mirror of https://github.com/wolfSSL/wolfssl
AES: harmonize wc_Aes{Encrypt,Decrypt} and wc_Aes{Encrypt,Decrypt}Direct implementations to return int; add return values to all static void functions in aes.c that can fail; add WARN_UNUSED_RESULT to all static functions in aes.c with return values; implement missing error percolation around AES block cipher implementations; bump FIPS version for v5-ready and v5-dev to 5.3 (v5-RC12 is 5.2).
This commit is contained in:
parent
dee66cfe9e
commit
a718637c6f
|
@ -280,13 +280,13 @@ AS_CASE([$ENABLED_FIPS],
|
|||
[ready|v5-ready],[
|
||||
FIPS_VERSION="v5-ready"
|
||||
HAVE_FIPS_VERSION=5
|
||||
HAVE_FIPS_VERSION_MINOR=2
|
||||
HAVE_FIPS_VERSION_MINOR=3
|
||||
ENABLED_FIPS="yes"
|
||||
],
|
||||
[dev|v5-dev],[
|
||||
FIPS_VERSION="v5-dev"
|
||||
HAVE_FIPS_VERSION=5
|
||||
HAVE_FIPS_VERSION_MINOR=2
|
||||
HAVE_FIPS_VERSION_MINOR=3
|
||||
ENABLED_FIPS="yes"
|
||||
],
|
||||
[
|
||||
|
|
|
@ -214,6 +214,9 @@ WOLFSSL_API int wc_AesCtrEncrypt(Aes* aes, byte* out,
|
|||
use cases ECB mode is considered to be less secure. Please avoid using ECB
|
||||
API’s directly whenever possible
|
||||
|
||||
\return int integer values corresponding to wolfSSL error or success
|
||||
status
|
||||
|
||||
\param aes pointer to the AES object used to encrypt data
|
||||
\param out pointer to the output buffer in which to store the cipher
|
||||
text of the encrypted message
|
||||
|
@ -232,7 +235,7 @@ WOLFSSL_API int wc_AesCtrEncrypt(Aes* aes, byte* out,
|
|||
\sa wc_AesDecryptDirect
|
||||
\sa wc_AesSetKeyDirect
|
||||
*/
|
||||
WOLFSSL_API void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in);
|
||||
WOLFSSL_API int wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in);
|
||||
|
||||
/*!
|
||||
\ingroup AES
|
||||
|
@ -245,7 +248,8 @@ WOLFSSL_API void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in);
|
|||
ECB mode is considered to be less secure. Please avoid using ECB API’s
|
||||
directly whenever possible
|
||||
|
||||
\return none
|
||||
\return int integer values corresponding to wolfSSL error or success
|
||||
status
|
||||
|
||||
\param aes pointer to the AES object used to encrypt data
|
||||
\param out pointer to the output buffer in which to store the plain
|
||||
|
@ -266,7 +270,7 @@ WOLFSSL_API void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in);
|
|||
\sa wc_AesEncryptDirect
|
||||
\sa wc_AesSetKeyDirect
|
||||
*/
|
||||
WOLFSSL_API void wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in);
|
||||
WOLFSSL_API int wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in);
|
||||
|
||||
/*!
|
||||
\ingroup AES
|
||||
|
|
20
src/ssl.c
20
src/ssl.c
|
@ -30798,7 +30798,15 @@ void wolfSSL_AES_encrypt(const unsigned char* input, unsigned char* output,
|
|||
return;
|
||||
}
|
||||
|
||||
#if !defined(HAVE_SELFTEST) && \
|
||||
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
|
||||
if (wc_AesEncryptDirect((Aes*)key, output, input) != 0) {
|
||||
WOLFSSL_MSG("wc_AesEncryptDirect failed");
|
||||
return;
|
||||
}
|
||||
#else
|
||||
wc_AesEncryptDirect((Aes*)key, output, input);
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
|
@ -30818,7 +30826,15 @@ void wolfSSL_AES_decrypt(const unsigned char* input, unsigned char* output,
|
|||
return;
|
||||
}
|
||||
|
||||
#if !defined(HAVE_SELFTEST) && \
|
||||
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
|
||||
if (wc_AesDecryptDirect((Aes*)key, output, input) != 0) {
|
||||
WOLFSSL_MSG("wc_AesDecryptDirect failed");
|
||||
return;
|
||||
}
|
||||
#else
|
||||
wc_AesDecryptDirect((Aes*)key, output, input);
|
||||
#endif
|
||||
}
|
||||
#endif /* WOLFSSL_AES_DIRECT */
|
