WW23'24 source code update [dfa2adb4]

BUILD.md

@@ -213,10 +213,10 @@ To build the Intel IPP Cryptography library on macOS\*, complete the following s
 - `-DPLATFORM_LIST="<platform list>"` - optional, works only if `-DMERGED_BLD:BOOL=off` is set. Sets target platforms for the code to be compiled. See the supported platforms list [here](./OVERVIEW.md).
 
     - Example for Linux\* OS and the IA-32 architecture:
-        `-DPLATFORM_LIST="w7;s8;p8;g9;h9"`
+        `-DPLATFORM_LIST="m7;s8;p8;g9;h9"`
 
     - Example for Linux\* OS and the Intel® 64 architecture:
-        `-DPLATFORM_LIST="m7;n8;y8;e9;l9;k0;k1"`
+        `-DPLATFORM_LIST="w7;n8;y8;e9;l9;k0"`
 - `-DNO_CRYPTO_MB:BOOL=TRUE` - optional, turns off the build of [Crypto Multi Buffer library](./sources/ippcp/crypto_mb/Readme.md) and, as a consequence, removes all dependencies on OpenSSL library.
 - `-DBABASSL:BOOL=on`, `-DBORINGSSL:BOOL=on` - required only if forks of OpenSSL library are used to resolve OpenSSL dependencies - Tongsuo and BoringSSL respectively. These flags make sense when [Crypto Multi Buffer library](./sources/ippcp/crypto_mb/Readme.md) is built.
 - `-DIPPCP_CUSTOM_BUILD="<CPU features list>"` - optional, works only if `-DMERGED_BLD:BOOL=off` is set, i.e. only for 1CPU libraries. Enables the CPU feature dispatching mask at compile-time based on the provided list.
@@ -239,6 +239,9 @@ To build the Intel IPP Cryptography library on macOS\*, complete the following s
 
   - `-DMBX_FIPS_MODE:BOOL=on`: enables all FIPS-compliance changes in Crypto Multi-buffer Library.
   - `-DMBX_FIPS_MODE:BOOL=off`: default configuration. Crypto Multi-buffer Library build with such option is not FIPS-compliant.
+
+- `-DFIPS_CUSTOM_IPPCP_API_HEADER=<redefined_ippcp_api.h>` - optional flag which allows to use FIPS self-tests with IPPCP API with a different prefix to support capabilities of the custom dispatcher generated by Custom Library Tool (Please, note that it is only intended for a very specific use case of [Custom Library](./OVERVIEW.md/#static-library-with-custom-functionality)).The header should contain redefinitions of IPPCP public API, e.g. `#define ippcpGetLibVersion custom_prefix_ippcpGetLibVersion`. The flag is applicable only when IPPCP FIPS mode is enabled (`-DIPPCP_FIPS_MODE:BOOL=on`).
+
 ### Windows\* OS
 
 - `-G"<tool-chain-generator>"` - defines the native build system CMake will generate from the input files.

CHANGELOG.md

@@ -2,6 +2,9 @@
 
 This is a list of notable changes to Intel(R) IPP Cryptography, in reverse chronological order.
 
+## Intel(R) IPP Cryptography 2021.12.1
+- Added `FIPS_CUSTOM_IPPCP_API_HEADER` build flag to support FIPS self-tests for a specific use case when Custom Library Tool is used with custom prefix for IPPCP API.
+
 ## Intel(R) IPP Cryptography 2021.12
 - Added single-buffer implementation of Leighton-Micali Hash-Based Signatures(LMS) algorithm, verification part.
 - Added support of Clang 16.0 compiler for Linux.

include/ippversion.h

@@ -26,14 +26,14 @@
 #if !defined( IPPVERSION_H__ )
 #define IPPVERSION_H__
 
-#define IPP_VERSION_MAJOR  1
-#define IPP_VERSION_MINOR  0
-#define IPP_VERSION_UPDATE 0
+#define IPP_VERSION_MAJOR  2021
+#define IPP_VERSION_MINOR  12
+#define IPP_VERSION_UPDATE 1
 
 // Major interface version
-#define IPP_INTERFACE_VERSION_MAJOR 12
+#define IPP_INTERFACE_VERSION_MAJOR 11
 // Minor interface version
-#define IPP_INTERFACE_VERSION_MINOR 0
+#define IPP_INTERFACE_VERSION_MINOR 15
 
