Skip to content

20260528-pk-vector-regs #10563

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
douzzer wants to merge 2 commits into
base: master
Choose a base branch
from
Open

20260528-pk-vector-regs #10563

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
3121c55
linuxkm on x86: global refactor across PK implementations of sp-asm v…
douzzer May 30, 2026
3a4c2cd
activate ECCSI and SAKKE in linuxkm:
douzzer May 30, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .wolfssl_known_macro_extras
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -741,10 +741,10 @@ WOLFSSL_CONTIKI
WOLFSSL_CRL_ALLOW_MISSING_CDP
WOLFSSL_DISABLE_EARLY_SANITY_CHECKS
WOLFSSL_DRBG_SHA256
WOLFSSL_DTLS13_ECHO_LEGACY_SESSION_ID
WOLFSSL_DTLS_DISALLOW_FUTURE
WOLFSSL_DTLS_RECORDS_CAN_SPAN_DATAGRAMS
WOLFSSL_DTLS_RESEND_ONLY_TIMEOUT
WOLFSSL_DTLS13_ECHO_LEGACY_SESSION_ID
WOLFSSL_DUMP_MEMIO_STREAM
WOLFSSL_DUP_CERTPOL
WOLFSSL_EARLY_DATA_NO_ANTI_REPLAY
Expand Down
4 changes: 2 additions & 2 deletions configure.ac
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1513,6 +1513,7 @@ then
test "$enable_hkdf" = "" && enable_hkdf=yes
test "$enable_eccencrypt" = "" && test "$enable_ecc" != "no" && enable_eccencrypt=yes
test "$enable_fpecc" = "" && test "$enable_ecc" != "no" && enable_fpecc=yes
test "$enable_eccsi" = "" && test "$enable_ecc" != "no" && enable_eccsi=yes
test "$enable_psk" = "" && enable_psk=yes
test "$enable_cmac" = "" && enable_cmac=yes
test "$enable_cmac_kdf" = "" && enable_cmac_kdf=yes
Expand Down Expand Up @@ -1580,13 +1581,12 @@ then
test "$enable_aessiv" = "" && enable_aessiv=yes
# AFALG lacks AES-EAX
test "$enable_aeseax" = "" && test "$enable_afalg" != "yes" && enable_aeseax=yes
test "$enable_sakke" = "" && test "$enable_ecc" != "no" && enable_sakke=yes

if test "$KERNEL_MODE_DEFAULTS" != "yes"
then
test "$enable_cryptocb" = "" && enable_cryptocb=yes
test "$enable_pkcallbacks" = "" && enable_pkcallbacks=yes
test "$enable_eccsi" = "" && test "$enable_ecc" != "no" && enable_eccsi=yes
test "$enable_sakke" = "" && test "$enable_ecc" != "no" && enable_sakke=yes
fi
fi

Expand Down
27 changes: 15 additions & 12 deletions linuxkm/lkcapi_dh_glue.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -89,37 +89,40 @@
#include <crypto/dh.h>

#define WOLFKM_DH_NAME ("dh")
#define WOLFKM_DH_DRIVER ("dh" WOLFKM_DRIVER_FIPS \
"-wolfcrypt")

#if defined(WOLFSSL_SP_X86_64_ASM) && !defined(NO_AVX2_SUPPORT)
#define WOLFKM_DH_DRIVER_ISA_EXT "-avx2"
#else
#define WOLFKM_DH_DRIVER_ISA_EXT ""
#endif
#define WOLFKM_DH_DRIVER_SUFFIX WOLFKM_DH_DRIVER_ISA_EXT \
WOLFKM_DRIVER_SUFFIX_BASE

#define WOLFKM_DH_DRIVER ("dh" WOLFKM_DH_DRIVER_SUFFIX)

#ifdef HAVE_FFDHE_2048
#define WOLFKM_FFDHE2048_NAME ("ffdhe2048(dh)")
#define WOLFKM_FFDHE2048_DRIVER ("ffdhe2048" WOLFKM_DRIVER_FIPS \
"-wolfcrypt")
#define WOLFKM_FFDHE2048_DRIVER ("ffdhe2048" WOLFKM_DH_DRIVER_SUFFIX)
#endif /* HAVE_FFDHE_2048 */