||||
|
||||
|
@ -30948,11 +30964,13 @@ void wolfSSL_AES_cbc_encrypt(const unsigned char *in, unsigned char* out,
|
|||
if (enc == AES_ENCRYPT) {
|
||||
if (wc_AesCbcEncrypt(aes, out, in, (word32)len) != 0) {
|
||||
WOLFSSL_MSG("Error with AES CBC encrypt");
|
||||
return;
|
||||
}
|
||||
}
|
||||
else {
|
||||
if (wc_AesCbcDecrypt(aes, out, in, (word32)len) != 0) {
|
||||
WOLFSSL_MSG("Error with AES CBC decrypt");
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -31006,11 +31024,13 @@ void wolfSSL_AES_cfb128_encrypt(const unsigned char *in, unsigned char* out,
|
|||
if (enc == AES_ENCRYPT) {
|
||||
if (wc_AesCfbEncrypt(aes, out, in, (word32)len) != 0) {
|
||||
WOLFSSL_MSG("Error with AES CBC encrypt");
|
||||
return;
|
||||
}
|
||||
}
|
||||
else {
|
||||
if (wc_AesCfbDecrypt(aes, out, in, (word32)len) != 0) {
|
||||
WOLFSSL_MSG("Error with AES CBC decrypt");
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -116,19 +116,12 @@ int wc_InitCmac_ex(Cmac* cmac, const byte* key, word32 keySz,
|
|||
byte l[AES_BLOCK_SIZE];
|
||||
|
||||
XMEMSET(l, 0, AES_BLOCK_SIZE);
|
||||
#ifdef WOLFSSL_LINUXKM
|
||||
ret =
|
||||
#endif
|
||||
wc_AesEncryptDirect(&cmac->aes, l, l);
|
||||
#ifdef WOLFSSL_LINUXKM
|
||||
ret = wc_AesEncryptDirect(&cmac->aes, l, l);
|
||||
if (ret == 0) {
|
||||
#endif
|
||||
ShiftAndXorRb(cmac->k1, l);
|
||||
ShiftAndXorRb(cmac->k2, cmac->k1);
|
||||
ForceZero(l, AES_BLOCK_SIZE);
|
||||
#ifdef WOLFSSL_LINUXKM
|
||||
}
|
||||
#endif
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
@ -178,18 +171,11 @@ int wc_CmacUpdate(Cmac* cmac, const byte* in, word32 inSz)
|
|||
if (cmac->totalSz != 0) {
|
||||
xorbuf(cmac->buffer, cmac->digest, AES_BLOCK_SIZE);
|
||||
}
|
||||
#ifdef WOLFSSL_LINUXKM
|
||||
ret =
|
||||
#endif
|
||||
wc_AesEncryptDirect(&cmac->aes, cmac->digest, cmac->buffer);
|
||||
#ifdef WOLFSSL_LINUXKM
|
||||
ret = wc_AesEncryptDirect(&cmac->aes, cmac->digest, cmac->buffer);
|
||||
if (ret == 0) {
|
||||
#endif
|
||||
cmac->totalSz += AES_BLOCK_SIZE;
|
||||
cmac->bufferSz = 0;
|
||||
#ifdef WOLFSSL_LINUXKM
|
||||
}
|
||||
#endif
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -199,7 +185,7 @@ int wc_CmacUpdate(Cmac* cmac, const byte* in, word32 inSz)
|
|||
|
||||
int wc_CmacFinal(Cmac* cmac, byte* out, word32* outSz)
|
||||
{
|
||||
int ret = 0;
|
||||
int ret;
|
||||
const byte* subKey;
|
||||
|
||||
if (cmac == NULL || out == NULL || outSz == NULL) {
|
||||
|
@ -215,7 +201,6 @@ int wc_CmacFinal(Cmac* cmac, byte* out, word32* outSz)
|
|||
if (ret != CRYPTOCB_UNAVAILABLE)
|
||||
return ret;
|
||||
/* fall-through when unavailable */
|
||||
ret = 0; /* reset error code */
|
||||
}
|
||||
#endif
|
||||
|
||||
|
@ -236,17 +221,10 @@ int wc_CmacFinal(Cmac* cmac, byte* out, word32* outSz)
|
|||
}
|
||||
xorbuf(cmac->buffer, cmac->digest, AES_BLOCK_SIZE);
|
||||
xorbuf(cmac->buffer, subKey, AES_BLOCK_SIZE);
|
||||
#ifdef WOLFSSL_LINUXKM
|
||||
ret =
|
||||
#endif
|
||||
wc_AesEncryptDirect(&cmac->aes, cmac->digest, cmac->buffer);
|
||||
#ifdef WOLFSSL_LINUXKM
|
||||
ret = wc_AesEncryptDirect(&cmac->aes, cmac->digest, cmac->buffer);
|
||||
if (ret == 0) {
|
||||
#endif
|
||||
XMEMCPY(out, cmac->digest, *outSz);
|
||||
#ifdef WOLFSSL_LINUXKM
|
||||
}
|
||||
#endif
|
||||
|
||||
wc_AesFree(&cmac->aes);
|
||||
ForceZero(cmac, sizeof(Cmac));
|
||||
|
|
|
@ -301,19 +301,15 @@ static int wc_Afalg_AesDirect(Aes* aes, byte* out, const byte* in, word32 sz)
|
|||
|
||||
|
||||
#if defined(WOLFSSL_AES_DIRECT) && defined(WOLFSSL_AFALG)
|
||||
void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in)
|
||||
int wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in)
|
||||
