diff --git a/tests/api.c b/tests/api.c index 1459c2e80..9ee5410db 100644 --- a/tests/api.c +++ b/tests/api.c @@ -43396,6 +43396,8 @@ static int test_wolfSSL_EVP_Cipher_extra(void) AssertNotNull(evp = EVP_CIPHER_CTX_new()); AssertIntNE((ret = EVP_CipherInit(evp, type, NULL, iv, 0)), 0); + AssertIntEQ(EVP_CIPHER_CTX_nid(evp), NID_aes_128_cbc); + klen = EVP_CIPHER_CTX_key_length(evp); if (klen > 0 && keylen != klen) { AssertIntNE(EVP_CIPHER_CTX_set_key_length(evp, keylen), 0); diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c index cfc03e282..4fc934336 100644 --- a/wolfcrypt/src/evp.c +++ b/wolfcrypt/src/evp.c @@ -6908,6 +6908,87 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) return WOLFSSL_SUCCESS; } + + int wolfSSL_EVP_CIPHER_CTX_nid(const WOLFSSL_EVP_CIPHER_CTX *ctx) + { + WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_nid"); + if (ctx == NULL) { + WOLFSSL_ERROR_MSG("Bad parameters"); + return NID_undef; + } + + switch (ctx->cipherType) { +#ifndef NO_AES +#if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT) + case AES_128_CBC_TYPE : + return NID_aes_128_cbc; + case AES_192_CBC_TYPE : + return NID_aes_192_cbc; + case AES_256_CBC_TYPE : + return NID_aes_256_cbc; +#endif +#ifdef HAVE_AESGCM + case AES_128_GCM_TYPE : + return NID_aes_128_gcm; + case AES_192_GCM_TYPE : + return NID_aes_192_gcm; + case AES_256_GCM_TYPE : + return NID_aes_256_gcm; +#endif +#ifdef HAVE_AES_ECB + case AES_128_ECB_TYPE : + return NID_aes_128_ecb; + case AES_192_ECB_TYPE : + return NID_aes_192_ecb; + case AES_256_ECB_TYPE : + return NID_aes_256_ecb; +#endif +#ifdef WOLFSSL_AES_COUNTER + case AES_128_CTR_TYPE : + return NID_aes_128_ctr; + case AES_192_CTR_TYPE : + return NID_aes_192_ctr; + case AES_256_CTR_TYPE : + return NID_aes_256_ctr; +#endif + +#endif /* NO_AES */ + +#ifndef NO_DES3 + case DES_CBC_TYPE : + return NID_des_cbc; + + case DES_EDE3_CBC_TYPE : + return NID_des_ede3_cbc; +#endif +#ifdef WOLFSSL_DES_ECB + case DES_ECB_TYPE : + return NID_des_ecb; + case DES_EDE3_ECB_TYPE : + return NID_des_ede3_ecb; +#endif + + case ARC4_TYPE : + return NID_rc4; + +#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) + case CHACHA20_POLY1305_TYPE: + return NID_chacha20_poly1305; +#endif + +#ifdef HAVE_CHACHA + case CHACHA20_TYPE: + return NID_chacha20; +#endif + + case NULL_CIPHER_TYPE : + WOLFSSL_ERROR_MSG("Null cipher has no NID"); + FALL_THROUGH; + default: + return NID_undef; + } + } + /* WOLFSSL_SUCCESS on ok */ int wolfSSL_EVP_CIPHER_CTX_key_length(WOLFSSL_EVP_CIPHER_CTX* ctx) { diff --git a/wolfssl/openssl/evp.h b/wolfssl/openssl/evp.h index 32f7f461f..1fb6cd211 100644 --- a/wolfssl/openssl/evp.h +++ b/wolfssl/openssl/evp.h @@ -223,6 +223,135 @@ typedef union { } WOLFSSL_Cipher; #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) + +#define NID_aes_128_cbc 419 +#define NID_aes_192_cbc 423 +#define NID_aes_256_cbc 427 +#define NID_aes_128_ccm 896 +#define NID_aes_256_ccm 902 +#define NID_aes_128_gcm 895 +#define NID_aes_192_gcm 898 +#define NID_aes_256_gcm 901 +#define NID_aes_128_ctr 904 +#define NID_aes_192_ctr 905 +#define NID_aes_256_ctr 906 +#define NID_aes_128_ecb 418 +#define NID_aes_192_ecb 422 +#define NID_aes_256_ecb 426 +#define NID_des_cbc 31 +#define NID_des_ecb 29 +#define NID_des_ede3_cbc 44 +#define NID_des_ede3_ecb 33 +#define NID_aes_128_cfb1 650 +#define NID_aes_192_cfb1 651 +#define NID_aes_256_cfb1 652 +#define NID_aes_128_cfb8 653 +#define NID_aes_192_cfb8 654 +#define NID_aes_256_cfb8 655 +#define NID_aes_128_cfb128 421 +#define NID_aes_192_cfb128 425 +#define NID_aes_256_cfb128 429 +#define NID_aes_128_ofb 420 +#define NID_aes_192_ofb 424 +#define NID_aes_256_ofb 428 +#define NID_aes_128_xts 913 +#define NID_aes_256_xts 914 +#define NID_camellia_128_cbc 751 +#define NID_camellia_256_cbc 753 +#define NID_chacha20_poly1305 1018 +#define NID_chacha20 1019 +#define NID_md5WithRSA 104 +#define NID_md2WithRSAEncryption 9 +#define NID_md5WithRSAEncryption 99 +#define NID_dsaWithSHA1 113 +#define NID_dsaWithSHA1_2 70 +#define NID_sha1WithRSA 115 +#define NID_sha1WithRSAEncryption 65 +#define NID_sha224WithRSAEncryption 671 +#define NID_sha256WithRSAEncryption 668 +#define NID_sha384WithRSAEncryption 669 +#define NID_sha512WithRSAEncryption 670 +#define NID_RSA_SHA3_224 1116 +#define NID_RSA_SHA3_256 1117 +#define NID_RSA_SHA3_384 1118 +#define NID_RSA_SHA3_512 1119 +#define NID_ecdsa_with_SHA1 416 +#define NID_ecdsa_with_SHA224 793 +#define NID_ecdsa_with_SHA256 794 +#define NID_ecdsa_with_SHA384 795 +#define NID_ecdsa_with_SHA512 796 +#define NID_ecdsa_with_SHA3_224 1112 +#define NID_ecdsa_with_SHA3_256 1113 +#define NID_ecdsa_with_SHA3_384 1114 +#define NID_ecdsa_with_SHA3_512 1115 +#define NID_dsa_with_SHA224 802 +#define NID_dsa_with_SHA256 803 +#define NID_sha3_224 1096 +#define NID_sha3_256 1097 +#define NID_sha3_384 1098 +#define NID_sha3_512 1099 +#define NID_blake2b512 1056 +#define NID_blake2s256 1057 +#define NID_shake128 1100 +#define NID_shake256 1101 +#define NID_sha1 64 +#define NID_sha224 675 +#define NID_md2 77 +#define NID_md4 257 +#define NID_md5 40 +#define NID_hmac 855 +#define NID_hmacWithSHA1 163 +#define NID_hmacWithSHA224 798 +#define NID_hmacWithSHA256 799 +#define NID_hmacWithSHA384 800 +#define NID_hmacWithSHA512 801 +#define NID_hkdf 1036 +#define NID_cmac 894 +#define NID_dhKeyAgreement 28 +#define NID_ffdhe2048 1126 +#define NID_ffdhe3072 1127 +#define NID_ffdhe4096 1128 +#define NID_rc4 5 +#define NID_bf_cbc 91 +#define NID_bf_ecb 92 +#define