mirrors
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add --enable-aescfb, add comments, include of stdio with snprintf

This commit is contained in:
Jacob Barthelmeh 2018-01-12 11:05:43 -07:00
parent f254a002a8
commit df7917fcd9
8 changed files with 176 additions and 103 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
configure.ac
View File

@ -164,6 +164,7 @@ then
enable_aesgcm=yes
enable_aesccm=yes
enable_aesctr=yes
enable_aescfb=yes
enable_camellia=yes
enable_ripemd=yes
enable_sha512=yes
@ -813,6 +814,19 @@ then
fi
# AES-CFB
AC_ARG_ENABLE([aescfb],
[AS_HELP_STRING([--enable-aescfb],[Enable wolfSSL AES-CFB support (default: disabled)])],
[ ENABLED_AESCFB=$enableval ],
[ ENABLED_AESCFB=no ]
)
if test "$ENABLED_AESCFB" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AES_CFB"
fi
# AES-ARM
AC_ARG_ENABLE([armasm],
[AS_HELP_STRING([--enable-armasm],[Enable wolfSSL ARMv8 ASM support (default: disabled)])],

191
src/ssl.c
View File

@ -6986,6 +6986,15 @@ WOLFSSL_EVP_PKEY* wolfSSL_d2i_PUBKEY_bio(WOLFSSL_BIO* bio,
}
/* Converts a DER encoded public key to a WOLFSSL_EVP_PKEY structure.
*
* out pointer to new WOLFSSL_EVP_PKEY structure. Can be NULL
* in DER buffer to convert
* inSz size of in buffer
*
* returns a pointer to a new WOLFSSL_EVP_PKEY structure on success and NULL
* on fail
*/
WOLFSSL_EVP_PKEY* wolfSSL_d2i_PUBKEY(WOLFSSL_EVP_PKEY** out, unsigned char** in,
long inSz)
{
@ -15127,23 +15136,25 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
*
* bio WOLFSSL_BIO to write to.
* x509 Certificate to write.
*
* returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure
*/
int wolfSSL_X509_print(WOLFSSL_BIO* bio, WOLFSSL_X509* x509)
{
WOLFSSL_ENTER("wolfSSL_X509_print");
if (bio == NULL || x509 == NULL) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
if (wolfSSL_BIO_write(bio, "Certificate:\n", sizeof("Certificate:\n"))
<= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
if (wolfSSL_BIO_write(bio, " Data:\n", sizeof(" Data:\n"))
<= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
/* print version of cert */
@ -15153,15 +15164,15 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
if ((version = wolfSSL_X509_version(x509)) <= 0) {
WOLFSSL_MSG("Error getting X509 version");
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
if (wolfSSL_BIO_write(bio, " Version: ",
sizeof(" Version: ")) <= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
XSNPRINTF(tmp, sizeof(tmp), "%d\n", version);
if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
}
@ -15172,13 +15183,13 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
XMEMSET(serial, 0, sz);
if (wolfSSL_X509_get_serial_number(x509, serial, &sz)
!= SSL_SUCCESS) {
!= WOLFSSL_SUCCESS) {
WOLFSSL_MSG("Error getting x509 serial number");
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
if (wolfSSL_BIO_write(bio, " Serial Number: ",
sizeof(" Serial Number: ")) <= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
/* if serial can fit into byte than print on the same line */
@ -15186,7 +15197,7 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
char tmp[17];
XSNPRINTF(tmp, sizeof(tmp), "%d (0x%x)\n", serial[0],serial[0]);
if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
}
else {
@ -15199,7 +15210,7 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
/* serial is larger than int size so print off hex values */
if (wolfSSL_BIO_write(bio, "\n ",
sizeof("\n ")) <= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
tmp[0] = '\0';
for (i = 0; i < sz - 1 && (3 * i) < tmpSz - valSz; i++) {
@ -15211,7 +15222,7 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
val[3] = '\0'; /* make sure is null terminated */
XSTRNCAT(tmp, val, valSz);
if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
}
}
@ -15223,18 +15234,18 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
if ((oid = wolfSSL_X509_get_signature_type(x509)) <= 0) {
WOLFSSL_MSG("Error getting x509 signature type");
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
if (wolfSSL_BIO_write(bio, " Signature Algorithm: ",
sizeof(" Signature Algorithm: ")) <= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
sig = GetSigName(oid);
if (wolfSSL_BIO_write(bio, sig, (int)XSTRLEN(sig)) <= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
if (wolfSSL_BIO_write(bio, "\n", sizeof("\n")) <= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
}
@ -15257,21 +15268,21 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
#ifdef WOLFSSL_SMALL_STACK
XFREE(issuer, NULL, DYNAMIC_TYPE_OPENSSL);
#endif
