WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

wolfcrypt/src/aes.c: in wc_AesSetKeyLocal(), rework support for WC_FLAG_DONT_USE_AESNI (fixes WC_C_DYNAMIC_FALLBACK). 

wolfssl/wolfcrypt/settings.h: in WOLFSSL_LINUXKM section, #ifdef LINUXKM_LKCAPI_REGISTER, #define WOLFSSL_TEST_SUBROUTINE to nothing, and #define WC_TEST_EXPORT_SUBTESTS.

linuxkm/lkcapi_glue.c:
* add check_skcipher_driver_masking() and check_aead_driver_masking(),
* use _masking() checks in all linuxkm_test_*().
* add !WOLFSSL_AESGCM_STREAM implementation of linuxkm_test_aesgcm().
* add implementations of linuxkm_test_aesctr(), linuxkm_test_aesofb(), and linuxkm_test_aesecb()
* remove incomplete+disabled AES-CCM shim implementation.

linuxkm/module_hooks.c: pull in wolfcrypt/test/test.h if LINUXKM_LKCAPI_REGISTER.

linuxkm/Makefile: build wolfcrypt/test/test.o if ENABLED_LINUXKM_LKCAPI_REGISTER.

Makefile.am: add ENABLED_LINUXKM_LKCAPI_REGISTER to exports in BUILD_LINUXKM section.

configure.ac: add AC_SUBST([ENABLED_LINUXKM_LKCAPI_REGISTER]); in ENABLED_LINUXKM_DEFAULTS set up, remove `-DWOLFSSL_TEST_SUBROUTINE=static` from AM_CFLAGS adds; fix whitespace.

.wolfssl_known_macro_extras: add WC_WANT_FLAG_DONT_USE_AESNI.

wolfcrypt/test/test.c: add `|| defined(WC_TEST_EXPORT_SUBTESTS)` to outermost gate, add wc_test_ prefix to render_error_message() and export it,

wolfcrypt/test/test.h: add prototype for wc_test_render_error_message(), and #ifdef WC_TEST_EXPORT_SUBTESTS, add prototypes for all the subtests.
pull/8614/head
Daniel Pouzzner 2025-04-01 01:17:10 -05:00
parent 8092ff915c
commit 8705d28d48
10 changed files with 458 additions and 442 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.wolfssl_known_macro_extras
View File

@ -547,6 +547,7 @@ WC_SHA384_DIGEST_SIZE
WC_SHA512
WC_SSIZE_TYPE
WC_STRICT_SIG
WC_WANT_FLAG_DONT_USE_AESNI
WC_XMSS_FULL_HASH
WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE
WOLFSENTRY_H

3
Makefile.am
View File

@ -213,7 +213,8 @@ if BUILD_LINUXKM
EXTRA_CFLAGS EXTRA_CPPFLAGS EXTRA_CCASFLAGS EXTRA_LDFLAGS \
AM_CPPFLAGS CPPFLAGS AM_CFLAGS CFLAGS \
AM_CCASFLAGS CCASFLAGS \
src_libwolfssl_la_OBJECTS ENABLED_CRYPT_TESTS ENABLED_LINUXKM_PIE ENABLED_ASM \
src_libwolfssl_la_OBJECTS ENABLED_CRYPT_TESTS ENABLED_LINUXKM_LKCAPI_REGISTER \
ENABLED_LINUXKM_PIE ENABLED_ASM \
CFLAGS_FPU_DISABLE CFLAGS_FPU_ENABLE CFLAGS_SIMD_DISABLE CFLAGS_SIMD_ENABLE \
CFLAGS_AUTO_VECTORIZE_DISABLE CFLAGS_AUTO_VECTORIZE_ENABLE \
ASFLAGS_FPU_DISABLE_SIMD_ENABLE ASFLAGS_FPU_ENABLE_SIMD_DISABLE \

7
configure.ac
View File

@ -679,7 +679,7 @@ AC_SUBST([ENABLED_LINUXKM_BENCHMARKS])
if test "$ENABLED_LINUXKM_DEFAULTS" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DH_CONST -DWOLFSSL_SP_MOD_WORD_RP -DWOLFSSL_SP_DIV_64 -DWOLFSSL_SP_DIV_WORD_HALF -DWOLFSSL_SMALL_STACK_STATIC -DWOLFSSL_TEST_SUBROUTINE=static"
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DH_CONST -DWOLFSSL_SP_MOD_WORD_RP -DWOLFSSL_SP_DIV_64 -DWOLFSSL_SP_DIV_WORD_HALF -DWOLFSSL_SMALL_STACK_STATIC"
if test "$ENABLED_LINUXKM_PIE" = "yes"; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_OCSP_ISSUER_CHECK"
fi
@ -3534,7 +3534,7 @@ then
then
AM_CFLAGS="$AM_CFLAGS -DUSE_INTEL_SPEEDUP"
ENABLED_AESNI=yes
ENABLED_AESNI_WITH_AVX=yes
ENABLED_AESNI_WITH_AVX=yes
elif test "$ENABLED_AESNI_WITH_AVX" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DUSE_INTEL_SPEEDUP_FOR_AES"
@ -9366,7 +9366,7 @@ then
'-cfb(aes)') AM_CFLAGS="$AM_CFLAGS -DLINUXKM_LKCAPI_DONT_REGISTER_AESCFB" ;;
'-gcm(aes)') AM_CFLAGS="$AM_CFLAGS -DLINUXKM_LKCAPI_DONT_REGISTER_AESGCM" ;;
'-rfc4106(gcm(aes))')
AM_CFLAGS="$AM_CFLAGS -DLINUXKM_LKCAPI_DONT_REGISTER_AESGCM_RFC4106" ;;
AM_CFLAGS="$AM_CFLAGS -DLINUXKM_LKCAPI_DONT_REGISTER_AESGCM_RFC4106" ;;
'-xts(aes)') AM_CFLAGS="$AM_CFLAGS -DLINUXKM_LKCAPI_DONT_REGISTER_AESXTS" ;;
'-ctr(aes)') AM_CFLAGS="$AM_CFLAGS -DLINUXKM_LKCAPI_DONT_REGISTER_AESCTR" ;;
'-ofb(aes)') AM_CFLAGS="$AM_CFLAGS -DLINUXKM_LKCAPI_DONT_REGISTER_AESOFB" ;;
@ -9375,6 +9375,7 @@ then
esac
done
fi
AC_SUBST([ENABLED_LINUXKM_LKCAPI_REGISTER])
# Library Suffix
LIBSUFFIX=""

