From a0ddb05a07e53f681460ab9d9e316e4042454623 Mon Sep 17 00:00:00 2001
From: Jacob Barthelmeh <jacob@wolfssl.com>
Date: Wed, 12 Feb 2020 17:45:09 -0700
Subject: [PATCH] change evp with cfb1 expect input size in bytes

---
 wolfcrypt/src/aes.c   |  6 ++--
 wolfcrypt/src/evp.c   |  6 ++--
 wolfcrypt/test/test.c | 73 +++++++++++++++++++++++++++++++++++++------
 3 files changed, 70 insertions(+), 15 deletions(-)

diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c
index b90f9ae30..bba2ddecf 100644
--- a/wolfcrypt/src/aes.c
+++ b/wolfcrypt/src/aes.c
@@ -7607,7 +7607,7 @@ static int wc_AesFeedbackCFB1(Aes* aes, byte* out, const byte* in,
         }
     }
 
-    if (bit > 0) {
+    if (bit > 0 && bit < 7) {
         out[0] = cur;
     }
 
@@ -7621,7 +7621,7 @@ static int wc_AesFeedbackCFB1(Aes* aes, byte* out, const byte* in,
  * out buffer to hold result of encryption (must be at least as large as input
  *     buffer)
  * in  buffer to encrypt (packed to left, i.e. 101 is 0x90)
- * sz  size of input buffer
+ * sz  size of input buffer in bits (0x1 would be size of 1 and 0xFF size of 8)
  *
  * returns 0 on success and negative values on failure
  */
@@ -7653,7 +7653,7 @@ int wc_AesCfb8Encrypt(Aes* aes, byte* out, const byte* in, word32 sz)
  * out buffer to hold result of encryption (must be at least as large as input
  *     buffer)
  * in  buffer to encrypt
- * sz  size of input buffer
+ * sz  size of input buffer in bits (0x1 would be size of 1 and 0xFF size of 8)
  *
  * returns 0 on success and negative values on failure
  */
diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c
index 959c9d6d3..e4ea1577b 100644
--- a/wolfcrypt/src/evp.c
+++ b/wolfcrypt/src/evp.c
@@ -363,9 +363,11 @@ static int evpCipherBlock(WOLFSSL_EVP_CIPHER_CTX *ctx,
         case AES_192_CFB1_TYPE:
         case AES_256_CFB1_TYPE:
             if (ctx->enc)
-                ret = wc_AesCfb1Encrypt(&ctx->cipher.aes, out, in, inl);
+                ret = wc_AesCfb1Encrypt(&ctx->cipher.aes, out, in,
+                        inl * WOLFSSL_BIT_SIZE);
             else
-                ret = wc_AesCfb1Decrypt(&ctx->cipher.aes, out, in, inl);
+                ret = wc_AesCfb1Decrypt(&ctx->cipher.aes, out, in,
+                        inl * WOLFSSL_BIT_SIZE);
             break;
 
         case AES_128_CFB8_TYPE:
diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c
index c6a94307b..6daf0edfb 100644
--- a/wolfcrypt/test/test.c
+++ b/wolfcrypt/test/test.c
@@ -6378,13 +6378,6 @@ EVP_TEST_END:
 
 #ifdef WOLFSSL_AES_128
         /* 128 key tests */
-    #ifdef OPENSSL_EXTRA
-        ret = EVP_test(EVP_aes_128_cfb1(), key1, iv, msg1, sizeof(msg1),
-                cipher1, 2);
-        if (ret != 0) {
-            return ret;
-        }
-    #endif
         ret = wc_AesSetKey(&enc, key1, AES_BLOCK_SIZE, iv, AES_ENCRYPTION);
         if (ret != 0)
             return -4741;
@@ -6411,6 +6404,24 @@ EVP_TEST_END:
         if (plain[0] != msg1[0])
             return -4746;
     #endif /* HAVE_AES_DECRYPT */
+
+    #ifdef OPENSSL_EXTRA
+        ret = wc_AesSetKey(&enc, key1, AES_BLOCK_SIZE, iv, AES_ENCRYPTION);
+        if (ret != 0)
+            return -4747;
+
+        XMEMSET(cipher, 0, sizeof(cipher));
+        ret = wc_AesCfb1Encrypt(&enc, cipher, msg1,
+                sizeof(msg1) * WOLFSSL_BIT_SIZE);
+        if (ret != 0)
+            return -4748;
+
+        ret = EVP_test(EVP_aes_128_cfb1(), key1, iv, msg1, sizeof(msg1),
+                cipher, sizeof(msg1));
+        if (ret != 0) {
+            return ret;
+        }
+    #endif
 #endif /* WOLFSSL_AES_128 */
 #ifdef WOLFSSL_AES_192
         /* 192 key tests */
@@ -6435,9 +6446,30 @@ EVP_TEST_END:
 
 #ifdef WOLFSSL_AES_192
         /* 192 key tests */
+        ret = wc_AesSetKey(&enc, key2, sizeof(key2), iv2, AES_ENCRYPTION);
+        if (ret != 0)
+            return -4749;
+
+        XMEMSET(cipher, 0, sizeof(cipher));
+        ret = wc_AesCfb1Encrypt(&enc, cipher, msg2, 4);
+        if (ret != 0)
+            return -4750;
+        if (XMEMCMP(cipher, cipher2, sizeof(cipher2)) != 0)
+            return -4751;
+
     #ifdef OPENSSL_EXTRA
+        ret = wc_AesSetKey(&enc, key2, sizeof(key2), iv2, AES_ENCRYPTION);
+        if (ret != 0)
+            return -4752;
+
+        XMEMSET(cipher, 0, sizeof(cipher));
+        ret = wc_AesCfb1Encrypt(&enc, cipher, msg2,
+                sizeof(msg2) * WOLFSSL_BIT_SIZE);
+        if (ret != 0)
+            return -4753;
+
         ret = EVP_test(EVP_aes_192_cfb1(), key2, iv2, msg2, sizeof(msg2),
-                cipher2, 4);
+                cipher, sizeof(msg2));
         if (ret != 0) {
             return ret;
         }
@@ -6446,14 +6478,35 @@ EVP_TEST_END:
 
 #ifdef WOLFSSL_AES_256
         /* 256 key tests */
+        ret = wc_AesSetKey(&enc, key3, sizeof(key3), iv3, AES_ENCRYPTION);
+        if (ret != 0)
+            return -4754;
+
+        XMEMSET(cipher, 0, sizeof(cipher));
+        ret = wc_AesCfb1Encrypt(&enc, cipher, msg3, 10);
+        if (ret != 0)
+            return -4755;
+        if (XMEMCMP(cipher, cipher3, sizeof(cipher3)) != 0)
+            return -4756;
+
     #ifdef OPENSSL_EXTRA
+        ret = wc_AesSetKey(&enc, key3, sizeof(key3), iv3, AES_ENCRYPTION);
+        if (ret != 0)
+            return -4757;
+
+        XMEMSET(cipher, 0, sizeof(cipher));
+        ret = wc_AesCfb1Encrypt(&enc, cipher, msg3,
+                sizeof(msg3) * WOLFSSL_BIT_SIZE);
+        if (ret != 0)
+            return -4758;
+
         ret = EVP_test(EVP_aes_256_cfb1(), key3, iv3, msg3, sizeof(msg3),
-                cipher3, 10);
+                cipher, sizeof(msg3));
         if (ret != 0) {
             return ret;
         }
     #endif
-#endif /* WOLFSSL_AES_192 */
+#endif /* WOLFSSL_AES_256 */
         return ret;
     }