source: azure_iot_hub_f767zi/trunk/wolfssl-4.4.0/wolfcrypt/src/evp.c@ 457

Last change on this file since 457 was 457, checked in by coas-nagasima, 4 years ago

ファイルを追加
  • Property svn:eol-style set to native
  • Property svn:mime-type set to text/x-csrc;charset=UTF-8
File size: 197.0 KB
Line 
1/* evp.c
2 *
3 * Copyright (C) 2006-2020 wolfSSL Inc.
4 *
5 * This file is part of wolfSSL.
6 *
7 * wolfSSL is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * wolfSSL is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
20 */
21
22#if !defined(WOLFSSL_EVP_INCLUDED)
23 #ifndef WOLFSSL_IGNORE_FILE_WARN
24 #warning evp.c does not need to be compiled separately from ssl.c
25 #endif
26#elif defined(WOLFCRYPT_ONLY)
27#else
28
29#ifdef HAVE_CONFIG_H
30 #include <config.h>
31#endif
32
33#include <wolfssl/wolfcrypt/settings.h>
34
35#include <wolfssl/openssl/ecdsa.h>
36#include <wolfssl/openssl/evp.h>
37
38#if defined(OPENSSL_EXTRA)
39
40#ifndef NO_AES
41 #ifdef HAVE_AES_CBC
42 #ifdef WOLFSSL_AES_128
43 static char *EVP_AES_128_CBC = NULL;
44 #endif
45 #ifdef WOLFSSL_AES_192
46 static char *EVP_AES_192_CBC = NULL;
47 #endif
48 #ifdef WOLFSSL_AES_256
49 static char *EVP_AES_256_CBC = NULL;
50 #endif
51 #endif /* HAVE_AES_CBC */
52
53 #ifdef WOLFSSL_AES_OFB
54 #ifdef WOLFSSL_AES_128
55 static char *EVP_AES_128_OFB = NULL;
56 #endif
57 #ifdef WOLFSSL_AES_192
58 static char *EVP_AES_192_OFB = NULL;
59 #endif
60 #ifdef WOLFSSL_AES_256
61 static char *EVP_AES_256_OFB = NULL;
62 #endif
63 #endif /* WOLFSSL_AES_OFB */
64
65 #ifdef WOLFSSL_AES_XTS
66 #ifdef WOLFSSL_AES_128
67 static char *EVP_AES_128_XTS = NULL;
68 #endif
69 #ifdef WOLFSSL_AES_256
70 static char *EVP_AES_256_XTS = NULL;
71 #endif
72 #endif /* WOLFSSL_AES_XTS */
73
74 #ifdef WOLFSSL_AES_CFB
75 #ifdef WOLFSSL_AES_128
76 static char *EVP_AES_128_CFB1 = NULL;
77 #endif
78 #ifdef WOLFSSL_AES_192
79 static char *EVP_AES_192_CFB1 = NULL;
80 #endif
81 #ifdef WOLFSSL_AES_256
82 static char *EVP_AES_256_CFB1 = NULL;
83 #endif
84
85 #ifdef WOLFSSL_AES_128
86 static char *EVP_AES_128_CFB8 = NULL;
87 #endif
88 #ifdef WOLFSSL_AES_192
89 static char *EVP_AES_192_CFB8 = NULL;
90 #endif
91 #ifdef WOLFSSL_AES_256
92 static char *EVP_AES_256_CFB8 = NULL;
93 #endif
94
95 #ifdef WOLFSSL_AES_128
96 static char *EVP_AES_128_CFB128 = NULL;
97 #endif
98 #ifdef WOLFSSL_AES_192
99 static char *EVP_AES_192_CFB128 = NULL;
100 #endif
101 #ifdef WOLFSSL_AES_256
102 static char *EVP_AES_256_CFB128 = NULL;
103 #endif
104 #endif /* WOLFSSL_AES_CFB */
105
106 #ifdef HAVE_AESGCM
107 #ifdef WOLFSSL_AES_128
108 static char *EVP_AES_128_GCM = NULL;
109 #endif
110 #ifdef WOLFSSL_AES_192
111 static char *EVP_AES_192_GCM = NULL;
112 #endif
113 #ifdef WOLFSSL_AES_256
114 static char *EVP_AES_256_GCM = NULL;
115 #endif
116 #endif /* HAVE_AESGCM */
117 #ifdef WOLFSSL_AES_128
118 static char *EVP_AES_128_CTR = NULL;
119 #endif
120 #ifdef WOLFSSL_AES_192
121 static char *EVP_AES_192_CTR = NULL;
122 #endif
123 #ifdef WOLFSSL_AES_256
124 static char *EVP_AES_256_CTR = NULL;
125 #endif
126
127 #ifdef WOLFSSL_AES_128
128 static char *EVP_AES_128_ECB = NULL;
129 #endif
130 #ifdef WOLFSSL_AES_192
131 static char *EVP_AES_192_ECB = NULL;
132 #endif
133 #ifdef WOLFSSL_AES_256
134 static char *EVP_AES_256_ECB = NULL;
135 #endif
136 #define EVP_AES_SIZE 11
137 #ifdef WOLFSSL_AES_CFB
138 #define EVP_AESCFB_SIZE 14
139 #endif
140#endif
141
142#ifndef NO_DES3
143 static char *EVP_DES_CBC = NULL;
144 static char *EVP_DES_ECB = NULL;
145
146 static char *EVP_DES_EDE3_CBC = NULL;
147 static char *EVP_DES_EDE3_ECB = NULL;
148
149 #define EVP_DES_SIZE 7
150 #define EVP_DES_EDE3_SIZE 12
151#endif
152
153#ifdef HAVE_IDEA
154 static char *EVP_IDEA_CBC;
155 #define EVP_IDEA_SIZE 8
156#endif
157
158static unsigned int cipherType(const WOLFSSL_EVP_CIPHER *cipher);
159
160
161/* Getter function for cipher key length
162 *
163 * c WOLFSSL_EVP_CIPHER structure to get key length from
164 *
165 * NOTE: OpenSSL_add_all_ciphers() should be called first before using this
166 * function
167 *
168 * Returns size of key in bytes
169 */
170int wolfSSL_EVP_Cipher_key_length(const WOLFSSL_EVP_CIPHER* c)
171{
172 WOLFSSL_ENTER("wolfSSL_EVP_Cipher_key_length");
173
174 if (c == NULL) {
175 return 0;
176 }
177
178 switch (cipherType(c)) {
179#if !defined(NO_AES)
180 #if defined(HAVE_AES_CBC)
181 case AES_128_CBC_TYPE: return 16;
182 case AES_192_CBC_TYPE: return 24;
183 case AES_256_CBC_TYPE: return 32;
184 #endif
185 #if defined(WOLFSSL_AES_CFB)
186 case AES_128_CFB1_TYPE: return 16;
187 case AES_192_CFB1_TYPE: return 24;
188 case AES_256_CFB1_TYPE: return 32;
189 case AES_128_CFB8_TYPE: return 16;
190 case AES_192_CFB8_TYPE: return 24;
191 case AES_256_CFB8_TYPE: return 32;
192 case AES_128_CFB128_TYPE: return 16;
193 case AES_192_CFB128_TYPE: return 24;
194 case AES_256_CFB128_TYPE: return 32;
195 #endif
196 #if defined(WOLFSSL_AES_OFB)
197 case AES_128_OFB_TYPE: return 16;
198 case AES_192_OFB_TYPE: return 24;
199 case AES_256_OFB_TYPE: return 32;
200 #endif
201 #if defined(WOLFSSL_AES_XTS)
202 case AES_128_XTS_TYPE: return 16;
203 case AES_256_XTS_TYPE: return 32;
204 #endif
205 #if defined(HAVE_AESGCM)
206 case AES_128_GCM_TYPE: return 16;
207 case AES_192_GCM_TYPE: return 24;
208 case AES_256_GCM_TYPE: return 32;
209 #endif
210 #if defined(WOLFSSL_AES_COUNTER)
211 case AES_128_CTR_TYPE: return 16;
212 case AES_192_CTR_TYPE: return 24;
213 case AES_256_CTR_TYPE: return 32;
214 #endif
215 #if defined(HAVE_AES_ECB)
216 case AES_128_ECB_TYPE: return 16;
217 case AES_192_ECB_TYPE: return 24;
218 case AES_256_ECB_TYPE: return 32;
219 #endif
220#endif /* !NO_AES */
221 #ifndef NO_DES3
222 case DES_CBC_TYPE: return 8;
223 case DES_EDE3_CBC_TYPE: return 24;
224 case DES_ECB_TYPE: return 8;
225 case DES_EDE3_ECB_TYPE: return 24;
226 #endif
227 default:
228 return 0;
229 }
230}
231
232
233int wolfSSL_EVP_EncryptInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
234 const WOLFSSL_EVP_CIPHER* type,
235 const unsigned char* key,
236 const unsigned char* iv)
237{
238 return wolfSSL_EVP_CipherInit(ctx, type, (byte*)key, (byte*)iv, 1);
239}
240
241int wolfSSL_EVP_EncryptInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
242 const WOLFSSL_EVP_CIPHER* type,
243 WOLFSSL_ENGINE *impl,
244 const unsigned char* key,
245 const unsigned char* iv)
246{
247 (void) impl;
248 return wolfSSL_EVP_CipherInit(ctx, type, (byte*)key, (byte*)iv, 1);
249}
250
251int wolfSSL_EVP_DecryptInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
252 const WOLFSSL_EVP_CIPHER* type,
253 const unsigned char* key,
254 const unsigned char* iv)
255{
256 WOLFSSL_ENTER("wolfSSL_EVP_CipherInit");
257 return wolfSSL_EVP_CipherInit(ctx, type, (byte*)key, (byte*)iv, 0);
258}
259
260int wolfSSL_EVP_DecryptInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
261 const WOLFSSL_EVP_CIPHER* type,
262 WOLFSSL_ENGINE *impl,
263 const unsigned char* key,
264 const unsigned char* iv)
265{
266 (void) impl;
267 WOLFSSL_ENTER("wolfSSL_EVP_DecryptInit");
268 return wolfSSL_EVP_CipherInit(ctx, type, (byte*)key, (byte*)iv, 0);
269}
270
271
272WOLFSSL_EVP_CIPHER_CTX *wolfSSL_EVP_CIPHER_CTX_new(void)
273{
274 WOLFSSL_EVP_CIPHER_CTX *ctx = (WOLFSSL_EVP_CIPHER_CTX*)XMALLOC(sizeof *ctx,
275 NULL, DYNAMIC_TYPE_TMP_BUFFER);
276 if (ctx) {
277 WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_new");
278 wolfSSL_EVP_CIPHER_CTX_init(ctx);
279 }
280 return ctx;
281}
282
283void wolfSSL_EVP_CIPHER_CTX_free(WOLFSSL_EVP_CIPHER_CTX *ctx)
284{
285 if (ctx) {
286 WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_free");
287 wolfSSL_EVP_CIPHER_CTX_cleanup(ctx);
288 XFREE(ctx, NULL, DYNAMIC_TYPE_TMP_BUFFER);
289 }
290}
291
292int wolfSSL_EVP_CIPHER_CTX_reset(WOLFSSL_EVP_CIPHER_CTX *ctx)
293{
294 int ret = WOLFSSL_FAILURE;
295
296 if (ctx != NULL) {
297 WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_reset");
298 wolfSSL_EVP_CIPHER_CTX_cleanup(ctx);
299 ret = WOLFSSL_SUCCESS;
300 }
301
302 return ret;
303}
304
305unsigned long wolfSSL_EVP_CIPHER_CTX_mode(const WOLFSSL_EVP_CIPHER_CTX *ctx)
306{
307 if (ctx == NULL) return 0;
308 return ctx->flags & WOLFSSL_EVP_CIPH_MODE;
309}
310
311int wolfSSL_EVP_EncryptFinal(WOLFSSL_EVP_CIPHER_CTX *ctx,
312 unsigned char *out, int *outl)
313{
314 if (ctx && ctx->enc) {
315 WOLFSSL_ENTER("wolfSSL_EVP_EncryptFinal");
316 return wolfSSL_EVP_CipherFinal(ctx, out, outl);
317 }
318 else
319 return WOLFSSL_FAILURE;
320}
321
322
323int wolfSSL_EVP_CipherInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
324 const WOLFSSL_EVP_CIPHER* type,
325 WOLFSSL_ENGINE *impl,
326 const unsigned char* key,
327 const unsigned char* iv,
328 int enc)
329{
330 (void)impl;
331 return wolfSSL_EVP_CipherInit(ctx, type, key, iv, enc);
332}
333
334int wolfSSL_EVP_EncryptFinal_ex(WOLFSSL_EVP_CIPHER_CTX *ctx,
335 unsigned char *out, int *outl)
336{
337 if (ctx && ctx->enc) {
338 WOLFSSL_ENTER("wolfSSL_EVP_EncryptFinal_ex");
339 return wolfSSL_EVP_CipherFinal(ctx, out, outl);
340 }
341 else
342 return WOLFSSL_FAILURE;
343}
344
345int wolfSSL_EVP_DecryptFinal(WOLFSSL_EVP_CIPHER_CTX *ctx,
346 unsigned char *out, int *outl)
347{
348 if (ctx && !ctx->enc) {
349 WOLFSSL_ENTER("wolfSSL_EVP_DecryptFinal");
350 return wolfSSL_EVP_CipherFinal(ctx, out, outl);
351 }
352 else {
353 return WOLFSSL_FAILURE;
354 }
355}
356
357int wolfSSL_EVP_DecryptFinal_ex(WOLFSSL_EVP_CIPHER_CTX *ctx,
358 unsigned char *out, int *outl)
359{
360 if (ctx && !ctx->enc) {
361 WOLFSSL_ENTER("wolfSSL_EVP_DecryptFinal_ex");
362 return wolfSSL_EVP_CipherFinal(ctx, out, outl);
363 }
364 else {
365 return WOLFSSL_FAILURE;
366 }
367}
368
369
370int wolfSSL_EVP_DigestInit_ex(WOLFSSL_EVP_MD_CTX* ctx,
371 const WOLFSSL_EVP_MD* type,
372 WOLFSSL_ENGINE *impl)
373{
374 (void) impl;
375 WOLFSSL_ENTER("wolfSSL_EVP_DigestInit_ex");
376 return wolfSSL_EVP_DigestInit(ctx, type);
377}
378
379#ifdef DEBUG_WOLFSSL_EVP
380#define PRINT_BUF(b, sz) { int _i; for(_i=0; _i<(sz); _i++) { \
381 printf("%02x(%c),", (b)[_i], (b)[_i]); if ((_i+1)%8==0)printf("\n");}}
382#else
383#define PRINT_BUF(b, sz)
384#endif
385
386static int fillBuff(WOLFSSL_EVP_CIPHER_CTX *ctx, const unsigned char *in, int sz)
387{
388 int fill;
389
390 if (sz > 0) {
391 if ((sz+ctx->bufUsed) > ctx->block_size) {
392 fill = ctx->block_size - ctx->bufUsed;
393 } else {
394 fill = sz;
395 }
396 XMEMCPY(&(ctx->buf[ctx->bufUsed]), in, fill);
397 ctx->bufUsed += fill;
398 return fill;
399 } else return 0;
400}
401
402static int evpCipherBlock(WOLFSSL_EVP_CIPHER_CTX *ctx,
403 unsigned char *out,
404 const unsigned char *in, int inl)
405{
406 int ret = 0;
407
408 switch (ctx->cipherType) {
409#if !defined(NO_AES)
410 #if defined(HAVE_AES_CBC)
411 case AES_128_CBC_TYPE:
412 case AES_192_CBC_TYPE:
413 case AES_256_CBC_TYPE:
414 if (ctx->enc)
415 ret = wc_AesCbcEncrypt(&ctx->cipher.aes, out, in, inl);
416 else
417 ret = wc_AesCbcDecrypt(&ctx->cipher.aes, out, in, inl);
418 break;
419 #endif
420 #if defined(HAVE_AESGCM)
421 case AES_128_GCM_TYPE:
422 case AES_192_GCM_TYPE:
423 case AES_256_GCM_TYPE:
424 if (ctx->enc) {
425 if (out){
426 /* encrypt confidential data*/
427 ret = wc_AesGcmEncrypt(&ctx->cipher.aes, out, in, inl,
428 ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz,
429 NULL, 0);
430 }
431 else {
432 /* authenticated, non-confidential data */
433 ret = wc_AesGcmEncrypt(&ctx->cipher.aes, NULL, NULL, 0,
434 ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz,
435 in, inl);
436 /* Reset partial authTag error for AAD*/
437 if (ret == AES_GCM_AUTH_E)
438 ret = 0;
439 }
440 }
441 else {
442 if (out){
443 /* decrypt confidential data*/
444 ret = wc_AesGcmDecrypt(&ctx->cipher.aes, out, in, inl,
445 ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz,
446 NULL, 0);
447 }
448 else {
449 /* authenticated, non-confidential data*/
450 ret = wc_AesGcmDecrypt(&ctx->cipher.aes, NULL, NULL, 0,
451 ctx->iv, ctx->ivSz,
452 ctx->authTag, ctx->authTagSz,
453 in, inl);
454 /* Reset partial authTag error for AAD*/
455 if (ret == AES_GCM_AUTH_E)
456 ret = 0;
457 }
458 }
459 break;
460 #endif
461 #if defined(WOLFSSL_AES_COUNTER)
462 case AES_128_CTR_TYPE:
463 case AES_192_CTR_TYPE:
464 case AES_256_CTR_TYPE:
465 ret = wc_AesCtrEncrypt(&ctx->cipher.aes, out, in, inl);
466 break;
467 #endif
468 #if defined(HAVE_AES_ECB)
469 case AES_128_ECB_TYPE:
470 case AES_192_ECB_TYPE:
471 case AES_256_ECB_TYPE:
472 if (ctx->enc)
473 ret = wc_AesEcbEncrypt(&ctx->cipher.aes, out, in, inl);
474 else
475 ret = wc_AesEcbDecrypt(&ctx->cipher.aes, out, in, inl);
476 break;
477 #endif
478 #if defined(WOLFSSL_AES_OFB)
479 case AES_128_OFB_TYPE:
480 case AES_192_OFB_TYPE:
481 case AES_256_OFB_TYPE:
482 if (ctx->enc)
483 ret = wc_AesOfbEncrypt(&ctx->cipher.aes, out, in, inl);
484 else
485 ret = wc_AesOfbDecrypt(&ctx->cipher.aes, out, in, inl);
486 break;
487 #endif
488 #if defined(WOLFSSL_AES_CFB)
489 #if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
490 case AES_128_CFB1_TYPE:
491 case AES_192_CFB1_TYPE:
492 case AES_256_CFB1_TYPE:
493 if (ctx->enc)
494 ret = wc_AesCfb1Encrypt(&ctx->cipher.aes, out, in,
495 inl * WOLFSSL_BIT_SIZE);
496 else
497 ret = wc_AesCfb1Decrypt(&ctx->cipher.aes, out, in,
498 inl * WOLFSSL_BIT_SIZE);
499 break;
500
501 case AES_128_CFB8_TYPE:
502 case AES_192_CFB8_TYPE:
503 case AES_256_CFB8_TYPE:
504 if (ctx->enc)
505 ret = wc_AesCfb8Encrypt(&ctx->cipher.aes, out, in, inl);
506 else
507 ret = wc_AesCfb8Decrypt(&ctx->cipher.aes, out, in, inl);
508 break;
509 #endif /* !HAVE_SELFTEST && !HAVE_FIPS */
510
511 case AES_128_CFB128_TYPE:
512 case AES_192_CFB128_TYPE:
513 case AES_256_CFB128_TYPE:
514 if (ctx->enc)
515 ret = wc_AesCfbEncrypt(&ctx->cipher.aes, out, in, inl);
516 else
517 ret = wc_AesCfbDecrypt(&ctx->cipher.aes, out, in, inl);
518 break;
519 #endif
520#if defined(WOLFSSL_AES_XTS)
521 case AES_128_XTS_TYPE:
522 case AES_256_XTS_TYPE:
523 if (ctx->enc)
524 ret = wc_AesXtsEncrypt(&ctx->cipher.xts, out, in, inl,
525 ctx->iv, ctx->ivSz);
526 else
527 ret = wc_AesXtsDecrypt(&ctx->cipher.xts, out, in, inl,
528 ctx->iv, ctx->ivSz);
529 break;
530#endif
531#endif /* !NO_AES */
532 #ifndef NO_DES3
533 case DES_CBC_TYPE:
534 if (ctx->enc)
535 ret = wc_Des_CbcEncrypt(&ctx->cipher.des, out, in, inl);
536 else
537 ret = wc_Des_CbcDecrypt(&ctx->cipher.des, out, in, inl);
538 break;
539 case DES_EDE3_CBC_TYPE:
540 if (ctx->enc)
541 ret = wc_Des3_CbcEncrypt(&ctx->cipher.des3, out, in, inl);
542 else
543 ret = wc_Des3_CbcDecrypt(&ctx->cipher.des3, out, in, inl);
544 break;
545 #if defined(WOLFSSL_DES_ECB)
546 case DES_ECB_TYPE:
547 ret = wc_Des_EcbEncrypt(&ctx->cipher.des, out, in, inl);
548 break;
549 case DES_EDE3_ECB_TYPE:
550 ret = wc_Des3_EcbEncrypt(&ctx->cipher.des3, out, in, inl);
551 break;
552 #endif
553 #endif
554 #ifndef NO_RC4
555 case ARC4_TYPE:
556 wc_Arc4Process(&ctx->cipher.arc4, out, in, inl);
557 break;
558 #endif
559 default:
560 return WOLFSSL_FAILURE;
561 }
562
563 if (ret != 0)
564 return WOLFSSL_FAILURE; /* failure */
565
566 (void)in;
567 (void)inl;
568 (void)out;
569
570 return WOLFSSL_SUCCESS; /* success */
571}
572
573#if defined(HAVE_AESGCM)
574static int wolfSSL_EVP_CipherUpdate_GCM(WOLFSSL_EVP_CIPHER_CTX *ctx,
575 unsigned char *out, int *outl,
576 const unsigned char *in, int inl)
577{
578 /* process blocks */
579 if (evpCipherBlock(ctx, out, in, inl) == 0)
580 return WOLFSSL_FAILURE;
581 *outl = inl;
582 return WOLFSSL_SUCCESS;
583}
584#endif
585
586/* returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure */
587WOLFSSL_API int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx,
588 unsigned char *out, int *outl,
589 const unsigned char *in, int inl)
590{
591 int blocks;
592 int fill;
593
594 WOLFSSL_ENTER("wolfSSL_EVP_CipherUpdate");
595 if ((ctx == NULL) || (inl < 0) || (outl == NULL)|| (in == NULL)) {
596 WOLFSSL_MSG("Bad argument");
597 return WOLFSSL_FAILURE;
598 }
599
600 *outl = 0;
601 if (inl == 0) {
602 return WOLFSSL_SUCCESS;
603 }
604
605#if !defined(NO_AES) && defined(HAVE_AESGCM)
606 switch (ctx->cipherType) {
607 case AES_128_GCM_TYPE:
608 case AES_192_GCM_TYPE:
609 case AES_256_GCM_TYPE:
610/* if out == NULL, in/inl contains the additional authenticated data for GCM */
611 return wolfSSL_EVP_CipherUpdate_GCM(ctx, out, outl, in, inl);
612 default:
613 /* fall-through */
614 break;
615 }
616#endif /* !defined(NO_AES) && defined(HAVE_AESGCM) */
617
618 if (out == NULL) {
619 return WOLFSSL_FAILURE;
620 }
621
622
623 if (ctx->bufUsed > 0) { /* concatenate them if there is anything */
624 fill = fillBuff(ctx, in, inl);
625 inl -= fill;
626 in += fill;
627 }
628
629 /* check if the buff is full, and if so flash it out */
630 if (ctx->bufUsed == ctx->block_size) {
631 byte* output = out;
632
633 /* During decryption we save the last block to check padding on Final.
634 * Update the last block stored if one has already been stored */
635 if (ctx->enc == 0) {
636 if (ctx->lastUsed == 1) {
637 XMEMCPY(out, ctx->lastBlock, ctx->block_size);
638 *outl+= ctx->block_size;
639 out += ctx->block_size;
640 }
641 output = ctx->lastBlock; /* redirect output to last block buffer */
642 ctx->lastUsed = 1;
643 }
644
645 PRINT_BUF(ctx->buf, ctx->block_size);
646 if (evpCipherBlock(ctx, output, ctx->buf, ctx->block_size) == 0) {
647 return WOLFSSL_FAILURE;
648 }
649 PRINT_BUF(out, ctx->block_size);
650 ctx->bufUsed = 0;
651
652 /* if doing encryption update the new output block, decryption will
653 * always have the last block saved for when Final is called */
654 if ((ctx->enc != 0)) {
655 *outl+= ctx->block_size;
656 out += ctx->block_size;
657 }
658 }
659
660 blocks = inl / ctx->block_size;
661 if (blocks > 0) {
662 /* During decryption we save the last block to check padding on Final.
663 * Update the last block stored if one has already been stored */
664 if ((ctx->enc == 0) && (ctx->lastUsed == 1)) {
665 PRINT_BUF(ctx->lastBlock, ctx->block_size);
666 XMEMCPY(out, ctx->lastBlock, ctx->block_size);
667 *outl += ctx->block_size;
668 out += ctx->block_size;
669 ctx->lastUsed = 0;
670 }
671
672 /* process blocks */
673 if (evpCipherBlock(ctx, out, in, blocks * ctx->block_size) == 0) {
674 return WOLFSSL_FAILURE;
675 }
676 PRINT_BUF(in, ctx->block_size*blocks);
677 PRINT_BUF(out,ctx->block_size*blocks);
678 inl -= ctx->block_size * blocks;
679 in += ctx->block_size * blocks;
680 if (ctx->enc == 0) {
681 if ((ctx->flags & WOLFSSL_EVP_CIPH_NO_PADDING) ||
682 (ctx->block_size == 1)) {
683 ctx->lastUsed = 0;
684 *outl += ctx->block_size * blocks;
685 } else {
686 /* in the case of decryption and padding, store the last block
687 * here in order to verify the padding when Final is called */
688 if (inl == 0) { /* if not 0 then we know leftovers are checked*/
689 ctx->lastUsed = 1;
690 blocks = blocks - 1; /* save last block to check padding in
691 * EVP_CipherFinal call */
692 XMEMCPY(ctx->lastBlock, &out[ctx->block_size * blocks],
693 ctx->block_size);
694 }
695 *outl += ctx->block_size * blocks;
696 }
697 } else {
698 *outl += ctx->block_size * blocks;
699 }
700 }
701
702
703 if (inl > 0) {
704 /* put fraction into buff */
705 fillBuff(ctx, in, inl);
706 /* no increase of outl */
707 }
708 (void)out; /* silence warning in case not read */
709
710 return WOLFSSL_SUCCESS;
711}
712
713static void padBlock(WOLFSSL_EVP_CIPHER_CTX *ctx)
714{
715 int i;
716 for (i = ctx->bufUsed; i < ctx->block_size; i++)
717 ctx->buf[i] = (byte)(ctx->block_size - ctx->bufUsed);
718}
719
720static int checkPad(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *buff)
721{
722 int i;
723 int n;
724 n = buff[ctx->block_size-1];
725 if (n > ctx->block_size) return -1;
726 for (i = 0; i < n; i++) {
727 if (buff[ctx->block_size-i-1] != n)
728 return -1;
729 }
730 return ctx->block_size - n;
731}
732
733int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx,
734 unsigned char *out, int *outl)
735{
736 int fl;
737 int ret = WOLFSSL_SUCCESS;
738 if (!ctx || !outl)
739 return WOLFSSL_FAILURE;
740
741 WOLFSSL_ENTER("wolfSSL_EVP_CipherFinal");
742
743#if !defined(NO_AES) && defined(HAVE_AESGCM)
744 switch (ctx->cipherType) {
745 case AES_128_GCM_TYPE:
746 case AES_192_GCM_TYPE:
747 case AES_256_GCM_TYPE:
748 *outl = 0;
749 /* Clear IV, since IV reuse is not recommended for AES GCM. */
750 XMEMSET(ctx->iv, 0, AES_BLOCK_SIZE);
751 return WOLFSSL_SUCCESS;
752 default:
753 /* fall-through */
754 break;
755 }
756#endif /* !NO_AES && HAVE_AESGCM */
757
758 if (!out)
759 return WOLFSSL_FAILURE;
760
761 if (ctx->flags & WOLFSSL_EVP_CIPH_NO_PADDING) {
762 if (ctx->bufUsed != 0) return WOLFSSL_FAILURE;
763 *outl = 0;
764 }
765 else if (ctx->enc) {
766 if (ctx->block_size == 1) {
767 *outl = 0;
768 }
769 else if ((ctx->bufUsed >= 0) && (ctx->block_size != 1)) {
770 padBlock(ctx);
771 PRINT_BUF(ctx->buf, ctx->block_size);
772 if (evpCipherBlock(ctx, out, ctx->buf, ctx->block_size) == 0) {
773 WOLFSSL_MSG("Final Cipher Block failed");
774 ret = WOLFSSL_FAILURE;
775 }
776 else {
777 PRINT_BUF(out, ctx->block_size);
778 *outl = ctx->block_size;
779 }
780 }
781 }
782 else {
783 if (ctx->block_size == 1) {
784 *outl = 0;
785 }
786 else if ((ctx->bufUsed % ctx->block_size) != 0) {
787 *outl = 0;
788 /* not enough padding for decrypt */
789 WOLFSSL_MSG("Final Cipher Block not enough padding");
790 ret = WOLFSSL_FAILURE;
791 }
792 else if (ctx->lastUsed) {
793 PRINT_BUF(ctx->lastBlock, ctx->block_size);
794 if ((fl = checkPad(ctx, ctx->lastBlock)) >= 0) {
795 XMEMCPY(out, ctx->lastBlock, fl);
796 *outl = fl;
797 if (ctx->lastUsed == 0 && ctx->bufUsed == 0) {
798 /* return error in cases where the block length is incorrect */
799 WOLFSSL_MSG("Final Cipher Block bad length");
800 ret = WOLFSSL_FAILURE;
801 }
802 }
803 else {
804 ret = WOLFSSL_FAILURE;
805 }
806 }
807 else if (ctx->lastUsed == 0 && ctx->bufUsed == 0) {
808 /* return error in cases where the block length is incorrect */
809 ret = WOLFSSL_FAILURE;
810 }
811 }
812 if (ret == WOLFSSL_SUCCESS) {
813 /* reset cipher state after final */
814 wolfSSL_EVP_CipherInit(ctx, NULL, NULL, NULL, -1);
815 }
816 return ret;
817}
818
819
820#ifdef WOLFSSL_EVP_DECRYPT_LEGACY
821/* This is a version of DecryptFinal to work with data encrypted with
822 * wolfSSL_EVP_EncryptFinal() with the broken padding. (pre-v3.12.0)
823 * Only call this after wolfSSL_EVP_CipherFinal() fails on a decrypt.
824 * Note, you don't know if the padding is good or bad with the old
825 * encrypt, but it is likely to be or bad. It will update the output
826 * length with the block_size so the last block is still captured. */
827WOLFSSL_API int wolfSSL_EVP_DecryptFinal_legacy(WOLFSSL_EVP_CIPHER_CTX *ctx,
828 unsigned char *out, int *outl)
829{
830 int fl;
831 if (ctx == NULL || out == NULL || outl == NULL)
832 return BAD_FUNC_ARG;
833
834 WOLFSSL_ENTER("wolfSSL_EVP_DecryptFinal_legacy");
835 if (ctx->block_size == 1) {
836 *outl = 0;
837 return WOLFSSL_SUCCESS;
838 }
839 if ((ctx->bufUsed % ctx->block_size) != 0) {
840 *outl = 0;
841 /* not enough padding for decrypt */
842 return WOLFSSL_FAILURE;
843 }
844 /* The original behavior of CipherFinal() was like it is now,
845 * but checkPad would return 0 in case of a bad pad. It would
846 * treat the pad as 0, and leave the data in the output buffer,
847 * and not try to copy anything. This converts checkPad's -1 error
848 * code to block_size.
