diff --git a/src/ssl.c b/src/ssl.c index 7e8825105..1cf34d13c 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -4608,6 +4608,7 @@ static int wolfssl_encrypt_buffer_key(byte* der, word32 derSz, byte* password, ret = wc_Des_CbcEncryptWithKey(der, der, derSz, key, info->iv); else if (XSTRNCMP(info->name, EVP_DES_EDE3_CBC, EVP_DES_EDE3_SIZE) == 0) ret = wc_Des3_CbcEncryptWithKey(der, der, derSz, key, info->iv); + else #endif /* NO_DES3 */ #ifndef NO_AES #ifdef WOLFSSL_AES_128 @@ -16190,14 +16191,11 @@ const char* wolfSSL_get_curve_name(WOLFSSL* ssl) #endif -#if defined(OPENSSL_EXTRA_X509_SMALL) +#if defined(OPENSSL_EXTRA_X509_SMALL) || defined(KEEP_PEER_CERT) || \ + defined(SESSION_CERTS) /* Smaller subset of X509 compatibility functions. Avoid increasing the size of * this subset and its memory usage */ -#ifdef HAVE_ECC - static int SetECKeyExternal(WOLFSSL_EC_KEY* eckey); -#endif - #if !defined(NO_CERTS) /* returns a pointer to a new WOLFSSL_X509 structure on success and NULL on * fail @@ -16215,6 +16213,42 @@ WOLFSSL_X509* wolfSSL_X509_new() return x509; } +WOLFSSL_X509_NAME* wolfSSL_X509_get_subject_name(WOLFSSL_X509* cert) +{ + WOLFSSL_ENTER("wolfSSL_X509_get_subject_name"); + if (cert && cert->subject.sz != 0) + return &cert->subject; + return NULL; +} + + + +WOLFSSL_X509_NAME* wolfSSL_X509_get_issuer_name(WOLFSSL_X509* cert) +{ + WOLFSSL_ENTER("X509_get_issuer_name"); + if (cert && cert->issuer.sz != 0) + return &cert->issuer; + return NULL; +} + + +int wolfSSL_X509_get_signature_type(WOLFSSL_X509* x509) +{ + int type = 0; + + WOLFSSL_ENTER("wolfSSL_X509_get_signature_type"); + + if (x509 != NULL) + type = x509->sigOID; + + return type; +} + +#if defined(OPENSSL_EXTRA_X509_SMALL) +#ifdef HAVE_ECC + static int SetECKeyExternal(WOLFSSL_EC_KEY* eckey); +#endif + /* Used to get a string from the WOLFSSL_X509_NAME structure that * corresponds with the NID value passed in. * @@ -16297,37 +16331,6 @@ int wolfSSL_X509_NAME_get_text_by_NID(WOLFSSL_X509_NAME* name, } -WOLFSSL_X509_NAME* wolfSSL_X509_get_subject_name(WOLFSSL_X509* cert) -{ - WOLFSSL_ENTER("wolfSSL_X509_get_subject_name"); - if (cert && cert->subject.sz != 0) - return &cert->subject; - return NULL; -} - - - -WOLFSSL_X509_NAME* wolfSSL_X509_get_issuer_name(WOLFSSL_X509* cert) -{ - WOLFSSL_ENTER("X509_get_issuer_name"); - if (cert && cert->issuer.sz != 0) - return &cert->issuer; - return NULL; -} - - -int wolfSSL_X509_get_signature_type(WOLFSSL_X509* x509) -{ - int type = 0; - - WOLFSSL_ENTER("wolfSSL_X509_get_signature_type"); - - if (x509 != NULL) - type = x509->sigOID; - - return type; -} - /* Creates a new WOLFSSL_EVP_PKEY structure that has the public key from x509 * * returns a pointer to the created WOLFSSL_EVP_PKEY on success and NULL on fail @@ -16417,6 +16420,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_X509_get_pubkey(WOLFSSL_X509* x509) } return key; } +#endif /* OPENSSL_EXTRA_X509_SMALL */ #endif /* !NO_CERTS */ /* End of smaller subset of X509 compatibility functions. Avoid increasing the diff --git a/wolfcrypt/src/port/arm/armv8-aes.c b/wolfcrypt/src/port/arm/armv8-aes.c index 6838ffcb6..e0575a4a4 100644 --- a/wolfcrypt/src/port/arm/armv8-aes.c +++ b/wolfcrypt/src/port/arm/armv8-aes.c @@ -181,7 +181,8 @@ int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen, switch(keylen) { -#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 128 +#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 128 && \ + defined(WOLFSSL_AES_128) case 16: while (1) { @@ -199,7 +200,8 @@ int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen, break; #endif /* 128 */ -#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 192 +#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 192 && \ + defined(WOLFSSL_AES_192) case 24: /* for (;;) here triggers a bug in VC60 SP4 w/ Pro Pack */ while (1) @@ -220,7 +222,8 @@ int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen, break; #endif /* 192 */ -#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 256 +#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 256 && \ + defined(WOLFSSL_AES_256) case 32: while (1) { @@ -492,6 +495,7 @@ void wc_AesFree(Aes* aes) note: grouping AESE & AESMC together as pairs reduces latency */ switch(aes->rounds) { +#ifdef WOLFSSL_AES_128 case 10: /* AES 128 BLOCK */ __asm__ __volatile__ ( "MOV w11, %w[blocks] \n" @@ -542,7 +546,8 @@ void wc_AesFree(Aes* aes) "v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13" ); break; - +#endif /* WOLFSSL_AES_128 */ +#ifdef WOLFSSL_AES_192 case 12: /* AES 192 BLOCK */ __asm__ __volatile__ ( "MOV w11, %w[blocks] \n" @@ -599,7 +604,8 @@ void wc_AesFree(Aes* aes) "v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13", "v14" ); break; - +#endif /* WOLFSSL_AES_192*/ +#ifdef WOLFSSL_AES_256 case 14: /* AES 256 BLOCK */ __asm__ __volatile__ ( "MOV w11, %w[blocks] \n" @@ -662,7 +668,7 @@ void wc_AesFree(Aes* aes) "v16" ); break; - +#endif /* WOLFSSL_AES_256 */ default: WOLFSSL_MSG("Bad AES-CBC round value"); return BAD_FUNC_ARG; @@ -688,6 +694,7 @@ void wc_AesFree(Aes* aes) word32* reg = aes->reg; switch(aes->rounds) { +#ifdef WOLFSSL_AES_128 case 10: /* AES 128 BLOCK */ __asm__ __volatile__ ( "MOV w11, %w[blocks] \n" @@ -739,7 +746,8 @@ void wc_AesFree(Aes* aes) "v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13" ); break; - +#endif /* WOLFSSL_AES_128 */ +#ifdef WOLFSSL_AES_192 case 12: /* AES 192 BLOCK */ __asm__ __volatile__ ( "MOV w11, %w[blocks] \n" @@ -797,7 +805,8 @@ void wc_AesFree(Aes* aes) "v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15" ); break; - +#endif /* WOLFSSL_AES_192 */ +#ifdef WOLFSSL_AES_256 case 14: /* AES 256 BLOCK */ __asm__ __volatile__ ( "MOV w11, %w[blocks] \n" @@ -860,7 +869,7 @@ void wc_AesFree(Aes* aes) "v16", "v17" ); break; - +#endif /* WOLFSSL_AES_256 */ default: WOLFSSL_MSG("Bad AES-CBC round value"); return BAD_FUNC_ARG; @@ -914,6 +923,7 @@ void wc_AesFree(Aes* aes) byte* keyPt = (byte*)aes->key; sz -= numBlocks * AES_BLOCK_SIZE; switch(aes->rounds) { +#ifdef WOLFSSL_AES_128 case 10: /* AES 128 BLOCK */ __asm__ __volatile__ ( "MOV w11, %w[blocks] \n" @@ -1053,7 +1063,8 @@ void wc_AesFree(Aes* aes) "v6", "v7", "v8", "v9", "v10","v11","v12","v13","v14","v15" ); break; - +#endif /* WOLFSSL_AES_128 */ +#ifdef WOLFSSL_AES_192 case 12: /* AES 192 BLOCK */ __asm__ __volatile__ ( "MOV w11, %w[blocks] \n" @@ -1209,7 +1220,8 @@ void wc_AesFree(Aes* aes) "v16", "v17" ); break; - +#endif /* WOLFSSL_AES_192 */ +#ifdef WOLFSSL_AES_256 case 14: /* AES 256 BLOCK */ __asm__ __volatile__ ( "MOV w11, %w[blocks] \n" @@ -1378,7 +1390,7 @@ void wc_AesFree(Aes* aes) "v16", "v17", "v18", "v19" ); break; - +#endif /* WOLFSSL_AES_256 */ default: WOLFSSL_MSG("Bad AES-CTR round value"); return BAD_FUNC_ARG; @@ -1517,6 +1529,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, } +#ifdef WOLFSSL_AES_128 /* internal function : see wc_AesGcmEncrypt */ static int Aes128GcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz, const byte* iv, word32 ivSz, @@ -1832,8 +1845,9 @@ static int Aes128GcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz, } return 0; } +#endif /* WOLFSSL_AES_128 */ - +#ifdef WOLFSSL_AES_192 /* internal function : see wc_AesGcmEncrypt */ static int Aes192GcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz, const byte* iv, word32 ivSz, @@ -2164,8 +2178,9 @@ static int Aes192GcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz, return 0; } +#endif /* WOLFSSL_AES_192 */ - +#ifdef WOLFSSL_AES_256 /* internal function : see wc_AesGcmEncrypt */ static int Aes256GcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz, const byte* iv, word32 ivSz, @@ -2508,6 +2523,7 @@ static int Aes256GcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz, return 0; } +#endif /* WOLFSSL_AES_256 */ /* aarch64 with PMULL and PMULL2 @@ -2552,18 +2568,21 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz, } switch (aes->rounds) { +#ifdef WOLFSSL_AES_128 case 10: return Aes128GcmEncrypt(aes, out, in, sz, iv, ivSz, authTag, authTagSz, authIn, authInSz); - +#endif +#ifdef WOLFSSL_AES_192 case 12: return Aes192GcmEncrypt(aes, out, in, sz, iv, ivSz, authTag, authTagSz, authIn, authInSz); - +#endif +#ifdef WOLFSSL_AES_256 case 14: return Aes256GcmEncrypt(aes, out, in, sz, iv, ivSz, authTag, authTagSz, authIn, authInSz); - +#endif default: WOLFSSL_MSG("AES-GCM invalid round number"); return BAD_FUNC_ARG; @@ -2644,6 +2663,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, * an issue with call to encrypt/decrypt leftovers */ byte* keyPt = (byte*)aes->key; switch(aes->rounds) { +#ifdef WOLFSSL_AES_128 case 10: /* AES 128 BLOCK */ __asm__ __volatile__ ( "MOV w11, %w[blocks] \n" @@ -2707,7 +2727,8 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, "v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13", "v14" ); break; - +#endif +#ifdef WOLFSSL_AES_192 case 12: /* AES 192 BLOCK */ __asm__ __volatile__ ( "MOV w11, %w[blocks] \n" @@ -2777,6 +2798,8 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, "v16" ); break; +#endif /* WOLFSSL_AES_192 */ +#ifdef WOLFSSL_AES_256 case 14: /* AES 256 BLOCK */ __asm__ __volatile__ ( "MOV w11, %w[blocks] \n" @@ -2850,7 +2873,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, "v16", "v17", "v18", "v19" ); break; - +#endif /* WOLFSSL_AES_256 */ default: WOLFSSL_MSG("Bad AES-GCM round value"); return BAD_FUNC_ARG; @@ -3057,6 +3080,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, note: grouping AESE & AESMC together as pairs reduces latency */ switch(aes->rounds) { +#ifdef WOLFSSL_AES_128 case 10: /* AES 128 BLOCK */ __asm__ __volatile__ ( "MOV r11, %[blocks] \n" @@ -3116,7 +3140,8 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, "q6", "q7", "q8", "q9", "q10", "q11", "q12" ); break; - +#endif /* WOLFSSL_AES_128 */ +#ifdef WOLFSSL_AES_192 case 12: /* AES 192 BLOCK */ __asm__ __volatile__ ( "MOV