forked from wolfSSL/wolfssl
return values of DES set key and return block size for EVP block_size getter function
This commit is contained in:
Jacob Barthelmeh
36
src/ssl.c
36
src/ssl.c
@ -14812,13 +14812,15 @@ long wolfSSL_CTX_set_tlsext_opaque_prf_input_callback_arg(WOLFSSL_CTX* ctx,
|
|||||||
|
|
||||||
|
|
||||||
#ifndef NO_DES3
|
#ifndef NO_DES3
|
||||||
void wolfSSL_DES_set_key(WOLFSSL_const_DES_cblock* myDes,
|
/* 0 on success */
|
||||||
|
int wolfSSL_DES_set_key(WOLFSSL_const_DES_cblock* myDes,
|
||||||
WOLFSSL_DES_key_schedule* key)
|
WOLFSSL_DES_key_schedule* key)
|
||||||
{
|
{
|
||||||
#ifdef WOLFSSL_CHECK_DESKEY
|
#ifdef WOLFSSL_CHECK_DESKEY
|
||||||
wolfSSL_DES_set_key_checked(myDes, key);
|
return wolfSSL_DES_set_key_checked(myDes, key);
|
||||||
#else
|
#else
|
||||||
wolfSSL_DES_set_key_unchecked(myDes, key);
|
wolfSSL_DES_set_key_unchecked(myDes, key);
|
||||||
|
return 0;
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -14836,12 +14838,14 @@ static int DES_check(word32 mask, word32 mask2, unsigned char* key)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/* check that the key is odd parity and is not a weak key */
|
/* check that the key is odd parity and is not a weak key
|
||||||
void wolfSSL_DES_set_key_checked(WOLFSSL_const_DES_cblock* myDes,
|
* returns -1 if parity is wrong, -2 if weak/null key and 0 on success */
|
||||||
|
int wolfSSL_DES_set_key_checked(WOLFSSL_const_DES_cblock* myDes,
|
||||||
WOLFSSL_DES_key_schedule* key)
|
WOLFSSL_DES_key_schedule* key)
|
||||||
{
|
{
|
||||||
if (myDes == NULL || key == NULL) {
|
if (myDes == NULL || key == NULL) {
|
||||||
WOLFSSL_MSG("Bad argument passed to wolfSSL_DES_set_key_checked");
|
WOLFSSL_MSG("Bad argument passed to wolfSSL_DES_set_key_checked");
|
||||||
|
return -2;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
word32 i, mask, mask2;
|
word32 i, mask, mask2;
|
||||||
@ -14850,7 +14854,7 @@ void wolfSSL_DES_set_key_checked(WOLFSSL_const_DES_cblock* myDes,
|
|||||||
/* sanity check before call to DES_check */
|
/* sanity check before call to DES_check */
|
||||||
if (sz != (sizeof(word32) * 2)) {
|
if (sz != (sizeof(word32) * 2)) {
|
||||||
WOLFSSL_MSG("Unexpected WOLFSSL_DES_key_schedule size");
|
WOLFSSL_MSG("Unexpected WOLFSSL_DES_key_schedule size");
|
||||||
return;
|
return -2;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* check odd parity */
|
/* check odd parity */
|
||||||
@ -14865,7 +14869,7 @@ void wolfSSL_DES_set_key_checked(WOLFSSL_const_DES_cblock* myDes,
|
|||||||
((c >> 6) & 0x01) ^
|
((c >> 6) & 0x01) ^
|
||||||
((c >> 7) & 0x01)) != 1) {
|
((c >> 7) & 0x01)) != 1) {
|
||||||
WOLFSSL_MSG("Odd parity test fail");
|
WOLFSSL_MSG("Odd parity test fail");
|
||||||
return;
|
return -1;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -14876,25 +14880,25 @@ void wolfSSL_DES_set_key_checked(WOLFSSL_const_DES_cblock* myDes,
|
|||||||
mask = 0x01010101; mask2 = 0x01010101;
|
mask = 0x01010101; mask2 = 0x01010101;
|
||||||
if (DES_check(mask, mask2, *key)) {
|
if (DES_check(mask, mask2, *key)) {
|
||||||
WOLFSSL_MSG("Weak key found");
|
WOLFSSL_MSG("Weak key found");
|
||||||
return;
|
return -2;
|
||||||
}
|
}
|
||||||
|
|
||||||
mask = 0xFEFEFEFE; mask2 = 0xFEFEFEFE;
|
mask = 0xFEFEFEFE; mask2 = 0xFEFEFEFE;
|
||||||
if (DES_check(mask, mask2, *key)) {
|
if (DES_check(mask, mask2, *key)) {
|
||||||
WOLFSSL_MSG("Weak key found");
|
WOLFSSL_MSG("Weak key found");
|
||||||
return;
|
return -2;
|
||||||
}
|
}
|
||||||
|
|
||||||
mask = 0xE0E0E0E0; mask2 = 0xF1F1F1F1;
|
mask = 0xE0E0E0E0; mask2 = 0xF1F1F1F1;
|
||||||
