From 52cc73a6a49618aaab9573f6d22db71a3f3d6b13 Mon Sep 17 00:00:00 2001 From: Disyer Date: Thu, 28 Jul 2022 11:47:14 +0300 Subject: [PATCH 1/3] Integrate chacha20-poly1305 into the EVP interface --- src/ssl.c | 3 +++ wolfcrypt/src/evp.c | 40 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 43 insertions(+) diff --git a/src/ssl.c b/src/ssl.c index 4d5e548f0..7985e8175 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -25788,6 +25788,9 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = { { NID_des, DESb, oidBlkType, "DES-CBC", "des-cbc"}, { NID_des3, DES3b, oidBlkType, "DES-EDE3-CBC", "des-ede3-cbc"}, #endif /* !NO_DES3 */ + #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) + { NID_chacha20_poly1305, NID_chacha20_poly1305, oidBlkType, "ChaCha20-Poly1305", "chacha20-poly1305"}, + #endif /* oidOcspType */ #ifdef HAVE_OCSP diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c index 95aa4e442..ae7311e38 100644 --- a/wolfcrypt/src/evp.c +++ b/wolfcrypt/src/evp.c @@ -243,6 +243,9 @@ int wolfSSL_EVP_Cipher_key_length(const WOLFSSL_EVP_CIPHER* c) case DES_EDE3_CBC_TYPE: return 24; case DES_ECB_TYPE: return 8; case DES_EDE3_ECB_TYPE: return 24; + #endif + #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) + case CHACHA20_POLY1305_TYPE: return 32; #endif default: return 0; @@ -1289,6 +1292,12 @@ static unsigned int cipherType(const WOLFSSL_EVP_CIPHER *cipher) else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_ARC4)) return ARC4_TYPE; #endif + +#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_CHACHA20_POLY1305)) + return CHACHA20_POLY1305_TYPE; +#endif + else return 0; } @@ -1357,6 +1366,11 @@ int wolfSSL_EVP_CIPHER_block_size(const WOLFSSL_EVP_CIPHER *cipher) case DES_ECB_TYPE: return 8; case DES_EDE3_ECB_TYPE: return 8; #endif + +#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) + case CHACHA20_POLY1305_TYPE: + return 1; +#endif default: return 0; } @@ -1424,6 +1438,10 @@ unsigned long WOLFSSL_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher) #ifndef NO_RC4 case ARC4_TYPE: return EVP_CIPH_STREAM_CIPHER; + #endif + #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) + case CHACHA20_POLY1305_TYPE: + return WOLFSSL_EVP_CIPH_STREAM_CIPHER; #endif default: return 0; @@ -4152,6 +4170,10 @@ static const struct cipher{ {ARC4_TYPE, EVP_ARC4, NID_undef}, #endif +#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) + {CHACHA20_POLY1305_TYPE, EVP_CHACHA20_POLY1305, NID_chacha20_poly1305}, +#endif + { 0, NULL, 0} }; @@ -4248,6 +4270,9 @@ const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_get_cipherbyname(const char *name) #endif #ifndef NO_RC4 {EVP_ARC4, "RC4"}, +#endif +#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) + {EVP_CHACHA20_POLY1305, "chacha20-poly1305"}, #endif { NULL, NULL} }; @@ -4362,6 +4387,11 @@ const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_get_cipherbynid(int id) #endif #endif /*NO_DES3*/ +#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) + case NID_chacha20_poly1305: + return wolfSSL_EVP_chacha20_poly1305(); +#endif + default: WOLFSSL_MSG("Bad cipher id value"); } @@ -8355,6 +8385,11 @@ int wolfSSL_EVP_CIPHER_CTX_iv_length(const WOLFSSL_EVP_CIPHER_CTX* ctx) WOLFSSL_MSG("AES XTS"); return AES_BLOCK_SIZE; #endif /* WOLFSSL_AES_XTS */ +#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) + case CHACHA20_POLY1305_TYPE: + WOLFSSL_MSG("CHACHA20 POLY1305"); + return CHACHA20_POLY1305_AEAD_IV_SIZE; +#endif /* HAVE_CHACHA HAVE_POLY1305 */ case NULL_CIPHER_TYPE : WOLFSSL_MSG("NULL"); @@ -8439,6 +8474,11 @@ int wolfSSL_EVP_CIPHER_iv_length(const WOLFSSL_EVP_CIPHER* cipher) } #endif +#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) + if (XSTRCMP(name, EVP_CHACHA20_POLY1305) == 0) + return CHACHA20_POLY1305_AEAD_IV_SIZE; +#endif + (void)name; return 0; From e3dd7677c8a51e91fec354fb3d4fb83918706d13 Mon Sep 17 00:00:00 2001 From: Disyer Date: Thu, 28 Jul 2022 17:16:34 +0300 Subject: [PATCH 2/3] Add tests for chacha20-poly1305 EVP integration --- tests/api.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/tests/api.c b/tests/api.c index a8c2565bf..5c89436dd 100644 --- a/tests/api.c +++ b/tests/api.c @@ -4462,6 +4462,10 @@ static int test_wolfSSL_EVP_get_cipherbynid(void) #endif #endif /* !NO_DES3 */ +#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) + AssertNotNull(strcmp("EVP_CHACHA20_POLY13O5", EVP_get_cipherbynid(1018))); +#endif + /* test for nid is out of range */ AssertNull(wolfSSL_EVP_get_cipherbynid(1)); @@ -45587,6 +45591,10 @@ static int test_wolfSSL_EVP_CIPHER_block_size(void) AssertIntEQ(EVP_CIPHER_block_size(wolfSSL_EVP_rc4()), 1); #endif +#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) + AssertIntEQ(EVP_CIPHER_block_size(wolfSSL_EVP_chacha20_poly1305()), 1); +#endif + return 0; } @@ -45636,6 +45644,9 @@ static int test_wolfSSL_EVP_CIPHER_iv_length(void) NID_des_cbc, NID_des_ede3_cbc, #endif + #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) + NID_chacha20_poly1305, + #endif }; int iv_lengths[] = { @@ -45679,6 +45690,9 @@ static int test_wolfSSL_EVP_CIPHER_iv_length(void) DES_BLOCK_SIZE, DES_BLOCK_SIZE, #endif + #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) + CHACHA20_POLY1305_AEAD_IV_SIZE, + #endif }; printf(testingFmt, "wolfSSL_EVP_CIPHER_iv_length"); From e599bb50486c16d7ff5791938ec27ca794823102 Mon Sep 17 00:00:00 2001 From: Disyer Date: Thu, 28 Jul 2022 18:36:52 +0300 Subject: [PATCH 3/3] Mark chacha20-poly1305 as an AEAD cipher --- wolfcrypt/src/evp.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c index ae7311e38..985467eed 100644 --- a/wolfcrypt/src/evp.c +++ b/wolfcrypt/src/evp.c @@ -1441,7 +1441,8 @@ unsigned long WOLFSSL_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher) #endif #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) case CHACHA20_POLY1305_TYPE: - return WOLFSSL_EVP_CIPH_STREAM_CIPHER; + return WOLFSSL_EVP_CIPH_STREAM_CIPHER | + WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER; #endif default: return 0;