2
linuxkm/Makefile
View File

@ -43,6 +43,8 @@ WOLFSSL_OBJ_FILES=$(patsubst %.lo, %.o, $(patsubst src/src_libwolfssl_la-%, src/
ifeq "$(ENABLED_CRYPT_TESTS)" "yes"
WOLFSSL_OBJ_FILES+=wolfcrypt/test/test.o
else ifneq "$(ENABLED_LINUXKM_LKCAPI_REGISTER)" "none"
WOLFSSL_OBJ_FILES+=wolfcrypt/test/test.o
else
WOLFSSL_CFLAGS+=-DNO_CRYPT_TEST
endif

548
linuxkm/lkcapi_glue.c
View File

@ -74,7 +74,6 @@ static int disable_setkey_warnings = 0;
#define WOLFKM_AESCTR_NAME "ctr(aes)"
#define WOLFKM_AESOFB_NAME "ofb(aes)"
#define WOLFKM_AESECB_NAME "ecb(aes)"
#define WOLFKM_AESCCM_NAME "ccm(aes)"
#ifdef WOLFSSL_AESNI
#define WOLFKM_DRIVER_ISA_EXT "-aesni"
@ -107,7 +106,6 @@ static int disable_setkey_warnings = 0;
#define WOLFKM_AESCTR_DRIVER ("ctr-aes" WOLFKM_DRIVER_SUFFIX)
#define WOLFKM_AESOFB_DRIVER ("ofb-aes" WOLFKM_DRIVER_SUFFIX)
#define WOLFKM_AESECB_DRIVER ("ecb-aes" WOLFKM_DRIVER_SUFFIX)
#define WOLFKM_AESCCM_DRIVER ("ccm-aes" WOLFKM_DRIVER_SUFFIX)
#ifdef WOLFSSL_DEBUG_TRACE_ERROR_CODES
enum linux_errcodes {
@ -187,17 +185,6 @@ static int disable_setkey_warnings = 0;
#undef LINUXKM_LKCAPI_REGISTER_AESECB
#endif
#ifdef notyet
#ifdef HAVE_AESCCM
#if (defined(LINUXKM_LKCAPI_REGISTER_ALL) && !defined(LINUXKM_LKCAPI_DONT_REGISTER_AESCCM)) && \
!defined(LINUXKM_LKCAPI_REGISTER_AESCCM)
#define LINUXKM_LKCAPI_REGISTER_AESCCM
#endif
#else
#undef LINUXKM_LKCAPI_REGISTER_AESCCM
#endif
#endif /* notyet */
#ifdef LINUXKM_LKCAPI_REGISTER_AESCBC
static int linuxkm_test_aescbc(void);
#endif
@ -222,9 +209,6 @@ static int disable_setkey_warnings = 0;
#ifdef LINUXKM_LKCAPI_REGISTER_AESECB
static int linuxkm_test_aesecb(void);
#endif
#ifdef LINUXKM_LKCAPI_REGISTER_AESCCM
static int linuxkm_test_aesccm(void);
#endif
/* km_AesX(): wrappers to wolfcrypt wc_AesX functions and
* structures. */
@ -248,6 +232,72 @@ static int disable_setkey_warnings = 0;
#error WC_LINUXKM_C_FALLBACK_IN_SHIMS is defined but CAN_SAVE_VECTOR_REGISTERS is missing.
#endif
WC_MAYBE_UNUSED static int check_skcipher_driver_masking(struct crypto_skcipher *tfm, const char *alg_name, const char *expected_driver_name) {
#ifdef LINUXKM_LKCAPI_PRIORITY_ALLOW_MASKING
(void)tfm; (void)alg_name; (void)expected_driver_name;
return 0;
#else
const char *actual_driver_name;
int ret;
int alloced_tfm = 0;
if (! tfm) {
alloced_tfm = 1;
tfm = crypto_alloc_skcipher(alg_name, 0, 0);
}
if (IS_ERR(tfm)) {
pr_err("error: allocating AES skcipher algorithm %s failed: %ld\n",
alg_name, PTR_ERR(tfm));
return -EINVAL;
}
actual_driver_name = crypto_tfm_alg_driver_name(crypto_skcipher_tfm(tfm));
if (strcmp(actual_driver_name, expected_driver_name)) {
pr_err("error: unexpected implementation for %s: %s (expected %s)\n",
alg_name, actual_driver_name, expected_driver_name);
ret = -ENOENT;
} else
ret = 0;
if (alloced_tfm)
crypto_free_skcipher(tfm);
return ret;
#endif
}
WC_MAYBE_UNUSED static int check_aead_driver_masking(struct crypto_aead *tfm, const char *alg_name, const char *expected_driver_name) {
#ifdef LINUXKM_LKCAPI_PRIORITY_ALLOW_MASKING
(void)tfm; (void)alg_name; (void)expected_driver_name;
return 0;
#else
const char *actual_driver_name;
int ret;
int alloced_tfm = 0;
if (! tfm) {
alloced_tfm = 1;
tfm = crypto_alloc_aead(alg_name, 0, 0);
}
if (IS_ERR(tfm)) {
pr_err("error: allocating AES AEAD algorithm %s failed: %ld\n",
alg_name, PTR_ERR(tfm));
return -EINVAL;
}
actual_driver_name = crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm));
if (strcmp(actual_driver_name, expected_driver_name)) {
pr_err("error: unexpected implementation for %s: %s (expected %s)\n",
alg_name, actual_driver_name, expected_driver_name);
ret = -ENOENT;
} else
ret = 0;
if (alloced_tfm)
crypto_free_aead(tfm);
return ret;
#endif
}
struct km_AesCtx {
Aes *aes_encrypt; /* allocated in km_AesInitCommon() to assure
* alignment, needed for AESNI.
@ -257,15 +307,8 @@ struct km_AesCtx {
Aes *aes_encrypt_C; /* fallback if vector registers aren't available. */
Aes *aes_decrypt_C;
#endif
#if defined(LINUXKM_LKCAPI_REGISTER_AESGCM_RFC4106) || defined(LINUXKM_LKCAPI_REGISTER_AESCCM_RFC4309)
union {
#ifdef LINUXKM_LKCAPI_REGISTER_AESGCM_RFC4106
byte rfc4106_nonce[4];
#endif
#ifdef LINUXKM_LKCAPI_REGISTER_AESCCM_RFC4309
byte rfc4309_nonce[3];
#endif
};
byte rfc4106_nonce[4];
#endif
};
@ -275,8 +318,7 @@ struct km_AesCtx {
defined(LINUXKM_LKCAPI_REGISTER_AESGCM_RFC4106) || \
defined(LINUXKM_LKCAPI_REGISTER_AESCTR) || \
defined(LINUXKM_LKCAPI_REGISTER_AESOFB) || \
defined(LINUXKM_LKCAPI_REGISTER_AESECB) || \
defined(LINUXKM_LKCAPI_REGISTER_AESCCM_RFC4309)
defined(LINUXKM_LKCAPI_REGISTER_AESECB)
static void km_AesExitCommon(struct km_AesCtx * ctx);
@ -480,8 +522,7 @@ static void km_AesExitCommon(struct km_AesCtx * ctx)
defined(LINUXKM_LKCAPI_REGISTER_AESCFB) || \
defined(LINUXKM_LKCAPI_REGISTER_AESCTR) || \
defined(LINUXKM_LKCAPI_REGISTER_AESOFB) || \
defined(LINUXKM_LKCAPI_REGISTER_AESECB) || \
defined(LINUXKM_LKCAPI_REGISTER_AESCCM_RFC4309)
