Address comments from bigbrett and Fenrir bot. Rename she.{c,h} to wc_she.{c,h}, fix naming consistency, auto-enable CMAC/AES dependencies, add WC_SHE_SW_DEFAULT opt-inAddress PR #10009 review comments from bigbrett and Fenrir

Author: night1rider

.github/workflows/os-check.yml

@@ -49,11 +49,15 @@ jobs:
           '--enable-dtls --enable-dtlscid --enable-dtls13 --enable-secure-renegotiation
             --enable-psk --enable-aesccm --enable-nullcipher
             CPPFLAGS=-DWOLFSSL_STATIC_RSA',
+          '--enable-she=extended --enable-cryptocb --enable-cryptocbutils
+            CPPFLAGS=''-DWC_SHE_SW_DEFAULT'' ',
           '--enable-she=standard --enable-cmac',
           '--enable-she=extended --enable-cmac --enable-cryptocb --enable-cryptocbutils',
           '--enable-she=standard --enable-cmac CPPFLAGS=''-DNO_WC_SHE_IMPORT_M123'' ',
           '--enable-she=extended --enable-cmac --enable-cryptocb --enable-cryptocbutils
             CPPFLAGS=''-DNO_WC_SHE_GETUID -DNO_WC_SHE_GETCOUNTER -DNO_WC_SHE_EXPORTKEY'' ',
+          '--enable-she=standard --enable-cmac --enable-cryptocb --enable-cryptocbutils
+            CPPFLAGS=''-DWC_SHE_SW_DEFAULT'' ',
           '--enable-ascon --enable-experimental',
           '--enable-ascon CPPFLAGS=-DWOLFSSL_ASCON_UNROLL --enable-experimental',
           '--enable-all CPPFLAGS=''-DNO_AES_192 -DNO_AES_256'' ',

.wolfssl_known_macro_extras

@@ -657,6 +657,16 @@ WC_RWLOCK_OPS_INLINE
 WC_SHA384
 WC_SHA384_DIGEST_SIZE
 WC_SHA512
+WC_SHE_DEFAULT_COUNTER
+WC_SHE_DEFAULT_UID
+WC_SHE_SW_DEFAULT
+WC_SHE_SW_TEST_AUTH_KEY
+WC_SHE_SW_TEST_EXP_M1
+WC_SHE_SW_TEST_EXP_M2
+WC_SHE_SW_TEST_EXP_M3
+WC_SHE_SW_TEST_EXP_M4
+WC_SHE_SW_TEST_EXP_M5
+WC_SHE_SW_TEST_NEW_KEY
 WC_SKIP_INCLUDED_C_FILES
 WC_SSIZE_TYPE
 WC_STRICT_SIG
@@ -888,7 +898,6 @@ WOLFSSL_SE050_NO_TRNG
 WOLFSSL_SECURE_RENEGOTIATION_ON_BY_DEFAULT
 WOLFSSL_SERVER_EXAMPLE
 WOLFSSL_SETTINGS_FILE
-WOLFSSL_SH224
 WOLFSSL_SHE
 WOLFSSL_SHE_EXTENDED
 WOLFSSL_SHA256_ALT_CH_MAJ

configure.ac

@@ -6128,7 +6128,9 @@ AC_ARG_ENABLE([she],
 
 if test "x$ENABLED_SHE" = "xstandard" || test "x$ENABLED_SHE" = "xextended"
 then
-    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SHE"
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SHE -DWOLFSSL_CMAC -DWOLFSSL_AES_DIRECT"
+    ENABLED_CMAC=yes
+    ENABLED_AESCBC=yes
 fi
 
 if test "x$ENABLED_SHE" = "xextended"

src/include.am

@@ -160,7 +160,7 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/cmac.c
 endif
 
 if BUILD_SHE
-src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/she.c
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/wc_she.c
 endif
 
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/fips.c \
@@ -429,7 +429,7 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/cmac.c
 endif
 
 if BUILD_SHE
-src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/she.c
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/wc_she.c
 endif
 
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/fips.c \
@@ -682,7 +682,7 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/cmac.c
 endif
 
 if BUILD_SHE
-src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/she.c
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/wc_she.c
 endif
 
 if BUILD_CURVE448
@@ -1019,7 +1019,7 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/cmac.c
 endif
 
 if BUILD_SHE
-src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/she.c
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/wc_she.c
 endif
 endif !BUILD_FIPS_V2_PLUS
 

tests/api/test_she.c

@@ -28,7 +28,7 @@
     #include <wolfcrypt/src/misc.c>
 #endif
 
-#include <wolfssl/wolfcrypt/she.h>
+#include <wolfssl/wolfcrypt/wc_she.h>
 #include <wolfssl/wolfcrypt/types.h>
 #ifdef WOLF_CRYPTO_CB
     #include <wolfssl/wolfcrypt/cryptocb.h>
@@ -169,7 +169,7 @@ int test_wc_SHE_ImportM1M2M3(void)
     return EXPECT_RESULT();
 }
 