#ifdef HAVE_FFDHE_3072
#define WOLFKM_FFDHE3072_NAME ("ffdhe3072(dh)")
#define WOLFKM_FFDHE3072_DRIVER ("ffdhe3072" WOLFKM_DRIVER_FIPS \
"-wolfcrypt")
#define WOLFKM_FFDHE3072_DRIVER ("ffdhe3072" WOLFKM_DH_DRIVER_SUFFIX)
#endif /* HAVE_FFDHE_3072 */

#ifdef HAVE_FFDHE_4096
#define WOLFKM_FFDHE4096_NAME ("ffdhe4096(dh)")
#define WOLFKM_FFDHE4096_DRIVER ("ffdhe4096" WOLFKM_DRIVER_FIPS \
"-wolfcrypt")
#define WOLFKM_FFDHE4096_DRIVER ("ffdhe4096" WOLFKM_DH_DRIVER_SUFFIX)
#endif /* HAVE_FFDHE_4096 */

#ifdef HAVE_FFDHE_6144
#define WOLFKM_FFDHE6144_NAME ("ffdhe6144(dh)")
#define WOLFKM_FFDHE6144_DRIVER ("ffdhe6144" WOLFKM_DRIVER_FIPS \
"-wolfcrypt")
#define WOLFKM_FFDHE6144_DRIVER ("ffdhe6144" WOLFKM_DH_DRIVER_SUFFIX)
#endif /* HAVE_FFDHE_6144 */

#ifdef HAVE_FFDHE_8192
#define WOLFKM_FFDHE8192_NAME ("ffdhe8192(dh)")
#define WOLFKM_FFDHE8192_DRIVER ("ffdhe8192" WOLFKM_DRIVER_FIPS \
"-wolfcrypt")
#define WOLFKM_FFDHE8192_DRIVER ("ffdhe8192" WOLFKM_DH_DRIVER_SUFFIX)
#endif /* HAVE_FFDHE_8192 */

static int linuxkm_test_kpp_driver(const char * driver,
Expand Down
19 changes: 12 additions & 7 deletions linuxkm/lkcapi_ecdh_glue.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,19 +63,24 @@
#include <wolfssl/wolfcrypt/ecc.h>
#include <crypto/ecdh.h>

#define WOLFKM_ECDH_DRIVER ("ecdh-wolfcrypt")
#if defined(WOLFSSL_SP_X86_64_ASM) && !defined(NO_AVX2_SUPPORT)
#define WOLFKM_ECDH_DRIVER_ISA_EXT "-avx2"
#else
#define WOLFKM_ECDH_DRIVER_ISA_EXT ""
#endif
#define WOLFKM_ECDH_DRIVER_SUFFIX WOLFKM_ECDH_DRIVER_ISA_EXT \
WOLFKM_DRIVER_SUFFIX_BASE

#define WOLFKM_ECDH_DRIVER ("ecdh" WOLFKM_ECDH_DRIVER_SUFFIX)

#define WOLFKM_ECDH_P192_NAME ("ecdh-nist-p192")
#define WOLFKM_ECDH_P192_DRIVER ("ecdh-nist-p192" WOLFKM_DRIVER_FIPS \
"-wolfcrypt")
#define WOLFKM_ECDH_P192_DRIVER ("ecdh-nist-p192" WOLFKM_ECDH_DRIVER_SUFFIX)

#define WOLFKM_ECDH_P256_NAME ("ecdh-nist-p256")
#define WOLFKM_ECDH_P256_DRIVER ("ecdh-nist-p256" WOLFKM_DRIVER_FIPS \
"-wolfcrypt")
#define WOLFKM_ECDH_P256_DRIVER ("ecdh-nist-p256" WOLFKM_ECDH_DRIVER_SUFFIX)

#define WOLFKM_ECDH_P384_NAME ("ecdh-nist-p384")
#define WOLFKM_ECDH_P384_DRIVER ("ecdh-nist-p384" WOLFKM_DRIVER_FIPS \
"-wolfcrypt")
#define WOLFKM_ECDH_P384_DRIVER ("ecdh-nist-p384" WOLFKM_ECDH_DRIVER_SUFFIX)

static int linuxkm_test_ecdh_nist_driver(const char * driver,
const byte * b_pub,
Expand Down
22 changes: 13 additions & 9 deletions linuxkm/lkcapi_ecdsa_glue.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -82,23 +82,27 @@
#include <wolfssl/wolfcrypt/asn.h>
#include <wolfssl/wolfcrypt/ecc.h>