NID_bf_cfb64 93 +#define NID_bf_ofb64 94 +#define NID_cast5_cbc 108 +#define NID_cast5_ecb 109 +#define NID_cast5_cfb64 110 +#define NID_cast5_ofb64 111 +/* key exchange */ +#define NID_kx_rsa 1037 +#define NID_kx_ecdhe 1038 +#define NID_kx_dhe 1039 +#define NID_kx_ecdhe_psk 1040 +#define NID_kx_dhe_psk 1041 +#define NID_kx_rsa_psk 1042 +#define NID_kx_psk 1043 +#define NID_kx_srp 1044 +#define NID_kx_gost 1045 +#define NID_kx_any 1063 +/* server authentication */ +#define NID_auth_rsa 1046 +#define NID_auth_ecdsa 1047 +#define NID_auth_psk 1048 +#define NID_auth_dss 1049 +#define NID_auth_srp 1052 +#define NID_auth_null 1054 +#define NID_auth_any 1055 + +#define NID_X9_62_id_ecPublicKey EVP_PKEY_EC +#define NID_rsaEncryption EVP_PKEY_RSA +#define NID_dsa EVP_PKEY_DSA + +#define EVP_PKEY_OP_SIGN (1 << 3) +#define EVP_PKEY_OP_VERIFY (1 << 5) +#define EVP_PKEY_OP_ENCRYPT (1 << 6) +#define EVP_PKEY_OP_DECRYPT (1 << 7) +#define EVP_PKEY_OP_DERIVE (1 << 8) + +#define EVP_PKEY_PRINT_INDENT_MAX 128 + enum { AES_128_CBC_TYPE = 1, AES_192_CBC_TYPE = 2, @@ -245,32 +374,6 @@ enum { AES_128_GCM_TYPE = 21, AES_192_GCM_TYPE = 22, AES_256_GCM_TYPE = 23, - NID_sha1 = 64, - NID_sha224 = 675, - NID_md2 = 77, - NID_md4 = 257, - NID_md5 = 40, - NID_hmac = 855, - NID_hmacWithSHA1 = 163, - NID_hmacWithSHA224 = 798, - NID_hmacWithSHA256 = 799, - NID_hmacWithSHA384 = 800, - NID_hmacWithSHA512 = 801, - NID_hkdf = 1036, - NID_cmac = 894, - NID_dhKeyAgreement= 28, - NID_ffdhe2048 = 1126, - NID_ffdhe3072 = 1127, - NID_ffdhe4096 = 1128, - NID_rc4 = 5, - NID_bf_cbc = 91, - NID_bf_ecb = 92, - NID_bf_cfb64 = 93, - NID_bf_ofb64 = 94, - NID_cast5_cbc = 108, - NID_cast5_ecb = 109, - NID_cast5_cfb64 = 110, - NID_cast5_ofb64 = 111, EVP_PKEY_DH = NID_dhKeyAgreement, EVP_PKEY_HMAC = NID_hmac, EVP_PKEY_CMAC = NID_cmac, @@ -295,119 +398,6 @@ enum { CHACHA20_TYPE = 39 }; -enum { - NID_md5WithRSA = 104, - NID_md2WithRSAEncryption = 9, - NID_md5WithRSAEncryption = 99, - NID_dsaWithSHA1 = 113, - NID_dsaWithSHA1_2 = 70, - NID_sha1WithRSA = 115, - NID_sha1WithRSAEncryption = 65, - NID_sha224WithRSAEncryption = 671, - NID_sha256WithRSAEncryption = 668, - NID_sha384WithRSAEncryption = 669, - NID_sha512WithRSAEncryption = 670, - NID_RSA_SHA3_224 = 1116, - NID_RSA_SHA3_256 = 1117, - NID_RSA_SHA3_384 = 1118, - NID_RSA_SHA3_512 = 1119, - NID_ecdsa_with_SHA1 = 416, - NID_ecdsa_with_SHA224 = 793, - NID_ecdsa_with_SHA256 = 794, - NID_ecdsa_with_SHA384 = 795, - NID_ecdsa_with_SHA512 = 796, - NID_ecdsa_with_SHA3_224 = 1112, - NID_ecdsa_with_SHA3_256 = 1113, - NID_ecdsa_with_SHA3_384 = 1114, - NID_ecdsa_with_SHA3_512 = 1115, - NID_dsa_with_SHA224 = 802, - NID_dsa_with_SHA256 = 803, - NID_sha3_224 = 1096, - NID_sha3_256 = 1097, - NID_sha3_384 = 1098, - NID_sha3_512 = 