diff --git a/linuxkm/linuxkm_wc_port.h b/linuxkm/linuxkm_wc_port.h index 9e511392b23..829eb292716 100644 --- a/linuxkm/linuxkm_wc_port.h +++ b/linuxkm/linuxkm_wc_port.h @@ -276,7 +276,9 @@ _Pragma("GCC diagnostic ignored \"-Wsign-compare\""); _Pragma("GCC diagnostic ignored \"-Wpointer-sign\""); _Pragma("GCC diagnostic ignored \"-Wbad-function-cast\""); +#ifndef __clang__ _Pragma("GCC diagnostic ignored \"-Wdiscarded-qualifiers\""); +#endif _Pragma("GCC diagnostic ignored \"-Wtype-limits\""); _Pragma("GCC diagnostic ignored \"-Wswitch-enum\""); _Pragma("GCC diagnostic ignored \"-Wcast-function-type\""); /* needed for kernel 4.14.336 */ @@ -1870,8 +1872,10 @@ * them to be evaluable by the preprocessor, for use in sp_int.h. */ #if BITS_PER_LONG == 64 + /* NOLINTBEGIN(bugprone-sizeof-expression) */ static_assert(sizeof(ULONG_MAX) == 8, "BITS_PER_LONG is 64, but ULONG_MAX is not."); + /* NOLINTEND(bugprone-sizeof-expression) */ #undef UCHAR_MAX #define UCHAR_MAX 255 diff --git a/linuxkm/lkcapi_glue.c b/linuxkm/lkcapi_glue.c index 1d0251a83d8..a4c2559952a 100644 --- a/linuxkm/lkcapi_glue.c +++ b/linuxkm/lkcapi_glue.c @@ -379,7 +379,7 @@ static int linuxkm_lkcapi_register(void) "with return code %d.\n", \ (alg).base.cra_driver_name, ret); \ (crypto_unregister_ ## alg_class)(&(alg)); \ - if (! (alg.base.cra_flags & CRYPTO_ALG_DEAD)) { \ + if (! ((alg).base.cra_flags & CRYPTO_ALG_DEAD)) { \ pr_err("ERROR: alg %s not _DEAD " \ "after crypto_unregister_%s -- " \ "marking as loaded despite test failure.", \ @@ -787,18 +787,18 @@ static int linuxkm_lkcapi_unregister(void) #define UNREGISTER_ALG(alg, alg_class) \ do { \ if (alg ## _loaded) { \ - if (alg.base.cra_flags & CRYPTO_ALG_DEAD) { \ + if ((alg).base.cra_flags & CRYPTO_ALG_DEAD) { \ pr_err("alg %s already CRYPTO_ALG_DEAD.", \ - alg.base.cra_driver_name); \ + (alg).base.cra_driver_name); \ alg ## _loaded = 0; \ ++n_deregistered; \ } \ else { \ int cur_refcnt = \ - WC_LKM_REFCOUNT_TO_INT(alg.base.cra_refcnt); \ + WC_LKM_REFCOUNT_TO_INT((alg).base.cra_refcnt); \ if (cur_refcnt == 1) { \ (crypto_unregister_ ## alg_class)(&(alg)); \ - if (! (alg.base.cra_flags & CRYPTO_ALG_DEAD)) { \ + if (! ((alg).base.cra_flags & CRYPTO_ALG_DEAD)) { \ pr_err("ERROR: alg %s not _DEAD after " \ "crypto_unregister_%s -- " \ "leaving marked as loaded.", \ @@ -812,7 +812,7 @@ static int linuxkm_lkcapi_unregister(void) } \ else { \ pr_err("alg %s cannot be uninstalled (refcnt = %d)", \ - alg.base.cra_driver_name, cur_refcnt); \ + (alg).base.cra_driver_name, cur_refcnt); \ if (cur_refcnt > 0) { seen_err = -EBUSY; } \ } \ } \ diff --git a/linuxkm/lkcapi_rsa_glue.c b/linuxkm/lkcapi_rsa_glue.c index caf8cf4c274..056a0d589db 100644 --- a/linuxkm/lkcapi_rsa_glue.c +++ b/linuxkm/lkcapi_rsa_glue.c @@ -2935,7 +2935,9 @@ static int linuxkm_test_pkcs1pad_driver(const char * driver, int nbits, pr_info("info: %s, %d, %d: self test returned: %d\n", driver, nbits, key_len, ret); } - #endif /* WOLFKM_DEBUG_RSA */ + #else /* !WOLFKM_DEBUG_RSA */ + (void)skipped; + #endif /* !WOLFKM_DEBUG_RSA */ return test_rc; } @@ -3292,7 +3294,9 @@ static int linuxkm_test_pkcs1_driver(const char * driver, int nbits, pr_info("info: %s, %d, %d: self test returned: %d\n", driver, nbits, key_len, ret); } - #endif /* WOLFKM_DEBUG_RSA */ + #else /* !WOLFKM_DEBUG_RSA */ + (void)skipped; + #endif /* !WOLFKM_DEBUG_RSA */ return test_rc; } diff --git a/linuxkm/lkcapi_sha_glue.c b/linuxkm/lkcapi_sha_glue.c index e1337e0ca57..1a3c55574ce 100644 --- a/linuxkm/lkcapi_sha_glue.c +++ b/linuxkm/lkcapi_sha_glue.c @@ -565,8 +565,8 @@ static struct shash_alg name ## _alg = \ .digest = km_ ## name ## _digest, \ .descsize = sizeof(struct km_sha_state), \ .base = { \ - .cra_name = this_cra_name, \ - .cra_driver_name = this_cra_driver_name, \ + .cra_name = (this_cra_name), \ + .cra_driver_name = (this_cra_driver_name), \ .cra_priority = WOLFSSL_LINUXKM_LKCAPI_PRIORITY, \ .cra_blocksize = (block_size), \ .cra_module = THIS_MODULE \ @@ -671,8 +671,8 @@ static struct shash_alg name ## _alg = \ .digest = km_ ## name ## _digest, \ .descsize = sizeof(struct km_sha_state), \ .base = { \ - .cra_name = this_cra_name, \ - .cra_driver_name = this_cra_driver_name, \ + .cra_name = (this_cra_name), \ + .cra_driver_name = (this_cra_driver_name), \ .cra_priority = WOLFSSL_LINUXKM_LKCAPI_PRIORITY, \ .cra_blocksize = (block_size), \ .cra_module = THIS_MODULE \ @@ -909,8 +909,8 @@ static struct shash_alg name ## _alg = \ .exit_tfm = km_hmac_exit_tfm, \ .descsize = sizeof(struct km_sha_hmac_state), \ .base = { \ - .cra_name = this_cra_name, \ - .cra_driver_name = this_cra_driver_name, \ + .cra_name = (this_cra_name), \ + .cra_driver_name = (this_cra_driver_name), \ .cra_priority = WOLFSSL_LINUXKM_LKCAPI_PRIORITY, \ .cra_blocksize = (block_size), \ .cra_ctxsize = sizeof(struct km_sha_hmac_pstate), \ diff --git a/linuxkm/module_hooks.c b/linuxkm/module_hooks.c index 14bed3ff57e..68472f91c20 100644 --- a/linuxkm/module_hooks.c +++ b/linuxkm/module_hooks.c @@ -136,16 +136,11 @@ static unsigned int hash_span(const u8 *start, const u8 *end, unsigned int sum) return sum; } -#ifdef WC_SYM_RELOC_TABLES struct wc_reloc_counts reloc_counts = {}; -#endif #endif /* DEBUG_LINUXKM_PIE_SUPPORT */ -#ifdef WC_SYM_RELOC_TABLES -extern struct wolfssl_linuxkm_pie_redirect_table wolfssl_linuxkm_pie_redirect_table; static int set_up_wolfssl_linuxkm_pie_redirect_table(void); -#endif /* WC_SYM_RELOC_TABLES */ #ifdef HAVE_FIPS extern const unsigned int wolfCrypt_FIPS_ro_start[]; diff --git a/tests/api/test_aes.c b/tests/api/test_aes.c index 680dfb7229b..5b11c704d98 100644 --- a/tests/api/test_aes.c +++ b/tests/api/test_aes.c @@ -34,8 +34,6 @@ #include #include -#define WC_ALLOC_DO_ON_FAILURE() WC_DO_NOTHING - /******************************************************************************* * AES ******************************************************************************/ diff --git a/tests/api/test_rsa.c b/tests/api/test_rsa.c index 9897efc93df..862af44d1ce 100644 --- a/tests/api/test_rsa.c +++ b/tests/api/test_rsa.c @@ -33,8 +33,6 @@ #include #include -#define WC_ALLOC_DO_ON_FAILURE() WC_DO_NOTHING - /* * Testing wc_Init RsaKey() */ diff --git