source: azure_iot_hub_f767zi/trunk/wolfssl-4.7.0/wolfcrypt/src/evp.c

Last change on this file was 464, checked in by coas-nagasima, 3 years ago

WolfSSLとAzure IoT SDKを更新
  • Property svn:eol-style set to native
  • Property svn:mime-type set to text/x-csrc;charset=UTF-8
File size: 206.5 KB
Line 
1/* evp.c
2 *
3 * Copyright (C) 2006-2020 wolfSSL Inc.
4 *
5 * This file is part of wolfSSL.
6 *
7 * wolfSSL is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * wolfSSL is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
20 */
21
22
23#ifdef HAVE_CONFIG_H
24 #include <config.h>
25#endif
26
27#include <wolfssl/wolfcrypt/settings.h>
28
29#if !defined(WOLFSSL_EVP_INCLUDED)
30 #ifndef WOLFSSL_IGNORE_FILE_WARN
31 #warning evp.c does not need to be compiled separately from ssl.c
32 #endif
33#elif defined(WOLFCRYPT_ONLY)
34#else
35
36#if defined(OPENSSL_EXTRA)
37
38#if !defined(HAVE_PKCS7) && \
39 ((defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \
40 (HAVE_FIPS_VERSION == 2)) || defined(HAVE_SELFTEST))
41 #include <wolfssl/wolfcrypt/aes.h>
42#endif
43
44
45#include <wolfssl/openssl/ecdsa.h>
46#include <wolfssl/openssl/evp.h>
47
48#ifndef NO_AES
49 #ifdef HAVE_AES_CBC
50 #ifdef WOLFSSL_AES_128
51 static const char EVP_AES_128_CBC[] = "AES-128-CBC";
52 #endif
53 #ifdef WOLFSSL_AES_192
54 static const char EVP_AES_192_CBC[] = "AES-192-CBC";
55 #endif
56 #ifdef WOLFSSL_AES_256
57 static const char EVP_AES_256_CBC[] = "AES-256-CBC";
58 #endif
59 #endif /* HAVE_AES_CBC */
60
61 #ifdef WOLFSSL_AES_OFB
62 #ifdef WOLFSSL_AES_128
63 static const char EVP_AES_128_OFB[] = "AES-128-OFB";
64 #endif
65 #ifdef WOLFSSL_AES_192
66 static const char EVP_AES_192_OFB[] = "AES-192-OFB";
67 #endif
68 #ifdef WOLFSSL_AES_256
69 static const char EVP_AES_256_OFB[] = "AES-256-OFB";
70 #endif
71 #endif /* WOLFSSL_AES_OFB */
72
73 #ifdef WOLFSSL_AES_XTS
74 #ifdef WOLFSSL_AES_128
75 static const char EVP_AES_128_XTS[] = "AES-128-XTS";
76 #endif
77 #ifdef WOLFSSL_AES_256
78 static const char EVP_AES_256_XTS[] = "AES-256-XTS";
79 #endif
80 #endif /* WOLFSSL_AES_XTS */
81
82 #ifdef WOLFSSL_AES_CFB
83 #ifdef WOLFSSL_AES_128
84 static const char EVP_AES_128_CFB1[] = "AES-128-CFB1";
85 #endif
86 #ifdef WOLFSSL_AES_192
87 static const char EVP_AES_192_CFB1[] = "AES-192-CFB1";
88 #endif
89 #ifdef WOLFSSL_AES_256
90 static const char EVP_AES_256_CFB1[] = "AES-256-CFB1";
91 #endif
92
93 #ifdef WOLFSSL_AES_128
94 static const char EVP_AES_128_CFB8[] = "AES-128-CFB8";
95 #endif
96 #ifdef WOLFSSL_AES_192
97 static const char EVP_AES_192_CFB8[] = "AES-192-CFB8";
98 #endif
99 #ifdef WOLFSSL_AES_256
100 static const char EVP_AES_256_CFB8[] = "AES-256-CFB8";
101 #endif
102
103 #ifdef WOLFSSL_AES_128
104 static const char EVP_AES_128_CFB128[] = "AES-128-CFB128";
105 #endif
106 #ifdef WOLFSSL_AES_192
107 static const char EVP_AES_192_CFB128[] = "AES-192-CFB128";
108 #endif
109 #ifdef WOLFSSL_AES_256
110 static const char EVP_AES_256_CFB128[] = "AES-256-CFB128";
111 #endif
112 #endif /* WOLFSSL_AES_CFB */
113
114 #ifdef HAVE_AESGCM
115 #ifdef WOLFSSL_AES_128
116 static const char EVP_AES_128_GCM[] = "AES-128-GCM";
117 #endif
118 #ifdef WOLFSSL_AES_192
119 static const char EVP_AES_192_GCM[] = "AES-192-GCM";
120 #endif
121 #ifdef WOLFSSL_AES_256
122 static const char EVP_AES_256_GCM[] = "AES-256-GCM";
123 #endif
124 #endif /* HAVE_AESGCM */
125
126 #ifdef WOLFSSL_AES_COUNTER
127 #ifdef WOLFSSL_AES_128
128 static const char EVP_AES_128_CTR[] = "AES-128-CTR";
129 #endif
130 #ifdef WOLFSSL_AES_192
131 static const char EVP_AES_192_CTR[] = "AES-192-CTR";
132 #endif
133 #ifdef WOLFSSL_AES_256
134 static const char EVP_AES_256_CTR[] = "AES-256-CTR";
135 #endif
136 #endif
137
138 #ifdef HAVE_AES_ECB
139 #ifdef WOLFSSL_AES_128
140 static const char EVP_AES_128_ECB[] = "AES-128-ECB";
141 #endif
142 #ifdef WOLFSSL_AES_192
143 static const char EVP_AES_192_ECB[] = "AES-192-ECB";
144 #endif
145 #ifdef WOLFSSL_AES_256
146 static const char EVP_AES_256_ECB[] = "AES-256-ECB";
147 #endif
148 #endif
149 #define EVP_AES_SIZE 11
150 #ifdef WOLFSSL_AES_CFB
151 #define EVP_AESCFB_SIZE 14
152 #endif
153#endif
154
155#ifndef NO_DES3
156 static const char EVP_DES_CBC[] = "DES-CBC";
157 static const char EVP_DES_ECB[] = "DES-ECB";
158
159 static const char EVP_DES_EDE3_CBC[] = "DES-EDE3-CBC";
160 static const char EVP_DES_EDE3_ECB[] = "DES-EDE3-ECB";
161
162 #define EVP_DES_SIZE 7
163 #define EVP_DES_EDE3_SIZE 12
164#endif
165
166#ifdef HAVE_IDEA
167 static const char EVP_IDEA_CBC[] = "IDEA-CBC";
168 #define EVP_IDEA_SIZE 8
169#endif
170
171#ifndef NO_RC4
172 static const char EVP_ARC4[] = "ARC4";
173 #define EVP_ARC4_SIZE 4
174#endif
175
176static const char EVP_NULL[] = "NULL";
177#define EVP_NULL_SIZE 4
178
179
180static unsigned int cipherType(const WOLFSSL_EVP_CIPHER *cipher);
181
182
183/* Getter function for cipher key length
184 *
185 * c WOLFSSL_EVP_CIPHER structure to get key length from
186 *
187 * NOTE: OpenSSL_add_all_ciphers() should be called first before using this
188 * function
189 *
190 * Returns size of key in bytes
191 */
192int wolfSSL_EVP_Cipher_key_length(const WOLFSSL_EVP_CIPHER* c)
193{
194 WOLFSSL_ENTER("wolfSSL_EVP_Cipher_key_length");
195
196 if (c == NULL) {
197 return 0;
198 }
199
200 switch (cipherType(c)) {
201#if !defined(NO_AES)
202 #if defined(HAVE_AES_CBC)
203 case AES_128_CBC_TYPE: return 16;
204 case AES_192_CBC_TYPE: return 24;
205 case AES_256_CBC_TYPE: return 32;
206 #endif
207 #if defined(WOLFSSL_AES_CFB)
208 case AES_128_CFB1_TYPE: return 16;
209 case AES_192_CFB1_TYPE: return 24;
210 case AES_256_CFB1_TYPE: return 32;
211 case AES_128_CFB8_TYPE: return 16;
212 case AES_192_CFB8_TYPE: return 24;
213 case AES_256_CFB8_TYPE: return 32;
214 case AES_128_CFB128_TYPE: return 16;
215 case AES_192_CFB128_TYPE: return 24;
216 case AES_256_CFB128_TYPE: return 32;
217 #endif
218 #if defined(WOLFSSL_AES_OFB)
219 case AES_128_OFB_TYPE: return 16;
220 case AES_192_OFB_TYPE: return 24;
221 case AES_256_OFB_TYPE: return 32;
222 #endif
223 #if defined(WOLFSSL_AES_XTS)
224 /* Two keys for XTS. */
225 case AES_128_XTS_TYPE: return 16 * 2;
226 case AES_256_XTS_TYPE: return 32 * 2;
227 #endif
228 #if defined(HAVE_AESGCM)
229 case AES_128_GCM_TYPE: return 16;
230 case AES_192_GCM_TYPE: return 24;
231 case AES_256_GCM_TYPE: return 32;
232 #endif
233 #if defined(WOLFSSL_AES_COUNTER)
234 case AES_128_CTR_TYPE: return 16;
235 case AES_192_CTR_TYPE: return 24;
236 case AES_256_CTR_TYPE: return 32;
237 #endif
238 #if defined(HAVE_AES_ECB)
239 case AES_128_ECB_TYPE: return 16;
240 case AES_192_ECB_TYPE: return 24;
241 case AES_256_ECB_TYPE: return 32;
242 #endif
243#endif /* !NO_AES */
244 #ifndef NO_DES3
245 case DES_CBC_TYPE: return 8;
246 case DES_EDE3_CBC_TYPE: return 24;
247 case DES_ECB_TYPE: return 8;
248 case DES_EDE3_ECB_TYPE: return 24;
249 #endif
250 default:
251 return 0;
252 }
253}
254
255
256int wolfSSL_EVP_EncryptInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
257 const WOLFSSL_EVP_CIPHER* type,
258 const unsigned char* key,
259 const unsigned char* iv)
260{
261 return wolfSSL_EVP_CipherInit(ctx, type, (byte*)key, (byte*)iv, 1);
262}
263
264int wolfSSL_EVP_EncryptInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
265 const WOLFSSL_EVP_CIPHER* type,
266 WOLFSSL_ENGINE *impl,
267 const unsigned char* key,
268 const unsigned char* iv)
269{
270 (void) impl;
271 return wolfSSL_EVP_CipherInit(ctx, type, (byte*)key, (byte*)iv, 1);
272}
273
274int wolfSSL_EVP_DecryptInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
275 const WOLFSSL_EVP_CIPHER* type,
276 const unsigned char* key,
277 const unsigned char* iv)
278{
279 WOLFSSL_ENTER("wolfSSL_EVP_CipherInit");
280 return wolfSSL_EVP_CipherInit(ctx, type, (byte*)key, (byte*)iv, 0);
281}
282
283int wolfSSL_EVP_DecryptInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
284 const WOLFSSL_EVP_CIPHER* type,
285 WOLFSSL_ENGINE *impl,
286 const unsigned char* key,
287 const unsigned char* iv)
288{
289 (void) impl;
290 WOLFSSL_ENTER("wolfSSL_EVP_DecryptInit");
291 return wolfSSL_EVP_CipherInit(ctx, type, (byte*)key, (byte*)iv, 0);
292}
293
294
295WOLFSSL_EVP_CIPHER_CTX *wolfSSL_EVP_CIPHER_CTX_new(void)
296{
297 WOLFSSL_EVP_CIPHER_CTX *ctx = (WOLFSSL_EVP_CIPHER_CTX*)XMALLOC(sizeof *ctx,
298 NULL, DYNAMIC_TYPE_TMP_BUFFER);
299 if (ctx) {
300 WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_new");
301 wolfSSL_EVP_CIPHER_CTX_init(ctx);
302 }
303 return ctx;
304}
305
306void wolfSSL_EVP_CIPHER_CTX_free(WOLFSSL_EVP_CIPHER_CTX *ctx)
307{
308 if (ctx) {
309 WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_free");
310 wolfSSL_EVP_CIPHER_CTX_cleanup(ctx);
311 XFREE(ctx, NULL, DYNAMIC_TYPE_TMP_BUFFER);
312 }
313}
314
315int wolfSSL_EVP_CIPHER_CTX_reset(WOLFSSL_EVP_CIPHER_CTX *ctx)
316{
317 int ret = WOLFSSL_FAILURE;
318
319 if (ctx != NULL) {
320 WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_reset");
321 wolfSSL_EVP_CIPHER_CTX_cleanup(ctx);
322 ret = WOLFSSL_SUCCESS;
323 }
324
325 return ret;
326}
327
328unsigned long wolfSSL_EVP_CIPHER_CTX_mode(const WOLFSSL_EVP_CIPHER_CTX *ctx)
329{
330 if (ctx == NULL) return 0;
331 return ctx->flags & WOLFSSL_EVP_CIPH_MODE;
332}
333
334int wolfSSL_EVP_EncryptFinal(WOLFSSL_EVP_CIPHER_CTX *ctx,
335 unsigned char *out, int *outl)
336{
337 if (ctx && ctx->enc) {
338 WOLFSSL_ENTER("wolfSSL_EVP_EncryptFinal");
339 return wolfSSL_EVP_CipherFinal(ctx, out, outl);
340 }
341 else
342 return WOLFSSL_FAILURE;
343}
344
345
346int wolfSSL_EVP_CipherInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
347 const WOLFSSL_EVP_CIPHER* type,
348 WOLFSSL_ENGINE *impl,
349 const unsigned char* key,
350 const unsigned char* iv,
351 int enc)
352{
353 (void)impl;
354 return wolfSSL_EVP_CipherInit(ctx, type, key, iv, enc);
355}
356
357int wolfSSL_EVP_EncryptFinal_ex(WOLFSSL_EVP_CIPHER_CTX *ctx,
358 unsigned char *out, int *outl)
359{
360 if (ctx && ctx->enc) {
361 WOLFSSL_ENTER("wolfSSL_EVP_EncryptFinal_ex");
362 return wolfSSL_EVP_CipherFinal(ctx, out, outl);
363 }
364 else
365 return WOLFSSL_FAILURE;
366}
367
368int wolfSSL_EVP_DecryptFinal(WOLFSSL_EVP_CIPHER_CTX *ctx,
369 unsigned char *out, int *outl)
370{
371 if (ctx && !ctx->enc) {
372 WOLFSSL_ENTER("wolfSSL_EVP_DecryptFinal");
373 return wolfSSL_EVP_CipherFinal(ctx, out, outl);
374 }
375 else {
376 return WOLFSSL_FAILURE;
377 }
378}
379
380int wolfSSL_EVP_DecryptFinal_ex(WOLFSSL_EVP_CIPHER_CTX *ctx,
381 unsigned char *out, int *outl)
382{
383 if (ctx && !ctx->enc) {
384 WOLFSSL_ENTER("wolfSSL_EVP_DecryptFinal_ex");
385 return wolfSSL_EVP_CipherFinal(ctx, out, outl);
386 }
387 else {
388 return WOLFSSL_FAILURE;
389 }
390}
391
392
393int wolfSSL_EVP_DigestInit_ex(WOLFSSL_EVP_MD_CTX* ctx,
394 const WOLFSSL_EVP_MD* type,
395 WOLFSSL_ENGINE *impl)
396{
397 (void) impl;
398 WOLFSSL_ENTER("wolfSSL_EVP_DigestInit_ex");
399 return wolfSSL_EVP_DigestInit(ctx, type);
400}
401
402#ifdef DEBUG_WOLFSSL_EVP
403#define PRINT_BUF(b, sz) { int _i; for(_i=0; _i<(sz); _i++) { \
404 printf("%02x(%c),", (b)[_i], (b)[_i]); if ((_i+1)%8==0)printf("\n");}}
405#else
406#define PRINT_BUF(b, sz)
407#endif
408
409static int fillBuff(WOLFSSL_EVP_CIPHER_CTX *ctx, const unsigned char *in, int sz)
410{
411 int fill;
412
413 if (sz > 0) {
414 if ((sz+ctx->bufUsed) > ctx->block_size) {
415 fill = ctx->block_size - ctx->bufUsed;
416 } else {
417 fill = sz;
418 }
419 XMEMCPY(&(ctx->buf[ctx->bufUsed]), in, fill);
420 ctx->bufUsed += fill;
421 return fill;
422 } else return 0;
423}
424
425static int evpCipherBlock(WOLFSSL_EVP_CIPHER_CTX *ctx,
426 unsigned char *out,
427 const unsigned char *in, int inl)
428{
429 int ret = 0;
430
431 switch (ctx->cipherType) {
432#if !defined(NO_AES)
433 #if defined(HAVE_AES_CBC)
434 case AES_128_CBC_TYPE:
435 case AES_192_CBC_TYPE:
436 case AES_256_CBC_TYPE:
437 if (ctx->enc)
438 ret = wc_AesCbcEncrypt(&ctx->cipher.aes, out, in, inl);
439 else
440 ret = wc_AesCbcDecrypt(&ctx->cipher.aes, out, in, inl);
441 break;
442 #endif
443 #if defined(WOLFSSL_AES_COUNTER)
444 case AES_128_CTR_TYPE:
445 case AES_192_CTR_TYPE:
446 case AES_256_CTR_TYPE:
447 ret = wc_AesCtrEncrypt(&ctx->cipher.aes, out, in, inl);
448 break;
449 #endif
450 #if defined(HAVE_AES_ECB)
451 case AES_128_ECB_TYPE:
452 case AES_192_ECB_TYPE:
453 case AES_256_ECB_TYPE:
454 if (ctx->enc)
455 ret = wc_AesEcbEncrypt(&ctx->cipher.aes, out, in, inl);
456 else
457 ret = wc_AesEcbDecrypt(&ctx->cipher.aes, out, in, inl);
458 break;
459 #endif
460 #if defined(WOLFSSL_AES_OFB)
