wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 12:14:38 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fixes for build failures. Added new WC_MAX_SYM_KEY_SIZE macro for helping determine max key size. Added enum for unique cipher types. Added CHACHA_MAX_KEY_SZ for ChaCha.

Browse Source
This commit is contained in:
David Garske
2018-04-03 08:50:26 -07:00
parent 2c72f72752
commit 98c186017a
11 changed files with 63 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
mcapi/crypto.h
View File

@@ -116,10 +116,10 @@ int CRYPT_HMAC_Finalize(CRYPT_HMAC_CTX*, unsigned char*);
/* HMAC types */ /* HMAC types */
enum { enum {
CRYPT_HMAC_SHA = 1, CRYPT_HMAC_SHA = 4,
CRYPT_HMAC_SHA256 = 2, CRYPT_HMAC_SHA256 = 6,
CRYPT_HMAC_SHA384 = 5, CRYPT_HMAC_SHA384 = 7,
CRYPT_HMAC_SHA512 = 4 CRYPT_HMAC_SHA512 = 8
}; };

8
src/internal.c
View File

@@ -686,21 +686,21 @@ static int ImportKeyState(WOLFSSL* ssl, byte* exp, word32 len, byte ver)
idx++; /* no truncated hmac */ idx++; /* no truncated hmac */
#endif #endif
sz = exp[idx++]; sz = exp[idx++];
if (sz > WC_MAX_DIGEST_SIZE || sz + idx > len) { if (sz > sizeof(keys->client_write_MAC_secret) || sz + idx > len) {
return BUFFER_E; return BUFFER_E;
} }
XMEMCPY(keys->client_write_MAC_secret, exp + idx, sz); idx += sz; XMEMCPY(keys->client_write_MAC_secret, exp + idx, sz); idx += sz;
XMEMCPY(keys->server_write_MAC_secret, exp + idx, sz); idx += sz; XMEMCPY(keys->server_write_MAC_secret, exp + idx, sz); idx += sz;
sz = exp[idx++]; sz = exp[idx++];
if (sz > AES_256_KEY_SIZE || sz + idx > len) { if (sz > sizeof(keys->client_write_key) || sz + idx > len) {
return BUFFER_E; return BUFFER_E;
} }
XMEMCPY(keys->client_write_key, exp + idx, sz); idx += sz; XMEMCPY(keys->client_write_key, exp + idx, sz); idx += sz;
XMEMCPY(keys->server_write_key, exp + idx, sz); idx += sz; XMEMCPY(keys->server_write_key, exp + idx, sz); idx += sz;
sz = exp[idx++]; sz = exp[idx++];
if (sz > MAX_WRITE_IV_SZ || sz + idx > len) { if (sz > sizeof(keys->client_write_IV) || sz + idx > len) {
return BUFFER_E; return BUFFER_E;
} }
XMEMCPY(keys->client_write_IV, exp + idx, sz); idx += sz; XMEMCPY(keys->client_write_IV, exp + idx, sz); idx += sz;
@@ -709,7 +709,7 @@ static int ImportKeyState(WOLFSSL* ssl, byte* exp, word32 len, byte ver)
idx += AEAD_MAX_EXP_SZ; idx += AEAD_MAX_EXP_SZ;
sz = exp[idx++]; sz = exp[idx++];
if (sz > AEAD_MAX_IMP_SZ || sz + idx > len) { if (sz > sizeof(keys->aead_enc_imp_IV) || sz + idx > len) {
return BUFFER_E; return BUFFER_E;
} }
XMEMCPY(keys->aead_enc_imp_IV, exp + idx, sz); idx += sz; XMEMCPY(keys->aead_enc_imp_IV, exp + idx, sz); idx += sz;

