feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #2613 from tmael/evp_aes_gcm

Browse Source 
Set default IV length for EVP aes gcm
This commit is contained in:
toddouska
2019-11-26 15:18:27 -08:00
committed by GitHub
parent 5d41ef171c 428d51e664
commit 9b7cd6bdfd
2 changed files with 74 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/ssl.c
View File

@ -16351,6 +16351,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
ctx->keyLen = 16;
ctx->block_size = AES_BLOCK_SIZE;
ctx->authTagSz = AES_BLOCK_SIZE;
ctx->ivSz = 12; /* set default IV length to 96 bits */
XMEMSET(ctx->authTag, 0, ctx->authTagSz);
if (iv)
@ -16364,11 +16365,6 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
if (ret != 0)
return ret;
}
if (iv && key == NULL) {
ret = wc_AesSetIV(&ctx->cipher.aes, iv);
if (ret != 0)
return ret;
}
}
#endif /* WOLFSSL_AES_128 */
#ifdef WOLFSSL_AES_192
@ -16381,6 +16377,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
ctx->keyLen = 24;
ctx->block_size = AES_BLOCK_SIZE;
ctx->authTagSz = AES_BLOCK_SIZE;
ctx->ivSz = 12; /* set default IV length to 96 bits */
XMEMSET(ctx->authTag, 0, ctx->authTagSz);
if (iv)
@ -16394,11 +16391,6 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
if (ret != 0)
return ret;
}
if (iv && key == NULL) {
ret = wc_AesSetIV(&ctx->cipher.aes, iv);
if (ret != 0)
return ret;
}
}
#endif /* WOLFSSL_AES_192 */
#ifdef WOLFSSL_AES_256
@ -16411,6 +16403,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
ctx->keyLen = 32;
ctx->block_size = AES_BLOCK_SIZE;
ctx->authTagSz = AES_BLOCK_SIZE;
ctx->ivSz = 12; /* set default IV length to 96 bits */
XMEMSET(ctx->authTag, 0, ctx->authTagSz);
if (iv)
@ -16426,13 +16419,6 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
return ret;
}
}
if (iv && key == NULL) {
ret = wc_AesSetIV(&ctx->cipher.aes, iv);
if (ret != 0){
WOLFSSL_MSG("wc_AesSetIV() failed");
return ret;
}
}
}
#endif /* WOLFSSL_AES_256 */
#endif /* HAVE_AESGCM */

