocspstapling" = "" && test "$enable_ocsp" != "no" && enable_ocspstapling=yes
|
||||
test "$enable_ocspstapling2" = "" && test "$enable_ocsp" != "no" && enable_ocspstapling2=yes
|
||||
@@ -959,6 +960,7 @@ then
|
||||
test "$enable_cryptocb" = "" && enable_cryptocb=yes
|
||||
test "$enable_anon" = "" && enable_anon=yes
|
||||
test "$enable_ssh" = "" && test "$enable_hmac" != "no" && enable_ssh=yes
|
||||
test "$enable_srtp_kdf" = "" && enable_srtp_kdf=yes
|
||||
|
||||
if test "$ENABLED_32BIT" != "yes"
|
||||
then
|
||||
@@ -968,7 +970,6 @@ then
|
||||
|
||||
if test "$ENABLED_LINUXKM_DEFAULTS" != "yes"
|
||||
then
|
||||
test "$enable_aesgcm_stream" = "" && test "$enable_aesgcm" = "yes" && enable_aesgcm_stream=yes
|
||||
test "$enable_compkey" = "" && enable_compkey=yes
|
||||
fi
|
||||
|
||||
@@ -1001,7 +1002,8 @@ then
|
||||
fi
|
||||
fi
|
||||
|
||||
if test "$ENABLED_FIPS" = "no" || test "$ENABLED_FIPS" = "dev"; then
|
||||
if test "$ENABLED_FIPS" = "no" || test "$FIPS_VERSION" = "dev"; then
|
||||
test "$enable_aesxts" = "" && enable_aesxts=yes
|
||||
test "$enable_aessiv" = "" && enable_aessiv=yes
|
||||
fi
|
||||
|
||||
@@ -4848,13 +4850,6 @@ AC_ARG_ENABLE([xts],
|
||||
[ ENABLED_AESXTS=$enableval ]
|
||||
)
|
||||
|
||||
AS_IF([test "x$ENABLED_AESXTS" = "xyes"],
|
||||
[AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AES_XTS -DWOLFSSL_AES_DIRECT"])
|
||||
AS_IF([test "x$ENABLED_AESXTS" = "xyes" && test "x$ENABLED_INTELASM" = "xyes"],
|
||||
[AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_AES_XTS"])
|
||||
AS_IF([test "x$ENABLED_AESXTS" = "xyes" && test "x$ENABLED_AESNI" = "xyes"],
|
||||
[AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_AES_XTS"])
|
||||
|
||||
# Web Server Build
|
||||
AC_ARG_ENABLE([webserver],
|
||||
[AS_HELP_STRING([--enable-webserver],[Enable Web Server (default: disabled)])],
|
||||
@@ -4953,6 +4948,9 @@ AS_CASE([$FIPS_VERSION],
|
||||
AS_IF([test "$ENABLED_AESCCM" != "yes" && (test "$FIPS_VERSION" != "dev" || test "$enable_aesccm" != "no")],
|
||||
[ENABLED_AESCCM="yes"; AM_CFLAGS="$AM_CFLAGS -DHAVE_AESCCM"])
|
||||
|
||||
AS_IF([test "$ENABLED_AESXTS" = "yes" && (test "$FIPS_VERSION" != "dev" || test "$enable_aesxts" != "yes")],
|
||||
[ENABLED_AESXTS="no"])
|
||||
|
||||
AS_IF([test "$ENABLED_RSAPSS" != "yes" && (test "$FIPS_VERSION" != "dev" || test "$enable_rsapss" != "no")],
|
||||
[ENABLED_RSAPSS="yes"; AM_CFLAGS="$AM_CFLAGS -DWC_RSA_PSS"])
|
||||
|
||||
@@ -4994,7 +4992,8 @@ AS_CASE([$FIPS_VERSION],
|
||||
AS_IF([(test "$ENABLED_AESCCM" = "yes" && test "$HAVE_AESCCM_PORT" != "yes") ||
|
||||
(test "$ENABLED_AESCTR" = "yes" && test "$HAVE_AESCTR_PORT" != "yes") ||
|
||||
(test "$ENABLED_AESGCM" = "yes" && test "$HAVE_AESGCM_PORT" != "yes") ||
|
||||
(test "$ENABLED_AESOFB" = "yes" && test "$HAVE_AESOFB_PORT" != "yes")],
|
||||
(test "$ENABLED_AESOFB" = "yes" && test "$HAVE_AESOFB_PORT" != "yes") ||
|
||||
(test "$ENABLED_AESXTS" = "yes" && test "$HAVE_AESXTS_PORT" != "yes")],
|
||||
[AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AES_DIRECT -DHAVE_AES_ECB"])
|
||||
],
|
||||
|
||||
@@ -5100,6 +5099,14 @@ AS_CASE([$SELFTEST_VERSION],
|
||||
])
|
||||
|
||||
|
||||
AS_IF([test "x$ENABLED_AESXTS" = "xyes"],
|
||||
[AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AES_XTS -DWOLFSSL_AES_DIRECT"])
|
||||
AS_IF([test "x$ENABLED_AESXTS" = "xyes" && test "x$ENABLED_INTELASM" = "xyes"],
|
||||
[AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_AES_XTS"])
|
||||
AS_IF([test "x$ENABLED_AESXTS" = "xyes" && test "x$ENABLED_AESNI" = "xyes"],
|
||||
[AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_AES_XTS"])
|
||||
|
||||
|
||||
# Set SHA-3 flags
|
||||
if test "$ENABLED_SHA3" != "no" && test "$ENABLED_32BIT" = "no"
|
||||
then
|
||||
@@ -8043,7 +8050,7 @@ if test "$ENABLED_LINUXKM_LKCAPI_REGISTER" != "none"
|
||||
then
|
||||
AM_CFLAGS="$AM_CFLAGS -DLINUXKM_LKCAPI_REGISTER"
|
||||
|
||||
if test "$ENABLED_AESGCM" != "no" && test "$ENABLED_AESGCM_STREAM" = "no" && test "$ENABLED_AESNI" = "no" && test "$ENABLED_ARMASM" = "no" && test "$ENABLED_FIPS" = "no"; then
|
||||
if test "$ENABLED_AESGCM" != "no" && test "$ENABLED_AESGCM_STREAM" = "no" && test "$ENABLED_ARMASM" = "no" && test "$ENABLED_FIPS" = "no"; then
|
||||
ENABLED_AESGCM_STREAM=yes
|
||||
fi
|
||||
|
||||
|
||||
@@ -120,7 +120,7 @@
|
||||
#include <linux/kernel.h>
|
||||
#include <linux/ctype.h>
|
||||
|
||||
#ifdef CONFIG_FORTIFY_SOURCE
|
||||
#if defined(CONFIG_FORTIFY_SOURCE) || defined(DEBUG_LINUXKM_FORTIFY_OVERLAY)
|
||||
#ifdef __PIE__
|
||||
/* the inline definitions in fortify-string.h use non-inline
|
||||
* fortify_panic().