1099, - NID_blake2b512 = 1056, - NID_blake2s256 = 1057, - NID_shake128 = 1100, - NID_shake256 = 1101, -}; - -enum { - NID_aes_128_cbc = 419, - NID_aes_192_cbc = 423, - NID_aes_256_cbc = 427, - NID_aes_128_ccm = 896, - NID_aes_256_ccm = 902, - NID_aes_128_gcm = 895, - NID_aes_192_gcm = 898, - NID_aes_256_gcm = 901, - NID_aes_128_ctr = 904, - NID_aes_192_ctr = 905, - NID_aes_256_ctr = 906, - NID_aes_128_ecb = 418, - NID_aes_192_ecb = 422, - NID_aes_256_ecb = 426, - NID_des_cbc = 31, - NID_des_ecb = 29, - NID_des_ede3_cbc= 44, - NID_des_ede3_ecb= 33, - NID_aes_128_cfb1= 650, - NID_aes_192_cfb1= 651, - NID_aes_256_cfb1= 652, - NID_aes_128_cfb8= 653, - NID_aes_192_cfb8= 654, - NID_aes_256_cfb8= 655, - NID_aes_128_cfb128 = 421, - NID_aes_192_cfb128 = 425, - NID_aes_256_cfb128 = 429, - NID_aes_128_ofb = 420, - NID_aes_192_ofb = 424, - NID_aes_256_ofb = 428, - NID_aes_128_xts = 913, - NID_aes_256_xts = 914, - NID_camellia_128_cbc = 751, - NID_camellia_256_cbc = 753, - NID_chacha20_poly1305 = 1018, - NID_chacha20 = 1019 -}; - -enum { - /* key exchange */ - NID_kx_rsa = 1037, - NID_kx_ecdhe = 1038, - NID_kx_dhe = 1039, - NID_kx_ecdhe_psk= 1040, - NID_kx_dhe_psk = 1041, - NID_kx_rsa_psk= 1042, - NID_kx_psk = 1043, - NID_kx_srp = 1044, - NID_kx_gost = 1045, - NID_kx_any = 1063, - - /* server authentication */ - NID_auth_rsa = 1046, - NID_auth_ecdsa = 1047, - NID_auth_psk = 1048, - NID_auth_dss = 1049, - NID_auth_srp = 1052, - NID_auth_null = 1054, - NID_auth_any = 1055 - -}; - -#define NID_X9_62_id_ecPublicKey EVP_PKEY_EC -#define NID_dhKeyAgreement EVP_PKEY_DH -#define NID_rsaEncryption EVP_PKEY_RSA -#define NID_dsa EVP_PKEY_DSA - -#define EVP_PKEY_OP_SIGN (1 << 3) -#define EVP_PKEY_OP_VERIFY (1 << 5) -#define EVP_PKEY_OP_ENCRYPT (1 << 6) -#define EVP_PKEY_OP_DECRYPT (1 << 7) -#define EVP_PKEY_OP_DERIVE (1 << 8) - -#define EVP_PKEY_PRINT_INDENT_MAX 128 - #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ @@ -595,6 +585,7 @@ WOLFSSL_API int wolfSSL_EVP_DecryptFinal_legacy(WOLFSSL_EVP_CIPHER_CTX *ctx, WOLFSSL_API WOLFSSL_EVP_CIPHER_CTX *wolfSSL_EVP_CIPHER_CTX_new(void); WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_free(WOLFSSL_EVP_CIPHER_CTX *ctx); WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_reset(WOLFSSL_EVP_CIPHER_CTX *ctx); +WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_nid(const WOLFSSL_EVP_CIPHER_CTX *ctx); WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_key_length(WOLFSSL_EVP_CIPHER_CTX* ctx); WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_set_key_length(WOLFSSL_EVP_CIPHER_CTX* ctx, int keylen); @@ -957,6 +948,7 @@ WOLFSSL_API int wolfSSL_EVP_SignInit_ex(WOLFSSL_EVP_MD_CTX* ctx, #define EVP_CIPHER_CTX_init wolfSSL_EVP_CIPHER_CTX_init #define EVP_CIPHER_CTX_cleanup