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
if (issuer != NULL) {
if (wolfSSL_BIO_write(bio, issuer, (int)XSTRLEN(issuer)) <= 0) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(issuer, NULL, DYNAMIC_TYPE_OPENSSL);
#endif
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
}
#ifdef WOLFSSL_SMALL_STACK
XFREE(issuer, NULL, DYNAMIC_TYPE_OPENSSL);
#endif
if (wolfSSL_BIO_write(bio, "\n", sizeof("\n")) <= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
}
@ -15281,33 +15292,33 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
if (wolfSSL_BIO_write(bio, " Validity\n",
sizeof(" Validity\n")) <= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
if (wolfSSL_BIO_write(bio, " Not Before: ",
sizeof(" Not Before: ")) <= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
if (GetTimeString(x509->notBefore + 2, ASN_UTC_TIME,
tmp, sizeof(tmp)) != SSL_SUCCESS) {
tmp, sizeof(tmp)) != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("Error getting not before date");
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
tmp[sizeof(tmp) - 1] = '\0'; /* make sure null terminated */
if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
if (wolfSSL_BIO_write(bio, "\n Not After : ",
sizeof("\n Not After : ")) <= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
if (GetTimeString(x509->notAfter + 2,ASN_UTC_TIME,
tmp, sizeof(tmp)) != SSL_SUCCESS) {
tmp, sizeof(tmp)) != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("Error getting not before date");
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
tmp[sizeof(tmp) - 1] = '\0'; /* make sure null terminated */
if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
}
@ -15330,14 +15341,14 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
#ifdef WOLFSSL_SMALL_STACK
XFREE(subject, NULL, DYNAMIC_TYPE_OPENSSL);
#endif
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
if (subject != NULL) {
if (wolfSSL_BIO_write(bio, subject, (int)XSTRLEN(subject)) <= 0) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(subject, NULL, DYNAMIC_TYPE_OPENSSL);
#endif
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
}
#ifdef WOLFSSL_SMALL_STACK
@ -15348,7 +15359,7 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
/* get and print public key */
if (wolfSSL_BIO_write(bio, "\n Subject Public Key Info:\n",
sizeof("\n Subject Public Key Info:\n")) <= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
{
char tmp[100];
@ -15359,14 +15370,14 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
if (wolfSSL_BIO_write(bio,
" Public Key Algorithm: RSA\n",
sizeof(" Public Key Algorithm: RSA\n")) <= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
#ifdef HAVE_USER_RSA
if (wolfSSL_BIO_write(bio,
" Build without user RSA to print key\n",
sizeof(" Build without user RSA to print key\n"))
<= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
#else
{
@ -15379,23 +15390,23 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
if (wc_InitRsaKey(&rsa, NULL) != 0) {
WOLFSSL_MSG("wc_InitRsaKey failure");
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
if (wc_RsaPublicKeyDecode(x509->pubKey.buffer,
&idx, &rsa, x509->pubKey.length) != 0) {
WOLFSSL_MSG("Error decoding RSA key");
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
if ((sz = wc_RsaEncryptSize(&rsa)) < 0) {
WOLFSSL_MSG("Error getting RSA key size");
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
XSNPRINTF(tmp, sizeof(tmp) - 1, "%s%s: (%d bit)\n%s\n",
" ", "Public-Key", 8 * sz,
" Modulus:");
tmp[sizeof(tmp) - 1] = '\0';
if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
/* print out modulus */
@ -15411,7 +15422,7 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
DYNAMIC_TYPE_TMP_BUFFER);
if (rawKey == NULL) {
WOLFSSL_MSG("Memory error");
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
mp_to_unsigned_bin(&rsa.n, rawKey);
for (idx = 0; idx < (word32)rawLen; idx++) {
@ -15426,7 +15437,7 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp))
<= 0) {
XFREE(rawKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
XSNPRINTF(tmp, sizeof(tmp) - 1,
":\n ");
@ -15444,7 +15455,7 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
tmp[sizeof(tmp) - 1] = '\0';
if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp))
<= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
}
@ -15452,7 +15463,7 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
rawLen = mp_unsigned_bin_size(&rsa.e);
if (rawLen < 0) {
WOLFSSL_MSG("Error getting exponent size");
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