 #define IPP_VERSION_STR  STR(IPP_VERSION_MAJOR) "." STR(IPP_VERSION_MINOR) "." STR(IPP_VERSION_UPDATE) " (" STR(IPP_INTERFACE_VERSION_MAJOR) "." STR(IPP_INTERFACE_VERSION_MINOR) " )"
 

sources/dispatcher/gen_disp_lin32.nonpic.py

@@ -107,7 +107,7 @@
 {FunName}:
     {endbr32}
     mov   eax, dword [ippcpJumpIndexForMergedLibs]
-    jmp   dword [arraddr_{FunName} + eax*4]
+    jmp   dword [rel arraddr_{FunName} + eax*4]
 .LEnd{FunName}:
 """.format(FunName=FunName, size=size, endbr32='db 0xf3, 0x0f, 0x1e, 0xfb'))
             ASMDISP.close()

sources/include/fips_cert_internal/bn_common.h

@@ -31,9 +31,9 @@
  * \param[in] sgn sign of big number
  * \param[in] pdata pointer to integer big number
  * \param[in] data_word_len length of integer big number in 32bit size
- *
+ * 
  */
-__IPPCP_INLINE IppStatus ippcp_init_set_bn(IppsBigNumState *pbn, int max_word_len,
+__INLINE IppStatus ippcp_init_set_bn(IppsBigNumState *pbn, int max_word_len,
                                      IppsBigNumSGN sgn, const Ipp32u *pdata, int data_word_len)
 {
   IppStatus sts;

sources/include/lms_internal/lmots.h

@@ -58,7 +58,7 @@ typedef struct {
  * Output parameters:
  *    params         LMOTS parameters (w, p, ls, n, hash_method)
  */
-__IPPCP_INLINE IppStatus setLMOTSParams(IppsLMOTSAlgo lmotsOIDAlgo, cpLMOTSParams* params) {
+__INLINE IppStatus setLMOTSParams(IppsLMOTSAlgo lmotsOIDAlgo, cpLMOTSParams* params) {
     switch (lmotsOIDAlgo) {
         case LMOTS_SHA256_N32_W1: {
             params->w = 1;
@@ -134,11 +134,11 @@ __IPPCP_INLINE IppStatus setLMOTSParams(IppsLMOTSAlgo lmotsOIDAlgo, cpLMOTSParam
  *    Target element of a specified length
  *
  */
-__IPPCP_INLINE Ipp32u cpCoef(Ipp8u* S, Ipp32u i, Ipp32u w) {
+__INLINE Ipp32u cpCoef(Ipp8u* S, Ipp32u i, Ipp32u w) {
     return ((1 << w) - 1) & ( S[(i * w) / 8] >> (8 - (w * (i % (8 / w)) + w)));
 }
 
-__IPPCP_INLINE Ipp32u cpCksm(Ipp8u* S, cpLMOTSParams lmotsParams) {
+__INLINE Ipp32u cpCksm(Ipp8u* S, cpLMOTSParams lmotsParams) {
     Ipp32u w = lmotsParams.w;
     Ipp32u n = lmotsParams.n;
     Ipp32u ls = lmotsParams.ls;

sources/include/lms_internal/lms.h

@@ -86,7 +86,7 @@ struct _cpLMSSignatureState {
  * Output parameters:
  *    params    LMS parameters (h, m, hash_method)
  */
-__IPPCP_INLINE IppStatus setLMSParams(IppsLMSAlgo lmsOIDAlgo, cpLMSParams* params) {
+__INLINE IppStatus setLMSParams(IppsLMSAlgo lmsOIDAlgo, cpLMSParams* params) {
     /* Set h */
     switch (lmsOIDAlgo % 5) {
         case 0: { params->h = 5;  break; } // LMS_SHA256_M32_H5  and LMS_SHA256_M24_H5

sources/include/owndefs.h

@@ -34,15 +34,15 @@
   #include "ippcpdefs.h"
 #endif
 
-#if !defined(__IPPCP_INLINE)
+#if !defined(__INLINE)
 #if defined(__INTEL_COMPILER) || defined(__INTEL_LLVM_COMPILER) || defined(_MSC_VER)
-  #define __IPPCP_INLINE static __inline
+  #define __INLINE static __inline
 #elif defined( __GNUC__ )
-  #define __IPPCP_INLINE static __inline__
+  #define __INLINE static __inline__
 #else
-  #define __IPPCP_INLINE static
+  #define __INLINE static
 #endif
-#endif /*__IPPCP_INLINE*/
+#endif /*__INLINE*/
 