a/wolfcrypt/benchmark/benchmark.c b/wolfcrypt/benchmark/benchmark.c index b75d35ebb17..3b3c4159d9e 100644 --- a/wolfcrypt/benchmark/benchmark.c +++ b/wolfcrypt/benchmark/benchmark.c @@ -69,6 +69,7 @@ /* Macro to disable benchmark */ #ifndef NO_CRYPT_BENCHMARK +#undef WC_ALLOC_DO_ON_FAILURE #define WC_ALLOC_DO_ON_FAILURE() do { printf("out of memory at benchmark.c L %d\n", __LINE__); ret = MEMORY_E; goto exit; } while (0) #include diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 4dfe4150a01..5c720740861 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -11461,14 +11461,15 @@ int wc_DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key, /* Validated parameters. */ if ((input == NULL) || (inOutIdx == NULL) || (key == NULL)) { - ret = BAD_FUNC_ARG; + return BAD_FUNC_ARG; } - if (ret == 0) { - ALLOC_ASNGETDATA(dataASN, dsaPubKeyASN_Length, ret, key->heap); - } + ALLOC_ASNGETDATA(dataASN, dsaPubKeyASN_Length, ret, key->heap); - if (ret == 0) { + if (ret != 0) + return ret; + + { int i; /* Clear dynamic data items. */ @@ -30137,44 +30138,42 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx, int pubIdx = ECCPUBLICKEYASN_IDX_PUBKEY; if ((input == NULL) || (inOutIdx == NULL) || (key == NULL) || (inSz == 0)) { - ret = BAD_FUNC_ARG; + return BAD_FUNC_ARG; } - if (ret == 0) { - ALLOC_ASNGETDATA(dataASN, eccKeyASN_Length, ret, key->heap); - } + ALLOC_ASNGETDATA(dataASN, eccKeyASN_Length, ret, key->heap); + if (ret != 0) + return ret; - if (ret == 0) { - /* Clear dynamic data for ECC public key. */ - XMEMSET(dataASN, 0, sizeof(*dataASN) * eccPublicKeyASN_Length); + /* Clear dynamic data for ECC public key. */ + XMEMSET(dataASN, 0, sizeof(*dataASN) * eccPublicKeyASN_Length); #if !defined(WOLFSSL_SM2) || !defined(WOLFSSL_SM3) - /* Set required ECDSA OID and ignore the curve OID type. */ - GetASN_ExpBuffer(&dataASN[ECCPUBLICKEYASN_IDX_ALGOID_OID], keyEcdsaOid, - sizeof(keyEcdsaOid)); + /* Set required ECDSA OID and ignore the curve OID type. */ + GetASN_ExpBuffer(&dataASN[ECCPUBLICKEYASN_IDX_ALGOID_OID], keyEcdsaOid, + sizeof(keyEcdsaOid)); #else - GetASN_OID(&dataASN[ECCPUBLICKEYASN_IDX_ALGOID_OID], oidKeyType); + GetASN_OID(&dataASN[ECCPUBLICKEYASN_IDX_ALGOID_OID], oidKeyType); #endif + GetASN_OID(&dataASN[oidIdx], oidCurveType); + /* Decode the public ECC key. */ + ret = GetASN_Items(eccPublicKeyASN, dataASN, eccPublicKeyASN_Length, 1, + input, inOutIdx, inSz); + if (ret != 0) { + oidIdx = ECCKEYASN_IDX_CURVEID; + #ifdef WOLFSSL_CUSTOM_CURVES + specIdx = ECCKEYASN_IDX_CURVEPARAMS; + #endif + pubIdx = ECCKEYASN_IDX_PUBKEY_VAL; + + /* Clear dynamic data for ECC private key. */ + XMEMSET(dataASN, 0, sizeof(*dataASN) * eccKeyASN_Length); + /* Check named curve OID type. */ GetASN_OID(&dataASN[oidIdx], oidCurveType); - /* Decode the public ECC key. */ - ret = GetASN_Items(eccPublicKeyASN, dataASN, eccPublicKeyASN_Length, 1, - input, inOutIdx, inSz); + /* Try private key format .