461 case AES_128_OFB_TYPE:
462 case AES_192_OFB_TYPE:
463 case AES_256_OFB_TYPE:
464 if (ctx->enc)
465 ret = wc_AesOfbEncrypt(&ctx->cipher.aes, out, in, inl);
466 else
467 ret = wc_AesOfbDecrypt(&ctx->cipher.aes, out, in, inl);
468 break;
469 #endif
470 #if defined(WOLFSSL_AES_CFB)
471 #if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
472 case AES_128_CFB1_TYPE:
473 case AES_192_CFB1_TYPE:
474 case AES_256_CFB1_TYPE:
475 if (ctx->enc)
476 ret = wc_AesCfb1Encrypt(&ctx->cipher.aes, out, in,
477 inl * WOLFSSL_BIT_SIZE);
478 else
479 ret = wc_AesCfb1Decrypt(&ctx->cipher.aes, out, in,
480 inl * WOLFSSL_BIT_SIZE);
481 break;
482
483 case AES_128_CFB8_TYPE:
484 case AES_192_CFB8_TYPE:
485 case AES_256_CFB8_TYPE:
486 if (ctx->enc)
487 ret = wc_AesCfb8Encrypt(&ctx->cipher.aes, out, in, inl);
488 else
489 ret = wc_AesCfb8Decrypt(&ctx->cipher.aes, out, in, inl);
490 break;
491 #endif /* !HAVE_SELFTEST && !HAVE_FIPS */
492
493 case AES_128_CFB128_TYPE:
494 case AES_192_CFB128_TYPE:
495 case AES_256_CFB128_TYPE:
496 if (ctx->enc)
497 ret = wc_AesCfbEncrypt(&ctx->cipher.aes, out, in, inl);
498 else
499 ret = wc_AesCfbDecrypt(&ctx->cipher.aes, out, in, inl);
500 break;
501 #endif
502#if defined(WOLFSSL_AES_XTS)
503 case AES_128_XTS_TYPE:
504 case AES_256_XTS_TYPE:
505 if (ctx->enc)
506 ret = wc_AesXtsEncrypt(&ctx->cipher.xts, out, in, inl,
507 ctx->iv, ctx->ivSz);
508 else
509 ret = wc_AesXtsDecrypt(&ctx->cipher.xts, out, in, inl,
510 ctx->iv, ctx->ivSz);
511 break;
512#endif
513#endif /* !NO_AES */
514 #ifndef NO_DES3
515 case DES_CBC_TYPE:
516 if (ctx->enc)
517 ret = wc_Des_CbcEncrypt(&ctx->cipher.des, out, in, inl);
518 else
519 ret = wc_Des_CbcDecrypt(&ctx->cipher.des, out, in, inl);
520 break;
521 case DES_EDE3_CBC_TYPE:
522 if (ctx->enc)
523 ret = wc_Des3_CbcEncrypt(&ctx->cipher.des3, out, in, inl);
524 else
525 ret = wc_Des3_CbcDecrypt(&ctx->cipher.des3, out, in, inl);
526 break;
527 #if defined(WOLFSSL_DES_ECB)
528 case DES_ECB_TYPE:
529 ret = wc_Des_EcbEncrypt(&ctx->cipher.des, out, in, inl);
530 break;
531 case DES_EDE3_ECB_TYPE:
532 ret = wc_Des3_EcbEncrypt(&ctx->cipher.des3, out, in, inl);
533 break;
534 #endif
535 #endif
536 #ifndef NO_RC4
537 case ARC4_TYPE:
538 wc_Arc4Process(&ctx->cipher.arc4, out, in, inl);
539 break;
540 #endif
541 default:
542 return WOLFSSL_FAILURE;
543 }
544
545 if (ret != 0)
546 return WOLFSSL_FAILURE; /* failure */
547
548 (void)in;
549 (void)inl;
550 (void)out;
551
552 return WOLFSSL_SUCCESS; /* success */
553}
554
555#if defined(HAVE_AESGCM)
556static int wolfSSL_EVP_CipherUpdate_GCM_AAD(WOLFSSL_EVP_CIPHER_CTX *ctx,
557 const unsigned char *in, int inl) {
558 if (in && inl > 0) {
559 byte* tmp = (byte*)XREALLOC(ctx->gcmAuthIn,
560 ctx->gcmAuthInSz + inl, NULL, DYNAMIC_TYPE_OPENSSL);
561 if (tmp) {
562 ctx->gcmAuthIn = tmp;
563 XMEMCPY(ctx->gcmAuthIn + ctx->gcmAuthInSz, in, inl);
564 ctx->gcmAuthInSz += inl;
565 }
566 else {
567 WOLFSSL_MSG("realloc error");
568 return MEMORY_E;
569 }
570 }
571 return 0;
572}
573
574static int wolfSSL_EVP_CipherUpdate_GCM(WOLFSSL_EVP_CIPHER_CTX *ctx,
575 unsigned char *out, int *outl,
576 const unsigned char *in, int inl)
577{
578 int ret = 0;
579
580 *outl = inl;
581 if (out) {
582 /* Buffer input for one-shot API */
583 if (inl > 0) {
584 byte* tmp;
585 tmp = (byte*)XREALLOC(ctx->gcmBuffer,
586 ctx->gcmBufferLen + inl, NULL,
587 DYNAMIC_TYPE_OPENSSL);
588 if (tmp) {
589 XMEMCPY(tmp + ctx->gcmBufferLen, in, inl);
590 ctx->gcmBufferLen += inl;
591 ctx->gcmBuffer = tmp;
592 *outl = 0;
593 }
594 else {
595 ret = MEMORY_E;
596 }
597 }
598 }
599 else {
600 ret = wolfSSL_EVP_CipherUpdate_GCM_AAD(ctx, in, inl);
601 }
602
603 if (ret != 0) {
604 *outl = 0;
605 return WOLFSSL_FAILURE;
606 }
607
608 return WOLFSSL_SUCCESS;
609}
610#endif
611
612/* returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure */
613WOLFSSL_API int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx,
614 unsigned char *out, int *outl,
615 const unsigned char *in, int inl)
616{
617 int blocks;
618 int fill;
619
620 WOLFSSL_ENTER("wolfSSL_EVP_CipherUpdate");
621 if ((ctx == NULL) || (inl < 0) || (outl == NULL)|| (in == NULL)) {
622 WOLFSSL_MSG("Bad argument");
623 return WOLFSSL_FAILURE;
624 }
625
626 *outl = 0;
627
628#if !defined(NO_AES) && defined(HAVE_AESGCM)
629 switch (ctx->cipherType) {
630 case AES_128_GCM_TYPE:
631 case AES_192_GCM_TYPE:
632 case AES_256_GCM_TYPE:
633/* if out == NULL, in/inl contains the additional authenticated data for GCM */
634 return wolfSSL_EVP_CipherUpdate_GCM(ctx, out, outl, in, inl);
635 default:
636 /* fall-through */
637 break;
638 }
639#endif /* !defined(NO_AES) && defined(HAVE_AESGCM) */
640
641 if (out == NULL) {
642 return WOLFSSL_FAILURE;
643 }
644
645 /* if(inl == 0)wolfSSL_EVP_CipherUpdate_GCM to get tag */
646 if (inl == 0) {
647 return WOLFSSL_SUCCESS;
648 }
649 if (ctx->bufUsed > 0) { /* concatenate them if there is anything */
650 fill = fillBuff(ctx, in, inl);
651 inl -= fill;
652 in += fill;
653 }
654
655 /* check if the buff is full, and if so flash it out */
656 if (ctx->bufUsed == ctx->block_size) {
657 byte* output = out;
658
659 /* During decryption we save the last block to check padding on Final.
660 * Update the last block stored if one has already been stored */
661 if (ctx->enc == 0) {
662 if (ctx->lastUsed == 1) {
663 XMEMCPY(out, ctx->lastBlock, ctx->block_size);
664 *outl+= ctx->block_size;
665 out += ctx->block_size;
666 }
667 output = ctx->lastBlock; /* redirect output to last block buffer */
668 ctx->lastUsed = 1;
669 }
670
671 PRINT_BUF(ctx->buf, ctx->block_size);
672 if (evpCipherBlock(ctx, output, ctx->buf, ctx->block_size) == 0) {
673 return WOLFSSL_FAILURE;
674 }
675 PRINT_BUF(out, ctx->block_size);
676 ctx->bufUsed = 0;
677
678 /* if doing encryption update the new output block, decryption will
679 * always have the last block saved for when Final is called */
680 if ((ctx->enc != 0)) {
681 *outl+= ctx->block_size;
682 out += ctx->block_size;
683 }
684 }
685
686 blocks = inl / ctx->block_size;
687 if (blocks > 0) {
688 /* During decryption we save the last block to check padding on Final.
689 * Update the last block stored if one has already been stored */
690 if ((ctx->enc == 0) && (ctx->lastUsed == 1)) {
691 PRINT_BUF(ctx->lastBlock, ctx->block_size);
692 XMEMCPY(out, ctx->lastBlock, ctx->block_size);
693 *outl += ctx->block_size;
694 out += ctx->block_size;
695 ctx->lastUsed = 0;
696 }
697
698 /* process blocks */
699 if (evpCipherBlock(ctx, out, in, blocks * ctx->block_size) == 0) {
700 return WOLFSSL_FAILURE;
701 }
702 PRINT_BUF(in, ctx->block_size*blocks);
703 PRINT_BUF(out,ctx->block_size*blocks);
704 inl -= ctx->block_size * blocks;
705 in += ctx->block_size * blocks;
706 if (ctx->enc == 0) {
707 if ((ctx->flags & WOLFSSL_EVP_CIPH_NO_PADDING) ||
708 (ctx->block_size == 1)) {
709 ctx->lastUsed = 0;
710 *outl += ctx->block_size * blocks;
711 } else {
712 /* in the case of decryption and padding, store the last block
713 * here in order to verify the padding when Final is called */
714 if (inl == 0) { /* if not 0 then we know leftovers are checked*/
715 ctx->lastUsed = 1;
716 blocks = blocks - 1; /* save last block to check padding in
717 * EVP_CipherFinal call */
718 XMEMCPY(ctx->lastBlock, &out[ctx->block_size * blocks],
719 ctx->block_size);
720 }
721 *outl += ctx->block_size * blocks;
722 }
723 } else {
724 *outl += ctx->block_size * blocks;
725 }
726 }
727
728
729 if (inl > 0) {
730 /* put fraction into buff */
731 fillBuff(ctx, in, inl);
732 /* no increase of outl */
733 }
734 (void)out; /* silence warning in case not read */
735
736 return WOLFSSL_SUCCESS;
737}
738
739static void padBlock(WOLFSSL_EVP_CIPHER_CTX *ctx)
740{
741 int i;
742 for (i = ctx->bufUsed; i < ctx->block_size; i++)
743 ctx->buf[i] = (byte)(ctx->block_size - ctx->bufUsed);
744}
745
746static int checkPad(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *buff)
747{
748 int i;
749 int n;
750 n = buff[ctx->block_size-1];
751 if (n > ctx->block_size) return -1;
752 for (i = 0; i < n; i++) {
753 if (buff[ctx->block_size-i-1] != n)
754 return -1;
755 }
756 return ctx->block_size - n;
757}
758
759int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx,
760 unsigned char *out, int *outl)
761{
762 int fl;
763 int ret = WOLFSSL_SUCCESS;
764 if (!ctx || !outl)
765 return WOLFSSL_FAILURE;
766
767 WOLFSSL_ENTER("wolfSSL_EVP_CipherFinal");
768 switch (ctx->cipherType) {
769#if !defined(NO_AES) && defined(HAVE_AESGCM)
770 case AES_128_GCM_TYPE:
771 case AES_192_GCM_TYPE:
772 case AES_256_GCM_TYPE:
773 if ((ctx->gcmBuffer && ctx->gcmBufferLen > 0)
774 || (ctx->gcmBufferLen == 0)) {
775 if (ctx->enc)
776 ret = wc_AesGcmEncrypt(&ctx->cipher.aes, out,
777 ctx->gcmBuffer, ctx->gcmBufferLen,
778 ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz,
779 ctx->gcmAuthIn, ctx->gcmAuthInSz);
780 else
781 ret = wc_AesGcmDecrypt(&ctx->cipher.aes, out,
782 ctx->gcmBuffer, ctx->gcmBufferLen,
783 ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz,
784 ctx->gcmAuthIn, ctx->gcmAuthInSz);
785
786 if (ret == 0) {
787 ret = WOLFSSL_SUCCESS;
788 *outl = ctx->gcmBufferLen;
789 }
790 else {
791 ret = WOLFSSL_FAILURE;
792 *outl = 0;
793 }
794
795 XFREE(ctx->gcmBuffer, NULL, DYNAMIC_TYPE_OPENSSL);
796 ctx->gcmBuffer = NULL;
797 ctx->gcmBufferLen = 0;
798 }
799 else {
800 *outl = 0;
801 }
802 /* Clear IV, since IV reuse is not recommended for AES GCM. */
803 XMEMSET(ctx->iv, 0, AES_BLOCK_SIZE);
804 break;
805#endif /* !NO_AES && HAVE_AESGCM */
806 default:
807 if (!out)
808 return WOLFSSL_FAILURE;
809
810 if (ctx->flags & WOLFSSL_EVP_CIPH_NO_PADDING) {
811 if (ctx->bufUsed != 0) return WOLFSSL_FAILURE;
812 *outl = 0;
813 }
814 else if (ctx->enc) {
815 if (ctx->block_size == 1) {
816 *outl = 0;
817 }
818 else if ((ctx->bufUsed >= 0) && (ctx->block_size != 1)) {
819 padBlock(ctx);
820 PRINT_BUF(ctx->buf, ctx->block_size);
821 if (evpCipherBlock(ctx, out, ctx->buf, ctx->block_size) == 0) {
822 WOLFSSL_MSG("Final Cipher Block failed");
823 ret = WOLFSSL_FAILURE;
824 }
825 else {
826 PRINT_BUF(out, ctx->block_size);
827 *outl = ctx->block_size;
828 }
829 }
830 }
831 else {
832 if (ctx->block_size == 1) {
833 *outl = 0;
834 }
835 else if ((ctx->bufUsed % ctx->block_size) != 0) {
836 *outl = 0;
837 /* not enough padding for decrypt */
838 WOLFSSL_MSG("Final Cipher Block not enough padding");
839 ret = WOLFSSL_FAILURE;
840 }
841 else if (ctx->lastUsed) {
842 PRINT_BUF(ctx->lastBlock, ctx->block_size);
843 if ((fl = checkPad(ctx, ctx->lastBlock)) >= 0) {
844 XMEMCPY(out, ctx->lastBlock, fl);
845 *outl = fl;
846 if (ctx->lastUsed == 0 && ctx->bufUsed == 0) {
847 /* return error in cases where the block length is
848 * incorrect */
849 WOLFSSL_MSG("Final Cipher Block bad length");
850 ret = WOLFSSL_FAILURE;
851 }
852 }
853 else {
854 ret = WOLFSSL_FAILURE;
855 }
856 }
857 else if (ctx->lastUsed == 0 && ctx->bufUsed == 0) {
858 /* return error in cases where the block length is
859 * incorrect */
860 ret = WOLFSSL_FAILURE;
861 }
862 }
863 break;
864 }
865
866 if (ret == WOLFSSL_SUCCESS) {
867 /* reset cipher state after final */
868 ret = wolfSSL_EVP_CipherInit(ctx, NULL, NULL, NULL, -1);
869 }
870 return ret;
871}
872
873
874#ifdef WOLFSSL_EVP_DECRYPT_LEGACY
875/* This is a version of DecryptFinal to work with data encrypted with
876 * wolfSSL_EVP_EncryptFinal() with the broken padding. (pre-v3.12.0)
877 * Only call this after wolfSSL_EVP_CipherFinal() fails on a decrypt.
878 * Note, you don't know if the padding is good or bad with the old
879 * encrypt, but it is likely to be or bad. It will update the output
880 * length with the block_size so the last block is still captured. */
881WOLFSSL_API int wolfSSL_EVP_DecryptFinal_legacy(WOLFSSL_EVP_CIPHER_CTX *ctx,
882 unsigned char *out, int *outl)
883{
884 int fl;
885 if (ctx == NULL || out == NULL || outl == NULL)
886 return BAD_FUNC_ARG;
887
888 WOLFSSL_ENTER("wolfSSL_EVP_DecryptFinal_legacy");
889 if (ctx->block_size == 1) {
890 *outl = 0;
891 return WOLFSSL_SUCCESS;
892 }
893 if ((ctx->bufUsed % ctx->block_size) != 0) {
894 *outl = 0;
895 /* not enough padding for decrypt */
896 return WOLFSSL_FAILURE;
897 }
898 /* The original behavior of CipherFinal() was like it is now,
899 * but checkPad would return 0 in case of a bad pad. It would
900 * treat the pad as 0, and leave the data in the output buffer,
901 * and not try to copy anything. This converts checkPad's -1 error
902 * code to block_size.