defined(LINUXKM_LKCAPI_REGISTER_AESECB)
static int km_AesSetKeyCommon(struct km_AesCtx * ctx, const u8 *in_key,
unsigned int key_len, const char * name)
@ -558,15 +599,14 @@ static void km_AesExit(struct crypto_skcipher *tfm)
* LINUXKM_LKCAPI_REGISTER_AESCFB ||
* LINUXKM_LKCAPI_REGISTER_AESCTR ||
* LINUXKM_LKCAPI_REGISTER_AESOFB ||
* LINUXKM_LKCAPI_REGISTER_AESECB ||
* LINUXKM_LKCAPI_REGISTER_AESCCM_RFC4309
* LINUXKM_LKCAPI_REGISTER_AESECB
*/
#endif /* LINUXKM_LKCAPI_REGISTER_AESCBC ||
* LINUXKM_LKCAPI_REGISTER_AESCFB || LINUXKM_LKCAPI_REGISTER_AESGCM ||
* LINUXKM_LKCAPI_REGISTER_AESGCM_RFC4106 ||
* LINUXKM_LKCAPI_REGISTER_AESCTR || LINUXKM_LKCAPI_REGISTER_AESOFB ||
* LINUXKM_LKCAPI_REGISTER_AESECB || LINUXKM_LKCAPI_REGISTER_AESCCM_RFC4309
* LINUXKM_LKCAPI_REGISTER_AESECB
*/
#ifdef LINUXKM_LKCAPI_REGISTER_AESCBC
@ -1330,7 +1370,7 @@ static int AesGcmCrypt_1(struct aead_request *req, int decrypt_p, int rfc4106_p)
if (decrypt_p) {
err = wc_AesGcmDecrypt(aes_copy, out_text, in_text, req->cryptlen - tfm->authsize,
#ifdef LINUXKM_LKCAPI_REGISTER_AESGCM_RFC4106
rfc4106_p ? rfc4106_iv :
rfc4106_p ? rfc4106_iv :
#endif
sk_walk.iv, GCM_NONCE_MID_SZ,
authTag, tfm->authsize,
@ -1355,7 +1395,7 @@ static int AesGcmCrypt_1(struct aead_request *req, int decrypt_p, int rfc4106_p)
else {
err = wc_AesGcmEncrypt(aes_copy, out_text, in_text, req->cryptlen,
#ifdef LINUXKM_LKCAPI_REGISTER_AESGCM_RFC4106
rfc4106_p ? rfc4106_iv :
rfc4106_p ? rfc4106_iv :
#endif
sk_walk.iv, GCM_NONCE_MID_SZ,
authTag, tfm->authsize,
@ -1473,8 +1513,8 @@ static int gcmAesAead_rfc4106_loaded = 0;
#error LKCAPI registration of AES-XTS requires WOLFSSL_AESXTS_STREAM (--enable-aesxts-stream).
#endif
#ifndef WC_C_DYNAMIC_FALLBACK
#error LKCAPI registration of AES-XTS requires WC_C_DYNAMIC_FALLBACK.
#if defined(WOLFSSL_AESNI) && !defined(WC_C_DYNAMIC_FALLBACK)
#error LKCAPI registration of AES-XTS with AESNI requires WC_C_DYNAMIC_FALLBACK.
#endif
struct km_AesXtsCtx {
@ -1534,6 +1574,12 @@ static int km_AesXtsSetKey(struct crypto_skcipher *tfm, const u8 *in_key,
return -EINVAL;
}
/* It's possible to set ctx->aesXts->{tweak,aes,aes_decrypt}.use_aesni to
* WC_FLAG_DONT_USE_AESNI here, for WC_LINUXKM_C_FALLBACK_IN_SHIMS in
* AES-XTS, but we can use the WC_C_DYNAMIC_FALLBACK mechanism
* unconditionally because there's no AES-XTS in Cert 4718.
*/
return 0;
}
@ -2280,342 +2326,6 @@ static int ecbAesAlg_loaded = 0;
#endif /* LINUXKM_LKCAPI_REGISTER_AESECB */
#ifdef LINUXKM_LKCAPI_REGISTER_AESCCM_RFC4309
static int km_AesCcmInit(struct crypto_aead * tfm)
{
struct km_AesCtx * ctx = crypto_aead_ctx(tfm);
return km_AesInitCommon(ctx, WOLFKM_AESCCM_DRIVER, 0);
}
static void km_AesCcmExit(struct crypto_aead * tfm)
{
struct km_AesCtx * ctx = crypto_aead_ctx(tfm);
km_AesExitCommon(ctx);
}
static int km_AesCcmSetKey_rfc4309(struct crypto_aead *tfm, const u8 *in_key,
unsigned int key_len)
{
int err;
struct km_AesCtx * ctx = crypto_aead_ctx(tfm);
err = wc_AesCcmSetKey(ctx->aes_encrypt, in_key, key_len);
if (unlikely(err)) {
if (! disable_setkey_warnings)
pr_err("%s: wc_AesCcmSetKey failed: %d\n",
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)), err);
return -EINVAL;
}
return 0;
}
static int km_AesCcmSetAuthsize(struct crypto_aead *tfm, unsigned int authsize)
{
(void)tfm;
if (wc_AesCcmCheckTagSize((int)authsize) == 0)
return 0;
#ifdef WOLFSSL_LINUXKM_VERBOSE_LKCAPI_DEBUG
pr_err("%s: invalid authsize: %d\n",
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)), authsize);
#endif
return -EINVAL;
}
/*
* aead ciphers receive data in scatterlists in following order:
* encrypt
* req->src: aad||plaintext
* req->dst: aad||ciphertext||tag
* decrypt
* req->src: aad||ciphertext||tag
* req->dst: aad||plaintext, return 0 or -EBADMSG
*/
static int km_AesCcmEncrypt(struct aead_request *req)
{
struct crypto_aead * tfm = NULL;
struct km_AesCtx * ctx = NULL;
struct skcipher_walk walk;
struct scatter_walk copy_walk;
u8 * copy_mem = NULL;
u8 authTag[WC_AES_BLOCK_SIZE];
int err;
u8 * assoc = NULL;
Aes *aes_copy = NULL;
u8 * plaintext = NULL;
u8 * plaintext_copy = NULL;
u8 * ciphertext = NULL;
int iv_size;
tfm = crypto_aead_reqtfm(req);
ctx = crypto_aead_ctx(tfm);
err = skcipher_walk_aead_encrypt(&walk, req, false);
if (unlikely(err)) {
pr_err("%s: skcipher_walk_aead_encrypt failed: %d\n",
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)), err);
return -EINVAL;
}
if (req->src->length >= req->assoclen + req->cryptlen && req->src->length) {
scatterwalk_start(&copy_walk, req->src);
assoc = scatterwalk_map(&copy_walk);
if (unlikely(IS_ERR(assoc))) {
pr_err("%s: scatterwalk_map failed: %ld\n",
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)),
PTR_ERR(assoc));
goto out;
}
plaintext = assoc + req->assoclen;
ciphertext = ?;
}
else {
copy_mem = malloc(req->assoclen + req->cryptlen);
if (unlikely(copy_mem == NULL)) {
err = -ENOMEM;
goto out;
}
scatterwalk_map_and_copy(copy_mem, req->src, 0, req->assoclen + req->cryptlen, 0);