{
|
||||
if (wc_Afalg_AesDirect(aes, out, in, AES_BLOCK_SIZE) != 0) {
|
||||
WOLFSSL_MSG("Error with AES encrypt direct call");
|
||||
}
|
||||
return wc_Afalg_AesDirect(aes, out, in, AES_BLOCK_SIZE);
|
||||
}
|
||||
|
||||
|
||||
void wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in)
|
||||
int wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in)
|
||||
{
|
||||
if (wc_Afalg_AesDirect(aes, out, in, AES_BLOCK_SIZE) != 0) {
|
||||
WOLFSSL_MSG("Error with AES decrypt direct call");
|
||||
}
|
||||
return wc_Afalg_AesDirect(aes, out, in, AES_BLOCK_SIZE);
|
||||
}
|
||||
|
||||
|
||||
|
@ -639,7 +635,9 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
|||
XMEMCPY(initalCounter, iv, ivSz);
|
||||
initalCounter[AES_BLOCK_SIZE - 1] = 1;
|
||||
GHASH(aes, authIn, authInSz, out, sz, authTag, authTagSz);
|
||||
wc_AesEncryptDirect(aes, scratch, initalCounter);
|
||||
ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
|
||||
if (ret < 0)
|
||||
return ret;
|
||||
xorbuf(authTag, scratch, authTagSz);
|
||||
}
|
||||
#else
|
||||
|
@ -786,7 +784,9 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
|||
initalCounter[AES_BLOCK_SIZE - 1] = 1;
|
||||
tag = buf;
|
||||
GHASH(aes, NULL, 0, in, sz, tag, AES_BLOCK_SIZE);
|
||||
wc_AesEncryptDirect(aes, scratch, initalCounter);
|
||||
ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
|
||||
if (ret < 0)
|
||||
return ret;
|
||||
xorbuf(tag, scratch, AES_BLOCK_SIZE);
|
||||
if (ret != 0) {
|
||||
return AES_GCM_AUTH_E;
|
||||
|
@ -836,7 +836,9 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
|||
/* check on tag */
|
||||
if (authIn != NULL && authInSz > 0) {
|
||||
GHASH(aes, authIn, authInSz, in, sz, tag, AES_BLOCK_SIZE);
|
||||
wc_AesEncryptDirect(aes, scratch, initalCounter);
|
||||
ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
|
||||
if (ret < 0)
|
||||
return ret;
|
||||
xorbuf(tag, scratch, AES_BLOCK_SIZE);
|
||||
if (ConstantCompare(tag, authTag, authTagSz) != 0) {
|
||||
return AES_GCM_AUTH_E;
|
||||
|
|
|
@ -5320,23 +5320,23 @@ int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len)
|
|||
/* AES-DIRECT */
|
||||
#if defined(WOLFSSL_AES_DIRECT)
|
||||
/* Allow direct access to one block encrypt */
|
||||
void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in)
|
||||
int wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in)
|
||||
{
|
||||
if (aes == NULL || out == NULL || in == NULL) {
|
||||
WOLFSSL_MSG("Invalid input to wc_AesEncryptDirect");
|
||||
return;
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
wc_AesEncrypt(aes, in, out);
|
||||
return wc_AesEncrypt(aes, in, out);
|
||||
}
|
||||
#ifdef HAVE_AES_DECRYPT
|
||||
/* Allow direct access to one block decrypt */
|
||||
void wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in)
|
||||
int wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in)
|
||||
{
|
||||
if (aes == NULL || out == NULL || in == NULL) {
|
||||
WOLFSSL_MSG("Invalid input to wc_AesDecryptDirect");
|
||||
return;
|
||||
}
|
||||
wc_AesDecrypt(aes, in, out);
|
||||
return wc_AesDecrypt(aes, in, out);
|
||||
}
|
||||
#endif /* HAVE_AES_DECRYPT */
|
||||
#endif /* WOLFSSL_AES_DIRECT */
|
||||
|
|
|
@ -120,8 +120,8 @@ int wc_AesCbcEncrypt(Aes* aes, byte* out,
|
|||
word32 keySz;
|
||||
int ret;
|
||||
|
||||
if (wc_AesGetKeySize(aes, &keySz) != 0) {
|
||||
return BAD_FUNC_ARG;
|
||||
if ((ret = wc_AesGetKeySize(aes, &keySz)) != 0) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* Set buffers for key, cipher text, and plain text */
|
||||
|
@ -173,8 +173,8 @@ int wc_AesCbcDecrypt(Aes* aes, byte* out,
|
|||
word32 keySz;
|
||||
int ret;
|
||||
|
||||