97
tests/api.c
View File

@ -27614,59 +27614,90 @@ static void test_wolfssl_EVP_aes_gcm(void)
int ciphertxtSz = 0;
int decryptedtxtSz = 0;
int len = 0;
EVP_CIPHER_CTX en;
EVP_CIPHER_CTX de;
int i = 0;
EVP_CIPHER_CTX en[2];
EVP_CIPHER_CTX de[2];
printf(testingFmt, "wolfssl_EVP_aes_gcm");
EVP_CIPHER_CTX_init(&en);
#ifdef WOLFSSL_AES_128
AssertIntEQ(1, EVP_EncryptInit_ex(&en, EVP_aes_128_gcm(), NULL, NULL, NULL));
#elif defined(WOLFSSL_AES_192)
AssertIntEQ(1, EVP_EncryptInit_ex(&en, EVP_aes_192_gcm(), NULL, NULL, NULL));
#elif defined(WOLFSSL_AES_256)
AssertIntEQ(1, EVP_EncryptInit_ex(&en, EVP_aes_256_gcm(), NULL, NULL, NULL));
#endif
AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&en, EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
AssertIntEQ(1, EVP_EncryptInit_ex(&en, NULL, NULL, key, iv));
AssertIntEQ(1, EVP_EncryptUpdate(&en, NULL, &len, aad, aadSz));
AssertIntEQ(1, EVP_EncryptUpdate(&en, ciphertxt, &len, plaintxt, plaintxtSz));
ciphertxtSz = len;
AssertIntEQ(1, EVP_EncryptFinal_ex(&en, ciphertxt, &len));
ciphertxtSz += len;
AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&en, EVP_CTRL_GCM_GET_TAG, AES_BLOCK_SIZE, tag));
for (i = 0; i < 2; i++) {
EVP_CIPHER_CTX_init(&de);
EVP_CIPHER_CTX_init(&en[i]);
if (i == 0) {
/* Default uses 96-bits IV length */
#ifdef WOLFSSL_AES_128
AssertIntEQ(1, EVP_EncryptInit_ex(&de, EVP_aes_128_gcm(), NULL, NULL, NULL));
AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_128_gcm(), NULL, key, iv));
#elif defined(WOLFSSL_AES_192)
AssertIntEQ(1, EVP_EncryptInit_ex(&de, EVP_aes_192_gcm(), NULL, NULL, NULL));
AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_192_gcm(), NULL, key, iv));
#elif defined(WOLFSSL_AES_256)
AssertIntEQ(1, EVP_EncryptInit_ex(&de, EVP_aes_256_gcm(), NULL, NULL, NULL));
AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_256_gcm(), NULL, key, iv));
#endif
AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de, EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
AssertIntEQ(1, EVP_EncryptInit_ex(&de, NULL, NULL, key, iv));
AssertIntEQ(1, EVP_EncryptUpdate(&de, NULL, &len, aad, aadSz));
AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de, EVP_CTRL_GCM_SET_TAG, AES_BLOCK_SIZE, tag));
AssertIntEQ(1, EVP_DecryptUpdate(&de, decryptedtxt, &len, ciphertxt, ciphertxtSz));
}
else {
#ifdef WOLFSSL_AES_128
AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_128_gcm(), NULL, NULL, NULL));
#elif defined(WOLFSSL_AES_192)
AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_192_gcm(), NULL, NULL, NULL));
#elif defined(WOLFSSL_AES_256)
AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_256_gcm(), NULL, NULL, NULL));
#endif
/* non-default must to set the IV length first */
AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv));
}
AssertIntEQ(1, EVP_EncryptUpdate(&en[i], NULL, &len, aad, aadSz));
AssertIntEQ(1, EVP_EncryptUpdate(&en[i], ciphertxt, &len, plaintxt, plaintxtSz));
ciphertxtSz = len;
AssertIntEQ(1, EVP_EncryptFinal_ex(&en[i], ciphertxt, &len));
ciphertxtSz += len;
AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_GET_TAG, AES_BLOCK_SIZE, tag));
EVP_CIPHER_CTX_init(&de[i]);
if (i == 0) {
/* Default uses 96-bits IV length */
#ifdef WOLFSSL_AES_128
AssertIntEQ(1, EVP_EncryptInit_ex(&de[i], EVP_aes_128_gcm(), NULL, key, iv));
#elif defined(WOLFSSL_AES_192)
AssertIntEQ(1, EVP_EncryptInit_ex(&de[i], EVP_aes_192_gcm(), NULL, key, iv));
#elif defined(WOLFSSL_AES_256)
AssertIntEQ(1, EVP_EncryptInit_ex(&de[i], EVP_aes_256_gcm(), NULL, key, iv));
#endif
}
else {
#ifdef WOLFSSL_AES_128
AssertIntEQ(1, EVP_EncryptInit_ex(&de[i], EVP_aes_128_gcm(), NULL, NULL, NULL));
#elif defined(WOLFSSL_AES_192)
AssertIntEQ(1, EVP_EncryptInit_ex(&de[i], EVP_aes_192_gcm(), NULL, NULL, NULL));
#elif defined(WOLFSSL_AES_256)
AssertIntEQ(1, EVP_EncryptInit_ex(&de[i], EVP_aes_256_gcm(), NULL, NULL, NULL));
#endif
/* non-default must to set the IV length first */
AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
AssertIntEQ(1, EVP_EncryptInit_ex(&de[i], NULL, NULL, key, iv));
}
AssertIntEQ(1, EVP_EncryptUpdate(&de[i], NULL, &len, aad, aadSz));
AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG, AES_BLOCK_SIZE, tag));
AssertIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt, ciphertxtSz));
decryptedtxtSz = len;
AssertIntGT(EVP_DecryptFinal_ex(&de, decryptedtxt, &len), 0);
AssertIntGT(EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len), 0);
decryptedtxtSz += len;
AssertIntEQ(ciphertxtSz, decryptedtxtSz);
AssertIntEQ(0, XMEMCMP(plaintxt, decryptedtxt, decryptedtxtSz));
/* modify tag*/
tag[AES_BLOCK_SIZE-1]+=0xBB;
AssertIntEQ(1, EVP_EncryptUpdate(&de, NULL, &len, aad, aadSz));
AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de, EVP_CTRL_GCM_SET_TAG, AES_BLOCK_SIZE, tag));
AssertIntEQ(1, EVP_DecryptUpdate(&de, decryptedtxt, &len, ciphertxt, ciphertxtSz));
AssertIntEQ(1, EVP_EncryptUpdate(&de[i], NULL, &len, aad, aadSz));
AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG, AES_BLOCK_SIZE, tag));
AssertIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt, ciphertxtSz));
decryptedtxtSz = len;
AssertIntGT(EVP_DecryptFinal_ex(&de, decryptedtxt, &len), 0);
AssertIntGT(EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len), 0);
decryptedtxtSz += len;
AssertIntEQ(ciphertxtSz, decryptedtxtSz);
/* decrypted text should not be equal to plain text*/
AssertIntNE(0, XMEMCMP(plaintxt, decryptedtxt, decryptedtxtSz));
}
printf(resultFmt, passed);
#endif /* OPENSSL_EXTRA && !NO_AES && HAVE_AESGCM */