if ((word32)rawLen < sizeof(word32)) {
@ -15462,7 +15473,7 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
DYNAMIC_TYPE_TMP_BUFFER);
if (rawKey == NULL) {
WOLFSSL_MSG("Memory error");
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
XMEMSET(rawKey, 0, rawLen);
mp_to_unsigned_bin(&rsa.e, rawKey);
@ -15473,7 +15484,7 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
"\n Exponent: %d\n", idx);
if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) {
XFREE(rawKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
XFREE(rawKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
}
@ -15490,16 +15501,16 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
if (wolfSSL_BIO_write(bio,
" Public Key Algorithm: EC\n",
sizeof(" Public Key Algorithm: EC\n")) <= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
if (wc_ecc_init_ex(&ecc, x509->heap, INVALID_DEVID)
!= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
if (wc_ecc_import_x963(x509->pubKey.buffer,
x509->pubKey.length, &ecc) != 0) {
wc_ecc_free(&ecc);
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
XSNPRINTF(tmp, sizeof(tmp) - 1, "%s%s: (%d bit)\n%s\n",
" ", "Public-Key",
@ -15508,7 +15519,7 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
tmp[sizeof(tmp) - 1] = '\0';
if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) {
wc_ecc_free(&ecc);
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
XSNPRINTF(tmp, sizeof(tmp) - 1," ");
for (i = 0; i < x509->pubKey.length; i++) {
@ -15524,7 +15535,7 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp))
<= 0) {
wc_ecc_free(&ecc);
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
XSNPRINTF(tmp, sizeof(tmp) - 1,
":\n ");
@ -15544,7 +15555,7 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp))
<= 0) {
wc_ecc_free(&ecc);
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
}
XSNPRINTF(tmp, sizeof(tmp) - 1, "\n%s%s: %s\n",
@ -15552,7 +15563,7 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
ecc.dp->name);
if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) {
wc_ecc_free(&ecc);
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
wc_ecc_free(&ecc);
}
@ -15560,14 +15571,14 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
#endif /* HAVE_ECC */
default:
WOLFSSL_MSG("Unknown key type");
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
}
/* print out extensions */
if (wolfSSL_BIO_write(bio, " X509v3 extensions:\n",
sizeof(" X509v3 extensions:\n")) <= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
/* print subject key id */
@ -15583,7 +15594,7 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
" X509v3 Subject Key Identifier:\n",
sizeof(" X509v3 Subject Key Identifier:\n"))
<= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
XSNPRINTF(tmp, sizeof(tmp) - 1, " ");
@ -15594,7 +15605,7 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
XSNPRINTF(val, valSz - 1, "%02X\n", x509->subjKeyId[i]);
XSTRNCAT(tmp, val, valSz);
if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
}
@ -15610,7 +15621,7 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
" X509v3 Authority Key Identifier:\n",
sizeof(" X509v3 Authority Key Identifier:\n"))
<= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
XSNPRINTF(tmp, sizeof(tmp) - 1, " keyid");
@ -15618,7 +15629,7 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
/* check if buffer is almost full */
if (XSTRLEN(tmp) >= sizeof(tmp) - valSz) {
if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
tmp[0] = '\0';
}
@ -15626,7 +15637,7 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
XSTRNCAT(tmp, val, valSz);
}
if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
/* print issuer */
@ -15648,21 +15659,21 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
#ifdef WOLFSSL_SMALL_STACK
XFREE(issuer, NULL, DYNAMIC_TYPE_OPENSSL);
#endif
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
if (issuer != NULL) {
if (wolfSSL_BIO_write(bio, issuer, (int)XSTRLEN(issuer)) <= 0) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(issuer, NULL, DYNAMIC_TYPE_OPENSSL);
#endif
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
}
#ifdef WOLFSSL_SMALL_STACK
XFREE(issuer, NULL, DYNAMIC_TYPE_OPENSSL);
#endif
if (wolfSSL_BIO_write(bio, "\n", sizeof("\n")) <= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
}
}
@ -15675,13 +15686,13 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
"\n X509v3 Basic Constraints:\n",
sizeof("\n X509v3 Basic Constraints:\n"))
<= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
XSNPRINTF(tmp, sizeof(tmp),
" CA:%s\n",
