Skip to content

Commit a6c850d

Browse files
author
Andras Fekete
committed
Fix CAVP errors
1 parent b31e485 commit a6c850d

3 files changed

Lines changed: 65 additions & 2 deletions

File tree

fips-check.sh

Lines changed: 29 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -93,7 +93,7 @@ netbsd-selftest)
9393
CRYPT_INC_PATH=wolfssl/wolfcrypt
9494
CRYPT_SRC_PATH=wolfcrypt/src
9595
CAVP_SELFTEST_ONLY="yes"
96-
FIPS_OPTION="ready"
96+
FIPS_OPTION="v1"
9797
;;
9898
marvell-linux-selftest)
9999
FIPS_VERSION=$MARVELL_LINUX_FIPS_VERSION
@@ -106,7 +106,7 @@ marvell-linux-selftest)
106106
CRYPT_SRC_PATH=wolfcrypt/src
107107
CAVP_SELFTEST_ONLY="yes"
108108
CAVP_SELFTEST_OPTION=v2
109-
FIPS_OPTION="ready"
109+
FIPS_OPTION="v1"
110110
;;
111111
linuxv5)
112112
FIPS_REPO="git@github.com:wolfSSL/fips.git"
@@ -203,6 +203,33 @@ case "$FIPS_OPTION" in
203203
*ready)
204204
echo "Don't need to copy in tagged wolfCrypt files for FIPS Ready."
205205
;;
206+
v1)
207+
# make a clone of the last FIPS release tag
208+
if ! $GIT clone --depth 1 -b "$CRYPT_VERSION" "$CRYPT_REPO" old-tree; then
209+
echo "fips-check: Couldn't checkout the FIPS release."
210+
exit 1
211+
fi
212+
213+
for MOD in "${WC_MODS[@]}"
214+
do
215+
cp "old-tree/$CRYPT_SRC_PATH/${MOD}.c" "$CRYPT_SRC_PATH"
216+
cp "old-tree/$CRYPT_INC_PATH/${MOD}.h" "$CRYPT_INC_PATH"
217+
done
218+
219+
# We are using random.c from a separate release.
220+
# This is forcefully overwriting any other checkout of the cyassl sources.
221+
# Removing this as default behavior for SGX and netos projects.
222+
if [ "$CAVP_SELFTEST_ONLY" == "no" ] && [ "$FLAVOR" != "sgx" ] && \
223+
[ "$FLAVOR" != "netos-7.6" ];
224+
then
225+
pushd old-tree || exit 2
226+
$GIT fetch origin "$RNG_VERSION" || exit $?
227+
$GIT checkout FETCH_HEAD || exit $?
228+
popd || exit 2
229+
cp "old-tree/$CRYPT_SRC_PATH/random.c" "$CRYPT_SRC_PATH"
230+
cp "old-tree/$CRYPT_INC_PATH/random.h" "$CRYPT_INC_PATH"
231+
fi
232+
;;
206233

207234
v2|rand|v5*)
208235
$GIT branch --no-track "my$CRYPT_VERSION" "$CRYPT_VERSION" || exit $?