 /* TODO: to check ICX compiler */
 #if !defined(__NOINLINE)
@@ -59,7 +59,7 @@
 #if defined(_MSC_VER)
   #define __FORCEINLINE __forceinline
 #elif defined(__INTEL_COMPILER) || defined(__INTEL_LLVM_COMPILER) || defined( __GNUC__ )
-  #define __FORCEINLINE __IPPCP_INLINE __attribute__((always_inline))
+  #define __FORCEINLINE __INLINE __attribute__((always_inline))
 #else
   #define __FORCEINLINE
 #endif
@@ -267,7 +267,7 @@
 #endif
 
 #if ((_IPP_ARCH == _IPP_ARCH_IA32))
-__IPPCP_INLINE Ipp32s IPP_INT_PTR ( const void* ptr )
+__INLINE Ipp32s IPP_INT_PTR ( const void* ptr )
 {
     union {
         void*   Ptr;
@@ -277,7 +277,7 @@ __IPPCP_INLINE Ipp32s IPP_INT_PTR ( const void* ptr )
     return dd.Int;
 }
 
-__IPPCP_INLINE Ipp32u IPP_UINT_PTR( const void* ptr )
+__INLINE Ipp32u IPP_UINT_PTR( const void* ptr )
 {
     union {
         void*   Ptr;
@@ -287,7 +287,7 @@ __IPPCP_INLINE Ipp32u IPP_UINT_PTR( const void* ptr )
     return dd.Int;
 }
 #elif ((_IPP_ARCH == _IPP_ARCH_EM64T) || (_IPP_ARCH == _IPP_ARCH_LRB2))
-__IPPCP_INLINE Ipp64s IPP_INT_PTR( const void* ptr )
+__INLINE Ipp64s IPP_INT_PTR( const void* ptr )
 {
     union {
         void*   Ptr;
@@ -297,7 +297,7 @@ __IPPCP_INLINE Ipp64s IPP_INT_PTR( const void* ptr )
     return dd.Int;
 }
 
-__IPPCP_INLINE Ipp64u IPP_UINT_PTR( const void* ptr )
+__INLINE Ipp64u IPP_UINT_PTR( const void* ptr )
 {
     union {
         void*    Ptr;

sources/include/stateful_sig_common/common.h

@@ -25,7 +25,7 @@
  *    out      resulted array of bytes
  */
 
-__IPPCP_INLINE void toByte(Ipp8u *out, Ipp32s outlen, Ipp32u in) {
+__INLINE void toByte(Ipp8u *out, Ipp32s outlen, Ipp32u in) {
     /* Iterate over out in decreasing order, for big-endianness. */
     for (Ipp32s i = outlen - 1; i >= 0; i--) {
         out[i] = (Ipp8u)(in & 0xff);

sources/include/xmss_internal/wots.h

@@ -62,7 +62,7 @@ IPP_OWN_DECL(IppStatus, WOTS_pkFromSig, (const Ipp8u* M, Ipp8u* sig, Ipp8u* pSee
  *    adrs      changed array of bytes
  */
 
-__IPPCP_INLINE void set_adrs_idx(Ipp8u* adrs, Ipp32u idx, int word_id){
+__INLINE void set_adrs_idx(Ipp8u* adrs, Ipp32u idx, int word_id){
     adrs[4 * word_id + 3] = (Ipp8u) idx        & 0xff;
     adrs[4 * word_id + 2] = (Ipp8u)(idx >>  8) & 0xff;
     adrs[4 * word_id + 1] = (Ipp8u)(idx >> 16) & 0xff;
@@ -79,7 +79,7 @@ __IPPCP_INLINE void set_adrs_idx(Ipp8u* adrs, Ipp32u idx, int word_id){
  *    word_id   int32 idx in the adrs array
  */
 
-__IPPCP_INLINE Ipp8u set_adrs_1_byte(int word_id){
+__INLINE Ipp8u set_adrs_1_byte(int word_id){
     return (Ipp8u)(4 * word_id + 3);
 }
 
@@ -90,7 +90,7 @@ __IPPCP_INLINE Ipp8u set_adrs_1_byte(int word_id){
  *    x   double precision floating point value
  */
 
-__IPPCP_INLINE Ipp32s cpCeil(double x) {
+__INLINE Ipp32s cpCeil(double x) {
     Ipp32s int_val = (Ipp32s) x;
     if(int_val == x || x <= 0.0){
         return int_val;

sources/include/xmss_internal/xmss.h

@@ -98,7 +98,7 @@ IPP_OWN_DECL(IppStatus, rand_hash, (Ipp8u* left, Ipp8u* right, Ipp8u* seed,
  *    params    WOTS parameters (w, log2_w, n, len, len_1, hash_method)
  */
 