if (DES_check(mask, mask2, *key)) {
|
if (DES_check(mask, mask2, *key)) {
|
||||||
WOLFSSL_MSG("Weak key found");
|
WOLFSSL_MSG("Weak key found");
|
||||||
return;
|
return -2;
|
||||||
}
|
}
|
||||||
|
|
||||||
mask = 0x1F1F1F1F; mask2 = 0x0E0E0E0E;
|
mask = 0x1F1F1F1F; mask2 = 0x0E0E0E0E;
|
||||||
if (DES_check(mask, mask2, *key)) {
|
if (DES_check(mask, mask2, *key)) {
|
||||||
WOLFSSL_MSG("Weak key found");
|
WOLFSSL_MSG("Weak key found");
|
||||||
return;
|
return -2;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* semi-weak *key check (list from same Nist paper) */
|
/* semi-weak *key check (list from same Nist paper) */
|
||||||
@ -14902,39 +14906,41 @@ void wolfSSL_DES_set_key_checked(WOLFSSL_const_DES_cblock* myDes,
|
|||||||
if (DES_check(mask, mask2, *key) ||
|
if (DES_check(mask, mask2, *key) ||
|
||||||
DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {
|
DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {
|
||||||
WOLFSSL_MSG("Weak key found");
|
WOLFSSL_MSG("Weak key found");
|
||||||
return;
|
return -2;
|
||||||
}
|
}
|
||||||
|
|
||||||
mask = 0x01E001E0; mask2 = 0x01F101F1;
|
mask = 0x01E001E0; mask2 = 0x01F101F1;
|
||||||
if (DES_check(mask, mask2, *key) ||
|
if (DES_check(mask, mask2, *key) ||
|
||||||
DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {
|
DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {
|
||||||
WOLFSSL_MSG("Weak key found");
|
WOLFSSL_MSG("Weak key found");
|
||||||
return;
|
return -2;
|
||||||
}
|
}
|
||||||
|
|
||||||
mask = 0x01FE01FE; mask2 = 0x01FE01FE;
|
mask = 0x01FE01FE; mask2 = 0x01FE01FE;
|
||||||
if (DES_check(mask, mask2, *key) ||
|
if (DES_check(mask, mask2, *key) ||
|
||||||
DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {
|
DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {
|
||||||
WOLFSSL_MSG("Weak key found");
|
WOLFSSL_MSG("Weak key found");
|
||||||
return;
|
return -2;
|
||||||
}
|
}
|
||||||
|
|
||||||
mask = 0x1FE01FE0; mask2 = 0x0EF10EF1;
|
mask = 0x1FE01FE0; mask2 = 0x0EF10EF1;
|
||||||
if (DES_check(mask, mask2, *key) ||
|
if (DES_check(mask, mask2, *key) ||
|
||||||
DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {
|
DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {
|
||||||
WOLFSSL_MSG("Weak key found");
|
WOLFSSL_MSG("Weak key found");
|
||||||
return;
|
return -2;
|
||||||
}
|
}
|
||||||
|
|
||||||
mask = 0x1FFE1FFE; mask2 = 0x0EFE0EFE;
|
mask = 0x1FFE1FFE; mask2 = 0x0EFE0EFE;
|
||||||
if (DES_check(mask, mask2, *key) ||
|
if (DES_check(mask, mask2, *key) ||
|
||||||
DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {
|
DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {
|
||||||
WOLFSSL_MSG("Weak key found");
|
WOLFSSL_MSG("Weak key found");
|
||||||
return;
|
return -2;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* passed tests, now copy over key */
|
/* passed tests, now copy over key */
|
||||||
XMEMCPY(key, myDes, sizeof(WOLFSSL_const_DES_cblock));
|
XMEMCPY(key, myDes, sizeof(WOLFSSL_const_DES_cblock));
|
||||||
|
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -2241,12 +2241,12 @@ static void test_wolfSSL_DES(void)
|
|||||||
/* check, check of odd parity */
|
/* check, check of odd parity */
|
||||||
XMEMSET(key, 4, sizeof(DES_key_schedule)); key[0] = 3; /*set even parity*/
|
XMEMSET(key, 4, sizeof(DES_key_schedule)); key[0] = 3; /*set even parity*/
|
||||||
XMEMSET(myDes, 5, sizeof(const_DES_cblock));
|
XMEMSET(myDes, 5, sizeof(const_DES_cblock));
|
||||||
DES_set_key_checked(&myDes, &key);
|
AssertIntEQ(DES_set_key_checked(&myDes, &key), -1);
|
||||||
