mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 12:20:52 +02:00
Merge pull request #10136 from JeremiahM37/fenrir-issues-2
Fenrir fixes
This commit is contained in:
@@ -210,6 +210,12 @@ int test_wc_CamelliaCbcEncryptDecrypt(void)
|
||||
WC_CAMELLIA_BLOCK_SIZE), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
|
||||
ExpectIntEQ(wc_CamelliaCbcDecrypt(&camellia, dec, NULL,
|
||||
WC_CAMELLIA_BLOCK_SIZE), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
|
||||
|
||||
/* non-block-aligned input rejected with BAD_LENGTH_E */
|
||||
ExpectIntEQ(wc_CamelliaCbcEncrypt(&camellia, enc, plainT,
|
||||
WC_CAMELLIA_BLOCK_SIZE - 1), WC_NO_ERR_TRACE(BAD_LENGTH_E));
|
||||
ExpectIntEQ(wc_CamelliaCbcDecrypt(&camellia, dec, enc,
|
||||
WC_CAMELLIA_BLOCK_SIZE - 1), WC_NO_ERR_TRACE(BAD_LENGTH_E));
|
||||
#endif
|
||||
return EXPECT_RESULT();
|
||||
} /* END test_wc_CamelliaCbcEncryptDecrypt */
|
||||
|
||||
@@ -165,6 +165,16 @@ int test_wc_Des3_CbcEncryptDecrypt(void)
|
||||
ExpectIntEQ(wc_Des3_CbcDecrypt(&des, plain, NULL, 24),
|
||||
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
|
||||
|
||||
#ifndef HAVE_FIPS
|
||||
/* non-block-aligned input rejected with BAD_LENGTH_E.
|
||||
* FIPS builds use the FIPS-certified DES3 implementation which does not
|
||||
* have this check, so skip the test for FIPS. */
|
||||
ExpectIntEQ(wc_Des3_CbcEncrypt(&des, cipher, vector, DES_BLOCK_SIZE - 1),
|
||||
WC_NO_ERR_TRACE(BAD_LENGTH_E));
|
||||
ExpectIntEQ(wc_Des3_CbcDecrypt(&des, plain, cipher, DES_BLOCK_SIZE - 1),
|
||||
WC_NO_ERR_TRACE(BAD_LENGTH_E));
|
||||
#endif
|
||||
|
||||
wc_Des3Free(&des);
|
||||
#endif
|
||||
return EXPECT_RESULT();
|
||||
|
||||
@@ -217,6 +217,12 @@ int test_wc_Rc2CbcEncryptDecrypt(void)
|
||||
/* null input buffer */
|
||||
ExpectIntEQ(wc_Rc2CbcDecrypt(&rc2, plain, NULL, sizeof(output)),
|
||||
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
|
||||
|
||||
/* non-block-aligned input rejected with BAD_LENGTH_E */
|
||||
ExpectIntEQ(wc_Rc2CbcEncrypt(&rc2, cipher, input, RC2_BLOCK_SIZE - 1),
|
||||
WC_NO_ERR_TRACE(BAD_LENGTH_E));
|
||||
ExpectIntEQ(wc_Rc2CbcDecrypt(&rc2, plain, output, RC2_BLOCK_SIZE - 1),
|
||||
WC_NO_ERR_TRACE(BAD_LENGTH_E));
|
||||
#endif
|
||||
return EXPECT_RESULT();
|
||||
} /* END test_wc_Rc2CbcEncryptDecrypt */
|
||||
|
||||
@@ -64,8 +64,7 @@
|
||||
#include <wolfcrypt/src/misc.c>
|
||||
#endif
|
||||
|
||||
/* u32 must be 32bit word */
|
||||
typedef unsigned int u32;
|
||||
typedef word32 u32;
|
||||
typedef unsigned char u8;
|
||||
|
||||
/* key constants */
|
||||
@@ -1591,6 +1590,9 @@ int wc_CamelliaCbcEncrypt(wc_Camellia* cam, byte* out, const byte* in, word32 sz
|
||||
if (cam == NULL || out == NULL || in == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
if (sz % WC_CAMELLIA_BLOCK_SIZE != 0) {
|
||||
return BAD_LENGTH_E;
|
||||
}
|
||||
blocks = sz / WC_CAMELLIA_BLOCK_SIZE;
|
||||
|
||||
while (blocks--) {
|
||||
@@ -1613,6 +1615,9 @@ int wc_CamelliaCbcDecrypt(wc_Camellia* cam, byte* out, const byte* in, word32 sz
|
||||
if (cam == NULL || out == NULL || in == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
if (sz % WC_CAMELLIA_BLOCK_SIZE != 0) {
|
||||
return BAD_LENGTH_E;
|
||||
}
|
||||
blocks = sz / WC_CAMELLIA_BLOCK_SIZE;
|
||||
|
||||
while (blocks--) {
|
||||
|
||||
+14
-2
@@ -174,6 +174,9 @@ int Base64_Decode_nonCT(const byte* in, word32 inLen, byte* out, word32* outLen)
|
||||
int ret;
|
||||
const byte maxIdx = BASE64DECODE_TABLE_SZ + BASE64_MIN - 1;
|
||||
|
||||
if ((in == NULL && inLen > 0) || out == NULL || outLen == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