849 */
850 if (ctx->lastUsed) {
851 PRINT_BUF(ctx->lastBlock, ctx->block_size);
852 if ((fl = checkPad(ctx, ctx->lastBlock)) < 0) {
853 fl = ctx->block_size;
854 }
855 else {
856 XMEMCPY(out, ctx->lastBlock, fl);
857 }
858 *outl = fl;
859 }
860 /* return error in cases where the block length is incorrect */
861 if (ctx->lastUsed == 0 && ctx->bufUsed == 0) {
862 return WOLFSSL_FAILURE;
863 }
864
865 return WOLFSSL_SUCCESS;
866}
867#endif
868
869
870int wolfSSL_EVP_CIPHER_CTX_block_size(const WOLFSSL_EVP_CIPHER_CTX *ctx)
871{
872 if (ctx == NULL) return BAD_FUNC_ARG;
873 switch (ctx->cipherType) {
874#if !defined(NO_AES) || !defined(NO_DES3)
875#if !defined(NO_AES)
876#if defined(HAVE_AES_CBC)
877 case AES_128_CBC_TYPE:
878 case AES_192_CBC_TYPE:
879 case AES_256_CBC_TYPE:
880#endif
881#if defined(HAVE_AESGCM)
882 case AES_128_GCM_TYPE:
883 case AES_192_GCM_TYPE:
884 case AES_256_GCM_TYPE:
885#endif
886#if defined(WOLFSSL_AES_COUNTER)
887 case AES_128_CTR_TYPE:
888 case AES_192_CTR_TYPE:
889 case AES_256_CTR_TYPE:
890#endif
891#if defined(WOLFSSL_AES_CFB)
892 case AES_128_CFB1_TYPE:
893 case AES_192_CFB1_TYPE:
894 case AES_256_CFB1_TYPE:
895 case AES_128_CFB8_TYPE:
896 case AES_192_CFB8_TYPE:
897 case AES_256_CFB8_TYPE:
898 case AES_128_CFB128_TYPE:
899 case AES_192_CFB128_TYPE:
900 case AES_256_CFB128_TYPE:
901#endif
902#if defined(WOLFSSL_AES_OFB)
903 case AES_128_OFB_TYPE:
904 case AES_192_OFB_TYPE:
905 case AES_256_OFB_TYPE:
906#endif
907#if defined(WOLFSSL_AES_XTS)
908 case AES_128_XTS_TYPE:
909 case AES_256_XTS_TYPE:
910#endif
911
912 case AES_128_ECB_TYPE:
913 case AES_192_ECB_TYPE:
914 case AES_256_ECB_TYPE:
915#endif /* !NO_AES */
916#ifndef NO_DES3
917 case DES_CBC_TYPE:
918 case DES_ECB_TYPE:
919 case DES_EDE3_CBC_TYPE:
920 case DES_EDE3_ECB_TYPE:
921#endif
922 return ctx->block_size;
923#endif /* !NO_AES || !NO_DES3 */
924 default:
925 return 0;
926 }
927}
928
929static unsigned int cipherType(const WOLFSSL_EVP_CIPHER *cipher)
930{
931 if (cipher == NULL) return 0; /* dummy for #ifdef */
932#ifndef NO_DES3
933 else if (EVP_DES_CBC && XSTRNCMP(cipher, EVP_DES_CBC, EVP_DES_SIZE) == 0)
934 return DES_CBC_TYPE;
935 else if (EVP_DES_EDE3_CBC && XSTRNCMP(cipher, EVP_DES_EDE3_CBC, EVP_DES_EDE3_SIZE) == 0)
936 return DES_EDE3_CBC_TYPE;
937#if !defined(NO_DES3)
938 else if (EVP_DES_ECB && XSTRNCMP(cipher, EVP_DES_ECB, EVP_DES_SIZE) == 0)
939 return DES_ECB_TYPE;
940 else if (EVP_DES_EDE3_ECB && XSTRNCMP(cipher, EVP_DES_EDE3_ECB, EVP_DES_EDE3_SIZE) == 0)
941 return DES_EDE3_ECB_TYPE;
942#endif /* NO_DES3 && HAVE_AES_ECB */
943#endif
944#if !defined(NO_AES)
945#if defined(HAVE_AES_CBC)
946 #ifdef WOLFSSL_AES_128
947 else if (EVP_AES_128_CBC && XSTRNCMP(cipher, EVP_AES_128_CBC, EVP_AES_SIZE) == 0)
948 return AES_128_CBC_TYPE;
949 #endif
950 #ifdef WOLFSSL_AES_192
951 else if (EVP_AES_192_CBC && XSTRNCMP(cipher, EVP_AES_192_CBC, EVP_AES_SIZE) == 0)
952 return AES_192_CBC_TYPE;
953 #endif
954 #ifdef WOLFSSL_AES_256
955 else if (EVP_AES_256_CBC && XSTRNCMP(cipher, EVP_AES_256_CBC, EVP_AES_SIZE) == 0)
956 return AES_256_CBC_TYPE;
957 #endif
958#endif /* HAVE_AES_CBC */
959#if defined(HAVE_AESGCM)
960 #ifdef WOLFSSL_AES_128
961 else if (EVP_AES_128_GCM && XSTRNCMP(cipher, EVP_AES_128_GCM, EVP_AES_SIZE) == 0)
962 return AES_128_GCM_TYPE;
963 #endif
964 #ifdef WOLFSSL_AES_192
965 else if (EVP_AES_192_GCM && XSTRNCMP(cipher, EVP_AES_192_GCM, EVP_AES_SIZE) == 0)
966 return AES_192_GCM_TYPE;
967 #endif
968 #ifdef WOLFSSL_AES_256
969 else if (EVP_AES_256_GCM && XSTRNCMP(cipher, EVP_AES_256_GCM, EVP_AES_SIZE) == 0)
970 return AES_256_GCM_TYPE;
971 #endif
972#endif /* HAVE_AESGCM */
973#if defined(WOLFSSL_AES_COUNTER)
974 #ifdef WOLFSSL_AES_128
975 else if (EVP_AES_128_CTR && XSTRNCMP(cipher, EVP_AES_128_CTR, EVP_AES_SIZE) == 0)
976 return AES_128_CTR_TYPE;
977 #endif
978 #ifdef WOLFSSL_AES_192
979 else if (EVP_AES_192_CTR && XSTRNCMP(cipher, EVP_AES_192_CTR, EVP_AES_SIZE) == 0)
980 return AES_192_CTR_TYPE;
981 #endif
982 #ifdef WOLFSSL_AES_256
983 else if (EVP_AES_256_CTR && XSTRNCMP(cipher, EVP_AES_256_CTR, EVP_AES_SIZE) == 0)
984 return AES_256_CTR_TYPE;
985 #endif
986#endif /* HAVE_AES_CBC */
987#if defined(HAVE_AES_ECB)
988 #ifdef WOLFSSL_AES_128
989 else if (EVP_AES_128_ECB && XSTRNCMP(cipher, EVP_AES_128_ECB, EVP_AES_SIZE) == 0)
990 return AES_128_ECB_TYPE;
991 #endif
992 #ifdef WOLFSSL_AES_192
993 else if (EVP_AES_192_ECB && XSTRNCMP(cipher, EVP_AES_192_ECB, EVP_AES_SIZE) == 0)
994 return AES_192_ECB_TYPE;
995 #endif
996 #ifdef WOLFSSL_AES_256
997 else if (EVP_AES_256_ECB && XSTRNCMP(cipher, EVP_AES_256_ECB, EVP_AES_SIZE) == 0)
998 return AES_256_ECB_TYPE;
999 #endif
1000#endif /*HAVE_AES_CBC */
1001#if defined(WOLFSSL_AES_XTS)
1002 #ifdef WOLFSSL_AES_128
1003 else if (EVP_AES_128_XTS && XSTRNCMP(cipher, EVP_AES_128_XTS, EVP_AES_SIZE) == 0)
1004 return AES_128_XTS_TYPE;
1005 #endif
1006 #ifdef WOLFSSL_AES_256
1007 else if (EVP_AES_256_XTS && XSTRNCMP(cipher, EVP_AES_256_XTS, EVP_AES_SIZE) == 0)
1008 return AES_256_XTS_TYPE;
1009 #endif
1010#endif /* WOLFSSL_AES_XTS */
1011#if defined(WOLFSSL_AES_CFB)
1012 #ifdef WOLFSSL_AES_128
1013 else if (EVP_AES_128_CFB1 && XSTRNCMP(cipher, EVP_AES_128_CFB1, EVP_AESCFB_SIZE) == 0)
1014 return AES_128_CFB1_TYPE;
1015 #endif
1016 #ifdef WOLFSSL_AES_192
1017 else if (EVP_AES_192_CFB1 && XSTRNCMP(cipher, EVP_AES_192_CFB1, EVP_AESCFB_SIZE) == 0)
1018 return AES_192_CFB1_TYPE;
1019 #endif
1020 #ifdef WOLFSSL_AES_256
1021 else if (EVP_AES_256_CFB1 && XSTRNCMP(cipher, EVP_AES_256_CFB1, EVP_AESCFB_SIZE) == 0)
1022 return AES_256_CFB1_TYPE;
1023 #endif
1024 #ifdef WOLFSSL_AES_128
1025 else if (EVP_AES_128_CFB8 && XSTRNCMP(cipher, EVP_AES_128_CFB8, EVP_AESCFB_SIZE) == 0)
1026 return AES_128_CFB8_TYPE;
1027 #endif
1028 #ifdef WOLFSSL_AES_192
1029 else if (EVP_AES_192_CFB8 && XSTRNCMP(cipher, EVP_AES_192_CFB8, EVP_AESCFB_SIZE) == 0)
1030 return AES_192_CFB8_TYPE;
1031 #endif
1032 #ifdef WOLFSSL_AES_256
1033 else if (EVP_AES_256_CFB8 && XSTRNCMP(cipher, EVP_AES_256_CFB8, EVP_AESCFB_SIZE) == 0)
1034 return AES_256_CFB8_TYPE;
1035 #endif
1036 #ifdef WOLFSSL_AES_128
1037 else if (EVP_AES_128_CFB128 && XSTRNCMP(cipher, EVP_AES_128_CFB128, EVP_AESCFB_SIZE) == 0)
1038 return AES_128_CFB128_TYPE;
1039 #endif
1040 #ifdef WOLFSSL_AES_192
1041 else if (EVP_AES_192_CFB128 && XSTRNCMP(cipher, EVP_AES_192_CFB128, EVP_AESCFB_SIZE) == 0)
1042 return AES_192_CFB128_TYPE;
1043 #endif
1044 #ifdef WOLFSSL_AES_256
1045 else if (EVP_AES_256_CFB128 && XSTRNCMP(cipher, EVP_AES_256_CFB128, EVP_AESCFB_SIZE) == 0)
1046 return AES_256_CFB128_TYPE;
1047 #endif
1048#endif /*HAVE_AES_CBC */
1049#endif /* !NO_AES */
1050 else return 0;
1051}
1052
1053int wolfSSL_EVP_CIPHER_block_size(const WOLFSSL_EVP_CIPHER *cipher)
1054{
1055 if (cipher == NULL) return BAD_FUNC_ARG;
1056 switch (cipherType(cipher)) {
1057#if !defined(NO_AES)
1058 #if defined(HAVE_AES_CBC)
1059 case AES_128_CBC_TYPE:
1060 case AES_192_CBC_TYPE:
1061 case AES_256_CBC_TYPE:
1062 return AES_BLOCK_SIZE;
1063 #endif
1064 #if defined(HAVE_AESGCM)
1065 case AES_128_GCM_TYPE:
1066 case AES_192_GCM_TYPE:
1067 case AES_256_GCM_TYPE:
1068 return AES_BLOCK_SIZE;
1069 #endif
1070 #if defined(WOLFSSL_AES_COUNTER)
1071 case AES_128_CTR_TYPE:
1072 case AES_192_CTR_TYPE:
1073 case AES_256_CTR_TYPE:
1074 return AES_BLOCK_SIZE;
1075 #endif
1076 #if defined(HAVE_AES_ECB)
1077 case AES_128_ECB_TYPE:
1078 case AES_192_ECB_TYPE:
1079 case AES_256_ECB_TYPE:
1080 return AES_BLOCK_SIZE;
1081 #endif
1082#endif /* NO_AES */
1083 #ifndef NO_DES3
1084 case DES_CBC_TYPE: return 8;
1085 case DES_EDE3_CBC_TYPE: return 8;
1086 case DES_ECB_TYPE: return 8;
1087 case DES_EDE3_ECB_TYPE: return 8;
1088 #endif
1089 default:
1090 return 0;
1091 }
1092}
1093
1094unsigned long WOLFSSL_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher)
1095{
1096 switch (cipherType(cipher)) {
1097#if !defined(NO_AES)
1098 #if defined(HAVE_AES_CBC)
1099 case AES_128_CBC_TYPE:
1100 case AES_192_CBC_TYPE:
1101 case AES_256_CBC_TYPE:
1102 return WOLFSSL_EVP_CIPH_CBC_MODE;
1103 #endif
1104 #if defined(HAVE_AESGCM)
1105 case AES_128_GCM_TYPE:
1106 case AES_192_GCM_TYPE:
1107 case AES_256_GCM_TYPE:
1108 return WOLFSSL_EVP_CIPH_GCM_MODE;
1109 #endif
1110 #if defined(WOLFSSL_AES_COUNTER)
1111 case AES_128_CTR_TYPE:
1112 case AES_192_CTR_TYPE:
1113 case AES_256_CTR_TYPE:
1114 return WOLFSSL_EVP_CIPH_CTR_MODE;
1115 #endif
1116 case AES_128_ECB_TYPE:
1117 case AES_192_ECB_TYPE:
1118 case AES_256_ECB_TYPE:
1119 return WOLFSSL_EVP_CIPH_ECB_MODE;
1120#endif /* NO_ASE */
1121 #ifndef NO_DES3
1122 case DES_CBC_TYPE:
1123 case DES_EDE3_CBC_TYPE:
1124 return WOLFSSL_EVP_CIPH_CBC_MODE;
1125 case DES_ECB_TYPE:
1126 case DES_EDE3_ECB_TYPE:
1127 return WOLFSSL_EVP_CIPH_ECB_MODE;
1128 #endif
1129 #ifndef NO_RC4
1130 case ARC4_TYPE:
1131 return EVP_CIPH_STREAM_CIPHER;
1132 #endif
1133 default:
1134 return 0;
1135 }
1136}
1137
1138unsigned long WOLFSSL_EVP_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher)
1139{
1140 if (cipher == NULL) return 0;
1141 return WOLFSSL_CIPHER_mode(cipher);
1142}
1143
1144void wolfSSL_EVP_CIPHER_CTX_set_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags)
1145{
1146 if (ctx != NULL) {
1147 ctx->flags |= flags;
1148 }
1149}
1150
1151void wolfSSL_EVP_CIPHER_CTX_clear_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags)
1152{
1153 if (ctx != NULL) {
1154 ctx->flags &= ~flags;
1155 }
1156}
1157
1158unsigned long wolfSSL_EVP_CIPHER_flags(const WOLFSSL_EVP_CIPHER *cipher)
1159{
1160 if (cipher == NULL) return 0;
1161 return WOLFSSL_CIPHER_mode(cipher);
1162}
1163
1164int wolfSSL_EVP_CIPHER_CTX_set_padding(WOLFSSL_EVP_CIPHER_CTX *ctx, int padding)
1165{
1166 if (ctx == NULL) return BAD_FUNC_ARG;
1167 if (padding) {
1168 ctx->flags &= ~WOLFSSL_EVP_CIPH_NO_PADDING;
1169 }
1170 else {
1171 ctx->flags |= WOLFSSL_EVP_CIPH_NO_PADDING;
1172 }
1173 return 1;
1174}
1175
1176int wolfSSL_EVP_add_digest(const WOLFSSL_EVP_MD *digest)
1177{
1178 (void)digest;
1179 /* nothing to do */
1180 return 0;
1181}
1182
1183
1184/* Frees the WOLFSSL_EVP_PKEY_CTX passed in.
1185 *
1186 * return WOLFSSL_SUCCESS on success
1187 */
1188int wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx)
1189{
1190 if (ctx == NULL) return 0;
1191 WOLFSSL_ENTER("EVP_PKEY_CTX_free");
1192 if (ctx->pkey != NULL)
1193 wolfSSL_EVP_PKEY_free(ctx->pkey);
1194 if (ctx->peerKey != NULL)
1195 wolfSSL_EVP_PKEY_free(ctx->peerKey);
1196 XFREE(ctx, NULL, DYNAMIC_TYPE_PUBLIC_KEY);
1197 return WOLFSSL_SUCCESS;
1198}
1199
1200
1201/* Creates a new WOLFSSL_EVP_PKEY_CTX structure.
1202 *
1203 * pkey key structure to use with new WOLFSSL_EVP_PEKY_CTX
1204 * e engine to use. It should be NULL at this time.
1205 *
1206 * return the new structure on success and NULL if failed.
1207 */
1208WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_ENGINE *e)
1209{
1210 WOLFSSL_EVP_PKEY_CTX* ctx;
1211 int type = NID_undef;
1212
1213 if (pkey == NULL) return 0;
1214 if (e != NULL) return 0;
1215 WOLFSSL_ENTER("EVP_PKEY_CTX_new");
1216
1217 ctx = (WOLFSSL_EVP_PKEY_CTX*)XMALLOC(sizeof(WOLFSSL_EVP_PKEY_CTX), NULL,
1218 DYNAMIC_TYPE_PUBLIC_KEY);
1219 if (ctx == NULL) return NULL;
1220 XMEMSET(ctx, 0, sizeof(WOLFSSL_EVP_PKEY_CTX));
1221 ctx->pkey = pkey;
1222#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
1223 ctx->padding = RSA_PKCS1_PADDING;
1224#endif
1225 type = wolfSSL_EVP_PKEY_type(pkey->type);
1226
1227 if (type != NID_undef) {
1228 if (wc_LockMutex(&pkey->refMutex) != 0) {
1229 WOLFSSL_MSG("Couldn't lock pkey mutex");
1230 }
1231 pkey->references++;
1232
1233 wc_UnLockMutex(&pkey->refMutex);
1234 }
1235 return ctx;
1236}
1237
1238
1239/* Sets the type of RSA padding to use.
1240 *
1241 * ctx structure to set padding in.
1242 * padding RSA padding type
1243 *
1244 * returns WOLFSSL_SUCCESS on success.
1245 */
1246int wolfSSL_EVP_PKEY_CTX_set_rsa_padding(WOLFSSL_EVP_PKEY_CTX *ctx, int padding)
1247{
1248 if (ctx == NULL) return 0;
1249 WOLFSSL_ENTER("EVP_PKEY_CTX_set_rsa_padding");
1250 ctx->padding = padding;
1251 return WOLFSSL_SUCCESS;
1252}
1253
1254/* create a PKEY contxt and return it */
1255WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new_id(int id, WOLFSSL_ENGINE *e)
1256{
1257 WOLFSSL_EVP_PKEY* pkey;
1258 WOLFSSL_EVP_PKEY_CTX* ctx = NULL;
1259
1260 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_CTX_new_id");
1261
1262 pkey = wolfSSL_EVP_PKEY_new_ex(NULL);
1263 if (pkey) {
1264 pkey->type = id;
1265 ctx = wolfSSL_EVP_PKEY_CTX_new(pkey, e);
1266 if (ctx == NULL) {
1267 wolfSSL_EVP_PKEY_free(pkey);
1268 }
1269 }
1270 return ctx;
1271}
1272
1273/* Returns WOLFSSL_SUCCESS or error */
1274int wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits(WOLFSSL_EVP_PKEY_CTX *ctx, int bits)
1275{
1276 if (ctx) {
1277 ctx->nbits = bits;
1278 }
1279 return WOLFSSL_SUCCESS;
1280}
1281
1282
1283int wolfSSL_EVP_PKEY_derive_init(WOLFSSL_EVP_PKEY_CTX *ctx)
1284{
1285 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_derive_init");
1286
1287 if (!ctx) {
1288 return WOLFSSL_FAILURE;
1289 }
1290 wolfSSL_EVP_PKEY_free(ctx->peerKey);
1291 ctx->op = EVP_PKEY_OP_DERIVE;
1292 ctx->padding = 0;
1293 ctx->nbits = 0;
1294 return WOLFSSL_SUCCESS;
1295}
1296
1297int wolfSSL_EVP_PKEY_derive_set_peer(WOLFSSL_EVP_PKEY_CTX *ctx, WOLFSSL_EVP_PKEY *peer)
1298{
1299 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_derive_set_peer");
1300
1301 if (!ctx || ctx->op != EVP_PKEY_OP_DERIVE) {
1302 return WOLFSSL_FAILURE;
1303 }
1304 wolfSSL_EVP_PKEY_free(ctx->peerKey);
1305 ctx->peerKey = peer;
1306 if (!wolfSSL_EVP_PKEY_up_ref(peer)) {
1307 ctx->peerKey = NULL;
1308 return WOLFSSL_FAILURE;
1309 }
1310 return WOLFSSL_SUCCESS;
1311}
1312
1313#if !defined(NO_DH) && defined(HAVE_ECC)
1314int wolfSSL_EVP_PKEY_derive(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
1315{
1316 int len;
1317
1318 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_derive");
1319
1320 if (!ctx || ctx->op != EVP_PKEY_OP_DERIVE || !ctx->pkey || !ctx->peerKey || !keylen
1321 || ctx->pkey->type != ctx->peerKey->type) {
1322 return WOLFSSL_FAILURE;
1323 }
1324 switch (ctx->pkey->type) {
1325#ifndef NO_DH
1326 case EVP_PKEY_DH:
1327 /* Use DH */
1328 if (!ctx->pkey->dh || !ctx->peerKey->dh || !ctx->peerKey->dh->pub_key) {
1329 return WOLFSSL_FAILURE;
1330 }
1331 if ((len = wolfSSL_DH_size(ctx->pkey->dh)) <= 0) {
1332 return WOLFSSL_FAILURE;
1333 }
1334 if (key) {
1335 if (*keylen < (size_t)len) {
1336 return WOLFSSL_FAILURE;
1337 }
1338 if (wolfSSL_DH_compute_key(key, ctx->peerKey->dh->pub_key,
1339 ctx->pkey->dh) != len) {
1340 return WOLFSSL_FAILURE;
1341 }
1342 }
1343 *keylen = (size_t)len;
1344 break;
1345#endif
1346#ifdef HAVE_ECC
1347 case EVP_PKEY_EC:
1348 /* Use ECDH */
1349 if (!ctx->pkey->ecc || !ctx->peerKey->ecc) {
1350 return WOLFSSL_FAILURE;
1351 }
1352 /* set internal key if not done */
1353 if (!ctx->pkey->ecc->inSet) {
1354 if (SetECKeyInternal(ctx->pkey->ecc) != WOLFSSL_SUCCESS) {
1355 WOLFSSL_MSG("SetECKeyInternal failed");
1356 return WOLFSSL_FAILURE;
1357 }
1358 }
1359 if (!ctx->peerKey->ecc->exSet || !ctx->peerKey->ecc->pub_key->internal) {
1360 if (SetECKeyExternal(ctx->peerKey->ecc) != WOLFSSL_SUCCESS) {
1361 WOLFSSL_MSG("SetECKeyExternal failed");
1362 return WOLFSSL_FAILURE;
1363 }
1364 }
1365 if (!(len = wc_ecc_size((ecc_key*)ctx->pkey->ecc->internal))) {
1366 return WOLFSSL_FAILURE;
1367 }
1368 if (key) {
1369 word32 len32 = (word32)len;
1370 if (*keylen < len32) {
1371 WOLFSSL_MSG("buffer too short");
1372 return WOLFSSL_FAILURE;
1373 }
1374 if (wc_ecc_shared_secret_ssh((ecc_key*)ctx->pkey->ecc->internal,
1375 (ecc_point*)ctx->peerKey->ecc->pub_key->internal,
1376 key, &len32) != MP_OKAY) {
1377 WOLFSSL_MSG("wc_ecc_shared_secret failed");
1378 return WOLFSSL_FAILURE;
1379 }
1380 len = (int)len32;
1381 }
1382 *keylen = (size_t)len;
1383 break;
1384#endif
1385 default:
1386 WOLFSSL_MSG("Unknown key type");
1387 return WOLFSSL_FAILURE;
1388 }
1389 return WOLFSSL_SUCCESS;
1390}
1391#endif
1392
1393/* Uses the WOLFSSL_EVP_PKEY_CTX to decrypt a buffer.
1394 *
1395 * ctx structure to decrypt with
1396 * out buffer to hold the results
1397 * outlen initially holds size of out buffer and gets set to decrypt result size
1398 * in buffer decrypt
1399 * inlen length of in buffer
1400 *
1401 * returns WOLFSSL_SUCCESS on success.
1402 */
1403int wolfSSL_EVP_PKEY_decrypt(WOLFSSL_EVP_PKEY_CTX *ctx,
1404 unsigned char *out, size_t *outlen,
1405 const unsigned char *in, size_t inlen)
1406{
1407 int len = 0;
1408
1409 if (ctx == NULL) return 0;
1410 WOLFSSL_ENTER("EVP_PKEY_decrypt");
1411
1412 (void)out;
1413 (void)outlen;
1414 (void)in;
1415 (void)inlen;
1416 (void)len;
1417
1418 switch (ctx->pkey->type) {
1419#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
1420 case EVP_PKEY_RSA:
1421 len = wolfSSL_RSA_private_decrypt((int)inlen, (unsigned char*)in, out,
1422 ctx->pkey->rsa, ctx->padding);
1423 if (len < 0) break;
1424 else {
1425 *outlen = len;
1426 return WOLFSSL_SUCCESS;
1427 }
1428#endif /* NO_RSA */
1429
1430 case EVP_PKEY_EC:
1431 WOLFSSL_MSG("not implemented");
1432 FALL_THROUGH;
1433 default:
1434 break;
1435 }
1436 return WOLFSSL_FAILURE;
1437}
1438
1439
1440/* Initialize a WOLFSSL_EVP_PKEY_CTX structure for decryption
1441 *
1442 * ctx WOLFSSL_EVP_PKEY_CTX structure to use with decryption
1443 *
1444 * Returns WOLFSSL_FAILURE on failure and WOLFSSL_SUCCESS on success
1445 */
1446int wolfSSL_EVP_PKEY_decrypt_init(WOLFSSL_EVP_PKEY_CTX *ctx)
1447{
1448 if (ctx == NULL) return WOLFSSL_FAILURE;
1449 WOLFSSL_ENTER("EVP_PKEY_decrypt_init");
1450 switch (ctx->pkey->type) {
1451 case EVP_PKEY_RSA:
1452 ctx->op = EVP_PKEY_OP_DECRYPT;
1453 return WOLFSSL_SUCCESS;
1454 case EVP_PKEY_EC:
1455 WOLFSSL_MSG("not implemented");
1456 FALL_THROUGH;
1457 default:
1458 break;
1459 }
1460 return WOLFSSL_FAILURE;
1461}
1462
1463
1464/* Use a WOLFSSL_EVP_PKEY_CTX structure to encrypt data
1465 *
1466 * ctx WOLFSSL_EVP_PKEY_CTX structure to use with encryption
1467 * out buffer to hold encrypted data
1468 * outlen length of out buffer
1469 * in data to be encrypted
1470 * inlen length of in buffer
1471 *
1472 * Returns WOLFSSL_FAILURE on failure and WOLFSSL_SUCCESS on success
1473 */
1474int wolfSSL_EVP_PKEY_encrypt(WOLFSSL_EVP_PKEY_CTX *ctx,
1475 unsigned char *out, size_t *outlen,
1476 const unsigned char *in, size_t inlen)
1477{
1478 int len = 0;
1479 if (ctx == NULL) return WOLFSSL_FAILURE;
1480 WOLFSSL_ENTER("EVP_PKEY_encrypt");
1481 if (ctx->op != EVP_PKEY_OP_ENCRYPT) return WOLFSSL_FAILURE;
1482
1483 (void)out;
1484 (void)outlen;
1485 (void)in;
1486 (void)inlen;
1487 (void)len;
1488 switch (ctx->pkey->type) {
1489#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
1490 case EVP_PKEY_RSA:
1491 len = wolfSSL_RSA_public_encrypt((int)inlen, (unsigned char *)in, out,
1492 ctx->pkey->rsa, ctx->padding);
1493 if (len < 0)
1494 break;
1495 else {
1496 *outlen = len;
1497 return WOLFSSL_SUCCESS;
1498 }
1499#endif /* NO_RSA */
1500
1501 case EVP_PKEY_EC:
1502 WOLFSSL_MSG("not implemented");
1503 FALL_THROUGH;
1504 default:
1505 break;
1506 }
1507 return WOLFSSL_FAILURE;
1508}
1509
1510
1511/* Initialize a WOLFSSL_EVP_PKEY_CTX structure to encrypt data
1512 *
1513 * ctx WOLFSSL_EVP_PKEY_CTX structure to use with encryption
1514 *
1515 * Returns WOLFSSL_FAILURE on failure and WOLFSSL_SUCCESS on success
1516 */
1517int wolfSSL_EVP_PKEY_encrypt_init(WOLFSSL_EVP_PKEY_CTX *ctx)
1518{
1519 if (ctx == NULL) return WOLFSSL_FAILURE;
1520 WOLFSSL_ENTER("EVP_PKEY_encrypt_init");
1521
1522 switch (ctx->pkey->type) {
1523 case EVP_PKEY_RSA:
1524 ctx->op = EVP_PKEY_OP_ENCRYPT;
1525 return WOLFSSL_SUCCESS;
1526 case EVP_PKEY_EC:
1527 WOLFSSL_MSG("not implemented");
1528 FALL_THROUGH;
1529 default:
1530 break;
1531 }
1532 return WOLFSSL_FAILURE;
1533}
1534/******************************************************************************
1535* wolfSSL_EVP_PKEY_sign_init - initializes a public key algorithm context for
1536* a signing operation.
1537*
1538* RETURNS:
1539* returns WOLFSSL_SUCCESS on success, otherwise returns -2
1540*/
1541WOLFSSL_API int wolfSSL_EVP_PKEY_sign_init(WOLFSSL_EVP_PKEY_CTX *ctx)
1542{
1543 int ret = -2;
1544
1545 WOLFSSL_MSG("wolfSSL_EVP_PKEY_sign_init");
1546 if (!ctx || !ctx->pkey)
1547 return ret;
1548
1549 switch (ctx->pkey->type) {
1550 case EVP_PKEY_RSA:
1551 ctx->op = EVP_PKEY_OP_SIGN;
1552 ret = WOLFSSL_SUCCESS;
1553 break;
1554 case EVP_PKEY_EC:
1555 WOLFSSL_MSG("not implemented");
1556 FALL_THROUGH;
1557 default:
1558 ret = -2;
1559 }
1560 return ret;
1561}
1562/******************************************************************************
1563* wolfSSL_EVP_PKEY_sign - performs a public key signing operation using ctx
1564* The data to be signed should be hashed since the function does not hash the data.