(x509->isCa)? "TRUE": "FALSE");
if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
}
@ -15696,22 +15707,22 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
if (wolfSSL_BIO_write(bio,
" Signature Algorithm: ",
sizeof(" Signature Algorithm: ")) <= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
XSNPRINTF(tmp, sizeof(tmp) - 1,"%s\n", GetSigName(sigOid));
tmp[sizeof(tmp) - 1] = '\0';
if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
sigSz = (int)x509->sig.length;
sig = (unsigned char*)XMALLOC(sigSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (sig == NULL || sigSz <= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
if (wolfSSL_X509_get_signature(x509, sig, &sigSz) <= 0) {
XFREE(sig, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
XSNPRINTF(tmp, sizeof(tmp) - 1," ");
tmp[sizeof(tmp) - 1] = '\0';
@ -15727,7 +15738,7 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp))
<= 0) {
XFREE(sig, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
XSNPRINTF(tmp, sizeof(tmp) - 1,
":\n ");
@ -15745,17 +15756,17 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
tmp[sizeof(tmp) - 1] = '\0';
if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp))
<= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
}
}
/* done with print out */
if (wolfSSL_BIO_write(bio, "\n", sizeof("\n")) <= 0) {
return SSL_FAILURE;
return WOLFSSL_FAILURE;
}
return SSL_SUCCESS;
return WOLFSSL_SUCCESS;
}
#endif /* XSNPRINTF */
#endif /* OPENSSL_EXTRA */
@ -17351,6 +17362,14 @@ int wolfSSL_i2d_X509_bio(WOLFSSL_BIO* bio, WOLFSSL_X509* x509)
}
/* Converts an internal structure to a DER buffer
*
* x509 structure to get DER buffer from
* out buffer to hold result. If NULL then *out is NULL then a new buffer is
* created.
*
* returns the size of the DER result on success
*/
int wolfSSL_i2d_X509(WOLFSSL_X509* x509, unsigned char** out)
{
const unsigned char* der;
@ -18123,7 +18142,11 @@ WOLFSSL_EVP_PKEY* wolfSSL_PKEY_new_ex(void* heap)
XMEMSET(pkey, 0, sizeof(WOLFSSL_EVP_PKEY));
pkey->heap = heap;
pkey->type = WOLFSSL_EVP_PKEY_DEFAULT;
#ifndef HAVE_FIPS
ret = wc_InitRng_ex(&(pkey->rng), heap, INVALID_DEVID);
#else
ret = wc_InitRng(&(pkey->rng));
#endif
if (ret != 0){
wolfSSL_EVP_PKEY_free(pkey);
WOLFSSL_MSG("memory falure");
@ -19328,6 +19351,7 @@ void wolfSSL_DES_set_key_unchecked(WOLFSSL_const_DES_cblock* myDes,
}
/* Sets the parity of the DES key for use */
void wolfSSL_DES_set_odd_parity(WOLFSSL_DES_cblock* myDes)
{
word32 i;
@ -19582,8 +19606,8 @@ void wolfSSL_AES_cfb128_encrypt(const unsigned char *in, unsigned char* out,
size_t len, AES_KEY *key, unsigned char* iv, int* num,
const int enc)
{
#ifndef HAVE_AES_CFB
WOLFSSL_MSG("CFB mode not enabled please use macro HAVE_AES_CFB");
#ifndef WOLFSSL_AES_CFB
WOLFSSL_MSG("CFB mode not enabled please use macro WOLFSSL_AES_CFB");
(void)in;
(void)out;
(void)len;
@ -19624,7 +19648,7 @@ void wolfSSL_AES_cfb128_encrypt(const unsigned char *in, unsigned char* out,
/* store number of left over bytes to num */
*num = (aes->left)? AES_BLOCK_SIZE - aes->left : 0;
#endif /* HAVE_AES_CFB */
#endif /* WOLFSSL_AES_CFB */
}
#endif /* NO_AES */
@ -22317,7 +22341,11 @@ int wolfSSL_RSA_private_encrypt(int len, unsigned char* in,
#if defined(WC_RSA_BLINDING) && !defined(HAVE_USER_RSA)
rng = key->rng;
#else
if (wc_InitRng_ex(rng, key->heap) != 0) {
#ifndef HAVE_FIPS
if (wc_InitRng_ex(rng, key->heap, INVALID_DEVID) != 0) {
#else
if (wc_InitRng(rng) != 0) {
#endif
WOLFSSL_MSG("Error with random number");
return SSL_FATAL_ERROR;
}
@ -26304,7 +26332,11 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
#if defined(WOLFSSL_CERT_GEN) && !defined(NO_RSA)
/* needed SetName function from asn.c is wrapped by NO_RSA */
/* helper function for CopyX509NameToCertName() */
/* helper function for CopyX509NameToCertName()
*
* returns WOLFSSL_SUCCESS on success
*/
static int CopyX509NameEntry(char* out, int max, char* in, int inLen)
{
if (inLen > max) {
@ -26319,10 +26351,15 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
/* make sure is null terminated */
out[max-1] = '\0';
return SSL_SUCCESS;
return WOLFSSL_SUCCESS;
}
/* Helper function to copy cert name from a WOLFSSL_X509_NAME structure to
* a CertName structure.
*
* returns WOLFSSL_SUCCESS on success and a negative error value on failure
*/
static int CopyX509NameToCertName(WOLFSSL_X509_NAME* n, CertName* cName)
{
DecodedName* dn = NULL;
@ -26409,7 +26446,7 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
return BUFFER_E;
}
return SSL_SUCCESS;
return WOLFSSL_SUCCESS;
}