r11, %[blocks] \n" @@ -3182,7 +3207,8 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, "q6", "q7", "q8", "q9", "q10", "q11", "q12", "q13", "q14" ); break; - +#endif /* WOLFSSL_AES_192 */ +#ifdef WOLFSSL_AES_256 case 14: /* AES 256 BLOCK */ __asm__ __volatile__ ( "MOV r11, %[blocks] \n" @@ -3255,7 +3281,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, "q6", "q7", "q8", "q9", "q10", "q11", "q12", "q13", "q14", "q15" ); break; - +#endif /* WOLFSSL_AES_256 */ default: WOLFSSL_MSG("Bad AES-CBC round value"); return BAD_FUNC_ARG; @@ -3280,6 +3306,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, word32* keyPt = aes->key; word32* regPt = aes->reg; switch(aes->rounds) { +#ifdef WOLFSSL_AES_128 case 10: /* AES 128 BLOCK */ __asm__ __volatile__ ( "MOV r11, %[blocks] \n" @@ -3341,7 +3368,8 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, "q6", "q7", "q8", "q9", "q10", "q11", "q12", "q13" ); break; - +#endif /* WOLFSSL_AES_128 */ +#ifdef WOLFSSL_AES_192 case 12: /* AES 192 BLOCK */ __asm__ __volatile__ ( "MOV r11, %[blocks] \n" @@ -3409,7 +3437,8 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, "q6", "q7", "q8", "q9", "q10", "q11", "q12", "q13", "q14", "q15" ); break; - +#endif /* WOLFSSL_AES_192 */ +#ifdef WOLFSSL_AES_256 case 14: /* AES 256 BLOCK */ __asm__ __volatile__ ( "MOV r11, %[blocks] \n" @@ -3484,7 +3513,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, "q6", "q7", "q8", "q9", "q10", "q11", "q12", "q13", "q14", "q15" ); break; - +#endif /* WOLFSSL_AES_256 */ default: WOLFSSL_MSG("Bad AES-CBC round value"); return BAD_FUNC_ARG; @@ -3539,6 +3568,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, word32* regPt = aes->reg; sz -= numBlocks * AES_BLOCK_SIZE; switch(aes->rounds) { +#ifdef WOLFSSL_AES_128 case 10: /* AES 128 BLOCK */ __asm__ __volatile__ ( "MOV r11, %[blocks] \n" @@ -3674,7 +3704,8 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, "q6", "q7", "q8", "q9", "q10","q11","q12","q13","q14", "q15" ); break; - +#endif /* WOLFSSL_AES_128 */ +#ifdef WOLFSSL_AES_192 case 12: /* AES 192 BLOCK */ __asm__ __volatile__ ( "MOV r11, %[blocks] \n" @@ -3833,7 +3864,8 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, "q6", "q7", "q8", "q9", "q10","q11","q12","q13","q14" ); break; - +#endif /* WOLFSSL_AES_192 */ +#ifdef WOLFSSL_AES_256 case 14: /* AES 256 BLOCK */ __asm__ __volatile__ ( "MOV r11, %[blocks] \n" @@ -4009,7 +4041,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, "q6", "q7", "q8", "q9", "q10","q11","q12","q13","q14" ); break; - +#endif /* WOLFSSL_AES_256 */ default: WOLFSSL_MSG("Bad AES-CTR round qalue"); return BAD_FUNC_ARG; diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 591cfc03b..4e1ff46c5 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -5783,6 +5783,9 @@ int aes_test(void) wc_AesFree(&dec); #endif + (void)plain; + (void)cipher; + return ret; } @@ -6342,6 +6345,7 @@ int aesgcm_test(void) #endif /* WOLFSSL_AES_128 */ #endif /* ENABLE_NON_12BYTE_IV_TEST */ +#ifdef WOLFSSL_AES_256 XMEMSET(resultT, 0, sizeof(resultT)); XMEMSET(resultC, 0, sizeof(resultC)); XMEMSET(resultP, 0, sizeof(resultP)); @@ -6369,6 +6373,7 @@ int aesgcm_test(void) return -4324; if (XMEMCMP(p, resultP, sizeof(resultP))) return -4325; +#endif /* WOLFSSL_AES_256 */ wc_AesFree(&enc); return 0;