-__IPPCP_INLINE IppStatus setXMSSParams(IppsXMSSAlgo OIDAlgo, Ipp32s* h, cpWOTSParams* params) {
+__INLINE IppStatus setXMSSParams(IppsXMSSAlgo OIDAlgo, Ipp32s* h, cpWOTSParams* params) {
 
     // Digits below are from the XMSS algo spec
     // don't depend on the algo

sources/ippcp/CMakeLists.txt

@@ -273,7 +273,18 @@ if(IPPCP_FIPS_MODE)
    )
   list(APPEND IPPCP_PUBLIC_HEADERS "${IPPCP_FIPS_CERT_PUBLIC_HEADERS}")
   list(APPEND LIBRARY_HEADERS "${IPPCP_FIPS_CERT_INTERNAL_HEADERS}")
-  list(APPEND LIBRARY_C_SOURCES_ORIGINAL "${IPPCP_FIPS_CERT_LIBRARY_C_SOURCES}")
+
+  set_source_files_properties(${IPPCP_FIPS_CERT_LIBRARY_C_SOURCES} PROPERTIES INCLUDE_DIRECTORIES "${C_INCLUDE_DIRECTORIES}")
+
+  # Add FIPS custom API header
+  if(FIPS_CUSTOM_IPPCP_API_HEADER)
+    message (STATUS "Using FIPS_CUSTOM_IPPCP_API_HEADER ......................... " ${FIPS_CUSTOM_IPPCP_API_HEADER})
+    if(WIN32)
+      set_source_files_properties(${IPPCP_FIPS_CERT_LIBRARY_C_SOURCES} PROPERTIES COMPILE_FLAGS "/FI${FIPS_CUSTOM_IPPCP_API_HEADER}")
+    else()
+      set_source_files_properties(${IPPCP_FIPS_CERT_LIBRARY_C_SOURCES} PROPERTIES COMPILE_FLAGS "-imacros ${FIPS_CUSTOM_IPPCP_API_HEADER}")
+    endif()
+  endif()
 endif()
 
 # Because of CMake bug (https://gitlab.kitware.com/cmake/cmake/issues/19178) it is impossible to add
@@ -370,6 +381,7 @@ foreach(opt ${PLATFORM_LIST})
                                            pcpver.rc
                                            ${LIBRARY_HEADERS}
                                            ${LIBRARY_C_SOURCES_${opt}}
+                                           ${IPPCP_FIPS_CERT_LIBRARY_C_SOURCES}
                                            $<TARGET_OBJECTS:${IPPCP_DYN_ITER_ASMOBJS}>)
 
       set_target_properties(${IPPCP_DYN_ITER} PROPERTIES LINK_FLAGS ${LINK_FLAG_DYNAMIC_WINDOWS})
@@ -383,6 +395,7 @@ foreach(opt ${PLATFORM_LIST})
       add_library(${IPPCP_DYN_ITER_ASMOBJS} OBJECT ${LIBRARY_ASM_SOURCES_${opt}})
       add_library(${IPPCP_DYN_ITER} SHARED ${LIBRARY_HEADERS}
                                            ${LIBRARY_C_SOURCES_${opt}}
+                                           ${IPPCP_FIPS_CERT_LIBRARY_C_SOURCES}
                                            $<TARGET_OBJECTS:${IPPCP_DYN_ITER_ASMOBJS}>)
       if(APPLE)
         ## gres: copy LINK_FLAG_DYNAMIC_LINUX
@@ -433,14 +446,15 @@ foreach(opt ${PLATFORM_LIST})
   set(IPPCP_ST_ITER ${TARGET_NAME}_s_${opt})
   set(IPPCP_ST_ITER_ASMOBJS ${TARGET_NAME}_s_${opt}-asmobjs)
   if(MERGED_BLD)
-    add_library(${IPPCP_ST_ITER} OBJECT ${LIBRARY_HEADERS} ${LIBRARY_C_SOURCES_${opt}})
+    add_library(${IPPCP_ST_ITER} OBJECT ${LIBRARY_HEADERS} ${LIBRARY_C_SOURCES_${opt}} ${IPPCP_FIPS_CERT_LIBRARY_C_SOURCES})
     add_library(${IPPCP_ST_ITER_ASMOBJS} OBJECT ${LIBRARY_ASM_SOURCES_${opt}})
     set(merged_dependency ${merged_dependency} $<TARGET_OBJECTS:${IPPCP_ST_ITER}>
                                                $<TARGET_OBJECTS:${IPPCP_ST_ITER_ASMOBJS}>)
   else()
     add_library(${IPPCP_ST_ITER_ASMOBJS} OBJECT ${LIBRARY_ASM_SOURCES_${opt}})
     add_library(${IPPCP_ST_ITER} STATIC ${LIBRARY_HEADERS}
                                         ${LIBRARY_C_SOURCES_${opt}}
+                                        ${IPPCP_FIPS_CERT_LIBRARY_C_SOURCES}
                                         $<TARGET_OBJECTS:${IPPCP_ST_ITER_ASMOBJS}>)
   endif()
 