assoc = copy_mem;
plaintext = assoc + req->assoclen;
ciphertext = plaintext;
}
/* Copy the cipher state to mitigate races on Aes.reg, Aes.tmp, and
* aes->streamData.
*/
aes_copy = (struct Aes *)malloc(sizeof(Aes));
if (aes_copy == NULL) {
err = -ENOMEM;
goto out;
}
XMEMCPY(aes_copy, ctx->aes_encrypt, sizeof(Aes));
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_AESNI)
aes_copy->streamData = NULL;
#endif
err = wc_AesCcmEncrypt(aes_copy, ciphertext, plaintext, req->cryptlen,
walk.iv, crypto_aead_ivsize(crypto_aead_tfm(tfm)),
authTag, sizeof authTag,
assoc, req->assoclen);
if (unlikely(err)) {
pr_err("%s: wc_AesCcmEncrypt failed: %d\n",
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)), err);
err = -EINVAL;
goto out;
}
err = skcipher_walk_done(&walk, 0);
if (unlikely(err)) {
pr_err("%s: skcipher_walk_done failed: %d\n",
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)), err);
goto out;
}
}
err = wc_AesCcmEncryptFinal(aes_copy, authTag, tfm->authsize);
if (unlikely(err)) {
pr_err("%s: wc_AesCcmEncryptFinal failed with return code %d\n",
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)), err);
err = -EINVAL;
goto out;
}
/* Now copy the auth tag into request scatterlist. */
scatterwalk_map_and_copy(authTag, req->dst,
req->assoclen + req->cryptlen,
tfm->authsize, 1);
out:
if (assocmem)
free(assocmem);
else if (assoc)
scatterwalk_unmap(assoc);
if (plaintext_copy)
free(plaintext_copy);
else if (plaintext)
scatterwalk_unmap(plaintext);
if (aes_copy) {
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_AESNI)
free(aes_copy->streamData);
#endif
km_AesFree(&aes_copy);
}
return err;
}
static int km_AesCcmDecrypt(struct aead_request *req)
{
struct crypto_aead * tfm = NULL;
struct km_AesCtx * ctx = NULL;
struct skcipher_walk walk;
struct scatter_walk assocSgWalk;
u8 origAuthTag[WC_AES_BLOCK_SIZE];
int err;
u8 * assoc = NULL;
u8 * assocmem = NULL;
Aes *aes_copy;
tfm = crypto_aead_reqtfm(req);
ctx = crypto_aead_ctx(tfm);
/* Copy out original auth tag from req->src. */
scatterwalk_map_and_copy(origAuthTag, req->src,
req->assoclen + req->cryptlen - tfm->authsize,
tfm->authsize, 0);
err = skcipher_walk_aead_decrypt(&walk, req, false);
if (unlikely(err)) {
pr_err("%s: skcipher_walk_aead_decrypt failed: %d\n",
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)), err);
return err;
}
/* Copy the cipher state to mitigate races on Aes.reg, Aes.tmp, and
* aes->streamData.
*/
aes_copy = (struct Aes *)malloc(sizeof(Aes));
if (aes_copy == NULL)
return -ENOMEM;
XMEMCPY(aes_copy, ctx->aes_encrypt, sizeof(Aes)); /* GCM uses the same
* schedule for encrypt
* and decrypt.
*/
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_AESNI)
aes_copy->streamData = NULL;
#endif
err = wc_AesCcmInit(aes_copy, NULL /*key*/, 0 /*keylen*/, walk.iv,
GCM_NONCE_MID_SZ);
if (unlikely(err)) {
pr_err("%s: wc_AesCcmInit failed: %d\n",
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)), err);
err = -EINVAL;
goto out;
}
if (req->src->length >= req->assoclen && req->src->length) {
scatterwalk_start(&assocSgWalk, req->src);
assoc = scatterwalk_map(&assocSgWalk);
if (unlikely(IS_ERR(assoc))) {
pr_err("%s: scatterwalk_map failed: %ld\n",
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)),
PTR_ERR(assoc));
goto out;
}
}
else {
/* assoc can be any length, so if it's noncontiguous, we have to copy it
* to a contiguous heap allocation.
*/
assocmem = malloc(req->assoclen);
if (unlikely(assocmem == NULL)) {
err = -ENOMEM;
goto out;
}
assoc = assocmem;
scatterwalk_map_and_copy(assoc, req->src, 0, req->assoclen, 0);
}
err = wc_AesCcmDecryptUpdate(aes_copy, NULL, NULL, 0,
assoc, req->assoclen);
if (assocmem)
free(assocmem);
else
scatterwalk_unmap(assoc);
if (unlikely(err)) {
pr_err("%s: wc_AesCcmDecryptUpdate failed: %d\n",
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)), err);
err = -EINVAL;
goto out;
}
while (walk.nbytes) {
err = wc_AesCcmDecryptUpdate(
aes_copy,
walk.dst.virt.addr,
walk.src.virt.addr,
walk.nbytes,
NULL, 0);
if (unlikely(err)) {
pr_err("%s: wc_AesCcmDecryptUpdate failed: %d\n",
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)), err);
err = -EINVAL;
goto out;
}
err = skcipher_walk_done(&walk, 0);
if (unlikely(err)) {
pr_err("%s: skcipher_walk_done failed: %d\n",
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)), err);
goto out;
}
}
err = wc_AesCcmDecryptFinal(aes_copy, origAuthTag, tfm->authsize);
if (unlikely(err)) {
#ifdef WOLFSSL_LINUXKM_VERBOSE_LKCAPI_DEBUG
pr_err("%s: wc_AesCcmDecryptFinal failed with return code %d\n",
crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)), err);
#endif
if (err == WC_NO_ERR_TRACE(AES_GCM_AUTH_E)) {
err = -EBADMSG;
goto out;
}
else {
err = -EINVAL;
goto out;
}
}
out:
km_AesFree(&aes_copy);
return err;
}
static struct aead_alg ccmAesAead = {
.base.cra_name = WOLFKM_AESCCM_NAME,
.base.cra_driver_name = WOLFKM_AESCCM_DRIVER,