903 */
904 if (ctx->lastUsed) {
905 PRINT_BUF(ctx->lastBlock, ctx->block_size);
906 if ((fl = checkPad(ctx, ctx->lastBlock)) < 0) {
907 fl = ctx->block_size;
908 }
909 else {
910 XMEMCPY(out, ctx->lastBlock, fl);
911 }
912 *outl = fl;
913 }
914 /* return error in cases where the block length is incorrect */
915 if (ctx->lastUsed == 0 && ctx->bufUsed == 0) {
916 return WOLFSSL_FAILURE;
917 }
918
919 return WOLFSSL_SUCCESS;
920}
921#endif
922
923int wolfSSL_EVP_CIPHER_CTX_block_size(const WOLFSSL_EVP_CIPHER_CTX *ctx)
924{
925 if (ctx == NULL) return BAD_FUNC_ARG;
926 switch (ctx->cipherType) {
927#if !defined(NO_AES) || !defined(NO_DES3)
928#if !defined(NO_AES)
929#if defined(HAVE_AES_CBC)
930 case AES_128_CBC_TYPE:
931 case AES_192_CBC_TYPE:
932 case AES_256_CBC_TYPE:
933#endif
934#if defined(HAVE_AESGCM)
935 case AES_128_GCM_TYPE:
936 case AES_192_GCM_TYPE:
937 case AES_256_GCM_TYPE:
938#endif
939#if defined(WOLFSSL_AES_COUNTER)
940 case AES_128_CTR_TYPE:
941 case AES_192_CTR_TYPE:
942 case AES_256_CTR_TYPE:
943#endif
944#if defined(WOLFSSL_AES_CFB)
945 case AES_128_CFB1_TYPE:
946 case AES_192_CFB1_TYPE:
947 case AES_256_CFB1_TYPE:
948 case AES_128_CFB8_TYPE:
949 case AES_192_CFB8_TYPE:
950 case AES_256_CFB8_TYPE:
951 case AES_128_CFB128_TYPE:
952 case AES_192_CFB128_TYPE:
953 case AES_256_CFB128_TYPE:
954#endif
955#if defined(WOLFSSL_AES_OFB)
956 case AES_128_OFB_TYPE:
957 case AES_192_OFB_TYPE:
958 case AES_256_OFB_TYPE:
959#endif
960#if defined(WOLFSSL_AES_XTS)
961 case AES_128_XTS_TYPE:
962 case AES_256_XTS_TYPE:
963#endif
964
965 case AES_128_ECB_TYPE:
966 case AES_192_ECB_TYPE:
967 case AES_256_ECB_TYPE:
968#endif /* !NO_AES */
969#ifndef NO_DES3
970 case DES_CBC_TYPE:
971 case DES_ECB_TYPE:
972 case DES_EDE3_CBC_TYPE:
973 case DES_EDE3_ECB_TYPE:
974#endif
975 return ctx->block_size;
976#endif /* !NO_AES || !NO_DES3 */
977 default:
978 return 0;
979 }
980}
981
982static unsigned int cipherType(const WOLFSSL_EVP_CIPHER *cipher)
983{
984 if (cipher == NULL) return 0; /* dummy for #ifdef */
985#ifndef NO_DES3
986 else if (XSTRNCMP(cipher, EVP_DES_CBC, EVP_DES_SIZE) == 0)
987 return DES_CBC_TYPE;
988 else if (XSTRNCMP(cipher, EVP_DES_EDE3_CBC, EVP_DES_EDE3_SIZE) == 0)
989 return DES_EDE3_CBC_TYPE;
990#if !defined(NO_DES3)
991 else if (XSTRNCMP(cipher, EVP_DES_ECB, EVP_DES_SIZE) == 0)
992 return DES_ECB_TYPE;
993 else if (XSTRNCMP(cipher, EVP_DES_EDE3_ECB, EVP_DES_EDE3_SIZE) == 0)
994 return DES_EDE3_ECB_TYPE;
995#endif /* NO_DES3 && HAVE_AES_ECB */
996#endif
997#if !defined(NO_AES)
998#if defined(HAVE_AES_CBC)
999 #ifdef WOLFSSL_AES_128
1000 else if (XSTRNCMP(cipher, EVP_AES_128_CBC, EVP_AES_SIZE) == 0)
1001 return AES_128_CBC_TYPE;
1002 #endif
1003 #ifdef WOLFSSL_AES_192
1004 else if (XSTRNCMP(cipher, EVP_AES_192_CBC, EVP_AES_SIZE) == 0)
1005 return AES_192_CBC_TYPE;
1006 #endif
1007 #ifdef WOLFSSL_AES_256
1008 else if (XSTRNCMP(cipher, EVP_AES_256_CBC, EVP_AES_SIZE) == 0)
1009 return AES_256_CBC_TYPE;
1010 #endif
1011#endif /* HAVE_AES_CBC */
1012#if defined(HAVE_AESGCM)
1013 #ifdef WOLFSSL_AES_128
1014 else if (XSTRNCMP(cipher, EVP_AES_128_GCM, EVP_AES_SIZE) == 0)
1015 return AES_128_GCM_TYPE;
1016 #endif
1017 #ifdef WOLFSSL_AES_192
1018 else if (XSTRNCMP(cipher, EVP_AES_192_GCM, EVP_AES_SIZE) == 0)
1019 return AES_192_GCM_TYPE;
1020 #endif
1021 #ifdef WOLFSSL_AES_256
1022 else if (XSTRNCMP(cipher, EVP_AES_256_GCM, EVP_AES_SIZE) == 0)
1023 return AES_256_GCM_TYPE;
1024 #endif
1025#endif /* HAVE_AESGCM */
1026#if defined(WOLFSSL_AES_COUNTER)
1027 #ifdef WOLFSSL_AES_128
1028 else if (XSTRNCMP(cipher, EVP_AES_128_CTR, EVP_AES_SIZE) == 0)
1029 return AES_128_CTR_TYPE;
1030 #endif
1031 #ifdef WOLFSSL_AES_192
1032 else if (XSTRNCMP(cipher, EVP_AES_192_CTR, EVP_AES_SIZE) == 0)
1033 return AES_192_CTR_TYPE;
1034 #endif
1035 #ifdef WOLFSSL_AES_256
1036 else if (XSTRNCMP(cipher, EVP_AES_256_CTR, EVP_AES_SIZE) == 0)
1037 return AES_256_CTR_TYPE;
1038 #endif
1039#endif /* HAVE_AES_CBC */
1040#if defined(HAVE_AES_ECB)
1041 #ifdef WOLFSSL_AES_128
1042 else if (XSTRNCMP(cipher, EVP_AES_128_ECB, EVP_AES_SIZE) == 0)
1043 return AES_128_ECB_TYPE;
1044 #endif
1045 #ifdef WOLFSSL_AES_192
1046 else if (XSTRNCMP(cipher, EVP_AES_192_ECB, EVP_AES_SIZE) == 0)
1047 return AES_192_ECB_TYPE;
1048 #endif
1049 #ifdef WOLFSSL_AES_256
1050 else if (XSTRNCMP(cipher, EVP_AES_256_ECB, EVP_AES_SIZE) == 0)
1051 return AES_256_ECB_TYPE;
1052 #endif
1053#endif /*HAVE_AES_CBC */
1054#if defined(WOLFSSL_AES_XTS)
1055 #ifdef WOLFSSL_AES_128
1056 else if (XSTRNCMP(cipher, EVP_AES_128_XTS, EVP_AES_SIZE) == 0)
1057 return AES_128_XTS_TYPE;
1058 #endif
1059 #ifdef WOLFSSL_AES_256
1060 else if (XSTRNCMP(cipher, EVP_AES_256_XTS, EVP_AES_SIZE) == 0)
1061 return AES_256_XTS_TYPE;
1062 #endif
1063#endif /* WOLFSSL_AES_XTS */
1064#if defined(WOLFSSL_AES_CFB)
1065 #ifdef WOLFSSL_AES_128
1066 else if (XSTRNCMP(cipher, EVP_AES_128_CFB1, EVP_AESCFB_SIZE) == 0)
1067 return AES_128_CFB1_TYPE;
1068 #endif
1069 #ifdef WOLFSSL_AES_192
1070 else if (XSTRNCMP(cipher, EVP_AES_192_CFB1, EVP_AESCFB_SIZE) == 0)
1071 return AES_192_CFB1_TYPE;
1072 #endif
1073 #ifdef WOLFSSL_AES_256
1074 else if (XSTRNCMP(cipher, EVP_AES_256_CFB1, EVP_AESCFB_SIZE) == 0)
1075 return AES_256_CFB1_TYPE;
1076 #endif
1077 #ifdef WOLFSSL_AES_128
1078 else if (XSTRNCMP(cipher, EVP_AES_128_CFB8, EVP_AESCFB_SIZE) == 0)
1079 return AES_128_CFB8_TYPE;
1080 #endif
1081 #ifdef WOLFSSL_AES_192
1082 else if (XSTRNCMP(cipher, EVP_AES_192_CFB8, EVP_AESCFB_SIZE) == 0)
1083 return AES_192_CFB8_TYPE;
1084 #endif
1085 #ifdef WOLFSSL_AES_256
1086 else if (XSTRNCMP(cipher, EVP_AES_256_CFB8, EVP_AESCFB_SIZE) == 0)
1087 return AES_256_CFB8_TYPE;
1088 #endif
1089 #ifdef WOLFSSL_AES_128
1090 else if (XSTRNCMP(cipher, EVP_AES_128_CFB128, EVP_AESCFB_SIZE) == 0)
1091 return AES_128_CFB128_TYPE;
1092 #endif
1093 #ifdef WOLFSSL_AES_192
1094 else if (XSTRNCMP(cipher, EVP_AES_192_CFB128, EVP_AESCFB_SIZE) == 0)
1095 return AES_192_CFB128_TYPE;
1096 #endif
1097 #ifdef WOLFSSL_AES_256
1098 else if (XSTRNCMP(cipher, EVP_AES_256_CFB128, EVP_AESCFB_SIZE) == 0)
1099 return AES_256_CFB128_TYPE;
1100 #endif
1101#endif /*HAVE_AES_CBC */
1102#if defined(WOLFSSL_AES_OFB)
1103 #ifdef WOLFSSL_AES_128
1104 else if (XSTRNCMP(cipher, EVP_AES_128_OFB, EVP_AES_SIZE) == 0)
1105 return AES_128_OFB_TYPE;
1106 #endif
1107 #ifdef WOLFSSL_AES_192
1108 else if (XSTRNCMP(cipher, EVP_AES_192_OFB, EVP_AES_SIZE) == 0)
1109 return AES_192_OFB_TYPE;
1110 #endif
1111 #ifdef WOLFSSL_AES_256
1112 else if (XSTRNCMP(cipher, EVP_AES_256_OFB, EVP_AES_SIZE) == 0)
1113 return AES_256_OFB_TYPE;
1114 #endif
1115#endif
1116#endif /* !NO_AES */
1117
1118#ifndef NO_RC4
1119 else if (XSTRNCMP(cipher, EVP_ARC4, EVP_ARC4_SIZE) == 0)
1120 return ARC4_TYPE;
1121#endif
1122 else return 0;
1123}
1124
1125int wolfSSL_EVP_CIPHER_block_size(const WOLFSSL_EVP_CIPHER *cipher)
1126{
1127 if (cipher == NULL) return BAD_FUNC_ARG;
1128 switch (cipherType(cipher)) {
1129#if !defined(NO_AES)
1130 #if defined(HAVE_AES_CBC)
1131 case AES_128_CBC_TYPE:
1132 case AES_192_CBC_TYPE:
1133 case AES_256_CBC_TYPE:
1134 return AES_BLOCK_SIZE;
1135 #endif
1136 #if defined(HAVE_AESGCM)
1137 case AES_128_GCM_TYPE:
1138 case AES_192_GCM_TYPE:
1139 case AES_256_GCM_TYPE:
1140 return 1;
1141 #endif
1142 #if defined(WOLFSSL_AES_COUNTER)
1143 case AES_128_CTR_TYPE:
1144 case AES_192_CTR_TYPE:
1145 case AES_256_CTR_TYPE:
1146 return 1;
1147 #endif
1148 #if defined(HAVE_AES_ECB)
1149 case AES_128_ECB_TYPE:
1150 case AES_192_ECB_TYPE:
1151 case AES_256_ECB_TYPE:
1152 return AES_BLOCK_SIZE;
1153 #endif
1154 #if defined(WOLFSSL_AES_CFB)
1155 case AES_128_CFB1_TYPE:
1156 case AES_192_CFB1_TYPE:
1157 case AES_256_CFB1_TYPE:
1158 case AES_128_CFB8_TYPE:
1159 case AES_192_CFB8_TYPE:
1160 case AES_256_CFB8_TYPE:
1161 case AES_128_CFB128_TYPE:
1162 case AES_192_CFB128_TYPE:
1163 case AES_256_CFB128_TYPE:
1164 return 1;
1165 #endif
1166 #if defined(WOLFSSL_AES_OFB)
1167 case AES_128_OFB_TYPE:
1168 case AES_192_OFB_TYPE:
1169 case AES_256_OFB_TYPE:
1170 return 1;
1171 #endif
1172 #if defined(WOLFSSL_AES_XTS)
1173 case AES_128_XTS_TYPE:
1174 case AES_256_XTS_TYPE:
1175 return 1;
1176 #endif
1177#endif /* NO_AES */
1178
1179#ifndef NO_RC4
1180 case ARC4_TYPE:
1181 return 1;
1182#endif
1183
1184#ifndef NO_DES3
1185 case DES_CBC_TYPE: return 8;
1186 case DES_EDE3_CBC_TYPE: return 8;
1187 case DES_ECB_TYPE: return 8;
1188 case DES_EDE3_ECB_TYPE: return 8;
1189#endif
1190 default:
1191 return 0;
1192 }
1193}
1194
1195unsigned long WOLFSSL_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher)
1196{
1197 switch (cipherType(cipher)) {
1198#if !defined(NO_AES)
1199 #if defined(HAVE_AES_CBC)
1200 case AES_128_CBC_TYPE:
1201 case AES_192_CBC_TYPE:
1202 case AES_256_CBC_TYPE:
1203 return WOLFSSL_EVP_CIPH_CBC_MODE;
1204 #endif
1205 #if defined(HAVE_AESGCM)
1206 case AES_128_GCM_TYPE:
1207 case AES_192_GCM_TYPE:
1208 case AES_256_GCM_TYPE:
1209 return WOLFSSL_EVP_CIPH_GCM_MODE &
1210 WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER;
1211 #endif
1212 #if defined(WOLFSSL_AES_COUNTER)
1213 case AES_128_CTR_TYPE:
1214 case AES_192_CTR_TYPE:
1215 case AES_256_CTR_TYPE:
1216 return WOLFSSL_EVP_CIPH_CTR_MODE;
1217 #endif
1218 #if defined(WOLFSSL_AES_CFB)
1219 case AES_128_CFB1_TYPE:
1220 case AES_192_CFB1_TYPE:
1221 case AES_256_CFB1_TYPE:
1222 case AES_128_CFB8_TYPE:
1223 case AES_192_CFB8_TYPE:
1224 case AES_256_CFB8_TYPE:
1225 case AES_128_CFB128_TYPE:
1226 case AES_192_CFB128_TYPE:
1227 case AES_256_CFB128_TYPE:
1228 return WOLFSSL_EVP_CIPH_CFB_MODE;
1229 #endif
1230 #if defined(WOLFSSL_AES_OFB)
1231 case AES_128_OFB_TYPE:
1232 case AES_192_OFB_TYPE:
1233 case AES_256_OFB_TYPE:
1234 return WOLFSSL_EVP_CIPH_OFB_MODE;
1235 #endif
1236 #if defined(WOLFSSL_AES_XTS)
1237 case AES_128_XTS_TYPE:
1238 case AES_256_XTS_TYPE:
1239 return WOLFSSL_EVP_CIPH_XTS_MODE;
1240 #endif
1241 case AES_128_ECB_TYPE:
1242 case AES_192_ECB_TYPE:
1243 case AES_256_ECB_TYPE:
1244 return WOLFSSL_EVP_CIPH_ECB_MODE;
1245#endif /* NO_AES */
1246 #ifndef NO_DES3
1247 case DES_CBC_TYPE:
1248 case DES_EDE3_CBC_TYPE:
1249 return WOLFSSL_EVP_CIPH_CBC_MODE;
1250 case DES_ECB_TYPE:
1251 case DES_EDE3_ECB_TYPE:
1252 return WOLFSSL_EVP_CIPH_ECB_MODE;
1253 #endif
1254 #ifndef NO_RC4
1255 case ARC4_TYPE:
1256 return EVP_CIPH_STREAM_CIPHER;
1257 #endif
1258 default:
1259 return 0;
1260 }
1261}
1262
1263unsigned long WOLFSSL_EVP_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher)
1264{
1265 if (cipher == NULL) return 0;
1266 return WOLFSSL_CIPHER_mode(cipher);
1267}
1268
1269void wolfSSL_EVP_CIPHER_CTX_set_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags)
1270{
1271 if (ctx != NULL) {
1272 ctx->flags |= flags;
1273 }
1274}
1275
1276void wolfSSL_EVP_CIPHER_CTX_clear_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags)
1277{
1278 if (ctx != NULL) {
1279 ctx->flags &= ~flags;
1280 }
1281}
1282
1283unsigned long wolfSSL_EVP_CIPHER_flags(const WOLFSSL_EVP_CIPHER *cipher)
1284{
1285 if (cipher == NULL) return 0;
1286 return WOLFSSL_CIPHER_mode(cipher);
1287}
1288
1289int wolfSSL_EVP_CIPHER_CTX_set_padding(WOLFSSL_EVP_CIPHER_CTX *ctx, int padding)
1290{
1291 if (ctx == NULL) return BAD_FUNC_ARG;
1292 if (padding) {
1293 ctx->flags &= ~WOLFSSL_EVP_CIPH_NO_PADDING;
1294 }
1295 else {
1296 ctx->flags |= WOLFSSL_EVP_CIPH_NO_PADDING;
1297 }
1298 return 1;
1299}
1300
1301int wolfSSL_EVP_add_digest(const WOLFSSL_EVP_MD *digest)
1302{
1303 (void)digest;
1304 /* nothing to do */
1305 return 0;
1306}
1307
1308
1309/* Frees the WOLFSSL_EVP_PKEY_CTX passed in.
1310 *
1311 * return WOLFSSL_SUCCESS on success
1312 */
1313int wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx)
1314{
1315 if (ctx == NULL) return 0;
1316 WOLFSSL_ENTER("EVP_PKEY_CTX_free");
1317 if (ctx->pkey != NULL)
1318 wolfSSL_EVP_PKEY_free(ctx->pkey);
1319 if (ctx->peerKey != NULL)
1320 wolfSSL_EVP_PKEY_free(ctx->peerKey);
1321 XFREE(ctx, NULL, DYNAMIC_TYPE_PUBLIC_KEY);
1322 return WOLFSSL_SUCCESS;
1323}
1324
1325
1326/* Creates a new WOLFSSL_EVP_PKEY_CTX structure.
1327 *
1328 * pkey key structure to use with new WOLFSSL_EVP_PEKY_CTX
1329 * e engine to use. It should be NULL at this time.
1330 *
1331 * return the new structure on success and NULL if failed.
1332 */
1333WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_ENGINE *e)
1334{
1335 WOLFSSL_EVP_PKEY_CTX* ctx;
1336
1337 if (pkey == NULL) return 0;
1338 if (e != NULL) return 0;
1339 WOLFSSL_ENTER("EVP_PKEY_CTX_new");
1340
1341 ctx = (WOLFSSL_EVP_PKEY_CTX*)XMALLOC(sizeof(WOLFSSL_EVP_PKEY_CTX), NULL,
1342 DYNAMIC_TYPE_PUBLIC_KEY);
1343 if (ctx == NULL) return NULL;
1344 XMEMSET(ctx, 0, sizeof(WOLFSSL_EVP_PKEY_CTX));
1345 ctx->pkey = pkey;
1346#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
1347 ctx->padding = RSA_PKCS1_PADDING;
1348#endif
1349 if (wolfSSL_EVP_PKEY_up_ref(pkey) != WOLFSSL_SUCCESS) {
1350 WOLFSSL_MSG("Couldn't increase key reference count");
1351 }
1352 return ctx;
1353}
1354
1355
1356/* Sets the type of RSA padding to use.
1357 *
1358 * ctx structure to set padding in.
1359 * padding RSA padding type
1360 *
1361 * returns WOLFSSL_SUCCESS on success.