#define WOLFKM_ECDSA_DRIVER ("ecdsa-wolfcrypt")
#if defined(WOLFSSL_SP_X86_64_ASM) && !defined(NO_AVX2_SUPPORT)
#define WOLFKM_ECDSA_DRIVER_ISA_EXT "-avx2"
#else
#define WOLFKM_ECDSA_DRIVER_ISA_EXT ""
#endif
#define WOLFKM_ECDSA_DRIVER_SUFFIX WOLFKM_ECDSA_DRIVER_ISA_EXT \
WOLFKM_DRIVER_SUFFIX_BASE

#define WOLFKM_ECDSA_DRIVER ("ecdsa" WOLFKM_ECDSA_DRIVER_SUFFIX)

#define WOLFKM_ECDSA_P192_NAME ("ecdsa-nist-p192")
#define WOLFKM_ECDSA_P192_DRIVER ("ecdsa-nist-p192" WOLFKM_DRIVER_FIPS \
"-wolfcrypt")
#define WOLFKM_ECDSA_P192_DRIVER ("ecdsa-nist-p192" WOLFKM_ECDSA_DRIVER_SUFFIX)

#define WOLFKM_ECDSA_P256_NAME ("ecdsa-nist-p256")
#define WOLFKM_ECDSA_P256_DRIVER ("ecdsa-nist-p256" WOLFKM_DRIVER_FIPS \
"-wolfcrypt")
#define WOLFKM_ECDSA_P256_DRIVER ("ecdsa-nist-p256" WOLFKM_ECDSA_DRIVER_SUFFIX)

#define WOLFKM_ECDSA_P384_NAME ("ecdsa-nist-p384")
#define WOLFKM_ECDSA_P384_DRIVER ("ecdsa-nist-p384" WOLFKM_DRIVER_FIPS \
"-wolfcrypt")
#define WOLFKM_ECDSA_P384_DRIVER ("ecdsa-nist-p384" WOLFKM_ECDSA_DRIVER_SUFFIX)

#define WOLFKM_ECDSA_P521_NAME ("ecdsa-nist-p521")
#define WOLFKM_ECDSA_P521_DRIVER ("ecdsa-nist-p521" WOLFKM_DRIVER_FIPS \
"-wolfcrypt")
#define WOLFKM_ECDSA_P521_DRIVER ("ecdsa-nist-p521" WOLFKM_ECDSA_DRIVER_SUFFIX)


static int linuxkm_test_ecdsa_nist_driver(const char * driver,
Expand Down
37 changes: 19 additions & 18 deletions linuxkm/lkcapi_rsa_glue.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -99,45 +99,46 @@
#include <wolfssl/wolfcrypt/rsa.h>

#define WOLFKM_RSA_NAME ("rsa")
#define WOLFKM_RSA_DRIVER ("rsa" WOLFKM_DRIVER_FIPS "-wolfcrypt")

#if defined(WOLFSSL_SP_X86_64_ASM) && !defined(NO_AVX2_SUPPORT)
#define WOLFKM_RSA_DRIVER_ISA_EXT "-avx2"
#else
#define WOLFKM_RSA_DRIVER_ISA_EXT ""
#endif
#define WOLFKM_RSA_DRIVER_SUFFIX WOLFKM_RSA_DRIVER_ISA_EXT \
WOLFKM_DRIVER_SUFFIX_BASE

#define WOLFKM_RSA_DRIVER ("rsa" WOLFKM_RSA_DRIVER_SUFFIX)

#if defined(LINUXKM_AKCIPHER_NO_SIGNVERIFY)
/* the akcipher alg */
#define WOLFKM_PKCS1PAD_NAME ("pkcs1pad(rsa)")
#define WOLFKM_PKCS1PAD_DRIVER ("pkcs1pad(rsa" WOLFKM_DRIVER_FIPS \
"-wolfcrypt)")
#define WOLFKM_PKCS1PAD_NAME "pkcs1pad(rsa)"
#define WOLFKM_PKCS1PAD_DRIVER "pkcs1pad-rsa" WOLFKM_RSA_DRIVER_SUFFIX
#endif /* LINUXKM_AKCIPHER_NO_SIGNVERIFY */

