wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 03:34:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

add Aes SetIV fips mode

Browse Source
This commit is contained in:
toddouska
2014-03-24 14:01:36 -07:00
parent 0ea10a4388
commit 8c5d958a8b
3 changed files with 33 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cyassl/ctaocrypt/aes.h
View File

@@ -154,6 +154,7 @@ CYASSL_API int AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
/* fips wrapper calls, user can call direct */
CYASSL_API int AesSetKey_fips(Aes* aes, const byte* key, word32 len,
const byte* iv, int dir);
CYASSL_API int AesSetIV_fips(Aes* aes, const byte* iv);
CYASSL_API int AesCbcEncrypt_fips(Aes* aes, byte* out, const byte* in,
word32 sz);
CYASSL_API int AesCbcDecrypt_fips(Aes* aes, byte* out, const byte* in,
@@ -161,6 +162,7 @@ CYASSL_API int AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
#ifndef FIPS_NO_WRAPPERS
/* if not impl or fips.c impl wrapper force fips calls if fips build */
#define AesSetKey AesSetKey_fips
#define AesSetIV AesSetIV_fips
#define AesCbcEncrypt AesCbcEncrypt_fips
#define AesCbcDecrypt AesCbcDecrypt_fips
#endif /* FIPS_NO_WRAPPERS */

4
mcapi/crypto.c
View File

@@ -416,9 +416,7 @@ int CRYPT_AES_IvSet(CRYPT_AES_CTX* aes, const unsigned char* iv)
if (aes == NULL || iv == NULL)
return BAD_FUNC_ARG;
AesSetIV((Aes*)aes, iv);
return 0;
return AesSetIV((Aes*)aes, iv);
}

42
src/ssl.c
View File

@@ -6765,8 +6765,11 @@ int CyaSSL_set_compression(CYASSL* ssl)
if (ret != 0)
return ret;
}
if (iv && key == NULL)
AesSetIV(&ctx->cipher.aes, iv);
if (iv && key == NULL) {
ret = AesSetIV(&ctx->cipher.aes, iv);
if (ret != 0)
return ret;
}
}
else if (ctx->cipherType == AES_192_CBC_TYPE || (type &&
XSTRNCMP(type, "AES192-CBC", 10) == 0)) {
@@ -6781,8 +6784,11 @@ int CyaSSL_set_compression(CYASSL* ssl)
if (ret != 0)
return ret;
}
if (iv && key == NULL)
AesSetIV(&ctx->cipher.aes, iv);
if (iv && key == NULL) {
ret = AesSetIV(&ctx->cipher.aes, iv);
if (ret != 0)
return ret;
}
}
else if (ctx->cipherType == AES_256_CBC_TYPE || (type &&
XSTRNCMP(type, "AES256-CBC", 10) == 0)) {
@@ -6797,8 +6803,11 @@ int CyaSSL_set_compression(CYASSL* ssl)
if (ret != 0)
return ret;
}
if (iv && key == NULL)
AesSetIV(&ctx->cipher.aes, iv);
if (iv && key == NULL) {
ret = AesSetIV(&ctx->cipher.aes, iv);
if (ret != 0)
return ret;
}
}
#ifdef CYASSL_AES_COUNTER
else if (ctx->cipherType == AES_128_CTR_TYPE || (type &&
@@ -6814,8 +6823,11 @@ int CyaSSL_set_compression(CYASSL* ssl)
if (ret != 0)
return ret;
}
if (iv && key == NULL)
AesSetIV(&ctx->cipher.aes, iv);
if (iv && key == NULL) {
ret = AesSetIV(&ctx->cipher.aes, iv);
if (ret != 0)
return ret;
}
}
else if (ctx->cipherType == AES_192_CTR_TYPE || (type &&
XSTRNCMP(type, "AES192-CTR", 10) == 0)) {
@@ -6830,8 +6842,11 @@ int CyaSSL_set_compression(CYASSL* ssl)
if (ret != 0)
return ret;
}
if (iv && key == NULL)
AesSetIV(&ctx->cipher.aes, iv);
if (iv && key == NULL) {
ret = AesSetIV(&ctx->cipher.aes, iv);
if (ret != 0)
return ret;
}
}
else if (ctx->cipherType == AES_256_CTR_TYPE || (type &&
XSTRNCMP(type, "AES256-CTR", 10) == 0)) {
@@ -6846,8 +6861,11 @@ int CyaSSL_set_compression(CYASSL* ssl)
if (ret != 0)
return ret;
}
if (iv && key == NULL)
AesSetIV(&ctx->cipher.aes, iv);
if (iv && key == NULL) {
ret = AesSetIV(&ctx->cipher.aes, iv);
if (ret != 0)
return ret;
}
}
#endif /* CYASSL_AES_CTR */
else if (ctx->cipherType == DES_CBC_TYPE || (type &&