4
wolfcrypt/src/chacha.c
View File

@@ -338,7 +338,7 @@ int wc_Chacha_SetKey(ChaCha* ctx, const byte* key, word32 keySz)
if (ctx == NULL) if (ctx == NULL)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
if (keySz != 16 && keySz != 32) if (keySz != (CHACHA_MAX_KEY_SZ/2) && keySz != CHACHA_MAX_KEY_SZ)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
#ifdef XSTREAM_ALIGN #ifdef XSTREAM_ALIGN
@@ -369,7 +369,7 @@ int wc_Chacha_SetKey(ChaCha* ctx, const byte* key, word32 keySz)
ctx->X[5] = U8TO32_LITTLE(k + 4); ctx->X[5] = U8TO32_LITTLE(k + 4);
ctx->X[6] = U8TO32_LITTLE(k + 8); ctx->X[6] = U8TO32_LITTLE(k + 8);
ctx->X[7] = U8TO32_LITTLE(k + 12); ctx->X[7] = U8TO32_LITTLE(k + 12);
if (keySz == 32) { if (keySz == CHACHA_MAX_KEY_SZ) {
k += 16; k += 16;
constants = sigma; constants = sigma;
} }

8
wolfcrypt/src/wc_encrypt.c
View File

@@ -247,7 +247,7 @@ int wc_BufferKeyDecrypt(EncryptedInfo* info, byte* der, word32 derSz,
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
byte* key = NULL; byte* key = NULL;
#else #else
byte key[AES_MAX_KEY_SIZE]; byte key[WC_MAX_SYM_KEY_SIZE];
#endif #endif
(void)derSz; (void)derSz;
@@ -264,7 +264,7 @@ int wc_BufferKeyDecrypt(EncryptedInfo* info, byte* der, word32 derSz,
} }
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
key = (byte*)XMALLOC(AES_MAX_KEY_SIZE, NULL, DYNAMIC_TYPE_SYMETRIC_KEY); key = (byte*)XMALLOC(WC_MAX_SYM_KEY_SIZE, NULL, DYNAMIC_TYPE_SYMETRIC_KEY);
if (key == NULL) { if (key == NULL) {
return MEMORY_E; return MEMORY_E;
} }
@@ -306,7 +306,7 @@ int wc_BufferKeyEncrypt(EncryptedInfo* info, byte* der, word32 derSz,
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
byte* key = NULL; byte* key = NULL;
#else #else
byte key[AES_MAX_KEY_SIZE]; byte key[WC_MAX_SYM_KEY_SIZE];
#endif #endif
(void)derSz; (void)derSz;
@@ -319,7 +319,7 @@ int wc_BufferKeyEncrypt(EncryptedInfo* info, byte* der, word32 derSz,
} }
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
key = (byte*)XMALLOC(AES_MAX_KEY_SIZE, NULL, DYNAMIC_TYPE_SYMETRIC_KEY); key = (byte*)XMALLOC(WC_MAX_SYM_KEY_SIZE, NULL, DYNAMIC_TYPE_SYMETRIC_KEY);
if (key == NULL) { if (key == NULL) {
return MEMORY_E; return MEMORY_E;
} }