/*
* pkcs1 sign verify alg names
* */
#define WOLFKM_PKCS1_SHA224_NAME (PKCS1_NAME "(rsa,sha224)")
#define WOLFKM_PKCS1_SHA224_DRIVER (PKCS1_NAME "(rsa" WOLFKM_DRIVER_FIPS \
"-wolfcrypt,sha224)")
#define WOLFKM_PKCS1_SHA224_DRIVER ("pkcs1pad-rsa-sha224" WOLFKM_RSA_DRIVER_SUFFIX)

#define WOLFKM_PKCS1_SHA256_NAME (PKCS1_NAME "(rsa,sha256)")
#define WOLFKM_PKCS1_SHA256_DRIVER (PKCS1_NAME "(rsa" WOLFKM_DRIVER_FIPS \
"-wolfcrypt,sha256)")
#define WOLFKM_PKCS1_SHA256_DRIVER ("pkcs1pad-rsa-sha256" WOLFKM_RSA_DRIVER_SUFFIX)

#define WOLFKM_PKCS1_SHA384_NAME (PKCS1_NAME "(rsa,sha384)")
#define WOLFKM_PKCS1_SHA384_DRIVER (PKCS1_NAME "(rsa" WOLFKM_DRIVER_FIPS \
"-wolfcrypt,sha384)")
#define WOLFKM_PKCS1_SHA384_DRIVER ("pkcs1pad-rsa-sha384" WOLFKM_RSA_DRIVER_SUFFIX)

#define WOLFKM_PKCS1_SHA512_NAME (PKCS1_NAME "(rsa,sha512)")
#define WOLFKM_PKCS1_SHA512_DRIVER (PKCS1_NAME "(rsa" WOLFKM_DRIVER_FIPS \
"-wolfcrypt,sha512)")
#define WOLFKM_PKCS1_SHA512_DRIVER ("pkcs1pad-rsa-sha512" WOLFKM_RSA_DRIVER_SUFFIX)

#define WOLFKM_PKCS1_SHA3_256_NAME (PKCS1_NAME "(rsa,sha3-256)")
#define WOLFKM_PKCS1_SHA3_256_DRIVER (PKCS1_NAME "(rsa" WOLFKM_DRIVER_FIPS \
"-wolfcrypt,sha3-256)")
#define WOLFKM_PKCS1_SHA3_256_DRIVER ("pkcs1pad-rsa-sha3-256" WOLFKM_RSA_DRIVER_SUFFIX)

#define WOLFKM_PKCS1_SHA3_384_NAME (PKCS1_NAME "(rsa,sha3-384)")
#define WOLFKM_PKCS1_SHA3_384_DRIVER (PKCS1_NAME "(rsa" WOLFKM_DRIVER_FIPS \
"-wolfcrypt,sha3-384)")
#define WOLFKM_PKCS1_SHA3_384_DRIVER ("pkcs1pad-rsa-sha3-384" WOLFKM_RSA_DRIVER_SUFFIX)

#define WOLFKM_PKCS1_SHA3_512_NAME (PKCS1_NAME "(rsa,sha3-512)")
#define WOLFKM_PKCS1_SHA3_512_DRIVER (PKCS1_NAME "(rsa" WOLFKM_DRIVER_FIPS \
"-wolfcrypt,sha3-512)")
#define WOLFKM_PKCS1_SHA3_512_DRIVER ("pkcs1pad-rsa-sha3-512" WOLFKM_RSA_DRIVER_SUFFIX)

#if defined(WOLFSSL_KEY_GEN)
#if defined(LINUXKM_DIRECT_RSA)
Expand Down
6 changes: 6 additions & 0 deletions linuxkm/module_exports.c.template
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -91,6 +91,12 @@
#ifdef HAVE_ECC
#include <wolfssl/wolfcrypt/ecc.h>
#endif
#ifdef WOLFCRYPT_HAVE_ECCSI
#include <wolfssl/wolfcrypt/eccsi.h>
#endif
#ifdef WOLFCRYPT_HAVE_SAKKE
#include <wolfssl/wolfcrypt/sakke.h>
#endif
#ifdef HAVE_HPKE
#include <wolfssl/wolfcrypt/hpke.h>
#endif
Expand Down
Loading
Loading