if (wc_AesGetKeySize(aes, &keySz) != 0) {
|
||||
return BAD_FUNC_ARG;
|
||||
if ((ret = wc_AesGetKeySize(aes, &keySz)) != 0) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* Set buffers for key, cipher text, and plain text */
|
||||
|
@ -224,8 +224,8 @@ int wc_AesEcbEncrypt(Aes* aes, byte* out,
|
|||
|
||||
blocks = sz / AES_BLOCK_SIZE;
|
||||
|
||||
if (wc_AesGetKeySize(aes, &keySz) != 0) {
|
||||
return BAD_FUNC_ARG;
|
||||
if ((ret = wc_AesGetKeySize(aes, &keySz)) != 0) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* Set buffers for key, cipher text, and plain text */
|
||||
|
@ -269,8 +269,8 @@ int wc_AesEcbDecrypt(Aes* aes, byte* out,
|
|||
|
||||
blocks = sz / AES_BLOCK_SIZE;
|
||||
|
||||
if (wc_AesGetKeySize(aes, &keySz) != 0) {
|
||||
return BAD_FUNC_ARG;
|
||||
if ((ret = wc_AesGetKeySize(aes, &keySz)) != 0) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* Set buffers for key, cipher text, and plain text */
|
||||
|
@ -326,8 +326,8 @@ int wc_AesCtrEncrypt(Aes* aes, byte* out,
|
|||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if (wc_AesGetKeySize(aes, &keySz) != 0) {
|
||||
return BAD_FUNC_ARG;
|
||||
if ((ret = wc_AesGetKeySize(aes, &keySz)) != 0) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* consume any unused bytes left in aes->tmp */
|
||||
|
@ -373,7 +373,8 @@ int wc_AesCtrEncrypt(Aes* aes, byte* out,
|
|||
}
|
||||
|
||||
if (sz) {
|
||||
wc_AesEncryptDirect(aes, (byte*)aes->tmp, (byte*)aes->reg);
|
||||
if ((ret = wc_AesEncryptDirect(aes, (byte*)aes->tmp, (byte*)aes->reg)) != 0)
|
||||
return ret;
|
||||
IncrementAesCounter((byte*)aes->reg);
|
||||
|
||||
aes->left = AES_BLOCK_SIZE;
|
||||
|
@ -392,20 +393,19 @@ int wc_AesCtrEncrypt(Aes* aes, byte* out,
|
|||
|
||||
/* AES-DIRECT */
|
||||
#if defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
|
||||
void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in)
|
||||
int wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in)
|
||||
{
|
||||
Buffer buf[3];
|
||||
word32 arg[4];
|
||||
word32 keySz;
|
||||
int ret;
|
||||
|
||||
if (aes == NULL || out == NULL || in == NULL) {
|
||||
/* return BAD_FUNC_ARG; */
|
||||
return;
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if (wc_AesGetKeySize(aes, &keySz) != 0) {
|
||||
/* return BAD_FUNC_ARG; */
|
||||
return;
|
||||
if ((ret = wc_AesGetKeySize(aes, &keySz)) != 0) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* Set buffers for key, cipher text, and plain text */
|
||||
|
@ -425,26 +425,28 @@ void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in)
|
|||
arg[1] = keySz;
|
||||
arg[2] = AES_BLOCK_SIZE;
|
||||
|
||||
if (wc_caamAddAndWait(buf, arg, CAAM_AESECB) != 0) {
|
||||
if ((ret = wc_caamAddAndWait(buf, arg, CAAM_AESECB)) != 0) {
|
||||
WOLFSSL_MSG("Error with CAAM AES direct encrypt");
|
||||
return ret;
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
void wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in)
|
||||
int wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in)
|
||||
{
|
||||
Buffer buf[3];
|
||||
word32 arg[4];
|
||||
word32 keySz;
|
||||
int ret;
|
||||
|
||||
if (aes == NULL || out == NULL || in == NULL) {
|
||||
/* return BAD_FUNC_ARG; */
|
||||
return;
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if (wc_AesGetKeySize(aes, &keySz) != 0) {
|
||||
/* return BAD_FUNC_ARG; */
|
||||
return;
|
||||
if ((ret = wc_AesGetKeySize(aes, &keySz)) != 0) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* Set buffers for key, cipher text, and plain text */
|
||||
|
@ -464,9 +466,12 @@ void wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in)
|
|||
arg[1] = keySz;
|
||||
arg[2] = AES_BLOCK_SIZE;
|
||||