src/internal.c

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17907,6 +17907,14 @@ static WC_INLINE int EncryptDo(WOLFSSL* ssl, byte* out, const byte* input,
1790717907
* IV length minus the authentication tag size. */
1790817908
c16toa(sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
1790917909
ssl->encrypt.additional + AEAD_LEN_OFFSET);
17910+
#if !defined(NO_PUBLIC_GCM_SET_IV) && \
17911+
((defined(HAVE_FIPS) || defined(HAVE_SELFTEST)) && \
17912+
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)))
17913+
XMEMCPY(ssl->encrypt.nonce,
17914+
ssl->keys.aead_enc_imp_IV, AESGCM_IMP_IV_SZ);
17915+
XMEMCPY(ssl->encrypt.nonce + AESGCM_IMP_IV_SZ,
17916+
ssl->keys.aead_exp_IV, AESGCM_EXP_IV_SZ);
17917+
#endif
1791017918
#ifdef HAVE_PK_CALLBACKS
1791117919
ret = NOT_COMPILED_IN;
1791217920
if (ssl->ctx && ssl->ctx->PerformTlsRecordProcessingCb) {
@@ -18251,6 +18259,11 @@ static WC_INLINE int Encrypt(WOLFSSL* ssl, byte* out, const byte* input,
1825118259
ssl->specs.bulk_cipher_algorithm == wolfssl_aria_gcm)
1825218260
{
1825318261
/* finalize authentication cipher */
18262+
#if !defined(NO_PUBLIC_GCM_SET_IV) && \
18263+
((defined(HAVE_FIPS) || defined(HAVE_SELFTEST)) && \
18264+
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)))
18265+
AeadIncrementExpIV(ssl);
18266+
#endif
1825418267
if (ssl->encrypt.nonce)
1825518268
ForceZero(ssl->encrypt.nonce, AESGCM_NONCE_SZ);
1825618269
}
@@ -21713,6 +21726,15 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
2171321726
if (ret != 0)
2171421727
goto exit_buildmsg;
2171521728
}
21729+
#if !defined(NO_PUBLIC_GCM_SET_IV) && \
21730+
((defined(HAVE_FIPS) || defined(HAVE_SELFTEST)) && \
21731+
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)) && \
21732+
defined(HAVE_AEAD))
21733+
if (ssl->specs.cipher_type == aead) {
21734+
if (ssl->specs.bulk_cipher_algorithm != wolfssl_chacha)
21735+
XMEMCPY(args->iv, ssl->keys.aead_exp_IV, AESGCM_EXP_IV_SZ);
21736+
}
21737+
#endif
2171621738

2171721739
args->size = (word16)(args->sz - args->headerSz); /* include mac and digest */
2171821740
AddRecordHeader(output, args->size, (byte)type, ssl, epochOrder);

src/tls13.c

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2572,13 +2572,20 @@ static int EncryptTls13(WOLFSSL* ssl, byte* output, const byte* input,
25722572
#endif
25732573
{
25742574

2575+
#if ((defined(HAVE_FIPS) || defined(HAVE_SELFTEST)) && \
2576+
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)))
2577+
ret = wc_AesGcmEncrypt(ssl->encrypt.aes, output, input,
2578+
dataSz, ssl->encrypt.nonce, nonceSz,
2579+
output + dataSz, macSz, aad, aadSz);
2580+
#else
25752581
ret = wc_AesGcmSetExtIV(ssl->encrypt.aes,
25762582
ssl->encrypt.nonce, nonceSz);
25772583
if (ret == 0) {
25782584
ret = wc_AesGcmEncrypt_ex(ssl->encrypt.aes, output,
25792585
input, dataSz, ssl->encrypt.nonce, nonceSz,
25802586
output + dataSz, macSz, aad, aadSz);
25812587
}
2588+
#endif
25822589
}
25832590
break;
25842591
#endif
@@ -2606,13 +2613,20 @@ static int EncryptTls13(WOLFSSL* ssl, byte* output, const byte* input,
26062613
if (ret == NOT_COMPILED_IN)
26072614
#endif
26082615
{
2616+
#if ((defined(HAVE_FIPS) || defined(HAVE_SELFTEST)) && \
2617+
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)))
2618+
ret = wc_AesCcmEncrypt(ssl->encrypt.aes, output, input,
2619+
dataSz, ssl->encrypt.nonce, nonceSz,
2620+
output + dataSz, macSz, aad, aadSz);
2621+
#else
26092622
ret = wc_AesCcmSetNonce(ssl->encrypt.aes,
26102623
ssl->encrypt.nonce, nonceSz);
26112624
if (ret == 0) {
26122625
ret = wc_AesCcmEncrypt_ex(ssl->encrypt.aes, output,
26132626
input, dataSz, ssl->encrypt.nonce, nonceSz,
26142627
output + dataSz, macSz, aad, aadSz);
26152628
}
2629+
#endif
26162630
}
26172631
break;
26182632
#endif

0 commit comments

Comments
 (0)