in lkcapi_sha_glue.c:
in linuxkm_hmac_setkey_common(), ignore keylength even in FIPS modules (use
wc_HmacSetKey_ex(..., 1)) on kernel < 6.0 to work around crypto manager bug;
in wc_linuxkm_drbg_startup(), add rng workout routine using handle from
crypto_alloc_rng();
in lkcapi_*_glue.c: fix test routines to return valid wolfCrypt error codes
consistently;
in module_hooks.c, implement
* linuxkm_lkcapi_sysfs_install_node(),
* linuxkm_lkcapi_sysfs_deinstall_node(),
* FIPS_rerun_self_test_handler()
and add corresponding setup/teardown in wolfssl_init() and wolfssl_exit();
in lkcapi_glue.c:
refactor linuxkm_lkcapi_sysfs_install and linuxkm_lkcapi_sysfs_deinstall to
use the new helpers;
harden the REGISTER_ALG() and UNREGISTER_ALG() macros and the
linuxkm_lkcapi_register() and linuxkm_lkcapi_unregister() functions, and add
informational messages about number of algs registered/deregistered;
in x86_vector_register_glue.c: fix gate for irq_fpu_usable() workaround to
reflect backporting of fix in >=5.10.180 in 5.10-LTS and >=5.15.39 in 5.15-LTS
linuxkm/lkcapi_glue.c: move WOLFSSL_DEBUG_TRACE_ERROR_CODES coverage for
EINVAL/ENOMEM/EBADMSG to module_hooks.c.
* Implement --enable-linuxkm-lkcapi-register=stdrng and =stdrng-default,
LINUXKM_LKCAPI_REGISTER_HASH_DRBG, and
LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT. With "_DEFAULT", the DRBG is
installed as the systemwide default stdrng, necessitating
deregister-on-command, described below. Note that get_random_bytes() and the
associated /dev/random and /dev/urandom do not use the default stdrng, and
their back end cannot currently be replaced by a module.
* Add control nodes /sys/module/libwolfssl/install_algs and
/sys/module/libwolfssl/deinstall_algs.
* Add configure option --enable-linuxkm-lkcapi-register=sysfs-nodes-only, and
macro LINUXKM_LKCAPI_REGISTER_ONLY_ON_COMMAND, to inhibit registration at
module load time.
In configure.ac ENABLED_LINUXKM_LKCAPI_REGISTER setup, don't define
WOLFSSL_DH_GEN_PUB in old FIPS, but do define it for =all.
typography fixes;
static attr on const byte arrays;
refactor km_ecdsa_verify() to use a single heap allocation;
fix linuxkm_test_ecdsa_nist_driver() to copy sig and hash to a heap allocation before passing to sg_set_buf() (avoids unmapping of rodata);
in linuxkm_test_pkcs1_driver() move hash from stack to heap;
add LINUX_VERSION_CODE >= 5.4 assertion in linuxkm/lkcapi_glue.c;
streamline macro logic in linuxkm/lkcapi_sha_glue.c.
wolfssl/wolfcrypt/types.h: fallthrough map WC_SANITIZE_{DISABLE,ENABLE}() to WC_DO_NOTHING;
linuxkm/module_hooks.c: add WC_SANITIZE_DISABLE...WC_SANITIZE_ENABLE wrapper around critical span in updateFipsHash().
linuxkm/linuxkm_wc_port.h: use >=6.9.0 as the gate for 5-arg fortify_panic();
in lkm_printf() definition, use _printk on >5.15.0;
linuxkm/module_hooks.c: raise MAX_FIPS_DATA_SZ and MAX_FIPS_CODE_SZ to
accommodate growth.
which force on BUILDING_WOLFSSL and do boilerplate includes, and update library
sources to include them at the top.
wolfssl_sources.h includes types.h, error-crypt.h, and logging.h, and
conditionally, config.h. settings.h and wc_port.h are unconditionally
included at the top of types.h.
wolfssl_sources_asm.h includes settings.h, and conditionally, config.h.
Add wolfssl_sources*.h to wolfcrypt/src/include.am, and to several IDE/ project
files.
Also added a TEST_WOLFSSL_SOURCES_INCLUSION_SEQUENCE clause in
wolfssl/wolfcrypt/settings.h to allow coverage testing.
In wolfcrypt/src/misc.c, retain existing ad hoc boilerplate includes, and use
them if WOLFSSL_VIS_FOR_TESTS, otherwise include the new wolfssl_sources.h.
Define WOLFSSL_VIS_FOR_TESTS at top of wolfcrypt/test/test.c.
Also renamed WOLFSSL_NEED_LINUX_CURRENT to WOLFSSL_LINUXKM_NEED_LINUX_CURRENT,
for clarity.
WOLFSSL_AESGCM_STREAM builds, and in km_AesFree(), remove ad hoc zeroization of
(*aes)->streamData gated on FIPS_VERSION3_LT(6,0,0) because it doesn't include
WOLFSSL_AESGCM_STREAM.