|
||||
if (wc_caamAddAndWait(buf, arg, CAAM_AESECB) != 0) {
|
||||
if ((ret = wc_caamAddAndWait(buf, arg, CAAM_AESECB)) != 0) {
|
||||
WOLFSSL_MSG("Error with CAAM AES direct decrypt");
|
||||
return ret;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
|
@ -500,12 +505,12 @@ int wc_AesCcmEncrypt(Aes* aes, byte* out,
|
|||
authTagSz > AES_BLOCK_SIZE)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
if (wc_AesCcmCheckTagSize(authTagSz) != 0) {
|
||||
return BAD_FUNC_ARG;
|
||||
if ((ret = wc_AesCcmCheckTagSize(authTagSz)) != 0) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
if (wc_AesGetKeySize(aes, &keySz) != 0) {
|
||||
return BAD_FUNC_ARG;
|
||||
if ((ret = wc_AesGetKeySize(aes, &keySz)) != 0) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* set up B0 and CTR0 similar to how wolfcrypt/src/aes.c does */
|
||||
|
@ -583,12 +588,12 @@ int wc_AesCcmDecrypt(Aes* aes, byte* out,
|
|||
authTagSz > AES_BLOCK_SIZE)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
if (wc_AesCcmCheckTagSize(authTagSz) != 0) {
|
||||
return BAD_FUNC_ARG;
|
||||
if ((ret = wc_AesCcmCheckTagSize(authTagSz)) != 0) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
if (wc_AesGetKeySize(aes, &keySz) != 0) {
|
||||
return BAD_FUNC_ARG;
|
||||
if ((ret = wc_AesGetKeySize(aes, &keySz)) != 0) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* set up B0 and CTR0 similar to how wolfcrypt/src/aes.c does */
|
||||
|
@ -605,7 +610,8 @@ int wc_AesCcmDecrypt(Aes* aes, byte* out,
|
|||
B0Ctr0[AES_BLOCK_SIZE + AES_BLOCK_SIZE - 1 - i] = 0;
|
||||
}
|
||||
B0Ctr0[AES_BLOCK_SIZE] = lenSz - 1;
|
||||
wc_AesEncryptDirect(aes, tag, B0Ctr0 + AES_BLOCK_SIZE);
|
||||
if ((ret = wc_AesEncryptDirect(aes, tag, B0Ctr0 + AES_BLOCK_SIZE)) != 0)
|
||||
return ret;
|
||||
|
||||
/* Set buffers for key, cipher text, and plain text */
|
||||
buf[0].BufferType = DataBuffer;
|
||||
|
|
|
@ -169,15 +169,15 @@ static int wc_DevCrypto_AesDirect(Aes* aes, byte* out, const byte* in,
|
|||
|
||||
|
||||
#if defined(WOLFSSL_AES_DIRECT) || defined(HAVE_AESCCM)
|
||||
void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in)
|
||||
int wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in)
|
||||
{
|
||||
wc_DevCrypto_AesDirect(aes, out, in, AES_BLOCK_SIZE, COP_ENCRYPT);
|
||||
return wc_DevCrypto_AesDirect(aes, out, in, AES_BLOCK_SIZE, COP_ENCRYPT);
|
||||
}
|
||||
|
||||
|
||||
void wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in)
|
||||
int wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in)
|
||||
{
|
||||
wc_DevCrypto_AesDirect(aes, out, in, AES_BLOCK_SIZE, COP_DECRYPT);
|
||||
return wc_DevCrypto_AesDirect(aes, out, in, AES_BLOCK_SIZE, COP_DECRYPT);
|
||||
}
|
||||
|
||||
|
||||
|
@ -208,6 +208,7 @@ int wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
|
|||
int ret;
|
||||
struct crypt_op crt;
|
||||
byte* tmp;
|
||||
int ret;
|
||||
|
||||
if (aes == NULL || out == NULL || in == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
|
@ -253,9 +254,11 @@ int wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
|
|||
/* create key stream for later if needed */
|
||||
if (sz > 0) {
|
||||
Aes tmpAes;
|
||||
wc_AesSetKey(&tmpAes, (byte*)aes->devKey, aes->keylen, (byte*)aes->reg,
|
||||
AES_ENCRYPTION);
|
||||
wc_AesEncryptDirect(&tmpAes, (byte*)aes->tmp, (const byte*)aes->reg);
|
||||
if ((ret = wc_AesSetKey(&tmpAes, (byte*)aes->devKey, aes->keylen, (byte*)aes->reg,
|
||||
AES_ENCRYPTION)) != 0)
|
||||
return ret;
|
||||
if ((ret = wc_AesEncryptDirect(&tmpAes, (byte*)aes->tmp, (const byte*)aes->reg)) != 0)
|
||||
return ret;
|
||||
wc_AesFree(&tmpAes);
|
||||
IncrementAesCounter((byte*)aes->reg);
|
||||