.base.cra_priority = WOLFSSL_LINUXKM_LKCAPI_PRIORITY,
.base.cra_blocksize = 1,
.base.cra_ctxsize = sizeof(struct km_AesCtx),
.base.cra_module = THIS_MODULE,
.init = km_AesCcmInit,
.exit = km_AesCcmExit,
.setkey = km_AesCcmSetKey,
.setauthsize = km_AesCcmSetAuthsize,
.encrypt = km_AesCcmEncrypt,
.decrypt = km_AesCcmDecrypt,
.ivsize = CCM_NONCE_MID_SZ,
.maxauthsize = WC_AES_BLOCK_SIZE,
.chunksize = WC_AES_BLOCK_SIZE,
};
static int ccmAesAead_loaded = 0;
#endif /* LINUXKM_LKCAPI_REGISTER_AESCCM */
/* cipher tests, cribbed from test.c, with supplementary LKCAPI tests: */
#ifdef LINUXKM_LKCAPI_REGISTER_AESCBC
@ -2865,6 +2575,13 @@ static int linuxkm_test_aescfb(void)
if (aes == NULL)
return -ENOMEM;
ret = aesofb_test();
if (ret) {
wc_test_render_error_message("aesgcm_test failed: ", ret);
ret = -EINVAL;
goto test_cfb_end;
}
XMEMSET(enc, 0, sizeof(enc));
XMEMSET(dec, 0, sizeof(enc));
@ -2943,18 +2660,9 @@ static int linuxkm_test_aescfb(void)
goto test_cfb_end;
}
#ifndef LINUXKM_LKCAPI_PRIORITY_ALLOW_MASKING
{
const char *driver_name =
crypto_tfm_alg_driver_name(crypto_skcipher_tfm(tfm));
if (strcmp(driver_name, WOLFKM_AESCFB_DRIVER)) {
pr_err("error: unexpected implementation for %s: %s (expected %s)\n",
WOLFKM_AESCFB_NAME, driver_name, WOLFKM_AESCFB_DRIVER);
ret = -ENOENT;
goto test_cfb_end;
}
}
#endif
ret = check_skcipher_driver_masking(tfm, WOLFKM_AESCFB_NAME, WOLFKM_AESCFB_DRIVER);
if (ret)
goto test_cfb_end;
ret = crypto_skcipher_setkey(tfm, key32, WC_AES_BLOCK_SIZE * 2);
if (ret) {
@ -3029,7 +2737,13 @@ test_cfb_end:
static int linuxkm_test_aesgcm(void)
{
#ifndef WOLFSSL_AESGCM_STREAM
return 0;
wc_test_ret_t ret = aesgcm_test();
if (ret >= 0)
return check_aead_driver_masking(NULL /* tfm */, WOLFKM_AESGCM_NAME, WOLFKM_AESGCM_DRIVER);
else {
wc_test_render_error_message("aesgcm_test failed: ", ret);
return -EINVAL;
}
#else
int ret = 0;
struct crypto_aead * tfm = NULL;
@ -3204,17 +2918,9 @@ static int linuxkm_test_aesgcm(void)
goto test_gcm_end;
}
#ifndef LINUXKM_LKCAPI_PRIORITY_ALLOW_MASKING
{
const char *driver_name = crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm));
if (strcmp(driver_name, WOLFKM_AESGCM_DRIVER)) {
pr_err("error: unexpected implementation for %s: %s (expected %s)\n",
WOLFKM_AESGCM_NAME, driver_name, WOLFKM_AESGCM_DRIVER);
ret = -ENOENT;
goto test_gcm_end;
}
}
#endif
ret = check_aead_driver_masking(tfm, WOLFKM_AESGCM_NAME, WOLFKM_AESGCM_DRIVER);
if (ret)
goto test_gcm_end;
ret = crypto_aead_setkey(tfm, key32, WC_AES_BLOCK_SIZE * 2);
if (ret) {
@ -3320,7 +3026,13 @@ test_gcm_end:
static int linuxkm_test_aesgcm_rfc4106(void)
{
return 0;
wc_test_ret_t ret = aesgcm_test();
if (ret >= 0)
return check_aead_driver_masking(NULL /* tfm */, WOLFKM_AESGCM_RFC4106_NAME, WOLFKM_AESGCM_RFC4106_DRIVER);
else {
wc_test_render_error_message("aesgcm_test failed: ", ret);
return -EINVAL;
}
}
#endif /* LINUXKM_LKCAPI_REGISTER_AESGCM_RFC4106 */
@ -4438,7 +4150,13 @@ out:
#ifdef LINUXKM_LKCAPI_REGISTER_AESCTR
static int linuxkm_test_aesctr(void) {
return 0;
wc_test_ret_t ret = aes_ctr_test();
if (ret >= 0)
return check_skcipher_driver_masking(NULL /* tfm */, WOLFKM_AESCTR_NAME, WOLFKM_AESCTR_DRIVER);
else {
wc_test_render_error_message("aes_ctr_test failed: ", ret);
return -EINVAL;
}
}
#endif /* LINUXKM_LKCAPI_REGISTER_AESCTR */
@ -4446,7 +4164,13 @@ static int linuxkm_test_aesctr(void) {
#ifdef LINUXKM_LKCAPI_REGISTER_AESOFB
static int linuxkm_test_aesofb(void) {
return 0;
wc_test_ret_t ret = aesofb_test();
if (ret >= 0)
return check_skcipher_driver_masking(NULL /* tfm */, WOLFKM_AESOFB_NAME, WOLFKM_AESOFB_DRIVER);
else {
wc_test_render_error_message("aesofb_test failed: ", ret);
return -EINVAL;
}
}
#endif /* LINUXKM_LKCAPI_REGISTER_AESOFB */
@ -4454,19 +4178,17 @@ static int linuxkm_test_aesofb(void) {
#ifdef LINUXKM_LKCAPI_REGISTER_AESECB
static int linuxkm_test_aesecb(void) {
return 0;
wc_test_ret_t ret = aes_test();
if (ret >= 0)
return check_skcipher_driver_masking(NULL /* tfm */, WOLFKM_AESECB_NAME, WOLFKM_AESECB_DRIVER);
else {
wc_test_render_error_message("aes_test failed: ", ret);
return -EINVAL;
}
}
#endif /* LINUXKM_LKCAPI_REGISTER_AESECB */
#ifdef LINUXKM_LKCAPI_REGISTER_AESCCM
static int linuxkm_test_aesccm(void) {
return 0;
}
#endif /* LINUXKM_LKCAPI_REGISTER_AESCCM */
#endif /* !NO_AES */
static int linuxkm_lkcapi_register(void)
@ -4553,12 +4275,6 @@ static int linuxkm_lkcapi_register(void)
REGISTER_ALG(ecbAesAlg, crypto_register_skcipher, linuxkm_test_aesecb);
#endif
#ifdef notyet
#ifdef LINUXKM_LKCAPI_REGISTER_AESCCM
REGISTER_ALG(ccmAesAead, crypto_register_aead, linuxkm_test_aesccm);
#endif
#endif /* notyet */
#undef REGISTER_ALG
out:
@ -4609,11 +4325,5 @@ static void linuxkm_lkcapi_unregister(void)
UNREGISTER_ALG(ecbAesAlg, crypto_unregister_skcipher);
#endif
#ifdef notyet
#ifdef LINUXKM_LKCAPI_REGISTER_AESCCM
UNREGISTER_ALG(ccmAesAlg, crypto_unregister_aead);
#endif
#endif /* notyet */
#undef UNREGISTER_ALG
}