wolfSSL_EVP_CIPHER_CTX_cleanup #define EVP_CIPHER_CTX_iv_length wolfSSL_EVP_CIPHER_CTX_iv_length +#define EVP_CIPHER_CTX_nid wolfSSL_EVP_CIPHER_CTX_nid #define EVP_CIPHER_CTX_key_length wolfSSL_EVP_CIPHER_CTX_key_length #define EVP_CIPHER_CTX_set_key_length wolfSSL_EVP_CIPHER_CTX_set_key_length #define EVP_CIPHER_CTX_set_iv_length wolfSSL_EVP_CIPHER_CTX_set_iv_length diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h index b8baf24cc..2fc65981b 100644 --- a/wolfssl/wolfcrypt/asn.h +++ b/wolfssl/wolfcrypt/asn.h @@ -755,75 +755,72 @@ extern const WOLFSSL_ObjectInfo wolfssl_object_info[]; #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) /* NIDs */ -enum -{ - NID_undef = 0, - NID_netscape_cert_type = NID_undef, - NID_des = 66, - NID_des3 = 67, - NID_sha256 = 672, - NID_sha384 = 673, - NID_sha512 = 674, - NID_sha512_224 = 1094, - NID_sha512_256 = 1095, - NID_pkcs7_signed = 22, - NID_pkcs7_enveloped = 23, - NID_pkcs7_signedAndEnveloped = 24, - NID_pkcs9_unstructuredName = 49, - NID_pkcs9_contentType = 50, /* 1.2.840.113549.1.9.3 */ - NID_pkcs9_challengePassword = 54, - NID_hw_name_oid = 73, - NID_id_pkix_OCSP_basic = 74, - NID_any_policy = 75, - NID_anyExtendedKeyUsage = 76, - NID_givenName = 99, /* 2.5.4.42 */ - NID_initials = 101, /* 2.5.4.43 */ - NID_title = 106, - NID_description = 107, - NID_basic_constraints = 133, - NID_key_usage = 129, /* 2.5.29.15 */ - NID_ext_key_usage = 151, /* 2.5.29.37 */ - NID_subject_key_identifier = 128, - NID_authority_key_identifier = 149, - NID_private_key_usage_period = 130, /* 2.5.29.16 */ - NID_subject_alt_name = 131, - NID_issuer_alt_name = 132, - NID_info_access = 69, - NID_sinfo_access = 79, /* id-pe 11 */ - NID_name_constraints = 144, /* 2.5.29.30 */ - NID_crl_distribution_points = 145, /* 2.5.29.31 */ - NID_certificate_policies = 146, - NID_policy_mappings = 147, - NID_policy_constraints = 150, - NID_inhibit_any_policy = 168, /* 2.5.29.54 */ - NID_tlsfeature = 1020, /* id-pe 24 */ - NID_buildingName = 1494, +#define NID_undef 0 +#define NID_netscape_cert_type NID_undef +#define NID_des 66 +#define NID_des3 67 +#define NID_sha256 672 +#define NID_sha384 673 +#define NID_sha512 674 +#define NID_sha512_224 1094 +#define NID_sha512_256 1095 +#define NID_pkcs7_signed 22 +#define NID_pkcs7_enveloped 23 +#define NID_pkcs7_signedAndEnveloped 24 +#define NID_pkcs9_unstructuredName 49 +#define NID_pkcs9_contentType 50 /* 1.2.840.113549.1.9.3 */ +#define NID_pkcs9_challengePassword 54 +#define NID_hw_name_oid 73 +#define NID_id_pkix_OCSP_basic 74 +#define NID_any_policy 75 +#define NID_anyExtendedKeyUsage 76 +#define NID_givenName 99 /* 2.5.4.42 */ +#define NID_initials 101 /* 2.5.4.43 */ +#define NID_title 106 +#define NID_description 107 +#define NID_basic_constraints 