Merge from latest masterbranch

This commit is contained in:
Daniele Lacamera
2017-04-24 06:18:44 +02:00
10 changed files with 270 additions and 25 deletions

View File

@@ -13,3 +13,14 @@ if [ "$DIR" = "ARDUINO" ]; then
else else
echo "ERROR: You must be in the IDE/ARDUINO directory to run this script" echo "ERROR: You must be in the IDE/ARDUINO directory to run this script"
fi fi
#UPDATED: 19 Apr 2017 to remove bio.c and evp.c from the root directory since
# they are included inline and should not be compiled directly
ARDUINO_DIR=${PWD}
cd ../../
rm bio.c
rm evp.c
cd $ARDUINO_DIR
# end script in the origin directory for any future functionality that may be added.
#End UPDATE: 19 Apr 2017

View File

@@ -6763,6 +6763,10 @@ static int DoCertificate(WOLFSSL* ssl, byte* input, word32* inOutIdx,
DoCertArgs args[1]; DoCertArgs args[1];
#endif #endif
#ifdef WOLFSSL_TRUST_PEER_CERT
byte haveTrustPeer = 0; /* was cert verified by loaded trusted peer cert */
#endif
WOLFSSL_ENTER("DoCertificate"); WOLFSSL_ENTER("DoCertificate");
#ifdef WOLFSSL_ASYNC_CRYPT #ifdef WOLFSSL_ASYNC_CRYPT

View File

@@ -16312,15 +16312,40 @@ void wolfSSL_DES_set_odd_parity(WOLFSSL_DES_cblock* myDes)
} }
#ifdef WOLFSSL_DES_ECB
/* Encrpyt or decrypt input message desa with key and get output in desb.
* if enc is DES_ENCRYPT,input message is encrypted or
* if enc is DES_DECRYPT,input message is decrypted.
* */
void wolfSSL_DES_ecb_encrypt(WOLFSSL_DES_cblock* desa, void wolfSSL_DES_ecb_encrypt(WOLFSSL_DES_cblock* desa,
WOLFSSL_DES_cblock* desb, WOLFSSL_DES_key_schedule* key, int len) WOLFSSL_DES_cblock* desb, WOLFSSL_DES_key_schedule* key, int enc)
{ {
(void)desa; WOLFSSL_ENTER("wolfSSL_DES_ecb_encrypt");
(void)desb;
(void)key; Des myDes;
(void)len; if (desa == NULL || key == NULL || desb == NULL ||
WOLFSSL_STUB("wolfSSL_DES_ecb_encrypt"); (enc != DES_ENCRYPT && enc != DES_DECRYPT)) {
WOLFSSL_MSG("Bad argument passed to wolfSSL_DES_ecb_encrypt");
} else {
if (wc_Des_SetKey(&myDes, (const byte*) key,
(const byte*) NULL, !enc) != 0) {
WOLFSSL_MSG("wc_Des_SetKey return error.");
return;
}
if (enc){
if (wc_Des_EcbEncrypt(&myDes, (byte*) desb,
(const byte*) desa, sizeof(desa)) != 0){
WOLFSSL_MSG("wc_Des_EcbEncrpyt return error.");
}
} else {
if (wc_Des_EcbDecrypt(&myDes, (byte*) desb,
(const byte*) desa, sizeof(desa)) != 0){
WOLFSSL_MSG("wc_Des_EcbDecrpyt return error.");
}
}
}
} }
#endif
#endif /* NO_DES3 */ #endif /* NO_DES3 */

