Skip to content

Commit c145b7e

Browse files
douzzerdouzzer
committed
wolfcrypt/src/aes.c: define GCM_GMULT_LEN() when WOLFSSL_ARMASM, and fix gating on wolfCrypt_FIPS_AES_sanity (always gate in for FIPS v7+);
wolfcrypt/src/port/af_alg/afalg_aes.c: check for null key arg; configure.ac: rename BUILD_FIPS_CURRENT to BUILD_FIPS_V2_PLUS (no functional change), and remove unused ARMASM_DIST_SOURCES set up code added in wolfSSL#9332; src/include.am: * set up $(ARMASM_SHA256_C), and use it to properly include wolfcrypt/src/sha256.c alongside armasm when appropriate; * fix gating on Curved25519 armasm (BUILD_FIPS_V6_PLUS, not BUILD_FIPS_V6); tests/api/test_aes.c and wolfcrypt/test/test.c: gate out incompatible coverage for WOLFSSL_AFALG and WOLFSSL_KCAPI (test_wc_AesCbcEncryptDecrypt_MultiBlocks(), test_wc_AesCtrSetKey*(), test_wc_AesCtrEncrypt*(), test_wc_AesGcmEncryptDecrypt_Sizes()).
1 parent a28e107 commit c145b7e

File tree

6 files changed

+103
-68
lines changed

6 files changed

+103
-68
lines changed

configure.ac

Lines changed: 1 addition & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -10969,23 +10969,12 @@ AM_CONDITIONAL([BUILD_FIPS],[test "x$ENABLED_FIPS" = "xyes"])
1096910969
AC_SUBST([ENABLED_FIPS])
1097010970
AM_CONDITIONAL([BUILD_FIPS_V1],[test "$HAVE_FIPS_VERSION" = 1])
1097110971
AM_CONDITIONAL([BUILD_FIPS_V2],[test "$HAVE_FIPS_VERSION" = 2 && test "$HAVE_FIPS_VERSION_MINOR" = 0])
10972+
AM_CONDITIONAL([BUILD_FIPS_V2_PLUS],[test "$HAVE_FIPS_VERSION" -ge 2 ])
1097210973
AM_CONDITIONAL([BUILD_FIPS_RAND],[test "$HAVE_FIPS_VERSION" = 2 && test "$HAVE_FIPS_VERSION_MINOR" = 1])
1097310974
AM_CONDITIONAL([BUILD_FIPS_V5],[test "$HAVE_FIPS_VERSION" = 5])
1097410975
AM_CONDITIONAL([BUILD_FIPS_V5_PLUS],[test "$HAVE_FIPS_VERSION" -ge 5])
1097510976
AM_CONDITIONAL([BUILD_FIPS_V6],[test $HAVE_FIPS_VERSION = 6])
1097610977
AM_CONDITIONAL([BUILD_FIPS_V6_PLUS],[test $HAVE_FIPS_VERSION -ge 6])
10977-
10978-
if test "$HAVE_FIPS_VERSION" = 5 || test $HAVE_FIPS_VERSION = 6
10979-
then
10980-
ARMASM_DIST_SOURCES='wolfcrypt/src/port/arm/armv8-aes.c wolfcrypt/src/port/arm/armv8-sha256.c wolfcrypt/src/port/arm/armv8-sha512.c'
10981-
else
10982-
ARMASM_DIST_SOURCES='wolfcrypt/src/port/arm/armv8-aes-asm_c.c wolfcrypt/src/port/arm/armv8-aes-asm.S wolfcrypt/src/port/arm/armv8-sha256-asm_c.c wolfcrypt/src/port/arm/armv8-sha256-asm.S'
10983-
fi
10984-
10985-
AC_SUBST([ARMASM_DIST_SOURCES])
10986-
10987-
AM_CONDITIONAL([BUILD_FIPS_CURRENT],[test "$HAVE_FIPS_VERSION" -ge 2 ])
10988-
# BUILD_FIPS_CURRENT is for builds after cert 2425.
1098910978
AM_CONDITIONAL([BUILD_SIPHASH],[test "x$ENABLED_SIPHASH" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
1099010979
AM_CONDITIONAL([BUILD_CMAC],[test "x$ENABLED_CMAC" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
1099110980
AM_CONDITIONAL([BUILD_SELFTEST],[test "x$ENABLED_SELFTEST" = "xyes"])