sources/ippcp/asm_intel64/pcpaesgcme9as.asm

@@ -248,7 +248,7 @@ IPPASM AesGcmPrecompute_avx,PUBLIC
 %xdefine pPrecomData rdi ; (rdi) pointer to the reflected multipliers reflect(hkey),(hkey<<1), (hkey^2)<<1, (hkey^4)<<1,
 %xdefine pHKey       rsi ; (rsi) pointer to the Hkey value
 
-   movdqu   xmm0, oword [pHKey] ;  xmm0 holds HashKey
+   movdqu   xmm0, oword [rel pHKey] ;  xmm0 holds HashKey
    pshufb   xmm0, [rel SHUF_CONST]
   ;movdqu   oword [pPrecomData+sizeof_oword_*0], xmm0
 
@@ -296,7 +296,7 @@ IPPASM AesGcmPrecompute_avx2_vaes,PUBLIC
 %xdefine pPrecomputedData rdi ; (rdi) pointer to the reflected multipliers reflect(hkey),(hkey<<1), (hkey^2)<<1, (hkey^4)<<1,
 %xdefine pHKey       rsi ; (rsi) pointer to the Hkey value
 
-   movdqu   xmm0, oword [pHKey] ;  xmm0 holds HashKey
+   movdqu   xmm0, oword [rel pHKey] ;  xmm0 holds HashKey
    pshufb   xmm0, [rel SHUF_CONST]
 
    ; precompute HashKey<<1 mod poly from the HashKey
@@ -381,14 +381,14 @@ IPPASM AesGcmMulGcm_avx,PUBLIC
 %xdefine pHash   rdi         ; (rdi) pointer to the Hash value
 %xdefine pHKey   rsi         ; (rsi) pointer to the (hkey<<1) value
 
-   movdqa   xmm0, oword [pHash]
+   movdqa   xmm0, oword [rel pHash]
    pshufb   xmm0, [rel SHUF_CONST]
-   movdqa   xmm1, oword [pHKey]
+   movdqa   xmm1, oword [rel pHKey]
 
    sse_clmul_gcm  xmm0, xmm1, xmm2, xmm3, xmm4  ; xmm0 holds Hash*HKey mod poly
 
    pshufb   xmm0, [rel SHUF_CONST]
-   movdqa   oword [pHash], xmm0
+   movdqa   oword [rel pHash], xmm0
 
    REST_XMM
    REST_GPR
@@ -413,15 +413,15 @@ IPPASM AesGcmAuth_avx,PUBLIC
 
 %assign  BYTES_PER_BLK (16)
 
-   movdqa   xmm0, oword [pHash]
+   movdqa   xmm0, oword [rel pHash]
    pshufb   xmm0, [rel SHUF_CONST]
-   movdqa   xmm1, oword [pHKey]
+   movdqa   xmm1, oword [rel pHKey]
 
    movsxd   rdx, edx
 
 align IPP_ALIGN_FACTOR
 .auth_loop:
-   movdqu   xmm2, oword [pSrc]  ; src[]
+   movdqu   xmm2, oword [rel pSrc]  ; src[]
    pshufb   xmm2, [rel SHUF_CONST]
    add      pSrc, BYTES_PER_BLK
    pxor     xmm0, xmm2              ; hash ^= src[]

sources/ippcp/crypto_mb/include/crypto_mb/defs.h

@@ -33,8 +33,8 @@ typedef unsigned long long int64u;
       #define __ALIGN64 __attribute__((aligned(64)))
    #endif
 
-   #if !defined(__MBX_INLINE)
-      #define __MBX_INLINE static __inline__
+   #if !defined(__INLINE)
+      #define __INLINE static __inline__
    #endif
 
    #if !defined(__NOINLINE)
@@ -45,8 +45,8 @@ typedef unsigned long long int64u;
       #define __ALIGN64 __declspec(align(64))
    #endif
 
-   #if !defined(__MBX_INLINE)
-      #define __MBX_INLINE static __forceinline
+   #if !defined(__INLINE)
+      #define __INLINE static __forceinline
    #endif
 
    #if !defined(__NOINLINE)