1565*
1566* RETURNS:
1567* returns WOLFSSL_SUCCESS on success, otherwise returns WOLFSSL_FAILURE
1568*/
1569
1570WOLFSSL_API int wolfSSL_EVP_PKEY_sign(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *sig,
1571 size_t *siglen, const unsigned char *tbs, size_t tbslen)
1572{
1573 int len = 0;
1574
1575 WOLFSSL_MSG("wolfSSL_EVP_PKEY_sign");
1576
1577 if (!ctx || ctx->op != EVP_PKEY_OP_SIGN || !ctx->pkey)
1578 return WOLFSSL_FAILURE;
1579
1580 (void)sig;
1581 (void)siglen;
1582 (void)tbs;
1583 (void)tbslen;
1584 (void)len;
1585
1586 switch (ctx->pkey->type) {
1587#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
1588 case EVP_PKEY_RSA:
1589 len = wolfSSL_RSA_private_encrypt((int)tbslen, (unsigned char*)tbs, sig,
1590 ctx->pkey->rsa, ctx->padding);
1591 if (len < 0)
1592 break;
1593 else {
1594 *siglen = len;
1595 return WOLFSSL_SUCCESS;
1596 }
1597#endif /* NO_RSA */
1598
1599 case EVP_PKEY_EC:
1600 WOLFSSL_MSG("not implemented");
1601 FALL_THROUGH;
1602 default:
1603 break;
1604 }
1605 return WOLFSSL_FAILURE;
1606}
1607
1608/* Get the size in bits for WOLFSSL_EVP_PKEY key
1609 *
1610 * pkey WOLFSSL_EVP_PKEY structure to get key size of
1611 *
1612 * returns the size in bits of key on success
1613 */
1614int wolfSSL_EVP_PKEY_bits(const WOLFSSL_EVP_PKEY *pkey)
1615{
1616 int bytes;
1617
1618 if (pkey == NULL) return 0;
1619 WOLFSSL_ENTER("EVP_PKEY_bits");
1620 if ((bytes = wolfSSL_EVP_PKEY_size((WOLFSSL_EVP_PKEY*)pkey)) ==0) return 0;
1621 return bytes*8;
1622}
1623
1624
1625int wolfSSL_EVP_PKEY_keygen_init(WOLFSSL_EVP_PKEY_CTX *ctx)
1626{
1627 (void)ctx;
1628 return WOLFSSL_SUCCESS;
1629}
1630
1631int wolfSSL_EVP_PKEY_keygen(WOLFSSL_EVP_PKEY_CTX *ctx,
1632 WOLFSSL_EVP_PKEY **ppkey)
1633{
1634 int ret = WOLFSSL_FAILURE;
1635 int ownPkey = 0;
1636 WOLFSSL_EVP_PKEY* pkey;
1637
1638 if (ctx == NULL || ppkey == NULL) {
1639 return BAD_FUNC_ARG;
1640 }
1641
1642 pkey = *ppkey;
1643 if (pkey == NULL) {
1644 ownPkey = 1;
1645 pkey = wolfSSL_EVP_PKEY_new();
1646
1647 if (pkey == NULL)
1648 return ret;
1649 }
1650
1651 switch (pkey->type) {
1652#if !defined(HAVE_FAST_RSA) && defined(WOLFSSL_KEY_GEN) && \
1653 !defined(NO_RSA) && !defined(HAVE_USER_RSA)
1654 case EVP_PKEY_RSA:
1655 pkey->rsa = wolfSSL_RSA_generate_key(ctx->nbits, WC_RSA_EXPONENT,
1656 NULL, NULL);
1657 if (pkey->rsa) {
1658 pkey->ownRsa = 1;
1659 pkey->pkey_sz = wolfSSL_i2d_RSAPrivateKey(pkey->rsa,
1660 (unsigned char**)&pkey->pkey.ptr);
1661 ret = WOLFSSL_SUCCESS;
1662 }
1663 break;
1664#endif
1665#ifdef HAVE_ECC
1666 case EVP_PKEY_EC:
1667 pkey->ecc = wolfSSL_EC_KEY_new();
1668 if (pkey->ecc) {
1669 ret = wolfSSL_EC_KEY_generate_key(pkey->ecc);
1670 if (ret == WOLFSSL_SUCCESS) {
1671 pkey->ownEcc = 1;
1672 }
1673 }
1674#endif
1675 default:
1676 break;
1677 }
1678
1679 if (ret != WOLFSSL_SUCCESS && ownPkey) {
1680 wolfSSL_EVP_PKEY_free(pkey);
1681 pkey = NULL;
1682 }
1683
1684 *ppkey = pkey;
1685
1686 return ret;
1687}
1688
1689/* Get the size in bytes for WOLFSSL_EVP_PKEY key
1690 *
1691 * pkey WOLFSSL_EVP_PKEY structure to get key size of
1692 *
1693 * returns the size of a key on success which is the maximum size of a
1694 * signature
1695 */
1696int wolfSSL_EVP_PKEY_size(WOLFSSL_EVP_PKEY *pkey)
1697{
1698 if (pkey == NULL) return 0;
1699 WOLFSSL_ENTER("EVP_PKEY_size");
1700
1701 switch (pkey->type) {
1702#ifndef NO_RSA
1703 case EVP_PKEY_RSA:
1704 return (int)wolfSSL_RSA_size((const WOLFSSL_RSA*)(pkey->rsa));
1705#endif /* !NO_RSA */
1706
1707#ifdef HAVE_ECC
1708 case EVP_PKEY_EC:
1709 if (pkey->ecc == NULL || pkey->ecc->internal == NULL) {
1710 WOLFSSL_MSG("No ECC key has been set");
1711 break;
1712 }
1713 return wc_ecc_size((ecc_key*)(pkey->ecc->internal));
1714#endif /* HAVE_ECC */
1715
1716 default:
1717 break;
1718 }
1719 return 0;
1720}
1721
1722#ifndef NO_WOLFSSL_STUB
1723WOLFSSL_API int wolfSSL_EVP_PKEY_missing_parameters(WOLFSSL_EVP_PKEY *pkey)
1724{
1725 (void)pkey;
1726 /* not using missing params callback and returning zero to indicate success */
1727 return 0;
1728}
1729#endif
1730
1731WOLFSSL_API int wolfSSL_EVP_PKEY_cmp(const WOLFSSL_EVP_PKEY *a, const WOLFSSL_EVP_PKEY *b)
1732{
1733 int ret = -1; /* failure */
1734 int a_sz = 0, b_sz = 0;
1735
1736 if (a == NULL || b == NULL)
1737 return ret;
1738
1739 /* check its the same type of key */
1740 if (a->type != b->type)
1741 return ret;
1742
1743 /* get size based on key type */
1744 switch (a->type) {
1745#ifndef NO_RSA
1746 case EVP_PKEY_RSA:
1747 a_sz = (int)wolfSSL_RSA_size((const WOLFSSL_RSA*)(a->rsa));
1748 b_sz = (int)wolfSSL_RSA_size((const WOLFSSL_RSA*)(b->rsa));
1749 break;
1750#endif /* !NO_RSA */
1751#ifdef HAVE_ECC
1752 case EVP_PKEY_EC:
1753 if (a->ecc == NULL || a->ecc->internal == NULL ||
1754 b->ecc == NULL || b->ecc->internal == NULL) {
1755 return ret;
1756 }
1757 a_sz = wc_ecc_size((ecc_key*)(a->ecc->internal));
1758 b_sz = wc_ecc_size((ecc_key*)(b->ecc->internal));
1759 break;
1760#endif /* HAVE_ECC */
1761 default:
1762 break;
1763 } /* switch (a->type) */
1764
1765 /* check size */
1766 if (a_sz <= 0 || b_sz <= 0 || a_sz != b_sz) {
1767 return ret;
1768 }
1769
1770 /* check public key size */
1771 if (a->pkey_sz > 0 && b->pkey_sz > 0 && a->pkey_sz != b->pkey_sz) {
1772 return ret;
1773 }
1774
1775 /* check public key */
1776 if (a->pkey.ptr && b->pkey.ptr) {
1777 if (XMEMCMP(a->pkey.ptr, b->pkey.ptr, a->pkey_sz) != 0) {
1778 return ret;
1779 }
1780 }
1781 ret = 0; /* success */
1782
1783 return ret;
1784}
1785
1786/* Initialize structure for signing
1787 *
1788 * ctx WOLFSSL_EVP_MD_CTX structure to initialize
1789 * type is the type of message digest to use
1790 *
1791 * returns WOLFSSL_SUCCESS on success
1792 */
1793int wolfSSL_EVP_SignInit(WOLFSSL_EVP_MD_CTX *ctx, const WOLFSSL_EVP_MD *type)
1794{
1795 if (ctx == NULL) return WOLFSSL_FAILURE;
1796 WOLFSSL_ENTER("EVP_SignInit");
1797 return wolfSSL_EVP_DigestInit(ctx,type);
1798}
1799
1800WOLFSSL_API int wolfSSL_EVP_SignInit_ex(WOLFSSL_EVP_MD_CTX* ctx,
1801 const WOLFSSL_EVP_MD* type,
1802 WOLFSSL_ENGINE *impl)
1803{
1804 if (ctx == NULL) return WOLFSSL_FAILURE;
1805 WOLFSSL_ENTER("EVP_SignInit");
1806 return wolfSSL_EVP_DigestInit_ex(ctx,type,impl);
1807}
1808
1809
1810/* Update structure with data for signing
1811 *
1812 * ctx WOLFSSL_EVP_MD_CTX structure to update
1813 * data buffer holding data to update with for sign
1814 * len length of data buffer
1815 *
1816 * returns WOLFSSL_SUCCESS on success
1817 */
1818int wolfSSL_EVP_SignUpdate(WOLFSSL_EVP_MD_CTX *ctx, const void *data, size_t len)
1819{
1820 if (ctx == NULL) return 0;
1821 WOLFSSL_ENTER("EVP_SignUpdate(");
1822 return wolfSSL_EVP_DigestUpdate(ctx, data, len);
1823}
1824
1825static const struct s_ent {
1826 const int macType;
1827 const int nid;
1828 const char *name;
1829} md_tbl[] = {
1830#ifndef NO_MD4
1831 {WC_HASH_TYPE_MD4, NID_md4, "MD4"},
1832#endif /* NO_MD4 */
1833
1834#ifndef NO_MD5
1835 {WC_HASH_TYPE_MD5, NID_md5, "MD5"},
1836#endif /* NO_MD5 */
1837
1838#ifndef NO_SHA
1839 {WC_HASH_TYPE_SHA, NID_sha1, "SHA"},
1840#endif /* NO_SHA */
1841
1842#ifdef WOLFSSL_SHA224
1843 {WC_HASH_TYPE_SHA224, NID_sha224, "SHA224"},
1844#endif /* WOLFSSL_SHA224 */
1845#ifndef NO_SHA256
1846 {WC_HASH_TYPE_SHA256, NID_sha256, "SHA256"},
1847#endif
1848
1849#ifdef WOLFSSL_SHA384
1850 {WC_HASH_TYPE_SHA384, NID_sha384, "SHA384"},
1851#endif /* WOLFSSL_SHA384 */
1852#ifdef WOLFSSL_SHA512
1853 {WC_HASH_TYPE_SHA512, NID_sha512, "SHA512"},
1854#endif /* WOLFSSL_SHA512 */
1855#ifndef WOLFSSL_NOSHA3_224
1856 {WC_HASH_TYPE_SHA3_224, NID_sha3_224, "SHA3_224"},
1857#endif
1858#ifndef WOLFSSL_NOSHA3_256
1859 {WC_HASH_TYPE_SHA3_256, NID_sha3_256, "SHA3_256"},
1860#endif
1861 {WC_HASH_TYPE_SHA3_384, NID_sha3_384, "SHA3_384"},
1862#ifndef WOLFSSL_NOSHA3_512
1863 {WC_HASH_TYPE_SHA3_512, NID_sha3_512, "SHA3_512"},
1864#endif
1865 {0, 0, NULL}
1866};
1867
1868static int wolfSSL_EVP_md2macType(const WOLFSSL_EVP_MD *md)
1869{
1870 const struct s_ent *ent ;
1871
1872 if (md != NULL) {
1873 for( ent = md_tbl; ent->name != NULL; ent++) {
1874 if(XSTRNCMP((const char *)md, ent->name, XSTRLEN(ent->name)+1) == 0) {
1875 return ent->macType;
1876 }
1877 }
1878 }
1879 return WC_HASH_TYPE_NONE;
1880}
1881
1882/* Finalize structure for signing
1883 *
1884 * ctx WOLFSSL_EVP_MD_CTX structure to finalize
1885 * sigret buffer to hold resulting signature
1886 * siglen length of sigret buffer
1887 * pkey key to sign with
1888 *
1889 * returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure
1890 */
1891int wolfSSL_EVP_SignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sigret,
1892 unsigned int *siglen, WOLFSSL_EVP_PKEY *pkey)
1893{
1894 unsigned int mdsize;
1895 unsigned char md[WC_MAX_DIGEST_SIZE];
1896 int ret;
1897 if (ctx == NULL) return WOLFSSL_FAILURE;
1898 WOLFSSL_ENTER("EVP_SignFinal");
1899
1900 ret = wolfSSL_EVP_DigestFinal(ctx, md, &mdsize);
1901 if (ret <= 0) return ret;
1902
1903 (void)sigret;
1904 (void)siglen;
1905
1906 switch (pkey->type) {
1907#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
1908 case EVP_PKEY_RSA: {
1909 int nid = wolfSSL_EVP_MD_type(wolfSSL_EVP_MD_CTX_md(ctx));
1910 if (nid < 0) break;
1911 return wolfSSL_RSA_sign(nid, md, mdsize, sigret,
1912 siglen, pkey->rsa);
1913 }
1914#endif /* NO_RSA */
1915
1916 case EVP_PKEY_DSA:
1917 case EVP_PKEY_EC:
1918 WOLFSSL_MSG("not implemented");
1919 FALL_THROUGH;
1920 default:
1921 break;
1922 }
1923 return WOLFSSL_FAILURE;
1924}
1925
1926
1927/* Initialize structure for verifying signature
1928 *
1929 * ctx WOLFSSL_EVP_MD_CTX structure to initialize
1930 * type is the type of message digest to use
1931 *
1932 * returns WOLFSSL_SUCCESS on success
1933 */
1934int wolfSSL_EVP_VerifyInit(WOLFSSL_EVP_MD_CTX *ctx, const WOLFSSL_EVP_MD *type)
1935{
1936 if (ctx == NULL) return WOLFSSL_FAILURE;
1937 WOLFSSL_ENTER("EVP_VerifyInit");
1938 return wolfSSL_EVP_DigestInit(ctx,type);
1939}
1940
1941
1942/* Update structure for verifying signature
1943 *
1944 * ctx WOLFSSL_EVP_MD_CTX structure to update
1945 * data buffer holding data to update with for verify
1946 * len length of data buffer
1947 *
1948 * returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure
1949 */
1950int wolfSSL_EVP_VerifyUpdate(WOLFSSL_EVP_MD_CTX *ctx, const void *data, size_t len)
1951{
1952 if (ctx == NULL) return WOLFSSL_FAILURE;
1953 WOLFSSL_ENTER("EVP_VerifyUpdate");
1954 return wolfSSL_EVP_DigestUpdate(ctx, data, len);
1955}
1956
1957
1958/* Finalize structure for verifying signature
1959 *
1960 * ctx WOLFSSL_EVP_MD_CTX structure to finalize
1961 * sig buffer holding signature
1962 * siglen length of sig buffer
1963 * pkey key to verify with
1964 *
1965 * returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure
1966 */
1967int wolfSSL_EVP_VerifyFinal(WOLFSSL_EVP_MD_CTX *ctx,
1968 unsigned char*sig, unsigned int siglen, WOLFSSL_EVP_PKEY *pkey)
1969{
1970 int ret;
1971 unsigned char md[WC_MAX_DIGEST_SIZE];
1972 unsigned int mdsize;
1973
1974 if (ctx == NULL) return WOLFSSL_FAILURE;
1975 WOLFSSL_ENTER("EVP_VerifyFinal");
1976 ret = wolfSSL_EVP_DigestFinal(ctx, md, &mdsize);
1977 if (ret <= 0) return ret;
1978
1979 (void)sig;
1980 (void)siglen;
1981
1982 switch (pkey->type) {
1983#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
1984 case EVP_PKEY_RSA: {
1985 int nid = wolfSSL_EVP_MD_type(wolfSSL_EVP_MD_CTX_md(ctx));
1986 if (nid < 0) break;
1987 return wolfSSL_RSA_verify(nid, md, mdsize, sig,
1988 (unsigned int)siglen, pkey->rsa);
1989 }
1990#endif /* NO_RSA */
1991
1992 case EVP_PKEY_DSA:
1993 case EVP_PKEY_EC:
1994 WOLFSSL_MSG("not implemented");
1995 FALL_THROUGH;
1996 default:
1997 break;
1998 }
1999 return WOLFSSL_FAILURE;
2000}
2001
2002int wolfSSL_EVP_add_cipher(const WOLFSSL_EVP_CIPHER *cipher)
2003{
2004 (void)cipher;
2005 /* nothing to do */
2006 return 0;
2007}
2008
2009
2010WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_mac_key(int type, ENGINE* e,
2011 const unsigned char* key, int keylen)
2012{
2013 WOLFSSL_EVP_PKEY* pkey;
2014
2015 (void)e;
2016
2017 if (type != EVP_PKEY_HMAC || (key == NULL && keylen != 0))
2018 return NULL;
2019
2020 pkey = wolfSSL_EVP_PKEY_new();
2021 if (pkey != NULL) {
2022 pkey->pkey.ptr = (char*)XMALLOC(keylen, NULL, DYNAMIC_TYPE_PUBLIC_KEY);
2023 if (pkey->pkey.ptr == NULL && keylen > 0) {
2024 wolfSSL_EVP_PKEY_free(pkey);
2025 pkey = NULL;
2026 }
2027 else {
2028 XMEMCPY(pkey->pkey.ptr, key, keylen);
2029 pkey->pkey_sz = keylen;
2030 pkey->type = pkey->save_type = type;
2031 }
2032 }
2033
2034 return pkey;
2035}
2036
2037
2038const unsigned char* wolfSSL_EVP_PKEY_get0_hmac(const WOLFSSL_EVP_PKEY* pkey,
2039 size_t* len)
2040{
2041 if (pkey == NULL || len == NULL)
2042 return NULL;
2043
2044 *len = (size_t)pkey->pkey_sz;
2045
2046 return (const unsigned char*)pkey->pkey.ptr;
2047}
2048
2049
2050/* Initialize an EVP_DigestSign/Verify operation.
2051 * Initialize a digest for RSA and ECC keys, or HMAC for HMAC key.
2052 */
2053static int wolfSSL_evp_digest_pk_init(WOLFSSL_EVP_MD_CTX *ctx,
2054 WOLFSSL_EVP_PKEY_CTX **pctx,
2055 const WOLFSSL_EVP_MD *type,
2056 WOLFSSL_ENGINE *e,
2057 WOLFSSL_EVP_PKEY *pkey)
2058{
2059 if (pkey->type == EVP_PKEY_HMAC) {
2060 int hashType;
2061 const unsigned char* key;
2062 size_t keySz;
2063
2064 if (XSTRNCMP(type, "SHA256", 6) == 0) {
2065 hashType = WC_SHA256;
2066 }
2067 #ifdef WOLFSSL_SHA224
2068 else if (XSTRNCMP(type, "SHA224", 6) == 0) {
2069 hashType = WC_SHA224;
2070 }
2071 #endif
2072 #ifdef WOLFSSL_SHA384
2073 else if (XSTRNCMP(type, "SHA384", 6) == 0) {
2074 hashType = WC_SHA384;
2075 }
2076 #endif
2077 #ifdef WOLFSSL_SHA512
2078 else if (XSTRNCMP(type, "SHA512", 6) == 0) {
2079 hashType = WC_SHA512;
2080 }
2081 #endif
2082 #ifndef NO_MD5
2083 else if (XSTRNCMP(type, "MD5", 3) == 0) {
2084 hashType = WC_MD5;
2085 }
2086 #endif
2087 #ifndef NO_SHA
2088 /* has to be last since would pick or 224, 256, 384, or 512 too */
2089 else if (XSTRNCMP(type, "SHA", 3) == 0) {
2090 hashType = WC_SHA;
2091 }
2092 #endif /* NO_SHA */
2093 else
2094 return BAD_FUNC_ARG;
2095
2096 key = wolfSSL_EVP_PKEY_get0_hmac(pkey, &keySz);
2097
2098 if (wc_HmacInit(&ctx->hash.hmac, NULL, INVALID_DEVID) != 0)
2099 return WOLFSSL_FAILURE;
2100
2101 if (wc_HmacSetKey(&ctx->hash.hmac, hashType, key, (word32)keySz) != 0)
2102 return WOLFSSL_FAILURE;
2103
2104 ctx->macType = NID_hmac;
2105 }
2106 else {
2107 int ret;
2108
2109 if (ctx->pctx == NULL) {
2110 ctx->pctx = wolfSSL_EVP_PKEY_CTX_new(pkey, e);
2111 if (ctx->pctx == NULL)
2112 return WOLFSSL_FAILURE;
2113 }
2114
2115 ret = wolfSSL_EVP_DigestInit(ctx, type);
2116 if (ret == WOLFSSL_SUCCESS && pctx != NULL)
2117 *pctx = ctx->pctx;
2118 return ret;
2119 }
2120
2121 return WOLFSSL_SUCCESS;
2122}
2123
2124/* Update an EVP_DigestSign/Verify operation.
2125 * Update a digest for RSA and ECC keys, or HMAC for HMAC key.
2126 */
2127static int wolfssl_evp_digest_pk_update(WOLFSSL_EVP_MD_CTX *ctx,
2128 const void *d, unsigned int cnt)
2129{
2130 if (ctx->pctx == NULL) {
2131 if (ctx->macType != NID_hmac)
2132 return WOLFSSL_FAILURE;
2133
2134 if (wc_HmacUpdate(&ctx->hash.hmac, (const byte *)d, cnt) != 0)
2135 return WOLFSSL_FAILURE;
2136
2137 return WOLFSSL_SUCCESS;
2138 }
2139 else
2140 return wolfSSL_EVP_DigestUpdate(ctx, d, cnt);
2141}
2142
2143/* Finalize an EVP_DigestSign/Verify operation - common part only.
2144 * Finalize a digest for RSA and ECC keys, or HMAC for HMAC key.
2145 * Copies the digest so that you can keep updating.
2146 */
2147static int wolfssl_evp_digest_pk_final(WOLFSSL_EVP_MD_CTX *ctx,
2148 unsigned char *md, unsigned int* mdlen)
2149{
2150 int ret;
2151
2152 if (ctx->pctx == NULL) {
2153 Hmac hmacCopy;
2154
2155 if (ctx->macType != NID_hmac)
2156 return WOLFSSL_FAILURE;
2157
2158 if (wolfSSL_HmacCopy(&hmacCopy, &ctx->hash.hmac) != WOLFSSL_SUCCESS)
2159 return WOLFSSL_FAILURE;
2160 ret = wc_HmacFinal(&hmacCopy, md) == 0;
2161 wc_HmacFree(&hmacCopy);
2162 return ret;
2163 }
2164 else {
2165 WOLFSSL_EVP_MD_CTX ctxCopy;
2166
2167 if (wolfSSL_EVP_MD_CTX_copy_ex(&ctxCopy, ctx) != WOLFSSL_SUCCESS)
2168 return WOLFSSL_FAILURE;
2169
2170 ret = wolfSSL_EVP_DigestFinal(&ctxCopy, md, mdlen);
2171 wolfSSL_EVP_MD_CTX_cleanup(&ctxCopy);
2172 return ret;
2173 }
2174}
2175
2176/* Get the length of the mac based on the digest algorithm. */
2177static int wolfssl_mac_len(unsigned char macType)
2178{
2179 int hashLen;
2180
2181 switch (macType) {
2182 #ifndef NO_MD5
2183 case WC_MD5:
2184 hashLen = WC_MD5_DIGEST_SIZE;
2185 break;
2186 #endif /* !NO_MD5 */
2187
2188 #ifndef NO_SHA
2189 case WC_SHA:
2190 hashLen = WC_SHA_DIGEST_SIZE;
2191 break;
2192 #endif /* !NO_SHA */
2193
2194 #ifdef WOLFSSL_SHA224
2195 case WC_SHA224:
2196 hashLen = WC_SHA224_DIGEST_SIZE;
2197 break;
2198 #endif /* WOLFSSL_SHA224 */
2199
2200 #ifndef NO_SHA256
2201 case WC_SHA256:
2202 hashLen = WC_SHA256_DIGEST_SIZE;
2203 break;
2204 #endif /* !NO_SHA256 */
2205
2206 #ifdef WOLFSSL_SHA384
2207 case WC_SHA384:
2208 hashLen = WC_SHA384_DIGEST_SIZE;
2209 break;
2210 #endif /* WOLFSSL_SHA384 */
2211 #ifdef WOLFSSL_SHA512
2212 case WC_SHA512:
2213 hashLen = WC_SHA512_DIGEST_SIZE;
2214 break;
2215 #endif /* WOLFSSL_SHA512 */
2216
2217 #ifdef HAVE_BLAKE2
2218 case BLAKE2B_ID:
2219 hashLen = BLAKE2B_OUTBYTES;
2220 break;
2221 #endif /* HAVE_BLAKE2 */
2222
2223 default:
2224 hashLen = 0;
2225 }
2226
2227 return hashLen;
2228}
2229
2230int wolfSSL_EVP_DigestSignInit(WOLFSSL_EVP_MD_CTX *ctx,
2231 WOLFSSL_EVP_PKEY_CTX **pctx,
2232 const WOLFSSL_EVP_MD *type,
2233 WOLFSSL_ENGINE *e,
2234 WOLFSSL_EVP_PKEY *pkey)
2235{
2236 WOLFSSL_ENTER("EVP_DigestSignInit");
2237
2238 if (ctx == NULL || type == NULL || pkey == NULL)
2239 return BAD_FUNC_ARG;
2240
2241 return wolfSSL_evp_digest_pk_init(ctx, pctx, type, e, pkey);
2242}
2243
2244
2245int wolfSSL_EVP_DigestSignUpdate(WOLFSSL_EVP_MD_CTX *ctx, const void *d,
2246 unsigned int cnt)
2247{
2248 WOLFSSL_ENTER("EVP_DigestSignUpdate");
2249
2250 if (ctx == NULL || d == NULL)
2251 return BAD_FUNC_ARG;
2252
2253 return wolfssl_evp_digest_pk_update(ctx, d, cnt);
2254}
2255
2256int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sig,
2257 size_t *siglen)
2258{
2259 unsigned char digest[WC_MAX_DIGEST_SIZE];
2260 unsigned int hashLen;
2261 int ret = WOLFSSL_FAILURE;
2262
2263 WOLFSSL_ENTER("EVP_DigestSignFinal");
2264
2265 if (ctx == NULL || siglen == NULL)
2266 return WOLFSSL_FAILURE;
2267
2268 /* Return the maximum size of the signaure when sig is NULL. */
2269 if (ctx->pctx == NULL) {
2270 if (ctx->macType != NID_hmac)
2271 return WOLFSSL_FAILURE;
2272
2273 hashLen = wolfssl_mac_len(ctx->hash.hmac.macType);
2274
2275 if (sig == NULL) {
2276 *siglen = hashLen;
2277 return WOLFSSL_SUCCESS;
2278 }
2279 }
2280#ifndef NO_RSA
2281 else if (ctx->pctx->pkey->type == EVP_PKEY_RSA) {
2282 if (sig == NULL) {
2283 *siglen = wolfSSL_RSA_size(ctx->pctx->pkey->rsa);
2284 return WOLFSSL_SUCCESS;
2285 }
2286 }
2287#endif /* !NO_RSA */
2288#ifdef HAVE_ECC
2289 else if (ctx->pctx->pkey->type == EVP_PKEY_EC) {
2290 if (sig == NULL) {
2291 /* SEQ + INT + INT */
2292 *siglen = ecc_sets[ctx->pctx->pkey->ecc->group->curve_idx].size * 2
2293 + 8;
2294 return WOLFSSL_SUCCESS;
2295 }
2296 }
2297#endif
2298
2299 if (wolfssl_evp_digest_pk_final(ctx, digest, &hashLen) <= 0)
2300 return WOLFSSL_FAILURE;
2301
2302 if (ctx->pctx == NULL) {
2303 /* Copy the HMAC result as signature. */
2304 if ((unsigned int)(*siglen) > hashLen)
2305 *siglen = hashLen;
2306 /* May be a truncated signature. */
2307
2308 XMEMCPY(sig, digest, *siglen);
2309 ret = WOLFSSL_SUCCESS;
2310 }
2311 else {
2312 /* Sign the digest. */
2313 switch (ctx->pctx->pkey->type) {
2314 #if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
2315 case EVP_PKEY_RSA: {
2316 unsigned int sigSz;
2317 int nid = wolfSSL_EVP_MD_type(wolfSSL_EVP_MD_CTX_md(ctx));
2318 if (nid < 0)
2319 break;
2320 ret = wolfSSL_RSA_sign(nid, digest, hashLen, sig, &sigSz,
2321 ctx->pctx->pkey->rsa);
2322 if (ret >= 0)
2323 *siglen = sigSz;
2324 break;
2325 }
2326 #endif /* NO_RSA */
2327
2328 #ifdef HAVE_ECC
2329 case EVP_PKEY_EC: {
2330 WOLFSSL_ECDSA_SIG *ecdsaSig;
2331 ecdsaSig = wolfSSL_ECDSA_do_sign(digest, hashLen,
2332 ctx->pctx->pkey->ecc);
2333 if (ecdsaSig == NULL)
2334 break;
2335 *siglen = wolfSSL_i2d_ECDSA_SIG(ecdsaSig, &sig);
2336 wolfSSL_ECDSA_SIG_free(ecdsaSig);
2337 ret = WOLFSSL_SUCCESS;
2338 break;
2339 }
2340 #endif
2341 default:
2342 break;
2343 }
2344 }
2345
2346 ForceZero(digest, sizeof(digest));
2347 return ret;
2348}
2349int wolfSSL_EVP_DigestVerifyInit(WOLFSSL_EVP_MD_CTX *ctx,
2350 WOLFSSL_EVP_PKEY_CTX **pctx,
2351 const WOLFSSL_EVP_MD *type,
2352 WOLFSSL_ENGINE *e,
2353 WOLFSSL_EVP_PKEY *pkey)
2354{
2355 WOLFSSL_ENTER("EVP_DigestVerifyInit");
2356
2357 if (ctx == NULL || type == NULL || pkey == NULL)
2358 return BAD_FUNC_ARG;
2359
2360 return wolfSSL_evp_digest_pk_init(ctx, pctx, type, e, pkey);
2361}
2362
2363
2364int wolfSSL_EVP_DigestVerifyUpdate(WOLFSSL_EVP_MD_CTX *ctx, const void *d,
2365 size_t cnt)
2366{
2367 WOLFSSL_ENTER("EVP_DigestVerifyUpdate");
2368
2369 if (ctx == NULL || d == NULL)
2370 return BAD_FUNC_ARG;
2371
2372 return wolfssl_evp_digest_pk_update(ctx, d, (unsigned int)cnt);
2373}
2374
2375
2376int wolfSSL_EVP_DigestVerifyFinal(WOLFSSL_EVP_MD_CTX *ctx,
2377 const unsigned char *sig, size_t siglen)
2378{
2379 unsigned char digest[WC_MAX_DIGEST_SIZE];
2380 unsigned int hashLen;
2381
2382 WOLFSSL_ENTER("EVP_DigestVerifyFinal");
2383
2384 if (ctx == NULL || sig == NULL)
2385 return WOLFSSL_FAILURE;
2386
2387 if (ctx->pctx == NULL) {
2388 if (ctx->macType != NID_hmac)
2389 return WOLFSSL_FAILURE;
2390
2391 hashLen = wolfssl_mac_len(ctx->hash.hmac.macType);
2392
2393 if (siglen > hashLen)
2394 return WOLFSSL_FAILURE;
2395 /* May be a truncated signature. */
2396 }
2397
2398 if (wolfssl_evp_digest_pk_final(ctx, digest, &hashLen) <= 0)
2399 return WOLFSSL_FAILURE;
2400
2401 if (ctx->pctx == NULL) {
2402 /* Check HMAC result matches the signature. */
2403 if (XMEMCMP(sig, digest, siglen) == 0)
2404 return WOLFSSL_SUCCESS;
2405 return WOLFSSL_FAILURE;
2406 }
2407 else {
2408 /* Verify the signature with the digest. */
2409 switch (ctx->pctx->pkey->type) {
2410 #if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
2411 case EVP_PKEY_RSA: {
2412 int nid = wolfSSL_EVP_MD_type(wolfSSL_EVP_MD_CTX_md(ctx));
2413 if (nid < 0)
2414 return WOLFSSL_FAILURE;
2415 return wolfSSL_RSA_verify(nid, digest, hashLen, sig,
2416 (unsigned int)siglen,