|
||||
|
|
|
@ -166,12 +166,13 @@ WOLFSSL_API int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz
|
|||
}
|
||||
|
||||
#ifdef WOLFSSL_AES_COUNTER
|
||||
WOLFSSL_API void wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
|
||||
WOLFSSL_API int wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
|
||||
{
|
||||
char out_block[AES_BLOCK_SIZE] ;
|
||||
int odd ;
|
||||
int even ;
|
||||
char *tmp ; /* (char *)aes->tmp, for short */
|
||||
int ret;
|
||||
|
||||
tmp = (char *)aes->tmp ;
|
||||
if(aes->left) {
|
||||
|
@ -182,8 +183,10 @@ WOLFSSL_API void wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz
|
|||
}
|
||||
XMEMCPY(tmp+aes->left, in, odd) ;
|
||||
if((odd+aes->left) == AES_BLOCK_SIZE){
|
||||
AesProcess(aes, (byte *)out_block, (byte const *)tmp, AES_BLOCK_SIZE,
|
||||
ret = AesProcess(aes, (byte *)out_block, (byte const *)tmp, AES_BLOCK_SIZE,
|
||||
AES_CFG_DIR_ENCRYPT, AES_CFG_MODE_CTR) ;
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
XMEMCPY(out, out_block+aes->left, odd) ;
|
||||
aes->left = 0 ;
|
||||
XMEMSET(tmp, 0x0, AES_BLOCK_SIZE) ;
|
||||
|
@ -195,38 +198,42 @@ WOLFSSL_API void wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz
|
|||
odd = sz % AES_BLOCK_SIZE ; /* if there is tail flagment */
|
||||
if(sz / AES_BLOCK_SIZE) {
|
||||
even = (sz/AES_BLOCK_SIZE)*AES_BLOCK_SIZE ;
|
||||
AesProcess(aes, out, in, even, AES_CFG_DIR_ENCRYPT, AES_CFG_MODE_CTR);
|
||||
ret = AesProcess(aes, out, in, even, AES_CFG_DIR_ENCRYPT, AES_CFG_MODE_CTR);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
out += even ;
|
||||
in += even ;
|
||||
}
|
||||
if(odd) {
|
||||
XMEMSET(tmp+aes->left, 0x0, AES_BLOCK_SIZE - aes->left) ;
|
||||
XMEMCPY(tmp+aes->left, in, odd) ;
|
||||
AesProcess(aes, (byte *)out_block, (byte const *)tmp, AES_BLOCK_SIZE,
|
||||
ret = AesProcess(aes, (byte *)out_block, (byte const *)tmp, AES_BLOCK_SIZE,
|
||||
AES_CFG_DIR_ENCRYPT,
|
||||
AES_CFG_MODE_CTR_NOCTR /* Counter mode without counting IV */
|
||||
);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
XMEMCPY(out, out_block+aes->left,odd) ;
|
||||
aes->left += odd ;
|
||||
}
|
||||
return; // work around cppcheck 2.6.3 false positive missingReturn
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
/* AES-DIRECT */
|
||||
#if defined(WOLFSSL_AES_DIRECT)
|
||||
WOLFSSL_API void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in)
|
||||
WOLFSSL_API int wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in)
|
||||
{
|
||||
AesProcess(aes, out, in, AES_BLOCK_SIZE, AES_CFG_DIR_ENCRYPT, AES_CFG_MODE_CBC) ;
|
||||
return AesProcess(aes, out, in, AES_BLOCK_SIZE, AES_CFG_DIR_ENCRYPT, AES_CFG_MODE_CBC) ;
|
||||
}
|
||||
WOLFSSL_API void wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in)
|
||||
WOLFSSL_API int wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in)
|
||||
{
|
||||
AesProcess(aes, out, in, AES_BLOCK_SIZE, AES_CFG_DIR_DECRYPT, AES_CFG_MODE_CBC) ;
|
||||
return AesProcess(aes, out, in, AES_BLOCK_SIZE, AES_CFG_DIR_DECRYPT, AES_CFG_MODE_CBC) ;
|
||||
}
|
||||
WOLFSSL_API int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
|
||||
const byte* iv, int dir)
|
||||
{
|
||||
return(wc_AesSetKey(aes, key, len, iv, dir)) ;
|
||||
return(wc_AesSetKey(aes, key, len, iv, dir)) ;
|
||||
}
|
||||
#endif
|
||||
|
||||
|
|
|
@ -95,6 +95,7 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out,
|
|||
byte* tmp;
|
||||
byte scratch[AES_BLOCK_SIZE];
|
||||
byte initalCounter[AES_BLOCK_SIZE];
|
||||
int ret;
|
||||
|
||||
if ((in == NULL && sz > 0) || iv == NULL || authTag == NULL ||
|
||||
authTagSz > AES_GCM_AUTH_SZ) {
|
||||
|
@ -136,7 +137,9 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out,