AssertIntNE(key[0], myDes[0]); /* should not have copied over key */
|
AssertIntNE(key[0], myDes[0]); /* should not have copied over key */
|
||||||
|
|
||||||
/* set odd parity for success case */
|
/* set odd parity for success case */
|
||||||
key[0] = 4;
|
key[0] = 4;
|
||||||
DES_set_key_checked(&myDes, &key);
|
AssertIntEQ(DES_set_key_checked(&myDes, &key), 0);
|
||||||
for (i = 0; i < sizeof(DES_key_schedule); i++) {
|
for (i = 0; i < sizeof(DES_key_schedule); i++) {
|
||||||
AssertIntEQ(key[i], myDes[i]);
|
AssertIntEQ(key[i], myDes[i]);
|
||||||
}
|
}
|
||||||
@ -2254,7 +2254,7 @@ static void test_wolfSSL_DES(void)
|
|||||||
/* check weak key */
|
/* check weak key */
|
||||||
XMEMSET(key, 1, sizeof(DES_key_schedule));
|
XMEMSET(key, 1, sizeof(DES_key_schedule));
|
||||||
XMEMSET(myDes, 5, sizeof(const_DES_cblock));
|
XMEMSET(myDes, 5, sizeof(const_DES_cblock));
|
||||||
DES_set_key_checked(&myDes, &key);
|
AssertIntEQ(DES_set_key_checked(&myDes, &key), -2);
|
||||||
AssertIntNE(key[0], myDes[0]); /* should not have copied over key */
|
AssertIntNE(key[0], myDes[0]); /* should not have copied over key */
|
||||||
|
|
||||||
/* now do unchecked copy of a weak key over */
|
/* now do unchecked copy of a weak key over */
|
||||||
|
|||||||
@ -417,19 +417,22 @@ WOLFSSL_API int wolfSSL_EVP_CIPHER_block_size(const WOLFSSL_EVP_CIPHER *cipher)
|
|||||||
if (cipher == NULL) return BAD_FUNC_ARG;
|
if (cipher == NULL) return BAD_FUNC_ARG;
|
||||||
switch (cipherType(cipher)) {
|
switch (cipherType(cipher)) {
|
||||||
#if !defined(NO_AES) && defined(HAVE_AES_CBC)
|
#if !defined(NO_AES) && defined(HAVE_AES_CBC)
|
||||||
case AES_128_CBC_TYPE: return 16;
|
case AES_128_CBC_TYPE:
|
||||||
case AES_192_CBC_TYPE: return 24;
|
case AES_192_CBC_TYPE:
|
||||||
case AES_256_CBC_TYPE: return 32;
|
case AES_256_CBC_TYPE:
|
||||||
|
return AES_BLOCK_SIZE;
|
||||||
#endif
|
#endif
|
||||||
#if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER)
|
#if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER)
|
||||||
case AES_128_CTR_TYPE: return 16;
|
case AES_128_CTR_TYPE:
|
||||||
case AES_192_CTR_TYPE: return 24;
|
case AES_192_CTR_TYPE:
|
||||||
case AES_256_CTR_TYPE: return 32;
|
case AES_256_CTR_TYPE:
|
||||||
|
return AES_BLOCK_SIZE;
|
||||||
#endif
|
#endif
|
||||||
#if !defined(NO_AES) && defined(HAVE_AES_ECB)
|
#if !defined(NO_AES) && defined(HAVE_AES_ECB)
|
||||||
case AES_128_ECB_TYPE: return 16;
|
case AES_128_ECB_TYPE:
|
||||||
case AES_192_ECB_TYPE: return 24;
|
case AES_192_ECB_TYPE:
|
||||||
case AES_256_ECB_TYPE: return 32;
|
case AES_256_ECB_TYPE:
|
||||||
|
return AES_BLOCK_SIZE;
|
||||||
#endif
|
#endif
|
||||||
#ifndef NO_DES3
|
#ifndef NO_DES3
|
||||||
case DES_CBC_TYPE: return 8;
|
case DES_CBC_TYPE: return 8;
|
||||||
|
|||||||
@ -53,9 +53,9 @@ enum {
|
|||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
WOLFSSL_API void wolfSSL_DES_set_key(WOLFSSL_const_DES_cblock* myDes,
|
WOLFSSL_API int wolfSSL_DES_set_key(WOLFSSL_const_DES_cblock* myDes,
|
||||||
WOLFSSL_DES_key_schedule* key);
|
WOLFSSL_DES_key_schedule* key);
|
||||||
WOLFSSL_API void wolfSSL_DES_set_key_checked(WOLFSSL_const_DES_cblock* myDes,
|
WOLFSSL_API int wolfSSL_DES_set_key_checked(WOLFSSL_const_DES_cblock* myDes,
|
||||||
WOLFSSL_DES_key_schedule* key);
|
WOLFSSL_DES_key_schedule* key);
|
||||||
WOLFSSL_API void wolfSSL_DES_set_key_unchecked(WOLFSSL_const_DES_cblock*,
|
WOLFSSL_API void wolfSSL_DES_set_key_unchecked(WOLFSSL_const_DES_cblock*,
|
||||||
WOLFSSL_DES_key_schedule*);
|
WOLFSSL_DES_key_schedule*);
|
||||||
|
|||||||
Reference in New Issue
Block a user