|
||||
@@ -345,6 +345,8 @@
|
||||
fail_clause \
|
||||
} \
|
||||
}
|
||||
#endif
|
||||
#ifndef SAVE_VECTOR_REGISTERS2
|
||||
#ifdef DEBUG_VECTOR_REGISTER_ACCESS_FUZZING
|
||||
#define SAVE_VECTOR_REGISTERS2() ({ \
|
||||
int _fuzzer_ret = SAVE_VECTOR_REGISTERS2_fuzzer(); \
|
||||
@@ -363,6 +365,8 @@
|
||||
#include <asm/fpsimd.h>
|
||||
#ifndef SAVE_VECTOR_REGISTERS
|
||||
#define SAVE_VECTOR_REGISTERS(fail_clause) { int _svr_ret = save_vector_registers_arm(); if (_svr_ret != 0) { fail_clause } }
|
||||
#endif
|
||||
#ifndef SAVE_VECTOR_REGISTERS2
|
||||
#define SAVE_VECTOR_REGISTERS2() save_vector_registers_arm()
|
||||
#endif
|
||||
#ifndef RESTORE_VECTOR_REGISTERS
|
||||
|
||||
+58
-54
@@ -24,12 +24,6 @@
|
||||
#error lkcapi_glue.c included in non-LINUXKM_LKCAPI_REGISTER project.
|
||||
#endif
|
||||
|
||||
#if defined(LINUXKM_LKCAPI_REGISTER_AESGCM) && defined(WOLFSSL_AESNI) && \
|
||||
defined(WC_AES_C_DYNAMIC_FALLBACK)
|
||||
/* xxx temporary */
|
||||
#error LINUXKM_LKCAPI_REGISTER_AESGCM is incompatible with WOLFSSL_AESNI && WC_AES_C_DYNAMIC_FALLBACK
|
||||
#endif
|
||||
|
||||
#ifndef WOLFSSL_LINUXKM_LKCAPI_PRIORITY
|
||||
/* Larger number means higher priority. The highest in-tree priority is 4001,
|
||||
* in the Cavium driver.
|
||||
@@ -88,8 +82,7 @@ static int linuxkm_test_aescfb(void);
|
||||
#endif
|
||||
#if defined(HAVE_AESGCM) && \
|
||||
(defined(LINUXKM_LKCAPI_REGISTER_ALL) || \
|
||||
defined(LINUXKM_LKCAPI_REGISTER_AESGCM)) && \
|
||||
(! (defined(WOLFSSL_AESNI) && defined(WC_AES_C_DYNAMIC_FALLBACK)))
|
||||
defined(LINUXKM_LKCAPI_REGISTER_AESGCM))
|
||||
static int linuxkm_test_aesgcm(void);
|
||||
#endif
|
||||
#if defined(WOLFSSL_AES_XTS) && \
|
||||
@@ -503,8 +496,7 @@ static int cfbAesAlg_loaded = 0;
|
||||
|
||||
#if defined(HAVE_AESGCM) && \
|
||||
(defined(LINUXKM_LKCAPI_REGISTER_ALL) || \
|
||||
defined(LINUXKM_LKCAPI_REGISTER_AESGCM)) && \
|
||||
(! (defined(WOLFSSL_AESNI) && defined(WC_AES_C_DYNAMIC_FALLBACK)))
|
||||
defined(LINUXKM_LKCAPI_REGISTER_AESGCM))
|
||||
|
||||
#ifndef WOLFSSL_AESGCM_STREAM
|
||||
#error LKCAPI registration of AES-GCM requires WOLFSSL_AESGCM_STREAM (--enable-aesgcm-stream).
|
||||
@@ -790,7 +782,6 @@ static int gcmAesAead_loaded = 0;
|
||||
|
||||
#endif /* HAVE_AESGCM &&
|
||||
* (LINUXKM_LKCAPI_REGISTER_ALL || LINUXKM_LKCAPI_REGISTER_AESGCM) &&
|
||||
* (! (WOLFSSL_AESNI && WC_AES_C_DYNAMIC_FALLBACK))
|
||||
*/
|
||||
|
||||
#if defined(WOLFSSL_AES_XTS) && \
|
||||
@@ -1009,8 +1000,6 @@ static int linuxkm_test_aescbc(void)
|
||||
u8 * enc2 = NULL;
|
||||
u8 * dec2 = NULL;
|
||||
|
||||
const char *driver_name;
|
||||
|
||||
XMEMSET(enc, 0, sizeof(enc));
|
||||
XMEMSET(dec, 0, sizeof(enc));
|
||||
|
||||
@@ -1086,13 +1075,18 @@ static int linuxkm_test_aescbc(void)
|
||||
goto test_cbc_end;
|
||||
}
|
||||
|
||||
driver_name = crypto_tfm_alg_driver_name(crypto_skcipher_tfm(tfm));
|
||||
if (strcmp(driver_name, WOLFKM_AESCBC_DRIVER)) {
|
||||
pr_err("error: unexpected implementation for %s: %s (expected %s)\n",
|
||||
WOLFKM_AESCBC_NAME, driver_name, WOLFKM_AESCBC_DRIVER);
|
||||
ret = -ENOENT;
|
||||
goto test_cbc_end;
|
||||
#ifndef LINUXKM_LKCAPI_PRIORITY_ALLOW_MASKING
|
||||
{
|
||||
const char *driver_name =
|
||||
crypto_tfm_alg_driver_name(crypto_skcipher_tfm(tfm));
|
||||
if (strcmp(driver_name, WOLFKM_AESCBC_DRIVER)) {
|
||||
pr_err("error: unexpected implementation for %s: %s (expected %s)\n",
|
||||
WOLFKM_AESCBC_NAME, driver_name, WOLFKM_AESCBC_DRIVER);
|
||||
ret = -ENOENT;
|
||||
goto test_cbc_end;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
ret = crypto_skcipher_setkey(tfm, key32, AES_BLOCK_SIZE * 2);
|
||||
if (ret) {
|
||||
@@ -1199,7 +1193,6 @@ static int linuxkm_test_aescfb(void)
|
||||
byte dec[sizeof(p_vector)];
|
||||
u8 * enc2 = NULL;
|
||||
u8 * dec2 = NULL;
|
||||
const char *driver_name;
|
||||
|
||||
XMEMSET(enc, 0, sizeof(enc));
|
||||
XMEMSET(dec, 0, sizeof(enc));
|
||||
@@ -1276,13 +1269,18 @@ static int linuxkm_test_aescfb(void)
|
||||
goto test_cfb_end;
|
||||
}
|
||||
|
||||
driver_name = crypto_tfm_alg_driver_name(crypto_skcipher_tfm(tfm));
|
||||
if (strcmp(driver_name, WOLFKM_AESCFB_DRIVER)) {
|
||||
pr_err("error: unexpected implementation for %s: %s (expected %s)\n",
|
||||
WOLFKM_AESCFB_NAME, driver_name, WOLFKM_AESCFB_DRIVER);
|
||||
ret = -ENOENT;
|
||||
goto test_cfb_end;
|
||||
#ifndef LINUXKM_LKCAPI_PRIORITY_ALLOW_MASKING
|
||||
{
|
||||
const char *driver_name =
|
||||
crypto_tfm_alg_driver_name(crypto_skcipher_tfm(tfm));
|
||||
if (strcmp(driver_name, WOLFKM_AESCFB_DRIVER)) {
|
||||
pr_err("error: unexpected implementation for %s: %s (expected %s)\n",
|
||||
WOLFKM_AESCFB_NAME, driver_name, WOLFKM_AESCFB_DRIVER);
|
||||
ret = -ENOENT;
|
||||
goto test_cfb_end;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
ret = crypto_skcipher_setkey(tfm, key32, AES_BLOCK_SIZE * 2);
|
||||
if (ret) {
|
||||
@@ -1352,8 +1350,7 @@ test_cfb_end:
|
||||
|
||||
#if defined(HAVE_AESGCM) && \
|
||||
(defined(LINUXKM_LKCAPI_REGISTER_ALL) || \
|
||||
defined(LINUXKM_LKCAPI_REGISTER_AESGCM)) && \
|
||||
(! (defined(WOLFSSL_AESNI) && defined(WC_AES_C_DYNAMIC_FALLBACK)))
|
||||
defined(LINUXKM_LKCAPI_REGISTER_AESGCM))
|
||||
|
||||
