feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Cleanup the gating for WOLFSSL_NO_AES_CFB_1_8.

Browse Source
This commit is contained in:
David Garske
2024-12-09 11:05:40 -08:00
parent 314f7575fa
commit c4e319b092
3 changed files with 34 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
wolfcrypt/src/evp.c
View File

@ -157,6 +157,7 @@ static const struct s_ent {
(!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) */
#ifdef WOLFSSL_AES_CFB
#ifndef WOLFSSL_NO_AES_CFB_1_8
#ifdef WOLFSSL_AES_128
static const char EVP_AES_128_CFB1[] = "AES-128-CFB1";
#endif
@ -176,6 +177,7 @@ static const struct s_ent {
#ifdef WOLFSSL_AES_256
static const char EVP_AES_256_CFB8[] = "AES-256-CFB8";
#endif
#endif /* !WOLFSSL_NO_AES_CFB_1_8 */
#ifdef WOLFSSL_AES_128
static const char EVP_AES_128_CFB128[] = "AES-128-CFB128";
@ -639,7 +641,7 @@ static int evpCipherBlock(WOLFSSL_EVP_CIPHER_CTX *ctx,
break;
#endif
#if defined(WOLFSSL_AES_CFB)
#if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
#if !defined(WOLFSSL_NO_AES_CFB_1_8)
case WC_AES_128_CFB1_TYPE:
case WC_AES_192_CFB1_TYPE:
case WC_AES_256_CFB1_TYPE:
@ -659,7 +661,7 @@ static int evpCipherBlock(WOLFSSL_EVP_CIPHER_CTX *ctx,
else
ret = wc_AesCfb8Decrypt(&ctx->cipher.aes, out, in, inl);
break;
#endif /* !HAVE_SELFTEST && !HAVE_FIPS */
#endif /* !WOLFSSL_NO_AES_CFB_1_8 */
case WC_AES_128_CFB128_TYPE:
case WC_AES_192_CFB128_TYPE:
@ -1942,6 +1944,7 @@ static unsigned int cipherType(const WOLFSSL_EVP_CIPHER *cipher)
#endif
#endif /* WOLFSSL_AES_XTS */
#if defined(WOLFSSL_AES_CFB)
#ifndef WOLFSSL_NO_AES_CFB_1_8
#ifdef WOLFSSL_AES_128
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_CFB1))
return WC_AES_128_CFB1_TYPE;
@ -1966,6 +1969,7 @@ static unsigned int cipherType(const WOLFSSL_EVP_CIPHER *cipher)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_256_CFB8))
return WC_AES_256_CFB8_TYPE;
#endif
#endif /* !WOLFSSL_NO_AES_CFB_1_8 */
#ifdef WOLFSSL_AES_128
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_CFB128))
return WC_AES_128_CFB128_TYPE;
@ -4966,6 +4970,7 @@ static const struct cipher{
#endif
#ifdef WOLFSSL_AES_CFB
#ifndef WOLFSSL_NO_AES_CFB_1_8
#ifdef WOLFSSL_AES_128
{WC_AES_128_CFB1_TYPE, EVP_AES_128_CFB1, WC_NID_aes_128_cfb1},
#endif
@ -4985,6 +4990,7 @@ static const struct cipher{
#ifdef WOLFSSL_AES_256
{WC_AES_256_CFB8_TYPE, EVP_AES_256_CFB8, WC_NID_aes_256_cfb8},
#endif
#endif /* !WOLFSSL_NO_AES_CFB_1_8 */
#ifdef WOLFSSL_AES_128
{WC_AES_128_CFB128_TYPE, EVP_AES_128_CFB128, WC_NID_aes_128_cfb128},
@ -4995,7 +5001,7 @@ static const struct cipher{
#ifdef WOLFSSL_AES_256
{WC_AES_256_CFB128_TYPE, EVP_AES_256_CFB128, WC_NID_aes_256_cfb128},
#endif
#endif
#endif /* WOLFSSL_AES_CFB */
#ifdef WOLFSSL_AES_OFB
#ifdef WOLFSSL_AES_128
@ -5622,7 +5628,7 @@ void wolfSSL_EVP_init(void)
#endif /* HAVE_AES_CBC */
#ifdef WOLFSSL_AES_CFB
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(6,0,0))
#ifndef WOLFSSL_NO_AES_CFB_1_8
#ifdef WOLFSSL_AES_128
const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_cfb1(void)
{
@ -5670,7 +5676,7 @@ void wolfSSL_EVP_init(void)
return EVP_AES_256_CFB8;
}
#endif /* WOLFSSL_AES_256 */
#endif /* !HAVE_SELFTEST && !HAVE_FIPS */
#endif /* !WOLFSSL_NO_AES_CFB_1_8 */
#ifdef WOLFSSL_AES_128
const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_cfb128(void)
@ -7249,6 +7255,7 @@ void wolfSSL_EVP_init(void)
#endif /* WOLFSSL_AES_256 */
#endif /* HAVE_AES_ECB */
#ifdef WOLFSSL_AES_CFB
#ifndef WOLFSSL_NO_AES_CFB_1_8
#ifdef WOLFSSL_AES_128
if (ctx->cipherType == WC_AES_128_CFB1_TYPE ||
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_CFB1))) {
@ -7431,6 +7438,7 @@ void wolfSSL_EVP_init(void)
}
}
#endif /* WOLFSSL_AES_256 */
#endif /* !WOLFSSL_NO_AES_CFB_1_8 */
#ifdef WOLFSSL_AES_128
if (ctx->cipherType == WC_AES_128_CFB128_TYPE ||
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_CFB128))) {
@ -8317,7 +8325,7 @@ void wolfSSL_EVP_init(void)
#endif /* HAVE_AES_CBC */
#ifdef WOLFSSL_AES_CFB
#if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
#if !defined(WOLFSSL_NO_AES_CFB_1_8)
case WC_AES_128_CFB1_TYPE:
case WC_AES_192_CFB1_TYPE:
case WC_AES_256_CFB1_TYPE:
@ -8340,7 +8348,7 @@ void wolfSSL_EVP_init(void)
if (ret == 0)
ret = (int)len;
break;
#endif /* !HAVE_SELFTEST && !HAVE_FIPS */
#endif /* !WOLFSSL_NO_AES_CFB_1_8 */
case WC_AES_128_CFB128_TYPE:
case WC_AES_192_CFB128_TYPE:
case WC_AES_256_CFB128_TYPE:

25
wolfcrypt/test/test.c
View File

@ -9926,9 +9926,7 @@ EVP_TEST_END:
return ret;
}
#if !defined(HAVE_SELFTEST) && \
(!defined(HAVE_FIPS) || FIPS_VERSION3_GE(6,0,0)) && \
!defined(WOLFSSL_NO_AES_CFB_1_8)
#if !defined(WOLFSSL_NO_AES_CFB_1_8)
static wc_test_ret_t aescfb1_test(void)
{
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@ -10095,7 +10093,7 @@ EVP_TEST_END:
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
#ifndef WOLFCRYPT_ONLY
#if !defined(WOLFCRYPT_ONLY) && !defined(HAVE_FIPS)
ret = EVP_test(wolfSSL_EVP_aes_128_cfb1(), key1, iv, msg1, sizeof(msg1),
cipher, sizeof(msg1));
if (ret != 0) {
@ -10128,7 +10126,7 @@ EVP_TEST_END:
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
#ifndef WOLFCRYPT_ONLY
#if !defined(WOLFCRYPT_ONLY) && !defined(HAVE_FIPS)
ret = EVP_test(wolfSSL_EVP_aes_192_cfb1(), key2, iv2, msg2, sizeof(msg2),
cipher, sizeof(msg2));
if (ret != 0) {
@ -10162,7 +10160,7 @@ EVP_TEST_END:
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
#ifndef WOLFCRYPT_ONLY
#if !defined(WOLFCRYPT_ONLY) && !defined(HAVE_FIPS)
ret = EVP_test(wolfSSL_EVP_aes_256_cfb1(), key3, iv3, msg3, sizeof(msg3),
cipher, sizeof(msg3));
if (ret != 0) {
@ -10306,7 +10304,8 @@ EVP_TEST_END:
#ifdef WOLFSSL_AES_128
/* 128 key tests */
#if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY)
#if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY) && \
!defined(HAVE_FIPS)
ret = EVP_test(wolfSSL_EVP_aes_128_cfb8(), key1, iv, msg1, sizeof(msg1),
cipher1, sizeof(cipher1));
if (ret != 0) {
@ -10352,7 +10351,8 @@ EVP_TEST_END:
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
if (XMEMCMP(cipher, cipher2, sizeof(msg2)) != 0)
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
#if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY)
#if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY) && \
!defined(HAVE_FIPS)
ret = EVP_test(wolfSSL_EVP_aes_192_cfb8(), key2, iv2, msg2, sizeof(msg2),
cipher2, sizeof(msg2));
if (ret != 0) {
@ -10375,7 +10375,8 @@ EVP_TEST_END:
if (XMEMCMP(cipher, cipher3, sizeof(cipher3)) != 0)
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
#if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY)
#if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY) && \
!defined(HAVE_FIPS)
ret = EVP_test(wolfSSL_EVP_aes_256_cfb8(), key3, iv3, msg3, sizeof(msg3),
cipher3, sizeof(msg3));
if (ret != 0) {
@ -10401,7 +10402,7 @@ EVP_TEST_END:
return ret;
}
#endif /* !HAVE_SELFTEST && !HAVE_FIPS && !WOLFSSL_NO_AES_CFB_1_8 */
#endif /* !WOLFSSL_NO_AES_CFB_1_8 */
#endif /* WOLFSSL_AES_CFB */
#ifndef HAVE_RENESAS_SYNC
@ -14271,9 +14272,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_cfb_test(void)
ret = aescfb_test_0();
if (ret != 0)
return ret;
#if !defined(HAVE_SELFTEST) && \
(!defined(HAVE_FIPS) || FIPS_VERSION3_GE(6,0,0)) && \
!defined(WOLFSSL_NO_AES_CFB_1_8)
#if !defined(WOLFSSL_NO_AES_CFB_1_8)
ret = aescfb1_test();
if (ret != 0)
return ret;

7
wolfssl/wolfcrypt/settings.h
View File

@ -3076,6 +3076,13 @@ extern void uITRON4_free(void *p) ;
#endif
#endif /* HAVE_ED448 */
/* FIPS does not support CFB1 or CFB8 */
#if !defined(WOLFSSL_NO_AES_CFB_1_8) && \
(defined(HAVE_SELFTEST) || \
(defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0)))
#define WOLFSSL_NO_AES_CFB_1_8
#endif
/* AES Config */
#ifndef NO_AES
/* By default enable all AES key sizes, decryption and CBC */