View File

@@ -3038,7 +3038,39 @@ static void test_wolfSSL_BIO(void)
#endif #endif
} }
static void test_wolfSSL_DES_ecb_encrypt(void)
{
#if defined(OPENSSL_EXTRA) && !defined(NO_DES3) && defined(WOLFSSL_DES_ECB)
WOLFSSL_DES_cblock input1,input2,output1,output2,back1,back2;
WOLFSSL_DES_key_schedule key;
printf(testingFmt, "wolfSSL_DES_ecb_encrypt()");
XMEMCPY(key,"12345678",sizeof(WOLFSSL_DES_key_schedule));
XMEMCPY(input1, "Iamhuman",sizeof(WOLFSSL_DES_cblock));
XMEMCPY(input2, "Whoisit?",sizeof(WOLFSSL_DES_cblock));
XMEMSET(output1, 0, sizeof(WOLFSSL_DES_cblock));
XMEMSET(output2, 0, sizeof(WOLFSSL_DES_cblock));
XMEMSET(back1, 0, sizeof(WOLFSSL_DES_cblock));
XMEMSET(back2, 0, sizeof(WOLFSSL_DES_cblock));
/* Encrypt messages */
wolfSSL_DES_ecb_encrypt(&input1,&output1,&key,DES_ENCRYPT);
wolfSSL_DES_ecb_encrypt(&input2,&output2,&key,DES_ENCRYPT);
/* Decrypt messages */
int ret1 = 0;
int ret2 = 0;
wolfSSL_DES_ecb_encrypt(&output1,&back1,&key,DES_DECRYPT);
ret1 = memcmp((unsigned char *) back1,(unsigned char *) input1,sizeof(WOLFSSL_DES_cblock));
AssertIntEQ(ret1,0);
wolfSSL_DES_ecb_encrypt(&output2,&back2,&key,DES_DECRYPT);
ret2 = memcmp((unsigned char *) back2,(unsigned char *) input2,sizeof(WOLFSSL_DES_cblock));
AssertIntEQ(ret2,0);
printf(resultFmt, passed);
#endif
}
/*----------------------------------------------------------------------------* /*----------------------------------------------------------------------------*
| wolfCrypt ASN | wolfCrypt ASN
*----------------------------------------------------------------------------*/ *----------------------------------------------------------------------------*/
@@ -3397,7 +3429,7 @@ void ApiTest(void)
test_wolfSSL_set_options(); test_wolfSSL_set_options();
test_wolfSSL_PEM_read_bio(); test_wolfSSL_PEM_read_bio();
test_wolfSSL_BIO(); test_wolfSSL_BIO();
test_wolfSSL_DES_ecb_encrypt();
AssertIntEQ(test_wolfSSL_Cleanup(), SSL_SUCCESS); AssertIntEQ(test_wolfSSL_Cleanup(), SSL_SUCCESS);
/* wolfCrypt ASN tests */ /* wolfCrypt ASN tests */

View File

@@ -2133,7 +2133,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
{ {
int ret = 0; int ret = 0;
CRYP_HandleTypeDef hcryp; CRYP_HandleTypeDef hcryp;
XMEMSET(&hcryp, 0, sizeof(CRYP_HandleTypeDef));
/* load key into correct registers */ /* load key into correct registers */
switch(aes->rounds) { switch(aes->rounds) {
case 10: /* 128-bit key */ case 10: /* 128-bit key */
@@ -2148,8 +2148,6 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
default: default:
break; break;
} }
XMEMSET(&hcryp, 0, sizeof(CRYP_HandleTypeDef));
hcryp.Instance = CRYP; hcryp.Instance = CRYP;
hcryp.Init.DataType = CRYP_DATATYPE_8B; hcryp.Init.DataType = CRYP_DATATYPE_8B;
hcryp.Init.pKey = (uint8_t*)aes->key; hcryp.Init.pKey = (uint8_t*)aes->key;

