diff --git a/src/ssl.c b/src/ssl.c index 6aed893c6..6479eab9f 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -19567,13 +19567,23 @@ void wolfSSL_AES_cbc_encrypt(const unsigned char *in, unsigned char* out, } -/* @TODO - * STUB function +/* Encrypt data using CFB mode with key and iv passed in. iv gets updated to + * most recent iv state after encryptiond/decryption. + * + * in buffer to encrypt/decyrpt + * out buffer to hold result of encryption/decryption + * len length of input buffer + * key AES structure to use with encryption/decryption + * iv iv to use with operation + * num contains the amount of block used + * enc AES_ENCRPT for encryption and AES_DECRYPT for decryption */ void wolfSSL_AES_cfb128_encrypt(const unsigned char *in, unsigned char* out, size_t len, AES_KEY *key, unsigned char* iv, int* num, const int enc) { +#ifndef HAVE_AES_CFB + WOLFSSL_MSG("CFB mode not enabled please use macro HAVE_AES_CFB"); (void)in; (void)out; (void)len; @@ -19581,7 +19591,40 @@ void wolfSSL_AES_cfb128_encrypt(const unsigned char *in, unsigned char* out, (void)iv; (void)num; (void)enc; - WOLFSSL_STUB("wolfSSL_AES_cfb128_encrypt"); + + return; +#else + Aes* aes; + + WOLFSSL_ENTER("wolfSSL_AES_cbc_encrypt"); + if (key == NULL || in == NULL || out == NULL || iv == NULL) { + WOLFSSL_MSG("Error, Null argument passed in"); + return; + } + + aes = (Aes*)key; + if (wc_AesSetIV(aes, (const byte*)iv) != 0) { + WOLFSSL_MSG("Error with setting iv"); + return; + } + + if (enc == AES_ENCRYPT) { + if (wc_AesCfbEncrypt(aes, out, in, (word32)len) != 0) { + WOLFSSL_MSG("Error with AES CBC encrypt"); + } + } + else { + if (wc_AesCfbDecrypt(aes, out, in, (word32)len) != 0) { + WOLFSSL_MSG("Error with AES CBC decrypt"); + } + } + + /* to be compatible copy iv to iv buffer after completing operation */ + XMEMCPY(iv, (byte*)(aes->reg), AES_BLOCK_SIZE); + + /* store number of left over bytes to num */ + *num = (aes->left)? AES_BLOCK_SIZE - aes->left : 0; +#endif /* HAVE_AES_CFB */ } #endif /* NO_AES */ diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c index d3dc495a8..32c5ccaa0 100644 --- a/wolfcrypt/src/aes.c +++ b/wolfcrypt/src/aes.c @@ -2209,7 +2209,7 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock) checkAESNI = 1; } if (haveAESNI) { - #ifdef WOLFSSL_AES_COUNTER + #if defined(WOLFSSL_AES_COUNTER) || defined(HAVE_AES_CFB) aes->left = 0; #endif /* WOLFSSL_AES_COUNTER */ aes->use_aesni = 1; @@ -3062,8 +3062,8 @@ int wc_AesSetIV(Aes* aes, const byte* iv) /* CFB 128 */ int wc_AesCfbEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) { + byte* tmp = NULL; byte* reg = NULL; - byte* tmp; WOLFSSL_ENTER("wc_AesCfbEncrypt"); diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 9271d6398..26d0243cd 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -9944,6 +9944,543 @@ int srp_test(void) #if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY) +#if !defined(NO_AES) && !defined(WOLFCRYPT_ONLY) +static int openssl_aes_test(void) +{ +#ifdef HAVE_AES_CBC + { + /* EVP_CipherUpdate test */ + const byte cbcPlain[] = + { + 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96, + 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a, + 0xae,0x2d,0x8a,0x57,0x1e,0x03,0xac,0x9c, + 0x9e,0xb7,0x6f,0xac,0x45,0xaf,0x8e,0x51, + 0x30,0xc8,0x1c,0x46,0xa3,0x5c,0xe4,0x11, + 0xe5,0xfb,0xc1,0x19,0x1a,0x0a,0x52,0xef, + 0xf6,0x9f,0x24,0x45,0xdf,0x4f,0x9b,0x17, + 0xad,0x2b,0x41,0x7b,0xe6,0x6c,0x37,0x10 + }; + + byte key[] = "0123456789abcdef "; /* align */ + byte iv[] = "1234567890abcdef "; /* align */ + + byte cipher[AES_BLOCK_SIZE * 4]; + byte plain [AES_BLOCK_SIZE * 4]; + EVP_CIPHER_CTX en; + EVP_CIPHER_CTX de; + int outlen ; + int total = 0; + + EVP_CIPHER_CTX_init(&en); + if (EVP_CipherInit(&en, EVP_aes_128_cbc(), + (unsigned char*)key, (unsigned char*)iv, 1) == 0) + return -3401; + if (EVP_CipherUpdate(&en, (byte*)cipher, &outlen, + (byte*)cbcPlain, 9) == 0) + return -3402; + if (outlen != 0) + return -3403; + total += outlen; + + if (EVP_CipherUpdate(&en, (byte*)&cipher[total], &outlen, + (byte*)&cbcPlain[9] , 9) == 0) + return -3404; + if (outlen != 16) + return -3405; + total += outlen; + + if (EVP_CipherFinal(&en, (byte*)&cipher[total], &outlen) == 0) + return -3406; + if (outlen != 16) + return -3407; + total += outlen; + if (total != 32) + return 3408; + + total = 0; + EVP_CIPHER_CTX_init(&de); + if (EVP_CipherInit(&de, EVP_aes_128_cbc(), + (unsigned char*)key, (unsigned char*)iv, 0) == 0) + return -3420; + + if (EVP_CipherUpdate(&de, (byte*)plain, &outlen, (byte*)cipher, 6) == 0) + return -3421; + if (outlen != 0) + return -3422; + total += outlen; + + if (EVP_CipherUpdate(&de, (byte*)&plain[total], &outlen, + (byte*)&cipher[6], 12) == 0) + return -3423; + if (outlen != 0) + total += outlen; + + if (EVP_CipherUpdate(&de, (byte*)&plain[total], &outlen, + (byte*)&cipher[6+12], 14) == 0) + return -3423; + if (outlen != 16) + return -3424; + total += outlen; + + if (EVP_CipherFinal(&de, (byte*)&plain[total], &outlen) == 0) + return -3425; + if (outlen != 2) + return -3426; + total += outlen; + + if (total != 18) + return 3427; + + if (XMEMCMP(plain, cbcPlain, 18)) + return -3428; + } + + { /* evp_cipher test: EVP_aes_128_cbc */ + EVP_CIPHER_CTX ctx; + + const byte msg[] = { /* "Now is the time for all " w/o trailing 0 */ + 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, + 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, + 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 + }; + + const byte verify[] = + { + 0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53, + 0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb + }; + + byte key[] = "0123456789abcdef "; /* align */ + byte iv[] = "1234567890abcdef "; /* align */ + + byte cipher[AES_BLOCK_SIZE * 4]; + byte plain [AES_BLOCK_SIZE * 4]; + + EVP_CIPHER_CTX_init(&ctx); + if (EVP_CipherInit(&ctx, EVP_aes_128_cbc(), key, iv, 1) == 0) + return -81; + + if (EVP_Cipher(&ctx, cipher, (byte*)msg, 16) == 0) + return -82; + + if (XMEMCMP(cipher, verify, AES_BLOCK_SIZE)) + return -83; + + EVP_CIPHER_CTX_init(&ctx); + if (EVP_CipherInit(&ctx, EVP_aes_128_cbc(), key, iv, 0) == 0) + return -84; + + if (EVP_Cipher(&ctx, plain, cipher, 16) == 0) + return -85; + + if (XMEMCMP(plain, msg, AES_BLOCK_SIZE)) + return -86; + + + } /* end evp_cipher test: EVP_aes_128_cbc*/ +#endif /* HAVE_AES_CBC */ + +#ifdef HAVE_AES_ECB + { /* evp_cipher test: EVP_aes_128_ecb*/ + EVP_CIPHER_CTX ctx; + const byte msg[] = + { + 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96, + 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a + }; + + const byte verify[] = + { + 0xf3,0xee,0xd1,0xbd,0xb5,0xd2,0xa0,0x3c, + 0x06,0x4b,0x5a,0x7e,0x3d,0xb1,0x81,0xf8 + }; + + const byte key[] = + { + 0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe, + 0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81, + 0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7, + 0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4 + }; + + + byte cipher[AES_BLOCK_SIZE * 4]; + byte plain [AES_BLOCK_SIZE * 4]; + + EVP_CIPHER_CTX_init(&ctx); + if (EVP_CipherInit(&ctx, EVP_aes_256_ecb(), (unsigned char*)key, NULL, 1) == 0) + return -181; + + if (EVP_Cipher(&ctx, cipher, (byte*)msg, 16) == 0) + return -182; + + if (XMEMCMP(cipher, verify, AES_BLOCK_SIZE)) + return -183; + + EVP_CIPHER_CTX_init(&ctx); + if (EVP_CipherInit(&ctx, EVP_aes_256_ecb(), (unsigned char*)key, NULL, 0) == 0) + return -184; + + if (EVP_Cipher(&ctx, plain, cipher, 16) == 0) + return -185; + + if (XMEMCMP(plain, msg, AES_BLOCK_SIZE)) + return -186; + + } /* end evp_cipher test */ +#endif /* HAVE_AES_ECB */ + +#ifdef WOLFSSL_AES_DIRECT + /* enable HAVE_AES_DECRYPT for AES_encrypt/decrypt */ + { + /* Test: AES_encrypt/decrypt/set Key */ + AES_KEY enc; + #ifdef HAVE_AES_DECRYPT + AES_KEY dec; + #endif + + const byte msg[] = + { + 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96, + 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a + }; + + const byte verify[] = + { + 0xf3,0xee,0xd1,0xbd,0xb5,0xd2,0xa0,0x3c, + 0x06,0x4b,0x5a,0x7e,0x3d,0xb1,0x81,0xf8 + }; + + const byte key[] = + { + 0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe, + 0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81, + 0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7, + 0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4 + }; + + byte plain[sizeof(msg)]; + byte cipher[sizeof(msg)]; + + AES_set_encrypt_key(key, sizeof(key)*8, &enc); + AES_set_decrypt_key(key, sizeof(key)*8, &dec); + + AES_encrypt(msg, cipher, &enc); + + #ifdef HAVE_AES_DECRYPT + AES_decrypt(cipher, plain, &dec); + if (XMEMCMP(plain, msg, AES_BLOCK_SIZE)) + return -187; + #endif /* HAVE_AES_DECRYPT */ + + if (XMEMCMP(cipher, verify, AES_BLOCK_SIZE)) + return -188; + } +#endif /* WOLFSSL_AES_DIRECT */ + +/* EVP_Cipher with EVP_aes_xxx_ctr() */ +#ifdef WOLFSSL_AES_COUNTER + { + const byte ctrKey[] = + { + 0x2b,0x7e,0x15,0x16,0x28,0xae,0xd2,0xa6, + 0xab,0xf7,0x15,0x88,0x09,0xcf,0x4f,0x3c + }; + + const byte ctrIv[] = + { + 0xf0,0xf1,0xf2,0xf3,0xf4,0xf5,0xf6,0xf7, + 0xf8,0xf9,0xfa,0xfb,0xfc,0xfd,0xfe,0xff + }; + + + const byte ctrPlain[] = + { + 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96, + 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a, + 0xae,0x2d,0x8a,0x57,0x1e,0x03,0xac,0x9c, + 0x9e,0xb7,0x6f,0xac,0x45,0xaf,0x8e,0x51, + 0x30,0xc8,0x1c,0x46,0xa3,0x5c,0xe4,0x11, + 0xe5,0xfb,0xc1,0x19,0x1a,0x0a,0x52,0xef, + 0xf6,0x9f,0x24,0x45,0xdf,0x4f,0x9b,0x17, + 0xad,0x2b,0x41,0x7b,0xe6,0x6c,0x37,0x10 + }; + + const byte ctrCipher[] = + { + 0x87,0x4d,0x61,0x91,0xb6,0x20,0xe3,0x26, + 0x1b,0xef,0x68,0x64,0x99,0x0d,0xb6,0xce, + 0x98,0x06,0xf6,0x6b,0x79,0x70,0xfd,0xff, + 0x86,0x17,0x18,0x7b,0xb9,0xff,0xfd,0xff, + 0x5a,0xe4,0xdf,0x3e,0xdb,0xd5,0xd3,0x5e, + 0x5b,0x4f,0x09,0x02,0x0d,0xb0,0x3e,0xab, + 0x1e,0x03,0x1d,0xda,0x2f,0xbe,0x03,0xd1, + 0x79,0x21,0x70,0xa0,0xf3,0x00,0x9c,0xee + }; + + byte plainBuff [64]; + byte cipherBuff[64]; + + const byte oddCipher[] = + { + 0xb9,0xd7,0xcb,0x08,0xb0,0xe1,0x7b,0xa0, + 0xc2 + }; + + + /* test vector from "Recommendation for Block Cipher Modes of Operation" + * NIST Special Publication 800-38A */ + const byte ctr192Key[] = + { + 0x8e,0x73,0xb0,0xf7,0xda,0x0e,0x64,0x52, + 0xc8,0x10,0xf3,0x2b,0x80,0x90,0x79,0xe5, + 0x62,0xf8,0xea,0xd2,0x52,0x2c,0x6b,0x7b + }; + + const byte ctr192Iv[] = + { + 0xf0,0xf1,0xf2,0xf3,0xf4,0xf5,0xf6,0xf7, + 0xf8,0xf9,0xfa,0xfb,0xfc,0xfd,0xfe,0xff + }; + + + const byte ctr192Plain[] = + { + 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96, + 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a + }; + + const byte ctr192Cipher[] = + { + 0x1a,0xbc,0x93,0x24,0x17,0x52,0x1c,0xa2, + 0x4f,0x2b,0x04,0x59,0xfe,0x7e,0x6e,0x0b + }; + + /* test vector from "Recommendation for Block Cipher Modes of Operation" + * NIST Special Publication 800-38A */ + const byte ctr256Key[] = + { + 0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe, + 0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81, + 0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7, + 0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4 + }; + + const byte ctr256Iv[] = + { + 0xf0,0xf1,0xf2,0xf3,0xf4,0xf5,0xf6,0xf7, + 0xf8,0xf9,0xfa,0xfb,0xfc,0xfd,0xfe,0xff + }; + + + const byte ctr256Plain[] = + { + 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96, + 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a + }; + + const byte ctr256Cipher[] = + { + 0x60,0x1e,0xc3,0x13,0x77,0x57,0x89,0xa5, + 0xb7,0xa7,0xf5,0x04,0xbb,0xf3,0xd2,0x28 + }; + + EVP_CIPHER_CTX en; + EVP_CIPHER_CTX de; + EVP_CIPHER_CTX *p_en; + EVP_CIPHER_CTX *p_de; + + EVP_CIPHER_CTX_init(&en); + if (EVP_CipherInit(&en, EVP_aes_128_ctr(), + (unsigned char*)ctrKey, (unsigned char*)ctrIv, 0) == 0) + return -3300; + if (EVP_Cipher(&en, (byte*)cipherBuff, (byte*)ctrPlain, + AES_BLOCK_SIZE*4) == 0) + return -3301; + EVP_CIPHER_CTX_init(&de); + if (EVP_CipherInit(&de, EVP_aes_128_ctr(), + (unsigned char*)ctrKey, (unsigned char*)ctrIv, 0) == 0) + return -3302; + + if (EVP_Cipher(&de, (byte*)plainBuff, (byte*)cipherBuff, + AES_BLOCK_SIZE*4) == 0) + return -3303; + + if (XMEMCMP(cipherBuff, ctrCipher, AES_BLOCK_SIZE*4)) + return -3304; + if (XMEMCMP(plainBuff, ctrPlain, AES_BLOCK_SIZE*4)) + return -3305; + + p_en = wolfSSL_EVP_CIPHER_CTX_new(); + if (p_en == NULL) + return -3390; + p_de = wolfSSL_EVP_CIPHER_CTX_new(); + if (p_de == NULL) + return -3391; + + if (EVP_CipherInit(p_en, EVP_aes_128_ctr(), + (unsigned char*)ctrKey, (unsigned char*)ctrIv, 0) == 0) + return -3392; + if (EVP_Cipher(p_en, (byte*)cipherBuff, (byte*)ctrPlain, + AES_BLOCK_SIZE*4) == 0) + return -3393; + if (EVP_CipherInit(p_de, EVP_aes_128_ctr(), + (unsigned char*)ctrKey, (unsigned char*)ctrIv, 0) == 0) + return -3394; + + if (EVP_Cipher(p_de, (byte*)plainBuff, (byte*)cipherBuff, + AES_BLOCK_SIZE*4) == 0) + return -3395; + + wolfSSL_EVP_CIPHER_CTX_free(p_en); + wolfSSL_EVP_CIPHER_CTX_free(p_de); + + if (XMEMCMP(cipherBuff, ctrCipher, AES_BLOCK_SIZE*4)) + return -3396; + if (XMEMCMP(plainBuff, ctrPlain, AES_BLOCK_SIZE*4)) + return -3397; + + EVP_CIPHER_CTX_init(&en); + if (EVP_CipherInit(&en, EVP_aes_128_ctr(), + (unsigned char*)ctrKey, (unsigned char*)ctrIv, 0) == 0) + return -3306; + if (EVP_Cipher(&en, (byte*)cipherBuff, (byte*)ctrPlain, 9) == 0) + return -3307; + + EVP_CIPHER_CTX_init(&de); + if (EVP_CipherInit(&de, EVP_aes_128_ctr(), + (unsigned char*)ctrKey, (unsigned char*)ctrIv, 0) == 0) + return -3308; + + if (EVP_Cipher(&de, (byte*)plainBuff, (byte*)cipherBuff, 9) == 0) + return -3309; + + if (XMEMCMP(plainBuff, ctrPlain, 9)) + return -3310; + if (XMEMCMP(cipherBuff, ctrCipher, 9)) + return -3311; + + if (EVP_Cipher(&en, (byte*)cipherBuff, (byte*)ctrPlain, 9) == 0) + return -3312; + if (EVP_Cipher(&de, (byte*)plainBuff, (byte*)cipherBuff, 9) == 0) + return -3313; + + if (XMEMCMP(plainBuff, ctrPlain, 9)) + return -3314; + if (XMEMCMP(cipherBuff, oddCipher, 9)) + return -3315; + + EVP_CIPHER_CTX_init(&en); + if (EVP_CipherInit(&en, EVP_aes_192_ctr(), + (unsigned char*)ctr192Key, (unsigned char*)ctr192Iv, 0) == 0) + return -3316; + if (EVP_Cipher(&en, (byte*)cipherBuff, (byte*)ctr192Plain, + AES_BLOCK_SIZE) == 0) + return -3317; + EVP_CIPHER_CTX_init(&de); + if (EVP_CipherInit(&de, EVP_aes_192_ctr(), + (unsigned char*)ctr192Key, (unsigned char*)ctr192Iv, 0) == 0) + return -3318; + + XMEMSET(plainBuff, 0, sizeof(plainBuff)); + if (EVP_Cipher(&de, (byte*)plainBuff, (byte*)cipherBuff, + AES_BLOCK_SIZE) == 0) + return -3319; + + if (XMEMCMP(plainBuff, ctr192Plain, sizeof(ctr192Plain))) + return -3320; + if (XMEMCMP(ctr192Cipher, cipherBuff, sizeof(ctr192Cipher))) + return -3321; + + EVP_CIPHER_CTX_init(&en); + if (EVP_CipherInit(&en, EVP_aes_256_ctr(), + (unsigned char*)ctr256Key, (unsigned char*)ctr256Iv, 0) == 0) + return -3322; + if (EVP_Cipher(&en, (byte*)cipherBuff, (byte*)ctr256Plain, + AES_BLOCK_SIZE) == 0) + return -3323; + EVP_CIPHER_CTX_init(&de); + if (EVP_CipherInit(&de, EVP_aes_256_ctr(), + (unsigned char*)ctr256Key, (unsigned char*)ctr256Iv, 0) == 0) + return -3324; + + XMEMSET(plainBuff, 0, sizeof(plainBuff)); + if (EVP_Cipher(&de, (byte*)plainBuff, (byte*)cipherBuff, + AES_BLOCK_SIZE) == 0) + return -3325; + + if (XMEMCMP(plainBuff, ctr256Plain, sizeof(ctr256Plain))) + return -3326; + if (XMEMCMP(ctr256Cipher, cipherBuff, sizeof(ctr256Cipher))) + return -3327; + } +#endif /* HAVE_AES_COUNTER */ + +#ifdef HAVE_AES_CFB + { + AES_KEY enc; + AES_KEY dec; + + const byte setIv[] = { + 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07, + 0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f + }; + + const byte key[] = + { + 0x2b,0x7e,0x15,0x16,0x28,0xae,0xd2,0xa6, + 0xab,0xf7,0x15,0x88,0x09,0xcf,0x4f,0x3c + }; + + const byte cipher1[] = + { + 0x3b,0x3f,0xd9,0x2e,0xb7,0x2d,0xad,0x20, + 0x33,0x34,0x49,0xf8,0xe8,0x3c,0xfb,0x4a, + 0xc8,0xa6,0x45,0x37,0xa0,0xb3,0xa9,0x3f, + 0xcd,0xe3,0xcd,0xad,0x9f,0x1c,0xe5,0x8b + }; + + const byte msg[] = + { + 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96, + 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a, + 0xae,0x2d,0x8a,0x57,0x1e,0x03,0xac,0x9c, + 0x9e,0xb7,0x6f,0xac,0x45,0xaf,0x8e,0x51 + }; + + byte cipher[AES_BLOCK_SIZE * 2]; + byte iv[AES_BLOCK_SIZE]; /* iv buffer is updeated by API */ + int num = 0; + + XMEMCPY(iv, setIv, sizeof(setIv)); + wolfSSL_AES_set_encrypt_key(key, sizeof(key) * 8, &enc); + wolfSSL_AES_set_encrypt_key(key, sizeof(key) * 8, &dec); + + wolfSSL_AES_cfb128_encrypt(msg, cipher, AES_BLOCK_SIZE - 1, &enc, iv, + &num, AES_ENCRYPT); + + if (XMEMCMP(cipher, cipher1, AES_BLOCK_SIZE - 1)) + return -3328; + + if (num != 15) /* should have used 15 of the 16 bytes */ + return -3329; + + wolfSSL_AES_cfb128_encrypt(msg + AES_BLOCK_SIZE - 1, + cipher + AES_BLOCK_SIZE - 1, AES_BLOCK_SIZE + 1, &enc, iv, + &num, AES_ENCRYPT); + + if (XMEMCMP(cipher, cipher1, AES_BLOCK_SIZE * 2)) + return -3330; + + if (num != 0) + return -3331; + } +#endif /* HAVE_AES_CFB */ + return 0; +} +#endif /* !defined(NO_AES) && !defined(WOLFCRYPT_ONLY) */ + int openssl_test(void) { EVP_MD_CTX md_ctx; @@ -10162,7 +10699,10 @@ int openssl_test(void) #endif /* NO_DES3 */ -#ifndef NO_AES + #if !defined(NO_AES) && !defined(WOLFCRYPT_ONLY) + if (openssl_aes_test() != 0) + return -3429; + #endif { /* evp_cipher test: EVP_aes_128_cbc */ EVP_CIPHER_CTX ctx; @@ -10297,8 +10837,6 @@ int openssl_test(void) } /* end evp_cipher test */ #endif -#endif /* NO_AES */ - #define OPENSSL_TEST_ERROR (-10000)