2
linuxkm/module_hooks.c
View File

@ -45,7 +45,7 @@
#ifdef HAVE_FIPS
#include <wolfssl/wolfcrypt/fips_test.h>
#endif
#ifndef NO_CRYPT_TEST
#if !defined(NO_CRYPT_TEST) || defined(LINUXKM_LKCAPI_REGISTER)
#include <wolfcrypt/test/test.h>
#endif
#include <wolfssl/wolfcrypt/random.h>

27
wolfcrypt/src/aes.c
View File

@ -4575,21 +4575,23 @@ static void AesSetKey_C(Aes* aes, const byte* key, word32 keySz, int dir)
#endif /* WC_C_DYNAMIC_FALLBACK */
#ifdef WOLFSSL_AESNI
#if defined(WC_FLAG_DONT_USE_AESNI)
if (aes->use_aesni == WC_FLAG_DONT_USE_AESNI) {
aes->use_aesni = 0;
if (checkedAESNI == 0) {
haveAESNI = Check_CPU_support_AES();
checkedAESNI = 1;
}
else
if (haveAESNI
#if defined(WC_FLAG_DONT_USE_AESNI) && !defined(WC_C_DYNAMIC_FALLBACK)
&& (aes->use_aesni != WC_FLAG_DONT_USE_AESNI)
#endif
)
{
if (checkedAESNI == 0) {
haveAESNI = Check_CPU_support_AES();
checkedAESNI = 1;
#if defined(WC_FLAG_DONT_USE_AESNI)
if (aes->use_aesni == WC_FLAG_DONT_USE_AESNI) {
aes->use_aesni = 0;
return 0;
}
aes->use_aesni = haveAESNI;
}
if (aes->use_aesni) {
#endif
aes->use_aesni = 0;
#ifdef WOLFSSL_LINUXKM
/* runtime alignment check */
if ((wc_ptr_t)&aes->key & (wc_ptr_t)0xf) {
@ -4623,6 +4625,9 @@ static void AesSetKey_C(Aes* aes, const byte* key, word32 keySz, int dir)
#endif
}
}
else {
aes->use_aesni = 0;
}
#endif /* WOLFSSL_AESNI */
#if defined(__aarch64__) && defined(WOLFSSL_ARMASM) && \

