From c982dd2281e96b5515c499ae594904ce88d48f9b Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 27 Oct 2014 15:52:22 -0700 Subject: [PATCH] allow aes gcm fips wrappers, no void returns --- configure.ac | 7 +++++++ ctaocrypt/src/aes.c | 17 ++++++++++------- cyassl/ctaocrypt/aes.h | 20 ++++++++++++++++---- src/internal.c | 19 +++++++++++-------- src/keys.c | 18 ++++++++++++++---- 5 files changed, 58 insertions(+), 23 deletions(-) diff --git a/configure.ac b/configure.ac index e07ff1819..a9ddd5e06 100644 --- a/configure.ac +++ b/configure.ac @@ -1113,6 +1113,13 @@ then AM_CFLAGS="$AM_CFLAGS -DCYASSL_SHA512 -DCYASSL_SHA384" AM_CONDITIONAL([BUILD_SHA512], [test "x$ENABLED_SHA512" = "xyes"]) fi + # requires AESGCM + if test "x$ENABLED_AESGCM" != "xyes" + then + ENABLED_AESGCM="yes" + AM_CFLAGS="$AM_CFLAGS -DHAVE_AESGCM" + AM_CONDITIONAL([BUILD_SHA512], [test "x$ENABLED_SHA512" = "xyes"]) + fi AM_CFLAGS="$AM_CFLAGS -DHAVE_FIPS" fi diff --git a/ctaocrypt/src/aes.c b/ctaocrypt/src/aes.c index ff2e9d5c2..6121b8982 100644 --- a/ctaocrypt/src/aes.c +++ b/ctaocrypt/src/aes.c @@ -2617,7 +2617,7 @@ static void GenerateM0(Aes* aes) #endif /* GCM_TABLE */ -void AesGcmSetKey(Aes* aes, const byte* key, word32 len) +int AesGcmSetKey(Aes* aes, const byte* key, word32 len) { byte iv[AES_BLOCK_SIZE]; @@ -2626,7 +2626,7 @@ void AesGcmSetKey(Aes* aes, const byte* key, word32 len) #endif if (!((len == 16) || (len == 24) || (len == 32))) - return; + return BAD_FUNC_ARG; XMEMSET(iv, 0, AES_BLOCK_SIZE); AesSetKey(aes, key, len, iv, AES_ENCRYPTION); @@ -2639,6 +2639,8 @@ void AesGcmSetKey(Aes* aes, const byte* key, word32 len) #ifdef GCM_TABLE GenerateM0(aes); #endif /* GCM_TABLE */ + + return 0; } @@ -3145,7 +3147,7 @@ static void GHASH(Aes* aes, const byte* a, word32 aSz, #endif /* end GCM_WORD32 */ -void AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz, +int AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz, const byte* iv, word32 ivSz, byte* authTag, word32 authTagSz, const byte* authIn, word32 authInSz) @@ -3215,6 +3217,7 @@ void AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz, #endif xorbuf(authTag, scratch, authTagSz); + return 0; } @@ -3301,17 +3304,17 @@ int AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, -CYASSL_API void GmacSetKey(Gmac* gmac, const byte* key, word32 len) +CYASSL_API int GmacSetKey(Gmac* gmac, const byte* key, word32 len) { - AesGcmSetKey(&gmac->aes, key, len); + return AesGcmSetKey(&gmac->aes, key, len); } -CYASSL_API void GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz, +CYASSL_API int GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz, const byte* authIn, word32 authInSz, byte* authTag, word32 authTagSz) { - AesGcmEncrypt(&gmac->aes, NULL, NULL, 0, iv, ivSz, + return AesGcmEncrypt(&gmac->aes, NULL, NULL, 0, iv, ivSz, authTag, authTagSz, authIn, authInSz); } diff --git a/cyassl/ctaocrypt/aes.h b/cyassl/ctaocrypt/aes.h index c381f77bd..0ce25a429 100644 --- a/cyassl/ctaocrypt/aes.h +++ b/cyassl/ctaocrypt/aes.h @@ -118,8 +118,8 @@ CYASSL_API void AesDecryptDirect(Aes* aes, byte* out, const byte* in); CYASSL_API int AesSetKeyDirect(Aes* aes, const byte* key, word32 len, const byte* iv, int dir); #ifdef HAVE_AESGCM -CYASSL_API void AesGcmSetKey(Aes* aes, const byte* key, word32 len); -CYASSL_API void AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz, +CYASSL_API int AesGcmSetKey(Aes* aes, const byte* key, word32 len); +CYASSL_API int AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz, const byte* iv, word32 ivSz, byte* authTag, word32 authTagSz, const byte* authIn, word32 authInSz); @@ -131,8 +131,8 @@ CYASSL_API int AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, typedef struct Gmac { Aes aes; } Gmac; -CYASSL_API void GmacSetKey(Gmac* gmac, const byte* key, word32 len); -CYASSL_API void GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz, +CYASSL_API int GmacSetKey(Gmac* gmac, const byte* key, word32 len); +CYASSL_API int GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz, const