133 +#define NID_key_usage 129 /* 2.5.29.15 */ +#define NID_ext_key_usage 151 /* 2.5.29.37 */ +#define NID_subject_key_identifier 128 +#define NID_authority_key_identifier 149 +#define NID_private_key_usage_period 130 /* 2.5.29.16 */ +#define NID_subject_alt_name 131 +#define NID_issuer_alt_name 132 +#define NID_info_access 69 +#define NID_sinfo_access 79 /* id-pe 11 */ +#define NID_name_constraints 144 /* 2.5.29.30 */ +#define NID_crl_distribution_points 145 /* 2.5.29.31 */ +#define NID_certificate_policies 146 +#define NID_policy_mappings 147 +#define NID_policy_constraints 150 +#define NID_inhibit_any_policy 168 /* 2.5.29.54 */ +#define NID_tlsfeature 1020 /* id-pe 24 */ +#define NID_buildingName 1494 - NID_dnQualifier = 174, /* 2.5.4.46 */ - NID_commonName = 14, /* CN Changed to not conflict - * with PBE_SHA1_DES3 */ - NID_name = 173, /* N , OID = 2.5.4.41 */ - NID_surname = 0x04, /* SN */ - NID_serialNumber = 0x05, /* serialNumber */ - NID_countryName = 0x06, /* C */ - NID_localityName = 0x07, /* L */ - NID_stateOrProvinceName = 0x08, /* ST */ - NID_streetAddress = ASN_STREET_ADDR, /* street */ - NID_organizationName = 0x0a, /* O */ - NID_organizationalUnitName = 0x0b, /* OU */ - NID_jurisdictionCountryName = 0xc, - NID_jurisdictionStateOrProvinceName = 0xd, - NID_businessCategory = ASN_BUS_CAT, - NID_domainComponent = ASN_DOMAIN_COMPONENT, - NID_postalCode = ASN_POSTAL_CODE, /* postalCode */ - NID_favouriteDrink = 462, - NID_userId = 458, - NID_emailAddress = 0x30, /* emailAddress */ - NID_id_on_dnsSRV = 82, /* 1.3.6.1.5.5.7.8.7 */ - NID_ms_upn = 265, /* 1.3.6.1.4.1.311.20.2.3 */ +#define NID_dnQualifier 174 /* 2.5.4.46 */ +#define NID_commonName 14 /* CN Changed to not conflict + * with PBE_SHA1_DES3 */ +#define NID_name 173 /* N , OID = 2.5.4.41 */ +#define NID_surname 0x04 /* SN */ +#define NID_serialNumber 0x05 /* serialNumber */ +#define NID_countryName 0x06 /* C */ +#define NID_localityName 0x07 /* L */ +#define NID_stateOrProvinceName 0x08 /* ST */ +#define NID_streetAddress ASN_STREET_ADDR /* street */ +#define NID_organizationName 0x0a /* O */ +#define NID_organizationalUnitName 0x0b /* OU */ +#define NID_jurisdictionCountryName 0xc +#define NID_jurisdictionStateOrProvinceName 0xd +#define NID_businessCategory ASN_BUS_CAT +#define NID_domainComponent ASN_DOMAIN_COMPONENT +#define NID_postalCode ASN_POSTAL_CODE /* postalCode */ +#define NID_favouriteDrink 462 +#define NID_userId 458 +#define NID_emailAddress 0x30 /* emailAddress */ +#define NID_id_on_dnsSRV 82 /* 1.3.6.1.5.5.7.8.7 */ +#define NID_ms_upn 265 /* 1.3.6.1.4.1.311.20.2.3 */ - NID_X9_62_prime_field = 406 /* 1.2.840.10045.1.1 */ -}; +#define NID_X9_62_prime_field 406 /* 1.2.840.10045.1.1 */ #endif /* OPENSSL_EXTRA */ enum ECC_TYPES