12
wolfcrypt/test/test.c
View File

@ -41,7 +41,7 @@
#define WOLFSSL_DEBUG_TRACE_ERROR_CODES_ALWAYS
#endif
#ifndef NO_CRYPT_TEST
#if !defined(NO_CRYPT_TEST) || defined(WC_TEST_EXPORT_SUBTESTS)
#include <wolfssl/version.h>
#include <wolfssl/wolfcrypt/types.h>
@ -832,7 +832,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_eax_test(void);
/* Not all unexpected conditions are actually errors .*/
#define WARNING_OUT(err, eLabel) do { ret = (err); goto eLabel; } while (0)
static void render_error_message(const char* msg, wc_test_ret_t es)
void wc_test_render_error_message(const char* msg, wc_test_ret_t es)
{
(void)msg;
(void)es;
@ -917,7 +917,7 @@ static THREAD_RETURN err_sys(const char* msg, int es)
static wc_test_ret_t err_sys(const char* msg, wc_test_ret_t es)
#endif
{
render_error_message(msg, es);
wc_test_render_error_message(msg, es);
print_fiducials();
#ifdef WOLFSSL_LINUXKM
EXIT_TEST(es);
@ -1433,7 +1433,7 @@ static WOLFSSL_TEST_SUBROUTINE wc_test_ret_t nist_sp80056c_kdf_test(void)
#endif
#ifdef TEST_ALWAYS_RUN_TO_END
#define TEST_FAIL(msg, retval) do { last_failed_test_ret = (retval); render_error_message(msg, retval); } while (0)
#define TEST_FAIL(msg, retval) do { last_failed_test_ret = (retval); wc_test_render_error_message(msg, retval); } while (0)
#elif !defined(TEST_FAIL)
#define TEST_FAIL(msg, retval) return err_sys(msg, retval)
#endif
@ -60700,8 +60700,8 @@ static void print_fiducials(void) {
fiducial1, fiducial2, fiducial3, fiducial4);
}
#else
#else /* NO_CRYPT_TEST && !WC_TEST_EXPORT_SUBTESTS */
#ifndef NO_MAIN_DRIVER
int main(void) { return 0; }
#endif
#endif /* NO_CRYPT_TEST */
#endif /* NO_CRYPT_TEST && !WC_TEST_EXPORT_SUBTESTS */