2417 ctx->pctx->pkey->rsa);
2418 }
2419 #endif /* NO_RSA */
2420
2421 #ifdef HAVE_ECC
2422 case EVP_PKEY_EC: {
2423 int ret;
2424 WOLFSSL_ECDSA_SIG *ecdsaSig;
2425 ecdsaSig = wolfSSL_d2i_ECDSA_SIG(NULL, &sig, (long)siglen);
2426 if (ecdsaSig == NULL)
2427 return WOLFSSL_FAILURE;
2428 ret = wolfSSL_ECDSA_do_verify(digest, hashLen, ecdsaSig,
2429 ctx->pctx->pkey->ecc);
2430 wolfSSL_ECDSA_SIG_free(ecdsaSig);
2431 return ret;
2432 }
2433 #endif
2434 default:
2435 break;
2436 }
2437 }
2438
2439 return WOLFSSL_FAILURE;
2440}
2441
2442
2443#ifdef WOLFSSL_APACHE_HTTPD
2444#if !defined(USE_WINDOWS_API) && !defined(MICROCHIP_PIC32)
2445 #include <termios.h>
2446#endif
2447
2448#ifndef XGETPASSWD
2449 static int XGETPASSWD(char* buf, int bufSz) {
2450 int ret = WOLFSSL_SUCCESS;
2451
2452 /* turn off echo for passwords */
2453 #ifdef USE_WINDOWS_API
2454 DWORD originalTerm;
2455 DWORD newTerm;
2456 CONSOLE_SCREEN_BUFFER_INFO screenOrig;
2457 HANDLE stdinHandle = GetStdHandle(STD_INPUT_HANDLE);
2458 if (GetConsoleMode(stdinHandle, &originalTerm) == 0) {
2459 WOLFSSL_MSG("Couldn't get the original terminal settings");
2460 return WOLFSSL_FAILURE;
2461 }
2462 newTerm = originalTerm;
2463 newTerm &= ~ENABLE_ECHO_INPUT;
2464 if (SetConsoleMode(stdinHandle, newTerm) == 0) {
2465 WOLFSSL_MSG("Couldn't turn off echo");
2466 return WOLFSSL_FAILURE;
2467 }
2468 #else
2469 struct termios originalTerm;
2470 struct termios newTerm;
2471 if (tcgetattr(STDIN_FILENO, &originalTerm) != 0) {
2472 WOLFSSL_MSG("Couldn't get the original terminal settings");
2473 return WOLFSSL_FAILURE;
2474 }
2475 XMEMCPY(&newTerm, &originalTerm, sizeof(struct termios));
2476
2477 newTerm.c_lflag &= ~ECHO;
2478 newTerm.c_lflag |= (ICANON | ECHONL);
2479 if (tcsetattr(STDIN_FILENO, TCSANOW, &newTerm) != 0) {
2480 WOLFSSL_MSG("Couldn't turn off echo");
2481 return WOLFSSL_FAILURE;
2482 }
2483 #endif
2484
2485 if (XFGETS(buf, bufSz, stdin) == NULL) {
2486 ret = WOLFSSL_FAILURE;
2487 }
2488
2489 /* restore default echo */
2490 #ifdef USE_WINDOWS_API
2491 if (SetConsoleMode(stdinHandle, originalTerm) == 0) {
2492 WOLFSSL_MSG("Couldn't restore the terminal settings");
2493 return WOLFSSL_FAILURE;
2494 }
2495 #else
2496 if (tcsetattr(STDIN_FILENO, TCSANOW, &originalTerm) != 0) {
2497 WOLFSSL_MSG("Couldn't restore the terminal settings");
2498 return WOLFSSL_FAILURE;
2499 }
2500 #endif
2501 return ret;
2502 }
2503#endif
2504
2505/* returns 0 on success and -2 or -1 on failure */
2506int wolfSSL_EVP_read_pw_string(char* buf, int bufSz, const char* banner, int v)
2507{
2508 printf("%s", banner);
2509 if (XGETPASSWD(buf, bufSz) == WOLFSSL_FAILURE) {
2510 return -1;
2511 }
2512 (void)v; /* fgets always sanity checks size of input vs buffer */
2513 return 0;
2514}
2515#endif /* WOLFSSL_APACHE_HTTPD */
2516
2517#if !defined(NO_PWDBASED) && !defined(NO_SHA)
2518int wolfSSL_PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
2519 const unsigned char *salt,
2520 int saltlen, int iter,
2521 int keylen, unsigned char *out)
2522{
2523 const char *nostring = "";
2524 int ret = 0;
2525
2526 if (pass == NULL) {
2527 passlen = 0;
2528 pass = nostring;
2529 }
2530 else if (passlen == -1) {
2531 passlen = (int)XSTRLEN(pass);
2532 }
2533
2534 ret = wc_PBKDF2((byte*)out, (byte*)pass, passlen, (byte*)salt, saltlen,
2535 iter, keylen, WC_SHA);
2536 if (ret == 0)
2537 return WOLFSSL_SUCCESS;
2538 else
2539 return WOLFSSL_FAILURE;
2540}
2541#endif /* !NO_PWDBASED !NO_SHA*/
2542
2543#if !defined(NO_PWDBASED)
2544WOLFSSL_API int wolfSSL_PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
2545 const unsigned char *salt,
2546 int saltlen, int iter,
2547 const WOLFSSL_EVP_MD *digest,
2548 int keylen, unsigned char *out)
2549{
2550 const char *nostring = "";
2551 int ret = 0;
2552
2553 if (pass == NULL) {
2554 passlen = 0;
2555 pass = nostring;
2556 } else if (passlen == -1) {
2557 passlen = (int)XSTRLEN(pass);
2558 }
2559
2560 ret = wc_PBKDF2((byte*)out, (byte*)pass, passlen, (byte*)salt, saltlen,
2561 iter, keylen, wolfSSL_EVP_md2macType(digest));
2562 if (ret == 0)
2563 return WOLFSSL_SUCCESS;
2564 else
2565 return WOLFSSL_FAILURE;
2566}
2567#endif /* !NO_PWDBASED */
2568
2569static const struct cipher{
2570 unsigned char type;
2571 const char *name;
2572 int nid;
2573} cipher_tbl[] = {
2574
2575#ifndef NO_AES
2576 #ifdef WOLFSSL_AES_128
2577 {AES_128_CBC_TYPE, "AES-128-CBC", NID_aes_128_cbc},
2578 #endif
2579 #ifdef WOLFSSL_AES_192
2580 {AES_192_CBC_TYPE, "AES-192-CBC", NID_aes_192_cbc},
2581 #endif
2582 #ifdef WOLFSSL_AES_256
2583 {AES_256_CBC_TYPE, "AES-256-CBC", NID_aes_256_cbc},
2584 #endif
2585
2586 #ifdef WOLFSSL_AES_128
2587 {AES_128_CFB1_TYPE, "AES-128-CFB1", NID_aes_128_cfb1},
2588 #endif
2589 #ifdef WOLFSSL_AES_192
2590 {AES_192_CFB1_TYPE, "AES-192-CFB1", NID_aes_192_cfb1},
2591 #endif
2592 #ifdef WOLFSSL_AES_256
2593 {AES_256_CFB1_TYPE, "AES-256-CFB1", NID_aes_256_cfb1},
2594 #endif
2595
2596 #ifdef WOLFSSL_AES_128
2597 {AES_128_CFB8_TYPE, "AES-128-CFB8", NID_aes_128_cfb8},
2598 #endif
2599 #ifdef WOLFSSL_AES_192
2600 {AES_192_CFB8_TYPE, "AES-192-CFB8", NID_aes_192_cfb8},
2601 #endif
2602 #ifdef WOLFSSL_AES_256
2603 {AES_256_CFB8_TYPE, "AES-256-CFB8", NID_aes_256_cfb8},
2604 #endif
2605
2606 #ifdef WOLFSSL_AES_128
2607 {AES_128_CFB128_TYPE, "AES-128-CFB128", NID_aes_128_cfb128},
2608 #endif
2609 #ifdef WOLFSSL_AES_192
2610 {AES_192_CFB128_TYPE, "AES-192-CFB128", NID_aes_192_cfb128},
2611 #endif
2612 #ifdef WOLFSSL_AES_256
2613 {AES_256_CFB128_TYPE, "AES-256-CFB128", NID_aes_256_cfb128},
2614 #endif
2615
2616 #ifdef WOLFSSL_AES_128
2617 {AES_128_OFB_TYPE, "AES-128-OFB", NID_aes_128_ofb},
2618 #endif
2619 #ifdef WOLFSSL_AES_192
2620 {AES_192_OFB_TYPE, "AES-192-OFB", NID_aes_192_ofb},
2621 #endif
2622 #ifdef WOLFSSL_AES_256
2623 {AES_256_OFB_TYPE, "AES-256-OFB", NID_aes_256_ofb},
2624 #endif
2625
2626 #ifdef WOLFSSL_AES_128
2627 {AES_128_XTS_TYPE, "AES-128-XTS", NID_aes_128_xts},
2628 #endif
2629 #ifdef WOLFSSL_AES_256
2630 {AES_256_XTS_TYPE, "AES-256-XTS", NID_aes_256_xts},
2631 #endif
2632
2633 #ifdef WOLFSSL_AES_128
2634 {AES_128_GCM_TYPE, "AES-128-GCM", NID_aes_128_gcm},
2635 #endif
2636 #ifdef WOLFSSL_AES_192
2637 {AES_192_GCM_TYPE, "AES-192-GCM", NID_aes_192_gcm},
2638 #endif
2639 #ifdef WOLFSSL_AES_256
2640 {AES_256_GCM_TYPE, "AES-256-GCM", NID_aes_256_gcm},
2641 #endif
2642 #ifdef WOLFSSL_AES_128
2643 {AES_128_CTR_TYPE, "AES-128-CTR", NID_aes_128_ctr},
2644 #endif
2645 #ifdef WOLFSSL_AES_192
2646 {AES_192_CTR_TYPE, "AES-192-CTR", NID_aes_192_ctr},
2647 #endif
2648 #ifdef WOLFSSL_AES_256
2649 {AES_256_CTR_TYPE, "AES-256-CTR", NID_aes_256_ctr},
2650 #endif
2651
2652 #ifdef WOLFSSL_AES_128
2653 {AES_128_ECB_TYPE, "AES-128-ECB", NID_aes_128_ecb},
2654 #endif
2655 #ifdef WOLFSSL_AES_192
2656 {AES_192_ECB_TYPE, "AES-192-ECB", NID_aes_192_ecb},
2657 #endif
2658 #ifdef WOLFSSL_AES_256
2659 {AES_256_ECB_TYPE, "AES-256-ECB", NID_aes_256_ecb},
2660 #endif
2661
2662#endif
2663
2664#ifndef NO_DES3
2665 {DES_CBC_TYPE, "DES-CBC", NID_des_cbc},
2666 {DES_ECB_TYPE, "DES-ECB", NID_des_ecb},
2667
2668 {DES_EDE3_CBC_TYPE, "DES-EDE3-CBC", NID_des_ede3_cbc},
2669 {DES_EDE3_ECB_TYPE, "DES-EDE3-ECB", NID_des_ede3_ecb},
2670#endif
2671
2672#ifndef NO_RC4
2673 {ARC4_TYPE, "ARC4", NID_undef},
2674#endif
2675
2676#ifdef HAVE_IDEA
2677 {IDEA_CBC_TYPE, "IDEA-CBC", NID_idea_cbc},
2678#endif
2679 { 0, NULL, 0}
2680};
2681
2682/* returns cipher using provided ctx type */
2683const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_CIPHER_CTX_cipher(
2684 const WOLFSSL_EVP_CIPHER_CTX *ctx)
2685{
2686 const struct cipher* c;
2687
2688 if (!ctx || !ctx->cipherType) {
2689 return NULL;
2690 }
2691
2692 for (c = cipher_tbl; c->type != 0; c++) {
2693 if (ctx->cipherType == c->type) {
2694 return wolfSSL_EVP_get_cipherbyname(c->name);
2695 }
2696 }
2697
2698 return NULL;
2699}
2700
2701int wolfSSL_EVP_CIPHER_nid(const WOLFSSL_EVP_CIPHER *cipher)
2702{
2703 const struct cipher* c;
2704
2705 if (!cipher) {
2706 return 0;
2707 }
2708
2709 for (c = cipher_tbl; c->type != 0; c++) {
2710 if (XSTRNCMP(cipher, c->name, XSTRLEN(c->name)+1) == 0) {
2711 return c->nid;
2712 }
2713 }
2714
2715 return 0;
2716}
2717
2718const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_get_cipherbyname(const char *name)
2719{
2720
2721 static const struct alias {
2722 const char *name;
2723 const char *alias;
2724 } alias_tbl[] =
2725 {
2726#ifndef NO_DES3
2727 {"DES-CBC", "DES"},
2728 {"DES-CBC", "des"},
2729 {"DES-ECB", "DES-ECB"},
2730 {"DES-ECB", "des-ecb"},
2731 {"DES-EDE3-CBC", "DES3"},
2732 {"DES-EDE3-CBC", "des3"},
2733 {"DES-EDE3-ECB", "DES-EDE3"},
2734 {"DES-EDE3-ECB", "des-ede3"},
2735 {"DES-EDE3-ECB", "des-ede3-ecb"},
2736#endif
2737#ifdef HAVE_IDEA
2738 {"IDEA-CBC", "IDEA"},
2739 {"IDEA-CBC", "idea"},
2740#endif
2741#ifndef NO_AES
2742 #ifdef HAVE_AES_CBC
2743 #ifdef WOLFSSL_AES_128
2744 {"AES-128-CBC", "AES128-CBC"},
2745 {"AES-128-CBC", "aes128-cbc"},
2746 #endif
2747 #ifdef WOLFSSL_AES_192
2748 {"AES-192-CBC", "AES192-CBC"},
2749 {"AES-192-CBC", "aes192-cbc"},
2750 #endif
2751 #ifdef WOLFSSL_AES_256
2752 {"AES-256-CBC", "AES256-CBC"},
2753 {"AES-256-CBC", "aes256-cbc"},
2754 #endif
2755 #endif
2756 #ifdef WOLFSSL_AES_128
2757 {"AES-128-ECB", "AES128-ECB"},
2758 {"AES-128-ECB", "aes128-ecb"},
2759 #endif
2760 #ifdef WOLFSSL_AES_192
2761 {"AES-192-ECB", "AES192-ECB"},
2762 {"AES-192-ECB", "aes192-ecb"},
2763 #endif
2764 #ifdef WOLFSSL_AES_256
2765 {"AES-256-ECB", "AES256-ECB"},
2766 #endif
2767 #ifdef HAVE_AESGCM
2768 #ifdef WOLFSSL_AES_128
2769 {"AES-128-GCM", "aes-128-gcm"},
2770 {"AES-128-GCM", "id-aes128-GCM"},
2771 #endif
2772 #ifdef WOLFSSL_AES_192
2773 {"AES-192-GCM", "aes-192-gcm"},
2774 {"AES-192-GCM", "id-aes192-GCM"},
2775 #endif
2776 #ifdef WOLFSSL_AES_256
2777 {"AES-256-GCM", "aes-256-gcm"},
2778 {"AES-256-GCM", "id-aes256-GCM"},
2779 #endif
2780 #endif
2781#endif
2782#ifndef NO_RC4
2783 {"ARC4", "RC4"},
2784#endif
2785 { NULL, NULL}
2786 };
2787
2788 const struct cipher *ent;
2789 const struct alias *al;
2790
2791 WOLFSSL_ENTER("EVP_get_cipherbyname");
2792
2793 for( al = alias_tbl; al->name != NULL; al++)
2794 if(XSTRNCMP(name, al->alias, XSTRLEN(al->alias)+1) == 0) {
2795 name = al->name;
2796 break;
2797 }
2798
2799 for( ent = cipher_tbl; ent->name != NULL; ent++)
2800 if(XSTRNCMP(name, ent->name, XSTRLEN(ent->name)+1) == 0) {
2801 return (WOLFSSL_EVP_CIPHER *)ent->name;
2802 }
2803
2804 return NULL;
2805}
2806
2807/*
2808 * return an EVP_CIPHER structure when cipher NID is passed.
2809 *
2810 * id cipher NID
2811 *
2812 * return WOLFSSL_EVP_CIPHER
2813*/
2814const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_get_cipherbynid(int id)
2815{
2816 WOLFSSL_ENTER("EVP_get_cipherbynid");
2817
2818 switch(id) {
2819
2820#ifndef NO_AES
2821 #ifdef HAVE_AES_CBC
2822 #ifdef WOLFSSL_AES_128
2823 case NID_aes_128_cbc:
2824 return wolfSSL_EVP_aes_128_cbc();
2825 #endif
2826 #ifdef WOLFSSL_AES_192
2827 case NID_aes_192_cbc:
2828 return wolfSSL_EVP_aes_192_cbc();
2829 #endif
2830 #ifdef WOLFSSL_AES_256
2831 case NID_aes_256_cbc:
2832 return wolfSSL_EVP_aes_256_cbc();
2833 #endif
2834 #endif
2835 #ifdef WOLFSSL_AES_COUNTER
2836 #ifdef WOLFSSL_AES_128
2837 case NID_aes_128_ctr:
2838 return wolfSSL_EVP_aes_128_ctr();
2839 #endif
2840 #ifdef WOLFSSL_AES_192
2841 case NID_aes_192_ctr:
2842 return wolfSSL_EVP_aes_192_ctr();
2843 #endif
2844 #ifdef WOLFSSL_AES_256
2845 case NID_aes_256_ctr:
2846 return wolfSSL_EVP_aes_256_ctr();
2847 #endif
2848 #endif /* WOLFSSL_AES_COUNTER */
2849 #ifdef HAVE_AES_ECB
2850 #ifdef WOLFSSL_AES_128
2851 case NID_aes_128_ecb:
2852 return wolfSSL_EVP_aes_128_ecb();
2853 #endif
2854 #ifdef WOLFSSL_AES_192
2855 case NID_aes_192_ecb:
2856 return wolfSSL_EVP_aes_192_ecb();
2857 #endif
2858 #ifdef WOLFSSL_AES_256
2859 case NID_aes_256_ecb:
2860 return wolfSSL_EVP_aes_256_ecb();
2861 #endif
2862 #endif /* HAVE_AES_ECB */
2863 #ifdef HAVE_AESGCM
2864 #ifdef WOLFSSL_AES_128
2865 case NID_aes_128_gcm:
2866 return wolfSSL_EVP_aes_128_gcm();
2867 #endif
2868 #ifdef WOLFSSL_AES_192
2869 case NID_aes_192_gcm:
2870 return wolfSSL_EVP_aes_192_gcm();
2871 #endif
2872 #ifdef WOLFSSL_AES_256
2873 case NID_aes_256_gcm:
2874 return wolfSSL_EVP_aes_256_gcm();
2875 #endif
2876 #endif
2877#endif
2878
2879#ifndef NO_DES3
2880 case NID_des_cbc:
2881 return wolfSSL_EVP_des_cbc();
2882#ifdef WOLFSSL_DES_ECB
2883 case NID_des_ecb:
2884 return wolfSSL_EVP_des_ecb();
2885#endif
2886 case NID_des_ede3_cbc:
2887 return wolfSSL_EVP_des_ede3_cbc();
2888#ifdef WOLFSSL_DES_ECB
2889 case NID_des_ede3_ecb:
2890 return wolfSSL_EVP_des_ede3_ecb();
2891#endif
2892#endif /*NO_DES3*/
2893
2894#ifdef HAVE_IDEA
2895 case NID_idea_cbc:
2896 return wolfSSL_EVP_idea_cbc();
2897#endif
2898
2899 default:
2900 WOLFSSL_MSG("Bad cipher id value");
2901 }
2902
2903 return NULL;
2904}
2905
2906void wolfSSL_EVP_init(void)
2907{
2908#ifndef NO_AES
2909 #ifdef HAVE_AES_CBC
2910 #ifdef WOLFSSL_AES_128
2911 EVP_AES_128_CBC = (char *)EVP_get_cipherbyname("AES-128-CBC");
2912 #endif
2913 #ifdef WOLFSSL_AES_192
2914 EVP_AES_192_CBC = (char *)EVP_get_cipherbyname("AES-192-CBC");
2915 #endif
2916 #ifdef WOLFSSL_AES_256
2917 EVP_AES_256_CBC = (char *)EVP_get_cipherbyname("AES-256-CBC");
2918 #endif
2919 #endif /* HAVE_AES_CBC */
2920
2921 #ifdef WOLFSSL_AES_CFB
2922 #ifdef WOLFSSL_AES_128
2923 EVP_AES_128_CFB1 = (char *)EVP_get_cipherbyname("AES-128-CFB1");
2924 #endif
2925
2926 #ifdef WOLFSSL_AES_192
2927 EVP_AES_192_CFB1 = (char *)EVP_get_cipherbyname("AES-192-CFB1");
2928 #endif
2929
2930 #ifdef WOLFSSL_AES_256
2931 EVP_AES_256_CFB1 = (char *)EVP_get_cipherbyname("AES-256-CFB1");
2932 #endif
2933
2934 #ifdef WOLFSSL_AES_128
2935 EVP_AES_128_CFB8 = (char *)EVP_get_cipherbyname("AES-128-CFB8");
2936 #endif
2937
2938 #ifdef WOLFSSL_AES_192
2939 EVP_AES_192_CFB8 = (char *)EVP_get_cipherbyname("AES-192-CFB8");
2940 #endif
2941
2942 #ifdef WOLFSSL_AES_256
2943 EVP_AES_256_CFB8 = (char *)EVP_get_cipherbyname("AES-256-CFB8");
2944 #endif
2945
2946 #ifdef WOLFSSL_AES_128
2947 EVP_AES_128_CFB128 = (char *)EVP_get_cipherbyname("AES-128-CFB128");
2948 #endif
2949
2950 #ifdef WOLFSSL_AES_192
2951 EVP_AES_192_CFB128 = (char *)EVP_get_cipherbyname("AES-192-CFB128");
2952 #endif
2953
2954 #ifdef WOLFSSL_AES_256
2955 EVP_AES_256_CFB128 = (char *)EVP_get_cipherbyname("AES-256-CFB128");
2956 #endif
2957 #endif /* WOLFSSL_AES_CFB */
2958
2959 #ifdef WOLFSSL_AES_OFB
2960 #ifdef WOLFSSL_AES_128
2961 EVP_AES_128_OFB = (char *)EVP_get_cipherbyname("AES-128-OFB");
2962 #endif
2963
2964 #ifdef WOLFSSL_AES_192
2965 EVP_AES_192_OFB = (char *)EVP_get_cipherbyname("AES-192-OFB");
2966 #endif
2967
2968 #ifdef WOLFSSL_AES_256
2969 EVP_AES_256_OFB = (char *)EVP_get_cipherbyname("AES-256-OFB");
2970 #endif
2971 #endif /* WOLFSSL_AES_OFB */
2972
2973 #ifdef WOLFSSL_AES_XTS
2974 #ifdef WOLFSSL_AES_128
2975 EVP_AES_128_XTS = (char *)EVP_get_cipherbyname("AES-128-XTS");
2976 #endif
2977
2978 #ifdef WOLFSSL_AES_256
2979 EVP_AES_256_XTS = (char *)EVP_get_cipherbyname("AES-256-XTS");
2980 #endif
2981 #endif /* WOLFSSL_AES_XTS */
2982
2983 #ifdef HAVE_AESGCM
2984 #ifdef WOLFSSL_AES_128
2985 EVP_AES_128_GCM = (char *)EVP_get_cipherbyname("AES-128-GCM");
2986 #endif
2987 #ifdef WOLFSSL_AES_192
2988 EVP_AES_192_GCM = (char *)EVP_get_cipherbyname("AES-192-GCM");
2989 #endif
2990 #ifdef WOLFSSL_AES_256
2991 EVP_AES_256_GCM = (char *)EVP_get_cipherbyname("AES-256-GCM");
2992 #endif
2993 #endif /* HAVE_AESGCM*/
2994 #ifdef WOLFSSL_AES_128
2995 EVP_AES_128_CTR = (char *)EVP_get_cipherbyname("AES-128-CTR");
2996 #endif
2997 #ifdef WOLFSSL_AES_192
2998 EVP_AES_192_CTR = (char *)EVP_get_cipherbyname("AES-192-CTR");
2999 #endif
3000 #ifdef WOLFSSL_AES_256
3001 EVP_AES_256_CTR = (char *)EVP_get_cipherbyname("AES-256-CTR");
3002 #endif
3003
3004 #ifdef WOLFSSL_AES_128
3005 EVP_AES_128_ECB = (char *)EVP_get_cipherbyname("AES-128-ECB");
3006 #endif
3007 #ifdef WOLFSSL_AES_192
3008 EVP_AES_192_ECB = (char *)EVP_get_cipherbyname("AES-192-ECB");
3009 #endif
3010 #ifdef WOLFSSL_AES_256
3011 EVP_AES_256_ECB = (char *)EVP_get_cipherbyname("AES-256-ECB");
3012 #endif
3013#endif /* ifndef NO_AES*/
3014
3015#ifndef NO_DES3
3016 EVP_DES_CBC = (char *)EVP_get_cipherbyname("DES-CBC");
3017 EVP_DES_ECB = (char *)EVP_get_cipherbyname("DES-ECB");
3018
3019 EVP_DES_EDE3_CBC = (char *)EVP_get_cipherbyname("DES-EDE3-CBC");
3020 EVP_DES_EDE3_ECB = (char *)EVP_get_cipherbyname("DES-EDE3-ECB");
3021#endif
3022
3023#ifdef HAVE_IDEA
3024 EVP_IDEA_CBC = (char *)EVP_get_cipherbyname("IDEA-CBC");
3025#endif
3026}
3027
3028#if !defined(NO_PWDBASED)
3029int wolfSSL_EVP_get_hashinfo(const WOLFSSL_EVP_MD* evp,
3030 int* pHash, int* pHashSz)
3031{
3032 enum wc_HashType hash = WC_HASH_TYPE_NONE;
3033 int hashSz;
3034
3035 if (XSTRLEN(evp) < 3) {
3036 /* do not try comparing strings if size is too small */
3037 return WOLFSSL_FAILURE;
3038 }
3039
3040 if (XSTRNCMP("SHA", evp, 3) == 0) {
3041 if (XSTRLEN(evp) > 3) {
3042 #ifndef NO_SHA256
3043 if (XSTRNCMP("SHA256", evp, 6) == 0) {
3044 hash = WC_HASH_TYPE_SHA256;
3045 }
3046 else
3047 #endif
3048 #ifdef WOLFSSL_SHA384
3049 if (XSTRNCMP("SHA384", evp, 6) == 0) {
3050 hash = WC_HASH_TYPE_SHA384;
3051 }
3052 else
3053 #endif
3054 #ifdef WOLFSSL_SHA512
3055 if (XSTRNCMP("SHA512", evp, 6) == 0) {
3056 hash = WC_HASH_TYPE_SHA512;
3057 }
3058 else
3059 #endif
3060 {
3061 WOLFSSL_MSG("Unknown SHA hash");
3062 }
3063 }
3064 else {
3065 hash = WC_HASH_TYPE_SHA;
3066 }
3067 }
3068#ifdef WOLFSSL_MD2
3069 else if (XSTRNCMP("MD2", evp, 3) == 0) {
3070 hash = WC_HASH_TYPE_MD2;
3071 }
3072#endif
3073#ifndef NO_MD4
3074 else if (XSTRNCMP("MD4", evp, 3) == 0) {
3075 hash = WC_HASH_TYPE_MD4;
3076 }
3077#endif
3078#ifndef NO_MD5
3079 else if (XSTRNCMP("MD5", evp, 3) == 0) {
3080 hash = WC_HASH_TYPE_MD5;
3081 }
3082#endif
3083
3084 if (pHash)
3085 *pHash = hash;
3086
3087 hashSz = wc_HashGetDigestSize(hash);
3088 if (pHashSz)
3089 *pHashSz = hashSz;
3090
3091 if (hashSz < 0) {
3092 return WOLFSSL_FAILURE;
3093 }
3094
3095 return WOLFSSL_SUCCESS;
3096}
3097
3098/* this function makes the assumption that out buffer is big enough for digest*/
3099int wolfSSL_EVP_Digest(const unsigned char* in, int inSz, unsigned char* out,
3100 unsigned int* outSz, const WOLFSSL_EVP_MD* evp,
3101 WOLFSSL_ENGINE* eng)
3102{
3103 int err;
3104 int hashType = WC_HASH_TYPE_NONE;
3105 int hashSz;
3106
3107 WOLFSSL_ENTER("wolfSSL_EVP_Digest");
3108 if (in == NULL || out == NULL || evp == NULL) {
3109 WOLFSSL_MSG("Null argument passed in");
3110 return WOLFSSL_FAILURE;
3111 }
3112
3113 err = wolfSSL_EVP_get_hashinfo(evp, &hashType, &hashSz);
3114 if (err != WOLFSSL_SUCCESS)
3115 return err;
3116
3117 if (wc_Hash((enum wc_HashType)hashType, in, inSz, out, hashSz) != 0) {
3118 return WOLFSSL_FAILURE;
3119 }
3120
3121 if (outSz != NULL)
3122 *outSz = hashSz;
3123
3124 (void)eng;
3125 return WOLFSSL_SUCCESS;
3126}
3127#endif
3128
3129const WOLFSSL_EVP_MD *wolfSSL_EVP_get_digestbyname(const char *name)
3130{
3131 static const struct alias {
3132 const char *name;
3133 const char *alias;
3134 } alias_tbl[] =
3135 {
3136 {"MD4", "ssl3-md4"},
3137 {"MD5", "ssl3-md5"},
3138 {"SHA", "ssl3-sha1"},
3139 {"SHA", "SHA1"},
3140 { NULL, NULL}
3141 };
3142
3143 const struct alias *al;
3144 const struct s_ent *ent;
3145
3146
3147 for (al = alias_tbl; al->name != NULL; al++)
3148 if(XSTRNCMP(name, al->alias, XSTRLEN(al->alias)+1) == 0) {
3149 name = al->name;
3150 break;
3151 }
3152
3153 for (ent = md_tbl; ent->name != NULL; ent++)
3154 if(XSTRNCMP(name, ent->name, XSTRLEN(ent->name)+1) == 0) {
3155 return (EVP_MD *)ent->name;
3156 }
3157 return NULL;
3158}
3159
3160int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
3161{
3162 const struct s_ent *ent ;
3163 WOLFSSL_ENTER("EVP_MD_type");
3164 for( ent = md_tbl; ent->name != NULL; ent++){
3165 if(XSTRNCMP((const char *)md, ent->name, XSTRLEN(ent->name)+1) == 0) {
3166 return ent->nid;
3167 }
3168 }
3169 return 0;
3170}
3171
3172#ifndef NO_MD4
3173
3174 /* return a pointer to MD4 EVP type */
3175 const WOLFSSL_EVP_MD* wolfSSL_EVP_md4(void)
3176 {
3177 WOLFSSL_ENTER("wolfSSL_EVP_md4");
3178 return EVP_get_digestbyname("MD4");
3179 }
3180
3181#endif /* !NO_MD4 */
3182
3183
3184#ifndef NO_MD5
3185
3186 const WOLFSSL_EVP_MD* wolfSSL_EVP_md5(void)
3187 {
3188 WOLFSSL_ENTER("EVP_md5");
3189 return EVP_get_digestbyname("MD5");
3190 }
3191
3192#endif /* !NO_MD5 */
3193
3194
3195#ifndef NO_WOLFSSL_STUB
3196 const WOLFSSL_EVP_MD* wolfSSL_EVP_mdc2(void)
3197 {
3198 WOLFSSL_STUB("EVP_mdc2");
3199 return NULL;
3200 }
3201#endif
3202
3203#ifndef NO_SHA
3204 const WOLFSSL_EVP_MD* wolfSSL_EVP_sha1(void)
3205 {
3206 WOLFSSL_ENTER("EVP_sha1");
3207 return EVP_get_digestbyname("SHA");
3208 }
3209#endif /* NO_SHA */
3210
3211#ifdef WOLFSSL_SHA224
3212
3213 const WOLFSSL_EVP_MD* wolfSSL_EVP_sha224(void)
3214 {
3215 WOLFSSL_ENTER("EVP_sha224");
3216 return EVP_get_digestbyname("SHA224");
3217 }
3218
3219#endif /* WOLFSSL_SHA224 */
3220
3221
3222 const WOLFSSL_EVP_MD* wolfSSL_EVP_sha256(void)
3223 {
3224 WOLFSSL_ENTER("EVP_sha256");
3225 return EVP_get_digestbyname("SHA256");
3226 }
3227
3228#ifdef WOLFSSL_SHA384
3229
3230 const WOLFSSL_EVP_MD* wolfSSL_EVP_sha384(void)
3231 {
3232 WOLFSSL_ENTER("EVP_sha384");
3233 return EVP_get_digestbyname("SHA384");
3234 }
3235
3236#endif /* WOLFSSL_SHA384 */
3237
3238#ifdef WOLFSSL_SHA512
3239
3240 const WOLFSSL_EVP_MD* wolfSSL_EVP_sha512(void)
3241 {
3242 WOLFSSL_ENTER("EVP_sha512");
3243 return EVP_get_digestbyname("SHA512");
3244 }
3245
3246#endif /* WOLFSSL_SHA512 */
3247
3248#ifdef WOLFSSL_SHA3
3249#ifndef WOLFSSL_NOSHA3_224
3250 const WOLFSSL_EVP_MD* wolfSSL_EVP_sha3_224(void)
3251 {
3252 WOLFSSL_ENTER("EVP_sha3_224");
3253 return EVP_get_digestbyname("SHA3_224");
3254 }
3255#endif /* WOLFSSL_NOSHA3_224 */
3256
3257
3258#ifndef WOLFSSL_NOSHA3_256
3259 const WOLFSSL_EVP_MD* wolfSSL_EVP_sha3_256(void)
3260 {
3261 WOLFSSL_ENTER("EVP_sha3_256");
3262 return EVP_get_digestbyname("SHA3_256");
3263 }
3264#endif /* WOLFSSL_NOSHA3_256 */
3265
3266 const WOLFSSL_EVP_MD* wolfSSL_EVP_sha3_384(void)
3267 {
3268 WOLFSSL_ENTER("EVP_sha3_384");
3269 return EVP_get_digestbyname("SHA3_384");
3270 }
3271
3272#ifndef WOLFSSL_NOSHA3_512
3273 const WOLFSSL_EVP_MD* wolfSSL_EVP_sha3_512(void)
3274 {
3275 WOLFSSL_ENTER("EVP_sha3_512");
3276 return EVP_get_digestbyname("SHA3_512");
3277 }
3278#endif /* WOLFSSL_NOSHA3_512 */
3279#endif /* WOLFSSL_SHA3 */
