From d4428ebc0c3e888d29fc265c55a58685b665230d Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Wed, 29 Jan 2020 11:23:54 -0700 Subject: [PATCH] add EVP cfb1 test and update some EVP code --- src/ssl.c | 21 +++++++++++-------- wolfcrypt/src/evp.c | 48 +++++++++++++++++++++++++++++++++++++++++++ wolfcrypt/test/test.c | 15 ++++++++++---- 3 files changed, 71 insertions(+), 13 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 0f928be97..6c02976db 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -4207,6 +4207,9 @@ const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_get_cipherbynid(int id) static char *EVP_AES_256_ECB; #endif static const int EVP_AES_SIZE = 11; + #ifdef WOLFSSL_AES_CFB + static const int EVP_AESCFB_SIZE = 14; + #endif #endif #endif @@ -17450,7 +17453,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) #ifdef WOLFSSL_AES_CFB #ifdef WOLFSSL_AES_128 if (ctx->cipherType == AES_128_CFB1_TYPE || - (type && XSTRNCMP(type, EVP_AES_128_CFB1, EVP_AES_SIZE) == 0)) { + (type && XSTRNCMP(type, EVP_AES_128_CFB1, EVP_AESCFB_SIZE) == 0)) { WOLFSSL_MSG("EVP_AES_128_CFB1"); ctx->cipherType = AES_128_CFB1_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -17474,7 +17477,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) #endif /* WOLFSSL_AES_128 */ #ifdef WOLFSSL_AES_192 if (ctx->cipherType == AES_192_CFB1_TYPE || - (type && XSTRNCMP(type, EVP_AES_192_CFB1, EVP_AES_SIZE) == 0)) { + (type && XSTRNCMP(type, EVP_AES_192_CFB1, EVP_AESCFB_SIZE) == 0)) { WOLFSSL_MSG("EVP_AES_192_CFB1"); ctx->cipherType = AES_192_CFB1_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -17498,7 +17501,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) #endif /* WOLFSSL_AES_192 */ #ifdef WOLFSSL_AES_256 if (ctx->cipherType == AES_256_CFB1_TYPE || - (type && XSTRNCMP(type, EVP_AES_256_CFB1, EVP_AES_SIZE) == 0)) { + (type && XSTRNCMP(type, EVP_AES_256_CFB1, EVP_AESCFB_SIZE) == 0)) { WOLFSSL_MSG("EVP_AES_256_CFB1"); ctx->cipherType = AES_256_CFB1_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -17526,7 +17529,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) #endif /* WOLFSSL_AES_256 */ #ifdef WOLFSSL_AES_128 if (ctx->cipherType == AES_128_CFB8_TYPE || - (type && XSTRNCMP(type, EVP_AES_128_CFB8, EVP_AES_SIZE) == 0)) { + (type && XSTRNCMP(type, EVP_AES_128_CFB8, EVP_AESCFB_SIZE) == 0)) { WOLFSSL_MSG("EVP_AES_128_CFB8"); ctx->cipherType = AES_128_CFB8_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -17550,7 +17553,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) #endif /* WOLFSSL_AES_128 */ #ifdef WOLFSSL_AES_192 if (ctx->cipherType == AES_192_CFB8_TYPE || - (type && XSTRNCMP(type, EVP_AES_192_CFB8, EVP_AES_SIZE) == 0)) { + (type && XSTRNCMP(type, EVP_AES_192_CFB8, EVP_AESCFB_SIZE) == 0)) { WOLFSSL_MSG("EVP_AES_192_CFB8"); ctx->cipherType = AES_192_CFB8_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -17574,7 +17577,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) #endif /* WOLFSSL_AES_192 */ #ifdef WOLFSSL_AES_256 if (ctx->cipherType == AES_256_CFB8_TYPE || - (type && XSTRNCMP(type, EVP_AES_256_CFB8, EVP_AES_SIZE) == 0)) { + (type && XSTRNCMP(type, EVP_AES_256_CFB8, EVP_AESCFB_SIZE) == 0)) { WOLFSSL_MSG("EVP_AES_256_CFB8"); ctx->cipherType = AES_256_CFB8_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -17602,7 +17605,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) #endif /* WOLFSSL_AES_256 */ #ifdef WOLFSSL_AES_128 if (ctx->cipherType == AES_128_CFB128_TYPE || - (type && XSTRNCMP(type, EVP_AES_128_CFB128, EVP_AES_SIZE) == 0)) { + (type && XSTRNCMP(type, EVP_AES_128_CFB128, EVP_AESCFB_SIZE) == 0)) { WOLFSSL_MSG("EVP_AES_128_CFB128"); ctx->cipherType = AES_128_CFB128_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -17626,7 +17629,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) #endif /* WOLFSSL_AES_128 */ #ifdef WOLFSSL_AES_192 if (ctx->cipherType == AES_192_CFB128_TYPE || - (type && XSTRNCMP(type, EVP_AES_192_CFB128, EVP_AES_SIZE) == 0)) { + (type && XSTRNCMP(type, EVP_AES_192_CFB128, EVP_AESCFB_SIZE) == 