View File

@@ -2144,11 +2144,11 @@ static int CheckAlgo(int first, int second, int* id, int* version)
switch (second) { switch (second) {
case 1: case 1:
*id = PBE_SHA1_RC4_128; *id = PBE_SHA1_RC4_128;
*version = PKCS12; *version = PKCS12v1;
return 0; return 0;
case 3: case 3:
*id = PBE_SHA1_DES3; *id = PBE_SHA1_DES3;
*version = PKCS12; *version = PKCS12v1;
return 0; return 0;
default: default:
return ALGO_ID_E; return ALGO_ID_E;
@@ -2256,7 +2256,7 @@ static int DecryptKey(const char* password, int passwordSz, byte* salt,
ret = wc_PBKDF1(key, (byte*)password, passwordSz, ret = wc_PBKDF1(key, (byte*)password, passwordSz,
salt, saltSz, iterations, derivedLen, typeH); salt, saltSz, iterations, derivedLen, typeH);
#endif #endif
else if (version == PKCS12) { else if (version == PKCS12v1) {
int i, idx = 0; int i, idx = 0;
byte unicodePasswd[MAX_UNICODE_SZ]; byte unicodePasswd[MAX_UNICODE_SZ];
@@ -2302,7 +2302,7 @@ static int DecryptKey(const char* password, int passwordSz, byte* salt,
Des dec; Des dec;
byte* desIv = key + 8; byte* desIv = key + 8;
if (version == PKCS5v2 || version == PKCS12) if (version == PKCS5v2 || version == PKCS12v1)
desIv = cbcIv; desIv = cbcIv;
ret = wc_Des_SetKey(&dec, key, desIv, DES_DECRYPTION); ret = wc_Des_SetKey(&dec, key, desIv, DES_DECRYPTION);
@@ -2322,7 +2322,7 @@ static int DecryptKey(const char* password, int passwordSz, byte* salt,
Des3 dec; Des3 dec;
byte* desIv = key + 24; byte* desIv = key + 24;
if (version == PKCS5v2 || version == PKCS12) if (version == PKCS5v2 || version == PKCS12v1)
desIv = cbcIv; desIv = cbcIv;
ret = wc_Des3_SetKey(&dec, key, desIv, DES_DECRYPTION); ret = wc_Des3_SetKey(&dec, key, desIv, DES_DECRYPTION);
if (ret != 0) { if (ret != 0) {

View File

@@ -310,11 +310,17 @@ wolfSSL_Mutex* wc_InitAndAllocMutex()
{ {
wolfSSL_Mutex* m = (wolfSSL_Mutex*) XMALLOC(sizeof(wolfSSL_Mutex), NULL, wolfSSL_Mutex* m = (wolfSSL_Mutex*) XMALLOC(sizeof(wolfSSL_Mutex), NULL,
DYNAMIC_TYPE_MUTEX); DYNAMIC_TYPE_MUTEX);
if (m && wc_InitMutex(m) == 0) if (m != NULL) {
return m; if (wc_InitMutex(m) != 0) {
WOLFSSL_MSG("Init Mutex failed");
XFREE(m, NULL, DYNAMIC_TYPE_MUTEX);
m = NULL;
}
}
else {
WOLFSSL_MSG("Memory error with Mutex allocation");
}
XFREE(m, NULL, DYNAMIC_TYPE_MUTEX);
m = NULL;
return m; return m;
} }

