Skip to content

Commit 584489f

Browse files
dgarskedgarske
authored
Merge pull request #10211 from night1rider/mlkem-cryptocb-sha3-hashtype-bug
Mlkem cryptocb sha3 hashtype not reset after final call
2 parents 9ed79a2 + 467ed28 commit 584489f

3 files changed

Lines changed: 22 additions & 15 deletions

File tree

.github/workflows/os-check.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -105,6 +105,7 @@ jobs:
105105
'--enable-sessionexport --enable-dtls --enable-dtls13',
106106
'--enable-cryptocb --enable-aesgcm CPPFLAGS="-DWOLF_CRYPTO_CB_AES_SETKEY -DWOLF_CRYPTO_CB_FREE"',
107107
'--disable-tls --enable-cryptocb --enable-aesgcm CPPFLAGS="-DWOLF_CRYPTO_CB_AES_SETKEY -DWOLF_CRYPTO_CB_FREE"',
108+
'--enable-cryptocb --enable-keygen CPPFLAGS="-DWOLF_CRYPTO_CB_FIND"',
108109
'--disable-examples CPPFLAGS=-DWOLFSSL_NO_MALLOC',
109110
'CPPFLAGS=-DNO_WOLFSSL_CLIENT',
110111
'CPPFLAGS=-DNO_WOLFSSL_SERVER',

wolfcrypt/src/sha3.c

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -646,6 +646,12 @@ static int InitSha3(wc_Sha3* sha3)
646646
#ifdef WOLFSSL_HASH_FLAGS
647647
sha3->flags = 0;
648648
#endif
649+
#ifdef WOLF_CRYPTO_CB
650+
/* Cached hash variant is tied to sponge state; clear it whenever the
651+
* state is reset so reuse for a different SHA3 variant dispatches
652+
* correctly through the crypto callback. */
653+
sha3->hashType = WC_HASH_TYPE_NONE;
654+
#endif
649655

650656
#ifdef USE_INTEL_SPEEDUP
651657
{

wolfcrypt/src/wc_mlkem.c

Lines changed: 15 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -604,11 +604,11 @@ int wc_MlKemKey_MakeKey(MlKemKey* key, WC_RNG* rng)
604604
}
605605

606606
#ifdef WOLF_CRYPTO_CB
607-
if ((ret == 0)
608-
#ifndef WOLF_CRYPTO_CB_FIND
609-
&& (key->devId != INVALID_DEVID)
610-
#endif
611-
) {
607+
#ifndef WOLF_CRYPTO_CB_FIND
608+
if ((ret == 0) && (key->devId != INVALID_DEVID)) {
609+
#else
610+
if (ret == 0) {
611+
#endif
612612
ret = wc_CryptoCb_MakePqcKemKey(rng, WC_PQC_KEM_TYPE_KYBER,
613613
key->type, key);
614614
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
@@ -1289,11 +1289,11 @@ int wc_MlKemKey_Encapsulate(MlKemKey* key, unsigned char* c, unsigned char* k,
12891289
if (ret == 0) {
12901290
ret = wc_MlKemKey_CipherTextSize(key, &ctlen);
12911291
}
1292-
if ((ret == 0)
1293-
#ifndef WOLF_CRYPTO_CB_FIND
1294-
&& (key->devId != INVALID_DEVID)
1295-
#endif
1296-
) {
1292+
#ifndef WOLF_CRYPTO_CB_FIND
1293+
if ((ret == 0) && (key->devId != INVALID_DEVID)) {
1294+
#else
1295+
if (ret == 0) {
1296+
#endif
12971297
ret = wc_CryptoCb_PqcEncapsulate(c, ctlen, k, KYBER_SS_SZ, rng,
12981298
WC_PQC_KEM_TYPE_KYBER, key);
12991299
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
@@ -1769,11 +1769,11 @@ int wc_MlKemKey_Decapsulate(MlKemKey* key, unsigned char* ss,
17691769
}
17701770

17711771
#ifdef WOLF_CRYPTO_CB
1772-
if ((ret == 0)
1773-
#ifndef WOLF_CRYPTO_CB_FIND
1774-
&& (key->devId != INVALID_DEVID)
1775-
#endif
1776-
) {
1772+
#ifndef WOLF_CRYPTO_CB_FIND
1773+
if ((ret == 0) && (key->devId != INVALID_DEVID)) {
1774+
#else
1775+
if (ret == 0) {
1776+
#endif
17771777
ret = wc_CryptoCb_PqcDecapsulate(ct, ctSz, ss, KYBER_SS_SZ,
17781778
WC_PQC_KEM_TYPE_KYBER, key);
17791779
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))

0 commit comments

Comments
 (0)