1362 */
1363int wolfSSL_EVP_PKEY_CTX_set_rsa_padding(WOLFSSL_EVP_PKEY_CTX *ctx, int padding)
1364{
1365 if (ctx == NULL) return 0;
1366 WOLFSSL_ENTER("EVP_PKEY_CTX_set_rsa_padding");
1367 ctx->padding = padding;
1368 return WOLFSSL_SUCCESS;
1369}
1370
1371/* create a PKEY contxt and return it */
1372WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new_id(int id, WOLFSSL_ENGINE *e)
1373{
1374 WOLFSSL_EVP_PKEY* pkey;
1375 WOLFSSL_EVP_PKEY_CTX* ctx = NULL;
1376
1377 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_CTX_new_id");
1378
1379 pkey = wolfSSL_EVP_PKEY_new_ex(NULL);
1380 if (pkey) {
1381 pkey->type = id;
1382 ctx = wolfSSL_EVP_PKEY_CTX_new(pkey, e);
1383 /* wolfSSL_EVP_PKEY_CTX_new calls wolfSSL_EVP_PKEY_up_ref so we need
1384 * to always call wolfSSL_EVP_PKEY_free (either to free it if an
1385 * error occured in the previous function or to decrease the reference
1386 * count so that pkey is actually free'd when wolfSSL_EVP_PKEY_CTX_free
1387 * is called) */
1388 wolfSSL_EVP_PKEY_free(pkey);
1389 }
1390 return ctx;
1391}
1392
1393/* Returns WOLFSSL_SUCCESS or error */
1394int wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits(WOLFSSL_EVP_PKEY_CTX *ctx, int bits)
1395{
1396 if (ctx) {
1397 ctx->nbits = bits;
1398 }
1399 return WOLFSSL_SUCCESS;
1400}
1401
1402
1403int wolfSSL_EVP_PKEY_derive_init(WOLFSSL_EVP_PKEY_CTX *ctx)
1404{
1405 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_derive_init");
1406
1407 if (!ctx) {
1408 return WOLFSSL_FAILURE;
1409 }
1410 wolfSSL_EVP_PKEY_free(ctx->peerKey);
1411 ctx->op = EVP_PKEY_OP_DERIVE;
1412 ctx->padding = 0;
1413 ctx->nbits = 0;
1414 return WOLFSSL_SUCCESS;
1415}
1416
1417int wolfSSL_EVP_PKEY_derive_set_peer(WOLFSSL_EVP_PKEY_CTX *ctx, WOLFSSL_EVP_PKEY *peer)
1418{
1419 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_derive_set_peer");
1420
1421 if (!ctx || ctx->op != EVP_PKEY_OP_DERIVE) {
1422 return WOLFSSL_FAILURE;
1423 }
1424 wolfSSL_EVP_PKEY_free(ctx->peerKey);
1425 ctx->peerKey = peer;
1426 if (!wolfSSL_EVP_PKEY_up_ref(peer)) {
1427 ctx->peerKey = NULL;
1428 return WOLFSSL_FAILURE;
1429 }
1430 return WOLFSSL_SUCCESS;
1431}
1432
1433#ifndef NO_WOLFSSL_STUB
1434int wolfSSL_EVP_PKEY_CTX_ctrl_str(WOLFSSL_EVP_PKEY_CTX *ctx,
1435 const char *name, const char *value)
1436{
1437 WOLFSSL_STUB("wolfSSL_EVP_PKEY_CTX_ctrl_str");
1438 (void)ctx;
1439 (void)name;
1440 (void)value;
1441 return WOLFSSL_FAILURE;
1442}
1443#endif /* NO_WOLFSSL_STUB */
1444
1445#if !defined(NO_DH) && defined(HAVE_ECC)
1446#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION!=2))
1447int wolfSSL_EVP_PKEY_derive(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
1448{
1449 int len;
1450
1451 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_derive");
1452
1453 if (!ctx || ctx->op != EVP_PKEY_OP_DERIVE || !ctx->pkey || !ctx->peerKey || !keylen
1454 || ctx->pkey->type != ctx->peerKey->type) {
1455 return WOLFSSL_FAILURE;
1456 }
1457 switch (ctx->pkey->type) {
1458#ifndef NO_DH
1459 case EVP_PKEY_DH:
1460 /* Use DH */
1461 if (!ctx->pkey->dh || !ctx->peerKey->dh || !ctx->peerKey->dh->pub_key) {
1462 return WOLFSSL_FAILURE;
1463 }
1464 if ((len = wolfSSL_DH_size(ctx->pkey->dh)) <= 0) {
1465 return WOLFSSL_FAILURE;
1466 }
1467 if (key) {
1468 if (*keylen < (size_t)len) {
1469 return WOLFSSL_FAILURE;
1470 }
1471 /* computed DH agreement can be less than DH size if leading zeros */
1472 if (wolfSSL_DH_compute_key(key, ctx->peerKey->dh->pub_key,
1473 ctx->pkey->dh) <= 0) {
1474 return WOLFSSL_FAILURE;
1475 }
1476 }
1477 *keylen = (size_t)len;
1478 break;
1479#endif
1480#ifdef HAVE_ECC
1481 case EVP_PKEY_EC:
1482 /* Use ECDH */
1483 if (!ctx->pkey->ecc || !ctx->peerKey->ecc) {
1484 return WOLFSSL_FAILURE;
1485 }
1486 /* set internal key if not done */
1487 if (!ctx->pkey->ecc->inSet) {
1488 if (SetECKeyInternal(ctx->pkey->ecc) != WOLFSSL_SUCCESS) {
1489 WOLFSSL_MSG("SetECKeyInternal failed");
1490 return WOLFSSL_FAILURE;
1491 }
1492 }
1493 if (!ctx->peerKey->ecc->exSet || !ctx->peerKey->ecc->pub_key->internal) {
1494 if (SetECKeyExternal(ctx->peerKey->ecc) != WOLFSSL_SUCCESS) {
1495 WOLFSSL_MSG("SetECKeyExternal failed");
1496 return WOLFSSL_FAILURE;
1497 }
1498 }
1499 if (!(len = wc_ecc_size((ecc_key*)ctx->pkey->ecc->internal))) {
1500 return WOLFSSL_FAILURE;
1501 }
1502 if (key) {
1503 word32 len32 = (word32)len;
1504#if defined(ECC_TIMING_RESISTANT) && !defined(HAVE_SELFTEST) \
1505 && (!defined(HAVE_FIPS) || \
1506 (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2))
1507
1508 WC_RNG rng;
1509 if (wc_InitRng(&rng) != MP_OKAY) {
1510 WOLFSSL_MSG("Init RNG failed");
1511 return WOLFSSL_FAILURE;
1512 }
1513 ((ecc_key*)ctx->pkey->ecc->internal)->rng = &rng;
1514#endif
1515 if (*keylen < len32) {
1516 WOLFSSL_MSG("buffer too short");
1517#if defined(ECC_TIMING_RESISTANT) && !defined(HAVE_SELFTEST) \
1518 && (!defined(HAVE_FIPS) || \
1519 (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2))
1520 ((ecc_key*)ctx->pkey->ecc->internal)->rng = NULL;
1521 wc_FreeRng(&rng);
1522#endif
1523 return WOLFSSL_FAILURE;
1524 }
1525 if (wc_ecc_shared_secret_ssh((ecc_key*)ctx->pkey->ecc->internal,
1526 (ecc_point*)ctx->peerKey->ecc->pub_key->internal,
1527 key, &len32) != MP_OKAY) {
1528 WOLFSSL_MSG("wc_ecc_shared_secret failed");
1529#if defined(ECC_TIMING_RESISTANT) && !defined(HAVE_SELFTEST) \
1530 && (!defined(HAVE_FIPS) || \
1531 (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2))
1532 ((ecc_key*)ctx->pkey->ecc->internal)->rng = NULL;
1533 wc_FreeRng(&rng);
1534#endif
1535 return WOLFSSL_FAILURE;
1536 }
1537#if defined(ECC_TIMING_RESISTANT) && !defined(HAVE_SELFTEST) \
1538 && (!defined(HAVE_FIPS) || \
1539 (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2))
1540 ((ecc_key*)ctx->pkey->ecc->internal)->rng = NULL;
1541 wc_FreeRng(&rng);
1542#endif
1543 len = (int)len32;
1544 }
1545 *keylen = (size_t)len;
1546 break;
1547#endif
1548 default:
1549 WOLFSSL_MSG("Unknown key type");
1550 return WOLFSSL_FAILURE;
1551 }
1552 return WOLFSSL_SUCCESS;
1553}
1554#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
1555#endif /* !NO_DH || HAVE_ECC */
1556
1557/* Uses the WOLFSSL_EVP_PKEY_CTX to decrypt a buffer.
1558 *
1559 * ctx structure to decrypt with
1560 * out buffer to hold the results
1561 * outlen initially holds size of out buffer and gets set to decrypt result size
1562 * in buffer decrypt
1563 * inlen length of in buffer
1564 *
1565 * returns WOLFSSL_SUCCESS on success.
1566 */
1567int wolfSSL_EVP_PKEY_decrypt(WOLFSSL_EVP_PKEY_CTX *ctx,
1568 unsigned char *out, size_t *outlen,
1569 const unsigned char *in, size_t inlen)
1570{
1571 int len = 0;
1572
1573 if (ctx == NULL) return 0;
1574 WOLFSSL_ENTER("EVP_PKEY_decrypt");
1575
1576 (void)out;
1577 (void)outlen;
1578 (void)in;
1579 (void)inlen;
1580 (void)len;
1581
1582 switch (ctx->pkey->type) {
1583#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
1584 case EVP_PKEY_RSA:
1585 len = wolfSSL_RSA_private_decrypt((int)inlen, (unsigned char*)in, out,
1586 ctx->pkey->rsa, ctx->padding);
1587 if (len < 0) break;
1588 else {
1589 *outlen = len;
1590 return WOLFSSL_SUCCESS;
1591 }
1592#endif /* NO_RSA */
1593
1594 case EVP_PKEY_EC:
1595 WOLFSSL_MSG("not implemented");
1596 FALL_THROUGH;
1597 default:
1598 break;
1599 }
1600 return WOLFSSL_FAILURE;
1601}
1602
1603
1604/* Initialize a WOLFSSL_EVP_PKEY_CTX structure for decryption
1605 *
1606 * ctx WOLFSSL_EVP_PKEY_CTX structure to use with decryption
1607 *
1608 * Returns WOLFSSL_FAILURE on failure and WOLFSSL_SUCCESS on success
1609 */
1610int wolfSSL_EVP_PKEY_decrypt_init(WOLFSSL_EVP_PKEY_CTX *ctx)
1611{
1612 if (ctx == NULL) return WOLFSSL_FAILURE;
1613 WOLFSSL_ENTER("EVP_PKEY_decrypt_init");
1614 switch (ctx->pkey->type) {
1615 case EVP_PKEY_RSA:
1616 ctx->op = EVP_PKEY_OP_DECRYPT;
1617 return WOLFSSL_SUCCESS;
1618 case EVP_PKEY_EC:
1619 WOLFSSL_MSG("not implemented");
1620 FALL_THROUGH;
1621 default:
1622 break;
1623 }
1624 return WOLFSSL_FAILURE;
1625}
1626
1627
1628/* Use a WOLFSSL_EVP_PKEY_CTX structure to encrypt data
1629 *
1630 * ctx WOLFSSL_EVP_PKEY_CTX structure to use with encryption
1631 * out buffer to hold encrypted data
1632 * outlen length of out buffer
1633 * in data to be encrypted
1634 * inlen length of in buffer
1635 *
1636 * Returns WOLFSSL_FAILURE on failure and WOLFSSL_SUCCESS on success
1637 */
1638int wolfSSL_EVP_PKEY_encrypt(WOLFSSL_EVP_PKEY_CTX *ctx,
1639 unsigned char *out, size_t *outlen,
1640 const unsigned char *in, size_t inlen)
1641{
1642 int len = 0;
1643 if (ctx == NULL) return WOLFSSL_FAILURE;
1644 WOLFSSL_ENTER("EVP_PKEY_encrypt");
1645 if (ctx->op != EVP_PKEY_OP_ENCRYPT) return WOLFSSL_FAILURE;
1646
1647 (void)out;
1648 (void)outlen;
1649 (void)in;
1650 (void)inlen;
1651 (void)len;
1652 switch (ctx->pkey->type) {
1653#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
1654 case EVP_PKEY_RSA:
1655 len = wolfSSL_RSA_public_encrypt((int)inlen, (unsigned char *)in, out,
1656 ctx->pkey->rsa, ctx->padding);
1657 if (len < 0)
1658 break;
1659 else {
1660 *outlen = len;
1661 return WOLFSSL_SUCCESS;
1662 }
1663#endif /* NO_RSA */
1664
1665 case EVP_PKEY_EC:
1666 WOLFSSL_MSG("not implemented");
1667 FALL_THROUGH;
1668 default:
1669 break;
1670 }
1671 return WOLFSSL_FAILURE;
1672}
1673
1674
1675/* Initialize a WOLFSSL_EVP_PKEY_CTX structure to encrypt data
1676 *
1677 * ctx WOLFSSL_EVP_PKEY_CTX structure to use with encryption
1678 *
1679 * Returns WOLFSSL_FAILURE on failure and WOLFSSL_SUCCESS on success
1680 */
1681int wolfSSL_EVP_PKEY_encrypt_init(WOLFSSL_EVP_PKEY_CTX *ctx)
1682{
1683 if (ctx == NULL) return WOLFSSL_FAILURE;
1684 WOLFSSL_ENTER("EVP_PKEY_encrypt_init");
1685
1686 switch (ctx->pkey->type) {
1687 case EVP_PKEY_RSA:
1688 ctx->op = EVP_PKEY_OP_ENCRYPT;
1689 return WOLFSSL_SUCCESS;
1690 case EVP_PKEY_EC:
1691 WOLFSSL_MSG("not implemented");
1692 FALL_THROUGH;
1693 default:
1694 break;
1695 }
1696 return WOLFSSL_FAILURE;
1697}
1698/******************************************************************************
1699* wolfSSL_EVP_PKEY_sign_init - initializes a public key algorithm context for
1700* a signing operation.
1701*
1702* RETURNS:
1703* returns WOLFSSL_SUCCESS on success, otherwise returns -2
1704*/
1705WOLFSSL_API int wolfSSL_EVP_PKEY_sign_init(WOLFSSL_EVP_PKEY_CTX *ctx)
1706{
1707 int ret = -2;
1708
1709 WOLFSSL_MSG("wolfSSL_EVP_PKEY_sign_init");
1710 if (!ctx || !ctx->pkey)
1711 return ret;
1712
1713 switch (ctx->pkey->type) {
1714 case EVP_PKEY_RSA:
1715 ctx->op = EVP_PKEY_OP_SIGN;
1716 ret = WOLFSSL_SUCCESS;
1717 break;
1718 case EVP_PKEY_EC:
1719 WOLFSSL_MSG("not implemented");
1720 FALL_THROUGH;
1721 default:
1722 ret = -2;
1723 }
1724 return ret;
1725}
1726/******************************************************************************
1727* wolfSSL_EVP_PKEY_sign - performs a public key signing operation using ctx
1728* The data to be signed should be hashed since the function does not hash the data.
1729*
1730* RETURNS:
1731* returns WOLFSSL_SUCCESS on success, otherwise returns WOLFSSL_FAILURE
1732*/
1733
1734WOLFSSL_API int wolfSSL_EVP_PKEY_sign(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *sig,
1735 size_t *siglen, const unsigned char *tbs, size_t tbslen)
1736{
1737 int len = 0;
1738
1739 WOLFSSL_MSG("wolfSSL_EVP_PKEY_sign");
1740
1741 if (!ctx || ctx->op != EVP_PKEY_OP_SIGN || !ctx->pkey)
1742 return WOLFSSL_FAILURE;
1743
1744 (void)sig;
1745 (void)siglen;
1746 (void)tbs;
1747 (void)tbslen;
1748 (void)len;
1749
1750 switch (ctx->pkey->type) {
1751#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
1752 case EVP_PKEY_RSA:
1753 len = wolfSSL_RSA_private_encrypt((int)tbslen, (unsigned char*)tbs, sig,
1754 ctx->pkey->rsa, ctx->padding);
1755 if (len < 0)
1756 break;
1757 else {
1758 *siglen = len;
1759 return WOLFSSL_SUCCESS;
1760 }
1761#endif /* NO_RSA */
1762
1763 case EVP_PKEY_EC:
1764 WOLFSSL_MSG("not implemented");
1765 FALL_THROUGH;
1766 default:
1767 break;
1768 }
1769 return WOLFSSL_FAILURE;
1770}
1771
1772/* Get the size in bits for WOLFSSL_EVP_PKEY key
1773 *
1774 * pkey WOLFSSL_EVP_PKEY structure to get key size of
1775 *
1776 * returns the size in bits of key on success
1777 */
1778int wolfSSL_EVP_PKEY_bits(const WOLFSSL_EVP_PKEY *pkey)
1779{
1780 int bytes;
1781
1782 if (pkey == NULL) return 0;
1783 WOLFSSL_ENTER("EVP_PKEY_bits");
1784 if ((bytes = wolfSSL_EVP_PKEY_size((WOLFSSL_EVP_PKEY*)pkey)) ==0) return 0;
1785 return bytes*8;
1786}
1787
1788
1789int wolfSSL_EVP_PKEY_keygen_init(WOLFSSL_EVP_PKEY_CTX *ctx)
1790{
1791 (void)ctx;
1792 return WOLFSSL_SUCCESS;
1793}
1794
1795int wolfSSL_EVP_PKEY_keygen(WOLFSSL_EVP_PKEY_CTX *ctx,
1796 WOLFSSL_EVP_PKEY **ppkey)
1797{
1798 int ret = WOLFSSL_FAILURE;
1799 int ownPkey = 0;
1800 WOLFSSL_EVP_PKEY* pkey;
1801
1802 if (ctx == NULL || ppkey == NULL) {
1803 return BAD_FUNC_ARG;
1804 }
1805
1806 pkey = *ppkey;
1807 if (pkey == NULL) {
1808 ownPkey = 1;
1809 pkey = wolfSSL_EVP_PKEY_new();
1810
1811 if (pkey == NULL)
1812 return ret;
1813 }
1814
1815 switch (pkey->type) {
1816#if !defined(HAVE_FAST_RSA) && defined(WOLFSSL_KEY_GEN) && \
1817 !defined(NO_RSA) && !defined(HAVE_USER_RSA)
1818 case EVP_PKEY_RSA:
1819 pkey->rsa = wolfSSL_RSA_generate_key(ctx->nbits, WC_RSA_EXPONENT,
1820 NULL, NULL);
1821 if (pkey->rsa) {
1822 pkey->ownRsa = 1;
1823 pkey->pkey_sz = wolfSSL_i2d_RSAPrivateKey(pkey->rsa,
1824 (unsigned char**)&pkey->pkey.ptr);
1825 ret = WOLFSSL_SUCCESS;
1826 }
1827 break;
1828#endif
1829#ifdef HAVE_ECC
1830 case EVP_PKEY_EC:
1831 pkey->ecc = wolfSSL_EC_KEY_new();
1832 if (pkey->ecc) {
1833 ret = wolfSSL_EC_KEY_generate_key(pkey->ecc);
1834 if (ret == WOLFSSL_SUCCESS) {
1835 pkey->ownEcc = 1;
1836 }
1837 }
1838#endif
1839 default:
1840 break;
1841 }
1842
1843 if (ret != WOLFSSL_SUCCESS && ownPkey) {
1844 wolfSSL_EVP_PKEY_free(pkey);
1845 pkey = NULL;
1846 }
1847
1848 *ppkey = pkey;
1849
1850 return ret;
1851}
1852
1853/* Get the size in bytes for WOLFSSL_EVP_PKEY key
1854 *
1855 * pkey WOLFSSL_EVP_PKEY structure to get key size of
1856 *
1857 * returns the size of a key on success which is the maximum size of a
1858 * signature
1859 */
1860int wolfSSL_EVP_PKEY_size(WOLFSSL_EVP_PKEY *pkey)
1861{
1862 if (pkey == NULL) return 0;
1863 WOLFSSL_ENTER("EVP_PKEY_size");
1864
1865 switch (pkey->type) {
1866#ifndef NO_RSA
1867 case EVP_PKEY_RSA:
1868 return (int)wolfSSL_RSA_size((const WOLFSSL_RSA*)(pkey->rsa));
1869#endif /* !NO_RSA */
1870
1871#ifdef HAVE_ECC