byte* authIn, word32 authInSz, byte* authTag, word32 authTagSz); #endif /* HAVE_AESGCM */ @@ -163,12 +163,24 @@ CYASSL_API int AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz, word32 sz); CYASSL_API int AesCbcDecrypt_fips(Aes* aes, byte* out, const byte* in, word32 sz); + CYASSL_API int AesGcmSetKey_fips(Aes* aes, const byte* key, word32 len); + CYASSL_API int AesGcmEncrypt_fips(Aes* aes, byte* out, const byte* in, + word32 sz, const byte* iv, word32 ivSz, + byte* authTag, word32 authTagSz, + const byte* authIn, word32 authInSz); + CYASSL_API int AesGcmDecrypt_fips(Aes* aes, byte* out, const byte* in, + word32 sz, const byte* iv, word32 ivSz, + const byte* authTag, word32 authTagSz, + const byte* authIn, word32 authInSz); #ifndef FIPS_NO_WRAPPERS /* if not impl or fips.c impl wrapper force fips calls if fips build */ #define AesSetKey AesSetKey_fips #define AesSetIV AesSetIV_fips #define AesCbcEncrypt AesCbcEncrypt_fips #define AesCbcDecrypt AesCbcDecrypt_fips + #define AesGcmSetKey AesGcmSetKey_fips + #define AesGcmEncrypt AesGcmEncrypt_fips + #define AesGcmDecrypt AesGcmDecrypt_fips #endif /* FIPS_NO_WRAPPERS */ #endif /* HAVE_FIPS */ diff --git a/src/internal.c b/src/internal.c index a73f51de0..31c726572 100644 --- a/src/internal.c +++ b/src/internal.c @@ -5390,6 +5390,7 @@ static INLINE int Encrypt(CYASSL* ssl, byte* out, const byte* input, word16 sz) #ifdef BUILD_AESGCM case cyassl_aes_gcm: { + int gcmRet; byte additional[AEAD_AUTH_DATA_SZ]; byte nonce[AEAD_NONCE_SZ]; const byte* additionalSrc = input - 5; @@ -5418,15 +5419,17 @@ static INLINE int Encrypt(CYASSL* ssl, byte* out, const byte* input, word16 sz) ssl->keys.aead_enc_imp_IV, AEAD_IMP_IV_SZ); XMEMCPY(nonce + AEAD_IMP_IV_SZ, ssl->keys.aead_exp_IV, AEAD_EXP_IV_SZ); - AesGcmEncrypt(ssl->encrypt.aes, - out + AEAD_EXP_IV_SZ, input + AEAD_EXP_IV_SZ, - sz - AEAD_EXP_IV_SZ - ssl->specs.aead_mac_size, - nonce, AEAD_NONCE_SZ, - out + sz - ssl->specs.aead_mac_size, - ssl->specs.aead_mac_size, - additional, AEAD_AUTH_DATA_SZ); - AeadIncrementExpIV(ssl); + gcmRet = AesGcmEncrypt(ssl->encrypt.aes, + out + AEAD_EXP_IV_SZ, input + AEAD_EXP_IV_SZ, + sz - AEAD_EXP_IV_SZ - ssl->specs.aead_mac_size, + nonce, AEAD_NONCE_SZ, + out + sz - ssl->specs.aead_mac_size, + ssl->specs.aead_mac_size, + additional, AEAD_AUTH_DATA_SZ); + if (gcmRet == 0) + AeadIncrementExpIV(ssl); XMEMSET(nonce, 0, AEAD_NONCE_SZ); + return gcmRet; } break; #endif diff --git a/src/keys.c b/src/keys.c index 628f131b0..fd90a6e54 100644 --- a/src/keys.c +++ b/src/keys.c @@ -2115,6 +2115,8 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs, #ifdef BUILD_AESGCM if (specs->bulk_cipher_algorithm == cyassl_aes_gcm) { + int gcmRet; + if (enc && enc->aes == NULL) enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER); if (enc && enc->aes == NULL) @@ -2126,24 +2128,32 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs, if (side == CYASSL_CLIENT_END) { if (enc) { - AesGcmSetKey(enc->aes, keys->client_write_key, specs->key_size); + gcmRet = AesGcmSetKey(enc->aes, keys->client_write_key, + specs->key_size); + if (gcmRet != 0) return gcmRet; XMEMCPY(keys->aead_enc_imp_IV, keys->client_write_IV, AEAD_IMP_IV_SZ); } if (dec) { - AesGcmSetKey(dec->aes, keys->server_write_key, specs->key_size); + gcmRet = AesGcmSetKey(dec->aes, keys->server_write_key, + specs->key_size); + if (gcmRet != 0) return gcmRet; XMEMCPY(keys->aead_dec_imp_IV, keys->server_write_IV, AEAD_IMP_IV_SZ); } } else { if (enc) { - AesGcmSetKey(enc->aes, keys->server_write_key, specs->key_size); + gcmRet = AesGcmSetKey(enc->aes, keys->server_write_key, + specs->key_size); + if (gcmRet != 0) return gcmRet; XMEMCPY(keys->aead_enc_imp_IV, keys->server_write_IV, AEAD_IMP_IV_SZ); } if (dec) { - AesGcmSetKey(dec->aes, keys->client_write_key, specs->key_size); + gcmRet = AesGcmSetKey(dec->aes, keys->client_write_key, + specs->key_size); + if (gcmRet != 0) return gcmRet; XMEMCPY(keys->aead_dec_imp_IV, keys->client_write_IV, AEAD_IMP_IV_SZ); }