static int linuxkm_test_aesgcm(void)
|
||||
{
|
||||
@@ -1404,7 +1401,6 @@ static int linuxkm_test_aesgcm(void)
|
||||
u8 * iv = NULL;
|
||||
size_t encryptLen = sizeof(p_vector);
|
||||
size_t decryptLen = sizeof(p_vector) + sizeof(authTag);
|
||||
const char *driver_name;
|
||||
|
||||
/* Init stack variables. */
|
||||
XMEMSET(enc, 0, sizeof(p_vector));
|
||||
@@ -1525,13 +1521,17 @@ static int linuxkm_test_aesgcm(void)
|
||||
goto test_gcm_end;
|
||||
}
|
||||
|
||||
driver_name = crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm));
|
||||
if (strcmp(driver_name, WOLFKM_AESGCM_DRIVER)) {
|
||||
pr_err("error: unexpected implementation for %s: %s (expected %s)\n",
|
||||
WOLFKM_AESGCM_NAME, driver_name, WOLFKM_AESGCM_DRIVER);
|
||||
ret = -ENOENT;
|
||||
goto test_gcm_end;
|
||||
#ifndef LINUXKM_LKCAPI_PRIORITY_ALLOW_MASKING
|
||||
{
|
||||
const char *driver_name = crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm));
|
||||
if (strcmp(driver_name, WOLFKM_AESGCM_DRIVER)) {
|
||||
pr_err("error: unexpected implementation for %s: %s (expected %s)\n",
|
||||
WOLFKM_AESGCM_NAME, driver_name, WOLFKM_AESGCM_DRIVER);
|
||||
ret = -ENOENT;
|
||||
goto test_gcm_end;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
ret = crypto_aead_setkey(tfm, key32, AES_BLOCK_SIZE * 2);
|
||||
if (ret) {
|
||||
@@ -1628,7 +1628,6 @@ test_gcm_end:
|
||||
|
||||
#endif /* HAVE_AESGCM &&
|
||||
* (LINUXKM_LKCAPI_REGISTER_ALL || LINUXKM_LKCAPI_REGISTER_AESGCM) &&
|
||||
* (! (WOLFSSL_AESNI && WC_AES_C_DYNAMIC_FALLBACK))
|
||||
*/
|
||||
|
||||
#if defined(WOLFSSL_AES_XTS) && \
|
||||
@@ -1654,7 +1653,6 @@ static int aes_xts_128_test(void)
|
||||
struct crypto_skcipher *tfm = NULL;
|
||||
struct skcipher_request *req = NULL;
|
||||
u8 iv[AES_BLOCK_SIZE];
|
||||
const char *driver_name;
|
||||
|
||||
/* 128 key tests */
|
||||
static const unsigned char k1[] = {
|
||||
@@ -2024,13 +2022,18 @@ static int aes_xts_128_test(void)
|
||||
goto test_xts_end;
|
||||
}
|
||||
|
||||
driver_name = crypto_tfm_alg_driver_name(crypto_skcipher_tfm(tfm));
|
||||
if (strcmp(driver_name, WOLFKM_AESXTS_DRIVER)) {
|
||||
pr_err("error: unexpected implementation for %s: %s (expected %s)\n",
|
||||
WOLFKM_AESXTS_NAME, driver_name, WOLFKM_AESXTS_DRIVER);
|
||||
ret = -ENOENT;
|
||||
goto test_xts_end;
|
||||
#ifndef LINUXKM_LKCAPI_PRIORITY_ALLOW_MASKING
|
||||
{
|
||||
const char *driver_name =
|
||||
crypto_tfm_alg_driver_name(crypto_skcipher_tfm(tfm));
|
||||
if (strcmp(driver_name, WOLFKM_AESXTS_DRIVER)) {
|
||||
pr_err("error: unexpected implementation for %s: %s (expected %s)\n",
|
||||
WOLFKM_AESXTS_NAME, driver_name, WOLFKM_AESXTS_DRIVER);
|
||||
ret = -ENOENT;
|
||||
goto test_xts_end;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
ret = crypto_skcipher_ivsize(tfm);
|
||||
if (ret != sizeof(iv)) {
|
||||
@@ -2194,7 +2197,6 @@ static int aes_xts_256_test(void)
|
||||
struct crypto_skcipher *tfm = NULL;
|
||||
struct skcipher_request *req = NULL;
|
||||
u8 iv[AES_BLOCK_SIZE];
|
||||
const char *driver_name;
|
||||
|
||||
/* 256 key tests */
|
||||
static const unsigned char k1[] = {
|
||||
@@ -2404,13 +2406,17 @@ static int aes_xts_256_test(void)
|
||||
goto test_xts_end;
|
||||
}
|
||||
|
||||
driver_name = crypto_tfm_alg_driver_name(crypto_skcipher_tfm(tfm));
|
||||
if (strcmp(driver_name, WOLFKM_AESXTS_DRIVER)) {
|
||||
pr_err("error: unexpected implementation for %s: %s (expected %s)\n",
|
||||
WOLFKM_AESXTS_NAME, driver_name, WOLFKM_AESXTS_DRIVER);
|
||||
ret = -ENOENT;
|
||||
goto test_xts_end;
|
||||
#ifndef LINUXKM_LKCAPI_PRIORITY_ALLOW_MASKING
|
||||
{
|
||||
const char *driver_name = crypto_tfm_alg_driver_name(crypto_skcipher_tfm(tfm));
|
||||
if (strcmp(driver_name, WOLFKM_AESXTS_DRIVER)) {
|
||||
pr_err("error: unexpected implementation for %s: %s (expected %s)\n",
|
||||
WOLFKM_AESXTS_NAME, driver_name, WOLFKM_AESXTS_DRIVER);
|
||||
ret = -ENOENT;
|
||||
goto test_xts_end;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
ret = crypto_skcipher_ivsize(tfm);
|
||||
if (ret != sizeof(iv)) {
|
||||
@@ -2640,8 +2646,7 @@ static int linuxkm_lkcapi_register(void)
|
||||
|
||||
#if defined(HAVE_AESGCM) && \
|
||||
(defined(LINUXKM_LKCAPI_REGISTER_ALL) || \
|
||||
defined(LINUXKM_LKCAPI_REGISTER_AESGCM)) && \
|
||||
(! (defined(WOLFSSL_AESNI) && defined(WC_AES_C_DYNAMIC_FALLBACK)))
|
||||
defined(LINUXKM_LKCAPI_REGISTER_AESGCM))
|
||||
|
||||
REGISTER_ALG(gcmAesAead, crypto_register_aead, linuxkm_test_aesgcm);
|
||||
#endif
|
||||
@@ -2681,8 +2686,7 @@ static void linuxkm_lkcapi_unregister(void)
|
||||
#endif
|
||||
#if defined(HAVE_AESGCM) && \
|
||||
(defined(LINUXKM_LKCAPI_REGISTER_ALL) || \
|
||||
defined(LINUXKM_LKCAPI_REGISTER_AESGCM)) && \
|
||||
(! (defined(WOLFSSL_AESNI) && defined(WC_AES_C_DYNAMIC_FALLBACK)))
|
||||
defined(LINUXKM_LKCAPI_REGISTER_AESGCM))
|
||||
|
||||
UNREGISTER_ALG(gcmAesAead, crypto_unregister_aead);
|
||||
#endif
|
||||
|
||||
+16
-22
@@ -8966,10 +8966,6 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
|
||||
#ifdef WOLFSSL_AESGCM_STREAM
|
||||
|
||||
#if defined(WC_AES_C_DYNAMIC_FALLBACK) && defined(WOLFSSL_AESNI)
|
||||
#error "AES-GCM streaming with AESNI is incompatible with WC_AES_C_DYNAMIC_FALLBACK."