10
wolfssl/internal.h
View File

@@ -106,6 +106,7 @@
#include <wolfssl/wolfcrypt/dh.h> #include <wolfssl/wolfcrypt/dh.h>
#endif #endif
#include <wolfssl/wolfcrypt/wc_encrypt.h>
#include <wolfssl/wolfcrypt/hash.h> #include <wolfssl/wolfcrypt/hash.h>
#if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA)
@@ -1153,7 +1154,6 @@ enum Misc {
#ifdef HAVE_FIPS #ifdef HAVE_FIPS
/* these moved into wolfCrypt, but kept here for backwards compatibility with FIPS */ /* these moved into wolfCrypt, but kept here for backwards compatibility with FIPS */
RC4_KEY_SIZE = 16, /* always 128bit */
DES_KEY_SIZE = 8, /* des */ DES_KEY_SIZE = 8, /* des */
DES3_KEY_SIZE = 24, /* 3 des ede */ DES3_KEY_SIZE = 24, /* 3 des ede */
DES_IV_SIZE = DES_BLOCK_SIZE, DES_IV_SIZE = DES_BLOCK_SIZE,
@@ -1161,6 +1161,10 @@ enum Misc {
AES_192_KEY_SIZE = 24, /* for 192 bit */ AES_192_KEY_SIZE = 24, /* for 192 bit */
AES_IV_SIZE = 16, /* always block size */ AES_IV_SIZE = 16, /* always block size */
AES_128_KEY_SIZE = 16, /* for 128 bit */ AES_128_KEY_SIZE = 16, /* for 128 bit */
MAX_SYM_KEY_SIZE = AES_256_KEY_SIZE,
#else
MAX_SYM_KEY_SIZE = WC_MAX_SYM_KEY_SIZE,
#endif #endif
AEAD_SEQ_OFFSET = 4, /* Auth Data: Sequence number */ AEAD_SEQ_OFFSET = 4, /* Auth Data: Sequence number */
@@ -1844,8 +1848,8 @@ typedef struct WOLFSSL_DTLS_PEERSEQ {
typedef struct Keys { typedef struct Keys {
byte client_write_MAC_secret[WC_MAX_DIGEST_SIZE]; /* max sizes */ byte client_write_MAC_secret[WC_MAX_DIGEST_SIZE]; /* max sizes */
byte server_write_MAC_secret[WC_MAX_DIGEST_SIZE]; byte server_write_MAC_secret[WC_MAX_DIGEST_SIZE];
byte client_write_key[AES_256_KEY_SIZE]; /* max sizes */ byte client_write_key[MAX_SYM_KEY_SIZE]; /* max sizes */
byte server_write_key[AES_256_KEY_SIZE]; byte server_write_key[MAX_SYM_KEY_SIZE];
byte client_write_IV[MAX_WRITE_IV_SZ]; /* max sizes */ byte client_write_IV[MAX_WRITE_IV_SZ]; /* max sizes */
byte server_write_IV[MAX_WRITE_IV_SZ]; byte server_write_IV[MAX_WRITE_IV_SZ];
#if defined(HAVE_AEAD) || defined(WOLFSSL_SESSION_EXPORT) #if defined(HAVE_AEAD) || defined(WOLFSSL_SESSION_EXPORT)

16
wolfssl/wolfcrypt/aes.h
View File

@@ -69,16 +69,18 @@
#endif #endif
enum { enum {
AES_ENC_TYPE = 1, /* cipher unique type */ AES_ENC_TYPE = WC_CIPHER_AES, /* cipher unique type */
AES_ENCRYPTION = 0, AES_ENCRYPTION = 0,
AES_DECRYPTION = 1, AES_DECRYPTION = 1,
KEYWRAP_BLOCK_SIZE = 8,
AES_BLOCK_SIZE = 16,
AES_128_KEY_SIZE = 16, /* for 128 bit */ AES_BLOCK_SIZE = 16,
AES_192_KEY_SIZE = 24, /* for 192 bit */ AES_IV_SIZE = AES_BLOCK_SIZE,
AES_256_KEY_SIZE = 32, /* for 256 bit */
AES_IV_SIZE = 16, /* always block size */ KEYWRAP_BLOCK_SIZE = 8,
AES_128_KEY_SIZE = 16, /* for 128 bit */
AES_192_KEY_SIZE = 24, /* for 192 bit */
AES_256_KEY_SIZE = 32, /* for 256 bit */
}; };

3
wolfssl/wolfcrypt/chacha.h
View File

@@ -44,7 +44,8 @@
#define CHACHA_CHUNK_BYTES (CHACHA_CHUNK_WORDS * sizeof(word32)) #define CHACHA_CHUNK_BYTES (CHACHA_CHUNK_WORDS * sizeof(word32))
enum { enum {
CHACHA_ENC_TYPE = 7 /* cipher unique type */ CHACHA_ENC_TYPE = WC_CIPHER_CHACHA, /* cipher unique type */
CHACHA_MAX_KEY_SZ = 32,
}; };
typedef struct ChaCha { typedef struct ChaCha {