8
wolfcrypt/benchmark/benchmark.c
View File

@ -232,7 +232,7 @@ static const bench_alg bench_cipher_opt[] = {
#ifdef WOLFSSL_AES_XTS
{ "-aes-xts", BENCH_AES_XTS },
#endif
#ifdef HAVE_AES_CFB
#ifdef WOLFSSL_AES_CFB
{ "-aes-cfb", BENCH_AES_CFB },
#endif
#ifdef WOLFSSL_AES_COUNTER
@ -1081,7 +1081,7 @@ static void* benchmarks_do(void* args)
if (bench_all || (bench_cipher_algs & BENCH_AES_XTS))
bench_aesxts();
#endif
#ifdef HAVE_AES_CFB
#ifdef WOLFSSL_AES_CFB
if (bench_all || (bench_cipher_algs & BENCH_AES_CFB))
bench_aescfb();
#endif
@ -1914,7 +1914,7 @@ void bench_aesecb(int doAsync)
}
#endif /* WOLFSSL_AES_DIRECT */
#ifdef HAVE_AES_CFB
#ifdef WOLFSSL_AES_CFB
static void bench_aescfb_internal(const byte* key, word32 keySz, const byte* iv,
const char* label)
{
@ -1948,7 +1948,7 @@ void bench_aescfb(void)
bench_aescfb_internal(bench_key, 24, bench_iv, "AES-192-CFB");
bench_aescfb_internal(bench_key, 32, bench_iv, "AES-256-CFB");
}
#endif /* HAVE_AES_CFB */
#endif /* WOLFSSL_AES_CFB */
#ifdef WOLFSSL_AES_XTS