src/include.am

Lines changed: 38 additions & 32 deletions
Original file line numberDiff line numberDiff line change
@@ -48,6 +48,7 @@ if BUILD_FIPS_V5
4848
NEW_ARMASM_AES_ASM_S :=
4949
NEW_ARMASM_SHA256_ASM_C :=
5050
NEW_ARMASM_SHA256_ASM_S :=
51+
ARMASM_SHA256_C :=
5152
else
5253
if BUILD_FIPS_V6
5354
LEGACY_ARMASM_AES_C := wolfcrypt/src/port/arm/armv8-aes.c
@@ -57,6 +58,7 @@ if BUILD_FIPS_V6
5758
NEW_ARMASM_AES_ASM_S :=
5859
NEW_ARMASM_SHA256_ASM_C :=
5960
NEW_ARMASM_SHA256_ASM_S :=
61+
ARMASM_SHA256_C :=
6062
else
6163
LEGACY_ARMASM_AES_C :=
6264
LEGACY_ARMASM_SHA256_C :=
@@ -65,6 +67,7 @@ else
6567
NEW_ARMASM_AES_ASM_S := wolfcrypt/src/port/arm/armv8-aes-asm.S
6668
NEW_ARMASM_SHA256_ASM_C := wolfcrypt/src/port/arm/armv8-sha256-asm_c.c
6769
NEW_ARMASM_SHA256_ASM_S := wolfcrypt/src/port/arm/armv8-sha256-asm.S
70+
ARMASM_SHA256_C := wolfcrypt/src/sha256.c
6871
endif !BUILD_FIPS_V6
6972
endif !BUILD_FIPS_V5
7073

@@ -249,6 +252,7 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha.c
249252
endif
250253

251254
if BUILD_ARMASM_NEON
255+
src_libwolfssl@LIBSUFFIX@_la_SOURCES += $(ARMASM_SHA256_C)
252256
src_libwolfssl@LIBSUFFIX@_la_SOURCES += $(LEGACY_ARMASM_SHA256_C)
253257
if BUILD_ARMASM_INLINE
254258
src_libwolfssl@LIBSUFFIX@_la_SOURCES += $(NEW_ARMASM_SHA256_ASM_C)
@@ -259,6 +263,7 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha256-a
259263
endif !BUILD_ARMASM_INLINE
260264
else
261265
if BUILD_ARMASM
266+
src_libwolfssl@LIBSUFFIX@_la_SOURCES += $(ARMASM_SHA256_C)
262267
src_libwolfssl@LIBSUFFIX@_la_SOURCES += $(LEGACY_ARMASM_SHA256_C)
263268
if BUILD_ARMASM_INLINE
264269
if BUILD_ARM_NONTHUMB
@@ -481,6 +486,7 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha.c
481486
endif
482487

483488
if BUILD_ARMASM_NEON
489+
src_libwolfssl@LIBSUFFIX@_la_SOURCES += $(ARMASM_SHA256_C)
484490
src_libwolfssl@LIBSUFFIX@_la_SOURCES += $(LEGACY_ARMASM_SHA256_C)
485491
if BUILD_ARMASM_INLINE
486492
src_libwolfssl@LIBSUFFIX@_la_SOURCES += $(NEW_ARMASM_SHA256_ASM_C)
@@ -491,6 +497,7 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha256-a
491497
endif !BUILD_ARMASM_INLINE
492498
else
493499
if BUILD_ARMASM
500+
src_libwolfssl@LIBSUFFIX@_la_SOURCES += $(ARMASM_SHA256_C)
494501
src_libwolfssl@LIBSUFFIX@_la_SOURCES += $(LEGACY_ARMASM_SHA256_C)
495502
if BUILD_ARMASM_INLINE
496503
if BUILD_ARM_NONTHUMB
@@ -730,11 +737,11 @@ if !BUILD_FIPS_RAND
730737
# For wolfRand, exclude just a couple files.
731738
# For old FIPS, keep the wolfCrypt versions of the
732739
# CtaoCrypt files included above.
733-
if !BUILD_FIPS_CURRENT
740+
if !BUILD_FIPS_V2_PLUS
734741
if BUILD_HMAC
735742
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/hmac.c
736743
endif
737-
endif !BUILD_FIPS_CURRENT
744+
endif !BUILD_FIPS_V2_PLUS
738745