4
wolfssl/wolfcrypt/des3.h
View File

@@ -46,8 +46,8 @@
#endif #endif
enum { enum {
DES_ENC_TYPE = 2, /* cipher unique type */ DES_ENC_TYPE = WC_CIPHER_DES, /* cipher unique type */
DES3_ENC_TYPE = 3, /* cipher unique type */ DES3_ENC_TYPE = WC_CIPHER_DES3, /* cipher unique type */
DES_BLOCK_SIZE = 8, DES_BLOCK_SIZE = 8,
DES_KS_SIZE = 32, /* internal DES key buffer size */ DES_KS_SIZE = 32, /* internal DES key buffer size */

2
wolfssl/wolfcrypt/hc128.h
View File

@@ -36,7 +36,7 @@
#endif #endif
enum { enum {
HC128_ENC_TYPE = 6 /* cipher unique type */ HC128_ENC_TYPE = WC_CIPHER_HC128, /* cipher unique type */
}; };
/* HC-128 stream cipher */ /* HC-128 stream cipher */

18
wolfssl/wolfcrypt/types.h
View File

@@ -501,6 +501,24 @@
WC_HASH_TYPE_MAX = WC_HASH_TYPE_BLAKE2B WC_HASH_TYPE_MAX = WC_HASH_TYPE_BLAKE2B
}; };
/* cipher types */
enum CipherTypes {
WC_CIPHER_NONE = 0,
WC_CIPHER_AES = 1,
WC_CIPHER_AES_CBC = 2,
WC_CIPHER_AES_GCM = 3,
WC_CIPHER_AES_CTR = 4,
WC_CIPHER_AES_XTS = 5,
WC_CIPHER_AES_CFB = 6,
WC_CIPHER_DES3 = 7,
WC_CIPHER_DES = 8,
WC_CIPHER_CHACHA = 9,
WC_CIPHER_HC128 = 10,
WC_CIPHER_MAX = WC_CIPHER_HC128
};
/* settings detection for compile vs runtime math incompatibilities */ /* settings detection for compile vs runtime math incompatibilities */
enum { enum {
#if !defined(USE_FAST_MATH) && !defined(SIZEOF_LONG) && !defined(SIZEOF_LONG_LONG) #if !defined(USE_FAST_MATH) && !defined(SIZEOF_LONG) && !defined(SIZEOF_LONG_LONG)

40
wolfssl/wolfcrypt/wc_encrypt.h
View File

@@ -33,38 +33,18 @@
extern "C" { extern "C" {
#endif #endif
enum CipherTypes { /* determine max cipher key size */
WC_CIPHER_NONE,
#ifndef NO_AES #ifndef NO_AES
#ifdef HAVE_AES_CBC #define WC_MAX_SYM_KEY_SIZE (AES_MAX_KEY_SIZE/8)
WC_CIPHER_AES_CBC, #elif defined(HAVE_CHACHA)
#endif #define WC_MAX_SYM_KEY_SIZE CHACHA_MAX_KEY_SZ
#ifdef HAVE_AESGCM #elif !defined(NO_DES)
WC_CIPHER_AES_GCM, #define WC_MAX_SYM_KEY_SIZE DES3_KEY_SIZE
#endif #elif !defined(NO_RC4)
#ifdef WOLFSSL_AES_COUNTER #define WC_MAX_SYM_KEY_SIZE RC4_KEY_SIZE
WC_CIPHER_AES_CTR, #else
#endif #define WC_MAX_SYM_KEY_SIZE 32
#ifdef WOLFSSL_AES_XTS
WC_CIPHER_AES_XTS,
#endif
#ifdef WOLFSSL_AES_CFB
WC_CIPHER_AES_CFB,
#endif
#endif #endif
#ifndef NO_DES3
WC_CIPHER_DES3,
#endif
#ifndef NO_DES
WC_CIPHER_DES,
#endif
#ifdef HAVE_CHAHCA
WC_CIPHER_CHACHA,
#endif
#ifdef HAVE_HC128
WC_CIPHER_HC128,
#endif
};
#ifndef NO_AES #ifndef NO_AES