*/ + ret = GetASN_Items(eccKeyASN, dataASN, eccKeyASN_Length, 1, input, + inOutIdx, inSz); if (ret != 0) { - oidIdx = ECCKEYASN_IDX_CURVEID; - #ifdef WOLFSSL_CUSTOM_CURVES - specIdx = ECCKEYASN_IDX_CURVEPARAMS; - #endif - pubIdx = ECCKEYASN_IDX_PUBKEY_VAL; - - /* Clear dynamic data for ECC private key. */ - XMEMSET(dataASN, 0, sizeof(*dataASN) * eccKeyASN_Length); - /* Check named curve OID type. */ - GetASN_OID(&dataASN[oidIdx], oidCurveType); - /* Try private key format .*/ - ret = GetASN_Items(eccKeyASN, dataASN, eccKeyASN_Length, 1, input, - inOutIdx, inSz); - if (ret != 0) { - ret = ASN_PARSE_E; - } + ret = ASN_PARSE_E; } } diff --git a/wolfcrypt/src/dh.c b/wolfcrypt/src/dh.c index b2d49467a0a..f98aa3b0889 100644 --- a/wolfcrypt/src/dh.c +++ b/wolfcrypt/src/dh.c @@ -1032,13 +1032,13 @@ static int _ffc_pairwise_consistency_test(DhKey* key, #ifndef WOLFSSL_DH_CONST #define WOLFSSL_DH_ROUND(x) WC_DO_NOTHING #else - #define WOLFSSL_DH_ROUND(x) \ - do { \ - if (x % 128) { \ - x &= 0xffffff80;\ - x += 128; \ - } \ - } \ + #define WOLFSSL_DH_ROUND(x) \ + do { \ + if ((x) % 128) { \ + (x) &= 0xffffff80;\ + (x) += 128; \ + } \ + } \ while (0) #endif diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index a3d6dcfcda3..8d0780c0a22 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -581,6 +581,8 @@ typedef struct testVector { #define WOLFSSL_TEST_SUBROUTINE #endif +#ifndef WC_TEST_EXPORT_SUBTESTS + WOLFSSL_TEST_SUBROUTINE wc_test_ret_t macro_test(void); WOLFSSL_TEST_SUBROUTINE wc_test_ret_t error_test(void); WOLFSSL_TEST_SUBROUTINE wc_test_ret_t base64_test(void); @@ -900,6 +902,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_eax_test(void); WOLFSSL_TEST_SUBROUTINE wc_test_ret_t drbg_continuous_main(void); #endif +#endif /* !WC_TEST_EXPORT_SUBTESTS */ + /* General big buffer size for many tests. */ #define FOURK_BUF 4096 @@ -1892,8 +1896,6 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t nist_sp80056c_twostep_cmac(void) } #endif -#define WC_ALLOC_DO_ON_FAILURE() WC_DO_NOTHING - #ifdef TEST_ALWAYS_RUN_TO_END #define TEST_FAIL(msg, retval) do { last_failed_test_ret = (retval); wc_test_render_error_message(msg, retval); } while (0) #elif !defined(TEST_FAIL) diff --git a/wolfcrypt/test/test.h b/wolfcrypt/test/test.h index ddaea0f310f..1202c667f19 100644 --- a/wolfcrypt/test/test.h +++ b/wolfcrypt/test/test.h @@ -104,6 +104,17 @@ wc_static_assert(-(long)MIN_CODE_E < 0x7ffL); #ifdef WC_TEST_EXPORT_SUBTESTS +#if defined(NO_FILESYSTEM) || defined(WC_NO_RNG) + #if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) && \ + !defined(USE_CERT_BUFFERS_3072) && !defined(USE_CERT_BUFFERS_4096) + #define USE_CERT_BUFFERS_2048 + #endif + #if !defined(USE_CERT_BUFFERS_256) + #define USE_CERT_BUFFERS_256 + #endif +#endif + +extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t macro_test(void); extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t error_test(void); extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t base64_test(void); extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t base16_test(void); @@ -172,6 +183,15 @@ extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hpke_test(void); #ifdef WC_SRTP_KDF extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srtpkdf_test(void); #endif + +#if defined(WC_KDF_NIST_SP_800_56C) && \ + (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0)) +extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t nist_sp80056c_kdf_test(void); +#endif +#if defined(HAVE_CMAC_KDF) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0)) +extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t nist_sp800108_cmac(void); +extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t nist_sp80056c_twostep_cmac(void); +#endif extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t arc4_test(void); #ifdef WC_RC2 extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rc2_test(void); @@ -221,12 +241,15 @@ extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t dsa_test(void); extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srp_test(void); #ifndef WC_NO_RNG extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t random_test(void); +#ifdef WC_RNG_BANK_SUPPORT +extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t random_bank_test(void); +#endif #endif /* WC_NO_RNG */ extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pwdbased_test(void); #if defined(USE_CERT_BUFFERS_2048) && \ defined(HAVE_PKCS12) && \ !defined(NO_ASN) && !defined(NO_PWDBASED) && !defined(NO_HMAC) && \ - !defined(NO_CERTS) && !defined(NO_DES3) + !defined(NO_CERTS) && !defined(NO_DES3) && !defined(NO_SHA) extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs12_test(void); #endif extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ripemd_test(void); @@ -307,9 +330,11 @@ extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t scrypt_test(void); #endif #ifdef HAVE_BLAKE2 extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t blake2b_test(void); + extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t blake2b_hmac_test(void); #endif #ifdef HAVE_BLAKE2S extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t blake2s_test(void); + extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t blake2s_hmac_test(void); #endif #ifdef HAVE_LIBZ extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t compress_test(void); diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index b43ea45772e..6fd7f8198db 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -825,6 +825,9 @@ enum { #include /* declare/free variable handling for async and smallstack */ +#ifndef WC_ALLOC_DO_ON_FAILURE + #define WC_ALLOC_DO_ON_FAILURE() WC_DO_NOTHING +#endif #define WC_DECLARE_HEAP_ARRAY(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) \ VAR_TYPE* VAR_NAME[VAR_ITEMS] = { NULL, }; \ diff --git a/wolfssl/wolfcrypt/wc_port.h b/wolfssl/wolfcrypt/wc_port.h index 6c68d15919d..f2ac50ddcd8 100644 --- a/wolfssl/wolfcrypt/wc_port.h +++ b/wolfssl/wolfcrypt/wc_port.h @@ -539,7 +539,8 @@ * should not be included. Use FreeBSD instead. * definitions are in bsdkm/bsdkm_wc_port.h */ #elif defined(HAVE_C___ATOMIC) && defined(WOLFSSL_HAVE_ATOMIC_H) && \ - !defined(__cplusplus) + !defined(__cplusplus) && \ + !(defined(__clang__) && defined(WOLFSSL_KERNEL_MODE)) /* Default C Implementation */ #include typedef atomic_int wolfSSL_Atomic_Int;