3280
3281 WOLFSSL_EVP_MD_CTX *wolfSSL_EVP_MD_CTX_new(void)
3282 {
3283 WOLFSSL_EVP_MD_CTX* ctx;
3284 WOLFSSL_ENTER("EVP_MD_CTX_new");
3285 ctx = (WOLFSSL_EVP_MD_CTX*)XMALLOC(sizeof *ctx, NULL,
3286 DYNAMIC_TYPE_OPENSSL);
3287 if (ctx){
3288 wolfSSL_EVP_MD_CTX_init(ctx);
3289 }
3290 return ctx;
3291 }
3292
3293 WOLFSSL_API void wolfSSL_EVP_MD_CTX_free(WOLFSSL_EVP_MD_CTX *ctx)
3294 {
3295 if (ctx) {
3296 WOLFSSL_ENTER("EVP_MD_CTX_free");
3297 wolfSSL_EVP_MD_CTX_cleanup(ctx);
3298 XFREE(ctx, NULL, DYNAMIC_TYPE_OPENSSL);
3299 }
3300 }
3301
3302 /* returns the NID of message digest used by the ctx */
3303 int wolfSSL_EVP_MD_CTX_type(const WOLFSSL_EVP_MD_CTX *ctx) {
3304 const struct s_ent *ent;
3305
3306 WOLFSSL_ENTER("EVP_MD_CTX_type");
3307
3308 if (ctx) {
3309 for(ent = md_tbl; ent->name != NULL; ent++) {
3310 if (ctx->macType == ent->macType) {
3311 return ent->nid;
3312 }
3313 }
3314 /* Return whatever we got */
3315 return ctx->macType;
3316 }
3317 return 0;
3318 }
3319
3320
3321 /* returns WOLFSSL_SUCCESS on success */
3322 int wolfSSL_EVP_MD_CTX_copy(WOLFSSL_EVP_MD_CTX *out, const WOLFSSL_EVP_MD_CTX *in)
3323 {
3324 return wolfSSL_EVP_MD_CTX_copy_ex(out, in);
3325 }
3326
3327 /* returns digest size */
3328 int wolfSSL_EVP_MD_CTX_size(const WOLFSSL_EVP_MD_CTX *ctx) {
3329 return(wolfSSL_EVP_MD_size(wolfSSL_EVP_MD_CTX_md(ctx)));
3330 }
3331 /* returns block size */
3332 int wolfSSL_EVP_MD_CTX_block_size(const WOLFSSL_EVP_MD_CTX *ctx) {
3333 return(wolfSSL_EVP_MD_block_size(wolfSSL_EVP_MD_CTX_md(ctx)));
3334 }
3335
3336 /* Deep copy of EVP_MD hasher
3337 * return WOLFSSL_SUCCESS on success */
3338 static int wolfSSL_EVP_MD_Copy_Hasher(WOLFSSL_EVP_MD_CTX* des,
3339 const WOLFSSL_EVP_MD_CTX* src)
3340 {
3341 if (src->macType == NID_hmac) {
3342 wolfSSL_HmacCopy(&des->hash.hmac, (Hmac*)&src->hash.hmac);
3343 }
3344 else {
3345 switch (src->macType) {
3346 #ifndef NO_MD5
3347 case WC_HASH_TYPE_MD5:
3348 wc_Md5Copy((wc_Md5*)&src->hash.digest,
3349 (wc_Md5*)&des->hash.digest);
3350 break;
3351 #endif /* !NO_MD5 */
3352
3353 #ifndef NO_SHA
3354 case WC_HASH_TYPE_SHA:
3355 wc_ShaCopy((wc_Sha*)&src->hash.digest,
3356 (wc_Sha*)&des->hash.digest);
3357 break;
3358 #endif /* !NO_SHA */
3359
3360 #ifdef WOLFSSL_SHA224
3361 case WC_HASH_TYPE_SHA224:
3362 wc_Sha224Copy((wc_Sha224*)&src->hash.digest,
3363 (wc_Sha224*)&des->hash.digest);
3364 break;
3365 #endif /* WOLFSSL_SHA224 */
3366
3367 #ifndef NO_SHA256
3368 case WC_HASH_TYPE_SHA256:
3369 wc_Sha256Copy((wc_Sha256*)&src->hash.digest,
3370 (wc_Sha256*)&des->hash.digest);
3371 break;
3372 #endif /* !NO_SHA256 */
3373
3374 #ifdef WOLFSSL_SHA384
3375 case WC_HASH_TYPE_SHA384:
3376 wc_Sha384Copy((wc_Sha384*)&src->hash.digest,
3377 (wc_Sha384*)&des->hash.digest);
3378 break;
3379 #endif /* WOLFSSL_SHA384 */
3380 #ifdef WOLFSSL_SHA512
3381 case WC_HASH_TYPE_SHA512:
3382 wc_Sha512Copy((wc_Sha512*)&src->hash.digest,
3383 (wc_Sha512*)&des->hash.digest);
3384 break;
3385 #endif /* WOLFSSL_SHA512 */
3386 #ifdef WOLFSSL_SHA3
3387 #ifndef WOLFSSL_NOSHA3_224
3388 case WC_HASH_TYPE_SHA3_224:
3389 wc_Sha3_224_Copy((wc_Sha3*)&src->hash.digest,
3390 (wc_Sha3*)&des->hash.digest);
3391 break;
3392 #endif
3393
3394 #ifndef WOLFSSL_NOSHA3_256
3395 case WC_HASH_TYPE_SHA3_256:
3396 wc_Sha3_256_Copy((wc_Sha3*)&src->hash.digest,
3397 (wc_Sha3*)&des->hash.digest);
3398 break;
3399 #endif
3400
3401 case WC_HASH_TYPE_SHA3_384:
3402 wc_Sha3_384_Copy((wc_Sha3*)&src->hash.digest,
3403 (wc_Sha3*)&des->hash.digest);
3404 break;
3405
3406 #ifndef WOLFSSL_NOSHA3_512
3407 case WC_HASH_TYPE_SHA3_512:
3408 wc_Sha3_512_Copy((wc_Sha3*)&src->hash.digest,
3409 (wc_Sha3*)&des->hash.digest);
3410 break;
3411 #endif
3412 #endif
3413 default:
3414 return WOLFSSL_FAILURE;
3415 }
3416 }
3417 return WOLFSSL_SUCCESS;
3418 }
3419
3420 /* copies structure in to the structure out
3421 *
3422 * returns WOLFSSL_SUCCESS on success */
3423 int wolfSSL_EVP_MD_CTX_copy_ex(WOLFSSL_EVP_MD_CTX *out, const WOLFSSL_EVP_MD_CTX *in)
3424 {
3425 if ((out == NULL) || (in == NULL)) return WOLFSSL_FAILURE;
3426 WOLFSSL_ENTER("EVP_CIPHER_MD_CTX_copy_ex");
3427 XMEMCPY(out, in, sizeof(WOLFSSL_EVP_MD_CTX));
3428 if (in->pctx != NULL) {
3429 out->pctx = wolfSSL_EVP_PKEY_CTX_new(in->pctx->pkey, NULL);
3430 if (out->pctx == NULL)
3431 return WOLFSSL_FAILURE;
3432 }
3433 return wolfSSL_EVP_MD_Copy_Hasher(out, (WOLFSSL_EVP_MD_CTX*)in);
3434 }
3435
3436 void wolfSSL_EVP_MD_CTX_init(WOLFSSL_EVP_MD_CTX* ctx)
3437 {
3438 WOLFSSL_ENTER("EVP_CIPHER_MD_CTX_init");
3439 XMEMSET(ctx, 0, sizeof(WOLFSSL_EVP_MD_CTX));
3440 }
3441
3442 const WOLFSSL_EVP_MD *wolfSSL_EVP_MD_CTX_md(const WOLFSSL_EVP_MD_CTX *ctx)
3443 {
3444 const struct s_ent *ent;
3445 if (ctx == NULL)
3446 return NULL;
3447 WOLFSSL_ENTER("EVP_MD_CTX_md");
3448 for(ent = md_tbl; ent->name != NULL; ent++) {
3449 if(ctx->macType == ent->macType) {
3450 return (const WOLFSSL_EVP_MD *)ent->name;
3451 }
3452 }
3453 return (WOLFSSL_EVP_MD *)NULL;
3454 }
3455
3456 #ifndef NO_AES
3457
3458 #ifdef HAVE_AES_CBC
3459 #ifdef WOLFSSL_AES_128
3460 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_cbc(void)
3461 {
3462 WOLFSSL_ENTER("wolfSSL_EVP_aes_128_cbc");
3463 if (EVP_AES_128_CBC == NULL)
3464 wolfSSL_EVP_init();
3465 return EVP_AES_128_CBC;
3466 }
3467 #endif /* WOLFSSL_AES_128 */
3468
3469
3470 #ifdef WOLFSSL_AES_192
3471 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_cbc(void)
3472 {
3473 WOLFSSL_ENTER("wolfSSL_EVP_aes_192_cbc");
3474 if (EVP_AES_192_CBC == NULL)
3475 wolfSSL_EVP_init();
3476 return EVP_AES_192_CBC;
3477 }
3478 #endif /* WOLFSSL_AES_192 */
3479
3480
3481 #ifdef WOLFSSL_AES_256
3482 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_cbc(void)
3483 {
3484 WOLFSSL_ENTER("wolfSSL_EVP_aes_256_cbc");
3485 if (EVP_AES_256_CBC == NULL)
3486 wolfSSL_EVP_init();
3487 return EVP_AES_256_CBC;
3488 }
3489 #endif /* WOLFSSL_AES_256 */
3490 #endif /* HAVE_AES_CBC */
3491
3492 #ifdef WOLFSSL_AES_CFB
3493#if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
3494 #ifdef WOLFSSL_AES_128
3495 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_cfb1(void)
3496 {
3497 WOLFSSL_ENTER("wolfSSL_EVP_aes_128_cfb1");
3498 if (EVP_AES_128_CFB1 == NULL)
3499 wolfSSL_EVP_init();
3500 return EVP_AES_128_CFB1;
3501 }
3502 #endif /* WOLFSSL_AES_128 */
3503
3504 #ifdef WOLFSSL_AES_192
3505 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_cfb1(void)
3506 {
3507 WOLFSSL_ENTER("wolfSSL_EVP_aes_192_cfb1");
3508 if (EVP_AES_192_CFB1 == NULL)
3509 wolfSSL_EVP_init();
3510 return EVP_AES_192_CFB1;
3511 }
3512 #endif /* WOLFSSL_AES_192 */
3513
3514 #ifdef WOLFSSL_AES_256
3515 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_cfb1(void)
3516 {
3517 WOLFSSL_ENTER("wolfSSL_EVP_aes_256_cfb1");
3518 if (EVP_AES_256_CFB1 == NULL)
3519 wolfSSL_EVP_init();
3520 return EVP_AES_256_CFB1;
3521 }
3522 #endif /* WOLFSSL_AES_256 */
3523
3524 #ifdef WOLFSSL_AES_128
3525 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_cfb8(void)
3526 {
3527 WOLFSSL_ENTER("wolfSSL_EVP_aes_128_cfb8");
3528 if (EVP_AES_128_CFB8 == NULL)
3529 wolfSSL_EVP_init();
3530 return EVP_AES_128_CFB8;
3531 }
3532 #endif /* WOLFSSL_AES_128 */
3533
3534 #ifdef WOLFSSL_AES_192
3535 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_cfb8(void)
3536 {
3537 WOLFSSL_ENTER("wolfSSL_EVP_aes_192_cfb8");
3538 if (EVP_AES_192_CFB8 == NULL)
3539 wolfSSL_EVP_init();
3540 return EVP_AES_192_CFB8;
3541 }
3542 #endif /* WOLFSSL_AES_192 */
3543
3544 #ifdef WOLFSSL_AES_256
3545 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_cfb8(void)
3546 {
3547 WOLFSSL_ENTER("wolfSSL_EVP_aes_256_cfb8");
3548 if (EVP_AES_256_CFB8 == NULL)
3549 wolfSSL_EVP_init();
3550 return EVP_AES_256_CFB8;
3551 }
3552 #endif /* WOLFSSL_AES_256 */
3553#endif /* !HAVE_SELFTEST && !HAVE_FIPS */
3554
3555 #ifdef WOLFSSL_AES_128
3556 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_cfb128(void)
3557 {
3558 WOLFSSL_ENTER("wolfSSL_EVP_aes_128_cfb128");
3559 if (EVP_AES_128_CFB128 == NULL)
3560 wolfSSL_EVP_init();
3561 return EVP_AES_128_CFB128;
3562 }
3563 #endif /* WOLFSSL_AES_128 */
3564
3565 #ifdef WOLFSSL_AES_192
3566 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_cfb128(void)
3567 {
3568 WOLFSSL_ENTER("wolfSSL_EVP_aes_192_cfb128");
3569 if (EVP_AES_192_CFB128 == NULL)
3570 wolfSSL_EVP_init();
3571 return EVP_AES_192_CFB128;
3572 }
3573 #endif /* WOLFSSL_AES_192 */
3574
3575 #ifdef WOLFSSL_AES_256
3576 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_cfb128(void)
3577 {
3578 WOLFSSL_ENTER("wolfSSL_EVP_aes_256_cfb128");
3579 if (EVP_AES_256_CFB128 == NULL)
3580 wolfSSL_EVP_init();
3581 return EVP_AES_256_CFB128;
3582 }
3583 #endif /* WOLFSSL_AES_256 */
3584 #endif /* WOLFSSL_AES_CFB */
3585
3586 #ifdef WOLFSSL_AES_OFB
3587 #ifdef WOLFSSL_AES_128
3588 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_ofb(void)
3589 {
3590 WOLFSSL_ENTER("wolfSSL_EVP_aes_128_ofb");
3591 if (EVP_AES_128_OFB == NULL)
3592 wolfSSL_EVP_init();
3593 return EVP_AES_128_OFB;
3594 }
3595 #endif /* WOLFSSL_AES_128 */
3596
3597 #ifdef WOLFSSL_AES_192
3598 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_ofb(void)
3599 {
3600 WOLFSSL_ENTER("wolfSSL_EVP_aes_192_ofb");
3601 if (EVP_AES_192_OFB == NULL)
3602 wolfSSL_EVP_init();
3603 return EVP_AES_192_OFB;
3604 }
3605 #endif /* WOLFSSL_AES_192 */
3606
3607 #ifdef WOLFSSL_AES_256
3608 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_ofb(void)
3609 {
3610 WOLFSSL_ENTER("wolfSSL_EVP_aes_256_ofb");
3611 if (EVP_AES_256_OFB == NULL)
3612 wolfSSL_EVP_init();
3613 return EVP_AES_256_OFB;
3614 }
3615 #endif /* WOLFSSL_AES_256 */
3616 #endif /* WOLFSSL_AES_OFB */
3617
3618 #ifdef WOLFSSL_AES_XTS
3619 #ifdef WOLFSSL_AES_128
3620 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_xts(void)
3621 {
3622 WOLFSSL_ENTER("wolfSSL_EVP_aes_128_xts");
3623 if (EVP_AES_128_XTS == NULL)
3624 wolfSSL_EVP_init();
3625 return EVP_AES_128_XTS;
3626 }
3627 #endif /* WOLFSSL_AES_128 */
3628
3629 #ifdef WOLFSSL_AES_256
3630 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_xts(void)
3631 {
3632 WOLFSSL_ENTER("wolfSSL_EVP_aes_256_xts");
3633 if (EVP_AES_256_XTS == NULL)
3634 wolfSSL_EVP_init();
3635 return EVP_AES_256_XTS;
3636 }
3637 #endif /* WOLFSSL_AES_256 */
3638 #endif /* WOLFSSL_AES_XTS */
3639
3640 #ifdef HAVE_AESGCM
3641 #ifdef WOLFSSL_AES_128
3642 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_gcm(void)
3643 {
3644 WOLFSSL_ENTER("wolfSSL_EVP_aes_128_gcm");
3645 if (EVP_AES_128_GCM == NULL)
3646 wolfSSL_EVP_init();
3647 return EVP_AES_128_GCM;
3648 }
3649 #endif /* WOLFSSL_GCM_128 */
3650
3651 #ifdef WOLFSSL_AES_192
3652 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_gcm(void)
3653 {
3654 WOLFSSL_ENTER("wolfSSL_EVP_aes_192_gcm");
3655 if (EVP_AES_192_GCM == NULL)
3656 wolfSSL_EVP_init();
3657 return EVP_AES_192_GCM;
3658 }
3659 #endif /* WOLFSSL_AES_192 */
3660
3661 #ifdef WOLFSSL_AES_256
3662 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_gcm(void)
3663 {
3664 WOLFSSL_ENTER("wolfSSL_EVP_aes_256_gcm");
3665 if (EVP_AES_256_GCM == NULL)
3666 wolfSSL_EVP_init();
3667 return EVP_AES_256_GCM;
3668 }
3669 #endif /* WOLFSSL_AES_256 */
3670 #endif /* HAVE_AESGCM */
3671
3672 #ifdef WOLFSSL_AES_128
3673 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_ctr(void)
3674 {
3675 WOLFSSL_ENTER("wolfSSL_EVP_aes_128_ctr");
3676 if (EVP_AES_128_CTR == NULL)
3677 wolfSSL_EVP_init();
3678 return EVP_AES_128_CTR;
3679 }
3680 #endif /* WOLFSSL_AES_2128 */
3681
3682
3683 #ifdef WOLFSSL_AES_192
3684 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_ctr(void)
3685 {
3686 WOLFSSL_ENTER("wolfSSL_EVP_aes_192_ctr");
3687 if (EVP_AES_192_CTR == NULL)
3688 wolfSSL_EVP_init();
3689 return EVP_AES_192_CTR;
3690 }
3691 #endif /* WOLFSSL_AES_192 */
3692
3693
3694 #ifdef WOLFSSL_AES_256
3695 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_ctr(void)
3696 {
3697 WOLFSSL_ENTER("wolfSSL_EVP_aes_256_ctr");
3698 if (EVP_AES_256_CTR == NULL)
3699 wolfSSL_EVP_init();
3700 return EVP_AES_256_CTR;
3701 }
3702 #endif /* WOLFSSL_AES_256 */
3703
3704 #ifdef WOLFSSL_AES_128
3705 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_ecb(void)
3706 {
3707 WOLFSSL_ENTER("wolfSSL_EVP_aes_128_ecb");
3708 if (EVP_AES_128_ECB == NULL)
3709 wolfSSL_EVP_init();
3710 return EVP_AES_128_ECB;
3711 }
3712 #endif /* WOLFSSL_AES_128 */
3713
3714
3715 #ifdef WOLFSSL_AES_192
3716 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_ecb(void)
3717 {
3718 WOLFSSL_ENTER("wolfSSL_EVP_aes_192_ecb");
3719 if (EVP_AES_192_ECB == NULL)
3720 wolfSSL_EVP_init();
3721 return EVP_AES_192_ECB;
3722 }
3723 #endif /* WOLFSSL_AES_192*/
3724
3725
3726 #ifdef WOLFSSL_AES_256
3727 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_ecb(void)
3728 {
3729 WOLFSSL_ENTER("wolfSSL_EVP_aes_256_ecb");
3730 if (EVP_AES_256_ECB == NULL)
3731 wolfSSL_EVP_init();
3732 return EVP_AES_256_ECB;
3733 }
3734 #endif /* WOLFSSL_AES_256 */
3735 #endif /* NO_AES */
3736
3737#ifndef NO_DES3
3738 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_cbc(void)
3739 {
3740 WOLFSSL_ENTER("wolfSSL_EVP_des_cbc");
3741 if (EVP_DES_CBC == NULL)
3742 wolfSSL_EVP_init();
3743 return EVP_DES_CBC;
3744 }
3745#ifdef WOLFSSL_DES_ECB
3746 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_ecb(void)
3747 {
3748 WOLFSSL_ENTER("wolfSSL_EVP_des_ecb");
3749 if (EVP_DES_ECB == NULL)
3750 wolfSSL_EVP_init();
3751 return EVP_DES_ECB;
3752 }
3753#endif
3754 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_ede3_cbc(void)
3755 {
3756 WOLFSSL_ENTER("wolfSSL_EVP_des_ede3_cbc");
3757 if (EVP_DES_EDE3_CBC == NULL)
3758 wolfSSL_EVP_init();
3759 return EVP_DES_EDE3_CBC;
3760 }
3761#ifdef WOLFSSL_DES_ECB
3762 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_ede3_ecb(void)
3763 {
3764 WOLFSSL_ENTER("wolfSSL_EVP_des_ede3_ecb");
3765 if (EVP_DES_EDE3_ECB == NULL)
3766 wolfSSL_EVP_init();
3767 return EVP_DES_EDE3_ECB;
3768 }
3769#endif
3770#endif /* NO_DES3 */
3771
3772#ifndef NO_RC4
3773 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_rc4(void)
3774 {
3775 static const char* type = "ARC4";
3776 WOLFSSL_ENTER("wolfSSL_EVP_rc4");
3777 return type;
3778 }
3779#endif
3780
3781#ifdef HAVE_IDEA
3782 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_idea_cbc(void)
3783 {
3784 WOLFSSL_ENTER("wolfSSL_EVP_idea_cbc");
3785 if (EVP_IDEA_CBC == NULL)
3786 wolfSSL_EVP_init();
3787 return EVP_IDEA_CBC;
3788 }
3789#endif
3790 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_enc_null(void)
3791 {
3792 static const char* type = "NULL";
3793 WOLFSSL_ENTER("wolfSSL_EVP_enc_null");
3794 return type;
3795 }
3796
3797 int wolfSSL_EVP_MD_CTX_cleanup(WOLFSSL_EVP_MD_CTX* ctx)
3798 {
3799 WOLFSSL_ENTER("EVP_MD_CTX_cleanup");
3800 if (ctx->pctx != NULL)
3801 wolfSSL_EVP_PKEY_CTX_free(ctx->pctx);
3802
3803 if (ctx->macType == NID_hmac) {
3804 wc_HmacFree(&ctx->hash.hmac);
3805 }
3806 else {
3807 switch (ctx->macType) {
3808 #ifndef NO_MD5
3809 case WC_HASH_TYPE_MD5:
3810 wc_Md5Free((wc_Md5*)&ctx->hash.digest);
3811 break;
3812 #endif /* !NO_MD5 */
3813
3814 #ifndef NO_SHA
3815 case WC_HASH_TYPE_SHA:
3816 wc_ShaFree((wc_Sha*)&ctx->hash.digest);
3817 break;
3818 #endif /* !NO_SHA */
3819
3820 #ifdef WOLFSSL_SHA224
3821 case WC_HASH_TYPE_SHA224:
3822 wc_Sha224Free((wc_Sha224*)&ctx->hash.digest);
3823 break;
3824 #endif /* WOLFSSL_SHA224 */
3825
3826 #ifndef NO_SHA256
3827 case WC_HASH_TYPE_SHA256:
3828 wc_Sha256Free((wc_Sha256*)&ctx->hash.digest);
3829 break;
3830 #endif /* !NO_SHA256 */
3831
3832 #ifdef WOLFSSL_SHA384
3833 case WC_HASH_TYPE_SHA384:
3834 wc_Sha384Free((wc_Sha384*)&ctx->hash.digest);
3835 break;
3836 #endif /* WOLFSSL_SHA384 */
3837 #ifdef WOLFSSL_SHA512
3838 case WC_HASH_TYPE_SHA512:
3839 wc_Sha512Free((wc_Sha512*)&ctx->hash.digest);
3840 break;
3841 #endif /* WOLFSSL_SHA512 */
3842 #ifdef WOLFSSL_SHA3
3843 #ifndef WOLFSSL_NOSHA3_224
3844 case WC_HASH_TYPE_SHA3_224:
3845 wc_Sha3_224_Free((wc_Sha3*)&ctx->hash.digest);
3846 break;
3847 #endif
3848
3849 #ifndef WOLFSSL_NOSHA3_256
3850 case WC_HASH_TYPE_SHA3_256:
3851 wc_Sha3_256_Free((wc_Sha3*)&ctx->hash.digest);
3852 break;
3853 #endif
3854
3855 case WC_HASH_TYPE_SHA3_384:
3856 wc_Sha3_384_Free((wc_Sha3*)&ctx->hash.digest);
3857 break;
3858
3859 #ifndef WOLFSSL_NOSHA3_512
3860 case WC_HASH_TYPE_SHA3_512:
3861 wc_Sha3_512_Free((wc_Sha3*)&ctx->hash.digest);
3862 break;
3863 #endif
3864 #endif
3865 default:
3866 return WOLFSSL_FAILURE;
3867 }
3868 }
3869 ForceZero(ctx, sizeof(*ctx));
3870 ctx->macType = WC_HASH_TYPE_NONE;
3871 return 1;
3872 }
3873
3874 void wolfSSL_EVP_CIPHER_CTX_init(WOLFSSL_EVP_CIPHER_CTX* ctx)
3875 {
3876 WOLFSSL_ENTER("EVP_CIPHER_CTX_init");
3877 if (ctx) {
3878 XMEMSET(ctx, 0, sizeof(WOLFSSL_EVP_CIPHER_CTX));
3879 ctx->cipherType = WOLFSSL_EVP_CIPH_TYPE_INIT; /* not yet initialized */
3880 ctx->keyLen = 0;
3881 ctx->enc = 1; /* start in encrypt mode */
3882 }
3883 }
3884
3885#if defined(HAVE_AESGCM) && !defined(HAVE_SELFTEST)
3886 static WC_INLINE void IncCtr(byte* ctr, word32 ctrSz)
3887 {
3888 int i;
3889 for (i = ctrSz-1; i >= 0; i--) {
3890 if (++ctr[i])
3891 break;
3892 }
3893 }
3894#endif
3895
3896 /* This function allows cipher specific parameters to be
3897 determined and set. */
3898 int wolfSSL_EVP_CIPHER_CTX_ctrl(WOLFSSL_EVP_CIPHER_CTX *ctx, int type, \
3899 int arg, void *ptr)
3900 {
3901 int ret = WOLFSSL_FAILURE;
3902#if defined(HAVE_AESGCM) && !defined(HAVE_SELFTEST) && !defined(WC_NO_RNG)
3903 WC_RNG rng;
3904#endif
3905 if (ctx == NULL)
3906 return WOLFSSL_FAILURE;
3907
3908 (void)arg;
3909 (void)ptr;
3910
3911 WOLFSSL_ENTER("EVP_CIPHER_CTX_ctrl");
3912
3913 switch(type) {
3914 case EVP_CTRL_INIT:
3915 wolfSSL_EVP_CIPHER_CTX_init(ctx);
3916 if(ctx)
3917 ret = WOLFSSL_SUCCESS;
3918 break;
3919 case EVP_CTRL_SET_KEY_LENGTH:
3920 ret = wolfSSL_EVP_CIPHER_CTX_set_key_length(ctx, arg);
3921 break;
3922#if defined(HAVE_AESGCM) && !defined(HAVE_SELFTEST) && !defined(WC_NO_RNG)
3923 case EVP_CTRL_GCM_SET_IVLEN:
3924 if(arg <= 0 || arg > 16)
3925 return WOLFSSL_FAILURE;
3926 ret = wolfSSL_EVP_CIPHER_CTX_set_iv_length(ctx, arg);
3927 break;
3928 case EVP_CTRL_AEAD_SET_IV_FIXED:
3929 if (arg == -1) {
3930 /* arg == -1 copies ctx->ivSz from ptr */
3931 ret = wolfSSL_EVP_CIPHER_CTX_set_iv(ctx, (byte*)ptr, ctx->ivSz);
3932 }
3933 else {
3934 /*
3935 * Fixed field must be at least 4 bytes and invocation
3936 * field at least 8.
3937 */
3938 if ((arg < 4) || (ctx->ivSz - arg) < 8) {
3939 WOLFSSL_MSG("Fixed field or invocation field too short");
3940 ret = WOLFSSL_FAILURE;
3941 break;
3942 }
3943 if (wc_InitRng(&rng) != 0) {
3944 WOLFSSL_MSG("wc_InitRng failed");
3945 ret = WOLFSSL_FAILURE;
3946 break;
3947 }
3948 if (arg) {
3949 XMEMCPY(ctx->iv, ptr, arg);
3950 }
3951 if (wc_RNG_GenerateBlock(&rng, ctx->iv + arg,
3952 ctx->ivSz - arg) != 0) {
3953 /* rng is freed immediately after if block so no need
3954 * to do it here
3955 */
3956 WOLFSSL_MSG("wc_RNG_GenerateBlock failed");
3957 ret = WOLFSSL_FAILURE;
3958 }
3959
3960 if (wc_FreeRng(&rng) != 0) {
3961 WOLFSSL_MSG("wc_FreeRng failed");
3962 ret = WOLFSSL_FAILURE;
3963 break;
3964 }
3965 }
3966 break;
3967#if !defined(_WIN32) && !defined(HAVE_FIPS)
3968 case EVP_CTRL_GCM_IV_GEN:
3969 if (ctx->cipher.aes.keylen == 0 || ctx->ivSz == 0) {
3970 ret = WOLFSSL_FAILURE;
3971 WOLFSSL_MSG("Key or IV not set");
3972 break;
3973 }
3974 if ((ret = wc_AesGcmSetExtIV(&ctx->cipher.aes, ctx->iv, ctx->ivSz)) != 0) {
3975 WOLFSSL_MSG("wc_AesGcmSetIV failed");
3976 ret = WOLFSSL_FAILURE;
3977 }
3978 /* OpenSSL increments the IV. Not sure why */
3979 IncCtr(ctx->iv, ctx->ivSz);
3980 break;
3981#endif
3982 case EVP_CTRL_AEAD_SET_TAG:
3983 if(arg <= 0 || arg > 16 || (ptr == NULL))
3984 return WOLFSSL_FAILURE;
3985
3986 XMEMCPY(ctx->authTag, ptr, arg);
3987 ctx->authTagSz = arg;
3988 ret = WOLFSSL_SUCCESS;
3989
3990 break;
3991 case EVP_CTRL_AEAD_GET_TAG:
3992 if(arg <= 0 || arg > 16)
3993 return WOLFSSL_FAILURE;
3994
3995 XMEMCPY(ptr, ctx->authTag, arg);
3996 ret = WOLFSSL_SUCCESS;
3997 break;
3998#endif /* HAVE_AESGCM && !HAVE_SELFTEST && !WC_NO_RNG */
3999 default:
4000 WOLFSSL_MSG("EVP_CIPHER_CTX_ctrl operation not yet handled");
4001 ret = WOLFSSL_FAILURE;
4002 }
4003 return ret;
4004 }
4005
4006 /* WOLFSSL_SUCCESS on ok */
4007 int wolfSSL_EVP_CIPHER_CTX_cleanup(WOLFSSL_EVP_CIPHER_CTX* ctx)
4008 {
4009 WOLFSSL_ENTER("EVP_CIPHER_CTX_cleanup");
4010 if (ctx) {
4011 ctx->cipherType = WOLFSSL_EVP_CIPH_TYPE_INIT; /* not yet initialized */
4012 ctx->keyLen = 0;
4013 }
4014
4015 return WOLFSSL_SUCCESS;
4016 }
4017
4018 /* Permanent stub for Qt compilation. */
4019 #if defined(WOLFSSL_QT) && !defined(NO_WOLFSSL_STUB)
4020 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_rc2_cbc(void)
4021 {
4022 WOLFSSL_ENTER("wolfSSL_EVP_rc2_cbc");
4023 WOLFSSL_STUB("EVP_rc2_cbc");
4024 return NULL;
4025 }
4026 #endif
4027
4028#if defined(WOLFSSL_ENCRYPTED_KEYS) && !defined(NO_PWDBASED)
4029
4030 int wolfSSL_EVP_BytesToKey(const WOLFSSL_EVP_CIPHER* type,
4031 const WOLFSSL_EVP_MD* md, const byte* salt,
4032 const byte* data, int sz, int count, byte* key, byte* iv)
4033 {
4034 int ret;
4035 int hashType = WC_HASH_TYPE_NONE;
4036 #ifdef WOLFSSL_SMALL_STACK
4037 EncryptedInfo* info;
4038 #else
4039 EncryptedInfo info[1];
4040 #endif
4041
4042 #ifdef WOLFSSL_SMALL_STACK
4043 info = (EncryptedInfo*)XMALLOC(sizeof(EncryptedInfo), NULL,
4044 DYNAMIC_TYPE_ENCRYPTEDINFO);
4045 if (info == NULL) {
4046 WOLFSSL_MSG("malloc failed");
4047 return WOLFSSL_FAILURE;
4048 }
4049 #endif
4050
4051 XMEMSET(info, 0, sizeof(EncryptedInfo));
4052
4053 ret = wc_EncryptedInfoGet(info, type);
4054 if (ret < 0)
4055 goto end;
4056
4057 if (data == NULL) {
4058 ret = info->keySz;
4059 goto end;
4060 }
4061
4062 ret = wolfSSL_EVP_get_hashinfo(md, &hashType, NULL);
4063 if (ret == WOLFSSL_FAILURE)
4064 goto end;
4065
4066 ret = wc_PBKDF1_ex(key, info->keySz, iv, info->ivSz, data, sz, salt,
4067 EVP_SALT_SIZE, count, hashType, NULL);
4068 if (ret == 0)
4069 ret = info->keySz;
4070
4071 end:
4072 #ifdef WOLFSSL_SMALL_STACK
4073 XFREE(info, NULL, DYNAMIC_TYPE_ENCRYPTEDINFO);
4074 #endif
4075 if (ret < 0)
4076 return 0; /* failure - for compatibility */
4077
4078 return ret;
4079 }
4080
4081#endif /* WOLFSSL_ENCRYPTED_KEYS && !NO_PWDBASED */
4082
4083#ifndef NO_AES
4084 static int AesSetKey_ex(Aes* aes, const byte* key, word32 len,
4085 const byte* iv, int dir, int direct)
4086 {
4087 int ret;
4088 /* wc_AesSetKey clear aes.reg if iv == NULL.