while (inLen > 3) {
|
||||
int pad3 = 0;
|
||||
int pad4 = 0;
|
||||
@@ -273,6 +276,9 @@ int Base64_Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
|
||||
word32 j = 0;
|
||||
int ret;
|
||||
|
||||
if ((in == NULL && inLen > 0) || out == NULL || outLen == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
while (inLen > 3) {
|
||||
int pad3 = 0;
|
||||
int pad4 = 0;
|
||||
@@ -471,8 +477,14 @@ static int DoBase64_Encode(const byte* in, word32 inLen, byte* out,
|
||||
|
||||
int getSzOnly = (out == NULL);
|
||||
|
||||
word32 outSz = (inLen + 3 - 1) / 3 * 4;
|
||||
word32 addSz = (outSz + BASE64_LINE_SZ - 1) / BASE64_LINE_SZ; /* new lines */
|
||||
word32 outSz;
|
||||
word32 addSz;
|
||||
|
||||
if (in == NULL && inLen > 0)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
outSz = (inLen + 3 - 1) / 3 * 4;
|
||||
addSz = (outSz + BASE64_LINE_SZ - 1) / BASE64_LINE_SZ; /* new lines */
|
||||
|
||||
if (escaped == WC_ESC_NL_ENC)
|
||||
addSz *= 3; /* instead of just \n, we're doing %0A triplet */
|
||||
|
||||
+32
-14
@@ -1234,49 +1234,49 @@
|
||||
|
||||
int wc_Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
|
||||
{
|
||||
word32 blocks = sz / DES_BLOCK_SIZE;
|
||||
|
||||
if (des == NULL || out == NULL || in == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
if (sz % DES_BLOCK_SIZE != 0)
|
||||
return BAD_LENGTH_E;
|
||||
|
||||
return wc_Pic32DesCrypt(des->key, DES_KEYLEN, des->reg, DES_IVLEN,
|
||||
out, in, (blocks * DES_BLOCK_SIZE),
|
||||
out, in, sz,
|
||||
PIC32_ENCRYPTION, PIC32_ALGO_DES, PIC32_CRYPTOALGO_CBC);
|
||||
}
|
||||
|
||||
int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
|
||||
{
|
||||
word32 blocks = sz / DES_BLOCK_SIZE;
|
||||
|
||||
if (des == NULL || out == NULL || in == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
if (sz % DES_BLOCK_SIZE != 0)
|
||||
return BAD_LENGTH_E;
|
||||
|
||||
return wc_Pic32DesCrypt(des->key, DES_KEYLEN, des->reg, DES_IVLEN,
|
||||
out, in, (blocks * DES_BLOCK_SIZE),
|
||||
out, in, sz,
|
||||
PIC32_DECRYPTION, PIC32_ALGO_DES, PIC32_CRYPTOALGO_CBC);
|
||||
}
|
||||
|
||||
int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz)
|
||||
{
|
||||
word32 blocks = sz / DES_BLOCK_SIZE;
|
||||
|
||||
if (des == NULL || out == NULL || in == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
if (sz % DES_BLOCK_SIZE != 0)
|
||||
return BAD_LENGTH_E;
|
||||
|
||||
return wc_Pic32DesCrypt(des->key[0], DES3_KEYLEN, des->reg, DES3_IVLEN,
|
||||
out, in, (blocks * DES_BLOCK_SIZE),
|
||||
out, in, sz,
|
||||
PIC32_ENCRYPTION, PIC32_ALGO_TDES, PIC32_CRYPTOALGO_TCBC);
|
||||
}
|
||||
|
||||
int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz)
|
||||
{
|
||||
word32 blocks = sz / DES_BLOCK_SIZE;
|
||||
|
||||
if (des == NULL || out == NULL || in == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
if (sz % DES_BLOCK_SIZE != 0)
|
||||
return BAD_LENGTH_E;
|
||||
|
||||
return wc_Pic32DesCrypt(des->key[0], DES3_KEYLEN, des->reg, DES3_IVLEN,
|
||||
out, in, (blocks * DES_BLOCK_SIZE),
|
||||
out, in, sz,
|
||||
PIC32_DECRYPTION, PIC32_ALGO_TDES, PIC32_CRYPTOALGO_TCBC);
|
||||
}
|
||||
|
||||
@@ -1734,12 +1734,17 @@
|
||||
|
||||
int wc_Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
|
||||
{
|
||||
word32 blocks = sz / DES_BLOCK_SIZE;
|
||||
word32 blocks;
|
||||
|
||||
if (des == NULL || out == NULL || in == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if (sz % DES_BLOCK_SIZE != 0) {
|
||||
return BAD_LENGTH_E;
|
||||
}
|
||||
|
||||
blocks = sz / DES_BLOCK_SIZE;
|
||||
while (blocks--) {
|
||||
xorbuf((byte*)des->reg, in, DES_BLOCK_SIZE);
