forked from wolfSSL/wolfssl
Don't undef HAVE_GETADDRINFO as it disables defines in projects using wolfSSL
Change test_wolfssl_EVP_aes_gcm so that changing the tag will fail the authentication check
This commit is contained in:
Juliusz Sosinowicz
11
src/ssl.c
11
src/ssl.c
@@ -40956,19 +40956,30 @@ int wolfSSL_CTX_get_ex_new_index(long idx, void* arg, void* a, void* b,
|
||||
void* wolfSSL_CRYPTO_get_ex_data(void * const* ex_data, int idx)
|
||||
{
|
||||
WOLFSSL_ENTER("wolfSSL_CTX_get_ex_data");
|
||||
#ifdef MAX_EX_DATA
|
||||
if(ex_data && idx < MAX_EX_DATA && idx >= 0) {
|
||||
return ex_data[idx];
|
||||
}
|
||||
#else
|
||||
(void)ex_data;
|
||||
(void)idx;
|
||||
#endif
|
||||
return NULL;
|
||||
}
|
||||
|
||||
int wolfSSL_CRYPTO_set_ex_data(void** ex_data, int idx, void *data)
|
||||
{
|
||||
WOLFSSL_ENTER("wolfSSL_CRYPTO_set_ex_data");
|
||||
#ifdef MAX_EX_DATA
|
||||
if (ex_data && idx < MAX_EX_DATA && idx >= 0) {
|
||||
ex_data[idx] = data;
|
||||
return WOLFSSL_SUCCESS;
|
||||
}
|
||||
#else
|
||||
(void)ex_data;
|
||||
(void)idx;
|
||||
(void)data;
|
||||
#endif
|
||||
return WOLFSSL_FAILURE;
|
||||
}
|
||||
|
||||
|
||||
@@ -770,7 +770,7 @@ int wolfIO_TcpConnect(SOCKET_T* sockfd, const char* ip, word16 port, int to_sec)
|
||||
int ret = 0;
|
||||
SOCKADDR_S addr;
|
||||
int sockaddr_len = sizeof(SOCKADDR_IN);
|
||||
#ifdef HAVE_GETADDRINFO
|
||||
#ifndef WOLF_C99
|
||||
ADDRINFO hints;
|
||||
ADDRINFO* answer = NULL;
|
||||
char strPort[6];
|
||||
@@ -785,7 +785,8 @@ int wolfIO_TcpConnect(SOCKET_T* sockfd, const char* ip, word16 port, int to_sec)
|
||||
printf("TCP Connect: %s:%d\n", ip, port);
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_GETADDRINFO
|
||||
/* use gethostbyname for c99 */
|
||||
#ifndef WOLF_C99
|
||||
XMEMSET(&hints, 0, sizeof(hints));
|
||||
hints.ai_family = AF_UNSPEC;
|
||||
hints.ai_socktype = SOCK_STREAM;
|
||||
|
||||
45
tests/api.c
45
tests/api.c
@@ -29315,34 +29315,31 @@ static void test_wolfssl_EVP_aes_gcm(void)
|
||||
if (i == 0) {
|
||||
/* Default uses 96-bits IV length */
|
||||
#ifdef WOLFSSL_AES_128
|
||||
AssertIntEQ(1, EVP_EncryptInit_ex(&de[i], EVP_aes_128_gcm(), NULL, key, iv));
|
||||
AssertIntEQ(1, EVP_DecryptInit_ex(&de, EVP_aes_128_gcm(), NULL, NULL, NULL));
|
||||
#elif defined(WOLFSSL_AES_192)
|
||||
AssertIntEQ(1, EVP_EncryptInit_ex(&de[i], EVP_aes_192_gcm(), NULL, key, iv));
|
||||
AssertIntEQ(1, EVP_DecryptInit_ex(&de, EVP_aes_192_gcm(), NULL, NULL, NULL));
|
||||
#elif defined(WOLFSSL_AES_256)
|
||||
AssertIntEQ(1, EVP_EncryptInit_ex(&de[i], EVP_aes_256_gcm(), NULL, key, iv));
|
||||
AssertIntEQ(1, EVP_DecryptInit_ex(&de, EVP_aes_256_gcm(), NULL, NULL, NULL));
|
||||
#endif
|
||||
}
|
||||
else {
|
||||
#ifdef WOLFSSL_AES_128
|
||||
AssertIntEQ(1, EVP_EncryptInit_ex(&de[i], EVP_aes_128_gcm(), NULL, NULL, NULL));
|
||||
#elif defined(WOLFSSL_AES_192)
|
||||
AssertIntEQ(1, EVP_EncryptInit_ex(&de[i], EVP_aes_192_gcm(), NULL, NULL, NULL));