4089 Keep IV for openSSL compatibility */
4090 if (iv == NULL)
4091 XMEMCPY((byte *)aes->tmp, (byte *)aes->reg, AES_BLOCK_SIZE);
4092 if (direct) {
4093 #if defined(WOLFSSL_AES_DIRECT)
4094 ret = wc_AesSetKeyDirect(aes, key, len, iv, dir);
4095 #else
4096 ret = NOT_COMPILED_IN;
4097 #endif
4098 }
4099 else {
4100 ret = wc_AesSetKey(aes, key, len, iv, dir);
4101 }
4102 if (iv == NULL)
4103 XMEMCPY((byte *)aes->reg, (byte *)aes->tmp, AES_BLOCK_SIZE);
4104 return ret;
4105 }
4106#endif
4107
4108 /* return WOLFSSL_SUCCESS on ok, 0 on failure to match API compatibility */
4109 int wolfSSL_EVP_CipherInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
4110 const WOLFSSL_EVP_CIPHER* type, const byte* key,
4111 const byte* iv, int enc)
4112 {
4113 int ret = 0;
4114 (void)key;
4115 (void)iv;
4116 (void)enc;
4117
4118 WOLFSSL_ENTER("wolfSSL_EVP_CipherInit");
4119 if (ctx == NULL) {
4120 WOLFSSL_MSG("no ctx");
4121 return WOLFSSL_FAILURE;
4122 }
4123
4124 if (type == NULL && ctx->cipherType == WOLFSSL_EVP_CIPH_TYPE_INIT) {
4125 WOLFSSL_MSG("no type set");
4126 return WOLFSSL_FAILURE;
4127 }
4128 if (ctx->cipherType == WOLFSSL_EVP_CIPH_TYPE_INIT){
4129 /* only first EVP_CipherInit invoke. ctx->cipherType is set below */
4130 XMEMSET(&ctx->cipher, 0, sizeof(ctx->cipher));
4131 ctx->flags = 0;
4132 }
4133 /* always clear buffer state */
4134 ctx->bufUsed = 0;
4135 ctx->lastUsed = 0;
4136
4137#ifdef HAVE_WOLFSSL_EVP_CIPHER_CTX_IV
4138 if (!iv && ctx->ivSz) {
4139 iv = ctx->iv;
4140 }
4141#endif
4142
4143#ifndef NO_AES
4144 #ifdef HAVE_AES_CBC
4145 #ifdef WOLFSSL_AES_128
4146 if (ctx->cipherType == AES_128_CBC_TYPE ||
4147 (type && XSTRNCMP(type, EVP_AES_128_CBC, EVP_AES_SIZE) == 0)) {
4148 WOLFSSL_MSG("EVP_AES_128_CBC");
4149 ctx->cipherType = AES_128_CBC_TYPE;
4150 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4151 ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE;
4152 ctx->keyLen = 16;
4153 ctx->block_size = AES_BLOCK_SIZE;
4154 ctx->ivSz = AES_BLOCK_SIZE;
4155 if (enc == 0 || enc == 1)
4156 ctx->enc = enc ? 1 : 0;
4157 if (key) {
4158 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4159 ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 0);
4160 if (ret != 0)
4161 return WOLFSSL_FAILURE;
4162 }
4163 if (iv && key == NULL) {
4164 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4165 if (ret != 0)
4166 return WOLFSSL_FAILURE;
4167 }
4168 }
4169 #endif /* WOLFSSL_AES_128 */
4170 #ifdef WOLFSSL_AES_192
4171 if (ctx->cipherType == AES_192_CBC_TYPE ||
4172 (type && XSTRNCMP(type, EVP_AES_192_CBC, EVP_AES_SIZE) == 0)) {
4173 WOLFSSL_MSG("EVP_AES_192_CBC");
4174 ctx->cipherType = AES_192_CBC_TYPE;
4175 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4176 ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE;
4177 ctx->keyLen = 24;
4178 ctx->block_size = AES_BLOCK_SIZE;
4179 ctx->ivSz = AES_BLOCK_SIZE;
4180 if (enc == 0 || enc == 1)
4181 ctx->enc = enc ? 1 : 0;
4182 if (key) {
4183 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4184 ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 0);
4185 if (ret != 0)
4186 return WOLFSSL_FAILURE;
4187 }
4188 if (iv && key == NULL) {
4189 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4190 if (ret != 0)
4191 return WOLFSSL_FAILURE;
4192 }
4193 }
4194 #endif /* WOLFSSL_AES_192 */
4195 #ifdef WOLFSSL_AES_256
4196 if (ctx->cipherType == AES_256_CBC_TYPE ||
4197 (type && XSTRNCMP(type, EVP_AES_256_CBC, EVP_AES_SIZE) == 0)) {
4198 WOLFSSL_MSG("EVP_AES_256_CBC");
4199 ctx->cipherType = AES_256_CBC_TYPE;
4200 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4201 ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE;
4202 ctx->keyLen = 32;
4203 ctx->block_size = AES_BLOCK_SIZE;
4204 ctx->ivSz = AES_BLOCK_SIZE;
4205 if (enc == 0 || enc == 1)
4206 ctx->enc = enc ? 1 : 0;
4207 if (key) {
4208 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4209 ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 0);
4210 if (ret != 0){
4211 WOLFSSL_MSG("AesSetKey() failed");
4212 return WOLFSSL_FAILURE;
4213 }
4214 }
4215 if (iv && key == NULL) {
4216 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4217 if (ret != 0){
4218 WOLFSSL_MSG("wc_AesSetIV() failed");
4219 return WOLFSSL_FAILURE;
4220 }
4221 }
4222 }
4223 #endif /* WOLFSSL_AES_256 */
4224 #endif /* HAVE_AES_CBC */
4225#if !defined(_WIN32) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
4226 #ifdef HAVE_AESGCM
4227 #ifdef WOLFSSL_AES_128
4228 if (ctx->cipherType == AES_128_GCM_TYPE ||
4229 (type && XSTRNCMP(type, EVP_AES_128_GCM, EVP_AES_SIZE) == 0)) {
4230 WOLFSSL_MSG("EVP_AES_128_GCM");
4231 ctx->cipherType = AES_128_GCM_TYPE;
4232 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4233 ctx->flags |= WOLFSSL_EVP_CIPH_GCM_MODE;
4234 ctx->keyLen = 16;
4235 ctx->block_size = AES_BLOCK_SIZE;
4236 ctx->authTagSz = AES_BLOCK_SIZE;
4237 ctx->ivSz = GCM_NONCE_MID_SZ;
4238
4239 XMEMSET(ctx->authTag, 0, ctx->authTagSz);
4240 if (key && wc_AesGcmSetKey(&ctx->cipher.aes, key, ctx->keyLen)) {
4241 WOLFSSL_MSG("wc_AesGcmSetKey() failed");
4242 return WOLFSSL_FAILURE;
4243 }
4244 if (iv && wc_AesGcmSetExtIV(&ctx->cipher.aes, iv, GCM_NONCE_MID_SZ)) {
4245 WOLFSSL_MSG("wc_AesGcmSetExtIV() failed");
4246 return WOLFSSL_FAILURE;
4247 }
4248 if (enc == 0 || enc == 1)
4249 ctx->enc = enc ? 1 : 0;
4250 }
4251 #endif /* WOLFSSL_AES_128 */
4252 #ifdef WOLFSSL_AES_192
4253 if (ctx->cipherType == AES_192_GCM_TYPE ||
4254 (type && XSTRNCMP(type, EVP_AES_192_GCM, EVP_AES_SIZE) == 0)) {
4255 WOLFSSL_MSG("EVP_AES_192_GCM");
4256 ctx->cipherType = AES_192_GCM_TYPE;
4257 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4258 ctx->flags |= WOLFSSL_EVP_CIPH_GCM_MODE;
4259 ctx->keyLen = 24;
4260 ctx->block_size = AES_BLOCK_SIZE;
4261 ctx->authTagSz = AES_BLOCK_SIZE;
4262 ctx->ivSz = GCM_NONCE_MID_SZ;
4263
4264 XMEMSET(ctx->authTag, 0, ctx->authTagSz);
4265 if (key && wc_AesGcmSetKey(&ctx->cipher.aes, key, ctx->keyLen)) {
4266 WOLFSSL_MSG("wc_AesGcmSetKey() failed");
4267 return WOLFSSL_FAILURE;
4268 }
4269 if (iv && wc_AesGcmSetExtIV(&ctx->cipher.aes, iv, GCM_NONCE_MID_SZ)) {
4270 WOLFSSL_MSG("wc_AesGcmSetExtIV() failed");
4271 return WOLFSSL_FAILURE;
4272 }
4273 if (enc == 0 || enc == 1)
4274 ctx->enc = enc ? 1 : 0;
4275 }
4276 #endif /* WOLFSSL_AES_192 */
4277 #ifdef WOLFSSL_AES_256
4278 if (ctx->cipherType == AES_256_GCM_TYPE ||
4279 (type && XSTRNCMP(type, EVP_AES_256_GCM, EVP_AES_SIZE) == 0)) {
4280 WOLFSSL_MSG("EVP_AES_256_GCM");
4281 ctx->cipherType = AES_256_GCM_TYPE;
4282 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4283 ctx->flags |= WOLFSSL_EVP_CIPH_GCM_MODE;
4284 ctx->keyLen = 32;
4285 ctx->block_size = AES_BLOCK_SIZE;
4286 ctx->authTagSz = AES_BLOCK_SIZE;
4287 ctx->ivSz = GCM_NONCE_MID_SZ;
4288
4289 XMEMSET(ctx->authTag, 0, ctx->authTagSz);
4290 if (key && wc_AesGcmSetKey(&ctx->cipher.aes, key, ctx->keyLen)) {
4291 WOLFSSL_MSG("wc_AesGcmSetKey() failed");
4292 return WOLFSSL_FAILURE;
4293 }
4294 if (iv && wc_AesGcmSetExtIV(&ctx->cipher.aes, iv, GCM_NONCE_MID_SZ)) {
4295 WOLFSSL_MSG("wc_AesGcmSetExtIV() failed");
4296 return WOLFSSL_FAILURE;
4297 }
4298 if (enc == 0 || enc == 1)
4299 ctx->enc = enc ? 1 : 0;
4300 }
4301 #endif /* WOLFSSL_AES_256 */
4302 #endif /* HAVE_AESGCM */
4303#endif /* !defined(_WIN32) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) */
4304#ifdef WOLFSSL_AES_COUNTER
4305 #ifdef WOLFSSL_AES_128
4306 if (ctx->cipherType == AES_128_CTR_TYPE ||
4307 (type && XSTRNCMP(type, EVP_AES_128_CTR, EVP_AES_SIZE) == 0)) {
4308 WOLFSSL_MSG("EVP_AES_128_CTR");
4309 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4310 ctx->cipherType = AES_128_CTR_TYPE;
4311 ctx->flags |= WOLFSSL_EVP_CIPH_CTR_MODE;
4312 ctx->keyLen = 16;
4313 ctx->block_size = NO_PADDING_BLOCK_SIZE;
4314 ctx->ivSz = AES_BLOCK_SIZE;
4315#if defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_CFB)
4316 ctx->cipher.aes.left = 0;
4317#endif
4318 if (enc == 0 || enc == 1)
4319 ctx->enc = enc ? 1 : 0;
4320 if (key) {
4321 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4322 AES_ENCRYPTION, 1);
4323 if (ret != 0)
4324 return WOLFSSL_FAILURE;
4325 }
4326 if (iv && key == NULL) {
4327 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4328 if (ret != 0)
4329 return WOLFSSL_FAILURE;
4330 }
4331 }
4332 #endif /* WOLFSSL_AES_128 */
4333 #ifdef WOLFSSL_AES_192
4334 if (ctx->cipherType == AES_192_CTR_TYPE ||
4335 (type && XSTRNCMP(type, EVP_AES_192_CTR, EVP_AES_SIZE) == 0)) {
4336 WOLFSSL_MSG("EVP_AES_192_CTR");
4337 ctx->cipherType = AES_192_CTR_TYPE;
4338 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4339 ctx->flags |= WOLFSSL_EVP_CIPH_CTR_MODE;
4340 ctx->keyLen = 24;
4341 ctx->block_size = NO_PADDING_BLOCK_SIZE;
4342 ctx->ivSz = AES_BLOCK_SIZE;
4343#if defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_CFB)
4344 ctx->cipher.aes.left = 0;
4345#endif
4346 if (enc == 0 || enc == 1)
4347 ctx->enc = enc ? 1 : 0;
4348 if (key) {
4349 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4350 AES_ENCRYPTION, 1);
4351 if (ret != 0)
4352 return WOLFSSL_FAILURE;
4353 }
4354 if (iv && key == NULL) {
4355 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4356 if (ret != 0)
4357 return WOLFSSL_FAILURE;
4358 }
4359 }
4360 #endif /* WOLFSSL_AES_192 */
4361 #ifdef WOLFSSL_AES_256
4362 if (ctx->cipherType == AES_256_CTR_TYPE ||
4363 (type && XSTRNCMP(type, EVP_AES_256_CTR, EVP_AES_SIZE) == 0)) {
4364 WOLFSSL_MSG("EVP_AES_256_CTR");
4365 ctx->cipherType = AES_256_CTR_TYPE;
4366 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4367 ctx->flags |= WOLFSSL_EVP_CIPH_CTR_MODE;
4368 ctx->keyLen = 32;
4369 ctx->block_size = NO_PADDING_BLOCK_SIZE;
4370 ctx->ivSz = AES_BLOCK_SIZE;
4371#if defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_CFB)
4372 ctx->cipher.aes.left = 0;
4373#endif
4374 if (enc == 0 || enc == 1)
4375 ctx->enc = enc ? 1 : 0;
4376 if (key) {
4377 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4378 AES_ENCRYPTION, 1);
4379 if (ret != 0)
4380 return WOLFSSL_FAILURE;
4381 }
4382 if (iv && key == NULL) {
4383 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4384 if (ret != 0)
4385 return WOLFSSL_FAILURE;
4386 }
4387 }
4388 #endif /* WOLFSSL_AES_256 */
4389#endif /* WOLFSSL_AES_COUNTER */
4390 #ifdef WOLFSSL_AES_128
4391 if (ctx->cipherType == AES_128_ECB_TYPE ||
4392 (type && XSTRNCMP(type, EVP_AES_128_ECB, EVP_AES_SIZE) == 0)) {
4393 WOLFSSL_MSG("EVP_AES_128_ECB");
4394 ctx->cipherType = AES_128_ECB_TYPE;
4395 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4396 ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE;
4397 ctx->keyLen = 16;
4398 ctx->block_size = AES_BLOCK_SIZE;
4399 if (enc == 0 || enc == 1)
4400 ctx->enc = enc ? 1 : 0;
4401 if (key) {
4402 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, NULL,
4403 ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 1);
4404 }
4405 if (ret != 0)
4406 return WOLFSSL_FAILURE;
4407 }
4408 #endif /* WOLFSSL_AES_128 */
4409 #ifdef WOLFSSL_AES_192
4410 if (ctx->cipherType == AES_192_ECB_TYPE ||
4411 (type && XSTRNCMP(type, EVP_AES_192_ECB, EVP_AES_SIZE) == 0)) {
4412 WOLFSSL_MSG("EVP_AES_192_ECB");
4413 ctx->cipherType = AES_192_ECB_TYPE;
4414 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4415 ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE;
4416 ctx->keyLen = 24;
4417 ctx->block_size = AES_BLOCK_SIZE;
4418 if (enc == 0 || enc == 1)
4419 ctx->enc = enc ? 1 : 0;
4420 if (key) {
4421 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, NULL,
4422 ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 1);
4423 }
4424 if (ret != 0)
4425 return WOLFSSL_FAILURE;
4426 }
4427 #endif /* WOLFSSL_AES_192 */
4428 #ifdef WOLFSSL_AES_256
4429 if (ctx->cipherType == AES_256_ECB_TYPE ||
4430 (type && XSTRNCMP(type, EVP_AES_256_ECB, EVP_AES_SIZE) == 0)) {
4431 WOLFSSL_MSG("EVP_AES_256_ECB");
4432 ctx->cipherType = AES_256_ECB_TYPE;
4433 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4434 ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE;
4435 ctx->keyLen = 32;
4436 ctx->block_size = AES_BLOCK_SIZE;
4437 if (enc == 0 || enc == 1)
4438 ctx->enc = enc ? 1 : 0;
4439 if (key) {
4440 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, NULL,
4441 ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 1);
4442 }
4443 if (ret != 0)
4444 return WOLFSSL_FAILURE;
4445 }
4446 #endif /* WOLFSSL_AES_256 */
4447 #ifdef WOLFSSL_AES_CFB
4448 #ifdef WOLFSSL_AES_128
4449 if (ctx->cipherType == AES_128_CFB1_TYPE ||
4450 (type && XSTRNCMP(type, EVP_AES_128_CFB1, EVP_AESCFB_SIZE) == 0)) {
4451 WOLFSSL_MSG("EVP_AES_128_CFB1");
4452 ctx->cipherType = AES_128_CFB1_TYPE;
4453 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4454 ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE;
4455 ctx->keyLen = 16;
4456 ctx->block_size = 1;
4457 if (enc == 0 || enc == 1)
4458 ctx->enc = enc ? 1 : 0;
4459 if (key) {
4460 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4461 AES_ENCRYPTION, 0);
4462 if (ret != 0)
4463 return WOLFSSL_FAILURE;
4464 }
4465 if (iv && key == NULL) {
4466 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4467 if (ret != 0)
4468 return WOLFSSL_FAILURE;
4469 }
4470 }
4471 #endif /* WOLFSSL_AES_128 */
4472 #ifdef WOLFSSL_AES_192
4473 if (ctx->cipherType == AES_192_CFB1_TYPE ||
4474 (type && XSTRNCMP(type, EVP_AES_192_CFB1, EVP_AESCFB_SIZE) == 0)) {
4475 WOLFSSL_MSG("EVP_AES_192_CFB1");
4476 ctx->cipherType = AES_192_CFB1_TYPE;
4477 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4478 ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE;
4479 ctx->keyLen = 24;
4480 ctx->block_size = 1;
4481 if (enc == 0 || enc == 1)
4482 ctx->enc = enc ? 1 : 0;
4483 if (key) {
4484 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4485 AES_ENCRYPTION, 0);
4486 if (ret != 0)
4487 return WOLFSSL_FAILURE;
4488 }
4489 if (iv && key == NULL) {
4490 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4491 if (ret != 0)
4492 return WOLFSSL_FAILURE;
4493 }
4494 }
4495 #endif /* WOLFSSL_AES_192 */
4496 #ifdef WOLFSSL_AES_256
4497 if (ctx->cipherType == AES_256_CFB1_TYPE ||
4498 (type && XSTRNCMP(type, EVP_AES_256_CFB1, EVP_AESCFB_SIZE) == 0)) {
4499 WOLFSSL_MSG("EVP_AES_256_CFB1");
4500 ctx->cipherType = AES_256_CFB1_TYPE;
4501 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4502 ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE;
4503 ctx->keyLen = 32;
4504 ctx->block_size = 1;
4505 if (enc == 0 || enc == 1)
4506 ctx->enc = enc ? 1 : 0;
4507 if (key) {
4508 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4509 AES_ENCRYPTION, 0);
4510 if (ret != 0){
4511 WOLFSSL_MSG("AesSetKey() failed");
4512 return WOLFSSL_FAILURE;
4513 }
4514 }
4515 if (iv && key == NULL) {
4516 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4517 if (ret != 0){
4518 WOLFSSL_MSG("wc_AesSetIV() failed");
4519 return WOLFSSL_FAILURE;
4520 }
4521 }
4522 }
4523 #endif /* WOLFSSL_AES_256 */
4524 #ifdef WOLFSSL_AES_128
4525 if (ctx->cipherType == AES_128_CFB8_TYPE ||
4526 (type && XSTRNCMP(type, EVP_AES_128_CFB8, EVP_AESCFB_SIZE) == 0)) {
4527 WOLFSSL_MSG("EVP_AES_128_CFB8");
4528 ctx->cipherType = AES_128_CFB8_TYPE;
4529 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4530 ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE;
4531 ctx->keyLen = 16;
4532 ctx->block_size = 1;
4533 if (enc == 0 || enc == 1)
4534 ctx->enc = enc ? 1 : 0;
4535 if (key) {
4536 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4537 AES_ENCRYPTION, 0);
4538 if (ret != 0)
4539 return WOLFSSL_FAILURE;
4540 }
4541 if (iv && key == NULL) {
4542 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4543 if (ret != 0)
4544 return WOLFSSL_FAILURE;
4545 }
4546 }
4547 #endif /* WOLFSSL_AES_128 */
4548 #ifdef WOLFSSL_AES_192
4549 if (ctx->cipherType == AES_192_CFB8_TYPE ||
4550 (type && XSTRNCMP(type, EVP_AES_192_CFB8, EVP_AESCFB_SIZE) == 0)) {
4551 WOLFSSL_MSG("EVP_AES_192_CFB8");
4552 ctx->cipherType = AES_192_CFB8_TYPE;
4553 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4554 ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE;
4555 ctx->keyLen = 24;
4556 ctx->block_size = 1;
4557 if (enc == 0 || enc == 1)
4558 ctx->enc = enc ? 1 : 0;
4559 if (key) {
4560 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4561 AES_ENCRYPTION, 0);
4562 if (ret != 0)
4563 return WOLFSSL_FAILURE;
4564 }
4565 if (iv && key == NULL) {
4566 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4567 if (ret != 0)
4568 return WOLFSSL_FAILURE;
4569 }
4570 }
4571 #endif /* WOLFSSL_AES_192 */
4572 #ifdef WOLFSSL_AES_256
4573 if (ctx->cipherType == AES_256_CFB8_TYPE ||
4574 (type && XSTRNCMP(type, EVP_AES_256_CFB8, EVP_AESCFB_SIZE) == 0)) {
4575 WOLFSSL_MSG("EVP_AES_256_CFB8");
4576 ctx->cipherType = AES_256_CFB8_TYPE;
4577 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4578 ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE;
4579 ctx->keyLen = 32;
4580 ctx->block_size = 1;
4581 if (enc == 0 || enc == 1)
4582 ctx->enc = enc ? 1 : 0;
4583 if (key) {
4584 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4585 AES_ENCRYPTION, 0);
4586 if (ret != 0){
4587 WOLFSSL_MSG("AesSetKey() failed");
4588 return WOLFSSL_FAILURE;
4589 }
4590 }
4591 if (iv && key == NULL) {
4592 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4593 if (ret != 0){
4594 WOLFSSL_MSG("wc_AesSetIV() failed");
4595 return WOLFSSL_FAILURE;
4596 }
4597 }
4598 }
4599 #endif /* WOLFSSL_AES_256 */
4600 #ifdef WOLFSSL_AES_128
4601 if (ctx->cipherType == AES_128_CFB128_TYPE ||
4602 (type && XSTRNCMP(type, EVP_AES_128_CFB128, EVP_AESCFB_SIZE) == 0)) {
4603 WOLFSSL_MSG("EVP_AES_128_CFB128");
4604 ctx->cipherType = AES_128_CFB128_TYPE;
4605 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4606 ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE;
4607 ctx->keyLen = 16;
4608 ctx->block_size = 1;
4609 if (enc == 0 || enc == 1)
4610 ctx->enc = enc ? 1 : 0;
4611 if (key) {
4612 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4613 AES_ENCRYPTION, 0);
4614 if (ret != 0)
4615 return WOLFSSL_FAILURE;
4616 }
4617 if (iv && key == NULL) {
4618 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4619 if (ret != 0)
4620 return WOLFSSL_FAILURE;
4621 }
4622 }
4623 #endif /* WOLFSSL_AES_128 */
4624 #ifdef WOLFSSL_AES_192
4625 if (ctx->cipherType == AES_192_CFB128_TYPE ||
4626 (type && XSTRNCMP(type, EVP_AES_192_CFB128, EVP_AESCFB_SIZE) == 0)) {
4627 WOLFSSL_MSG("EVP_AES_192_CFB128");
4628 ctx->cipherType = AES_192_CFB128_TYPE;
4629 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4630 ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE;
4631 ctx->keyLen = 24;
4632 ctx->block_size = 1;
4633 if (enc == 0 || enc == 1)
4634 ctx->enc = enc ? 1 : 0;
4635 if (key) {
4636 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4637 AES_ENCRYPTION, 0);
4638 if (ret != 0)
4639 return WOLFSSL_FAILURE;
4640 }
4641 if (iv && key == NULL) {
4642 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4643 if (ret != 0)
4644 return WOLFSSL_FAILURE;
4645 }
4646 }
4647 #endif /* WOLFSSL_AES_192 */
4648 #ifdef WOLFSSL_AES_256
4649 if (ctx->cipherType == AES_256_CFB128_TYPE ||
4650 (type && XSTRNCMP(type, EVP_AES_256_CFB128, EVP_AESCFB_SIZE) == 0)) {
4651 WOLFSSL_MSG("EVP_AES_256_CFB128");
4652 ctx->cipherType = AES_256_CFB128_TYPE;
4653 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4654 ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE;
4655 ctx->keyLen = 32;
4656 ctx->block_size = 1;
4657 if (enc == 0 || enc == 1)
4658 ctx->enc = enc ? 1 : 0;
4659 if (key) {
4660 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4661 AES_ENCRYPTION, 0);
4662 if (ret != 0){
4663 WOLFSSL_MSG("AesSetKey() failed");
4664 return WOLFSSL_FAILURE;
4665 }
4666 }
4667 if (iv && key == NULL) {
4668 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4669 if (ret != 0){
4670 WOLFSSL_MSG("wc_AesSetIV() failed");
4671 return WOLFSSL_FAILURE;
4672 }
4673 }
4674 }
4675 #endif /* WOLFSSL_AES_256 */
4676 #endif /* HAVE_AES_CFB */
4677 #ifdef WOLFSSL_AES_OFB
4678 #ifdef WOLFSSL_AES_128
4679 if (ctx->cipherType == AES_128_OFB_TYPE ||
4680 (type && XSTRNCMP(type, EVP_AES_128_OFB, EVP_AES_SIZE) == 0)) {
4681 WOLFSSL_MSG("EVP_AES_128_OFB");
4682 ctx->cipherType = AES_128_OFB_TYPE;
4683 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4684 ctx->flags |= WOLFSSL_EVP_CIPH_OFB_MODE;
4685 ctx->keyLen = 16;
4686 ctx->block_size = 1;
4687 if (enc == 0 || enc == 1)
4688 ctx->enc = enc ? 1 : 0;
4689 if (key) {
4690 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4691 AES_ENCRYPTION, 0);
4692 if (ret != 0)
4693 return WOLFSSL_FAILURE;
4694 }
4695 if (iv && key == NULL) {
4696 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4697 if (ret != 0)
4698 return WOLFSSL_FAILURE;
4699 }
4700 }
4701 #endif /* WOLFSSL_AES_128 */
4702 #ifdef WOLFSSL_AES_192
4703 if (ctx->cipherType == AES_192_OFB_TYPE ||
4704 (type && XSTRNCMP(type, EVP_AES_192_OFB, EVP_AES_SIZE) == 0)) {
4705 WOLFSSL_MSG("EVP_AES_192_OFB");
4706 ctx->cipherType = AES_192_OFB_TYPE;
4707 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4708 ctx->flags |= WOLFSSL_EVP_CIPH_OFB_MODE;
4709 ctx->keyLen = 24;
4710 ctx->block_size = 1;
4711 if (enc == 0 || enc == 1)
4712 ctx->enc = enc ? 1 : 0;
4713 if (key) {
4714 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4715 AES_ENCRYPTION, 0);
4716 if (ret != 0)
4717 return WOLFSSL_FAILURE;
4718 }
4719 if (iv && key == NULL) {
4720 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4721 if (ret != 0)
4722 return WOLFSSL_FAILURE;
4723 }
4724 }
4725 #endif /* WOLFSSL_AES_192 */
4726 #ifdef WOLFSSL_AES_256
4727 if (ctx->cipherType == AES_256_OFB_TYPE ||
4728 (type && XSTRNCMP(type, EVP_AES_256_OFB, EVP_AES_SIZE) == 0)) {
4729 WOLFSSL_MSG("EVP_AES_256_OFB");
4730 ctx->cipherType = AES_256_OFB_TYPE;
4731 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4732 ctx->flags |= WOLFSSL_EVP_CIPH_OFB_MODE;
4733 ctx->keyLen = 32;
4734 ctx->block_size = 1;
4735 if (enc == 0 || enc == 1)
4736 ctx->enc = enc ? 1 : 0;
4737 if (key) {
4738 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4739 AES_ENCRYPTION, 0);
4740 if (ret != 0){
4741 WOLFSSL_MSG("AesSetKey() failed");
4742 return WOLFSSL_FAILURE;
4743 }
4744 }
4745 if (iv && key == NULL) {
4746 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4747 if (ret != 0){
4748 WOLFSSL_MSG("wc_AesSetIV() failed");
4749 return WOLFSSL_FAILURE;
4750 }
4751 }
4752 }
4753 #endif /* WOLFSSL_AES_256 */
4754 #endif /* HAVE_AES_OFB */
4755 #ifdef WOLFSSL_AES_XTS
4756 #ifdef WOLFSSL_AES_128
4757 if (ctx->cipherType == AES_128_XTS_TYPE ||
4758 (type && XSTRNCMP(type, EVP_AES_128_XTS, EVP_AES_SIZE) == 0)) {
4759 WOLFSSL_MSG("EVP_AES_128_XTS");
4760 ctx->cipherType = AES_128_XTS_TYPE;
4761 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4762 ctx->flags |= WOLFSSL_EVP_CIPH_XTS_MODE;
4763 ctx->keyLen = 32;
4764 ctx->block_size = 1;
4765 ctx->ivSz = AES_BLOCK_SIZE;
4766
4767 if (iv != NULL) {
4768 if (iv != ctx->iv) /* Valgrind error when src == dst */
4769 XMEMCPY(ctx->iv, iv, ctx->ivSz);
4770 }
4771 else
4772 XMEMSET(ctx->iv, 0, AES_BLOCK_SIZE);
4773
4774 if (enc == 0 || enc == 1)
4775 ctx->enc = enc ? 1 : 0;
4776 if (key) {
4777 ret = wc_AesXtsSetKey(&ctx->cipher.xts, key, ctx->keyLen,
4778 ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, NULL, 0);
4779 if (ret != 0) {
4780 WOLFSSL_MSG("wc_AesXtsSetKey() failed");
4781 return WOLFSSL_FAILURE;
4782 }
4783 }
4784 }
4785 #endif /* WOLFSSL_AES_128 */
4786 #ifdef WOLFSSL_AES_256
4787 if (ctx->cipherType == AES_256_XTS_TYPE ||
4788 (type && XSTRNCMP(type, EVP_AES_256_XTS, EVP_AES_SIZE) == 0)) {
4789 WOLFSSL_MSG("EVP_AES_256_XTS");
4790 ctx->cipherType = AES_256_XTS_TYPE;
4791 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4792 ctx->flags |= WOLFSSL_EVP_CIPH_XTS_MODE;
4793 ctx->keyLen = 64;
4794 ctx->block_size = 1;
4795 ctx->ivSz = AES_BLOCK_SIZE;
4796
4797 if (iv != NULL) {
4798 if (iv != ctx->iv) /* Valgrind error when src == dst */
4799 XMEMCPY(ctx->iv, iv, ctx->ivSz);
4800 }
4801 else
4802 XMEMSET(ctx->iv, 0, AES_BLOCK_SIZE);
4803
4804 if (enc == 0 || enc == 1)
4805 ctx->enc = enc ? 1 : 0;
4806 if (key) {
4807 ret = wc_AesXtsSetKey(&ctx->cipher.xts, key, ctx->keyLen,
4808 ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, NULL, 0);
4809 if (ret != 0) {
4810 WOLFSSL_MSG("wc_AesXtsSetKey() failed");
4811 return WOLFSSL_FAILURE;
4812 }
4813 }
4814 }
4815 #endif /* WOLFSSL_AES_256 */
4816 #endif /* HAVE_AES_XTS */
4817#endif /* NO_AES */
4818
4819#ifndef NO_DES3
4820 if (ctx->cipherType == DES_CBC_TYPE ||
4821 (type && XSTRNCMP(type, EVP_DES_CBC, EVP_DES_SIZE) == 0)) {
4822 WOLFSSL_MSG("EVP_DES_CBC");
4823 ctx->cipherType = DES_CBC_TYPE;
4824 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4825 ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE;
4826 ctx->keyLen = 8;
4827 ctx->block_size = DES_BLOCK_SIZE;
4828 ctx->ivSz = DES_BLOCK_SIZE;
4829 if (enc == 0 || enc == 1)
4830 ctx->enc = enc ? 1 : 0;
4831 if (key) {
4832 ret = wc_Des_SetKey(&ctx->cipher.des, key, iv,
4833 ctx->enc ? DES_ENCRYPTION : DES_DECRYPTION);
4834 if (ret != 0)
4835 return WOLFSSL_FAILURE;
4836 }
4837
4838 if (iv && key == NULL)
4839 wc_Des_SetIV(&ctx->cipher.des, iv);
4840 }
4841#ifdef WOLFSSL_DES_ECB
4842 else if (ctx->cipherType == DES_ECB_TYPE ||
4843 (type && XSTRNCMP(type, EVP_DES_ECB, EVP_DES_SIZE) == 0)) {
4844 WOLFSSL_MSG("EVP_DES_ECB");
4845 ctx->cipherType = DES_ECB_TYPE;
4846 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4847 ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE;
4848 ctx->keyLen = 8;
4849 ctx->block_size = DES_BLOCK_SIZE;
4850 if (enc == 0 || enc == 1)
4851 ctx->enc = enc ? 1 : 0;
4852 if (key) {
4853 WOLFSSL_MSG("Des_SetKey");
4854 ret = wc_Des_SetKey(&ctx->cipher.des, key, NULL,
4855 ctx->enc ? DES_ENCRYPTION : DES_DECRYPTION);
4856 if (ret != 0)
4857 return WOLFSSL_FAILURE;
4858 }
4859 }
4860#endif
4861 else if (ctx->cipherType == DES_EDE3_CBC_TYPE ||
4862 (type &&
4863 XSTRNCMP(type, EVP_DES_EDE3_CBC, EVP_DES_EDE3_SIZE) == 0)) {
4864 WOLFSSL_MSG("EVP_DES_EDE3_CBC");
4865 ctx->cipherType = DES_EDE3_CBC_TYPE;
4866 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4867 ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE;
4868 ctx->keyLen = 24;
4869 ctx->block_size = DES_BLOCK_SIZE;
4870 ctx->ivSz = DES_BLOCK_SIZE;
4871 if (enc == 0 || enc == 1)
4872 ctx->enc = enc ? 1 : 0;
4873 if (key) {
4874 ret = wc_Des3_SetKey(&ctx->cipher.des3, key, iv,
4875 ctx->enc ? DES_ENCRYPTION : DES_DECRYPTION);
4876 if (ret != 0)
4877 return WOLFSSL_FAILURE;
4878 }
4879
4880 if (iv && key == NULL) {
4881 ret = wc_Des3_SetIV(&ctx->cipher.des3, iv);
4882 if (ret != 0)
4883 return WOLFSSL_FAILURE;
4884 }
4885 }
4886 else if (ctx->cipherType == DES_EDE3_ECB_TYPE ||
4887 (type &&
4888 XSTRNCMP(type, EVP_DES_EDE3_ECB, EVP_DES_EDE3_SIZE) == 0)) {