LINUXKM_LKCAPI_NEED_AES_SKCIPHER_COMMON_FUNCS helper macros (peer review
suggestion).
wolfcrypt/src/aes.c: add lengthy comment in software wc_AesSetKeyLocal()
explaining the dynamics of aes->use_aesni (peer review suggestion), and in the
!haveAESNI && WC_C_DYNAMIC_FALLBACK case, return with immediate success rather
than following through to the redundant AesSetKey_C().
wolfssl/wolfcrypt/settings.h: in WOLFSSL_LINUXKM section, #ifdef LINUXKM_LKCAPI_REGISTER, #define WOLFSSL_TEST_SUBROUTINE to nothing, and #define WC_TEST_EXPORT_SUBTESTS.
linuxkm/lkcapi_glue.c:
* add check_skcipher_driver_masking() and check_aead_driver_masking(),
* use _masking() checks in all linuxkm_test_*().
* add !WOLFSSL_AESGCM_STREAM implementation of linuxkm_test_aesgcm().
* add implementations of linuxkm_test_aesctr(), linuxkm_test_aesofb(), and linuxkm_test_aesecb()
* remove incomplete+disabled AES-CCM shim implementation.
linuxkm/module_hooks.c: pull in wolfcrypt/test/test.h if LINUXKM_LKCAPI_REGISTER.
linuxkm/Makefile: build wolfcrypt/test/test.o if ENABLED_LINUXKM_LKCAPI_REGISTER.
Makefile.am: add ENABLED_LINUXKM_LKCAPI_REGISTER to exports in BUILD_LINUXKM section.
configure.ac: add AC_SUBST([ENABLED_LINUXKM_LKCAPI_REGISTER]); in ENABLED_LINUXKM_DEFAULTS set up, remove `-DWOLFSSL_TEST_SUBROUTINE=static` from AM_CFLAGS adds; fix whitespace.
.wolfssl_known_macro_extras: add WC_WANT_FLAG_DONT_USE_AESNI.
wolfcrypt/test/test.c: add `|| defined(WC_TEST_EXPORT_SUBTESTS)` to outermost gate, add wc_test_ prefix to render_error_message() and export it,
wolfcrypt/test/test.h: add prototype for wc_test_render_error_message(), and #ifdef WC_TEST_EXPORT_SUBTESTS, add prototypes for all the subtests.
linuxkm/lkcapi_glue.c: finish implementation of WC_LINUXKM_C_FALLBACK_IN_SHIMS and add TEST_WC_LINUXKM_C_FALLBACK_IN_SHIMS.
use "WC_C_DYNAMIC_FALLBACK" consistently (remove/replace uses of "WC_AES_C_DYNAMIC_FALLBACK").
as readonly in the encrypt/decrypt handlers -- clone them before setting the IV
-- for thread safety. also, remove the "experimental" designation of
--enable-linuxkm-lkcapi-register=all.
WOLFSSL_DEBUG_TRACE_ERROR_CODES support for EINVAL/ENOMEM/EBADMSG;
configure.ac: remove ENABLED_EXPERIMENTAL requirement for
--enable-linuxkm-lkcapi-register=cfb(aes);
linuxkm/module_hooks.c: omit "skipping full wolfcrypt_test" message if
wc_RunAllCast_fips() was run.
self-test and crypto fuzzer), and de-experimentalize it.
wolfssl/wolfcrypt/types.h: add definitions for WOLFSSL_WORD_SIZE_LOG2.
wolfcrypt/src/misc.c: fix xorbuf() to make the XorWords() reachable; also,
refactor integer division and modulus ops as masks and shifts, and add pragma
to suppress linuxkm FORTIFY_SOURCE false positive -Wmaybe-uninitialized.
src/internal.c: fix shiftTooManyBitsSigned in DefTicketEncCb().
tests/api/test_sha256.c and wolfssl/wolfcrypt/sha256.h: gate raw transform APIs (wc_Sha256Transform(), wc_Sha256FinalRaw()) and tests on !defined(WOLFSSL_KCAPI_HASH) && !defined(WOLFSSL_AFALG_HASH).
move enum wc_HashFlags from wolfssl/wolfcrypt/hash.h to wolfssl/wolfcrypt/types.h to resolve circular dependency detected by cross-armv7m-armasm-thumb-fips-140-3-dev-sp-asm-all-crypto-only.
add FIPS_VERSION_GE(7,0) gates to new null-arg tests in test_wc_Shake{128,256}_*().
optimize ByteReverseWords() for cases where only one operand is unaligned, and add correct handling of unaligned data in ByteReverseWords64() to resolve unaligned access sanitizer report in cross-aarch64_be-all-sp-asm-unittest-sanitizer.
wolfssl/wolfcrypt/settings.h: in WOLFSSL_LINUXKM section, define NO_OLD_WC_NAMES, OPENSSL_COEXIST, etc., to avoid collisions with in-tree crypto in application sources that include both wolfssl and linux kernel native headers.
Daniel Pouzzner
jordan
Lealem Amedie
David Garske
Sean Parkinson
JacobBarthelmeh