0)) { WOLFSSL_MSG("EVP_AES_192_CFB128"); ctx->cipherType = AES_192_CFB128_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; @@ -17650,7 +17653,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) #endif /* WOLFSSL_AES_192 */ #ifdef WOLFSSL_AES_256 if (ctx->cipherType == AES_256_CFB128_TYPE || - (type && XSTRNCMP(type, EVP_AES_256_CFB128, EVP_AES_SIZE) == 0)) { + (type && XSTRNCMP(type, EVP_AES_256_CFB128, EVP_AESCFB_SIZE) == 0)) { WOLFSSL_MSG("EVP_AES_256_CFB128"); ctx->cipherType = AES_256_CFB128_TYPE; ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE; diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c index ec10dc2a5..cb8c272ca 100644 --- a/wolfcrypt/src/evp.c +++ b/wolfcrypt/src/evp.c @@ -859,6 +859,54 @@ static unsigned int cipherType(const WOLFSSL_EVP_CIPHER *cipher) return AES_256_ECB_TYPE; #endif #endif /*HAVE_AES_CBC */ + #if defined(WOLFSSL_AES_XTS) + #ifdef WOLFSSL_AES_128 + else if (XSTRNCMP(cipher, EVP_AES_128_XTS, EVP_AES_SIZE) == 0) + return AES_128_XTS_TYPE; + #endif + #ifdef WOLFSSL_AES_256 + else if (XSTRNCMP(cipher, EVP_AES_256_XTS, EVP_AES_SIZE) == 0) + return AES_256_XTS_TYPE; + #endif + #endif /* WOLFSSL_AES_XTS */ + #if defined(WOLFSSL_AES_CFB) + #ifdef WOLFSSL_AES_128 + else if (XSTRNCMP(cipher, EVP_AES_128_CFB1, EVP_AESCFB_SIZE) == 0) + return AES_128_CFB1_TYPE; + #endif + #ifdef WOLFSSL_AES_192 + else if (XSTRNCMP(cipher, EVP_AES_192_CFB1, EVP_AESCFB_SIZE) == 0) + return AES_192_CFB1_TYPE; + #endif + #ifdef WOLFSSL_AES_256 + else if (XSTRNCMP(cipher, EVP_AES_256_CFB1, EVP_AESCFB_SIZE) == 0) + return AES_256_CFB1_TYPE; + #endif + #ifdef WOLFSSL_AES_128 + else if (XSTRNCMP(cipher, EVP_AES_128_CFB8, EVP_AESCFB_SIZE) == 0) + return AES_128_CFB8_TYPE; + #endif + #ifdef WOLFSSL_AES_192 + else if (XSTRNCMP(cipher, EVP_AES_192_CFB8, EVP_AESCFB_SIZE) == 0) + return AES_192_CFB8_TYPE; + #endif + #ifdef WOLFSSL_AES_256 + else if (XSTRNCMP(cipher, EVP_AES_256_CFB8, EVP_AESCFB_SIZE) == 0) + return AES_256_CFB8_TYPE; + #endif + #ifdef WOLFSSL_AES_128 + else if (XSTRNCMP(cipher, EVP_AES_128_CFB128, EVP_AESCFB_SIZE) == 0) + return AES_128_CFB128_TYPE; + #endif + #ifdef WOLFSSL_AES_192 + else if (XSTRNCMP(cipher, EVP_AES_192_CFB128, EVP_AESCFB_SIZE) == 0) + return AES_192_CFB128_TYPE; + #endif + #ifdef WOLFSSL_AES_256 + else if (XSTRNCMP(cipher, EVP_AES_256_CFB128, EVP_AESCFB_SIZE) == 0) + return AES_256_CFB128_TYPE; + #endif + #endif /*HAVE_AES_CBC */ #endif /* !NO_AES */ else return 0; } diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index b2ac1b03c..20bdb47dc 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -5629,7 +5629,7 @@ static int EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, goto EVP_TEST_END; } - if (EVP_CipherUpdate(&ctx, cipher, &idx, plain, plainSz) == 0) { + if (EVP_CipherUpdate(&ctx, cipher, &idx, plain, expectedSz) == 0) { ret = -8002; goto EVP_TEST_END; } @@ -5641,7 +5641,7 @@ static int EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, } cipherSz += idx; - if (XMEMCMP(cipher, expected, expectedSz)) { + if (XMEMCMP(cipher, expected, plainSz)) { ret = -8004; goto EVP_TEST_END; } @@ -5653,7 +5653,7 @@ static int EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, goto EVP_TEST_END; } - if (EVP_CipherUpdate(&ctx, cipher, &idx, cipher, cipherSz) == 0) { + if (EVP_CipherUpdate(&ctx, cipher, &idx, cipher, expectedSz) == 0) { ret = -8006; goto EVP_TEST_END; } @@ -5665,7 +5665,7 @@ static int EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, } cipherSz += idx; - if ((plainSz != cipherSz) || XMEMCMP(plain, cipher, cipherSz)) { + if ((expectedSz != cipherSz) || XMEMCMP(plain, cipher, plainSz)) { ret = -8008; goto EVP_TEST_END; } @@ -6330,6 +6330,13 @@ EVP_TEST_END: #ifdef WOLFSSL_AES_128 /* 128 key tests */ + #ifdef OPENSSL_EXTRA + ret = EVP_test(EVP_aes_128_cfb1(), key1, iv, msg1, sizeof(msg1), + cipher1, 2); + if (ret != 0) { + return ret; + } + #endif ret = wc_AesSetKey(&enc, key1, AES_BLOCK_SIZE, iv, AES_ENCRYPTION); if (ret != 0) return -4741;