739746
# CAVP self test
740747
if BUILD_SELFTEST
@@ -759,13 +766,13 @@ endif
759766
endif !BUILD_FIPS_V6_PLUS
760767
endif !BUILD_FIPS_V5
761768

762-
if !BUILD_FIPS_CURRENT
769+
if !BUILD_FIPS_V2_PLUS
763770
if BUILD_RNG
764771
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/random.c
765772
endif
766-
endif !BUILD_FIPS_CURRENT
773+
endif !BUILD_FIPS_V2_PLUS
767774

768-
if !BUILD_FIPS_CURRENT
775+
if !BUILD_FIPS_V2_PLUS
769776
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha256.c
770777
if BUILD_ARMASM_NEON
771778
src_libwolfssl@LIBSUFFIX@_la_SOURCES += $(LEGACY_ARMASM_SHA256_C)
@@ -815,7 +822,7 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/ppc32/ppc32-sha256-as
815822
endif !BUILD_PPC32_ASM_INLINE
816823
endif BUILD_PPC32_ASM
817824

818-
endif !BUILD_FIPS_CURRENT
825+
endif !BUILD_FIPS_V2_PLUS
819826

820827
if BUILD_AFALG
821828
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/af_alg/afalg_hash.c
@@ -839,9 +846,9 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/async.c
839846
endif
840847

841848
if BUILD_RSA
842-
if !BUILD_FIPS_CURRENT
849+
if !BUILD_FIPS_V2_PLUS
843850
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/rsa.c
844-
endif !BUILD_FIPS_CURRENT
851+
endif !BUILD_FIPS_V2_PLUS
845852
endif
846853

847854
if BUILD_RC2
@@ -884,7 +891,7 @@ if BUILD_SP_INT
884891
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sp_int.c
885892
endif
886893

887-
if !BUILD_FIPS_CURRENT
894+
if !BUILD_FIPS_V2_PLUS
888895
if BUILD_AES
889896
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes.c
890897
if BUILD_CUDA
@@ -941,27 +948,27 @@ if BUILD_RISCV_ASM
941948
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/riscv/riscv-64-aes.c
942949
endif BUILD_RISCV_ASM
943950
endif BUILD_AES
944-
endif !BUILD_FIPS_CURRENT
951+
endif !BUILD_FIPS_V2_PLUS
945952

946-
if !BUILD_FIPS_CURRENT
953+
if !BUILD_FIPS_V2_PLUS
947954
if BUILD_CMAC
948955
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/cmac.c
949956
endif
950-
endif !BUILD_FIPS_CURRENT
957+
endif !BUILD_FIPS_V2_PLUS
951958

952959
if !BUILD_FIPS_V2
953960
if BUILD_DES3
954961
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/des3.c
955962
endif BUILD_DES3
956963
endif !BUILD_FIPS_V2
957964

958-
if !BUILD_FIPS_CURRENT
965+
if !BUILD_FIPS_V2_PLUS
959966
if BUILD_SHA
960967
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha.c
961968
endif
962-
endif !BUILD_FIPS_CURRENT
969+
endif !BUILD_FIPS_V2_PLUS
963970

964-
if !BUILD_FIPS_CURRENT
971+
if !BUILD_FIPS_V2_PLUS
965972
if BUILD_SHA512
966973
if BUILD_RISCV_ASM
967974
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/riscv/riscv-64-sha512.c
@@ -1019,9 +1026,9 @@ endif !BUILD_ARMASM
10191026
endif !BUILD_ARMASM_NEON
10201027
endif !BUILD_RISCV_ASM
10211028
endif BUILD_SHA512
1022-
endif !BUILD_FIPS_CURRENT
1029+
endif !BUILD_FIPS_V2_PLUS
10231030

1024-
if !BUILD_FIPS_CURRENT
1031+
if !BUILD_FIPS_V2_PLUS
10251032
if BUILD_SHA3
10261033
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha3.c
10271034
if BUILD_ARMASM_NEON
@@ -1057,9 +1064,9 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha3_asm.S
10571064
endif
10581065
endif
10591066
endif
1060-
endif !BUILD_FIPS_CURRENT
1067+
endif !BUILD_FIPS_V2_PLUS
10611068