39
wolfcrypt/src/aes.c
View File

@ -1828,7 +1828,7 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
#ifndef WOLFSSL_STM32_CUBEMX
ByteReverseWords(rk, rk, keylen);
#endif
#if defined(HAVE_AES_CFB) || defined(WOLFSSL_AES_COUNTER)
#if defined(WOLFSSL_AES_CFB) || defined(WOLFSSL_AES_COUNTER)
aes->left = 0;
#endif
@ -1901,7 +1901,7 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
if (iv)
XMEMCPY(aes->reg, iv, AES_BLOCK_SIZE);
#if defined(HAVE_AES_CFB) || defined(WOLFSSL_AES_COUNTER)
#if defined(WOLFSSL_AES_CFB) || defined(WOLFSSL_AES_COUNTER)
aes->left = 0;
#endif
@ -1917,7 +1917,7 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
aes->rounds = keylen/4 + 6;
XMEMCPY(aes->key, userKey, keylen);
#if defined(HAVE_AES_CFB) || defined(WOLFSSL_AES_COUNTER)
#if defined(WOLFSSL_AES_CFB) || defined(WOLFSSL_AES_COUNTER)
aes->left = 0;
#endif
@ -1944,7 +1944,7 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
if (rk == NULL)
return BAD_FUNC_ARG;
#if defined(HAVE_AES_CFB) || defined(WOLFSSL_AES_COUNTER)
#if defined(WOLFSSL_AES_CFB) || defined(WOLFSSL_AES_COUNTER)
aes->left = 0;
#endif
@ -1987,7 +1987,7 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
aes->rounds = keylen/4 + 6;
ret = nrf51_aes_set_key(userKey);
#if defined(HAVE_AES_CFB) || defined(WOLFSSL_AES_COUNTER)
#if defined(WOLFSSL_AES_CFB) || defined(WOLFSSL_AES_COUNTER)
aes->left = 0;
#endif
@ -2016,7 +2016,7 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
#ifdef WOLFSSL_AESNI
aes->use_aesni = 0;
#endif /* WOLFSSL_AESNI */
#if defined(HAVE_AES_CFB) || defined(WOLFSSL_AES_COUNTER)
#if defined(WOLFSSL_AES_CFB) || defined(WOLFSSL_AES_COUNTER)
aes->left = 0;
#endif
@ -2209,7 +2209,7 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
checkAESNI = 1;
}
if (haveAESNI) {
#if defined(WOLFSSL_AES_COUNTER) || defined(HAVE_AES_CFB)
#if defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_CFB)
aes->left = 0;
#endif /* WOLFSSL_AES_COUNTER */
aes->use_aesni = 1;
@ -3058,8 +3058,17 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
#endif /* AES-CBC block */
#endif /* HAVE_AES_CBC */
#ifdef HAVE_AES_CFB
/* CFB 128 */
#ifdef WOLFSSL_AES_CFB
/* CFB 128
*
* aes structure holding key to use for encryption
* out buffer to hold result of encryption (must be at least as large as input
* buffer)
* in buffer to encrypt
* sz size of input buffer
*
* returns 0 on success and negative error values on failure
*/
int wc_AesCfbEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{
byte* tmp = NULL;
@ -3111,6 +3120,16 @@ int wc_AesCfbEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
#ifdef HAVE_AES_DECRYPT
/* CFB 128
*
* aes structure holding key to use for decryption
* out buffer to hold result of decryption (must be at least as large as input
* buffer)
* in buffer to decrypt
* sz size of input buffer
*
* returns 0 on success and negative error values on failure
*/
int wc_AesCfbDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{
byte* tmp;
@ -3161,7 +3180,7 @@ int wc_AesCfbDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
return 0;
}
#endif /* HAVE_AES_DECRYPT */
#endif /* HAVE_AES_CFB */
#endif /* WOLFSSL_AES_CFB */
#ifdef HAVE_AES_ECB
#if defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_AES)