-int test_wc_She_AesMp16(void)
+int test_wc_SHE_AesMp16(void)
 {
     EXPECT_DECLS;
 #if defined(WOLFSSL_SHE) && !defined(NO_AES)
@@ -188,18 +188,18 @@ int test_wc_She_AesMp16(void)
     };
 
     ExpectIntEQ(wc_AesInit(&aes, NULL, INVALID_DEVID), 0);
-    ExpectIntEQ(wc_She_AesMp16(&aes, input, sizeof(input), out), 0);
+    ExpectIntEQ(wc_SHE_AesMp16(&aes, input, sizeof(input), out), 0);
 
     ExpectIntEQ(wc_AesInit(&aes, NULL, INVALID_DEVID), 0);
-    ExpectIntEQ(wc_She_AesMp16(&aes, shortInput, sizeof(shortInput), out), 0);
+    ExpectIntEQ(wc_SHE_AesMp16(&aes, shortInput, sizeof(shortInput), out), 0);
 
-    ExpectIntEQ(wc_She_AesMp16(NULL, input, sizeof(input), out),
+    ExpectIntEQ(wc_SHE_AesMp16(NULL, input, sizeof(input), out),
                 WC_NO_ERR_TRACE(BAD_FUNC_ARG));
-    ExpectIntEQ(wc_She_AesMp16(&aes, NULL, sizeof(input), out),
+    ExpectIntEQ(wc_SHE_AesMp16(&aes, NULL, sizeof(input), out),
                 WC_NO_ERR_TRACE(BAD_FUNC_ARG));
-    ExpectIntEQ(wc_She_AesMp16(&aes, input, 0, out),
+    ExpectIntEQ(wc_SHE_AesMp16(&aes, input, 0, out),
                 WC_NO_ERR_TRACE(BAD_FUNC_ARG));
-    ExpectIntEQ(wc_She_AesMp16(&aes, input, sizeof(input), NULL),
+    ExpectIntEQ(wc_SHE_AesMp16(&aes, input, sizeof(input), NULL),
                 WC_NO_ERR_TRACE(BAD_FUNC_ARG));
 
     wc_AesFree(&aes);
@@ -467,7 +467,7 @@ static int test_she_crypto_cb(int devIdArg, wc_CryptoInfo* info, void* ctx)
     she->devId = INVALID_DEVID;
 
     switch (info->she.type) {
-        case WC_SHE_SET_UID:
+        case WC_SHE_GET_UID:
             ret = 0;
             break;
         case WC_SHE_GET_COUNTER:

tests/api/test_she.h

@@ -29,7 +29,7 @@ int test_wc_SHE_Init_Id(void);
 int test_wc_SHE_Init_Label(void);
 int test_wc_SHE_Free(void);
 int test_wc_SHE_ImportM1M2M3(void);
-int test_wc_She_AesMp16(void);
+int test_wc_SHE_AesMp16(void);
 int test_wc_SHE_GenerateM1M2M3(void);
 int test_wc_SHE_GenerateM4M5(void);
 #ifdef WOLFSSL_SHE_EXTENDED
@@ -46,7 +46,7 @@ int test_wc_SHE_CryptoCb(void);
     TEST_DECL_GROUP("she", test_wc_SHE_Init_Label),                 \
     TEST_DECL_GROUP("she", test_wc_SHE_Free),                       \
     TEST_DECL_GROUP("she", test_wc_SHE_ImportM1M2M3),               \
-    TEST_DECL_GROUP("she", test_wc_She_AesMp16),                    \
+    TEST_DECL_GROUP("she", test_wc_SHE_AesMp16),                    \
     TEST_DECL_GROUP("she", test_wc_SHE_GenerateM1M2M3),             \
     TEST_DECL_GROUP("she", test_wc_SHE_GenerateM4M5)
 

wolfcrypt/src/cryptocb.c

@@ -2036,7 +2036,7 @@ int wc_CryptoCb_Cmac(Cmac* cmac, const byte* key, word32 keySz,
 #endif /* WOLFSSL_CMAC */
 
 #ifdef WOLFSSL_SHE
-int wc_CryptoCb_SheSetUid(wc_SHE* she, const byte* uid, word32 uidSz,
+int wc_CryptoCb_SheGetUid(wc_SHE* she, const byte* uid, word32 uidSz,
                             const void* ctx)
 {
     int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
@@ -2053,7 +2053,7 @@ int wc_CryptoCb_SheSetUid(wc_SHE* she, const byte* uid, word32 uidSz,
         XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo));
         cryptoInfo.algo_type          = WC_ALGO_TYPE_SHE;
         cryptoInfo.she.she            = she;
-        cryptoInfo.she.type           = WC_SHE_SET_UID;
+        cryptoInfo.she.type           = WC_SHE_GET_UID;
         cryptoInfo.she.ctx            = ctx;
         cryptoInfo.she.op.setUid.uid  = uid;
         cryptoInfo.she.op.setUid.uidSz = uidSz;