View File

@@ -222,6 +222,8 @@ int chacha20_poly1305_aead_test(void);
int des_test(void); int des_test(void);
int des3_test(void); int des3_test(void);
int aes_test(void); int aes_test(void);
int aes192_test(void);
int aes256_test(void);
int cmac_test(void); int cmac_test(void);
int poly1305_test(void); int poly1305_test(void);
int aesgcm_test(void); int aesgcm_test(void);
@@ -625,6 +627,16 @@ int wolfcrypt_test(void* args)
else else
printf( "AES test passed!\n"); printf( "AES test passed!\n");
if ( (ret = aes192_test()) != 0)
return err_sys("AES192 test failed!\n", ret);
else
printf( "AES192 test passed!\n");
if ( (ret = aes256_test()) != 0)
return err_sys("AES256 test failed!\n", ret);
else
printf( "AES256 test passed!\n");
#ifdef HAVE_AESGCM #ifdef HAVE_AESGCM
if ( (ret = aesgcm_test()) != 0) if ( (ret = aesgcm_test()) != 0)
return err_sys("AES-GCM test failed!\n", ret); return err_sys("AES-GCM test failed!\n", ret);
@@ -1034,7 +1046,11 @@ int base64_test()
int asn_test() int asn_test()
{ {
#ifndef NO_ASN_TIME #ifndef NO_ASN_TIME
long now; #ifdef WORD64_AVAILABLE
word64 now;
#else
word32 now;
#endif
/* Parameter Validation tests. */ /* Parameter Validation tests. */
if (wc_GetTime(NULL, sizeof(now)) != BAD_FUNC_ARG) if (wc_GetTime(NULL, sizeof(now)) != BAD_FUNC_ARG)
@@ -1043,10 +1059,12 @@ int asn_test()
return -101; return -101;
now = 0; now = 0;
if (wc_GetTime(&now, sizeof(now)) != 0) if (wc_GetTime(&now, sizeof(now)) != 0) {
return -102; return -102;
if (now == 0) }
if (now == 0) {
return -103; return -103;
}
#endif #endif
return 0; return 0;
@@ -4005,6 +4023,153 @@ int aes_test(void)
return ret; return ret;
} }
int aes192_test(void)
{
#ifdef HAVE_AES_CBC
Aes enc;
byte cipher[AES_BLOCK_SIZE];
#ifdef HAVE_AES_DECRYPT
Aes dec;
byte plain [AES_BLOCK_SIZE];
#endif
#endif /* HAVE_AES_CBC */
int ret = 0;
#ifdef HAVE_AES_CBC
/* Test vectors from NIST Special Publication 800-38A, 2001 Edition
* Appendix F.2.3 */
const byte msg[] = {
0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a
};
const byte verify[] =
{
0x4f,0x02,0x1d,0xb2,0x43,0xbc,0x63,0x3d,
0x71,0x78,0x18,0x3a,0x9f,0xa0,0x71,0xe8
};
byte key[] = {
0x8e,0x73,0xb0,0xf7,0xda,0x0e,0x64,0x52,
0xc8,0x10,0xf3,0x2b,0x80,0x90,0x79,0xe5,
0x62,0xf8,0xea,0xd2,0x52,0x2c,0x6b,0x7b
};
byte iv[] = {
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F
};
if (wc_AesInit(&enc, HEAP_HINT, devId) != 0)
return -21000;
#ifdef HAVE_AES_DECRYPT
if (wc_AesInit(&dec, HEAP_HINT, devId) != 0)
return -21001;
#endif
ret = wc_AesSetKey(&enc, key, (int) sizeof(key), iv, AES_ENCRYPTION);
if (ret != 0)
return -21002;
#ifdef HAVE_AES_DECRYPT
ret = wc_AesSetKey(&dec, key, (int) sizeof(key), iv, AES_DECRYPTION);
if (ret != 0)
return -21003;
#endif
ret = wc_AesCbcEncrypt(&enc, cipher, msg, (int) sizeof(msg));
if (ret != 0)
return -21005;
#ifdef HAVE_AES_DECRYPT
ret = wc_AesCbcDecrypt(&dec, plain, cipher, (int) sizeof(cipher));
if (ret != 0)
return -21006;
if (XMEMCMP(plain, msg, (int) sizeof(plain))) {
return -21060;
}
#endif
if (XMEMCMP(cipher, verify, (int) sizeof(cipher)))
return -21061;
#endif
return ret;
}
int aes256_test(void)
{
#ifdef HAVE_AES_CBC
Aes enc;
byte cipher[AES_BLOCK_SIZE];
#ifdef HAVE_AES_DECRYPT
Aes dec;
byte plain [AES_BLOCK_SIZE];
#endif
#endif /* HAVE_AES_CBC */
int ret = 0;
#ifdef HAVE_AES_CBC
/* Test vectors from NIST Special Publication 800-38A, 2001 Edition,
* Appendix F.2.5 */
const byte msg[] = {
0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a
};
const byte verify[] =
{
0xf5,0x8c,0x4c,0x04,0xd6,0xe5,0xf1,0xba,
0x77,0x9e,0xab,0xfb,0x5f,0x7b,0xfb,0xd6
};
byte key[] = {
0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,
0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,
0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,
0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4
};
byte iv[] = {
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F
};
if (wc_AesInit(&enc, HEAP_HINT, devId) != 0)
return -22000;
#ifdef HAVE_AES_DECRYPT
if (wc_AesInit(&dec, HEAP_HINT, devId) != 0)
return -22001;
#endif
ret = wc_AesSetKey(&enc, key, (int) sizeof(key), iv, AES_ENCRYPTION);
if (ret != 0)
return -22003;
#ifdef HAVE_AES_DECRYPT
ret = wc_AesSetKey(&dec, key, (int) sizeof(key), iv, AES_DECRYPTION);
if (ret != 0)
return -22004;
#endif
ret = wc_AesCbcEncrypt(&enc, cipher, msg, (int) sizeof(msg));
if (ret != 0)
return -22005;
#ifdef HAVE_AES_DECRYPT
ret = wc_AesCbcDecrypt(&dec, plain, cipher, (int) sizeof(cipher));
if (ret != 0)
return -22006;
if (XMEMCMP(plain, msg, (int) sizeof(plain))) {
return -22060;
}
#endif
if (XMEMCMP(cipher, verify, (int) sizeof(cipher)))
return -22061;
#endif
return 0;
}
#ifdef HAVE_AESGCM #ifdef HAVE_AESGCM
int aesgcm_test(void) int aesgcm_test(void)
@@ -5724,7 +5889,8 @@ static int rsa_sig_test(RsaKey* key, word32 keyLen, int modLen, WC_RNG* rng)
#elif defined(WOLFSSL_ASYNC_CRYPT) #elif defined(WOLFSSL_ASYNC_CRYPT)
/* async may not require RNG */ /* async may not require RNG */
if (ret != 0 && ret != MISSING_RNG_E) if (ret != 0 && ret != MISSING_RNG_E)
#elif defined(HAVE_FIPS) || defined(WOLFSSL_ASYNC_CRYPT) #elif defined(HAVE_FIPS) || defined(WOLFSSL_ASYNC_CRYPT) || \
!defined(WC_RSA_BLINDING)
/* FIPS140 implementation does not do blinding */ /* FIPS140 implementation does not do blinding */
if (ret != 0) if (ret != 0)
#else #else

