From 90b08761c41ea621323ebd8bb631b00fb666cd0b Mon Sep 17 00:00:00 2001 From: toddouska Date: Tue, 18 Mar 2014 12:28:54 -0700 Subject: [PATCH 1/6] fix benchmark output with 3 decimals --- ctaocrypt/benchmark/benchmark.c | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/ctaocrypt/benchmark/benchmark.c b/ctaocrypt/benchmark/benchmark.c index 8002986a7..28eba3eb8 100644 --- a/ctaocrypt/benchmark/benchmark.c +++ b/ctaocrypt/benchmark/benchmark.c @@ -295,7 +295,7 @@ void bench_aes(int show) #endif if (show) - printf("AES %d %s took %5.3f seconds, %6.3f MB/s\n", numBlocks, + printf("AES %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, blockType, total, persec); #ifdef HAVE_CAVIUM AesFreeCavium(&enc); @@ -332,7 +332,7 @@ void bench_aesgcm(void) persec = persec / 1024; #endif - printf("AES-GCM %d %s took %5.3f seconds, %6.3f MB/s\n", numBlocks, + printf("AES-GCM %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, blockType, total, persec); } #endif @@ -358,7 +358,7 @@ void bench_aesctr(void) persec = persec / 1024; #endif - printf("AES-CTR %d %s took %5.3f seconds, %6.3f MB/s\n", numBlocks, + printf("AES-CTR %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, blockType, total, persec); } #endif @@ -387,7 +387,7 @@ void bench_aesccm(void) persec = persec / 1024; #endif - printf("AES-CCM %d %s took %5.3f seconds, %6.3f MB/s\n", numBlocks, + printf("AES-CCM %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, blockType, total, persec); } #endif @@ -414,7 +414,7 @@ void bench_camellia(void) persec = persec / 1024; #endif - printf("Camellia %d %s took %5.3f seconds, %6.3f MB/s\n", numBlocks, + printf("Camellia %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, blockType, total, persec); } #endif @@ -445,7 +445,7 @@ void bench_des(void) persec = persec / 1024; #endif - printf("3DES %d %s took %5.3f seconds, %6.3f MB/s\n", numBlocks, + printf("3DES %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, blockType, total, persec); #ifdef HAVE_CAVIUM Des3_FreeCavium(&enc); @@ -479,7 +479,7 @@ void bench_arc4(void) persec = persec / 1024; #endif - printf("ARC4 %d %s took %5.3f seconds, %6.3f MB/s\n", numBlocks, + printf("ARC4 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, blockType, total, persec); #ifdef HAVE_CAVIUM Arc4FreeCavium(&enc); @@ -508,7 +508,7 @@ void bench_hc128(void) persec = persec / 1024; #endif - printf("HC128 %d %s took %5.3f seconds, %6.3f MB/s\n", numBlocks, + printf("HC128 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, blockType, total, persec); } #endif /* HAVE_HC128 */ @@ -534,7 +534,7 @@ void bench_rabbit(void) persec = persec / 1024; #endif - printf("RABBIT %d %s took %5.3f seconds, %6.3f MB/s\n", numBlocks, + printf("RABBIT %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, blockType, total, persec); } #endif /* NO_RABBIT */ @@ -563,7 +563,7 @@ void bench_md5(void) persec = persec / 1024; #endif - printf("MD5 %d %s took %5.3f seconds, %6.3f MB/s\n", numBlocks, + printf("MD5 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, blockType, total, persec); } #endif /* NO_MD5 */ @@ -592,7 +592,7 @@ void bench_sha(void) persec = persec / 1024; #endif - printf("SHA %d %s took %5.3f seconds, %6.3f