|
||||
DesProcessBlock(des, (byte*)des->reg, (byte*)des->reg);
|
||||
@@ -1753,12 +1758,17 @@
|
||||
|
||||
int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
|
||||
{
|
||||
word32 blocks = sz / DES_BLOCK_SIZE;
|
||||
word32 blocks;
|
||||
|
||||
if (des == NULL || out == NULL || in == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if (sz % DES_BLOCK_SIZE != 0) {
|
||||
return BAD_LENGTH_E;
|
||||
}
|
||||
|
||||
blocks = sz / DES_BLOCK_SIZE;
|
||||
while (blocks--) {
|
||||
XMEMCPY(des->tmp, in, DES_BLOCK_SIZE);
|
||||
DesProcessBlock(des, (byte*)des->tmp, out);
|
||||
@@ -1779,6 +1789,10 @@
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if (sz % DES_BLOCK_SIZE != 0) {
|
||||
return BAD_LENGTH_E;
|
||||
}
|
||||
|
||||
#ifdef WOLF_CRYPTO_CB
|
||||
if (des->devId != INVALID_DEVID) {
|
||||
int ret = wc_CryptoCb_Des3Encrypt(des, out, in, sz);
|
||||
@@ -1830,6 +1844,10 @@
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if (sz % DES_BLOCK_SIZE != 0) {
|
||||
return BAD_LENGTH_E;
|
||||
}
|
||||
|
||||
#ifdef WOLF_CRYPTO_CB
|
||||
if (des->devId != INVALID_DEVID) {
|
||||
int ret = wc_CryptoCb_Des3Decrypt(des, out, in, sz);
|
||||
|
||||
@@ -496,8 +496,8 @@ int wc_RNG_DRBG_Reseed(WC_RNG* rng, const byte* seed, word32 seedSz)
|
||||
/* using RDRAND not DRBG, so return success */
|
||||
return 0;
|
||||
}
|
||||
return BAD_FUNC_ARG;
|
||||
#endif
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
return Hash_DRBG_Reseed((DRBG_internal *)rng->drbg, seed, seedSz);
|
||||
|
||||
+14
-2
@@ -279,7 +279,7 @@ int wc_Rc2EcbDecrypt(Rc2* rc2, byte* out, const byte* in, word32 sz)
|
||||
int wc_Rc2CbcEncrypt(Rc2* rc2, byte* out, const byte* in, word32 sz)
|
||||
{
|
||||
int ret;
|
||||
word32 blocks = (sz / RC2_BLOCK_SIZE);
|
||||
word32 blocks;
|
||||
|
||||
if (rc2 == NULL || out == NULL || in == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
@@ -289,6 +289,12 @@ int wc_Rc2CbcEncrypt(Rc2* rc2, byte* out, const byte* in, word32 sz)
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (sz % RC2_BLOCK_SIZE != 0) {
|
||||
return BAD_LENGTH_E;
|
||||
}
|
||||
|
||||
blocks = sz / RC2_BLOCK_SIZE;
|
||||
|
||||
while (blocks--) {
|
||||
xorbuf((byte*)rc2->reg, in, RC2_BLOCK_SIZE);
|
||||
ret = wc_Rc2EcbEncrypt(rc2, (byte*)rc2->reg, (byte*)rc2->reg,
|
||||
@@ -308,7 +314,7 @@ int wc_Rc2CbcEncrypt(Rc2* rc2, byte* out, const byte* in, word32 sz)
|
||||
int wc_Rc2CbcDecrypt(Rc2* rc2, byte* out, const byte* in, word32 sz)
|
||||
{
|
||||
int ret;
|
||||
word32 blocks = (sz / RC2_BLOCK_SIZE);
|
||||
word32 blocks;
|
||||
|
||||
if (rc2 == NULL || out == NULL || in == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
@@ -318,6 +324,12 @@ int wc_Rc2CbcDecrypt(Rc2* rc2, byte* out, const byte* in, word32 sz)
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (sz % RC2_BLOCK_SIZE != 0) {
|
||||
return BAD_LENGTH_E;
|
||||
}
|
||||
|
||||
blocks = sz / RC2_BLOCK_SIZE;
|
||||
|
||||
while (blocks--) {
|
||||
XMEMCPY(rc2->tmp, in, RC2_BLOCK_SIZE);
|
||||
ret = wc_Rc2EcbDecrypt(rc2, out, (byte*)rc2->tmp, RC2_BLOCK_SIZE);
|
||||
|
||||
+3
-1
@@ -270,11 +270,13 @@ RsaKey* wc_NewRsaKey_Label(const char* label, void* heap, int devId,
|
||||
|
||||
int wc_DeleteRsaKey(RsaKey* key, RsaKey** key_p)
|
||||
{
|
||||
void* heap;
|
||||
if (key == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
heap = key->heap;
|
||||
wc_FreeRsaKey(key);
|
||||
XFREE(key, key->heap, DYNAMIC_TYPE_RSA);
|
||||
XFREE(key, heap, DYNAMIC_TYPE_RSA);
|
||||
if (key_p != NULL) {
|
||||
*key_p = NULL;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user