View File

@@ -130,7 +130,7 @@ enum Misc_ASN {
PKCS5 = 5, /* PKCS oid tag */ PKCS5 = 5, /* PKCS oid tag */
PKCS5v2 = 6, /* PKCS #5 v2.0 */ PKCS5v2 = 6, /* PKCS #5 v2.0 */
PKCS8v0 = 0, /* default PKCS#8 version */ PKCS8v0 = 0, /* default PKCS#8 version */
PKCS12 = 12, /* PKCS #12 */ PKCS12v1 = 12, /* PKCS #12 */
MAX_UNICODE_SZ = 256, MAX_UNICODE_SZ = 256,
ASN_BOOL_SIZE = 2, /* including type */ ASN_BOOL_SIZE = 2, /* including type */
ASN_ECC_HEADER_SZ = 2, /* String type + 1 byte len */ ASN_ECC_HEADER_SZ = 2, /* String type + 1 byte len */

View File

@@ -33,7 +33,10 @@
/* Opaque keys. Only key pointers are used for arguments */ /* Opaque keys. Only key pointers are used for arguments */
typedef struct ecc_key ecc_key; typedef struct ecc_key ecc_key;
typedef struct RsaKey RsaKey; typedef struct RsaKey RsaKey;
typedef struct WC_RNG WC_RNG; #ifndef WC_RNG_TYPE_DEFINED /* guard on redeclaration */
typedef struct WC_RNG WC_RNG;
#define WC_RNG_TYPE_DEFINED
#endif
/* Certificate file Type */ /* Certificate file Type */
enum CertType { enum CertType {