289
wolfcrypt/test/test.h
View File

@ -45,6 +45,8 @@ THREAD_RETURN WOLFSSL_THREAD wolfcrypt_test(void* args);
wc_test_ret_t wolfcrypt_test(void* args);
#endif
void wc_test_render_error_message(const char* msg, wc_test_ret_t es);
#ifndef NO_MAIN_DRIVER
wc_test_ret_t wolfcrypt_test_main(int argc, char** argv);
#endif
@ -100,6 +102,293 @@ wc_static_assert(-(long)MIN_CODE_E < 0x7ffL);
#endif /* !WC_TEST_RET_HAVE_CUSTOM_MACROS */
#ifdef WC_TEST_EXPORT_SUBTESTS
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t error_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t base64_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t base16_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t asn_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t md2_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t md5_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t md4_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha224_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha256_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha512_test(void);
#if !defined(WOLFSSL_NOSHA512_224) && \
(!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha512_224_test(void);
#endif
#if !defined(WOLFSSL_NOSHA512_256) && \
(!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha512_256_test(void);
#endif
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha384_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha3_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t shake128_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t shake256_test(void);
#ifdef WOLFSSL_SM3
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sm3_test(void);
#endif
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hash_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_md5_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha224_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha256_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha384_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha512_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha3_test(void);
#if defined(HAVE_HKDF) && !defined(NO_HMAC)
#if defined(WOLFSSL_AFALG_XILINX) || defined(WOLFSSL_AFALG_XILINX_AES) || \
defined(WOLFSSL_AFALG_XILINX_SHA3) || defined(WOLFSSL_AFALG_HASH_KEEP) || \
defined(WOLFSSL_AFALG_XILINX_RSA)
/* hkdf_test has issue with extern WOLFSSL_TEST_SUBROUTINE set on Xilinx with afalg */
static wc_test_ret_t hkdf_test(void);
#else
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hkdf_test(void);
#endif
#endif /* HAVE_HKDF && ! NO_HMAC */
#ifdef WOLFSSL_HAVE_PRF
#if defined(HAVE_HKDF) && !defined(NO_HMAC)
#ifdef WOLFSSL_BASE16
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t tls12_kdf_test(void);
#endif /* WOLFSSL_BASE16 */
#endif /* WOLFSSL_HAVE_HKDF && !NO_HMAC */
#endif /* WOLFSSL_HAVE_PRF */
#if defined(WOLFSSL_HAVE_PRF) && !defined(NO_HMAC) && defined(WOLFSSL_SHA384)
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t prf_test(void);
#endif
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sshkdf_test(void);
#ifdef WOLFSSL_TLS13
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t tls13_kdf_test(void);
#endif
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t x963kdf_test(void);
#if defined(HAVE_HPKE) && defined(HAVE_ECC) && defined(HAVE_AESGCM)
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hpke_test(void);
#endif
#ifdef WC_SRTP_KDF
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srtpkdf_test(void);
#endif
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t arc4_test(void);
#ifdef WC_RC2
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rc2_test(void);
#endif
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t chacha_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t XChaCha_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t chacha20_poly1305_aead_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t XChaCha20Poly1305_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t des_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t des3_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_cbc_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_ctr_test(void);
#if defined(WOLFSSL_AES_CFB)
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_cfb_test(void);
#endif
#ifdef WOLFSSL_AES_XTS
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_xts_test(void);
#endif
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes192_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes256_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesofb_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t cmac_test(void);
#ifdef HAVE_ASCON
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ascon_hash256_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ascon_aead128_test(void);
#endif
#if defined(WOLFSSL_SIPHASH)
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t siphash_test(void);
#endif
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t poly1305_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesgcm_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesgcm_default_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t gmac_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesccm_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aeskeywrap_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t camellia_test(void);
#ifdef WOLFSSL_SM4
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sm4_test(void);
#endif
#ifdef WC_RSA_NO_PADDING
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_no_pad_test(void);
#endif
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t dh_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t dsa_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srp_test(void);
#ifndef WC_NO_RNG
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t random_test(void);
#endif /* WC_NO_RNG */
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pwdbased_test(void);
#if defined(USE_CERT_BUFFERS_2048) && \
defined(HAVE_PKCS12) && \
!defined(NO_ASN) && !defined(NO_PWDBASED) && !defined(NO_HMAC) && \
!defined(NO_CERTS) && !defined(NO_DES3)
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs12_test(void);
#endif
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ripemd_test(void);
#if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY)
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void); /* test mini api */
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_pkey0_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_pkey1_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openSSL_evpMD_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_evpSig_test(void);
#endif
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pbkdf1_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs12_pbkdf_test(void);
#if defined(HAVE_PBKDF2) && !defined(NO_SHA256) && !defined(NO_HMAC)
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pbkdf2_test(void);
#endif
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t scrypt_test(void);
#ifdef HAVE_ECC
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ecc_test(void);
#if defined(HAVE_ECC_ENCRYPT) && defined(HAVE_AES_CBC) && \
(defined(WOLFSSL_AES_128) || defined(WOLFSSL_AES_256))
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ecc_encrypt_test(void);
#endif
#if defined(USE_CERT_BUFFERS_256) && !defined(WOLFSSL_ATECC508A) && \
!defined(WOLFSSL_ATECC608A) && !defined(NO_ECC256) && \
defined(HAVE_ECC_VERIFY) && defined(HAVE_ECC_SIGN) && \
!defined(WOLF_CRYPTO_CB_ONLY_ECC) && !defined(NO_ECC_SECP)
/* skip for ATECC508/608A, cannot import private key buffers */
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ecc_test_buffers(void);
#endif
#endif
#ifdef HAVE_CURVE25519
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t curve25519_test(void);
#endif
#ifdef HAVE_ED25519
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed25519_test(void);
#endif
#ifdef HAVE_CURVE448
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t curve448_test(void);
#endif
#ifdef HAVE_ED448
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed448_test(void);
#endif
#ifdef WOLFSSL_HAVE_MLKEM
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t mlkem_test(void);
#endif
#ifdef HAVE_DILITHIUM
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t dilithium_test(void);
#endif
#if defined(WOLFSSL_HAVE_XMSS)
#if !defined(WOLFSSL_SMALL_STACK) && WOLFSSL_XMSS_MIN_HEIGHT <= 10
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t xmss_test_verify_only(void);
#endif
#if !defined(WOLFSSL_XMSS_VERIFY_ONLY)
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t xmss_test(void);
#endif
#endif
#if defined(WOLFSSL_HAVE_LMS)
#if !defined(WOLFSSL_SMALL_STACK)
#if (defined(WOLFSSL_WC_LMS) && (LMS_MAX_HEIGHT >= 10) && \
!defined(WOLFSSL_NO_LMS_SHA256_256)) || defined(HAVE_LIBLMS)
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t lms_test_verify_only(void);
#endif
#endif
#if !defined(WOLFSSL_LMS_VERIFY_ONLY)
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t lms_test(void);
#endif
#endif
#ifdef WOLFCRYPT_HAVE_ECCSI
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t eccsi_test(void);
#endif
#ifdef WOLFCRYPT_HAVE_SAKKE
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sakke_test(void);
#endif
#ifdef HAVE_BLAKE2
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t blake2b_test(void);
#endif
#ifdef HAVE_BLAKE2S
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t blake2s_test(void);
#endif
#ifdef HAVE_LIBZ
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t compress_test(void);
#endif
#ifdef HAVE_PKCS7
#ifndef NO_PKCS7_ENCRYPTED_DATA
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7encrypted_test(void);
#endif
#if defined(HAVE_LIBZ) && !defined(NO_PKCS7_COMPRESSED_DATA)
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7compressed_test(void);
#endif
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7signed_test(void);
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7enveloped_test(void);
#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7authenveloped_test(void);
#endif
#if !defined(NO_AES) && defined(HAVE_AES_CBC)
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7callback_test(byte* cert, word32 certSz, byte* key,
word32 keySz);
#endif
#endif
#if !defined(NO_ASN_TIME) && !defined(NO_RSA) && defined(WOLFSSL_TEST_CERT) && \
!defined(NO_FILESYSTEM)
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t cert_test(void);
#endif
#if defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_TEST_CERT) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA) && defined(WOLFSSL_GEN_CERT)
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t certext_test(void);
#endif
#if defined(WOLFSSL_CERT_GEN_CACHE) && defined(WOLFSSL_TEST_CERT) && \
defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN)
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t decodedCertCache_test(void);
#endif
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t memory_test(void);
#if defined(WOLFSSL_PUBLIC_MP) && \
((defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \
defined(USE_FAST_MATH))
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t mp_test(void);
#endif
#if defined(WOLFSSL_PUBLIC_MP) && defined(WOLFSSL_KEY_GEN)
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t prime_test(void);
#endif
#if defined(ASN_BER_TO_DER) && \
(defined(WOLFSSL_TEST_CERT) || defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL))
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t berder_test(void);
#endif
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t logging_test(void);
#if !defined(NO_ASN) && !defined(NO_ASN_TIME)
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t time_test(void);
#endif
#if defined(__INCLUDE_NUTTX_CONFIG_H)
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t wolfcrypt_mutex_test(void);
#else
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t mutex_test(void);
#endif
#if defined(USE_WOLFSSL_MEMORY) && !defined(FREERTOS)
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t memcb_test(void);
#endif
#ifdef WOLFSSL_CAAM_BLOB
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t blob_test(void);
#endif
#ifdef HAVE_ARIA
#include "wolfssl/wolfcrypt/port/aria/aria-crypt.h"
void printOutput(const char *strName, unsigned char *data, unsigned int dataSz);
extern WOLFSSL_TEST_SUBROUTINE int ariagcm_test(MC_ALGID);
#endif
#if defined(WOLF_CRYPTO_CB) && !defined(WC_TEST_NO_CRYPTOCB_SW_TEST)
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t cryptocb_test(void);
#endif
#ifdef WOLFSSL_CERT_PIV
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t certpiv_test(void);
#endif
#ifdef WOLFSSL_AES_SIV
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_siv_test(void);
#endif
#if defined(WOLFSSL_AES_EAX) && \
(!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_eax_test(void);
#endif /* WOLFSSL_AES_EAX */
#endif /* WC_TEST_EXPORT_SUBTESTS */
#ifdef __cplusplus
} /* extern "C" */
#endif

9
wolfssl/wolfcrypt/settings.h
View File

@ -3607,7 +3607,14 @@ extern void uITRON4_free(void *p) ;
#define WOLFSSL_OLD_PRIME_CHECK
#endif
#ifndef WOLFSSL_TEST_SUBROUTINE
#define WOLFSSL_TEST_SUBROUTINE static
#ifdef LINUXKM_LKCAPI_REGISTER
#define WOLFSSL_TEST_SUBROUTINE
#else
#define WOLFSSL_TEST_SUBROUTINE static
#endif
#endif
#ifdef LINUXKM_LKCAPI_REGISTER
#define WC_TEST_EXPORT_SUBTESTS
#endif
#undef HAVE_PTHREAD
/* linuxkm uses linux/string.h, included by linuxkm_wc_port.h. */