MB/s\n", numBlocks, + printf("SHA %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, blockType, total, persec); } #endif /* NO_SHA */ @@ -621,7 +621,7 @@ void bench_sha256(void) persec = persec / 1024; #endif - printf("SHA-256 %d %s took %5.3f seconds, %6.3f MB/s\n", numBlocks, + printf("SHA-256 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, blockType, total, persec); } #endif @@ -649,7 +649,7 @@ void bench_sha512(void) persec = persec / 1024; #endif - printf("SHA-512 %d %s took %5.3f seconds, %6.3f MB/s\n", numBlocks, + printf("SHA-512 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, blockType, total, persec); } #endif @@ -677,7 +677,7 @@ void bench_ripemd(void) persec = persec / 1024; #endif - printf("RIPEMD %d %s took %5.3f seconds, %6.3f MB/s\n", numBlocks, + printf("RIPEMD %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, blockType, total, persec); } #endif @@ -706,7 +706,7 @@ void bench_blake2(void) persec = persec / 1024; #endif - printf("BLAKE2b %d %s took %5.3f seconds, %6.3f MB/s\n", numBlocks, + printf("BLAKE2b %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, blockType, total, persec); } #endif From 8bbc30f3e14fe9a14735cc15793b3ad3821c1373 Mon Sep 17 00:00:00 2001 From: toddouska Date: Wed, 19 Mar 2014 09:43:57 -0700 Subject: [PATCH 2/6] add fips enable switch --- .gitignore | 1 + configure.ac | 15 +++++++++++++++ ctaocrypt/src/fips.c | 1 + src/include.am | 4 ++++ 4 files changed, 21 insertions(+) create mode 100644 ctaocrypt/src/fips.c diff --git a/.gitignore b/.gitignore index 44ff8d102..4b3571f6a 100644 --- a/.gitignore +++ b/.gitignore @@ -30,6 +30,7 @@ tags .tags* cyassl-config cyassl.sublime* +fips.c ctaocrypt/benchmark/benchmark ctaocrypt/test/testctaocrypt examples/client/client diff --git a/configure.ac b/configure.ac index 46e52421e..f0ec16cea 100644 --- a/configure.ac +++ b/configure.ac @@ -1058,6 +1058,21 @@ fi AM_CONDITIONAL([BUILD_RABBIT], [test "x$ENABLED_RABBIT" = "xyes"]) +# FIPS +AC_ARG_ENABLE([fips], + [ --enable-fips Enable FIPS 140-2(default: disabled)], + [ ENABLED_FIPS=$enableval ], + [ ENABLED_FIPS=no ] + ) + +if test "x$ENABLED_FIPS" = "xyes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_FIPS" +fi + +AM_CONDITIONAL([BUILD_FIPS], [test "x$ENABLED_FIPS" = "xyes"]) + + # Filesystem Build AC_ARG_ENABLE([filesystem], [ --enable-filesystem Enable Filesystem support (default: enabled)], diff --git a/ctaocrypt/src/fips.c b/ctaocrypt/src/fips.c new file mode 100644 index 000000000..8c8c223e2 --- /dev/null +++ b/ctaocrypt/src/fips.c @@ -0,0 +1 @@ +/* dummy fips.c for distribution */ diff --git a/src/include.am b/src/include.am index e57f0f6fc..ce201cf2a 100644 --- a/src/include.am +++ b/src/include.am @@ -36,6 +36,10 @@ if BUILD_ASN src_libcyassl_la_SOURCES += ctaocrypt/src/asn.c endif +if BUILD_FIPS +src_libcyassl_la_SOURCES += ctaocrypt/src/fips.c +endif + if BUILD_CODING src_libcyassl_la_SOURCES += ctaocrypt/src/coding.c endif From be9451fbc5546c48c729ccef935a1a8c0e668c24 Mon Sep 17 00:00:00 2001 From: toddouska Date: Wed, 19 Mar 2014 09:55:20 -0700 Subject: [PATCH 3/6] rm --cahced didn't work to stop tracking --- ctaocrypt/src/fips.