1872 case EVP_PKEY_EC:
1873 if (pkey->ecc == NULL || pkey->ecc->internal == NULL) {
1874 WOLFSSL_MSG("No ECC key has been set");
1875 break;
1876 }
1877 return wc_ecc_size((ecc_key*)(pkey->ecc->internal));
1878#endif /* HAVE_ECC */
1879
1880 default:
1881 break;
1882 }
1883 return 0;
1884}
1885
1886
1887int wolfSSL_EVP_PKEY_copy_parameters(WOLFSSL_EVP_PKEY *to,
1888 const WOLFSSL_EVP_PKEY *from)
1889{
1890 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_copy_parameters");
1891
1892 if (!to || !from) {
1893 WOLFSSL_MSG("Bad parameter");
1894 return WOLFSSL_FAILURE;
1895 }
1896
1897 if (to->type == EVP_PKEY_NONE) {
1898 to->type = from->type;
1899 }
1900 else if (to->type != from->type) {
1901 WOLFSSL_MSG("Different key types");
1902 return WOLFSSL_FAILURE;
1903 }
1904
1905 switch(from->type) {
1906#ifdef HAVE_ECC
1907 case EVP_PKEY_EC:
1908 if (from->ecc) {
1909 if (!to->ecc && !(to->ecc = wolfSSL_EC_KEY_new())) {
1910 WOLFSSL_MSG("wolfSSL_EC_KEY_new error");
1911 return WOLFSSL_FAILURE;
1912 }
1913 to->ownEcc = 1;
1914 to->ecc->group->curve_idx = from->ecc->group->curve_idx;
1915 to->ecc->group->curve_nid = from->ecc->group->curve_nid;
1916 to->ecc->group->curve_oid = from->ecc->group->curve_oid;
1917 }
1918 else {
1919 WOLFSSL_MSG("Missing ECC struct");
1920 return WOLFSSL_FAILURE;
1921 }
1922 break;
1923#endif
1924#ifndef NO_DSA
1925 case EVP_PKEY_DSA:
1926 if (from->dsa) {
1927 WOLFSSL_BIGNUM* cpy;
1928 if (!to->dsa && !(to->dsa = wolfSSL_DSA_new())) {
1929 WOLFSSL_MSG("wolfSSL_DSA_new error");
1930 return WOLFSSL_FAILURE;
1931 }
1932 if (!(cpy = wolfSSL_BN_dup(from->dsa->p))) {
1933 WOLFSSL_MSG("wolfSSL_BN_dup error");
1934 return WOLFSSL_FAILURE;
1935 }
1936 to->dsa->p = cpy;
1937 if (!(cpy = wolfSSL_BN_dup(from->dsa->q))) {
1938 WOLFSSL_MSG("wolfSSL_BN_dup error");
1939 return WOLFSSL_FAILURE;
1940 }
1941 to->dsa->q = cpy;
1942 if (!(cpy = wolfSSL_BN_dup(from->dsa->g))) {
1943 WOLFSSL_MSG("wolfSSL_BN_dup error");
1944 return WOLFSSL_FAILURE;
1945 }
1946 to->dsa->g = cpy;
1947 }
1948 else {
1949 WOLFSSL_MSG("Missing DSA struct");
1950 return WOLFSSL_FAILURE;
1951 }
1952 break;
1953#endif
1954#ifndef NO_RSA
1955 case EVP_PKEY_RSA:
1956#endif
1957#ifndef NO_DH
1958 case EVP_PKEY_DH:
1959#endif
1960 default:
1961 WOLFSSL_MSG("Copy parameters not available for this key type");
1962 return WOLFSSL_FAILURE;
1963 }
1964#if defined(HAVE_ECC) || !defined(NO_DSA)
1965 return WOLFSSL_SUCCESS;
1966#endif
1967}
1968
1969#ifndef NO_WOLFSSL_STUB
1970WOLFSSL_API int wolfSSL_EVP_PKEY_missing_parameters(WOLFSSL_EVP_PKEY *pkey)
1971{
1972 (void)pkey;
1973 /* not using missing params callback and returning zero to indicate success */
1974 return 0;
1975}
1976#endif
1977
1978WOLFSSL_API int wolfSSL_EVP_PKEY_cmp(const WOLFSSL_EVP_PKEY *a, const WOLFSSL_EVP_PKEY *b)
1979{
1980 int ret = -1; /* failure */
1981 int a_sz = 0, b_sz = 0;
1982
1983 if (a == NULL || b == NULL)
1984 return ret;
1985
1986 /* check its the same type of key */
1987 if (a->type != b->type)
1988 return ret;
1989
1990 /* get size based on key type */
1991 switch (a->type) {
1992#ifndef NO_RSA
1993 case EVP_PKEY_RSA:
1994 a_sz = (int)wolfSSL_RSA_size((const WOLFSSL_RSA*)(a->rsa));
1995 b_sz = (int)wolfSSL_RSA_size((const WOLFSSL_RSA*)(b->rsa));
1996 break;
1997#endif /* !NO_RSA */
1998#ifdef HAVE_ECC
1999 case EVP_PKEY_EC:
2000 if (a->ecc == NULL || a->ecc->internal == NULL ||
2001 b->ecc == NULL || b->ecc->internal == NULL) {
2002 return ret;
2003 }
2004 a_sz = wc_ecc_size((ecc_key*)(a->ecc->internal));
2005 b_sz = wc_ecc_size((ecc_key*)(b->ecc->internal));
2006 break;
2007#endif /* HAVE_ECC */
2008 default:
2009 return ret;
2010 } /* switch (a->type) */
2011
2012 /* check size */
2013 if (a_sz <= 0 || b_sz <= 0 || a_sz != b_sz) {
2014 return ret;
2015 }
2016
2017 /* check public key size */
2018 if (a->pkey_sz > 0 && b->pkey_sz > 0 && a->pkey_sz != b->pkey_sz) {
2019 return ret;
2020 }
2021
2022 /* check public key */
2023 if (a->pkey.ptr && b->pkey.ptr) {
2024 if (XMEMCMP(a->pkey.ptr, b->pkey.ptr, a->pkey_sz) != 0) {
2025 return ret;
2026 }
2027 }
2028 ret = 0; /* success */
2029
2030 return ret;
2031}
2032
2033/* Initialize structure for signing
2034 *
2035 * ctx WOLFSSL_EVP_MD_CTX structure to initialize
2036 * type is the type of message digest to use
2037 *
2038 * returns WOLFSSL_SUCCESS on success
2039 */
2040int wolfSSL_EVP_SignInit(WOLFSSL_EVP_MD_CTX *ctx, const WOLFSSL_EVP_MD *type)
2041{
2042 if (ctx == NULL) return WOLFSSL_FAILURE;
2043 WOLFSSL_ENTER("EVP_SignInit");
2044 return wolfSSL_EVP_DigestInit(ctx,type);
2045}
2046
2047WOLFSSL_API int wolfSSL_EVP_SignInit_ex(WOLFSSL_EVP_MD_CTX* ctx,
2048 const WOLFSSL_EVP_MD* type,
2049 WOLFSSL_ENGINE *impl)
2050{
2051 if (ctx == NULL) return WOLFSSL_FAILURE;
2052 WOLFSSL_ENTER("EVP_SignInit");
2053 return wolfSSL_EVP_DigestInit_ex(ctx,type,impl);
2054}
2055
2056
2057/* Update structure with data for signing
2058 *
2059 * ctx WOLFSSL_EVP_MD_CTX structure to update
2060 * data buffer holding data to update with for sign
2061 * len length of data buffer
2062 *
2063 * returns WOLFSSL_SUCCESS on success
2064 */
2065int wolfSSL_EVP_SignUpdate(WOLFSSL_EVP_MD_CTX *ctx, const void *data, size_t len)
2066{
2067 if (ctx == NULL) return 0;
2068 WOLFSSL_ENTER("EVP_SignUpdate(");
2069 return wolfSSL_EVP_DigestUpdate(ctx, data, len);
2070}
2071
2072static const struct s_ent {
2073 const enum wc_HashType macType;
2074 const int nid;
2075 const char *name;
2076} md_tbl[] = {
2077#ifndef NO_MD4
2078 {WC_HASH_TYPE_MD4, NID_md4, "MD4"},
2079#endif /* NO_MD4 */
2080
2081#ifndef NO_MD5
2082 {WC_HASH_TYPE_MD5, NID_md5, "MD5"},
2083#endif /* NO_MD5 */
2084
2085#ifndef NO_SHA
2086 {WC_HASH_TYPE_SHA, NID_sha1, "SHA1"},
2087 {WC_HASH_TYPE_SHA, NID_sha1, "SHA"}, /* Leave for backwards compatibility */
2088#endif /* NO_SHA */
2089
2090#ifdef WOLFSSL_SHA224
2091 {WC_HASH_TYPE_SHA224, NID_sha224, "SHA224"},
2092#endif /* WOLFSSL_SHA224 */
2093#ifndef NO_SHA256
2094 {WC_HASH_TYPE_SHA256, NID_sha256, "SHA256"},
2095#endif
2096
2097#ifdef WOLFSSL_SHA384
2098 {WC_HASH_TYPE_SHA384, NID_sha384, "SHA384"},
2099#endif /* WOLFSSL_SHA384 */
2100#ifdef WOLFSSL_SHA512
2101 {WC_HASH_TYPE_SHA512, NID_sha512, "SHA512"},
2102#endif /* WOLFSSL_SHA512 */
2103#ifndef WOLFSSL_NOSHA3_224
2104 {WC_HASH_TYPE_SHA3_224, NID_sha3_224, "SHA3_224"},
2105#endif
2106#ifndef WOLFSSL_NOSHA3_256
2107 {WC_HASH_TYPE_SHA3_256, NID_sha3_256, "SHA3_256"},
2108#endif
2109#ifndef WOLFSSL_NOSHA3_384
2110 {WC_HASH_TYPE_SHA3_384, NID_sha3_384, "SHA3_384"},
2111#endif
2112#ifndef WOLFSSL_NOSHA3_512
2113 {WC_HASH_TYPE_SHA3_512, NID_sha3_512, "SHA3_512"},
2114#endif
2115 {WC_HASH_TYPE_NONE, 0, NULL}
2116};
2117
2118static enum wc_HashType wolfSSL_EVP_md2macType(const WOLFSSL_EVP_MD *md)
2119{
2120 const struct s_ent *ent ;
2121
2122 if (md != NULL) {
2123 for( ent = md_tbl; ent->name != NULL; ent++) {
2124 if(XSTRNCMP((const char *)md, ent->name, XSTRLEN(ent->name)+1) == 0) {
2125 return ent->macType;
2126 }
2127 }
2128 }
2129 return WC_HASH_TYPE_NONE;
2130}
2131
2132/* Finalize structure for signing
2133 *
2134 * ctx WOLFSSL_EVP_MD_CTX structure to finalize
2135 * sigret buffer to hold resulting signature
2136 * siglen length of sigret buffer
2137 * pkey key to sign with
2138 *
2139 * returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure
2140 */
2141int wolfSSL_EVP_SignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sigret,
2142 unsigned int *siglen, WOLFSSL_EVP_PKEY *pkey)
2143{
2144 unsigned int mdsize;
2145 unsigned char md[WC_MAX_DIGEST_SIZE];
2146 int ret;
2147 if (ctx == NULL) return WOLFSSL_FAILURE;
2148 WOLFSSL_ENTER("EVP_SignFinal");
2149
2150 ret = wolfSSL_EVP_DigestFinal(ctx, md, &mdsize);
2151 if (ret <= 0) return ret;
2152
2153 (void)sigret;
2154 (void)siglen;
2155
2156 switch (pkey->type) {
2157#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
2158 case EVP_PKEY_RSA: {
2159 int nid = wolfSSL_EVP_MD_type(wolfSSL_EVP_MD_CTX_md(ctx));
2160 if (nid < 0) break;
2161 return wolfSSL_RSA_sign(nid, md, mdsize, sigret,
2162 siglen, pkey->rsa);
2163 }
2164#endif /* NO_RSA */
2165
2166 case EVP_PKEY_DSA:
2167 case EVP_PKEY_EC:
2168 WOLFSSL_MSG("not implemented");
2169 FALL_THROUGH;
2170 default:
2171 break;
2172 }
2173 return WOLFSSL_FAILURE;
2174}
2175
2176
2177/* Initialize structure for verifying signature
2178 *
2179 * ctx WOLFSSL_EVP_MD_CTX structure to initialize
2180 * type is the type of message digest to use
2181 *
2182 * returns WOLFSSL_SUCCESS on success
2183 */
2184int wolfSSL_EVP_VerifyInit(WOLFSSL_EVP_MD_CTX *ctx, const WOLFSSL_EVP_MD *type)
2185{
2186 if (ctx == NULL) return WOLFSSL_FAILURE;
2187 WOLFSSL_ENTER("EVP_VerifyInit");
2188 return wolfSSL_EVP_DigestInit(ctx,type);
2189}
2190
2191
2192/* Update structure for verifying signature
2193 *
2194 * ctx WOLFSSL_EVP_MD_CTX structure to update
2195 * data buffer holding data to update with for verify
2196 * len length of data buffer
2197 *
2198 * returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure
2199 */
2200int wolfSSL_EVP_VerifyUpdate(WOLFSSL_EVP_MD_CTX *ctx, const void *data, size_t len)
2201{
2202 if (ctx == NULL) return WOLFSSL_FAILURE;
2203 WOLFSSL_ENTER("EVP_VerifyUpdate");
2204 return wolfSSL_EVP_DigestUpdate(ctx, data, len);
2205}
2206
2207
2208/* Finalize structure for verifying signature
2209 *
2210 * ctx WOLFSSL_EVP_MD_CTX structure to finalize
2211 * sig buffer holding signature
2212 * siglen length of sig buffer
2213 * pkey key to verify with
2214 *
2215 * returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure
2216 */
2217int wolfSSL_EVP_VerifyFinal(WOLFSSL_EVP_MD_CTX *ctx,
2218 unsigned char*sig, unsigned int siglen, WOLFSSL_EVP_PKEY *pkey)
2219{
2220 int ret;
2221 unsigned char md[WC_MAX_DIGEST_SIZE];
2222 unsigned int mdsize;
2223
2224 if (ctx == NULL) return WOLFSSL_FAILURE;
2225 WOLFSSL_ENTER("EVP_VerifyFinal");
2226 ret = wolfSSL_EVP_DigestFinal(ctx, md, &mdsize);
2227 if (ret <= 0) return ret;
2228
2229 (void)sig;
2230 (void)siglen;
2231
2232 switch (pkey->type) {
2233#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
2234 case EVP_PKEY_RSA: {
2235 int nid = wolfSSL_EVP_MD_type(wolfSSL_EVP_MD_CTX_md(ctx));
2236 if (nid < 0) break;
2237 return wolfSSL_RSA_verify(nid, md, mdsize, sig,
2238 (unsigned int)siglen, pkey->rsa);
2239 }
2240#endif /* NO_RSA */
2241
2242 case EVP_PKEY_DSA:
2243 case EVP_PKEY_EC:
2244 WOLFSSL_MSG("not implemented");
2245 FALL_THROUGH;
2246 default:
2247 break;
2248 }
2249 return WOLFSSL_FAILURE;
2250}
2251
2252int wolfSSL_EVP_add_cipher(const WOLFSSL_EVP_CIPHER *cipher)
2253{
2254 (void)cipher;
2255 /* nothing to do */
2256 return 0;
2257}
2258
2259
2260WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_mac_key(int type, ENGINE* e,
2261 const unsigned char* key, int keylen)
2262{
2263 WOLFSSL_EVP_PKEY* pkey;
2264
2265 (void)e;
2266
2267 if (type != EVP_PKEY_HMAC || (key == NULL && keylen != 0))
2268 return NULL;
2269
2270 pkey = wolfSSL_EVP_PKEY_new();
2271 if (pkey != NULL) {
2272 pkey->pkey.ptr = (char*)XMALLOC(keylen, NULL, DYNAMIC_TYPE_PUBLIC_KEY);
2273 if (pkey->pkey.ptr == NULL && keylen > 0) {
2274 wolfSSL_EVP_PKEY_free(pkey);
2275 pkey = NULL;
2276 }
2277 else {
2278 XMEMCPY(pkey->pkey.ptr, key, keylen);
2279 pkey->pkey_sz = keylen;
2280 pkey->type = pkey->save_type = type;
2281 }
2282 }
2283
2284 return pkey;
2285}
2286
2287
2288const unsigned char* wolfSSL_EVP_PKEY_get0_hmac(const WOLFSSL_EVP_PKEY* pkey,
2289 size_t* len)
2290{
2291 if (pkey == NULL || len == NULL)
2292 return NULL;
2293
2294 *len = (size_t)pkey->pkey_sz;
2295
2296 return (const unsigned char*)pkey->pkey.ptr;
2297}
2298
2299/* Initialize an EVP_DigestSign/Verify operation.
2300 * Initialize a digest for RSA and ECC keys, or HMAC for HMAC key.
2301 */
2302static int wolfSSL_evp_digest_pk_init(WOLFSSL_EVP_MD_CTX *ctx,
2303 WOLFSSL_EVP_PKEY_CTX **pctx,
2304 const WOLFSSL_EVP_MD *type,
2305 WOLFSSL_ENGINE *e,
2306 WOLFSSL_EVP_PKEY *pkey)
2307{
2308 if (!type) {
2309 int default_digest;
2310 if (wolfSSL_EVP_PKEY_get_default_digest_nid(pkey, &default_digest)
2311 != WOLFSSL_SUCCESS) {
2312 WOLFSSL_MSG("Could not get default digest");
2313 return WOLFSSL_FAILURE;
2314 }
2315 type = wolfSSL_EVP_get_digestbynid(default_digest);
2316 if (!type) {
2317 return BAD_FUNC_ARG;
2318 }
2319 }
2320
2321 if (pkey->type == EVP_PKEY_HMAC) {
2322 int hashType;
2323 const unsigned char* key;
2324
2325 if (XSTRNCMP(type, "SHA256", 6) == 0) {
2326 hashType = WC_SHA256;
2327 }
2328 #ifdef WOLFSSL_SHA224
2329 else if (XSTRNCMP(type, "SHA224", 6) == 0) {
2330 hashType = WC_SHA224;
2331 }
2332 #endif
2333 #ifdef WOLFSSL_SHA384
2334 else if (XSTRNCMP(type, "SHA384", 6) == 0) {
2335 hashType = WC_SHA384;
2336 }
2337 #endif
2338 #ifdef WOLFSSL_SHA512
2339 else if (XSTRNCMP(type, "SHA512", 6) == 0) {
2340 hashType = WC_SHA512;
2341 }
2342 #endif
2343#ifdef WOLFSSL_SHA3
2344 #ifndef WOLFSSL_NOSHA3_224
2345 else if (XSTRNCMP(type, "SHA3_224", 8) == 0) {
2346 hashType = WC_SHA3_224;
2347 }
2348 #endif
2349 #ifndef WOLFSSL_NOSHA3_256
2350 else if (XSTRNCMP(type, "SHA3_256", 8) == 0) {
2351 hashType = WC_SHA3_256;
2352 }
2353 #endif
2354 else if (XSTRNCMP(type, "SHA3_384", 8) == 0) {
2355 hashType = WC_SHA3_384;
2356 }
2357 #ifndef WOLFSSL_NOSHA3_512
2358 else if (XSTRNCMP(type, "SHA3_512", 8) == 0) {
2359 hashType = WC_SHA3_512;
2360 }
2361 #endif
2362#endif
2363 #ifndef NO_MD5
2364 else if (XSTRNCMP(type, "MD5", 3) == 0) {
2365 hashType = WC_MD5;
2366 }
2367 #endif
2368 #ifndef NO_SHA
2369 /* has to be last since would pick or 224, 256, 384, or 512 too */
2370 else if (XSTRNCMP(type, "SHA", 3) == 0) {
2371 hashType = WC_SHA;
2372 }
2373 #endif /* NO_SHA */
2374 else
2375 return BAD_FUNC_ARG;
2376
2377 {
2378 size_t keySz = 0;
2379
2380 key = wolfSSL_EVP_PKEY_get0_hmac(pkey, &keySz);
2381
2382 if (wc_HmacInit(&ctx->hash.hmac, NULL, INVALID_DEVID) != 0)
2383 return WOLFSSL_FAILURE;
2384
2385 if (wc_HmacSetKey(&ctx->hash.hmac, hashType, key, (word32)keySz) != 0)
2386 return WOLFSSL_FAILURE;
2387 }
2388
2389 ctx->isHMAC = 1;
2390 }
2391 else if (wolfSSL_EVP_DigestInit(ctx, type) != 1)
2392 return WOLFSSL_FAILURE;
2393
2394 if (ctx->pctx == NULL) {
2395 ctx->pctx = wolfSSL_EVP_PKEY_CTX_new(pkey, e);
2396 if (ctx->pctx == NULL)
2397 return WOLFSSL_FAILURE;
2398 }
2399 if (pctx != NULL)
2400 *pctx = ctx->pctx;
2401 return WOLFSSL_SUCCESS;
2402}
2403
2404/* Update an EVP_DigestSign/Verify operation.