1062-
if !BUILD_FIPS_CURRENT
1069+
if !BUILD_FIPS_V2_PLUS
10631070
if BUILD_SM2
10641071
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sm2.c
10651072
if BUILD_SP
@@ -1092,9 +1099,9 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sp_sm2_cortexm.c
10921099
endif
10931100
endif BUILD_SP
10941101
endif BUILD_SM2
1095-
endif !BUILD_FIPS_CURRENT
1102+
endif !BUILD_FIPS_V2_PLUS
10961103

1097-
if !BUILD_FIPS_CURRENT
1104+
if !BUILD_FIPS_V2_PLUS
10981105
if BUILD_SM3
10991106
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sm3.c
11001107
if !BUILD_X86_ASM
@@ -1103,13 +1110,13 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sm3_asm.S
11031110
endif
11041111
endif
11051112
endif BUILD_SM3
1106-
endif !BUILD_FIPS_CURRENT
1113+
endif !BUILD_FIPS_V2_PLUS
11071114

1108-
if !BUILD_FIPS_CURRENT
1115+
if !BUILD_FIPS_V2_PLUS
11091116
if BUILD_SM4
11101117
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sm4.c
11111118
endif BUILD_SM4
1112-
endif !BUILD_FIPS_CURRENT
1119+
endif !BUILD_FIPS_V2_PLUS
11131120

11141121
endif !BUILD_FIPS_RAND
11151122

@@ -1139,7 +1146,7 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/memory.c
11391146
endif
11401147

11411148
if !BUILD_FIPS_RAND
1142-
if !BUILD_FIPS_CURRENT
1149+
if !BUILD_FIPS_V2_PLUS
11431150
if BUILD_DH
11441151
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/dh.c
11451152
endif
@@ -1218,7 +1225,7 @@ if BUILD_DSA
12181225
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/dsa.c
12191226
endif
12201227

1221-
if !BUILD_FIPS_CURRENT
1228+
if !BUILD_FIPS_V2_PLUS
12221229
if BUILD_AESNI
12231230
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_asm.S
12241231
if BUILD_X86_ASM
@@ -1306,7 +1313,7 @@ if BUILD_HEAPMATH
13061313
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/integer.c
13071314
endif
13081315

1309-
if !BUILD_FIPS_CURRENT
1316+
if !BUILD_FIPS_V2_PLUS
13101317
if BUILD_ECC
13111318
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/ecc.c
13121319
endif
@@ -1388,7 +1395,7 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/fe_x25519_asm.S
13881395
endif !BUILD_X86_ASM
13891396
else
13901397
if BUILD_ARMASM
1391-
if !BUILD_FIPS_V6
1398+
if !BUILD_FIPS_V6_PLUS
13921399
if BUILD_ARMASM_NEON
13931400
if BUILD_ARMASM_INLINE
13941401
if BUILD_ARM_32
@@ -1432,7 +1439,7 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-curve25519
14321439
endif
14331440
endif !BUILD_ARMASM_INLINE
14341441
endif !BUILD_ARMASM_NEON
1435-
endif !BUILD_FIPS_V6
1442+
endif !BUILD_FIPS_V6_PLUS
14361443
else
14371444
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/fe_operations.c
14381445
endif !BUILD_ARMASM
@@ -1448,7 +1455,7 @@ if !BUILD_X86_ASM
14481455
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/fe_x25519_asm.S
14491456
endif !BUILD_X86_ASM
14501457
else
1451-
if !BUILD_FIPS_V6
1458+
if !BUILD_FIPS_V6_PLUS
14521459
if BUILD_ARMASM
14531460
if BUILD_ARMASM_NEON
14541461
if BUILD_ARMASM_INLINE
@@ -1476,7 +1483,7 @@ endif !BUILD_ARMASM_NEON
14761483
else
14771484
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/fe_operations.c
14781485
endif !BUILD_ARMASM
1479-
endif !BUILD_FIPS_V6
1486+
endif !BUILD_FIPS_V6_PLUS
14801487
endif !BUILD_CURVE25519_INTELASM
14811488
endif !BUILD_FEMATH
14821489
endif BUILD_GEMATH
@@ -1583,4 +1590,3 @@ if BUILD_ARIA
15831590
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/aria/aria-crypt.c
15841591
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/aria/aria-cryptocb.c
15851592
endif
1586-

0 commit comments

Comments
 (0)