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ctaocrypt/src/fips.c b/ctaocrypt/src/fips.c index 8c8c223e2..8ef4c4276 100644 --- a/ctaocrypt/src/fips.c +++ b/ctaocrypt/src/fips.c @@ -1 +1 @@ -/* dummy fips.c for distribution */ +/* dummy fips.c */ From faecf7f8499aec8de511c2bd95921ef84bfe9869 Mon Sep 17 00:00:00 2001 From: toddouska Date: Wed, 19 Mar 2014 10:19:08 -0700 Subject: [PATCH 4/6] require thread local storage for power on self thread check --- configure.ac | 6 +++++- ctaocrypt/src/fips.c | 1 - 2 files changed, 5 insertions(+), 2 deletions(-) delete mode 100644 ctaocrypt/src/fips.c diff --git a/configure.ac b/configure.ac index f0ec16cea..634885ba2 100644 --- a/configure.ac +++ b/configure.ac @@ -1060,13 +1060,17 @@ AM_CONDITIONAL([BUILD_RABBIT], [test "x$ENABLED_RABBIT" = "xyes"]) # FIPS AC_ARG_ENABLE([fips], - [ --enable-fips Enable FIPS 140-2(default: disabled)], + [ --enable-fips Enable FIPS 140-2 (default: disabled)], [ ENABLED_FIPS=$enableval ], [ ENABLED_FIPS=no ] ) if test "x$ENABLED_FIPS" = "xyes" then + if test "$thread_ls_on" = "no" + then + AC_MSG_ERROR([FIPS requires Thread Local Storage]) + fi AM_CFLAGS="$AM_CFLAGS -DHAVE_FIPS" fi diff --git a/ctaocrypt/src/fips.c b/ctaocrypt/src/fips.c deleted file mode 100644 index 8ef4c4276..000000000 --- a/ctaocrypt/src/fips.c +++ /dev/null @@ -1 +0,0 @@ -/* dummy fips.c */ From 388436c53e7ac441c5ebeabb9a753bd375f34a6f Mon Sep 17 00:00:00 2001 From: toddouska Date: Wed, 19 Mar 2014 13:56:11 -0700 Subject: [PATCH 5/6] add AesSetKey fips mode --- ctaocrypt/benchmark/benchmark.c | 11 ++++- ctaocrypt/src/aes.c | 6 +++ ctaocrypt/test/test.c | 17 +++++-- cyassl/ctaocrypt/aes.h | 14 ++++++ src/keys.c | 34 +++++++++----- src/ssl.c | 80 +++++++++++++++++++++++---------- 6 files changed, 120 insertions(+), 42 deletions(-) diff --git a/ctaocrypt/benchmark/benchmark.c b/ctaocrypt/benchmark/benchmark.c index 28eba3eb8..734d5b4cb 100644 --- a/ctaocrypt/benchmark/benchmark.c +++ b/ctaocrypt/benchmark/benchmark.c @@ -274,13 +274,20 @@ void bench_aes(int show) Aes enc; double start, total, persec; int i; + int ret; #ifdef HAVE_CAVIUM - if (AesInitCavium(&enc, CAVIUM_DEV_ID) != 0) + if (AesInitCavium(&enc, CAVIUM_DEV_ID) != 0) { printf("aes init cavium failed\n"); + return; + } #endif - AesSetKey(&enc, key, 16, iv, AES_ENCRYPTION); + ret = AesSetKey(&enc, key, 16, iv, AES_ENCRYPTION); + if (ret != 0) { + printf("AesSetKey failed, ret = %d\n", ret); + return; + } start = current_time(1); for(i = 0; i < numBlocks; i++) diff --git a/ctaocrypt/src/aes.c b/ctaocrypt/src/aes.c index 02a15690a..3fd6bd70c 100644 --- a/ctaocrypt/src/aes.c +++ b/ctaocrypt/src/aes.c @@ -27,6 +27,11 @@ #ifndef NO_AES +#ifdef HAVE_FIPS + /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */ + #define FIPS_NO_WRAPPERS +#endif + #include #include #include @@ -46,6 +51,7 @@ #endif + #ifdef HAVE_CAVIUM static int AesCaviumSetKey(Aes* aes, const byte* key, word32 length, const byte* iv); diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index 32765a2cd..10da769bb 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -1860,6 +1860,7 @@ int aes_test(void) byte cipher[AES_BLOCK_SIZE * 4]; byte plain [AES_BLOCK_SIZE * 4]; + int ret; #ifdef HAVE_CAVIUM if (AesInitCavium(&enc, CAVIUM_DEV_ID) != 0) @@ -1867,8 +1868,12 @@ int aes_test(void) if (AesInitCavium(&dec, CAVIUM_DEV_ID) != 0) return -20004; #endif - AesSetKey(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION); - AesSetKey(&dec, key, AES_BLOCK_SIZE, iv, AES_DECRYPTION); + ret = AesSetKey(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION); + if (ret != 0) + return -1001; + ret = AesSetKey(&dec, key, AES_BLOCK_SIZE, iv, AES_DECRYPTION); + if (ret != 0) + return -1002; AesCbcEncrypt(&enc, cipher, msg, AES_BLOCK_SIZE); AesCbcDecrypt(&dec, plain, cipher, AES_BLOCK_SIZE); @@ -1990,13 +1995,17 @@ int aes_test(void) }; XMEMSET(cipher, 0, AES_BLOCK_SIZE); - AesSetKey(&enc, niKey, sizeof(niKey), cipher, AES_ENCRYPTION); + ret = AesSetKey(&enc, niKey, sizeof(niKey), cipher, AES_ENCRYPTION); + if (ret != 0) + return -1003; AesEncryptDirect(&enc, cipher, niPlain); if (XMEMCMP(cipher, niCipher, AES_BLOCK_SIZE) != 0) return -20006; XMEMSET(plain, 0, AES_BLOCK_SIZE); - AesSetKey(&dec, niKey, sizeof(niKey), plain, AES_DECRYPTION); + ret = AesSetKey(&dec, niKey, sizeof(niKey), plain, AES_DECRYPTION); + if (ret != 0) + return -1004; AesDecryptDirect(&dec, plain, niCipher); if (XMEMCMP(plain, niPlain, AES_BLOCK_SIZE) != 0) return -20007; diff --git a/cyassl/ctaocrypt/aes.h b/cyassl/ctaocrypt/aes.h index b08e4e86a..bc1cd5913 100644 --- a/cyassl/ctaocrypt/aes.h +++ b/cyassl/ctaocrypt/aes.h @@ -149,6 +149,20 @@ CYASSL_API int AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz, CYASSL_API void AesFreeCavium(Aes*); #endif + +#ifdef HAVE_FIPS + /* fips wrapper calls, user can call direct */ + CYASSL_API int AesSetKey_fips(Aes* aes, const byte* key, word32 len, + const byte* iv, int dir); + + #ifndef FIPS_NO_WRAPPERS + /* if not internal or fips.c consumer force fips calls if fips build */ + #define AesSetKey AesSetKey_fips + #endif /* FIPS_NO_WRAPPERS */ + +#endif /* HAVE_FIPS */ + + #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/src/keys.c b/src/keys.c index 1f43600d7..2a54f09f3 100644 --- a/src/keys.c +++ b/src/keys.c @@ -1614,6 +1614,8 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs, #ifdef BUILD_AES if (specs->bulk_cipher_algorithm == cyassl_aes) { + int aesRet = 0; + if (enc->aes == NULL) enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER); if (enc->aes == NULL) @@ -1635,20 +1637,28 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs, } #endif if (side == CYASSL_CLIENT_END) { - AesSetKey(enc->aes, keys->client_write_key, - specs->key_size, keys->client_write_IV, - AES_ENCRYPTION); - AesSetKey(dec->aes, keys->server_write_key, - specs->key_size, keys->server_write_IV, - AES_DECRYPTION); + aesRet = AesSetKey(enc->aes, keys->client_write_key, + specs->key_size, keys->client_write_IV, + AES_ENCRYPTION); + if (aesRet != 0) + return aesRet; + aesRet = AesSetKey(dec->aes, keys->server_write_key, + specs->key_size, keys->server_write_IV, + AES_DECRYPTION); + if (aesRet != 0) + return aesRet; } else { - AesSetKey(enc->aes, keys->server_write_key, - specs->key_size, keys->server_write_IV, - AES_ENCRYPTION); - AesSetKey(dec->aes, keys->client_write_key, - specs->key_size, keys->client_write_IV, - AES_DECRYPTION); + aesRet = AesSetKey(enc->aes, keys->server_write_key, + specs->key_size, keys->server_write_IV, + AES_ENCRYPTION); + if (aesRet != 0) + return aesRet; + aesRet = AesSetKey(dec->aes, keys->client_write_key, + specs->key_size, keys->client_write_IV, + AES_DECRYPTION); + if (aesRet != 0) + return aesRet; } enc->setup = 1; dec->setup = 1; diff --git a/src/ssl.c b/src/ssl.c index 101082fec..12f3d2b9f 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -2018,6 +2018,7 @@ int CyaSSL_Init(void) XFREE(der.buffer, heap, dynamicType); return ret; } + ret = 0; /* back to good status */ if (XSTRNCMP(info.name, "DES-CBC", 7) == 0) { Des enc; @@ -2031,23 +2032,34 @@ int CyaSSL_Init(void) } else if (XSTRNCMP(info.name, "AES-128-CBC", 13) == 0) { Aes enc; - AesSetKey(&enc, key, AES_128_KEY_SIZE, info.iv, AES_DECRYPTION); - AesCbcDecrypt(&enc, der.buffer, der.buffer, der.length); + ret = AesSetKey(&enc, key, AES_128_KEY_SIZE, info.iv, + AES_DECRYPTION); + if (ret == 0) + ret = AesCbcDecrypt(&enc, der.buffer,der.buffer,der.length); } else if (XSTRNCMP(info.name, "AES-192-CBC", 13) == 0) { Aes enc; - AesSetKey(&enc, key, AES_192_KEY_SIZE, info.iv, AES_DECRYPTION); - AesCbcDecrypt(&enc, der.buffer, der.buffer, der.length); + ret = AesSetKey(&enc, key, AES_192_KEY_SIZE, info.iv, + AES_DECRYPTION); + if (ret == 0) + ret = AesCbcDecrypt(&enc, der.buffer,der.buffer,der.length); } else if (XSTRNCMP(info.name, "AES-256-CBC", 13) == 0) { Aes enc; - AesSetKey(&enc, key, AES_256_KEY_SIZE, info.iv, AES_DECRYPTION); - AesCbcDecrypt(&enc, der.buffer, der.buffer, der.length); + ret = AesSetKey(&enc, key, AES_256_KEY_SIZE, info.iv, + AES_DECRYPTION); + if (ret == 0) + ret = AesCbcDecrypt(&enc, der.buffer,der.buffer,der.length); } else { XFREE(der.buffer, heap, dynamicType); return SSL_BAD_FILE; } + + if (ret != 0) { + XFREE(der.buffer, heap, dynamicType); + return ret; + } } #endif /* OPENSSL_EXTRA || HAVE_WEBSERVER */ @@ -6723,6 +6735,8 @@ int CyaSSL_set_compression(CYASSL* ssl) const CYASSL_EVP_CIPHER* type, byte* key, byte* iv, int enc) { + int ret = 0; + CYASSL_ENTER("CyaSSL_EVP_CipherInit"); if (ctx == NULL) { CYASSL_MSG("no ctx"); @@ -6741,9 +6755,12 @@ int CyaSSL_set_compression(CYASSL* ssl) ctx->keyLen = 16; if (enc == 0 || enc == 1) ctx->enc = enc ? 1 : 0; - if (key) - AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, - ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION); + if (key) { + ret = AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, + ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION); + if (ret != 0) + return ret; + } if (iv && key == NULL) AesSetIV(&ctx->cipher.aes, iv); } @@ -6754,9 +6771,12 @@ int CyaSSL_set_compression(CYASSL* ssl) ctx->keyLen = 24; if (enc == 0 || enc == 1) ctx->enc = enc ? 1 : 0; - if (key) - AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, - ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION); + if (key) { + ret = AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, + ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION); + if (ret != 0) + return ret; + } if (iv && key == NULL) AesSetIV(&ctx->cipher.aes, iv); } @@ -6767,9 +6787,12 @@ int CyaSSL_set_compression(CYASSL* ssl) ctx->keyLen = 32; if (enc == 0 || enc == 1) ctx->enc = enc ? 