|
||||
#endif
|
||||
|
||||
/* Initialize the AES GCM cipher with an IV. C implementation.
|
||||
*
|
||||
* @param [in, out] aes AES object.
|
||||
@@ -8981,10 +8977,6 @@ static WARN_UNUSED_RESULT int AesGcmInit_C(Aes* aes, const byte* iv, word32 ivSz
|
||||
ALIGN32 byte counter[AES_BLOCK_SIZE];
|
||||
int ret;
|
||||
|
||||
#ifdef WOLFSSL_AESNI
|
||||
aes->use_aesni = 0;
|
||||
#endif
|
||||
|
||||
if (ivSz == GCM_NONCE_MID_SZ) {
|
||||
/* Counter is IV with bottom 4 bytes set to: 0x00,0x00,0x00,0x01. */
|
||||
XMEMCPY(counter, iv, ivSz);
|
||||
@@ -9211,6 +9203,7 @@ static WARN_UNUSED_RESULT int AesGcmInit_aesni(
|
||||
ASSERT_SAVED_VECTOR_REGISTERS();
|
||||
|
||||
/* Reset state fields. */
|
||||
aes->over = 0;
|
||||
aes->aSz = 0;
|
||||
aes->cSz = 0;
|
||||
/* Set tag to all zeros as initial value. */
|
||||
@@ -9238,8 +9231,6 @@ static WARN_UNUSED_RESULT int AesGcmInit_aesni(
|
||||
aes->gcm.H, AES_COUNTER(aes), AES_INITCTR(aes));
|
||||
}
|
||||
|
||||
aes->use_aesni = 1;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -9865,11 +9856,12 @@ int wc_AesGcmInit(Aes* aes, const byte* key, word32 len, const byte* iv,
|
||||
|
||||
if (iv != NULL) {
|
||||
/* Initialize with the IV. */
|
||||
VECTOR_REGISTERS_PUSH;
|
||||
|
||||
#ifdef WOLFSSL_AESNI
|
||||
if (aes->use_aesni) {
|
||||
SAVE_VECTOR_REGISTERS(return _svr_ret;);
|
||||
ret = AesGcmInit_aesni(aes, iv, ivSz);
|
||||
RESTORE_VECTOR_REGISTERS();
|
||||
}
|
||||
else
|
||||
#endif
|
||||
@@ -9877,8 +9869,6 @@ int wc_AesGcmInit(Aes* aes, const byte* key, word32 len, const byte* iv,
|
||||
ret = AesGcmInit_C(aes, iv, ivSz);
|
||||
}
|
||||
|
||||
VECTOR_REGISTERS_POP;
|
||||
|
||||
if (ret == 0)
|
||||
aes->nonceSet = 1;
|
||||
}
|
||||
@@ -9992,11 +9982,12 @@ int wc_AesGcmEncryptUpdate(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
|
||||
if (ret == 0) {
|
||||
/* Encrypt with AAD and/or plaintext. */
|
||||
VECTOR_REGISTERS_PUSH;
|
||||
|
||||
#ifdef WOLFSSL_AESNI
|
||||
if (aes->use_aesni) {
|
||||
SAVE_VECTOR_REGISTERS(return _svr_ret;);
|
||||
ret = AesGcmEncryptUpdate_aesni(aes, out, in, sz, authIn, authInSz);
|
||||
RESTORE_VECTOR_REGISTERS();
|
||||
}
|
||||
else
|
||||
#endif
|
||||
@@ -10009,8 +10000,6 @@ int wc_AesGcmEncryptUpdate(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
GHASH_UPDATE(aes, authIn, authInSz, out, sz);
|
||||
}
|
||||
}
|
||||
|
||||
VECTOR_REGISTERS_POP;
|
||||
}
|
||||
|
||||
return ret;
|
||||
@@ -10047,17 +10036,17 @@ int wc_AesGcmEncryptFinal(Aes* aes, byte* authTag, word32 authTagSz)
|
||||
|
||||
if (ret == 0) {
|
||||
/* Calculate authentication tag. */
|
||||
VECTOR_REGISTERS_PUSH;
|
||||
#ifdef WOLFSSL_AESNI
|
||||
if (aes->use_aesni) {
|
||||
SAVE_VECTOR_REGISTERS(return _svr_ret;);
|
||||
ret = AesGcmEncryptFinal_aesni(aes, authTag, authTagSz);
|
||||
RESTORE_VECTOR_REGISTERS();
|
||||
}
|
||||
else
|
||||
#endif
|
||||
{
|
||||
ret = AesGcmFinal_C(aes, authTag, authTagSz);
|
||||
}
|
||||
VECTOR_REGISTERS_POP;
|
||||
}
|
||||
|
||||
if ((ret == 0) && aes->ctrSet) {
|
||||
@@ -10130,10 +10119,11 @@ int wc_AesGcmDecryptUpdate(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
|
||||
if (ret == 0) {
|
||||
/* Decrypt with AAD and/or cipher text. */
|
||||
VECTOR_REGISTERS_PUSH;
|
||||
#ifdef WOLFSSL_AESNI
|
||||
if (aes->use_aesni) {
|
||||
SAVE_VECTOR_REGISTERS(return _svr_ret;);
|
||||
ret = AesGcmDecryptUpdate_aesni(aes, out, in, sz, authIn, authInSz);
|
||||
RESTORE_VECTOR_REGISTERS();
|
||||
}
|
||||
else
|
||||
#endif
|
||||
@@ -10144,7 +10134,6 @@ int wc_AesGcmDecryptUpdate(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
/* Decrypt the cipher text. */
|
||||
ret = AesGcmCryptUpdate_C(aes, out, in, sz);
|
||||
}
|
||||
VECTOR_REGISTERS_POP;
|
||||
}
|
||||
|
||||
return ret;
|
||||
@@ -10181,10 +10170,11 @@ int wc_AesGcmDecryptFinal(Aes* aes, const byte* authTag, word32 authTagSz)
|
||||
|
||||
if (ret == 0) {
|
||||
/* Calculate authentication tag and compare with one passed in.. */
|
||||
VECTOR_REGISTERS_PUSH;
|
||||
#ifdef WOLFSSL_AESNI
|
||||
if (aes->use_aesni) {
|
||||
SAVE_VECTOR_REGISTERS(return _svr_ret;);
|
||||
ret = AesGcmDecryptFinal_aesni(aes, authTag, authTagSz);
|
||||
RESTORE_VECTOR_REGISTERS();