2405 * Update a digest for RSA and ECC keys, or HMAC for HMAC key.
2406 */
2407static int wolfssl_evp_digest_pk_update(WOLFSSL_EVP_MD_CTX *ctx,
2408 const void *d, unsigned int cnt)
2409{
2410 if (ctx->isHMAC) {
2411 if (wc_HmacUpdate(&ctx->hash.hmac, (const byte *)d, cnt) != 0)
2412 return WOLFSSL_FAILURE;
2413
2414 return WOLFSSL_SUCCESS;
2415 }
2416 else
2417 return wolfSSL_EVP_DigestUpdate(ctx, d, cnt);
2418}
2419
2420/* Finalize an EVP_DigestSign/Verify operation - common part only.
2421 * Finalize a digest for RSA and ECC keys, or HMAC for HMAC key.
2422 * Copies the digest so that you can keep updating.
2423 */
2424static int wolfssl_evp_digest_pk_final(WOLFSSL_EVP_MD_CTX *ctx,
2425 unsigned char *md, unsigned int* mdlen)
2426{
2427 int ret;
2428
2429 if (ctx->isHMAC) {
2430 Hmac hmacCopy;
2431
2432 if (wolfSSL_HmacCopy(&hmacCopy, &ctx->hash.hmac) != WOLFSSL_SUCCESS)
2433 return WOLFSSL_FAILURE;
2434 ret = wc_HmacFinal(&hmacCopy, md) == 0;
2435 wc_HmacFree(&hmacCopy);
2436 return ret;
2437 }
2438 else {
2439 WOLFSSL_EVP_MD_CTX ctxCopy;
2440
2441 if (wolfSSL_EVP_MD_CTX_copy_ex(&ctxCopy, ctx) != WOLFSSL_SUCCESS)
2442 return WOLFSSL_FAILURE;
2443
2444 ret = wolfSSL_EVP_DigestFinal(&ctxCopy, md, mdlen);
2445 wolfSSL_EVP_MD_CTX_cleanup(&ctxCopy);
2446 return ret;
2447 }
2448}
2449
2450/* Get the length of the mac based on the digest algorithm. */
2451static int wolfssl_mac_len(unsigned char macType)
2452{
2453 int hashLen;
2454
2455 switch (macType) {
2456 #ifndef NO_MD5
2457 case WC_MD5:
2458 hashLen = WC_MD5_DIGEST_SIZE;
2459 break;
2460 #endif /* !NO_MD5 */
2461
2462 #ifndef NO_SHA
2463 case WC_SHA:
2464 hashLen = WC_SHA_DIGEST_SIZE;
2465 break;
2466 #endif /* !NO_SHA */
2467
2468 #ifdef WOLFSSL_SHA224
2469 case WC_SHA224:
2470 hashLen = WC_SHA224_DIGEST_SIZE;
2471 break;
2472 #endif /* WOLFSSL_SHA224 */
2473
2474 #ifndef NO_SHA256
2475 case WC_SHA256:
2476 hashLen = WC_SHA256_DIGEST_SIZE;
2477 break;
2478 #endif /* !NO_SHA256 */
2479
2480 #ifdef WOLFSSL_SHA384
2481 case WC_SHA384:
2482 hashLen = WC_SHA384_DIGEST_SIZE;
2483 break;
2484 #endif /* WOLFSSL_SHA384 */
2485 #ifdef WOLFSSL_SHA512
2486 case WC_SHA512:
2487 hashLen = WC_SHA512_DIGEST_SIZE;
2488 break;
2489 #endif /* WOLFSSL_SHA512 */
2490
2491 #ifdef HAVE_BLAKE2
2492 case BLAKE2B_ID:
2493 hashLen = BLAKE2B_OUTBYTES;
2494 break;
2495 #endif /* HAVE_BLAKE2 */
2496
2497 #ifdef WOLFSSL_SHA3
2498 #ifndef WOLFSSL_NOSHA3_224
2499 case WC_SHA3_224:
2500 hashLen = WC_SHA3_224_DIGEST_SIZE;
2501 break;
2502 #endif
2503 #ifndef WOLFSSL_NOSHA3_256
2504 case WC_SHA3_256:
2505 hashLen = WC_SHA3_256_DIGEST_SIZE;
2506 break;
2507 #endif
2508 #ifndef WOLFSSL_NOSHA3_384
2509 case WC_SHA3_384:
2510 hashLen = WC_SHA3_384_DIGEST_SIZE;
2511 break;
2512 #endif
2513 #ifndef WOLFSSL_NOSHA3_512
2514 case WC_SHA3_512:
2515 hashLen = WC_SHA3_512_DIGEST_SIZE;
2516 break;
2517 #endif
2518 #endif
2519
2520 default:
2521 hashLen = 0;
2522 }
2523
2524 return hashLen;
2525}
2526
2527int wolfSSL_EVP_DigestSignInit(WOLFSSL_EVP_MD_CTX *ctx,
2528 WOLFSSL_EVP_PKEY_CTX **pctx,
2529 const WOLFSSL_EVP_MD *type,
2530 WOLFSSL_ENGINE *e,
2531 WOLFSSL_EVP_PKEY *pkey)
2532{
2533 WOLFSSL_ENTER("EVP_DigestSignInit");
2534
2535 if (ctx == NULL || pkey == NULL)
2536 return BAD_FUNC_ARG;
2537
2538 return wolfSSL_evp_digest_pk_init(ctx, pctx, type, e, pkey);
2539}
2540
2541
2542int wolfSSL_EVP_DigestSignUpdate(WOLFSSL_EVP_MD_CTX *ctx, const void *d,
2543 unsigned int cnt)
2544{
2545 WOLFSSL_ENTER("EVP_DigestSignUpdate");
2546
2547 if (ctx == NULL || d == NULL)
2548 return BAD_FUNC_ARG;
2549
2550 return wolfssl_evp_digest_pk_update(ctx, d, cnt);
2551}
2552
2553int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sig,
2554 size_t *siglen)
2555{
2556 unsigned char digest[WC_MAX_DIGEST_SIZE];
2557 unsigned int hashLen;
2558 int ret = WOLFSSL_FAILURE;
2559
2560 WOLFSSL_ENTER("EVP_DigestSignFinal");
2561
2562 if (ctx == NULL || siglen == NULL)
2563 return WOLFSSL_FAILURE;
2564
2565 /* Return the maximum size of the signaure when sig is NULL. */
2566 if (ctx->isHMAC) {
2567 hashLen = wolfssl_mac_len(ctx->hash.hmac.macType);
2568
2569 if (sig == NULL) {
2570 *siglen = hashLen;
2571 return WOLFSSL_SUCCESS;
2572 }
2573 }
2574#ifndef NO_RSA
2575 else if (ctx->pctx->pkey->type == EVP_PKEY_RSA) {
2576 if (sig == NULL) {
2577 *siglen = wolfSSL_RSA_size(ctx->pctx->pkey->rsa);
2578 return WOLFSSL_SUCCESS;
2579 }
2580 }
2581#endif /* !NO_RSA */
2582#ifdef HAVE_ECC
2583 else if (ctx->pctx->pkey->type == EVP_PKEY_EC) {
2584 if (sig == NULL) {
2585 /* SEQ + INT + INT */
2586 *siglen = ecc_sets[ctx->pctx->pkey->ecc->group->curve_idx].size * 2
2587 + 8;
2588 return WOLFSSL_SUCCESS;
2589 }
2590 }
2591#endif
2592
2593 if (wolfssl_evp_digest_pk_final(ctx, digest, &hashLen) <= 0)
2594 return WOLFSSL_FAILURE;
2595
2596 if (ctx->isHMAC) {
2597 /* Copy the HMAC result as signature. */
2598 if ((unsigned int)(*siglen) > hashLen)
2599 *siglen = hashLen;
2600 /* May be a truncated signature. */
2601
2602 XMEMCPY(sig, digest, *siglen);
2603 ret = WOLFSSL_SUCCESS;
2604 }
2605 else {
2606 /* Sign the digest. */
2607 switch (ctx->pctx->pkey->type) {
2608 #if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
2609 case EVP_PKEY_RSA: {
2610 unsigned int sigSz;
2611 int nid = wolfSSL_EVP_MD_type(wolfSSL_EVP_MD_CTX_md(ctx));
2612 if (nid < 0)
2613 break;
2614 ret = wolfSSL_RSA_sign_generic_padding(nid, digest, hashLen,
2615 sig, &sigSz, ctx->pctx->pkey->rsa, 1, ctx->pctx->padding);
2616 if (ret >= 0)
2617 *siglen = sigSz;
2618 break;
2619 }
2620 #endif /* NO_RSA */
2621
2622 #ifdef HAVE_ECC
2623 case EVP_PKEY_EC: {
2624 WOLFSSL_ECDSA_SIG *ecdsaSig;
2625 ecdsaSig = wolfSSL_ECDSA_do_sign(digest, hashLen,
2626 ctx->pctx->pkey->ecc);
2627 if (ecdsaSig == NULL)
2628 break;
2629 *siglen = wolfSSL_i2d_ECDSA_SIG(ecdsaSig, &sig);
2630 wolfSSL_ECDSA_SIG_free(ecdsaSig);
2631 ret = WOLFSSL_SUCCESS;
2632 break;
2633 }
2634 #endif
2635 default:
2636 break;
2637 }
2638 }
2639
2640 ForceZero(digest, sizeof(digest));
2641 return ret;
2642}
2643int wolfSSL_EVP_DigestVerifyInit(WOLFSSL_EVP_MD_CTX *ctx,
2644 WOLFSSL_EVP_PKEY_CTX **pctx,
2645 const WOLFSSL_EVP_MD *type,
2646 WOLFSSL_ENGINE *e,
2647 WOLFSSL_EVP_PKEY *pkey)
2648{
2649 WOLFSSL_ENTER("EVP_DigestVerifyInit");
2650
2651 if (ctx == NULL || type == NULL || pkey == NULL)
2652 return BAD_FUNC_ARG;
2653
2654 return wolfSSL_evp_digest_pk_init(ctx, pctx, type, e, pkey);
2655}
2656
2657
2658int wolfSSL_EVP_DigestVerifyUpdate(WOLFSSL_EVP_MD_CTX *ctx, const void *d,
2659 size_t cnt)
2660{
2661 WOLFSSL_ENTER("EVP_DigestVerifyUpdate");
2662
2663 if (ctx == NULL || d == NULL)
2664 return BAD_FUNC_ARG;
2665
2666 return wolfssl_evp_digest_pk_update(ctx, d, (unsigned int)cnt);
2667}
2668
2669
2670int wolfSSL_EVP_DigestVerifyFinal(WOLFSSL_EVP_MD_CTX *ctx,
2671 const unsigned char *sig, size_t siglen)
2672{
2673 unsigned char digest[WC_MAX_DIGEST_SIZE];
2674 unsigned int hashLen;
2675
2676 WOLFSSL_ENTER("EVP_DigestVerifyFinal");
2677
2678 if (ctx == NULL || sig == NULL)
2679 return WOLFSSL_FAILURE;
2680
2681 if (ctx->isHMAC) {
2682
2683 hashLen = wolfssl_mac_len(ctx->hash.hmac.macType);
2684
2685 if (siglen > hashLen)
2686 return WOLFSSL_FAILURE;
2687 /* May be a truncated signature. */
2688 }
2689
2690 if (wolfssl_evp_digest_pk_final(ctx, digest, &hashLen) <= 0)
2691 return WOLFSSL_FAILURE;
2692
2693 if (ctx->isHMAC) {
2694 /* Check HMAC result matches the signature. */
2695 if (XMEMCMP(sig, digest, siglen) == 0)
2696 return WOLFSSL_SUCCESS;
2697 return WOLFSSL_FAILURE;
2698 }
2699 else {
2700 /* Verify the signature with the digest. */
2701 switch (ctx->pctx->pkey->type) {
2702 #if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
2703 case EVP_PKEY_RSA: {
2704 int nid = wolfSSL_EVP_MD_type(wolfSSL_EVP_MD_CTX_md(ctx));
2705 if (nid < 0)
2706 return WOLFSSL_FAILURE;
2707 return wolfSSL_RSA_verify_ex(nid, digest, hashLen, sig,
2708 (unsigned int)siglen,
2709 ctx->pctx->pkey->rsa, ctx->pctx->padding);
2710 }
2711 #endif /* NO_RSA */
2712
2713 #ifdef HAVE_ECC
2714 case EVP_PKEY_EC: {
2715 int ret;
2716 WOLFSSL_ECDSA_SIG *ecdsaSig;
2717 ecdsaSig = wolfSSL_d2i_ECDSA_SIG(NULL, &sig, (long)siglen);
2718 if (ecdsaSig == NULL)
2719 return WOLFSSL_FAILURE;
2720 ret = wolfSSL_ECDSA_do_verify(digest, hashLen, ecdsaSig,
2721 ctx->pctx->pkey->ecc);
2722 wolfSSL_ECDSA_SIG_free(ecdsaSig);
2723 return ret;
2724 }
2725 #endif
2726 default:
2727 break;
2728 }
2729 }
2730
2731 return WOLFSSL_FAILURE;
2732}
2733
2734
2735#ifdef WOLFSSL_APACHE_HTTPD
2736#if !defined(USE_WINDOWS_API) && !defined(MICROCHIP_PIC32)
2737 #include <termios.h>
2738#endif
2739
2740#ifndef XGETPASSWD
2741 static int XGETPASSWD(char* buf, int bufSz) {
2742 int ret = WOLFSSL_SUCCESS;
2743
2744 /* turn off echo for passwords */
2745 #ifdef USE_WINDOWS_API
2746 DWORD originalTerm;
2747 DWORD newTerm;
2748 CONSOLE_SCREEN_BUFFER_INFO screenOrig;
2749 HANDLE stdinHandle = GetStdHandle(STD_INPUT_HANDLE);
2750 if (GetConsoleMode(stdinHandle, &originalTerm) == 0) {
2751 WOLFSSL_MSG("Couldn't get the original terminal settings");
2752 return WOLFSSL_FAILURE;
2753 }
2754 newTerm = originalTerm;
2755 newTerm &= ~ENABLE_ECHO_INPUT;
2756 if (SetConsoleMode(stdinHandle, newTerm) == 0) {
2757 WOLFSSL_MSG("Couldn't turn off echo");
2758 return WOLFSSL_FAILURE;
2759 }
2760 #else
2761 struct termios originalTerm;
2762 struct termios newTerm;
2763 if (tcgetattr(STDIN_FILENO, &originalTerm) != 0) {
2764 WOLFSSL_MSG("Couldn't get the original terminal settings");
2765 return WOLFSSL_FAILURE;
2766 }
2767 XMEMCPY(&newTerm, &originalTerm, sizeof(struct termios));
2768
2769 newTerm.c_lflag &= ~ECHO;
2770 newTerm.c_lflag |= (ICANON | ECHONL);
2771 if (tcsetattr(STDIN_FILENO, TCSANOW, &newTerm) != 0) {
2772 WOLFSSL_MSG("Couldn't turn off echo");
2773 return WOLFSSL_FAILURE;
2774 }
2775 #endif
2776
2777 if (XFGETS(buf, bufSz, stdin) == NULL) {
2778 ret = WOLFSSL_FAILURE;
2779 }
2780
2781 /* restore default echo */
2782 #ifdef USE_WINDOWS_API
2783 if (SetConsoleMode(stdinHandle, originalTerm) == 0) {
2784 WOLFSSL_MSG("Couldn't restore the terminal settings");
2785 return WOLFSSL_FAILURE;
2786 }
2787 #else
2788 if (tcsetattr(STDIN_FILENO, TCSANOW, &originalTerm) != 0) {
2789 WOLFSSL_MSG("Couldn't restore the terminal settings");
2790 return WOLFSSL_FAILURE;
2791 }
2792 #endif
2793 return ret;
2794 }
2795#endif
2796
2797/* returns 0 on success and -2 or -1 on failure */
2798int wolfSSL_EVP_read_pw_string(char* buf, int bufSz, const char* banner, int v)
2799{
2800 printf("%s", banner);
2801 if (XGETPASSWD(buf, bufSz) == WOLFSSL_FAILURE) {
2802 return -1;
2803 }
2804 (void)v; /* fgets always sanity checks size of input vs buffer */
2805 return 0;
2806}
2807#endif /* WOLFSSL_APACHE_HTTPD */
2808
2809#if !defined(NO_PWDBASED) && !defined(NO_SHA)
2810int wolfSSL_PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
2811 const unsigned char *salt,
2812 int saltlen, int iter,
2813 int keylen, unsigned char *out)
2814{
2815 const char *nostring = "";
2816 int ret = 0;
2817
2818 if (pass == NULL) {
2819 passlen = 0;
2820 pass = nostring;
2821 }
2822 else if (passlen == -1) {
2823 passlen = (int)XSTRLEN(pass);
2824 }
2825
2826 ret = wc_PBKDF2((byte*)out, (byte*)pass, passlen, (byte*)salt, saltlen,
2827 iter, keylen, WC_SHA);
2828 if (ret == 0)
2829 return WOLFSSL_SUCCESS;
2830 else
2831 return WOLFSSL_FAILURE;
2832}
2833#endif /* !NO_PWDBASED !NO_SHA*/
2834
2835#if !defined(NO_PWDBASED)
2836WOLFSSL_API int wolfSSL_PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
2837 const unsigned char *salt,
2838 int saltlen, int iter,
2839 const WOLFSSL_EVP_MD *digest,
2840 int keylen, unsigned char *out)
2841{
2842 const char *nostring = "";
2843 int ret = 0;
2844
2845 if (pass == NULL) {
2846 passlen = 0;
2847 pass = nostring;
2848 } else if (passlen == -1) {
2849 passlen = (int)XSTRLEN(pass);
2850 }
2851
2852 ret = wc_PBKDF2((byte*)out, (byte*)pass, passlen, (byte*)salt, saltlen,
2853 iter, keylen, wolfSSL_EVP_md2macType(digest));
2854 if (ret == 0)
2855 return WOLFSSL_SUCCESS;
2856 else
2857 return WOLFSSL_FAILURE;
2858}
2859#endif /* !NO_PWDBASED */
2860
2861static const struct cipher{
2862 unsigned char type;
2863 const char *name;
2864 int nid;
2865} cipher_tbl[] = {
2866
2867#ifndef NO_AES
2868 #ifdef HAVE_AES_CBC
2869 #ifdef WOLFSSL_AES_128
