From d4aa6bd1fc2f557203fcdaeda941c42abb45a520 Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Sat, 8 Jan 2022 00:29:47 -0600 Subject: [PATCH] wolfcrypt/src/evp.c: fixes for cppcheck complaints: bufferAccessOutOfBounds nullPointerRedundantCheck --- wolfcrypt/src/evp.c | 146 +++++++++++++++++++++----------------------- 1 file changed, 69 insertions(+), 77 deletions(-) diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c index 3db06bf1b..0b2236b4a 100644 --- a/wolfcrypt/src/evp.c +++ b/wolfcrypt/src/evp.c @@ -147,10 +147,6 @@ static const char EVP_AES_256_ECB[] = "AES-256-ECB"; #endif #endif - #define EVP_AES_SIZE 11 - #ifdef WOLFSSL_AES_CFB - #define EVP_AESCFB_SIZE 14 - #endif #endif #ifndef NO_DES3 @@ -159,23 +155,19 @@ static const char EVP_DES_EDE3_CBC[] = "DES-EDE3-CBC"; static const char EVP_DES_EDE3_ECB[] = "DES-EDE3-ECB"; - - #define EVP_DES_SIZE 7 - #define EVP_DES_EDE3_SIZE 12 #endif #ifdef HAVE_IDEA static const char EVP_IDEA_CBC[] = "IDEA-CBC"; - #define EVP_IDEA_SIZE 8 #endif #ifndef NO_RC4 static const char EVP_ARC4[] = "ARC4"; - #define EVP_ARC4_SIZE 4 #endif static const char EVP_NULL[] = "NULL"; -#define EVP_NULL_SIZE 4 + +#define EVP_CIPHER_TYPE_MATCHES(x, y) (XSTRCMP(x,y) == 0) #define EVP_PKEY_PRINT_LINE_WIDTH_MAX 80 #define EVP_PKEY_PRINT_DIGITS_PER_LINE 15 @@ -1047,140 +1039,140 @@ static unsigned int cipherType(const WOLFSSL_EVP_CIPHER *cipher) { if (cipher == NULL) return 0; /* dummy for #ifdef */ #ifndef NO_DES3 - else if (XSTRNCMP(cipher, EVP_DES_CBC, EVP_DES_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_DES_CBC)) return DES_CBC_TYPE; - else if (XSTRNCMP(cipher, EVP_DES_EDE3_CBC, EVP_DES_EDE3_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_DES_EDE3_CBC)) return DES_EDE3_CBC_TYPE; #if !defined(NO_DES3) - else if (XSTRNCMP(cipher, EVP_DES_ECB, EVP_DES_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_DES_ECB)) return DES_ECB_TYPE; - else if (XSTRNCMP(cipher, EVP_DES_EDE3_ECB, EVP_DES_EDE3_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_DES_EDE3_ECB)) return DES_EDE3_ECB_TYPE; #endif /* NO_DES3 && HAVE_AES_ECB */ #endif #if !defined(NO_AES) #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT) #ifdef WOLFSSL_AES_128 - else if (XSTRNCMP(cipher, EVP_AES_128_CBC, EVP_AES_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_CBC)) return AES_128_CBC_TYPE; #endif #ifdef WOLFSSL_AES_192 - else if (XSTRNCMP(cipher, EVP_AES_192_CBC, EVP_AES_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_192_CBC)) return AES_192_CBC_TYPE; #endif #ifdef WOLFSSL_AES_256 - else if (XSTRNCMP(cipher, EVP_AES_256_CBC, EVP_AES_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_256_CBC)) return AES_256_CBC_TYPE; #endif #endif /* HAVE_AES_CBC || WOLFSSL_AES_DIRECT */ #if defined(HAVE_AESGCM) #ifdef WOLFSSL_AES_128 - else if (XSTRNCMP(cipher, EVP_AES_128_GCM, EVP_AES_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_GCM)) return AES_128_GCM_TYPE; #endif #ifdef WOLFSSL_AES_192 - else if (XSTRNCMP(cipher, EVP_AES_192_GCM, EVP_AES_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_192_GCM)) return AES_192_GCM_TYPE; #endif #ifdef WOLFSSL_AES_256 - else if (XSTRNCMP(cipher, EVP_AES_256_GCM, EVP_AES_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_256_GCM)) return AES_256_GCM_TYPE; #endif #endif /* HAVE_AESGCM */ #if defined(WOLFSSL_AES_COUNTER) #ifdef WOLFSSL_AES_128 - else if (XSTRNCMP(cipher, EVP_AES_128_CTR, EVP_AES_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_CTR)) return AES_128_CTR_TYPE; #endif #ifdef WOLFSSL_AES_192 - else if (XSTRNCMP(cipher, EVP_AES_192_CTR, EVP_AES_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_192_CTR)) return AES_192_CTR_TYPE; #endif #ifdef WOLFSSL_AES_256 - else if (XSTRNCMP(cipher, EVP_AES_256_CTR, EVP_AES_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_256_CTR)) return AES_256_CTR_TYPE; #endif #endif /* HAVE_AES_CBC */ #if defined(HAVE_AES_ECB) #ifdef WOLFSSL_AES_128 - else if (XSTRNCMP(cipher, EVP_AES_128_ECB, EVP_AES_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_ECB)) return AES_128_ECB_TYPE; #endif #ifdef WOLFSSL_AES_192 - else if (XSTRNCMP(cipher, EVP_AES_192_ECB, EVP_AES_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_192_ECB)) return AES_192_ECB_TYPE; #endif #ifdef WOLFSSL_AES_256 - else if (XSTRNCMP(cipher, EVP_AES_256_ECB, EVP_AES_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_256_ECB)) return AES_256_ECB_TYPE; #endif #endif /*HAVE_AES_CBC */ #if defined(WOLFSSL_AES_XTS) #ifdef WOLFSSL_AES_128 - else if (XSTRNCMP(cipher, EVP_AES_128_XTS, EVP_AES_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_XTS)) return AES_128_XTS_TYPE; #endif #ifdef WOLFSSL_AES_256 - else if (XSTRNCMP(cipher, EVP_AES_256_XTS, EVP_AES_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_256_XTS)) return AES_256_XTS_TYPE; #endif #endif /* WOLFSSL_AES_XTS */ #if defined(WOLFSSL_AES_CFB) #ifdef WOLFSSL_AES_128 - else if (XSTRNCMP(cipher, EVP_AES_128_CFB1, EVP_AESCFB_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_CFB1)) return AES_128_CFB1_TYPE; #endif #ifdef WOLFSSL_AES_192 - else if (XSTRNCMP(cipher, EVP_AES_192_CFB1, EVP_AESCFB_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_192_CFB1)) return AES_192_CFB1_TYPE; #endif #ifdef WOLFSSL_AES_256 - else if (XSTRNCMP(cipher, EVP_AES_256_CFB1, EVP_AESCFB_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_256_CFB1)) return AES_256_CFB1_TYPE; #endif #ifdef WOLFSSL_AES_128 - else if (XSTRNCMP(cipher, EVP_AES_128_CFB8, EVP_AESCFB_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_CFB8)) return AES_128_CFB8_TYPE; #endif #ifdef WOLFSSL_AES_192 - else if (XSTRNCMP(cipher, EVP_AES_192_CFB8, EVP_AESCFB_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_192_CFB8)) return AES_192_CFB8_TYPE; #endif #ifdef WOLFSSL_AES_256 - else if (XSTRNCMP(cipher, EVP_AES_256_CFB8, EVP_AESCFB_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_256_CFB8)) return AES_256_CFB8_TYPE; #endif #ifdef WOLFSSL_AES_128 - else if (XSTRNCMP(cipher, EVP_AES_128_CFB128, EVP_AESCFB_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_CFB128)) return AES_128_CFB128_TYPE; #endif #ifdef WOLFSSL_AES_192 - else if (XSTRNCMP(cipher, EVP_AES_192_CFB128, EVP_AESCFB_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_192_CFB128)) return AES_192_CFB128_TYPE; #endif #ifdef WOLFSSL_AES_256 - else if (XSTRNCMP(cipher, EVP_AES_256_CFB128, EVP_AESCFB_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_256_CFB128)) return AES_256_CFB128_TYPE; #endif #endif /*HAVE_AES_CBC */ #if defined(WOLFSSL_AES_OFB) #ifdef WOLFSSL_AES_128 - else if (XSTRNCMP(cipher, EVP_AES_128_OFB, EVP_AES_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_OFB)) return AES_128_OFB_TYPE; #endif #ifdef WOLFSSL_AES_192 - else if (XSTRNCMP(cipher, EVP_AES_192_OFB, EVP_AES_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_192_OFB)) return AES_192_OFB_TYPE; #endif #ifdef WOLFSSL_AES_256 - else if (XSTRNCMP(cipher, EVP_AES_256_OFB, EVP_AES_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_256_OFB)) return AES_256_OFB_TYPE; #endif #endif #endif /* !NO_AES */ #ifndef NO_RC4 - else if (XSTRNCMP(cipher, EVP_ARC4, EVP_ARC4_SIZE) == 0) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_ARC4)) return ARC4_TYPE; #endif else return 0; @@ -1995,10 +1987,10 @@ int wolfSSL_EVP_PKEY_keygen(WOLFSSL_EVP_PKEY_CTX *ctx, } ownPkey = 1; pkey = wolfSSL_EVP_PKEY_new(); - pkey->type = ctx->pkey->type; - if (pkey == NULL) - return ret; + return MEMORY_E; + + pkey->type = ctx->pkey->type; } switch (pkey->type) { @@ -5034,7 +5026,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT) #ifdef WOLFSSL_AES_128 if (ctx->cipherType == AES_128_CBC_TYPE || - (type && XSTRNCMP(type, EVP_AES_128_CBC, EVP_AES_SIZE) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_CBC))) { WOLFSSL_MSG("EVP_AES_128_CBC"); ctx->cipherType = AES_128_CBC_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5059,7 +5051,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #endif /* WOLFSSL_AES_128 */ #ifdef WOLFSSL_AES_192 if (ctx->cipherType == AES_192_CBC_TYPE || - (type && XSTRNCMP(type, EVP_AES_192_CBC, EVP_AES_SIZE) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_CBC))) { WOLFSSL_MSG("EVP_AES_192_CBC"); ctx->cipherType = AES_192_CBC_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5084,7 +5076,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #endif /* WOLFSSL_AES_192 */ #ifdef WOLFSSL_AES_256 if (ctx->cipherType == AES_256_CBC_TYPE || - (type && XSTRNCMP(type, EVP_AES_256_CBC, EVP_AES_SIZE) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_CBC))) { WOLFSSL_MSG("EVP_AES_256_CBC"); ctx->cipherType = AES_256_CBC_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5117,7 +5109,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #ifdef HAVE_AESGCM #ifdef WOLFSSL_AES_128 if (ctx->cipherType == AES_128_GCM_TYPE || - (type && XSTRNCMP(type, EVP_AES_128_GCM, EVP_AES_SIZE) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_GCM))) { WOLFSSL_MSG("EVP_AES_128_GCM"); ctx->cipherType = AES_128_GCM_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5153,7 +5145,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #endif /* WOLFSSL_AES_128 */ #ifdef WOLFSSL_AES_192 if (ctx->cipherType == AES_192_GCM_TYPE || - (type && XSTRNCMP(type, EVP_AES_192_GCM, EVP_AES_SIZE) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_GCM))) { WOLFSSL_MSG("EVP_AES_192_GCM"); ctx->cipherType = AES_192_GCM_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5189,7 +5181,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #endif /* WOLFSSL_AES_192 */ #ifdef WOLFSSL_AES_256 if (ctx->cipherType == AES_256_GCM_TYPE || - (type && XSTRNCMP(type, EVP_AES_256_GCM, EVP_AES_SIZE) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_GCM))) { WOLFSSL_MSG("EVP_AES_256_GCM"); ctx->cipherType = AES_256_GCM_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5228,7 +5220,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #ifdef WOLFSSL_AES_COUNTER #ifdef WOLFSSL_AES_128 if (ctx->cipherType == AES_128_CTR_TYPE || - (type && XSTRNCMP(type, EVP_AES_128_CTR, EVP_AES_SIZE) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_CTR))) { WOLFSSL_MSG("EVP_AES_128_CTR"); ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; ctx->cipherType = AES_128_CTR_TYPE; @@ -5256,7 +5248,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #endif /* WOLFSSL_AES_128 */ #ifdef WOLFSSL_AES_192 if (ctx->cipherType == AES_192_CTR_TYPE || - (type && XSTRNCMP(type, EVP_AES_192_CTR, EVP_AES_SIZE) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_CTR))) { WOLFSSL_MSG("EVP_AES_192_CTR"); ctx->cipherType = AES_192_CTR_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5284,7 +5276,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #endif /* WOLFSSL_AES_192 */ #ifdef WOLFSSL_AES_256 if (ctx->cipherType == AES_256_CTR_TYPE || - (type && XSTRNCMP(type, EVP_AES_256_CTR, EVP_AES_SIZE) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_CTR))) { WOLFSSL_MSG("EVP_AES_256_CTR"); ctx->cipherType = AES_256_CTR_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5314,7 +5306,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #ifdef HAVE_AES_ECB #ifdef WOLFSSL_AES_128 if (ctx->cipherType == AES_128_ECB_TYPE || - (type && XSTRNCMP(type, EVP_AES_128_ECB, EVP_AES_SIZE) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_ECB))) { WOLFSSL_MSG("EVP_AES_128_ECB"); ctx->cipherType = AES_128_ECB_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5333,7 +5325,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #endif /* WOLFSSL_AES_128 */ #ifdef WOLFSSL_AES_192 if (ctx->cipherType == AES_192_ECB_TYPE || - (type && XSTRNCMP(type, EVP_AES_192_ECB, EVP_AES_SIZE) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_ECB))) { WOLFSSL_MSG("EVP_AES_192_ECB"); ctx->cipherType = AES_192_ECB_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5352,7 +5344,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #endif /* WOLFSSL_AES_192 */ #ifdef WOLFSSL_AES_256 if (ctx->cipherType == AES_256_ECB_TYPE || - (type && XSTRNCMP(type, EVP_AES_256_ECB, EVP_AES_SIZE) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_ECB))) { WOLFSSL_MSG("EVP_AES_256_ECB"); ctx->cipherType = AES_256_ECB_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5373,7 +5365,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #ifdef WOLFSSL_AES_CFB #ifdef WOLFSSL_AES_128 if (ctx->cipherType == AES_128_CFB1_TYPE || - (type && XSTRNCMP(type, EVP_AES_128_CFB1, EVP_AESCFB_SIZE) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_CFB1))) { WOLFSSL_MSG("EVP_AES_128_CFB1"); ctx->cipherType = AES_128_CFB1_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5397,7 +5389,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #endif /* WOLFSSL_AES_128 */ #ifdef WOLFSSL_AES_192 if (ctx->cipherType == AES_192_CFB1_TYPE || - (type && XSTRNCMP(type, EVP_AES_192_CFB1, EVP_AESCFB_SIZE) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_CFB1))) { WOLFSSL_MSG("EVP_AES_192_CFB1"); ctx->cipherType = AES_192_CFB1_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5421,7 +5413,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #endif /* WOLFSSL_AES_192 */ #ifdef WOLFSSL_AES_256 if (ctx->cipherType == AES_256_CFB1_TYPE || - (type && XSTRNCMP(type, EVP_AES_256_CFB1, EVP_AESCFB_SIZE) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_CFB1))) { WOLFSSL_MSG("EVP_AES_256_CFB1"); ctx->cipherType = AES_256_CFB1_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5449,7 +5441,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #endif /* WOLFSSL_AES_256 */ #ifdef WOLFSSL_AES_128 if (ctx->cipherType == AES_128_CFB8_TYPE || - (type && XSTRNCMP(type, EVP_AES_128_CFB8, EVP_AESCFB_SIZE) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_CFB8))) { WOLFSSL_MSG("EVP_AES_128_CFB8"); ctx->cipherType = AES_128_CFB8_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5473,7 +5465,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #endif /* WOLFSSL_AES_128 */ #ifdef WOLFSSL_AES_192 if (ctx->cipherType == AES_192_CFB8_TYPE || - (type && XSTRNCMP(type, EVP_AES_192_CFB8, EVP_AESCFB_SIZE) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_CFB8))) { WOLFSSL_MSG("EVP_AES_192_CFB8"); ctx->cipherType = AES_192_CFB8_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5497,7 +5489,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #endif /* WOLFSSL_AES_192 */ #ifdef WOLFSSL_AES_256 if (ctx->cipherType == AES_256_CFB8_TYPE || - (type && XSTRNCMP(type, EVP_AES_256_CFB8, EVP_AESCFB_SIZE) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_CFB8))) { WOLFSSL_MSG("EVP_AES_256_CFB8"); ctx->cipherType = AES_256_CFB8_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5525,7 +5517,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #endif /* WOLFSSL_AES_256 */ #ifdef WOLFSSL_AES_128 if (ctx->cipherType == AES_128_CFB128_TYPE || - (type && XSTRNCMP(type, EVP_AES_128_CFB128, EVP_AESCFB_SIZE) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_CFB128))) { WOLFSSL_MSG("EVP_AES_128_CFB128"); ctx->cipherType = AES_128_CFB128_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5549,7 +5541,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #endif /* WOLFSSL_AES_128 */ #ifdef WOLFSSL_AES_192 if (ctx->cipherType == AES_192_CFB128_TYPE || - (type && XSTRNCMP(type, EVP_AES_192_CFB128, EVP_AESCFB_SIZE) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_CFB128))) { WOLFSSL_MSG("EVP_AES_192_CFB128"); ctx->cipherType = AES_192_CFB128_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5573,7 +5565,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #endif /* WOLFSSL_AES_192 */ #ifdef WOLFSSL_AES_256 if (ctx->cipherType == AES_256_CFB128_TYPE || - (type && XSTRNCMP(type, EVP_AES_256_CFB128, EVP_AESCFB_SIZE) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_CFB128))) { WOLFSSL_MSG("EVP_AES_256_CFB128"); ctx->cipherType = AES_256_CFB128_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5603,7 +5595,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #ifdef WOLFSSL_AES_OFB #ifdef WOLFSSL_AES_128 if (ctx->cipherType == AES_128_OFB_TYPE || - (type && XSTRNCMP(type, EVP_AES_128_OFB, EVP_AES_SIZE) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_OFB))) { WOLFSSL_MSG("EVP_AES_128_OFB"); ctx->cipherType = AES_128_OFB_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5627,7 +5619,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #endif /* WOLFSSL_AES_128 */ #ifdef WOLFSSL_AES_192 if (ctx->cipherType == AES_192_OFB_TYPE || - (type && XSTRNCMP(type, EVP_AES_192_OFB, EVP_AES_SIZE) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_OFB))) { WOLFSSL_MSG("EVP_AES_192_OFB"); ctx->cipherType = AES_192_OFB_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5651,7 +5643,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #endif /* WOLFSSL_AES_192 */ #ifdef WOLFSSL_AES_256 if (ctx->cipherType == AES_256_OFB_TYPE || - (type && XSTRNCMP(type, EVP_AES_256_OFB, EVP_AES_SIZE) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_OFB))) { WOLFSSL_MSG("EVP_AES_256_OFB"); ctx->cipherType = AES_256_OFB_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5681,7 +5673,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #ifdef WOLFSSL_AES_XTS #ifdef WOLFSSL_AES_128 if (ctx->cipherType == AES_128_XTS_TYPE || - (type && XSTRNCMP(type, EVP_AES_128_XTS, EVP_AES_SIZE) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_XTS))) { WOLFSSL_MSG("EVP_AES_128_XTS"); ctx->cipherType = AES_128_XTS_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5711,7 +5703,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #endif /* WOLFSSL_AES_128 */ #ifdef WOLFSSL_AES_256 if (ctx->cipherType == AES_256_XTS_TYPE || - (type && XSTRNCMP(type, EVP_AES_256_XTS, EVP_AES_SIZE) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_XTS))) { WOLFSSL_MSG("EVP_AES_256_XTS"); ctx->cipherType = AES_256_XTS_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5744,7 +5736,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #ifndef NO_DES3 if (ctx->cipherType == DES_CBC_TYPE || - (type && XSTRNCMP(type, EVP_DES_CBC, EVP_DES_SIZE) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_DES_CBC))) { WOLFSSL_MSG("EVP_DES_CBC"); ctx->cipherType = DES_CBC_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5766,7 +5758,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) } #ifdef WOLFSSL_DES_ECB else if (ctx->cipherType == DES_ECB_TYPE || - (type && XSTRNCMP(type, EVP_DES_ECB, EVP_DES_SIZE) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_DES_ECB))) { WOLFSSL_MSG("EVP_DES_ECB"); ctx->cipherType = DES_ECB_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5786,7 +5778,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #endif else if (ctx->cipherType == DES_EDE3_CBC_TYPE || (type && - XSTRNCMP(type, EVP_DES_EDE3_CBC, EVP_DES_EDE3_SIZE) == 0)) { + EVP_CIPHER_TYPE_MATCHES(type, EVP_DES_EDE3_CBC))) { WOLFSSL_MSG("EVP_DES_EDE3_CBC"); ctx->cipherType = DES_EDE3_CBC_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5811,7 +5803,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) } else if (ctx->cipherType == DES_EDE3_ECB_TYPE || (type && - XSTRNCMP(type, EVP_DES_EDE3_ECB, EVP_DES_EDE3_SIZE) == 0)) { + EVP_CIPHER_TYPE_MATCHES(type, EVP_DES_EDE3_ECB))) { WOLFSSL_MSG("EVP_DES_EDE3_ECB"); ctx->cipherType = DES_EDE3_ECB_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5830,7 +5822,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #endif /* NO_DES3 */ #ifndef NO_RC4 if (ctx->cipherType == ARC4_TYPE || - (type && XSTRNCMP(type, EVP_ARC4, 4) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_ARC4))) { WOLFSSL_MSG("ARC4"); ctx->cipherType = ARC4_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5844,7 +5836,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) #endif /* NO_RC4 */ #ifdef HAVE_IDEA if (ctx->cipherType == IDEA_CBC_TYPE || - (type && XSTRNCMP(type, EVP_IDEA_CBC, EVP_IDEA_SIZE) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_IDEA_CBC))) { WOLFSSL_MSG("EVP_IDEA_CBC"); ctx->cipherType = IDEA_CBC_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -5867,7 +5859,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) } #endif /* HAVE_IDEA */ if (ctx->cipherType == NULL_CIPHER_TYPE || - (type && XSTRNCMP(type, EVP_NULL, 4) == 0)) { + (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_NULL))) { WOLFSSL_MSG("NULL cipher"); ctx->cipherType = NULL_CIPHER_TYPE; ctx->keyLen = 0;