|
|||
XMEMCPY(initalCounter, iv, ivSz);
|
||||
initalCounter[AES_BLOCK_SIZE - 1] = 1;
|
||||
GHASH(aes, authIn, authInSz, out, sz, authTag, authTagSz);
|
||||
wc_AesEncryptDirect(aes, scratch, initalCounter);
|
||||
ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
|
||||
if (ret < 0)
|
||||
return ret;
|
||||
xorbuf(authTag, scratch, authTagSz);
|
||||
}
|
||||
|
||||
|
@ -154,6 +157,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out,
|
|||
byte buf[AES_GCM_AUTH_SZ];
|
||||
byte scratch[AES_BLOCK_SIZE];
|
||||
byte initalCounter[AES_BLOCK_SIZE];
|
||||
int ret;
|
||||
|
||||
if (in == NULL || iv == NULL || authTag == NULL ||
|
||||
authTagSz < AES_GCM_AUTH_SZ) {
|
||||
|
@ -172,7 +176,9 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out,
|
|||
initalCounter[AES_BLOCK_SIZE - 1] = 1;
|
||||
tag = buf;
|
||||
GHASH(aes, NULL, 0, in, sz, tag, AES_GCM_AUTH_SZ);
|
||||
wc_AesEncryptDirect(aes, scratch, initalCounter);
|
||||
ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
|
||||
if (ret < 0)
|
||||
return ret;
|
||||
xorbuf(tag, scratch, AES_GCM_AUTH_SZ);
|
||||
}
|
||||
else {
|
||||
|
@ -187,7 +193,9 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out,
|
|||
/* account for additional data */
|
||||
if (authIn != NULL && authInSz > 0) {
|
||||
GHASH(aes, authIn, authInSz, in, sz, tag, AES_GCM_AUTH_SZ);
|
||||
wc_AesEncryptDirect(aes, scratch, initalCounter);
|
||||
ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
|
||||
if (ret < 0)
|
||||
return ret;
|
||||
xorbuf(tag, scratch, AES_GCM_AUTH_SZ);
|
||||
if (ConstantCompare(authTag, tag, authTagSz) != 0) {
|
||||
return AES_GCM_AUTH_E;
|
||||
|
|
|
@ -8914,11 +8914,17 @@ WOLFSSL_TEST_SUBROUTINE int aes_test(void)
|
|||
#endif
|
||||
|
||||
#ifdef WOLFSSL_AES_128
|
||||
wc_AesSetKeyDirect(enc, ctr128Key, sizeof(ctr128Key),
|
||||
ret = wc_AesSetKeyDirect(enc, ctr128Key, sizeof(ctr128Key),
|
||||
ctrIv, AES_ENCRYPTION);
|
||||
if (ret != 0) {
|
||||
ERROR_OUT(-5947, out);
|
||||
}
|
||||
/* Ctr only uses encrypt, even on key setup */
|
||||
wc_AesSetKeyDirect(dec, ctr128Key, sizeof(ctr128Key),
|
||||
ret = wc_AesSetKeyDirect(dec, ctr128Key, sizeof(ctr128Key),
|
||||
ctrIv, AES_ENCRYPTION);
|
||||
if (ret != 0) {
|
||||
ERROR_OUT(-5948, out);
|
||||
}
|
||||
|
||||
ret = wc_AesCtrEncrypt(enc, cipher, ctrPlain, sizeof(ctrPlain));
|
||||
if (ret != 0) {
|
||||
|
@ -8935,11 +8941,17 @@ WOLFSSL_TEST_SUBROUTINE int aes_test(void)
|
|||
ERROR_OUT(-5926, out);
|
||||
|
||||
/* let's try with just 9 bytes, non block size test */
|
||||
wc_AesSetKeyDirect(enc, ctr128Key, AES_BLOCK_SIZE,
|
||||
ret = wc_AesSetKeyDirect(enc, ctr128Key, AES_BLOCK_SIZE,
|
||||
ctrIv, AES_ENCRYPTION);
|
||||
if (ret != 0) {
|
||||
ERROR_OUT(-5949, out);
|
||||
}
|
||||
/* Ctr only uses encrypt, even on key setup */
|
||||
wc_AesSetKeyDirect(dec, ctr128Key, AES_BLOCK_SIZE,
|
||||
ret = wc_AesSetKeyDirect(dec, ctr128Key, AES_BLOCK_SIZE,
|
||||
ctrIv, AES_ENCRYPTION);
|
||||
if (ret != 0) {
|
||||
ERROR_OUT(-5952, out);
|
||||
}
|
||||
|
||||
ret = wc_AesCtrEncrypt(enc, cipher, ctrPlain, sizeof(oddCipher));
|
||||
if (ret != 0) {
|
||||
|
@ -8975,11 +8987,17 @@ WOLFSSL_TEST_SUBROUTINE int aes_test(void)
|
|||
|
||||
#ifdef WOLFSSL_AES_192
|
||||
/* 192 bit key */
|
||||
wc_AesSetKeyDirect(enc, ctr192Key, sizeof(ctr192Key),
|
||||
ret = wc_AesSetKeyDirect(enc, ctr192Key, sizeof(ctr192Key),
|
||||
ctrIv, AES_ENCRYPTION);
|
||||
if (ret != 0) {
|
||||
ERROR_OUT(-5953, out);
|
||||
}
|
||||
/* Ctr only uses encrypt, even on key setup */
|
||||
wc_AesSetKeyDirect(dec, ctr192Key, sizeof(ctr192Key),
|
||||