2870 {AES_128_CBC_TYPE, EVP_AES_128_CBC, NID_aes_128_cbc},
2871 #endif
2872 #ifdef WOLFSSL_AES_192
2873 {AES_192_CBC_TYPE, EVP_AES_192_CBC, NID_aes_192_cbc},
2874 #endif
2875 #ifdef WOLFSSL_AES_256
2876 {AES_256_CBC_TYPE, EVP_AES_256_CBC, NID_aes_256_cbc},
2877 #endif
2878 #endif
2879
2880 #ifdef WOLFSSL_AES_CFB
2881 #ifdef WOLFSSL_AES_128
2882 {AES_128_CFB1_TYPE, EVP_AES_128_CFB1, NID_aes_128_cfb1},
2883 #endif
2884 #ifdef WOLFSSL_AES_192
2885 {AES_192_CFB1_TYPE, EVP_AES_192_CFB1, NID_aes_192_cfb1},
2886 #endif
2887 #ifdef WOLFSSL_AES_256
2888 {AES_256_CFB1_TYPE, EVP_AES_256_CFB1, NID_aes_256_cfb1},
2889 #endif
2890
2891 #ifdef WOLFSSL_AES_128
2892 {AES_128_CFB8_TYPE, EVP_AES_128_CFB8, NID_aes_128_cfb8},
2893 #endif
2894 #ifdef WOLFSSL_AES_192
2895 {AES_192_CFB8_TYPE, EVP_AES_192_CFB8, NID_aes_192_cfb8},
2896 #endif
2897 #ifdef WOLFSSL_AES_256
2898 {AES_256_CFB8_TYPE, EVP_AES_256_CFB8, NID_aes_256_cfb8},
2899 #endif
2900
2901 #ifdef WOLFSSL_AES_128
2902 {AES_128_CFB128_TYPE, EVP_AES_128_CFB128, NID_aes_128_cfb128},
2903 #endif
2904 #ifdef WOLFSSL_AES_192
2905 {AES_192_CFB128_TYPE, EVP_AES_192_CFB128, NID_aes_192_cfb128},
2906 #endif
2907 #ifdef WOLFSSL_AES_256
2908 {AES_256_CFB128_TYPE, EVP_AES_256_CFB128, NID_aes_256_cfb128},
2909 #endif
2910 #endif
2911
2912 #ifdef HAVE_AES_OFB
2913 #ifdef WOLFSSL_AES_128
2914 {AES_128_OFB_TYPE, EVP_AES_128_OFB, NID_aes_128_ofb},
2915 #endif
2916 #ifdef WOLFSSL_AES_192
2917 {AES_192_OFB_TYPE, EVP_AES_192_OFB, NID_aes_192_ofb},
2918 #endif
2919 #ifdef WOLFSSL_AES_256
2920 {AES_256_OFB_TYPE, EVP_AES_256_OFB, NID_aes_256_ofb},
2921 #endif
2922 #endif
2923
2924 #ifdef HAVE_AES_XTS
2925 #ifdef WOLFSSL_AES_128
2926 {AES_128_XTS_TYPE, EVP_AES_128_XTS, NID_aes_128_xts},
2927 #endif
2928 #ifdef WOLFSSL_AES_256
2929 {AES_256_XTS_TYPE, EVP_AES_256_XTS, NID_aes_256_xts},
2930 #endif
2931 #endif
2932
2933 #ifdef HAVE_AESGCM
2934 #ifdef WOLFSSL_AES_128
2935 {AES_128_GCM_TYPE, EVP_AES_128_GCM, NID_aes_128_gcm},
2936 #endif
2937 #ifdef WOLFSSL_AES_192
2938 {AES_192_GCM_TYPE, EVP_AES_192_GCM, NID_aes_192_gcm},
2939 #endif
2940 #ifdef WOLFSSL_AES_256
2941 {AES_256_GCM_TYPE, EVP_AES_256_GCM, NID_aes_256_gcm},
2942 #endif
2943 #endif
2944
2945 #ifdef WOLFSSL_AES_COUNTER
2946 #ifdef WOLFSSL_AES_128
2947 {AES_128_CTR_TYPE, EVP_AES_128_CTR, NID_aes_128_ctr},
2948 #endif
2949 #ifdef WOLFSSL_AES_192
2950 {AES_192_CTR_TYPE, EVP_AES_192_CTR, NID_aes_192_ctr},
2951 #endif
2952 #ifdef WOLFSSL_AES_256
2953 {AES_256_CTR_TYPE, EVP_AES_256_CTR, NID_aes_256_ctr},
2954 #endif
2955 #endif
2956
2957 #ifdef HAVE_AES_ECB
2958 #ifdef WOLFSSL_AES_128
2959 {AES_128_ECB_TYPE, EVP_AES_128_ECB, NID_aes_128_ecb},
2960 #endif
2961 #ifdef WOLFSSL_AES_192
2962 {AES_192_ECB_TYPE, EVP_AES_192_ECB, NID_aes_192_ecb},
2963 #endif
2964 #ifdef WOLFSSL_AES_256
2965 {AES_256_ECB_TYPE, EVP_AES_256_ECB, NID_aes_256_ecb},
2966 #endif
2967 #endif
2968#endif
2969
2970#ifndef NO_DES3
2971 {DES_CBC_TYPE, EVP_DES_CBC, NID_des_cbc},
2972 {DES_ECB_TYPE, EVP_DES_ECB, NID_des_ecb},
2973
2974 {DES_EDE3_CBC_TYPE, EVP_DES_EDE3_CBC, NID_des_ede3_cbc},
2975 {DES_EDE3_ECB_TYPE, EVP_DES_EDE3_ECB, NID_des_ede3_ecb},
2976#endif
2977
2978#ifndef NO_RC4
2979 {ARC4_TYPE, EVP_ARC4, NID_undef},
2980#endif
2981
2982#ifdef HAVE_IDEA
2983 {IDEA_CBC_TYPE, EVP_IDEA_CBC, NID_idea_cbc},
2984#endif
2985 { 0, NULL, 0}
2986};
2987
2988/* returns cipher using provided ctx type */
2989const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_CIPHER_CTX_cipher(
2990 const WOLFSSL_EVP_CIPHER_CTX *ctx)
2991{
2992 const struct cipher* c;
2993
2994 if (!ctx || !ctx->cipherType) {
2995 return NULL;
2996 }
2997
2998 for (c = cipher_tbl; c->type != 0; c++) {
2999 if (ctx->cipherType == c->type) {
3000 return wolfSSL_EVP_get_cipherbyname(c->name);
3001 }
3002 }
3003
3004 return NULL;
3005}
3006
3007int wolfSSL_EVP_CIPHER_nid(const WOLFSSL_EVP_CIPHER *cipher)
3008{
3009 const struct cipher* c;
3010
3011 if (!cipher) {
3012 return 0;
3013 }
3014
3015 for (c = cipher_tbl; c->type != 0; c++) {
3016 if (XSTRNCMP(cipher, c->name, XSTRLEN(c->name)+1) == 0) {
3017 return c->nid;
3018 }
3019 }
3020
3021 return 0;
3022}
3023
3024const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_get_cipherbyname(const char *name)
3025{
3026
3027 const struct alias {
3028 const char *name;
3029 const char *alias;
3030 } alias_tbl[] =
3031 {
3032#ifndef NO_DES3
3033 {EVP_DES_CBC, "DES"},
3034 {EVP_DES_CBC, "des"},
3035 {EVP_DES_ECB, "DES-ECB"},
3036 {EVP_DES_ECB, "des-ecb"},
3037 {EVP_DES_EDE3_CBC, "DES3"},
3038 {EVP_DES_EDE3_CBC, "des3"},
3039 {EVP_DES_EDE3_ECB, "DES-EDE3"},
3040 {EVP_DES_EDE3_ECB, "des-ede3"},
3041 {EVP_DES_EDE3_ECB, "des-ede3-ecb"},
3042#endif
3043#ifdef HAVE_IDEA
3044 {EVP_IDEA_CBC, "IDEA"},
3045 {EVP_IDEA_CBC, "idea"},
3046#endif
3047#ifndef NO_AES
3048 #ifdef HAVE_AES_CBC
3049 #ifdef WOLFSSL_AES_128
3050 {EVP_AES_128_CBC, "AES128-CBC"},
3051 {EVP_AES_128_CBC, "aes128-cbc"},
3052 #endif
3053 #ifdef WOLFSSL_AES_192
3054 {EVP_AES_192_CBC, "AES192-CBC"},
3055 {EVP_AES_192_CBC, "aes192-cbc"},
3056 #endif
3057 #ifdef WOLFSSL_AES_256
3058 {EVP_AES_256_CBC, "AES256-CBC"},
3059 {EVP_AES_256_CBC, "aes256-cbc"},
3060 #endif
3061 #endif
3062 #ifdef HAVE_AES_ECB
3063 #ifdef WOLFSSL_AES_128
3064 {EVP_AES_128_ECB, "AES128-ECB"},
3065 {EVP_AES_128_ECB, "aes128-ecb"},
3066 #endif
3067 #ifdef WOLFSSL_AES_192
3068 {EVP_AES_192_ECB, "AES192-ECB"},
3069 {EVP_AES_192_ECB, "aes192-ecb"},
3070 #endif
3071 #ifdef WOLFSSL_AES_256
3072 {EVP_AES_256_ECB, "AES256-ECB"},
3073 #endif
3074 #endif
3075 #ifdef HAVE_AESGCM
3076 #ifdef WOLFSSL_AES_128
3077 {EVP_AES_128_GCM, "aes-128-gcm"},
3078 {EVP_AES_128_GCM, "id-aes128-GCM"},
3079 #endif
3080 #ifdef WOLFSSL_AES_192
3081 {EVP_AES_192_GCM, "aes-192-gcm"},
3082 {EVP_AES_192_GCM, "id-aes192-GCM"},
3083 #endif
3084 #ifdef WOLFSSL_AES_256
3085 {EVP_AES_256_GCM, "aes-256-gcm"},
3086 {EVP_AES_256_GCM, "id-aes256-GCM"},
3087 #endif
3088 #endif
3089#endif
3090#ifndef NO_RC4
3091 {EVP_ARC4, "RC4"},
3092#endif
3093 { NULL, NULL}
3094 };
3095
3096 const struct cipher *ent;
3097 const struct alias *al;
3098
3099 WOLFSSL_ENTER("EVP_get_cipherbyname");
3100
3101 for( al = alias_tbl; al->name != NULL; al++)
3102 if(XSTRNCMP(name, al->alias, XSTRLEN(al->alias)+1) == 0) {
3103 name = al->name;
3104 break;
3105 }
3106
3107 for( ent = cipher_tbl; ent->name != NULL; ent++)
3108 if(XSTRNCMP(name, ent->name, XSTRLEN(ent->name)+1) == 0) {
3109 return (WOLFSSL_EVP_CIPHER *)ent->name;
3110 }
3111
3112 return NULL;
3113}
3114
3115/*
3116 * return an EVP_CIPHER structure when cipher NID is passed.
3117 *
3118 * id cipher NID
3119 *
3120 * return WOLFSSL_EVP_CIPHER
3121*/
3122const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_get_cipherbynid(int id)
3123{
3124 WOLFSSL_ENTER("EVP_get_cipherbynid");
3125
3126 switch(id) {
3127
3128#ifndef NO_AES
3129 #ifdef HAVE_AES_CBC
3130 #ifdef WOLFSSL_AES_128
3131 case NID_aes_128_cbc:
3132 return wolfSSL_EVP_aes_128_cbc();
3133 #endif
3134 #ifdef WOLFSSL_AES_192
3135 case NID_aes_192_cbc:
3136 return wolfSSL_EVP_aes_192_cbc();
3137 #endif
3138 #ifdef WOLFSSL_AES_256
3139 case NID_aes_256_cbc:
3140 return wolfSSL_EVP_aes_256_cbc();
3141 #endif
3142 #endif
3143 #ifdef WOLFSSL_AES_COUNTER
3144 #ifdef WOLFSSL_AES_128
3145 case NID_aes_128_ctr:
3146 return wolfSSL_EVP_aes_128_ctr();
3147 #endif
3148 #ifdef WOLFSSL_AES_192
3149 case NID_aes_192_ctr:
3150 return wolfSSL_EVP_aes_192_ctr();
3151 #endif
3152 #ifdef WOLFSSL_AES_256
3153 case NID_aes_256_ctr:
3154 return wolfSSL_EVP_aes_256_ctr();
3155 #endif
3156 #endif /* WOLFSSL_AES_COUNTER */
3157 #ifdef HAVE_AES_ECB
3158 #ifdef WOLFSSL_AES_128
3159 case NID_aes_128_ecb:
3160 return wolfSSL_EVP_aes_128_ecb();
3161 #endif
3162 #ifdef WOLFSSL_AES_192
3163 case NID_aes_192_ecb:
3164 return wolfSSL_EVP_aes_192_ecb();
3165 #endif
3166 #ifdef WOLFSSL_AES_256
3167 case NID_aes_256_ecb:
3168 return wolfSSL_EVP_aes_256_ecb();
3169 #endif
3170 #endif /* HAVE_AES_ECB */
3171 #ifdef HAVE_AESGCM
3172 #ifdef WOLFSSL_AES_128
3173 case NID_aes_128_gcm:
3174 return wolfSSL_EVP_aes_128_gcm();
3175 #endif
3176 #ifdef WOLFSSL_AES_192
3177 case NID_aes_192_gcm:
3178 return wolfSSL_EVP_aes_192_gcm();
3179 #endif
3180 #ifdef WOLFSSL_AES_256
3181 case NID_aes_256_gcm:
3182 return wolfSSL_EVP_aes_256_gcm();
3183 #endif
3184 #endif
3185#endif
3186
3187#ifndef NO_DES3
3188 case NID_des_cbc:
3189 return wolfSSL_EVP_des_cbc();
3190#ifdef WOLFSSL_DES_ECB
3191 case NID_des_ecb:
3192 return wolfSSL_EVP_des_ecb();
3193#endif
3194 case NID_des_ede3_cbc:
3195 return wolfSSL_EVP_des_ede3_cbc();
3196#ifdef WOLFSSL_DES_ECB
3197 case NID_des_ede3_ecb:
3198 return wolfSSL_EVP_des_ede3_ecb();
3199#endif
3200#endif /*NO_DES3*/
3201
3202#ifdef HAVE_IDEA
3203 case NID_idea_cbc:
3204 return wolfSSL_EVP_idea_cbc();
3205#endif
3206
3207 default:
3208 WOLFSSL_MSG("Bad cipher id value");
3209 }
3210
3211 return NULL;
3212}
3213
3214void wolfSSL_EVP_init(void)
3215{
3216 /* Does nothing. */
3217}
3218
3219#if !defined(NO_PWDBASED)
3220/* this function makes the assumption that out buffer is big enough for digest*/
3221int wolfSSL_EVP_Digest(const unsigned char* in, int inSz, unsigned char* out,
3222 unsigned int* outSz, const WOLFSSL_EVP_MD* evp,
3223 WOLFSSL_ENGINE* eng)
3224{
3225 int err;
3226 int hashType = WC_HASH_TYPE_NONE;
3227 int hashSz;
3228
3229 WOLFSSL_ENTER("wolfSSL_EVP_Digest");
3230 if (in == NULL || out == NULL || evp == NULL) {
3231 WOLFSSL_MSG("Null argument passed in");
3232 return WOLFSSL_FAILURE;
3233 }
3234
3235 err = wolfSSL_EVP_get_hashinfo(evp, &hashType, &hashSz);
3236 if (err != WOLFSSL_SUCCESS)
3237 return err;
3238
3239 if (wc_Hash((enum wc_HashType)hashType, in, inSz, out, hashSz) != 0) {
3240 return WOLFSSL_FAILURE;
3241 }
3242
3243 if (outSz != NULL)
3244 *outSz = hashSz;
3245
3246 (void)eng;
3247 return WOLFSSL_SUCCESS;
3248}
3249#endif
3250
3251const WOLFSSL_EVP_MD *wolfSSL_EVP_get_digestbyname(const char *name)
3252{
3253 static const struct alias {
3254 const char *name;
3255 const char *alias;
3256 } alias_tbl[] =
3257 {
3258 {"MD4", "ssl3-md4"},
3259 {"MD5", "ssl3-md5"},
3260 {"SHA1", "ssl3-sha1"},
3261 {"SHA1", "SHA"},
3262 { NULL, NULL}
3263 };
3264 char nameUpper[15]; /* 15 bytes should be enough for any name */
3265 size_t i;
3266
3267 const struct alias *al;
3268 const struct s_ent *ent;
3269
3270 for (i = 0; i < sizeof(nameUpper) && name[i] != '\0'; i++) {
3271 nameUpper[i] = (char)XTOUPPER(name[i]);
3272 }
3273 if (i < sizeof(nameUpper))
3274 nameUpper[i] = '\0';
3275 else
3276 return NULL;
3277
3278 name = nameUpper;
3279 for (al = alias_tbl; al->name != NULL; al++)
3280 if(XSTRNCMP(name, al->alias, XSTRLEN(al->alias)+1) == 0) {
3281 name = al->name;
3282 break;
3283 }
3284
3285 for (ent = md_tbl; ent->name != NULL; ent++)
3286 if(XSTRNCMP(name, ent->name, XSTRLEN(ent->name)+1) == 0) {
3287 return (EVP_MD *)ent->name;
3288 }
3289 return NULL;
3290}
3291
3292int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
3293{
3294 const struct s_ent *ent ;
3295 WOLFSSL_ENTER("EVP_MD_type");
3296 for( ent = md_tbl; ent->name != NULL; ent++){
3297 if(XSTRNCMP((const char *)md, ent->name, XSTRLEN(ent->name)+1) == 0) {
3298 return ent->nid;
3299 }
3300 }
3301 return 0;
3302}
3303
3304#ifndef NO_MD4
3305
3306 /* return a pointer to MD4 EVP type */
3307 const WOLFSSL_EVP_MD* wolfSSL_EVP_md4(void)
3308 {
3309 WOLFSSL_ENTER("wolfSSL_EVP_md4");
3310 return EVP_get_digestbyname("MD4");
3311 }
3312
3313#endif /* !NO_MD4 */
3314
3315
3316#ifndef NO_MD5
3317
3318 const WOLFSSL_EVP_MD* wolfSSL_EVP_md5(void)
3319 {
3320 WOLFSSL_ENTER("EVP_md5");
3321 return EVP_get_digestbyname("MD5");
3322 }
3323
3324#endif /* !NO_MD5 */
3325
3326
3327#ifndef NO_WOLFSSL_STUB
3328 const WOLFSSL_EVP_MD* wolfSSL_EVP_mdc2(void)
3329 {
3330 WOLFSSL_STUB("EVP_mdc2");
3331 return NULL;
3332 }
3333#endif
3334
3335#ifndef NO_SHA
3336 const WOLFSSL_EVP_MD* wolfSSL_EVP_sha1(void)
3337 {
3338 WOLFSSL_ENTER("EVP_sha1");
3339 return EVP_get_digestbyname("SHA1");
3340 }
3341#endif /* NO_SHA */
3342
3343#ifdef WOLFSSL_SHA224
3344
3345 const WOLFSSL_EVP_MD* wolfSSL_EVP_sha224(void)
3346 {
3347 WOLFSSL_ENTER("EVP_sha224");
3348 return EVP_get_digestbyname("SHA224");
3349 }
3350
3351#endif /* WOLFSSL_SHA224 */
3352
3353
3354 const WOLFSSL_EVP_MD* wolfSSL_EVP_sha256(void)
3355 {
3356 WOLFSSL_ENTER("EVP_sha256");
3357 return EVP_get_digestbyname("SHA256");