1 : 0; - if (key) - AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, - ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION); + if (key) { + ret = AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, + ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION); + if (ret != 0) + return ret; + } if (iv && key == NULL) AesSetIV(&ctx->cipher.aes, iv); } @@ -6781,9 +6804,12 @@ int CyaSSL_set_compression(CYASSL* ssl) ctx->keyLen = 16; if (enc == 0 || enc == 1) ctx->enc = enc ? 1 : 0; - if (key) - AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, - AES_ENCRYPTION); + if (key) { + ret = AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, + AES_ENCRYPTION); + if (ret != 0) + return ret; + } if (iv && key == NULL) AesSetIV(&ctx->cipher.aes, iv); } @@ -6794,9 +6820,12 @@ int CyaSSL_set_compression(CYASSL* ssl) ctx->keyLen = 24; if (enc == 0 || enc == 1) ctx->enc = enc ? 1 : 0; - if (key) - AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, - AES_ENCRYPTION); + if (key) { + ret = AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, + AES_ENCRYPTION); + if (ret != 0) + return ret; + } if (iv && key == NULL) AesSetIV(&ctx->cipher.aes, iv); } @@ -6807,9 +6836,12 @@ int CyaSSL_set_compression(CYASSL* ssl) ctx->keyLen = 32; if (enc == 0 || enc == 1) ctx->enc = enc ? 1 : 0; - if (key) - AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, - AES_ENCRYPTION); + if (key) { + ret = AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, + AES_ENCRYPTION); + if (ret != 0) + return ret; + } if (iv && key == NULL) AesSetIV(&ctx->cipher.aes, iv); } From 58885b36ebf9bf3187028f5ed1c855da08a46e89 Mon Sep 17 00:00:00 2001 From: toddouska Date: Wed, 19 Mar 2014 16:43:52 -0700 Subject: [PATCH 6/6] add AesCbc fips mode --- ctaocrypt/test/test.c | 8 ++++++-- cyassl/ctaocrypt/aes.h | 9 +++++++-- cyassl/sniffer_error.h | 1 + cyassl/sniffer_error.rc | 1 + src/sniffer.c | 29 ++++++++++++++++++++++------- 5 files changed, 37 insertions(+), 11 deletions(-) diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index 10da769bb..0675d920e 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -1875,8 +1875,12 @@ int aes_test(void) if (ret != 0) return -1002; - AesCbcEncrypt(&enc, cipher, msg, AES_BLOCK_SIZE); - AesCbcDecrypt(&dec, plain, cipher, AES_BLOCK_SIZE); + ret = AesCbcEncrypt(&enc, cipher, msg, AES_BLOCK_SIZE); + if (ret != 0) + return -1005; + ret = AesCbcDecrypt(&dec, plain, cipher, AES_BLOCK_SIZE); + if (ret != 0) + return -1006; if (memcmp(plain, msg, AES_BLOCK_SIZE)) return -60; diff --git a/cyassl/ctaocrypt/aes.h b/cyassl/ctaocrypt/aes.h index bc1cd5913..371778b62 100644 --- a/cyassl/ctaocrypt/aes.h +++ b/cyassl/ctaocrypt/aes.h @@ -154,10 +154,15 @@ CYASSL_API int AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz, /* fips wrapper calls, user can call direct */ CYASSL_API int AesSetKey_fips(Aes* aes, const byte* key, word32 len, const byte* iv, int dir); - + CYASSL_API int AesCbcEncrypt_fips(Aes* aes, byte* out, const byte* in, + word32 sz); + CYASSL_API int AesCbcDecrypt_fips(Aes* aes, byte* out, const byte* in, + word32 sz); #ifndef FIPS_NO_WRAPPERS /* if not internal or fips.c consumer force fips calls if fips build */ - #define AesSetKey AesSetKey_fips + #define AesSetKey AesSetKey_fips + #define AesCbcEncrypt AesCbcEncrypt_fips + #define AesCbcDecrypt AesCbcDecrypt_fips #endif /* FIPS_NO_WRAPPERS */ #endif /* HAVE_FIPS */ diff --git a/cyassl/sniffer_error.h b/cyassl/sniffer_error.h index 586efcb7d..f8528668f 100644 --- a/cyassl/sniffer_error.h +++ b/cyassl/sniffer_error.h @@ -101,6 +101,7 @@ #define BAD_COMPRESSION_STR 67 #define BAD_DERIVE_STR 68 #define ACK_MISSED_STR 69 +#define BAD_DECRYPT 70 /* !!!! also add to msgTable in sniffer.c and .rc file !!!! */ diff --git a/cyassl/sniffer_error.rc b/cyassl/sniffer_error.rc index 6171f7849..516f7aa11 100644 --- a/cyassl/sniffer_error.rc +++ b/cyassl/sniffer_error.rc @@ -83,5 +83,6 @@ STRINGTABLE 67, "Bad Compression Type" 68, "Bad DeriveKeys Error" 69, "Saw ACK for Missing Packet Error" + 70, "Bad Decrypt Operation" } diff --git a/src/sniffer.c b/src/sniffer.c index 4f6d7c21d..85c00093e 100644 --- a/src/sniffer.c +++ b/src/sniffer.c @@ -224,7 +224,8 @@ static const char* const msgTable[] = "Bad Finished Message Processing", "Bad Compression Type", "Bad DeriveKeys Error", - "Saw ACK for Missing Packet Error" + "Saw ACK for Missing Packet Error", + "Bad Decrypt Operation" }; @@ -1557,9 +1558,11 @@ static int DoHandShake(const byte* input, int* sslBytes, } -/* Decrypt input into plain output */ -static void Decrypt(SSL* ssl, byte* output, const byte* input, word32 sz) +/* Decrypt input into plain output, 0 on success */ +static int Decrypt(SSL* ssl, byte* output, const byte* input, word32 sz) { + int ret = 0; + switch (ssl->specs.bulk_cipher_algorithm) { #ifdef BUILD_ARC4 case cyassl_rc4: @@ -1575,7 +1578,7 @@ static void Decrypt(SSL* ssl, byte* output, const byte* input, word32 sz) #ifdef BUILD_AES case cyassl_aes: - AesCbcDecrypt(ssl->decrypt.aes, output, input, sz); + ret = AesCbcDecrypt(ssl->decrypt.aes, output, input, sz); break; #endif @@ -1599,18 +1602,25 @@ static void Decrypt(SSL* ssl, byte* output, const byte* input, word32 sz) default: Trace(BAD_DECRYPT_TYPE); + ret = -1; break; } + + return ret; } /* Decrypt input message into output, adjust output steam if needed */ static const byte* DecryptMessage(SSL* ssl, const byte* input, word32 sz, - byte* output) + byte* output, int* error) { int ivExtra = 0; - Decrypt(ssl, output, input, sz); + int ret = Decrypt(ssl, output, input, sz); + if (ret != 0) { + *error = ret; + return NULL; + } ssl->keys.encryptSz = sz; if (ssl->options.tls1_1 && ssl->specs.cipher_type == block) { output += ssl->specs.block_size; /* go past TLSv1.1 IV */ @@ -2320,6 +2330,7 @@ static int ProcessMessage(const byte* sslFrame, SnifferSession* session, RecordLayerHeader rh; int rhSize = 0; int ret; + int errCode = 0; int decoded = 0; /* bytes stored for user in data */ int notEnough; /* notEnough bytes yet flag */ SSL* ssl = (session->flags.side == CYASSL_SERVER_END) ? @@ -2372,7 +2383,11 @@ doMessage: return -1; } sslFrame = DecryptMessage(ssl, sslFrame, rhSize, - ssl->buffers.outputBuffer.buffer); + ssl->buffers.outputBuffer.buffer, &errCode); + if (errCode != 0) { + SetError(BAD_DECRYPT, error, session, FATAL_ERROR_STATE); + return -1; + } } switch ((enum ContentType)rh.type) {