ret = wc_AesSetKeyDirect(dec, ctr192Key, sizeof(ctr192Key),
|
||||
ctrIv, AES_ENCRYPTION);
|
||||
if (ret != 0) {
|
||||
ERROR_OUT(-5954, out);
|
||||
}
|
||||
|
||||
XMEMSET(plain, 0, sizeof(plain));
|
||||
ret = wc_AesCtrEncrypt(enc, plain, ctr192Cipher, sizeof(ctr192Cipher));
|
||||
|
@ -9000,11 +9018,17 @@ WOLFSSL_TEST_SUBROUTINE int aes_test(void)
|
|||
|
||||
#ifdef WOLFSSL_AES_256
|
||||
/* 256 bit key */
|
||||
wc_AesSetKeyDirect(enc, ctr256Key, sizeof(ctr256Key),
|
||||
ret = wc_AesSetKeyDirect(enc, ctr256Key, sizeof(ctr256Key),
|
||||
ctrIv, AES_ENCRYPTION);
|
||||
if (ret != 0) {
|
||||
ERROR_OUT(-5955, out);
|
||||
}
|
||||
/* Ctr only uses encrypt, even on key setup */
|
||||
wc_AesSetKeyDirect(dec, ctr256Key, sizeof(ctr256Key),
|
||||
ret = wc_AesSetKeyDirect(dec, ctr256Key, sizeof(ctr256Key),
|
||||
ctrIv, AES_ENCRYPTION);
|
||||
if (ret != 0) {
|
||||
ERROR_OUT(-5956, out);
|
||||
}
|
||||
|
||||
XMEMSET(plain, 0, sizeof(plain));
|
||||
ret = wc_AesCtrEncrypt(enc, plain, ctr256Cipher, sizeof(ctr256Cipher));
|
||||
|
@ -9051,7 +9075,10 @@ WOLFSSL_TEST_SUBROUTINE int aes_test(void)
|
|||
ret = wc_AesSetKey(enc, niKey, sizeof(niKey), cipher, AES_ENCRYPTION);
|
||||
if (ret != 0)
|
||||
ERROR_OUT(-5943, out);
|
||||
#ifdef WOLFSSL_LINUXKM
|
||||
#if !defined(HAVE_SELFTEST) && \
|
||||
(defined(WOLFSSL_LINUXKM) || \
|
||||
!defined(HAVE_FIPS) || \
|
||||
(defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
|
||||
if (wc_AesEncryptDirect(enc, cipher, niPlain) != 0)
|
||||
ERROR_OUT(-5950, out);
|
||||
#else
|
||||
|
@ -9064,7 +9091,10 @@ WOLFSSL_TEST_SUBROUTINE int aes_test(void)
|
|||
ret = wc_AesSetKey(dec, niKey, sizeof(niKey), plain, AES_DECRYPTION);
|
||||
if (ret != 0)
|
||||
ERROR_OUT(-5945, out);
|
||||
#ifdef WOLFSSL_LINUXKM
|
||||
#if !defined(HAVE_SELFTEST) && \
|
||||
(defined(WOLFSSL_LINUXKM) || \
|
||||
!defined(HAVE_FIPS) || \
|
||||
(defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
|
||||
if (wc_AesDecryptDirect(dec, plain, niCipher) != 0)
|
||||
ERROR_OUT(-5951, out);
|
||||
#else
|
||||
|
|
|
@ -373,15 +373,23 @@ WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out,
|
|||
#endif
|
||||
/* AES-DIRECT */
|
||||
#if defined(WOLFSSL_AES_DIRECT)
|
||||
#ifdef WOLFSSL_LINUXKM
|
||||
WOLFSSL_API __must_check int wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in);
|
||||
WOLFSSL_API __must_check int wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in);
|
||||
#else
|
||||
#if defined(HAVE_FIPS) && \
|
||||
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
|
||||
WOLFSSL_API void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in);
|
||||
WOLFSSL_API void wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in);
|
||||
#endif
|
||||
WOLFSSL_API int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
|
||||
WOLFSSL_API int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
|
||||
const byte* iv, int dir);
|
||||
#elif defined(BUILDING_WOLFSSL)
|
||||
WOLFSSL_API WARN_UNUSED_RESULT int wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in);
|
||||
WOLFSSL_API WARN_UNUSED_RESULT int wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in);
|
||||
WOLFSSL_API WARN_UNUSED_RESULT int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
|
||||
const byte* iv, int dir);
|
||||
#else
|
||||
WOLFSSL_API int wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in);
|
||||
WOLFSSL_API int wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in);
|
||||
WOLFSSL_API int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
|
||||
const byte* iv, int dir);
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_AESGCM
|
||||
|
|
Loading…
Reference in New Issue