|
||||
}
|
||||
else
|
||||
#endif
|
||||
@@ -10199,7 +10189,6 @@ int wc_AesGcmDecryptFinal(Aes* aes, const byte* authTag, word32 authTagSz)
|
||||
}
|
||||
}
|
||||
}
|
||||
VECTOR_REGISTERS_POP;
|
||||
}
|
||||
|
||||
return ret;
|
||||
@@ -11108,6 +11097,11 @@ int wc_AesInit(Aes* aes, void* heap, int devId)
|
||||
aes->heap = heap;
|
||||
aes->rounds = 0;
|
||||
|
||||
#ifdef WOLFSSL_AESNI
|
||||
/* clear here for the benefit of wc_AesGcmInit(). */
|
||||
aes->use_aesni = 0;
|
||||
#endif
|
||||
|
||||
#ifdef WOLF_CRYPTO_CB
|
||||
aes->devId = devId;
|
||||
aes->devCtx = NULL;
|
||||
|
||||
@@ -51,6 +51,14 @@
|
||||
#include <wolfssl/wolfcrypt/cryptocb.h>
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_LINUXKM) && !defined(USE_INTEL_SPEEDUP)
|
||||
/* force off unneeded vector register save/restore. */
|
||||
#undef SAVE_VECTOR_REGISTERS
|
||||
#define SAVE_VECTOR_REGISTERS(...) WC_DO_NOTHING
|
||||
#undef RESTORE_VECTOR_REGISTERS
|
||||
#define RESTORE_VECTOR_REGISTERS() WC_DO_NOTHING
|
||||
#endif
|
||||
|
||||
const curve25519_set_type curve25519_sets[] = {
|
||||
{
|
||||
CURVE25519_KEYSIZE,
|
||||
|
||||
+16
-2
@@ -55,6 +55,13 @@
|
||||
#include <wolfcrypt/src/misc.c>
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_LINUXKM) && !defined(WOLFSSL_SP_ASM)
|
||||
/* force off unneeded vector register save/restore. */
|
||||
#undef SAVE_VECTOR_REGISTERS
|
||||
#define SAVE_VECTOR_REGISTERS(...) WC_DO_NOTHING
|
||||
#undef RESTORE_VECTOR_REGISTERS
|
||||
#define RESTORE_VECTOR_REGISTERS() WC_DO_NOTHING
|
||||
#endif
|
||||
|
||||
/*
|
||||
Possible DH enable options:
|
||||
@@ -3003,7 +3010,7 @@ int wc_DhGenerateParams(WC_RNG *rng, int modSz, DhKey *dh)
|
||||
|
||||
/* loop until p is prime */
|
||||
if (ret == 0) {
|
||||
do {
|
||||
for (;;) {
|
||||
if (mp_prime_is_prime_ex(&dh->p, 8, &primeCheck, rng) != MP_OKAY)
|
||||
ret = PRIME_GEN_E;
|
||||
|
||||
@@ -3014,7 +3021,14 @@ int wc_DhGenerateParams(WC_RNG *rng, int modSz, DhKey *dh)
|
||||
else
|
||||
primeCheckCount++;
|
||||
}
|
||||
} while (ret == 0 && primeCheck == MP_NO);
|
||||
|
||||
if (ret != 0 || primeCheck == MP_YES)
|
||||
break;
|
||||
|
||||
/* linuxkm: release the kernel for a moment before iterating. */
|
||||
RESTORE_VECTOR_REGISTERS();
|
||||
SAVE_VECTOR_REGISTERS(ret = _svr_ret; break;);
|
||||
};
|
||||
}
|
||||
|
||||
/* tmp2 += (2*loop_check_prime)
|
||||
|
||||
@@ -42,6 +42,14 @@
|
||||
#include <wolfcrypt/src/misc.c>
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_LINUXKM) && !defined(WOLFSSL_SP_ASM)
|
||||
/* force off unneeded vector register save/restore. */
|
||||
#undef SAVE_VECTOR_REGISTERS
|
||||
#define SAVE_VECTOR_REGISTERS(...) WC_DO_NOTHING
|
||||
#undef RESTORE_VECTOR_REGISTERS
|
||||
#define RESTORE_VECTOR_REGISTERS() WC_DO_NOTHING
|
||||
#endif
|
||||
|
||||
#ifdef _MSC_VER
|
||||
/* disable for while(0) cases (MSVC bug) */
|
||||
#pragma warning(disable:4127)
|
||||
|
||||
@@ -213,6 +213,14 @@ ECC Curve Sizes:
|
||||
#include <wolfssl/wolfcrypt/hmac.h>
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_LINUXKM) && !defined(WOLFSSL_SP_ASM)
|
||||
/* force off unneeded vector register save/restore. */
|
||||
#undef SAVE_VECTOR_REGISTERS
|
||||
#define SAVE_VECTOR_REGISTERS(...) WC_DO_NOTHING
|
||||
#undef RESTORE_VECTOR_REGISTERS
|
||||
#define RESTORE_VECTOR_REGISTERS() WC_DO_NOTHING
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)
|
||||
#define GEN_MEM_ERR MP_MEM
|
||||
#elif defined(USE_FAST_MATH)
|
||||
|
||||
@@ -43,6 +43,14 @@
|
||||
#include <wolfssl/wolfcrypt/sp.h>
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_LINUXKM) && !defined(WOLFSSL_SP_ASM)
|
||||
/* force off unneeded vector register save/restore. */
|
||||
#undef SAVE_VECTOR_REGISTERS
|
||||
#define SAVE_VECTOR_REGISTERS(...) WC_DO_NOTHING
|
||||
#undef RESTORE_VECTOR_REGISTERS
|
||||
#define RESTORE_VECTOR_REGISTERS() WC_DO_NOTHING
|
||||
#endif
|
||||
|
||||
#ifndef WOLFSSL_HAVE_ECC_KEY_GET_PRIV
|
||||
/* FIPS build has replaced ecc.h. */
|
||||
#define wc_ecc_key_get_priv(key) (&((key)->k))
|
||||
|
||||
+6
-6
@@ -888,12 +888,12 @@ int wc_SSH_KDF(byte hashId, byte keyId, byte* key, word32 keySz,
|
||||
* @param [out] block First block to encrypt.
