From 6bc7ba1592bb1b360cac65c93baa3fd5c4ae1651 Mon Sep 17 00:00:00 2001 From: toddouska Date: Tue, 26 Mar 2013 12:36:39 -0700 Subject: [PATCH] change AesCBC end/dec to return status, will add failure cases with align checks --- ctaocrypt/src/aes.c | 20 ++++++++++++++------ cyassl/ctaocrypt/aes.h | 4 ++-- mcapi/crypto.c | 8 ++------ src/internal.c | 8 +++++--- src/ssl.c | 12 +++++++++--- 5 files changed, 32 insertions(+), 20 deletions(-) diff --git a/ctaocrypt/src/aes.c b/ctaocrypt/src/aes.c index 96d1dcc99..3a7ac6d0b 100644 --- a/ctaocrypt/src/aes.c +++ b/ctaocrypt/src/aes.c @@ -73,7 +73,7 @@ return AesSetIV(aes, iv); } - void AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) + int AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) { word32 *enc_key, *iv; CRYP_InitTypeDef AES_CRYP_InitStructure; @@ -174,9 +174,11 @@ /* disable crypto processor */ CRYP_Cmd(DISABLE); + + return 0; } - void AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz) + int AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz) { word32 *dec_key, *iv; CRYP_InitTypeDef AES_CRYP_InitStructure; @@ -293,6 +295,8 @@ /* disable crypto processor */ CRYP_Cmd(DISABLE); + + return 0; } #ifdef CYASSL_AES_COUNTER @@ -1678,7 +1682,7 @@ static void AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock) } -void AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) +int AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) { word32 blocks = sz / AES_BLOCK_SIZE; @@ -1702,7 +1706,7 @@ void AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) aes->rounds); /* store iv for next call */ XMEMCPY(aes->reg, out + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE); - return; + return 0; } #endif @@ -1714,10 +1718,12 @@ void AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) out += AES_BLOCK_SIZE; in += AES_BLOCK_SIZE; } + + return 0; } -void AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz) +int AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz) { word32 blocks = sz / AES_BLOCK_SIZE; @@ -1744,7 +1750,7 @@ void AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz) aes->rounds); /* store iv for next call */ XMEMCPY(aes->reg, aes->tmp, AES_BLOCK_SIZE); - return; + return 0; } #endif @@ -1757,6 +1763,8 @@ void AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz) out += AES_BLOCK_SIZE; in += AES_BLOCK_SIZE; } + + return 0; } diff --git a/cyassl/ctaocrypt/aes.h b/cyassl/ctaocrypt/aes.h index 18b7a035c..97f9cfd83 100644 --- a/cyassl/ctaocrypt/aes.h +++ b/cyassl/ctaocrypt/aes.h @@ -98,8 +98,8 @@ typedef struct Aes { CYASSL_API int AesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv, int dir); CYASSL_API int AesSetIV(Aes* aes, const byte* iv); -CYASSL_API void AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz); -CYASSL_API void AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz); +CYASSL_API int AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz); +CYASSL_API int AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz); CYASSL_API void AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz); CYASSL_API void AesEncryptDirect(Aes* aes, byte* out, const byte* in); CYASSL_API void AesDecryptDirect(Aes* aes, byte* out, const byte* in); diff --git a/mcapi/crypto.c b/mcapi/crypto.c index 32aa43adf..e3508884f 100644 --- a/mcapi/crypto.c +++ b/mcapi/crypto.c @@ -435,9 +435,7 @@ int CRYPT_AES_CBC_Encrypt(CRYPT_AES_CTX* aes, unsigned char* out, if (aes == NULL || out == NULL || in == NULL) return BAD_FUNC_ARG; - AesCbcEncrypt((Aes*)aes, out, in, inSz); - - return 0; + return AesCbcEncrypt((Aes*)aes, out, in, inSz); } @@ -448,9 +446,7 @@ int CRYPT_AES_CBC_Decrypt(CRYPT_AES_CTX* aes, unsigned char* out, if (aes == NULL || out == NULL || in == NULL) return BAD_FUNC_ARG; - AesCbcDecrypt((Aes*)aes, out, in, inSz); - - return 0; + return AesCbcDecrypt((Aes*)aes, out, in, inSz); } diff --git a/src/internal.c b/src/internal.c index acc2dafd2..d4de841ea 100644 --- a/src/internal.c +++ b/src/internal.c @@ -3426,17 +3426,19 @@ static INLINE int Encrypt(CYASSL* ssl, byte* out, const byte* input, word32 sz) case aes: #ifdef CYASSL_AESNI if ((word)input % 16) { + int ret; byte* tmp = (byte*)XMALLOC(sz, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER); if (tmp == NULL) return MEMORY_E; XMEMCPY(tmp, input, sz); - AesCbcEncrypt(ssl->encrypt.aes, tmp, tmp, sz); + ret = AesCbcEncrypt(ssl->encrypt.aes, tmp, tmp, sz); XMEMCPY(out, tmp, sz); XFREE(tmp, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER); + return ret; break; } #endif - AesCbcEncrypt(ssl->encrypt.aes, out, input, sz); + return AesCbcEncrypt(ssl->encrypt.aes, out, input, sz); break; #endif @@ -3610,7 +3612,7 @@ static INLINE int Decrypt(CYASSL* ssl, byte* plain, const byte* input, #ifdef BUILD_AES case aes: - AesCbcDecrypt(ssl->decrypt.aes, plain, input, sz); + return AesCbcDecrypt(ssl->decrypt.aes, plain, input, sz); break; #endif diff --git a/src/ssl.c b/src/ssl.c index ade477e90..d336e44d7 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -4997,6 +4997,7 @@ int CyaSSL_set_compression(CYASSL* ssl) int CyaSSL_EVP_Cipher(CYASSL_EVP_CIPHER_CTX* ctx, byte* dst, byte* src, word32 len) { + int ret = 0; CYASSL_ENTER("CyaSSL_EVP_Cipher"); if (ctx == NULL || dst == NULL || src == NULL) { @@ -5016,9 +5017,9 @@ int CyaSSL_set_compression(CYASSL* ssl) case AES_256_CBC_TYPE : CYASSL_MSG("AES CBC"); if (ctx->enc) - AesCbcEncrypt(&ctx->cipher.aes, dst, src, len); + ret = AesCbcEncrypt(&ctx->cipher.aes, dst, src, len); else - AesCbcDecrypt(&ctx->cipher.aes, dst, src, len); + ret = AesCbcDecrypt(&ctx->cipher.aes, dst, src, len); break; #ifdef CYASSL_AES_COUNTER @@ -5056,7 +5057,12 @@ int CyaSSL_set_compression(CYASSL* ssl) CYASSL_MSG("bad type"); return 0; /* failure */ } - } + } + + if (ret != 0) { + CYASSL_MSG("CyaSSL_EVP_Cipher failure"); + return 0; /* failuer */ + } CYASSL_MSG("CyaSSL_EVP_Cipher success"); return 1; /* success */