|
||||
#elif defined(WOLFSSL_AES_256)
|
||||
AssertIntEQ(1, EVP_EncryptInit_ex(&de[i], EVP_aes_256_gcm(), NULL, NULL, NULL));
|
||||
#endif
|
||||
/* non-default must to set the IV length first */
|
||||
AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
|
||||
AssertIntEQ(1, EVP_EncryptInit_ex(&de[i], NULL, NULL, key, iv));
|
||||
AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de, EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
|
||||
AssertIntEQ(1, EVP_DecryptInit_ex(&de, NULL, NULL, key, iv));
|
||||
AssertIntEQ(1, EVP_DecryptUpdate(&de, NULL, &len, aad, aadSz));
|
||||
AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de, EVP_CTRL_GCM_SET_TAG, AES_BLOCK_SIZE, tag));
|
||||
AssertIntEQ(1, EVP_DecryptUpdate(&de, decryptedtxt, &len, ciphertxt, ciphertxtSz));
|
||||
decryptedtxtSz = len;
|
||||
AssertIntGT(EVP_DecryptFinal_ex(&de, decryptedtxt, &len), 0);
|
||||
decryptedtxtSz += len;
|
||||
AssertIntEQ(ciphertxtSz, decryptedtxtSz);
|
||||
AssertIntEQ(0, XMEMCMP(plaintxt, decryptedtxt, decryptedtxtSz));
|
||||
|
||||
}
|
||||
AssertIntEQ(1, EVP_EncryptUpdate(&de[i], NULL, &len, aad, aadSz));
|
||||
AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG, AES_BLOCK_SIZE, tag));
|
||||
AssertIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt, ciphertxtSz));
|
||||
decryptedtxtSz = len;
|
||||
AssertIntGT(EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len), 0);
|
||||
decryptedtxtSz += len;
|
||||
AssertIntEQ(ciphertxtSz, decryptedtxtSz);
|
||||
AssertIntEQ(0, XMEMCMP(plaintxt, decryptedtxt, decryptedtxtSz));
|
||||
/* modify tag*/
|
||||
tag[AES_BLOCK_SIZE-1]+=0xBB;
|
||||
AssertIntEQ(1, EVP_DecryptUpdate(&de, NULL, &len, aad, aadSz));
|
||||
AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de, EVP_CTRL_GCM_SET_TAG, AES_BLOCK_SIZE, tag));
|
||||
/* fail due to wrong tag */
|
||||
AssertIntEQ(0, EVP_DecryptUpdate(&de, decryptedtxt, &len, ciphertxt, ciphertxtSz));
|
||||
AssertIntGT(EVP_DecryptFinal_ex(&de, decryptedtxt, &len), 0);
|
||||
AssertIntEQ(0, len);
|
||||
|
||||
/* modify tag*/
|
||||
tag[AES_BLOCK_SIZE-1]+=0xBB;
|
||||
|
||||
@@ -10364,7 +10364,11 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
|
||||
/* keyFormat is Key_Sum enum */
|
||||
if (keyFormat) {
|
||||
#ifdef HAVE_ECC
|
||||
*eccKey = (header == BEGIN_EC_PRIV || header == beginBuf) ? 1 : 0;
|
||||
*eccKey = (header == BEGIN_EC_PRIV
|
||||
#ifdef OPENSSL_EXTRA
|
||||
|| header == beginBuf
|
||||
#endif
|
||||
) ? 1 : 0;
|
||||
#else
|
||||
*eccKey = 0;
|
||||
#endif
|
||||
|
||||
@@ -328,11 +328,7 @@
|
||||
#endif /* HAVE_SOCKADDR */
|
||||
|
||||
/* use gethostbyname for c99 */
|
||||
#ifdef WOLF_C99
|
||||
#undef HAVE_GETADDRINFO
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_GETADDRINFO
|
||||
#ifndef WOLF_C99
|
||||
typedef struct addrinfo ADDRINFO;
|
||||
#endif
|
||||
#endif /* WOLFSSL_NO_SOCK */
|
||||
|
||||
Reference in New Issue
Block a user