|
||||
*/
|
||||
static void wc_srtp_kdf_first_block(const byte* salt, word32 saltSz, int kdrIdx,
|
||||
const byte* index, byte indexSz, unsigned char* block)
|
||||
const byte* index, int indexSz, unsigned char* block)
|
||||
{
|
||||
word32 i;
|
||||
int i;
|
||||
|
||||
/* XOR salt into zeroized buffer. */
|
||||
for (i = 0; i < WC_SRTP_MAX_SALT - saltSz; i++) {
|
||||
for (i = 0; i < WC_SRTP_MAX_SALT - (int)saltSz; i++) {
|
||||
block[i] = 0;
|
||||
}
|
||||
XMEMCPY(block + WC_SRTP_MAX_SALT - saltSz, salt, saltSz);
|
||||
@@ -942,13 +942,13 @@ static int wc_srtp_kdf_derive_key(byte* block, byte indexSz, byte label,
|
||||
int i;
|
||||
int ret = 0;
|
||||
/* Calculate the number of full blocks needed for derived key. */
|
||||
int blocks = keySz / AES_BLOCK_SIZE;
|
||||
int blocks = (int)(keySz / AES_BLOCK_SIZE);
|
||||
|
||||
/* XOR in label. */
|
||||
block[WC_SRTP_MAX_SALT - indexSz - 1] ^= label;
|
||||
for (i = 0; (ret == 0) && (i < blocks); i++) {
|
||||
/* Set counter. */
|
||||
block[15] = i;
|
||||
block[15] = (byte)i;
|
||||
/* Encrypt block into key buffer. */
|
||||
ret = wc_AesEcbEncrypt(aes, key, block, AES_BLOCK_SIZE);
|
||||
/* Reposition for more derived key. */
|
||||
@@ -960,7 +960,7 @@ static int wc_srtp_kdf_derive_key(byte* block, byte indexSz, byte label,
|
||||
if ((ret == 0) && (keySz > 0)) {
|
||||
byte enc[AES_BLOCK_SIZE];
|
||||
/* Set counter. */
|
||||
block[15] = i;
|
||||
block[15] = (byte)i;
|
||||
/* Encrypt block into temporary. */
|
||||
ret = wc_AesEcbEncrypt(aes, enc, block, AES_BLOCK_SIZE);
|
||||
if (ret == 0) {
|
||||
|
||||
+19
-11
@@ -1508,16 +1508,21 @@ THREAD_LS_T const char *wc_svr_last_file = NULL;
|
||||
THREAD_LS_T int wc_svr_last_line = -1;
|
||||
THREAD_LS_T int wc_debug_vector_registers_retval =
|
||||
WC_DEBUG_VECTOR_REGISTERS_RETVAL_INITVAL;
|
||||
#endif
|
||||
|
||||
#ifdef DEBUG_VECTOR_REGISTER_ACCESS_FUZZING
|
||||
|
||||
#ifdef HAVE_THREAD_LS
|
||||
|
||||
WOLFSSL_LOCAL int SAVE_VECTOR_REGISTERS2_fuzzer(void) {
|
||||
static THREAD_LS_T struct drand48_data wc_svr_fuzzing_state;
|
||||
static THREAD_LS_T int wc_svr_fuzzing_seeded = 0;
|
||||
long result;
|
||||
|
||||
#ifdef DEBUG_VECTOR_REGISTER_ACCESS
|
||||
if (wc_debug_vector_registers_retval)
|
||||
return wc_debug_vector_registers_retval;
|
||||
#endif
|
||||
|
||||
if (wc_svr_fuzzing_seeded == 0) {
|
||||
long seed = WC_DEBUG_VECTOR_REGISTERS_FUZZING_SEED;
|
||||
@@ -1534,30 +1539,33 @@ WOLFSSL_LOCAL int SAVE_VECTOR_REGISTERS2_fuzzer(void) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
#endif /* DEBUG_VECTOR_REGISTER_ACCESS_FUZZING */
|
||||
#else /* !HAVE_THREAD_LS */
|
||||
|
||||
#elif defined(DEBUG_VECTOR_REGISTER_ACCESS_FUZZING)
|
||||
|
||||
/* DEBUG_VECTOR_REGISTER_ACCESS is undefined but fuzzing requested --
|
||||
* fuzz vector register access without the detailed debugging.
|
||||
* this is useful for testing in the kernel module build, where glibc and
|
||||
* thread-local storage are unavailable.
|
||||
/* alternate implementation useful for testing in the kernel module build, where
|
||||
* glibc and thread-local storage are unavailable.
|
||||
*
|
||||
* note this is not a well-behaved PRNG, but is adequate for fuzzing purposes.
|
||||
* the prn sequence is incompressible according to ent and xz, and does not
|
||||
* cycle within 10M iterations with various seeds including zero, but the Chi
|
||||
* square distribution is poor, and the unconditioned lsb bit balance is ~54%
|
||||
* regardless of seed.
|
||||
*
|
||||
* deterministic only if access is single-threaded, but never degenerate.
|
||||
*/
|
||||
|
||||
WOLFSSL_LOCAL int SAVE_VECTOR_REGISTERS2_fuzzer(void) {
|
||||
static unsigned long prn = WC_DEBUG_VECTOR_REGISTERS_FUZZING_SEED;
|
||||
static int balance_bit = 0;
|
||||
/* access to prn is racey, but it doesn't matter. */
|
||||
unsigned long new_prn = prn ^ 0xba86943da66ee701ul; /* note this magic
|
||||
* random number is
|
||||
* bit-balanced.
|
||||
*/
|
||||
|
||||
#ifdef DEBUG_VECTOR_REGISTER_ACCESS
|
||||
if (wc_debug_vector_registers_retval)
|
||||
return wc_debug_vector_registers_retval;
|
||||
#endif
|
||||
|
||||
/* barrel-roll using the bottom 6 bits. */
|
||||
if (new_prn & 0x3f)
|
||||
new_prn = (new_prn << (new_prn & 0x3f)) |
|
||||
@@ -1569,9 +1577,9 @@ WOLFSSL_LOCAL int SAVE_VECTOR_REGISTERS2_fuzzer(void) {
|
||||
return ((prn & 1) ^ balance_bit) ? IO_FAILED_E : 0;
|
||||
}
|
||||
|
||||
#endif /* DEBUG_VECTOR_REGISTER_ACCESS ||
|
||||
* DEBUG_VECTOR_REGISTER_ACCESS_FUZZING
|
||||
*/
|
||||
#endif /* !HAVE_THREAD_LS */
|
||||
|
||||
#endif /* DEBUG_VECTOR_REGISTER_ACCESS_FUZZING */
|
||||
|
||||
#ifdef WOLFSSL_LINUXKM
|
||||
#include "../../linuxkm/linuxkm_memory.c"
|
||||
|
||||
+18
-5
@@ -62,6 +62,14 @@ RSA keys can be used to encrypt, decrypt, sign and verify data.