14
wolfcrypt/test/test.c
View File

@ -4267,7 +4267,7 @@ int des3_test(void)
#ifndef NO_AES
#ifdef HAVE_AES_CFB
#ifdef WOLFSSL_AES_CFB
/* Test cases from NIST SP 800-38A, Recommendation for Block Cipher Modes of Operation Methods an*/
static int aescfb_test(void)
{
@ -4508,7 +4508,7 @@ int des3_test(void)
return ret;
}
#endif /* HAVE_AES_CFB */
#endif /* WOLFSSL_AES_CFB */
static int aes_key_size_test(void)
{
@ -5647,7 +5647,7 @@ int aes192_test(void)
#endif /* HAVE_AES_CBC */
#if defined(HAVE_AES_CFB)
#if defined(WOLFSSL_AES_CFB)
ret = aescfb_test();
if (ret != 0)
return ret;
@ -10417,7 +10417,7 @@ static int openssl_aes_test(void)
}
#endif /* HAVE_AES_COUNTER */
#ifdef HAVE_AES_CFB
#ifdef WOLFSSL_AES_CFB
{
AES_KEY enc;
AES_KEY dec;
@ -10476,7 +10476,7 @@ static int openssl_aes_test(void)
if (num != 0)
return -3331;
}
#endif /* HAVE_AES_CFB */
#endif /* WOLFSSL_AES_CFB */
return 0;
}
#endif /* !defined(NO_AES) && !defined(WOLFCRYPT_ONLY) */
@ -10699,10 +10699,9 @@ int openssl_test(void)
#endif /* NO_DES3 */
#if !defined(NO_AES) && !defined(WOLFCRYPT_ONLY)
#if !defined(NO_AES) && !defined(WOLFCRYPT_ONLY)
if (openssl_aes_test() != 0)
return -3429;
#endif
{ /* evp_cipher test: EVP_aes_128_cbc */
EVP_CIPHER_CTX ctx;
@ -10840,7 +10839,6 @@ int openssl_test(void)
#define OPENSSL_TEST_ERROR (-10000)
#ifndef NO_AES
#ifdef WOLFSSL_AES_DIRECT
/* enable HAVE_AES_DECRYPT for AES_encrypt/decrypt */
{

2
wolfssl/openssl/rc4.h
View File

@ -1,6 +1,6 @@
/* rc4.h
*
* Copyright (C) 2006-2016 wolfSSL Inc.
* Copyright (C) 2006-2017 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

6
wolfssl/wolfcrypt/aes.h
View File

@ -97,7 +97,7 @@ typedef struct Aes {
word32 asyncIv[AES_BLOCK_SIZE/sizeof(word32)]; /* raw IV */
WC_ASYNC_DEV asyncDev;
#endif /* WOLFSSL_ASYNC_CRYPT */
#if defined(WOLFSSL_AES_COUNTER) || defined(HAVE_AES_CFB)
#if defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_CFB)
word32 left; /* unused bytes left from last call */
#endif
#ifdef WOLFSSL_XILINX_CRYPT
@ -145,14 +145,14 @@ WOLFSSL_API int wc_AesCbcEncrypt(Aes* aes, byte* out,
WOLFSSL_API int wc_AesCbcDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
#ifdef HAVE_AES_CFB
#ifdef WOLFSSL_AES_CFB
WOLFSSL_API int wc_AesCfbEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
#ifdef HAVE_AES_DECRYPT
WOLFSSL_API int wc_AesCfbDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
#endif /* HAVE_AES_DECRYPT */
#endif /* HAVE_AES_CFB */
#endif /* WOLFSSL_AES_CFB */
#ifdef HAVE_AES_ECB
WOLFSSL_API int wc_AesEcbEncrypt(Aes* aes, byte* out,

5
wolfssl/wolfcrypt/types.h
View File

@ -327,6 +327,11 @@
/* snprintf is used in asn.c for GetTimeString, PKCS7 test, and when
debugging is turned on */
#ifndef USE_WINDOWS_API
#if defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA)
/* case where stdio is not included else where but is needed for
* snprintf */
#include <stdio.h>
#endif
#define XSNPRINTF snprintf
#else
#define XSNPRINTF _snprintf