4889 WOLFSSL_MSG("EVP_DES_EDE3_ECB");
4890 ctx->cipherType = DES_EDE3_ECB_TYPE;
4891 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4892 ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE;
4893 ctx->keyLen = 24;
4894 ctx->block_size = DES_BLOCK_SIZE;
4895 if (enc == 0 || enc == 1)
4896 ctx->enc = enc ? 1 : 0;
4897 if (key) {
4898 ret = wc_Des3_SetKey(&ctx->cipher.des3, key, NULL,
4899 ctx->enc ? DES_ENCRYPTION : DES_DECRYPTION);
4900 if (ret != 0)
4901 return WOLFSSL_FAILURE;
4902 }
4903 }
4904#endif /* NO_DES3 */
4905#ifndef NO_RC4
4906 if (ctx->cipherType == ARC4_TYPE || (type &&
4907 XSTRNCMP(type, "ARC4", 4) == 0)) {
4908 WOLFSSL_MSG("ARC4");
4909 ctx->cipherType = ARC4_TYPE;
4910 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4911 ctx->flags |= WOLFSSL_EVP_CIPH_STREAM_CIPHER;
4912 ctx->block_size = 1;
4913 if (ctx->keyLen == 0) /* user may have already set */
4914 ctx->keyLen = 16; /* default to 128 */
4915 if (key)
4916 wc_Arc4SetKey(&ctx->cipher.arc4, key, ctx->keyLen);
4917 }
4918#endif /* NO_RC4 */
4919#ifdef HAVE_IDEA
4920 if (ctx->cipherType == IDEA_CBC_TYPE ||
4921 (type && XSTRNCMP(type, EVP_IDEA_CBC, EVP_IDEA_SIZE) == 0)) {
4922 WOLFSSL_MSG("EVP_IDEA_CBC");
4923 ctx->cipherType = IDEA_CBC_TYPE;
4924 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4925 ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE;
4926 ctx->keyLen = IDEA_KEY_SIZE;
4927 ctx->block_size = 8;
4928 ctx->ivSz = IDEA_BLOCK_SIZE;
4929 if (enc == 0 || enc == 1)
4930 ctx->enc = enc ? 1 : 0;
4931 if (key) {
4932 ret = wc_IdeaSetKey(&ctx->cipher.idea, key, (word16)ctx->keyLen,
4933 iv, ctx->enc ? IDEA_ENCRYPTION :
4934 IDEA_DECRYPTION);
4935 if (ret != 0)
4936 return WOLFSSL_FAILURE;
4937 }
4938
4939 if (iv && key == NULL)
4940 wc_IdeaSetIV(&ctx->cipher.idea, iv);
4941 }
4942#endif /* HAVE_IDEA */
4943 if (ctx->cipherType == NULL_CIPHER_TYPE || (type &&
4944 XSTRNCMP(type, "NULL", 4) == 0)) {
4945 WOLFSSL_MSG("NULL cipher");
4946 ctx->cipherType = NULL_CIPHER_TYPE;
4947 ctx->keyLen = 0;
4948 ctx->block_size = 16;
4949 }
4950#ifdef HAVE_WOLFSSL_EVP_CIPHER_CTX_IV
4951 if (iv && iv != ctx->iv) {
4952 if (wolfSSL_StoreExternalIV(ctx) != WOLFSSL_SUCCESS) {
4953 return WOLFSSL_FAILURE;
4954 }
4955 }
4956#endif
4957 (void)ret; /* remove warning. If execution reaches this point, ret=0 */
4958 return WOLFSSL_SUCCESS;
4959 }
4960
4961 /* WOLFSSL_SUCCESS on ok */
4962 int wolfSSL_EVP_CIPHER_CTX_key_length(WOLFSSL_EVP_CIPHER_CTX* ctx)
4963 {
4964 WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_key_length");
4965 if (ctx)
4966 return ctx->keyLen;
4967
4968 return 0; /* failure */
4969 }
4970
4971 /* WOLFSSL_SUCCESS on ok */
4972 int wolfSSL_EVP_CIPHER_CTX_set_key_length(WOLFSSL_EVP_CIPHER_CTX* ctx,
4973 int keylen)
4974 {
4975 WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_set_key_length");
4976 if (ctx)
4977 ctx->keyLen = keylen;
4978 else
4979 return 0; /* failure */
4980
4981 return WOLFSSL_SUCCESS;
4982 }
4983#if defined(HAVE_AESGCM)
4984 /* returns WOLFSSL_SUCCESS on success, otherwise returns WOLFSSL_FAILURE */
4985 int wolfSSL_EVP_CIPHER_CTX_set_iv_length(WOLFSSL_EVP_CIPHER_CTX* ctx,
4986 int ivLen)
4987 {
4988 WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_set_iv_length");
4989 if (ctx)
4990 ctx->ivSz= ivLen;
4991 else
4992 return WOLFSSL_FAILURE;
4993
4994 return WOLFSSL_SUCCESS;
4995 }
4996
4997 /* returns WOLFSSL_SUCCESS on success, otherwise returns WOLFSSL_FAILURE */
4998 int wolfSSL_EVP_CIPHER_CTX_set_iv(WOLFSSL_EVP_CIPHER_CTX* ctx, byte* iv,
4999 int ivLen)
5000 {
5001 int expectedIvLen;
5002
5003 WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_set_iv_length");
5004 if (!ctx || !iv || !ivLen) {
5005 return WOLFSSL_FAILURE;
5006 }
5007
5008 expectedIvLen = wolfSSL_EVP_CIPHER_CTX_iv_length(ctx);
5009
5010 if (expectedIvLen == 0 || expectedIvLen != ivLen) {
5011 WOLFSSL_MSG("Wrong ivLen value");
5012 return WOLFSSL_FAILURE;
5013 }
5014
5015 return wolfSSL_EVP_CipherInit(ctx, NULL, NULL, iv, -1);
5016 }
5017#endif
5018
5019 /* WOLFSSL_SUCCESS on ok */
5020 int wolfSSL_EVP_Cipher(WOLFSSL_EVP_CIPHER_CTX* ctx, byte* dst, byte* src,
5021 word32 len)
5022 {
5023 int ret = 0;
5024 WOLFSSL_ENTER("wolfSSL_EVP_Cipher");
5025
5026 if (ctx == NULL || src == NULL ||
5027 (dst == NULL &&
5028 ctx->cipherType != AES_128_GCM_TYPE &&
5029 ctx->cipherType != AES_192_GCM_TYPE &&
5030 ctx->cipherType != AES_256_GCM_TYPE)) {
5031 WOLFSSL_MSG("Bad function argument");
5032 return 0; /* failure */
5033 }
5034
5035 if (ctx->cipherType == 0xff) {
5036 WOLFSSL_MSG("no init");
5037 return 0; /* failure */
5038 }
5039
5040 switch (ctx->cipherType) {
5041
5042#ifndef NO_AES
5043#ifdef HAVE_AES_CBC
5044 case AES_128_CBC_TYPE :
5045 case AES_192_CBC_TYPE :
5046 case AES_256_CBC_TYPE :
5047 WOLFSSL_MSG("AES CBC");
5048 if (ctx->enc)
5049 ret = wc_AesCbcEncrypt(&ctx->cipher.aes, dst, src, len);
5050 else
5051 ret = wc_AesCbcDecrypt(&ctx->cipher.aes, dst, src, len);
5052 break;
5053#endif /* HAVE_AES_CBC */
5054
5055#ifdef WOLFSSL_AES_CFB
5056#if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
5057 case AES_128_CFB1_TYPE:
5058 case AES_192_CFB1_TYPE:
5059 case AES_256_CFB1_TYPE:
5060 WOLFSSL_MSG("AES CFB1");
5061 if (ctx->enc)
5062 ret = wc_AesCfb1Encrypt(&ctx->cipher.aes, dst, src, len);
5063 else
5064 ret = wc_AesCfb1Decrypt(&ctx->cipher.aes, dst, src, len);
5065 break;
5066 case AES_128_CFB8_TYPE:
5067 case AES_192_CFB8_TYPE:
5068 case AES_256_CFB8_TYPE:
5069 WOLFSSL_MSG("AES CFB8");
5070 if (ctx->enc)
5071 ret = wc_AesCfb8Encrypt(&ctx->cipher.aes, dst, src, len);
5072 else
5073 ret = wc_AesCfb8Decrypt(&ctx->cipher.aes, dst, src, len);
5074 break;
5075#endif /* !HAVE_SELFTEST && !HAVE_FIPS */
5076 case AES_128_CFB128_TYPE:
5077 case AES_192_CFB128_TYPE:
5078 case AES_256_CFB128_TYPE:
5079 WOLFSSL_MSG("AES CFB128");
5080 if (ctx->enc)
5081 ret = wc_AesCfbEncrypt(&ctx->cipher.aes, dst, src, len);
5082 else
5083 ret = wc_AesCfbDecrypt(&ctx->cipher.aes, dst, src, len);
5084 break;
5085#endif /* WOLFSSL_AES_CFB */
5086#if defined(WOLFSSL_AES_OFB)
5087 case AES_128_OFB_TYPE:
5088 case AES_192_OFB_TYPE:
5089 case AES_256_OFB_TYPE:
5090 WOLFSSL_MSG("AES OFB");
5091 if (ctx->enc)
5092 ret = wc_AesOfbEncrypt(&ctx->cipher.aes, dst, src, len);
5093 else
5094 ret = wc_AesOfbDecrypt(&ctx->cipher.aes, dst, src, len);
5095 break;
5096#endif /* WOLFSSL_AES_OFB */
5097#if defined(WOLFSSL_AES_XTS)
5098 case AES_128_XTS_TYPE:
5099 case AES_256_XTS_TYPE:
5100 WOLFSSL_MSG("AES XTS");
5101 if (ctx->enc)
5102 ret = wc_AesXtsEncrypt(&ctx->cipher.xts, dst, src, len,
5103 ctx->iv, ctx->ivSz);
5104 else
5105 ret = wc_AesXtsDecrypt(&ctx->cipher.xts, dst, src, len,
5106 ctx->iv, ctx->ivSz);
5107 break;
5108#endif /* WOLFSSL_AES_XTS */
5109
5110#ifdef HAVE_AESGCM
5111 case AES_128_GCM_TYPE :
5112 case AES_192_GCM_TYPE :
5113 case AES_256_GCM_TYPE :
5114 WOLFSSL_MSG("AES GCM");
5115 if (ctx->enc) {
5116 if (dst){
5117 /* encrypt confidential data*/
5118 ret = wc_AesGcmEncrypt(&ctx->cipher.aes, dst, src, len,
5119 ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz,
5120 NULL, 0);
5121 }
5122 else {
5123 /* authenticated, non-confidential data */
5124 ret = wc_AesGcmEncrypt(&ctx->cipher.aes, NULL, NULL, 0,
5125 ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz,
5126 src, len);
5127 /* Reset partial authTag error for AAD*/
5128 if (ret == AES_GCM_AUTH_E)
5129 ret = 0;
5130 }
5131 }
5132 else {
5133 if (dst){
5134 /* decrypt confidential data*/
5135 ret = wc_AesGcmDecrypt(&ctx->cipher.aes, dst, src, len,
5136 ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz,
5137 NULL, 0);
5138 }
5139 else {
5140 /* authenticated, non-confidential data*/
5141 ret = wc_AesGcmDecrypt(&ctx->cipher.aes, NULL, NULL, 0,
5142 ctx->iv, ctx->ivSz,
5143 ctx->authTag, ctx->authTagSz,
5144 src, len);
5145 /* Reset partial authTag error for AAD*/
5146 if (ret == AES_GCM_AUTH_E)
5147 ret = 0;
5148 }
5149 }
5150 break;
5151#endif /* HAVE_AESGCM */
5152#ifdef HAVE_AES_ECB
5153 case AES_128_ECB_TYPE :
5154 case AES_192_ECB_TYPE :
5155 case AES_256_ECB_TYPE :
5156 WOLFSSL_MSG("AES ECB");
5157 if (ctx->enc)
5158 ret = wc_AesEcbEncrypt(&ctx->cipher.aes, dst, src, len);
5159 else
5160 ret = wc_AesEcbDecrypt(&ctx->cipher.aes, dst, src, len);
5161 break;
5162#endif
5163#ifdef WOLFSSL_AES_COUNTER
5164 case AES_128_CTR_TYPE :
5165 case AES_192_CTR_TYPE :
5166 case AES_256_CTR_TYPE :
5167 WOLFSSL_MSG("AES CTR");
5168 ret = wc_AesCtrEncrypt(&ctx->cipher.aes, dst, src, len);
5169 break;
5170#endif /* WOLFSSL_AES_COUNTER */
5171#endif /* NO_AES */
5172
5173#ifndef NO_DES3
5174 case DES_CBC_TYPE :
5175 WOLFSSL_MSG("DES CBC");
5176 if (ctx->enc)
5177 wc_Des_CbcEncrypt(&ctx->cipher.des, dst, src, len);
5178 else
5179 wc_Des_CbcDecrypt(&ctx->cipher.des, dst, src, len);
5180 break;
5181 case DES_EDE3_CBC_TYPE :
5182 WOLFSSL_MSG("DES3 CBC");
5183 if (ctx->enc)
5184 ret = wc_Des3_CbcEncrypt(&ctx->cipher.des3, dst, src, len);
5185 else
5186 ret = wc_Des3_CbcDecrypt(&ctx->cipher.des3, dst, src, len);
5187 break;
5188#ifdef WOLFSSL_DES_ECB
5189 case DES_ECB_TYPE :
5190 WOLFSSL_MSG("DES ECB");
5191 ret = wc_Des_EcbEncrypt(&ctx->cipher.des, dst, src, len);
5192 break;
5193 case DES_EDE3_ECB_TYPE :
5194 WOLFSSL_MSG("DES3 ECB");
5195 ret = wc_Des3_EcbEncrypt(&ctx->cipher.des3, dst, src, len);
5196 break;
5197#endif
5198#endif /* !NO_DES3 */
5199
5200#ifndef NO_RC4
5201 case ARC4_TYPE :
5202 WOLFSSL_MSG("ARC4");
5203 wc_Arc4Process(&ctx->cipher.arc4, dst, src, len);
5204 break;
5205#endif
5206
5207#ifdef HAVE_IDEA
5208 case IDEA_CBC_TYPE :
5209 WOLFSSL_MSG("IDEA CBC");
5210 if (ctx->enc)
5211 wc_IdeaCbcEncrypt(&ctx->cipher.idea, dst, src, len);
5212 else
5213 wc_IdeaCbcDecrypt(&ctx->cipher.idea, dst, src, len);
5214 break;
5215#endif
5216 case NULL_CIPHER_TYPE :
5217 WOLFSSL_MSG("NULL CIPHER");
5218 XMEMCPY(dst, src, len);
5219 break;
5220
5221 default: {
5222 WOLFSSL_MSG("bad type");
5223 return 0; /* failure */
5224 }
5225 }
5226
5227 if (ret != 0) {
5228 WOLFSSL_MSG("wolfSSL_EVP_Cipher failure");
5229 return 0; /* failure */
5230 }
5231
5232 if (wolfSSL_StoreExternalIV(ctx) != WOLFSSL_SUCCESS) {
5233 return WOLFSSL_FAILURE;
5234 }
5235
5236 WOLFSSL_MSG("wolfSSL_EVP_Cipher success");
5237 return WOLFSSL_SUCCESS; /* success */
5238 }
5239
5240 /* WOLFSSL_SUCCESS on ok */
5241 int wolfSSL_EVP_DigestInit(WOLFSSL_EVP_MD_CTX* ctx,
5242 const WOLFSSL_EVP_MD* md)
5243 {
5244 int ret = WOLFSSL_SUCCESS;
5245
5246 WOLFSSL_ENTER("EVP_DigestInit");
5247
5248 if (ctx == NULL || md == NULL) {
5249 return BAD_FUNC_ARG;
5250 }
5251
5252
5253 #ifdef WOLFSSL_ASYNC_CRYPT
5254 /* compile-time validation of ASYNC_CTX_SIZE */
5255 typedef char async_test[WC_ASYNC_DEV_SIZE >= sizeof(WC_ASYNC_DEV) ?
5256 1 : -1];
5257 (void)sizeof(async_test);
5258 #endif
5259
5260 /* Set to 0 if no match */
5261 ctx->macType = wolfSSL_EVP_md2macType(md);
5262 if (XSTRNCMP(md, "SHA256", 6) == 0) {
5263 ret = wolfSSL_SHA256_Init(&(ctx->hash.digest.sha256));
5264 }
5265 #ifdef WOLFSSL_SHA224
5266 else if (XSTRNCMP(md, "SHA224", 6) == 0) {
5267 ret = wolfSSL_SHA224_Init(&(ctx->hash.digest.sha224));
5268 }
5269 #endif
5270 #ifdef WOLFSSL_SHA384
5271 else if (XSTRNCMP(md, "SHA384", 6) == 0) {
5272 ret = wolfSSL_SHA384_Init(&(ctx->hash.digest.sha384));
5273 }
5274 #endif
5275 #ifdef WOLFSSL_SHA512
5276 else if (XSTRNCMP(md, "SHA512", 6) == 0) {
5277 ret = wolfSSL_SHA512_Init(&(ctx->hash.digest.sha512));
5278 }
5279 #endif
5280 #ifndef NO_MD4
5281 else if (XSTRNCMP(md, "MD4", 3) == 0) {
5282 wolfSSL_MD4_Init(&(ctx->hash.digest.md4));
5283 }
5284 #endif
5285 #ifndef NO_MD5
5286 else if (XSTRNCMP(md, "MD5", 3) == 0) {
5287 ret = wolfSSL_MD5_Init(&(ctx->hash.digest.md5));
5288 }
5289 #endif
5290#ifdef WOLFSSL_SHA3
5291 #ifndef WOLFSSL_NOSHA3_224
5292 else if (XSTRNCMP(md, "SHA3_224", 8) == 0) {
5293 ret = wolfSSL_SHA3_224_Init(&(ctx->hash.digest.sha3_224));
5294 }
5295 #endif
5296 #ifndef WOLFSSL_NOSHA3_256
5297 else if (XSTRNCMP(md, "SHA3_256", 8) == 0) {
5298 ret = wolfSSL_SHA3_256_Init(&(ctx->hash.digest.sha3_256));
5299 }
5300 #endif
5301 else if (XSTRNCMP(md, "SHA3_384", 8) == 0) {
5302 ret = wolfSSL_SHA3_384_Init(&(ctx->hash.digest.sha3_384));
5303 }
5304 #ifndef WOLFSSL_NOSHA3_512
5305 else if (XSTRNCMP(md, "SHA3_512", 8) == 0) {
5306 ret = wolfSSL_SHA3_512_Init(&(ctx->hash.digest.sha3_512));
5307 }
5308 #endif
5309#endif
5310 #ifndef NO_SHA
5311 /* has to be last since would pick or 224, 256, 384, or 512 too */
5312 else if (XSTRNCMP(md, "SHA", 3) == 0) {
5313 ret = wolfSSL_SHA_Init(&(ctx->hash.digest.sha));
5314 }
5315 #endif /* NO_SHA */
5316 else {
5317 ctx->macType = WC_HASH_TYPE_NONE;
5318 return BAD_FUNC_ARG;
5319 }
5320
5321 return ret;
5322 }
5323
5324 /* WOLFSSL_SUCCESS on ok, WOLFSSL_FAILURE on failure */
5325 int wolfSSL_EVP_DigestUpdate(WOLFSSL_EVP_MD_CTX* ctx, const void* data,
5326 size_t sz)
5327 {
5328 int macType;
5329
5330 WOLFSSL_ENTER("EVP_DigestUpdate");
5331
5332 macType = wolfSSL_EVP_md2macType(EVP_MD_CTX_md(ctx));
5333 switch (macType) {
5334#ifndef NO_MD4
5335 case WC_HASH_TYPE_MD4:
5336 wolfSSL_MD4_Update((MD4_CTX*)&ctx->hash, data,
5337 (unsigned long)sz);
5338 break;
5339#endif
5340#ifndef NO_MD5
5341 case WC_HASH_TYPE_MD5:
5342 wolfSSL_MD5_Update((MD5_CTX*)&ctx->hash, data,
5343 (unsigned long)sz);
5344 break;
5345#endif
5346#ifndef NO_SHA
5347 case WC_HASH_TYPE_SHA:
5348 wolfSSL_SHA_Update((SHA_CTX*)&ctx->hash, data,
5349 (unsigned long)sz);
5350 break;
5351#endif
5352#ifdef WOLFSSL_SHA224
5353 case WC_HASH_TYPE_SHA224:
5354 wolfSSL_SHA224_Update((SHA224_CTX*)&ctx->hash, data,
5355 (unsigned long)sz);
5356 break;
5357#endif
5358#ifndef NO_SHA256
5359 case WC_HASH_TYPE_SHA256:
5360 wolfSSL_SHA256_Update((SHA256_CTX*)&ctx->hash, data,
5361 (unsigned long)sz);
5362 break;
5363#endif /* !NO_SHA256 */
5364#ifdef WOLFSSL_SHA384
5365 case WC_HASH_TYPE_SHA384:
5366 wolfSSL_SHA384_Update((SHA384_CTX*)&ctx->hash, data,
5367 (unsigned long)sz);
5368 break;
5369#endif
5370#ifdef WOLFSSL_SHA512
5371 case WC_HASH_TYPE_SHA512:
5372 wolfSSL_SHA512_Update((SHA512_CTX*)&ctx->hash, data,
5373 (unsigned long)sz);
5374 break;
5375#endif /* WOLFSSL_SHA512 */
5376 #ifdef WOLFSSL_SHA3
5377 #ifndef WOLFSSL_NOSHA3_224
5378 case WC_HASH_TYPE_SHA3_224:
5379 wolfSSL_SHA3_224_Update((SHA3_224_CTX*)&ctx->hash, data,
5380 (unsigned long)sz);
5381 break;
5382 #endif
5383 #ifndef WOLFSSL_NOSHA3_256
5384 case WC_HASH_TYPE_SHA3_256:
5385 wolfSSL_SHA3_256_Update((SHA3_256_CTX*)&ctx->hash, data,
5386 (unsigned long)sz);
5387 break;
5388 #endif
5389 case WC_HASH_TYPE_SHA3_384:
5390 wolfSSL_SHA3_384_Update((SHA3_384_CTX*)&ctx->hash, data,
5391 (unsigned long)sz);
5392 break;
5393 #ifndef WOLFSSL_NOSHA3_512
5394 case WC_HASH_TYPE_SHA3_512:
5395 wolfSSL_SHA3_512_Update((SHA3_512_CTX*)&ctx->hash, data,
5396 (unsigned long)sz);
5397 break;
5398 #endif
5399 #endif
5400 default:
5401 return WOLFSSL_FAILURE;
5402 }
5403
5404 return WOLFSSL_SUCCESS;
5405 }
5406
5407 /* WOLFSSL_SUCCESS on ok */
5408 int wolfSSL_EVP_DigestFinal(WOLFSSL_EVP_MD_CTX* ctx, unsigned char* md,
5409 unsigned int* s)
5410 {
5411 int macType;
5412
5413 WOLFSSL_ENTER("EVP_DigestFinal");
5414 macType = wolfSSL_EVP_md2macType(EVP_MD_CTX_md(ctx));
5415 switch (macType) {
5416#ifndef NO_MD4
5417 case WC_HASH_TYPE_MD4:
5418 wolfSSL_MD4_Final(md, (MD4_CTX*)&ctx->hash);
5419 if (s) *s = MD4_DIGEST_SIZE;
5420 break;
5421#endif
5422#ifndef NO_MD5
5423 case WC_HASH_TYPE_MD5:
5424 wolfSSL_MD5_Final(md, (MD5_CTX*)&ctx->hash);
5425 if (s) *s = WC_MD5_DIGEST_SIZE;
5426 break;
5427#endif
5428#ifndef NO_SHA
5429 case WC_HASH_TYPE_SHA:
5430 wolfSSL_SHA_Final(md, (SHA_CTX*)&ctx->hash);
5431 if (s) *s = WC_SHA_DIGEST_SIZE;
5432 break;
5433#endif
5434#ifdef WOLFSSL_SHA224
5435 case WC_HASH_TYPE_SHA224:
5436 wolfSSL_SHA224_Final(md, (SHA224_CTX*)&ctx->hash);
5437 if (s) *s = WC_SHA224_DIGEST_SIZE;
5438 break;
5439#endif
5440#ifndef NO_SHA256
5441 case WC_HASH_TYPE_SHA256:
5442 wolfSSL_SHA256_Final(md, (SHA256_CTX*)&ctx->hash);
5443 if (s) *s = WC_SHA256_DIGEST_SIZE;
5444 break;
5445#endif /* !NO_SHA256 */
5446#ifdef WOLFSSL_SHA384
5447 case WC_HASH_TYPE_SHA384:
5448 wolfSSL_SHA384_Final(md, (SHA384_CTX*)&ctx->hash);
5449 if (s) *s = WC_SHA384_DIGEST_SIZE;
5450 break;
5451#endif
5452#ifdef WOLFSSL_SHA512
5453 case WC_HASH_TYPE_SHA512:
5454 wolfSSL_SHA512_Final(md, (SHA512_CTX*)&ctx->hash);
5455 if (s) *s = WC_SHA512_DIGEST_SIZE;
5456 break;
5457#endif /* WOLFSSL_SHA512 */
5458 #ifdef WOLFSSL_SHA3
5459 #ifndef WOLFSSL_NOSHA3_224
5460 case WC_HASH_TYPE_SHA3_224:
5461 wolfSSL_SHA3_224_Final(md, (SHA3_224_CTX*)&ctx->hash);
5462 if (s) *s = WC_SHA3_224_DIGEST_SIZE;
5463 break;
5464 #endif
5465 #ifndef WOLFSSL_NOSHA3_256
5466 case WC_HASH_TYPE_SHA3_256:
5467 wolfSSL_SHA3_256_Final(md, (SHA3_256_CTX*)&ctx->hash);
5468 if (s) *s = WC_SHA3_256_DIGEST_SIZE;
5469 break;
5470 #endif
5471 case WC_HASH_TYPE_SHA3_384:
5472 wolfSSL_SHA3_384_Final(md, (SHA3_384_CTX*)&ctx->hash);
5473 if (s) *s = WC_SHA3_384_DIGEST_SIZE;
5474 break;
5475 #ifndef WOLFSSL_NOSHA3_512
5476 case WC_HASH_TYPE_SHA3_512:
5477 wolfSSL_SHA3_512_Final(md, (SHA3_512_CTX*)&ctx->hash);
5478 if (s) *s = WC_SHA3_512_DIGEST_SIZE;
5479 break;
5480 #endif
5481 #endif
5482 default:
5483 return WOLFSSL_FAILURE;
5484 }
5485
5486 return WOLFSSL_SUCCESS;
5487 }
5488
5489 /* WOLFSSL_SUCCESS on ok */
5490 int wolfSSL_EVP_DigestFinal_ex(WOLFSSL_EVP_MD_CTX* ctx, unsigned char* md,
5491 unsigned int* s)
5492 {
5493 WOLFSSL_ENTER("EVP_DigestFinal_ex");
5494 return EVP_DigestFinal(ctx, md, s);
5495 }
5496
5497 void wolfSSL_EVP_cleanup(void)
5498 {
5499 /* nothing to do here */
5500 }
5501
5502const WOLFSSL_EVP_MD* wolfSSL_EVP_get_digestbynid(int id)
5503{
5504 WOLFSSL_MSG("wolfSSL_get_digestbynid");
5505
5506 switch(id) {
5507#ifndef NO_MD5
5508 case NID_md5:
5509 return wolfSSL_EVP_md5();
5510#endif
5511#ifndef NO_SHA
5512 case NID_sha1:
5513 return wolfSSL_EVP_sha1();
5514#endif
5515 default:
5516 WOLFSSL_MSG("Bad digest id value");
5517 }
5518
5519 return NULL;
5520}
5521
5522#ifndef NO_RSA
5523WOLFSSL_RSA* wolfSSL_EVP_PKEY_get0_RSA(WOLFSSL_EVP_PKEY *pkey)
5524{
5525 if (!pkey) {
5526 return NULL;
5527 }
5528 return pkey->rsa;
5529}
5530
5531WOLFSSL_RSA* wolfSSL_EVP_PKEY_get1_RSA(WOLFSSL_EVP_PKEY* key)
5532{
5533 WOLFSSL_RSA* local;
5534
5535 WOLFSSL_MSG("wolfSSL_EVP_PKEY_get1_RSA");
5536
5537 if (key == NULL) {
5538 return NULL;
5539 }
5540
5541 local = wolfSSL_RSA_new();
5542 if (local == NULL) {
5543 WOLFSSL_MSG("Error creating a new WOLFSSL_RSA structure");
5544 return NULL;
5545 }
5546
5547 if (key->type == EVP_PKEY_RSA) {
5548 if (wolfSSL_RSA_LoadDer(local, (const unsigned char*)key->pkey.ptr,
5549 key->pkey_sz) != SSL_SUCCESS) {
5550 /* now try public key */
5551 if (wolfSSL_RSA_LoadDer_ex(local,
5552 (const unsigned char*)key->pkey.ptr, key->pkey_sz,
5553 WOLFSSL_RSA_LOAD_PUBLIC) != SSL_SUCCESS) {
5554 wolfSSL_RSA_free(local);
5555 local = NULL;
5556 }
5557 }
5558 }
5559 else {
5560 WOLFSSL_MSG("WOLFSSL_EVP_PKEY does not hold an RSA key");
5561 wolfSSL_RSA_free(local);
5562 local = NULL;
5563 }
5564 return local;
5565}
5566
5567/* with set1 functions the pkey struct does not own the RSA structure
5568 *
5569 * returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure
5570 */
5571int wolfSSL_EVP_PKEY_set1_RSA(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_RSA *key)
5572{
5573#if defined(WOLFSSL_KEY_GEN) && !defined(HAVE_USER_RSA)
5574 int derMax = 0;
5575 int derSz = 0;
5576 byte* derBuf = NULL;
5577 RsaKey* rsa = NULL;
5578#endif
5579 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_set1_RSA");
5580 if ((pkey == NULL) || (key == NULL))
5581 return WOLFSSL_FAILURE;
5582
5583 if (pkey->rsa != NULL && pkey->ownRsa == 1) {
5584 wolfSSL_RSA_free(pkey->rsa);
5585 }
5586 pkey->rsa = key;
5587 pkey->ownRsa = 0; /* pkey does not own RSA */
5588 pkey->type = EVP_PKEY_RSA;
5589 if (key->inSet == 0) {
5590 if (SetRsaInternal(key) != WOLFSSL_SUCCESS) {
5591 WOLFSSL_MSG("SetRsaInternal failed");
5592 return WOLFSSL_FAILURE;
5593 }
5594 }
5595
5596#if defined(WOLFSSL_KEY_GEN) && !defined(HAVE_USER_RSA)
5597 rsa = (RsaKey*)key->internal;
5598 /* 5 > size of n, d, p, q, d%(p-1), d(q-1), 1/q%p, e + ASN.1 additional
5599 * information */
5600 derMax = 5 * wolfSSL_RSA_size(key) + (2 * AES_BLOCK_SIZE);
5601
5602 derBuf = (byte*)XMALLOC(derMax, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
5603 if (derBuf == NULL) {
5604 WOLFSSL_MSG("malloc failed");
5605 return WOLFSSL_FAILURE;
5606 }
5607
5608 if (rsa->type == RSA_PRIVATE) {
5609 /* Private key to DER */
5610 derSz = wc_RsaKeyToDer(rsa, derBuf, derMax);
5611 }
5612 else {
5613 /* Public key to DER */
5614 derSz = wc_RsaKeyToPublicDer(rsa, derBuf, derMax);
5615 }
5616
5617 if (derSz < 0) {
5618 if (rsa->type == RSA_PRIVATE) {
5619 WOLFSSL_MSG("wc_RsaKeyToDer failed");
5620 }
5621 else {
5622 WOLFSSL_MSG("wc_RsaKeyToPublicDer failed");
5623 }
5624 XFREE(derBuf, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
5625 return WOLFSSL_FAILURE;
5626 }
5627
5628 pkey->pkey.ptr = (char*)XMALLOC(derSz, pkey->heap, DYNAMIC_TYPE_DER);
5629 if (pkey->pkey.ptr == NULL) {
5630 WOLFSSL_MSG("key malloc failed");
5631 XFREE(derBuf, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
5632 return WOLFSSL_FAILURE;
5633 }
5634 pkey->pkey_sz = derSz;
5635 XMEMCPY(pkey->pkey.ptr, derBuf, derSz);
5636 XFREE(derBuf, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
5637#endif /* WOLFSSL_KEY_GEN && !HAVE_USER_RSA */
5638
5639#ifdef WC_RSA_BLINDING
5640 if (key->ownRng == 0) {
5641 if (wc_RsaSetRNG((RsaKey*)(pkey->rsa->internal), &(pkey->rng)) != 0) {
5642 WOLFSSL_MSG("Error setting RSA rng");
5643 return WOLFSSL_FAILURE;
5644 }
5645 }
5646#endif
5647 return WOLFSSL_SUCCESS;
5648}
5649#endif /* !NO_RSA */
5650
5651#if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN)
5652/* with set1 functions the pkey struct does not own the DSA structure
5653 *
5654 * returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure
5655 */
5656int wolfSSL_EVP_PKEY_set1_DSA(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_DSA *key)
5657{
5658 int derMax = 0;
5659 int derSz = 0;
5660 DsaKey* dsa = NULL;
5661 byte* derBuf = NULL;
5662
5663 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_set1_DSA");
5664
5665 if((pkey == NULL) || (key == NULL))return WOLFSSL_FAILURE;
5666 if (pkey->dsa != NULL && pkey->ownDsa == 1) {
5667 wolfSSL_DSA_free(pkey->dsa);
5668 }
5669 pkey->dsa = key;
5670 pkey->ownDsa = 0; /* pkey does not own DSA */
5671 pkey->type = EVP_PKEY_DSA;
5672 if (key->inSet == 0) {
5673 if (SetDsaInternal(key) != WOLFSSL_SUCCESS) {
5674 WOLFSSL_MSG("SetDsaInternal failed");
5675 return WOLFSSL_FAILURE;
5676 }
5677 }
5678 dsa = (DsaKey*)key->internal;
5679
5680 /* 4 > size of pub, priv, p, q, g + ASN.1 additional information */
5681 derMax = 4 * wolfSSL_BN_num_bytes(key->g) + AES_BLOCK_SIZE;
5682
5683 derBuf = (byte*)XMALLOC(derMax, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
5684 if (derBuf == NULL) {
5685 WOLFSSL_MSG("malloc failed");
5686 return WOLFSSL_FAILURE;
5687 }
5688
5689 if (dsa->type == DSA_PRIVATE) {
5690 /* Private key to DER */
5691 derSz = wc_DsaKeyToDer(dsa, derBuf, derMax);
5692 }
5693 else {
5694 /* Public key to DER */
5695 derSz = wc_DsaKeyToPublicDer(dsa, derBuf, derMax);
5696 }
5697
5698 if (derSz < 0) {
5699 if (dsa->type == DSA_PRIVATE) {
5700 WOLFSSL_MSG("wc_DsaKeyToDer failed");
5701 }
5702 else {
5703 WOLFSSL_MSG("wc_DsaKeyToPublicDer failed");
5704 }
5705 XFREE(derBuf, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
5706 return WOLFSSL_FAILURE;
5707 }
5708
5709 pkey->pkey.ptr = (char*)XMALLOC(derSz, pkey->heap, DYNAMIC_TYPE_DER);
5710 if (pkey->pkey.ptr == NULL) {
5711 WOLFSSL_MSG("key malloc failed");
5712 XFREE(derBuf, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
5713 return WOLFSSL_FAILURE;
5714 }
5715 pkey->pkey_sz = derSz;
5716 XMEMCPY(pkey->pkey.ptr, derBuf, derSz);
5717 XFREE(derBuf, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
5718
5719 return WOLFSSL_SUCCESS;
5720}
5721
5722WOLFSSL_DSA* wolfSSL_EVP_PKEY_get1_DSA(WOLFSSL_EVP_PKEY* key)
5723{
5724 WOLFSSL_DSA* local;
5725
5726 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_get1_DSA");
5727
5728 if (key == NULL) {
5729 WOLFSSL_MSG("Bad function argument");
5730 return NULL;
5731 }
5732
5733 local = wolfSSL_DSA_new();
5734 if (local == NULL) {
5735 WOLFSSL_MSG("Error creating a new WOLFSSL_DSA structure");
5736 return NULL;
5737 }
5738
5739 if (key->type == EVP_PKEY_DSA) {
5740 if (wolfSSL_DSA_LoadDer(local, (const unsigned char*)key->pkey.ptr,
5741 key->pkey_sz) != SSL_SUCCESS) {
5742 /* now try public key */
5743 if (wolfSSL_DSA_LoadDer_ex(local,
5744 (const unsigned char*)key->pkey.ptr, key->pkey_sz,
5745 WOLFSSL_DSA_LOAD_PUBLIC) != SSL_SUCCESS) {
5746 wolfSSL_DSA_free(local);
5747 local = NULL;
5748 }
5749 }
5750 }
5751 else {
5752 WOLFSSL_MSG("WOLFSSL_EVP_PKEY does not hold a DSA key");
5753 wolfSSL_DSA_free(local);
5754 local = NULL;
5755 }
5756 return local;
5757}
5758#endif /* !NO_DSA && !HAVE_SELFTEST && WOLFSSL_KEY_GEN */
5759
5760#ifdef HAVE_ECC
5761WOLFSSL_EC_KEY *wolfSSL_EVP_PKEY_get0_EC_KEY(WOLFSSL_EVP_PKEY *pkey)
5762{
5763 WOLFSSL_EC_KEY *eckey = NULL;
5764 if (pkey) {
5765#ifdef HAVE_ECC
5766 eckey = pkey->ecc;
5767#endif
5768 }
5769 return eckey;
5770}
5771
5772WOLFSSL_EC_KEY* wolfSSL_EVP_PKEY_get1_EC_KEY(WOLFSSL_EVP_PKEY* key)
5773{
5774 WOLFSSL_EC_KEY* local;
5775 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_get1_EC_KEY");
5776
5777 if (key == NULL) {
5778 return NULL;
5779 }
5780
5781 local = wolfSSL_EC_KEY_new();
5782 if (local == NULL) {
5783 WOLFSSL_MSG("Error creating a new WOLFSSL_EC_KEY structure");
5784 return NULL;
5785 }
5786
5787 if (key->type == EVP_PKEY_EC) {
5788 if (wolfSSL_EC_KEY_LoadDer(local, (const unsigned char*)key->pkey.ptr,
5789 key->pkey_sz) != SSL_SUCCESS) {
5790 /* now try public key */
5791 if (wolfSSL_EC_KEY_LoadDer_ex(local,
5792 (const unsigned char*)key->pkey.ptr,
5793 key->pkey_sz, WOLFSSL_EC_KEY_LOAD_PUBLIC) != SSL_SUCCESS) {
5794
5795 wolfSSL_EC_KEY_free(local);
5796 local = NULL;
5797 }
5798 }
5799 }
5800 else {
5801 WOLFSSL_MSG("WOLFSSL_EVP_PKEY does not hold an EC key");
5802 wolfSSL_EC_KEY_free(local);
5803 local = NULL;
5804 }
5805#ifdef OPENSSL_ALL
5806 if (!local && key->ecc) {
5807 local = wolfSSL_EC_KEY_dup(key->ecc);
5808 }
5809#endif
5810 return local;
5811}
5812#endif /* HAVE_ECC */
5813
5814#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
5815#if !defined(NO_DH) && !defined(NO_FILESYSTEM)
5816/* with set1 functions the pkey struct does not own the DH structure
5817 * Build the following DH Key format from the passed in WOLFSSL_DH
5818 * then store in WOLFSSL_EVP_PKEY in DER format.