|
||||
#include <wolfssl/wolfcrypt/sp.h>
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_LINUXKM) && !defined(WOLFSSL_SP_ASM)
|
||||
/* force off unneeded vector register save/restore. */
|
||||
#undef SAVE_VECTOR_REGISTERS
|
||||
#define SAVE_VECTOR_REGISTERS(...) WC_DO_NOTHING
|
||||
#undef RESTORE_VECTOR_REGISTERS
|
||||
#define RESTORE_VECTOR_REGISTERS() WC_DO_NOTHING
|
||||
#endif
|
||||
|
||||
/*
|
||||
Possible RSA enable options:
|
||||
* NO_RSA: Overall control of RSA default: on
|
||||
@@ -712,8 +720,7 @@ int wc_CheckRsaKey(RsaKey* key)
|
||||
|
||||
ret = wc_InitRng(rng);
|
||||
|
||||
if (ret == 0)
|
||||
SAVE_VECTOR_REGISTERS(ret = _svr_ret;);
|
||||
SAVE_VECTOR_REGISTERS(ret = _svr_ret;);
|
||||
|
||||
if (ret == 0) {
|
||||
if (INIT_MP_INT_SIZE(tmp, mp_bitsused(&key->n)) != MP_OKAY)
|
||||
@@ -4841,7 +4848,7 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
|
||||
#endif
|
||||
isPrime = 0;
|
||||
i = 0;
|
||||
do {
|
||||
for (;;) {
|
||||
#ifdef SHOW_GEN
|
||||
printf(".");
|
||||
fflush(stdout);
|
||||
@@ -4864,9 +4871,15 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
|
||||
i++;
|
||||
#else
|
||||
/* Keep the old retry behavior in non-FIPS build. */
|
||||
(void)i;
|
||||
#endif
|
||||
} while (err == MP_OKAY && !isPrime && i < failCount);
|
||||
|
||||
if (err != MP_OKAY || isPrime || i >= failCount)
|
||||
break;
|
||||
|
||||
/* linuxkm: release the kernel for a moment before iterating. */
|
||||
RESTORE_VECTOR_REGISTERS();
|
||||
SAVE_VECTOR_REGISTERS(err = _svr_ret; break;);
|
||||
};
|
||||
}
|
||||
|
||||
if (err == MP_OKAY && !isPrime)
|
||||
|
||||
@@ -44,6 +44,14 @@
|
||||
#include <wolfssl/wolfcrypt/sakke.h>
|
||||
#include <wolfssl/wolfcrypt/asn_public.h>
|
||||
|
||||
#if defined(WOLFSSL_LINUXKM) && !defined(WOLFSSL_SP_ASM)
|
||||
/* force off unneeded vector register save/restore. */
|
||||
#undef SAVE_VECTOR_REGISTERS
|
||||
#define SAVE_VECTOR_REGISTERS(...) WC_DO_NOTHING
|
||||
#undef RESTORE_VECTOR_REGISTERS
|
||||
#define RESTORE_VECTOR_REGISTERS() WC_DO_NOTHING
|
||||
#endif
|
||||
|
||||
#ifndef WOLFSSL_HAVE_ECC_KEY_GET_PRIV
|
||||
/* FIPS build has replaced ecc.h. */
|
||||
#define wc_ecc_key_get_priv(key) (&((key)->k))
|
||||
|
||||
@@ -115,6 +115,14 @@ This library provides single precision (SP) integer math functions.
|
||||
|
||||
#include <wolfssl/wolfcrypt/sp_int.h>
|
||||
|
||||
#if defined(WOLFSSL_LINUXKM) && !defined(WOLFSSL_SP_ASM)
|
||||
/* force off unneeded vector register save/restore. */
|
||||
#undef SAVE_VECTOR_REGISTERS
|
||||
#define SAVE_VECTOR_REGISTERS(...) WC_DO_NOTHING
|
||||
#undef RESTORE_VECTOR_REGISTERS
|
||||
#define RESTORE_VECTOR_REGISTERS() WC_DO_NOTHING
|
||||
#endif
|
||||
|
||||
/* DECL_SP_INT: Declare one variable of type 'sp_int'. */
|
||||
#if (defined(WOLFSSL_SMALL_STACK) || defined(SP_ALLOC)) && \
|
||||
!defined(WOLFSSL_SP_NO_MALLOC)
|
||||
|
||||
+79
-51
@@ -536,6 +536,12 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t XChaCha20Poly1305_test(void);
|
||||
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t des_test(void);
|
||||
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t des3_test(void);
|
||||
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_test(void);
|
||||
#if defined(WOLFSSL_AES_CFB)
|
||||
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_cfb_test(void);
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_XTS
|
||||
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_xts_test(void);
|
||||
#endif
|
||||
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes192_test(void);
|
||||
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes256_test(void);
|
||||
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesofb_test(void);
|
||||
@@ -1463,7 +1469,7 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
|
||||
if ( (ret = aesofb_test()) != 0)
|
||||
TEST_FAIL("AES-OFB test failed!\n", ret);
|
||||
else
|
||||
TEST_PASS("AESOFB test passed!\n");
|
||||
TEST_PASS("AES-OFB test passed!\n");
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_AESGCM
|
||||
@@ -1490,6 +1496,21 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
|
||||
else
|
||||
TEST_PASS("AES-CCM test passed!\n");
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_AES_CFB
|
||||
if ( (ret = aes_cfb_test()) != 0)
|
||||
TEST_FAIL("AES-CFB test failed!\n", ret);
|
||||
else
|
||||
TEST_PASS("AES-CFB test passed!\n");
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_AES_XTS
|
||||
if ( (ret = aes_xts_test()) != 0)
|
||||
TEST_FAIL("AES-XTS test failed!\n", ret);
|
||||
else
|
||||
TEST_PASS("AES-XTS test passed!\n");
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_AES_KEYWRAP
|
||||
if ( (ret = aeskeywrap_test()) != 0)
|
||||
TEST_FAIL("AES Key Wrap test failed!\n", ret);
|
||||
@@ -8433,8 +8454,10 @@ EVP_TEST_END:
|
||||
#endif /* WOLFSSL_AES_OFB */
|
||||
|
||||
#if defined(WOLFSSL_AES_CFB)
|
||||
/* Test cases from NIST SP 800-38A, Recommendation for Block Cipher Modes of Operation Methods an*/
|
||||
static wc_test_ret_t aescfb_test(void)
|
||||
/* Test cases from NIST SP 800-38A, Recommendation for Block Cipher Modes of
|
||||
* Operation Methods and Techniques
|
||||
*/
|
||||
static wc_test_ret_t aescfb_test_0(void)
|
||||
{
|
||||
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
|
||||
Aes *enc = NULL;
|
||||
@@ -9360,7 +9383,7 @@ static wc_test_ret_t aes_key_size_test(void)
|
||||
return ret;
|
||||
}
|
||||
|
||||
#if defined(WOLFSSL_AES_XTS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
|
||||
#if defined(WOLFSSL_AES_XTS)
|
||||
|
||||
/* test vectors from http://csrc.nist.gov/groups/STM/cavp/block-cipher-modes.html */
|
||||
#ifdef WOLFSSL_AES_128
|
||||
@@ -11770,44 +11793,6 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_test(void)
|
||||
goto out;
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_AES_XTS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
|
||||
#ifdef WOLFSSL_AES_128
|
||||
ret = aes_xts_128_test();
|
||||
if (ret != 0)
|
||||
goto out;
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
ret = aes_xts_256_test();
|
||||
if (ret != 0)
|
||||
goto out;
|
||||
#endif
|
||||
#if defined(WOLFSSL_AES_128) && defined(WOLFSSL_AES_256)
|
||||
ret = aes_xts_sector_test();
|
||||
if (ret != 0)
|
||||
goto out;
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_128
|
||||
ret = aes_xts_args_test();
|
||||
if (ret != 0)
|
||||
goto out;
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_AES_CFB)
|
||||
ret = aescfb_test();
|
||||
if (ret != 0)
|
||||
goto out;
|
||||
#if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
|
||||
ret = aescfb1_test();
|
||||
if (ret != 0)
|
||||
goto out;
|
||||
|
||||
ret = aescfb8_test();
|
||||
if (ret != 0)
|
||||
goto out;
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_AES_ECB) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
|
||||
ret = aesecb_test();
|
||||
if (ret != 0)
|
||||
@@ -11846,6 +11831,54 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_test(void)
|
||||
return ret;
|
||||
}
|
||||
|
||||
#if defined(WOLFSSL_AES_CFB)
|
||||
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_cfb_test(void)
|
||||
{
|
||||
int ret;
|
||||
ret = aescfb_test_0();
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
#if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
|
||||
ret = aescfb1_test();
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
ret = aescfb8_test();
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
#endif
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_AES_XTS)
|
||||
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_xts_test(void)
|
||||
{
|
||||
int ret = 0;
|
||||
#ifdef WOLFSSL_AES_128
|
||||
ret = aes_xts_128_test();
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
ret = aes_xts_256_test();
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
#endif
|
||||
#if defined(WOLFSSL_AES_128) && defined(WOLFSSL_AES_256)
|
||||
ret = aes_xts_sector_test();
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_128
|
||||
ret = aes_xts_args_test();
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
#endif
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_AES_192
|
||||
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes192_test(void)
|
||||
{
|
||||
@@ -12064,10 +12097,6 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes256_test(void)
|
||||
if (XMEMCMP(cipher, verify, (int) sizeof(cipher)))
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
#endif
|
||||
wc_AesFree(enc);
|
||||
#ifdef HAVE_AES_DECRYPT
|
||||
wc_AesFree(dec);
|
||||
#endif
|
||||
|
||||
#if defined(DEBUG_VECTOR_REGISTER_ACCESS) && defined(WC_AES_C_DYNAMIC_FALLBACK)
|
||||
ret = wc_AesSetKey(enc, key, keySz, iv, AES_ENCRYPTION);
|
||||
@@ -12107,11 +12136,6 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes256_test(void)
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
#endif
|
||||
|
||||
wc_AesFree(enc);
|
||||
#ifdef HAVE_AES_DECRYPT
|
||||
wc_AesFree(dec);
|
||||
#endif
|
||||
|
||||
WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
|
||||
ret = wc_AesSetKey(enc, key, keySz, iv, AES_ENCRYPTION);
|
||||
WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
|
||||
@@ -49672,6 +49696,10 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t cryptocb_test(void)
|
||||
if (ret == 0)
|
||||
ret = aes_test();
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_XTS
|
||||
if (ret == 0)
|
||||
ret = aes_xts_test();
|
||||
#endif
|
||||
#if defined(HAVE_AESCCM) && defined(WOLFSSL_AES_128)
|
||||
if (ret == 0)
|
||||
ret = aesccm_test();
|
||||
|
||||
+21
-14
@@ -283,27 +283,29 @@ WOLFSSL_LOCAL int wc_debug_CipherLifecycleFree(void **CipherLifecycleTag,
|
||||
#define DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE abort();
|
||||
#elif defined(DEBUG_VECTOR_REGISTERS_EXIT_ON_FAIL)
|
||||
#define DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE exit(1);
|
||||
#else
|
||||
#elif !defined(DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE)
|
||||
#define DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE
|
||||
#endif
|
||||
|
||||
#define SAVE_VECTOR_REGISTERS(fail_clause) { \
|
||||
int _svr_ret = wc_debug_vector_registers_retval; \
|
||||
if (_svr_ret != 0) { fail_clause } \
|
||||
++wc_svr_count; \
|
||||
if (wc_svr_count > 5) { \
|
||||
fprintf(stderr, \
|
||||
("%s @ L%d : incr : " \
|
||||
"wc_svr_count %d (last op %s L%d)\n"), \
|
||||
__FILE__, \
|
||||
__LINE__, \
|
||||
wc_svr_count, \
|
||||
wc_svr_last_file, \
|
||||
wc_svr_last_line); \
|
||||
DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE \
|
||||
else { \
|
||||
++wc_svr_count; \
|
||||
if (wc_svr_count > 5) { \
|
||||
fprintf(stderr, \
|
||||
("%s @ L%d : incr : " \
|
||||
"wc_svr_count %d (last op %s L%d)\n"), \
|
||||
__FILE__, \
|
||||
__LINE__, \
|
||||
wc_svr_count, \
|
||||
wc_svr_last_file, \
|
||||
wc_svr_last_line); \
|
||||
DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE \
|
||||
} \
|
||||
wc_svr_last_file = __FILE__; \
|
||||
wc_svr_last_line = __LINE__; \
|
||||
} \
|
||||
wc_svr_last_file = __FILE__; \
|
||||
wc_svr_last_line = __LINE__; \
|
||||
}
|
||||
|
||||
WOLFSSL_API extern THREAD_LS_T int wc_debug_vector_registers_retval;
|
||||
@@ -432,6 +434,11 @@ WOLFSSL_LOCAL int wc_debug_CipherLifecycleFree(void **CipherLifecycleTag,
|
||||
wc_svr_last_file = __FILE__; \
|
||||
wc_svr_last_line = __LINE__; \
|
||||
} while(0)
|
||||
|
||||
#else /* !DEBUG_VECTOR_REGISTER_ACCESS */
|
||||
#if !defined(SAVE_VECTOR_REGISTERS2) && defined(DEBUG_VECTOR_REGISTER_ACCESS_FUZZING)
|
||||
#define SAVE_VECTOR_REGISTERS2(...) SAVE_VECTOR_REGISTERS2_fuzzer()
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
||||
Reference in New Issue
Block a user