5819 *
5820 * returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure
5821 */
5822int wolfSSL_EVP_PKEY_set1_DH(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_DH *key)
5823{
5824 byte havePublic = 0, havePrivate = 0;
5825 int ret;
5826 word32 derSz = 0;
5827 byte* derBuf = NULL;
5828 DhKey* dhkey = NULL;
5829
5830 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_set1_DH");
5831
5832 if (pkey == NULL || key == NULL)
5833 return WOLFSSL_FAILURE;
5834
5835 if (pkey->dh != NULL && pkey->ownDh == 1)
5836 wolfSSL_DH_free(pkey->dh);
5837
5838 pkey->dh = key;
5839 pkey->ownDh = 0; /* pkey does not own DH */
5840 pkey->type = EVP_PKEY_DH;
5841 if (key->inSet == 0) {
5842 if (SetDhInternal(key) != WOLFSSL_SUCCESS) {
5843 WOLFSSL_MSG("SetDhInternal failed");
5844 return WOLFSSL_FAILURE;
5845 }
5846 }
5847
5848 dhkey = (DhKey*)key->internal;
5849
5850 havePublic = mp_unsigned_bin_size(&dhkey->pub) > 0;
5851 havePrivate = mp_unsigned_bin_size(&dhkey->priv) > 0;
5852
5853 /* Get size of DER buffer only */
5854 if (havePublic && !havePrivate) {
5855 ret = wc_DhPubKeyToDer(dhkey, NULL, &derSz);
5856 } else if (havePrivate && !havePublic) {
5857 ret = wc_DhPrivKeyToDer(dhkey, NULL, &derSz);
5858 } else {
5859 ret = wc_DhParamsToDer(dhkey,NULL,&derSz);
5860 }
5861
5862 if (derSz <= 0 || ret != LENGTH_ONLY_E) {
5863 WOLFSSL_MSG("Failed to get size of DH Key");
5864 return WOLFSSL_FAILURE;
5865 }
5866
5867 derBuf = (byte*)XMALLOC(derSz, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
5868 if (derBuf == NULL) {
5869 WOLFSSL_MSG("malloc failed");
5870 return WOLFSSL_FAILURE;
5871 }
5872
5873 /* Fill DER buffer */
5874 if (havePublic && !havePrivate) {
5875 ret = wc_DhPubKeyToDer(dhkey, derBuf, &derSz);
5876 } else if (havePrivate && !havePublic) {
5877 ret = wc_DhPrivKeyToDer(dhkey, derBuf, &derSz);
5878 } else {
5879 ret = wc_DhParamsToDer(dhkey,derBuf,&derSz);
5880 }
5881
5882 if (ret <= 0) {
5883 WOLFSSL_MSG("Failed to export DH Key");
5884 XFREE(derBuf, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
5885 return WOLFSSL_FAILURE;
5886 }
5887
5888 /* Store DH key into pkey (DER format) */
5889 pkey->pkey.ptr = (char*)derBuf;
5890 pkey->pkey_sz = derSz;
5891
5892 return WOLFSSL_SUCCESS;
5893}
5894
5895WOLFSSL_DH* wolfSSL_EVP_PKEY_get0_DH(WOLFSSL_EVP_PKEY* key)
5896{
5897 if (!key) {
5898 return NULL;
5899 }
5900 return key->dh;
5901}
5902
5903WOLFSSL_DH* wolfSSL_EVP_PKEY_get1_DH(WOLFSSL_EVP_PKEY* key)
5904{
5905 WOLFSSL_DH* local = NULL;
5906
5907 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_get1_DH");
5908
5909 if (key == NULL || key->dh == NULL) {
5910 WOLFSSL_MSG("Bad function argument");
5911 return NULL;
5912 }
5913
5914 if (key->type == EVP_PKEY_DH) {
5915 local = wolfSSL_DH_new();
5916 if (local == NULL) {
5917 WOLFSSL_MSG("Error creating a new WOLFSSL_DH structure");
5918 return NULL;
5919 }
5920
5921 if (wolfSSL_DH_LoadDer(local, (const unsigned char*)key->pkey.ptr,
5922 key->pkey_sz) != SSL_SUCCESS) {
5923 wolfSSL_DH_free(local);
5924 WOLFSSL_MSG("Error wolfSSL_DH_LoadDer");
5925 local = NULL;
5926 }
5927 }
5928 else {
5929 WOLFSSL_MSG("WOLFSSL_EVP_PKEY does not hold a DH key");
5930 wolfSSL_DH_free(local);
5931 return NULL;
5932 }
5933
5934 return local;
5935}
5936#endif /* NO_DH && NO_FILESYSTEM */
5937
5938int wolfSSL_EVP_PKEY_assign(WOLFSSL_EVP_PKEY *pkey, int type, void *key)
5939{
5940 int ret;
5941
5942 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_assign");
5943
5944 /* pkey and key checked if NULL in subsequent assign functions */
5945 switch(type) {
5946 #ifndef NO_RSA
5947 case EVP_PKEY_RSA:
5948 ret = wolfSSL_EVP_PKEY_assign_RSA(pkey, (WOLFSSL_RSA*)key);
5949 break;
5950 #endif
5951 #ifndef NO_DSA
5952 case EVP_PKEY_DSA:
5953 ret = wolfSSL_EVP_PKEY_assign_DSA(pkey, (WOLFSSL_DSA*)key);
5954 break;
5955 #endif
5956 #ifdef HAVE_ECC
5957 case EVP_PKEY_EC:
5958 ret = wolfSSL_EVP_PKEY_assign_EC_KEY(pkey, (WOLFSSL_EC_KEY*)key);
5959 break;
5960 #endif
5961 #ifdef NO_DH
5962 case EVP_PKEY_DH:
5963 ret = wolfSSL_EVP_PKEY_assign_DH(pkey, (WOLFSSL_DH*)key);
5964 break;
5965 #endif
5966 default:
5967 WOLFSSL_MSG("Unknown EVP_PKEY type in wolfSSL_EVP_PKEY_assign.");
5968 ret = WOLFSSL_FAILURE;
5969 }
5970
5971 return ret;
5972}
5973#endif /* WOLFSSL_QT || OPENSSL_ALL */
5974
5975#if defined(HAVE_ECC)
5976/* try and populate public pkey_sz and pkey.ptr */
5977static void ECC_populate_EVP_PKEY(EVP_PKEY* pkey, ecc_key* ecc)
5978{
5979 int ret;
5980 if (!pkey || !ecc)
5981 return;
5982 if ((ret = wc_EccPublicKeyDerSize(ecc, 1)) > 0) {
5983 int derSz = ret;
5984 char* derBuf = (char*)XMALLOC(derSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
5985 if (derBuf) {
5986 ret = wc_EccPublicKeyToDer(ecc, (byte*)derBuf, derSz, 1);
5987 if (ret >= 0) {
5988 if (pkey->pkey.ptr) {
5989 XFREE(pkey->pkey.ptr, NULL, DYNAMIC_TYPE_OPENSSL);
5990 }
5991 pkey->pkey_sz = ret;
5992 pkey->pkey.ptr = derBuf;
5993 }
5994 else { /* failure - okay to ignore */
5995 XFREE(derBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
5996 derBuf = NULL;
5997 }
5998 }
5999 }
6000}
6001
6002WOLFSSL_API int wolfSSL_EVP_PKEY_set1_EC_KEY(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_EC_KEY *key)
6003{
6004#ifdef HAVE_ECC
6005 if((pkey == NULL) || (key ==NULL))return WOLFSSL_FAILURE;
6006 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_set1_EC_KEY");
6007#ifndef NO_RSA
6008 if (pkey->rsa != NULL && pkey->ownRsa == 1) {
6009 wolfSSL_RSA_free(pkey->rsa);
6010 }
6011 pkey->ownRsa = 0;
6012#endif
6013#ifndef NO_DSA
6014 if (pkey->dsa != NULL && pkey->ownDsa == 1) {
6015 wolfSSL_DSA_free(pkey->dsa);
6016 }
6017 pkey->ownDsa = 0;
6018#endif
6019#ifndef NO_DH
6020 if (pkey->dh != NULL && pkey->ownDh == 1) {
6021 wolfSSL_DH_free(pkey->dh);
6022 }
6023 pkey->ownDh = 0;
6024#endif
6025 if (pkey->ecc != NULL && pkey->ownEcc == 1) {
6026 wolfSSL_EC_KEY_free(pkey->ecc);
6027 }
6028 pkey->ecc = key;
6029 pkey->ownEcc = 0; /* pkey does not own EC key */
6030 pkey->type = EVP_PKEY_EC;
6031 ECC_populate_EVP_PKEY(pkey, (ecc_key*)key->internal);
6032 return WOLFSSL_SUCCESS;
6033#else
6034 (void)pkey;
6035 (void)key;
6036 return WOLFSSL_FAILURE;
6037#endif
6038}
6039
6040void* wolfSSL_EVP_X_STATE(const WOLFSSL_EVP_CIPHER_CTX* ctx)
6041{
6042 WOLFSSL_MSG("wolfSSL_EVP_X_STATE");
6043
6044 if (ctx) {
6045 switch (ctx->cipherType) {
6046 case ARC4_TYPE:
6047 WOLFSSL_MSG("returning arc4 state");
6048 return (void*)&ctx->cipher.arc4.x;
6049
6050 default:
6051 WOLFSSL_MSG("bad x state type");
6052 return 0;
6053 }
6054 }
6055
6056 return NULL;
6057}
6058int wolfSSL_EVP_PKEY_assign_EC_KEY(EVP_PKEY* pkey, WOLFSSL_EC_KEY* key)
6059{
6060 if (pkey == NULL || key == NULL)
6061 return WOLFSSL_FAILURE;
6062
6063 pkey->type = EVP_PKEY_EC;
6064 pkey->ecc = key;
6065 pkey->ownEcc = 1;
6066
6067 /* try and populate public pkey_sz and pkey.ptr */
6068 ECC_populate_EVP_PKEY(pkey, (ecc_key*)key->internal);
6069
6070 return WOLFSSL_SUCCESS;
6071}
6072#endif /* HAVE_ECC */
6073
6074#ifndef NO_WOLFSSL_STUB
6075const WOLFSSL_EVP_MD* wolfSSL_EVP_ripemd160(void)
6076{
6077 WOLFSSL_MSG("wolfSSL_ripemd160");
6078 WOLFSSL_STUB("EVP_ripemd160");
6079 return NULL;
6080}
6081#endif
6082
6083
6084int wolfSSL_EVP_MD_block_size(const WOLFSSL_EVP_MD* type)
6085{
6086 WOLFSSL_MSG("wolfSSL_EVP_MD_block_size");
6087
6088 if (type == NULL) {
6089 WOLFSSL_MSG("No md type arg");
6090 return BAD_FUNC_ARG;
6091 }
6092
6093 if (XSTRNCMP(type, "SHA256", 6) == 0) {
6094 return WC_SHA256_BLOCK_SIZE;
6095 }
6096#ifndef NO_MD5
6097 else if (XSTRNCMP(type, "MD5", 3) == 0) {
6098 return WC_MD5_BLOCK_SIZE;
6099 }
6100#endif
6101#ifdef WOLFSSL_SHA224
6102 else if (XSTRNCMP(type, "SHA224", 6) == 0) {
6103 return WC_SHA224_BLOCK_SIZE;
6104 }
6105#endif
6106#ifdef WOLFSSL_SHA384
6107 else if (XSTRNCMP(type, "SHA384", 6) == 0) {
6108 return WC_SHA384_BLOCK_SIZE;
6109 }
6110#endif
6111#ifdef WOLFSSL_SHA512
6112 else if (XSTRNCMP(type, "SHA512", 6) == 0) {
6113 return WC_SHA512_BLOCK_SIZE;
6114 }
6115#endif
6116#ifndef NO_SHA
6117 /* has to be last since would pick or 256, 384, or 512 too */
6118 else if (XSTRNCMP(type, "SHA", 3) == 0) {
6119 return WC_SHA_BLOCK_SIZE;
6120 }
6121#endif
6122
6123 return BAD_FUNC_ARG;
6124}
6125
6126int wolfSSL_EVP_MD_size(const WOLFSSL_EVP_MD* type)
6127{
6128 WOLFSSL_MSG("wolfSSL_EVP_MD_size");
6129
6130 if (type == NULL) {
6131 WOLFSSL_MSG("No md type arg");
6132 return BAD_FUNC_ARG;
6133 }
6134
6135 if (XSTRNCMP(type, "SHA256", 6) == 0) {
6136 return WC_SHA256_DIGEST_SIZE;
6137 }
6138#ifndef NO_MD5
6139 else if (XSTRNCMP(type, "MD5", 3) == 0) {
6140 return WC_MD5_DIGEST_SIZE;
6141 }
6142#endif
6143#ifdef WOLFSSL_SHA224
6144 else if (XSTRNCMP(type, "SHA224", 6) == 0) {
6145 return WC_SHA224_DIGEST_SIZE;
6146 }
6147#endif
6148#ifdef WOLFSSL_SHA384
6149 else if (XSTRNCMP(type, "SHA384", 6) == 0) {
6150 return WC_SHA384_DIGEST_SIZE;
6151 }
6152#endif
6153#ifdef WOLFSSL_SHA512
6154 else if (XSTRNCMP(type, "SHA512", 6) == 0) {
6155 return WC_SHA512_DIGEST_SIZE;
6156 }
6157#endif
6158#ifndef NO_SHA
6159 /* has to be last since would pick or 256, 384, or 512 too */
6160 else if (XSTRNCMP(type, "SHA", 3) == 0) {
6161 return WC_SHA_DIGEST_SIZE;
6162 }
6163#endif
6164
6165 return BAD_FUNC_ARG;
6166}
6167
6168
6169int wolfSSL_EVP_CIPHER_CTX_iv_length(const WOLFSSL_EVP_CIPHER_CTX* ctx)
6170{
6171 WOLFSSL_MSG("wolfSSL_EVP_CIPHER_CTX_iv_length");
6172
6173 switch (ctx->cipherType) {
6174
6175#ifdef HAVE_AES_CBC
6176 case AES_128_CBC_TYPE :
6177 case AES_192_CBC_TYPE :
6178 case AES_256_CBC_TYPE :
6179 WOLFSSL_MSG("AES CBC");
6180 return AES_BLOCK_SIZE;
6181#endif
6182#ifdef HAVE_AESGCM
6183 case AES_128_GCM_TYPE :
6184 case AES_192_GCM_TYPE :
6185 case AES_256_GCM_TYPE :
6186 WOLFSSL_MSG("AES GCM");
6187 return GCM_NONCE_MID_SZ;
6188#endif
6189#ifdef WOLFSSL_AES_COUNTER
6190 case AES_128_CTR_TYPE :
6191 case AES_192_CTR_TYPE :
6192 case AES_256_CTR_TYPE :
6193 WOLFSSL_MSG("AES CTR");
6194 return AES_BLOCK_SIZE;
6195#endif
6196#ifndef NO_DES3
6197 case DES_CBC_TYPE :
6198 WOLFSSL_MSG("DES CBC");
6199 return DES_BLOCK_SIZE;
6200
6201 case DES_EDE3_CBC_TYPE :
6202 WOLFSSL_MSG("DES EDE3 CBC");
6203 return DES_BLOCK_SIZE;
6204#endif
6205#ifdef HAVE_IDEA
6206 case IDEA_CBC_TYPE :
6207 WOLFSSL_MSG("IDEA CBC");
6208 return IDEA_BLOCK_SIZE;
6209#endif
6210#ifndef NO_RC4
6211 case ARC4_TYPE :
6212 WOLFSSL_MSG("ARC4");
6213 return 0;
6214#endif
6215#ifdef WOLFSSL_AES_CFB
6216#if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
6217 case AES_128_CFB1_TYPE:
6218 case AES_192_CFB1_TYPE:
6219 case AES_256_CFB1_TYPE:
6220 WOLFSSL_MSG("AES CFB1");
6221 return AES_BLOCK_SIZE;
6222 case AES_128_CFB8_TYPE:
6223 case AES_192_CFB8_TYPE:
6224 case AES_256_CFB8_TYPE:
6225 WOLFSSL_MSG("AES CFB8");
6226 return AES_BLOCK_SIZE;
6227#endif /* !HAVE_SELFTEST && !HAVE_FIPS */
6228 case AES_128_CFB128_TYPE:
6229 case AES_192_CFB128_TYPE:
6230 case AES_256_CFB128_TYPE:
6231 WOLFSSL_MSG("AES CFB128");
6232 return AES_BLOCK_SIZE;
6233#endif /* WOLFSSL_AES_CFB */
6234#if defined(WOLFSSL_AES_OFB)
6235 case AES_128_OFB_TYPE:
6236 case AES_192_OFB_TYPE:
6237 case AES_256_OFB_TYPE:
6238 WOLFSSL_MSG("AES OFB");
6239 return AES_BLOCK_SIZE;
6240#endif /* WOLFSSL_AES_OFB */
6241#ifdef WOLFSSL_AES_XTS
6242 case AES_128_XTS_TYPE:
6243 case AES_256_XTS_TYPE:
6244 WOLFSSL_MSG("AES XTS");
6245 return AES_BLOCK_SIZE;
6246#endif /* WOLFSSL_AES_XTS */
6247
6248 case NULL_CIPHER_TYPE :
6249 WOLFSSL_MSG("NULL");
6250 return 0;
6251
6252 default: {
6253 WOLFSSL_MSG("bad type");
6254 }
6255 }
6256 return 0;
6257}
6258
6259int wolfSSL_EVP_CIPHER_iv_length(const WOLFSSL_EVP_CIPHER* cipher)
6260{
6261 const char *name = (const char *)cipher;
6262 WOLFSSL_MSG("wolfSSL_EVP_CIPHER_iv_length");
6263
6264#ifndef NO_AES
6265#ifdef HAVE_AES_CBC
6266 #ifdef WOLFSSL_AES_128
6267 if (EVP_AES_128_CBC && XSTRNCMP(name, EVP_AES_128_CBC, XSTRLEN(EVP_AES_128_CBC)) == 0)
6268 return AES_BLOCK_SIZE;
6269 #endif
6270 #ifdef WOLFSSL_AES_192
6271 if (EVP_AES_192_CBC && XSTRNCMP(name, EVP_AES_192_CBC, XSTRLEN(EVP_AES_192_CBC)) == 0)
6272 return AES_BLOCK_SIZE;
6273 #endif
6274 #ifdef WOLFSSL_AES_256
6275 if (EVP_AES_256_CBC && XSTRNCMP(name, EVP_AES_256_CBC, XSTRLEN(EVP_AES_256_CBC)) == 0)
6276 return AES_BLOCK_SIZE;
6277 #endif
6278#endif /* HAVE_AES_CBC */
6279#ifdef HAVE_AESGCM
6280 #ifdef WOLFSSL_AES_128
6281 if (EVP_AES_128_GCM && XSTRNCMP(name, EVP_AES_128_GCM, XSTRLEN(EVP_AES_128_GCM)) == 0)
6282 return GCM_NONCE_MID_SZ;
6283 #endif
6284 #ifdef WOLFSSL_AES_192
6285 if (EVP_AES_192_GCM && XSTRNCMP(name, EVP_AES_192_GCM, XSTRLEN(EVP_AES_192_GCM)) == 0)
6286 return GCM_NONCE_MID_SZ;
6287 #endif
6288 #ifdef WOLFSSL_AES_256
6289 if (EVP_AES_256_GCM && XSTRNCMP(name, EVP_AES_256_GCM, XSTRLEN(EVP_AES_256_GCM)) == 0)
6290 return GCM_NONCE_MID_SZ;
6291 #endif
6292#endif /* HAVE_AESGCM */
6293#ifdef WOLFSSL_AES_COUNTER
6294 #ifdef WOLFSSL_AES_128
6295 if (EVP_AES_128_CTR && XSTRNCMP(name, EVP_AES_128_CTR, XSTRLEN(EVP_AES_128_CTR)) == 0)
6296 return AES_BLOCK_SIZE;
6297 #endif
6298 #ifdef WOLFSSL_AES_192
6299 if (EVP_AES_192_CTR && XSTRNCMP(name, EVP_AES_192_CTR, XSTRLEN(EVP_AES_192_CTR)) == 0)
6300 return AES_BLOCK_SIZE;
6301 #endif
6302 #ifdef WOLFSSL_AES_256
6303 if (EVP_AES_256_CTR && XSTRNCMP(name, EVP_AES_256_CTR, XSTRLEN(EVP_AES_256_CTR)) == 0)
6304 return AES_BLOCK_SIZE;
6305 #endif
6306#endif
6307#ifdef WOLFSSL_AES_XTS
6308 #ifdef WOLFSSL_AES_128
6309 if (EVP_AES_128_XTS && XSTRNCMP(name, EVP_AES_128_XTS, XSTRLEN(EVP_AES_128_XTS)) == 0)
6310 return AES_BLOCK_SIZE;
6311 #endif /* WOLFSSL_AES_128 */
6312
6313 #ifdef WOLFSSL_AES_256
6314 if (EVP_AES_256_XTS && XSTRNCMP(name, EVP_AES_256_XTS, XSTRLEN(EVP_AES_256_XTS)) == 0)
6315 return AES_BLOCK_SIZE;
6316 #endif /* WOLFSSL_AES_256 */
6317#endif /* WOLFSSL_AES_XTS */
6318
6319#endif
6320
6321#ifndef NO_DES3
6322 if ((EVP_DES_CBC && XSTRNCMP(name, EVP_DES_CBC, XSTRLEN(EVP_DES_CBC)) == 0) ||
6323 (EVP_DES_EDE3_CBC && XSTRNCMP(name, EVP_DES_EDE3_CBC, XSTRLEN(EVP_DES_EDE3_CBC)) == 0)) {
6324 return DES_BLOCK_SIZE;
6325 }
6326#endif
6327
6328#ifdef HAVE_IDEA
6329 if (EVP_IDEA_CBC && XSTRNCMP(name, EVP_IDEA_CBC, XSTRLEN(EVP_IDEA_CBC)) == 0)
6330 return IDEA_BLOCK_SIZE;
6331#endif
6332
6333 (void)name;
6334
6335 return 0;
6336}
6337
6338
6339int wolfSSL_EVP_X_STATE_LEN(const WOLFSSL_EVP_CIPHER_CTX* ctx)
6340{
6341 WOLFSSL_MSG("wolfSSL_EVP_X_STATE_LEN");
6342
6343 if (ctx) {
6344 switch (ctx->cipherType) {
6345 case ARC4_TYPE:
6346 WOLFSSL_MSG("returning arc4 state size");
6347 return sizeof(Arc4);
6348
6349 default:
6350 WOLFSSL_MSG("bad x state type");
6351 return 0;
6352 }
6353 }
6354
6355 return 0;
6356}
6357
6358
6359/* return of pkey->type which will be EVP_PKEY_RSA for example.
6360 *
6361 * type type of EVP_PKEY
6362 *
6363 * returns type or if type is not found then NID_undef
6364 */
6365int wolfSSL_EVP_PKEY_type(int type)
6366{
6367 WOLFSSL_MSG("wolfSSL_EVP_PKEY_type");
6368
6369 switch (type) {
6370 case EVP_PKEY_RSA:
6371 return EVP_PKEY_RSA;
6372 case EVP_PKEY_DSA:
6373 return EVP_PKEY_DSA;
6374 case EVP_PKEY_EC:
6375 return EVP_PKEY_EC;
6376 case EVP_PKEY_DH:
6377 return EVP_PKEY_DH;
6378 default:
6379 return NID_undef;
6380 }
6381}
6382
6383
6384int wolfSSL_EVP_PKEY_id(const EVP_PKEY *pkey)
6385{
6386 if (pkey != NULL)
6387 return pkey->type;
6388 return 0;
6389}
6390
6391
6392int wolfSSL_EVP_PKEY_base_id(const EVP_PKEY *pkey)
6393{
6394 if (pkey == NULL)
6395 return NID_undef;
6396 return wolfSSL_EVP_PKEY_type(pkey->type);
6397}
6398
6399
6400/* increments ref count of WOLFSSL_EVP_PKEY. Return 1 on success, 0 on error */
6401int wolfSSL_EVP_PKEY_up_ref(WOLFSSL_EVP_PKEY* pkey)
6402{
6403 if (pkey) {
6404 if (wc_LockMutex(&pkey->refMutex) != 0) {
6405 WOLFSSL_MSG("Failed to lock pkey mutex");
6406 }
6407 pkey->references++;
6408 wc_UnLockMutex(&pkey->refMutex);
6409
6410 return 1;
6411 }
6412
6413 return 0;
6414}
6415
6416#ifndef NO_RSA
6417int wolfSSL_EVP_PKEY_assign_RSA(EVP_PKEY* pkey, WOLFSSL_RSA* key)
6418{
6419 if (pkey == NULL || key == NULL)
6420 return WOLFSSL_FAILURE;
6421
6422 pkey->type = EVP_PKEY_RSA;
6423 pkey->rsa = key;
6424 pkey->ownRsa = 1;
6425
6426 /* try and populate public pkey_sz and pkey.ptr */
6427 if (key->internal) {
6428 RsaKey* rsa = (RsaKey*)key->internal;
6429 int ret = wc_RsaPublicKeyDerSize(rsa, 1);
6430 if (ret > 0) {
6431 int derSz = ret;
6432 char* derBuf = (char*)XMALLOC(derSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
6433 if (derBuf) {
6434 ret = wc_RsaKeyToPublicDer(rsa, (byte*)derBuf, derSz);
6435 if (ret >= 0) {
6436 pkey->pkey_sz = ret;
6437 pkey->pkey.ptr = derBuf;
6438 }
6439 else { /* failure - okay to ignore */
6440 XFREE(derBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
6441 derBuf = NULL;
6442 }
6443 }
6444 }
6445 }
6446
6447 return WOLFSSL_SUCCESS;
6448}
6449#endif /* !NO_RSA */
6450
6451#ifndef NO_DSA
6452int wolfSSL_EVP_PKEY_assign_DSA(EVP_PKEY* pkey, WOLFSSL_DSA* key)
6453{
6454 if (pkey == NULL || key == NULL)
6455 return WOLFSSL_FAILURE;
6456
6457 pkey->type = EVP_PKEY_DSA;
6458 pkey->dsa = key;
6459 pkey->ownDsa = 1;
6460
6461 return WOLFSSL_SUCCESS;
6462}
6463#endif /* !NO_DSA */
6464
6465#ifndef NO_DH
6466int wolfSSL_EVP_PKEY_assign_DH(EVP_PKEY* pkey, WOLFSSL_DH* key)
6467{
6468 if (pkey == NULL || key == NULL)
6469 return WOLFSSL_FAILURE;
6470
6471 pkey->type = EVP_PKEY_DH;
6472 pkey->dh = key;
6473 pkey->ownDh = 1;
6474
6475 return WOLFSSL_SUCCESS;
6476}
6477#endif /* !NO_DH */
6478
6479#endif /* OPENSSL_EXTRA */
6480
6481#if defined(OPENSSL_EXTRA_X509_SMALL)
6482/* Subset of OPENSSL_EXTRA for PKEY operations PKEY free is needed by the
6483 * subset of X509 API */
6484
6485WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new(void){
6486 return wolfSSL_EVP_PKEY_new_ex(NULL);
6487}
6488
6489WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_ex(void* heap)
6490{
6491 WOLFSSL_EVP_PKEY* pkey;
6492 int ret;
6493 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_new_ex");
6494 pkey = (WOLFSSL_EVP_PKEY*)XMALLOC(sizeof(WOLFSSL_EVP_PKEY), heap,
6495 DYNAMIC_TYPE_PUBLIC_KEY);
6496 if (pkey != NULL) {
6497 XMEMSET(pkey, 0, sizeof(WOLFSSL_EVP_PKEY));
6498 pkey->heap = heap;
6499 pkey->type = WOLFSSL_EVP_PKEY_DEFAULT;
6500#ifndef HAVE_FIPS
6501 ret = wc_InitRng_ex(&pkey->rng, heap, INVALID_DEVID);
6502#else
6503 ret = wc_InitRng(&pkey->rng);
6504#endif
6505 if (ret != 0){
6506 wolfSSL_EVP_PKEY_free(pkey);
6507 WOLFSSL_MSG("memory failure");
6508 return NULL;
6509 }
6510 pkey->references = 1;
6511 wc_InitMutex(&pkey->refMutex);
6512 }
6513 else {
6514 WOLFSSL_MSG("memory failure");
6515 }
6516
6517 return pkey;
6518}
6519
6520void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY* key)
6521{
6522 int doFree = 0;
6523 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_free");
6524 if (key != NULL) {
6525 if (wc_LockMutex(&key->refMutex) != 0) {
6526 WOLFSSL_MSG("Couldn't lock pkey mutex");
6527 }
6528
6529 /* only free if all references to it are done */
6530 key->references--;
6531 if (key->references == 0) {
6532 doFree = 1;
6533 }
6534 wc_UnLockMutex(&key->refMutex);
6535
6536 if (doFree) {
6537 wc_FreeRng(&key->rng);
6538
6539 if (key->pkey.ptr != NULL) {
6540 XFREE(key->pkey.ptr, key->heap, DYNAMIC_TYPE_PUBLIC_KEY);
6541 key->pkey.ptr = NULL;
6542 }
6543 switch(key->type)
6544 {
6545 #ifndef NO_RSA
6546 case EVP_PKEY_RSA:
6547 if (key->rsa != NULL && key->ownRsa == 1) {
6548 wolfSSL_RSA_free(key->rsa);
6549 key->rsa = NULL;
6550 }
6551 break;
6552 #endif /* NO_RSA */
6553
6554 #if defined(HAVE_ECC) && defined(OPENSSL_EXTRA)
6555 case EVP_PKEY_EC:
6556 if (key->ecc != NULL && key->ownEcc == 1) {
6557 wolfSSL_EC_KEY_free(key->ecc);
6558 key->ecc = NULL;
6559 }
6560 break;
6561 #endif /* HAVE_ECC && OPENSSL_EXTRA */
6562
6563 #ifndef NO_DSA
6564 case EVP_PKEY_DSA:
6565 if (key->dsa != NULL && key->ownDsa == 1) {
6566 wolfSSL_DSA_free(key->dsa);
6567 key->dsa = NULL;
6568 }
6569 break;
6570 #endif /* NO_DSA */
6571
6572 #if !defined(NO_DH) && (defined(WOLFSSL_QT) || defined(OPENSSL_ALL))
6573 case EVP_PKEY_DH:
6574 if (key->dh != NULL && key->ownDh == 1) {
6575 wolfSSL_DH_free(key->dh);
6576 key->dh = NULL;
6577 }
6578 break;
6579 #endif /* ! NO_DH ... */
6580
6581 default:
6582 break;
6583 }
6584
6585 if (wc_FreeMutex(&key->refMutex) != 0) {
6586 WOLFSSL_MSG("Couldn't free pkey mutex");
6587 }
6588 XFREE(key, key->heap, DYNAMIC_TYPE_PUBLIC_KEY);
6589 }
6590 }
6591}
6592
6593#endif /* OPENSSL_EXTRA_X509_SMALL */
6594
6595#endif /* WOLFSSL_EVP_INCLUDED */
Note: See TracBrowser for help on using the repository browser.