3358 }
3359
3360#ifdef WOLFSSL_SHA384
3361
3362 const WOLFSSL_EVP_MD* wolfSSL_EVP_sha384(void)
3363 {
3364 WOLFSSL_ENTER("EVP_sha384");
3365 return EVP_get_digestbyname("SHA384");
3366 }
3367
3368#endif /* WOLFSSL_SHA384 */
3369
3370#ifdef WOLFSSL_SHA512
3371
3372 const WOLFSSL_EVP_MD* wolfSSL_EVP_sha512(void)
3373 {
3374 WOLFSSL_ENTER("EVP_sha512");
3375 return EVP_get_digestbyname("SHA512");
3376 }
3377
3378#endif /* WOLFSSL_SHA512 */
3379
3380#ifdef WOLFSSL_SHA3
3381#ifndef WOLFSSL_NOSHA3_224
3382 const WOLFSSL_EVP_MD* wolfSSL_EVP_sha3_224(void)
3383 {
3384 WOLFSSL_ENTER("EVP_sha3_224");
3385 return EVP_get_digestbyname("SHA3_224");
3386 }
3387#endif /* WOLFSSL_NOSHA3_224 */
3388
3389
3390#ifndef WOLFSSL_NOSHA3_256
3391 const WOLFSSL_EVP_MD* wolfSSL_EVP_sha3_256(void)
3392 {
3393 WOLFSSL_ENTER("EVP_sha3_256");
3394 return EVP_get_digestbyname("SHA3_256");
3395 }
3396#endif /* WOLFSSL_NOSHA3_256 */
3397
3398 const WOLFSSL_EVP_MD* wolfSSL_EVP_sha3_384(void)
3399 {
3400 WOLFSSL_ENTER("EVP_sha3_384");
3401 return EVP_get_digestbyname("SHA3_384");
3402 }
3403
3404#ifndef WOLFSSL_NOSHA3_512
3405 const WOLFSSL_EVP_MD* wolfSSL_EVP_sha3_512(void)
3406 {
3407 WOLFSSL_ENTER("EVP_sha3_512");
3408 return EVP_get_digestbyname("SHA3_512");
3409 }
3410#endif /* WOLFSSL_NOSHA3_512 */
3411#endif /* WOLFSSL_SHA3 */
3412
3413 WOLFSSL_EVP_MD_CTX *wolfSSL_EVP_MD_CTX_new(void)
3414 {
3415 WOLFSSL_EVP_MD_CTX* ctx;
3416 WOLFSSL_ENTER("EVP_MD_CTX_new");
3417 ctx = (WOLFSSL_EVP_MD_CTX*)XMALLOC(sizeof *ctx, NULL,
3418 DYNAMIC_TYPE_OPENSSL);
3419 if (ctx){
3420 wolfSSL_EVP_MD_CTX_init(ctx);
3421 }
3422 return ctx;
3423 }
3424
3425 WOLFSSL_API void wolfSSL_EVP_MD_CTX_free(WOLFSSL_EVP_MD_CTX *ctx)
3426 {
3427 if (ctx) {
3428 WOLFSSL_ENTER("EVP_MD_CTX_free");
3429 wolfSSL_EVP_MD_CTX_cleanup(ctx);
3430 XFREE(ctx, NULL, DYNAMIC_TYPE_OPENSSL);
3431 }
3432 }
3433
3434 /* returns the NID of message digest used by the ctx */
3435 int wolfSSL_EVP_MD_CTX_type(const WOLFSSL_EVP_MD_CTX *ctx)
3436 {
3437 const struct s_ent *ent;
3438
3439 WOLFSSL_ENTER("EVP_MD_CTX_type");
3440
3441 if (ctx) {
3442 if (ctx->isHMAC) {
3443 return NID_hmac;
3444 }
3445
3446 for(ent = md_tbl; ent->name != NULL; ent++) {
3447 if (ctx->macType == ent->macType) {
3448 return ent->nid;
3449 }
3450 }
3451 /* Return whatever we got */
3452 return ctx->macType;
3453 }
3454 return 0;
3455 }
3456
3457
3458 /* returns WOLFSSL_SUCCESS on success */
3459 int wolfSSL_EVP_MD_CTX_copy(WOLFSSL_EVP_MD_CTX *out, const WOLFSSL_EVP_MD_CTX *in)
3460 {
3461 return wolfSSL_EVP_MD_CTX_copy_ex(out, in);
3462 }
3463
3464 /* returns digest size */
3465 int wolfSSL_EVP_MD_CTX_size(const WOLFSSL_EVP_MD_CTX *ctx) {
3466 return(wolfSSL_EVP_MD_size(wolfSSL_EVP_MD_CTX_md(ctx)));
3467 }
3468 /* returns block size */
3469 int wolfSSL_EVP_MD_CTX_block_size(const WOLFSSL_EVP_MD_CTX *ctx) {
3470 return(wolfSSL_EVP_MD_block_size(wolfSSL_EVP_MD_CTX_md(ctx)));
3471 }
3472
3473 /* Deep copy of EVP_MD hasher
3474 * return WOLFSSL_SUCCESS on success */
3475 static int wolfSSL_EVP_MD_Copy_Hasher(WOLFSSL_EVP_MD_CTX* des,
3476 const WOLFSSL_EVP_MD_CTX* src)
3477 {
3478 int ret;
3479 if (src->isHMAC) {
3480 ret = wolfSSL_HmacCopy(&des->hash.hmac, (Hmac*)&src->hash.hmac);
3481 }
3482 else {
3483 switch (src->macType) {
3484 case WC_HASH_TYPE_MD5:
3485 #ifndef NO_MD5
3486 ret = wc_Md5Copy((wc_Md5*)&src->hash.digest,
3487 (wc_Md5*)&des->hash.digest);
3488 #else
3489 ret = NOT_COMPILED_IN;
3490 #endif /* !NO_MD5 */
3491 break;
3492 case WC_HASH_TYPE_SHA:
3493 #ifndef NO_SHA
3494 ret = wc_ShaCopy((wc_Sha*)&src->hash.digest,
3495 (wc_Sha*)&des->hash.digest);
3496 #else
3497 ret = NOT_COMPILED_IN;
3498 #endif /* !NO_SHA */
3499 break;
3500 case WC_HASH_TYPE_SHA224:
3501 #ifdef WOLFSSL_SHA224
3502 ret = wc_Sha224Copy((wc_Sha224*)&src->hash.digest,
3503 (wc_Sha224*)&des->hash.digest);
3504 #else
3505 ret = NOT_COMPILED_IN;
3506 #endif /* WOLFSSL_SHA224 */
3507 break;
3508 case WC_HASH_TYPE_SHA256:
3509 #ifndef NO_SHA256
3510 ret = wc_Sha256Copy((wc_Sha256*)&src->hash.digest,
3511 (wc_Sha256*)&des->hash.digest);
3512 #else
3513 ret = NOT_COMPILED_IN;
3514 #endif /* !NO_SHA256 */
3515 break;
3516 case WC_HASH_TYPE_SHA384:
3517 #ifdef WOLFSSL_SHA384
3518 ret = wc_Sha384Copy((wc_Sha384*)&src->hash.digest,
3519 (wc_Sha384*)&des->hash.digest);
3520 #else
3521 ret = NOT_COMPILED_IN;
3522 #endif /* WOLFSSL_SHA384 */
3523 break;
3524 case WC_HASH_TYPE_SHA512:
3525 #ifdef WOLFSSL_SHA512
3526 ret = wc_Sha512Copy((wc_Sha512*)&src->hash.digest,
3527 (wc_Sha512*)&des->hash.digest);
3528 #else
3529 ret = NOT_COMPILED_IN;
3530 #endif /* WOLFSSL_SHA512 */
3531 break;
3532 case WC_HASH_TYPE_SHA3_224:
3533 #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
3534 ret = wc_Sha3_224_Copy((wc_Sha3*)&src->hash.digest,
3535 (wc_Sha3*)&des->hash.digest);
3536 #else
3537 ret = NOT_COMPILED_IN;
3538 #endif
3539 break;
3540 case WC_HASH_TYPE_SHA3_256:
3541 #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
3542 ret = wc_Sha3_256_Copy((wc_Sha3*)&src->hash.digest,
3543 (wc_Sha3*)&des->hash.digest);
3544 #else
3545 ret = NOT_COMPILED_IN;
3546 #endif
3547 break;
3548 case WC_HASH_TYPE_SHA3_384:
3549 #if defined(WOLFSSL_SHA3)
3550 ret = wc_Sha3_384_Copy((wc_Sha3*)&src->hash.digest,
3551 (wc_Sha3*)&des->hash.digest);
3552 #else
3553 ret = NOT_COMPILED_IN;
3554 #endif
3555 break;
3556 case WC_HASH_TYPE_SHA3_512:
3557 #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512)
3558 ret = wc_Sha3_512_Copy((wc_Sha3*)&src->hash.digest,
3559 (wc_Sha3*)&des->hash.digest);
3560 #else
3561 ret = NOT_COMPILED_IN;
3562 #endif
3563 break;
3564 case WC_HASH_TYPE_NONE:
3565 case WC_HASH_TYPE_MD2:
3566 case WC_HASH_TYPE_MD4:
3567 case WC_HASH_TYPE_MD5_SHA:
3568 case WC_HASH_TYPE_BLAKE2B:
3569 case WC_HASH_TYPE_BLAKE2S:
3570 default:
3571 ret = BAD_FUNC_ARG;
3572 break;
3573 }
3574 }
3575 return ret == 0 ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE;
3576 }
3577
3578 /* copies structure in to the structure out
3579 *
3580 * returns WOLFSSL_SUCCESS on success */
3581 int wolfSSL_EVP_MD_CTX_copy_ex(WOLFSSL_EVP_MD_CTX *out, const WOLFSSL_EVP_MD_CTX *in)
3582 {
3583 if ((out == NULL) || (in == NULL)) return WOLFSSL_FAILURE;
3584 WOLFSSL_ENTER("EVP_CIPHER_MD_CTX_copy_ex");
3585 XMEMCPY(out, in, sizeof(WOLFSSL_EVP_MD_CTX));
3586 if (in->pctx != NULL) {
3587 out->pctx = wolfSSL_EVP_PKEY_CTX_new(in->pctx->pkey, NULL);
3588 if (out->pctx == NULL)
3589 return WOLFSSL_FAILURE;
3590 }
3591 return wolfSSL_EVP_MD_Copy_Hasher(out, (WOLFSSL_EVP_MD_CTX*)in);
3592 }
3593
3594 void wolfSSL_EVP_MD_CTX_init(WOLFSSL_EVP_MD_CTX* ctx)
3595 {
3596 WOLFSSL_ENTER("EVP_CIPHER_MD_CTX_init");
3597 XMEMSET(ctx, 0, sizeof(WOLFSSL_EVP_MD_CTX));
3598 }
3599
3600 const WOLFSSL_EVP_MD *wolfSSL_EVP_MD_CTX_md(const WOLFSSL_EVP_MD_CTX *ctx)
3601 {
3602 const struct s_ent *ent;
3603 if (ctx == NULL)
3604 return NULL;
3605 WOLFSSL_ENTER("EVP_MD_CTX_md");
3606 if (ctx->isHMAC) {
3607 return "HMAC";
3608 }
3609 for(ent = md_tbl; ent->name != NULL; ent++) {
3610 if(ctx->macType == ent->macType) {
3611 return (const WOLFSSL_EVP_MD *)ent->name;
3612 }
3613 }
3614 return (WOLFSSL_EVP_MD *)NULL;
3615 }
3616
3617 #ifndef NO_AES
3618
3619 #ifdef HAVE_AES_CBC
3620 #ifdef WOLFSSL_AES_128
3621 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_cbc(void)
3622 {
3623 WOLFSSL_ENTER("wolfSSL_EVP_aes_128_cbc");
3624 return EVP_AES_128_CBC;
3625 }
3626 #endif /* WOLFSSL_AES_128 */
3627
3628
3629 #ifdef WOLFSSL_AES_192
3630 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_cbc(void)
3631 {
3632 WOLFSSL_ENTER("wolfSSL_EVP_aes_192_cbc");
3633 return EVP_AES_192_CBC;
3634 }
3635 #endif /* WOLFSSL_AES_192 */
3636
3637
3638 #ifdef WOLFSSL_AES_256
3639 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_cbc(void)
3640 {
3641 WOLFSSL_ENTER("wolfSSL_EVP_aes_256_cbc");
3642 return EVP_AES_256_CBC;
3643 }
3644 #endif /* WOLFSSL_AES_256 */
3645 #endif /* HAVE_AES_CBC */
3646
3647 #ifdef WOLFSSL_AES_CFB
3648#if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
3649 #ifdef WOLFSSL_AES_128
3650 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_cfb1(void)
3651 {
3652 WOLFSSL_ENTER("wolfSSL_EVP_aes_128_cfb1");
3653 return EVP_AES_128_CFB1;
3654 }
3655 #endif /* WOLFSSL_AES_128 */
3656
3657 #ifdef WOLFSSL_AES_192
3658 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_cfb1(void)
3659 {
3660 WOLFSSL_ENTER("wolfSSL_EVP_aes_192_cfb1");
3661 return EVP_AES_192_CFB1;
3662 }
3663 #endif /* WOLFSSL_AES_192 */
3664
3665 #ifdef WOLFSSL_AES_256
3666 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_cfb1(void)
3667 {
3668 WOLFSSL_ENTER("wolfSSL_EVP_aes_256_cfb1");
3669 return EVP_AES_256_CFB1;
3670 }
3671 #endif /* WOLFSSL_AES_256 */
3672
3673 #ifdef WOLFSSL_AES_128
3674 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_cfb8(void)
3675 {
3676 WOLFSSL_ENTER("wolfSSL_EVP_aes_128_cfb8");
3677 return EVP_AES_128_CFB8;
3678 }
3679 #endif /* WOLFSSL_AES_128 */
3680
3681 #ifdef WOLFSSL_AES_192
3682 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_cfb8(void)
3683 {
3684 WOLFSSL_ENTER("wolfSSL_EVP_aes_192_cfb8");
3685 return EVP_AES_192_CFB8;
3686 }
3687 #endif /* WOLFSSL_AES_192 */
3688
3689 #ifdef WOLFSSL_AES_256
3690 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_cfb8(void)
3691 {
3692 WOLFSSL_ENTER("wolfSSL_EVP_aes_256_cfb8");
3693 return EVP_AES_256_CFB8;
3694 }
3695 #endif /* WOLFSSL_AES_256 */
3696#endif /* !HAVE_SELFTEST && !HAVE_FIPS */
3697
3698 #ifdef WOLFSSL_AES_128
3699 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_cfb128(void)
3700 {
3701 WOLFSSL_ENTER("wolfSSL_EVP_aes_128_cfb128");
3702 return EVP_AES_128_CFB128;
3703 }
3704 #endif /* WOLFSSL_AES_128 */
3705
3706 #ifdef WOLFSSL_AES_192
3707 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_cfb128(void)
3708 {
3709 WOLFSSL_ENTER("wolfSSL_EVP_aes_192_cfb128");
3710 return EVP_AES_192_CFB128;
3711 }
3712 #endif /* WOLFSSL_AES_192 */
3713
3714 #ifdef WOLFSSL_AES_256
3715 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_cfb128(void)
3716 {
3717 WOLFSSL_ENTER("wolfSSL_EVP_aes_256_cfb128");
3718 return EVP_AES_256_CFB128;
3719 }
3720 #endif /* WOLFSSL_AES_256 */
3721 #endif /* WOLFSSL_AES_CFB */
3722
3723 #ifdef WOLFSSL_AES_OFB
3724 #ifdef WOLFSSL_AES_128
3725 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_ofb(void)
3726 {
3727 WOLFSSL_ENTER("wolfSSL_EVP_aes_128_ofb");
3728 return EVP_AES_128_OFB;
3729 }
3730 #endif /* WOLFSSL_AES_128 */
3731
3732 #ifdef WOLFSSL_AES_192
3733 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_ofb(void)
3734 {
3735 WOLFSSL_ENTER("wolfSSL_EVP_aes_192_ofb");
3736 return EVP_AES_192_OFB;
3737 }
3738 #endif /* WOLFSSL_AES_192 */
3739
3740 #ifdef WOLFSSL_AES_256
3741 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_ofb(void)
3742 {
3743 WOLFSSL_ENTER("wolfSSL_EVP_aes_256_ofb");
3744 return EVP_AES_256_OFB;
3745 }
3746 #endif /* WOLFSSL_AES_256 */
3747 #endif /* WOLFSSL_AES_OFB */
3748
3749 #ifdef WOLFSSL_AES_XTS
3750 #ifdef WOLFSSL_AES_128
3751 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_xts(void)
3752 {
3753 WOLFSSL_ENTER("wolfSSL_EVP_aes_128_xts");
3754 return EVP_AES_128_XTS;
3755 }
3756 #endif /* WOLFSSL_AES_128 */
3757
3758 #ifdef WOLFSSL_AES_256
3759 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_xts(void)
3760 {
3761 WOLFSSL_ENTER("wolfSSL_EVP_aes_256_xts");
3762 return EVP_AES_256_XTS;
3763 }
3764 #endif /* WOLFSSL_AES_256 */
3765 #endif /* WOLFSSL_AES_XTS */
3766
3767 #ifdef HAVE_AESGCM
3768 #ifdef WOLFSSL_AES_128
3769 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_gcm(void)
3770 {
3771 WOLFSSL_ENTER("wolfSSL_EVP_aes_128_gcm");
3772 return EVP_AES_128_GCM;
3773 }
3774 #endif /* WOLFSSL_GCM_128 */
3775
3776 #ifdef WOLFSSL_AES_192
3777 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_gcm(void)
3778 {
3779 WOLFSSL_ENTER("wolfSSL_EVP_aes_192_gcm");
3780 return EVP_AES_192_GCM;
3781 }
3782 #endif /* WOLFSSL_AES_192 */
3783
3784 #ifdef WOLFSSL_AES_256
3785 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_gcm(void)
3786 {
3787 WOLFSSL_ENTER("wolfSSL_EVP_aes_256_gcm");
3788 return EVP_AES_256_GCM;
3789 }
3790 #endif /* WOLFSSL_AES_256 */
3791 #endif /* HAVE_AESGCM */
3792
3793 #ifdef WOLFSSL_AES_COUNTER
3794 #ifdef WOLFSSL_AES_128
3795 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_ctr(void)
3796 {
3797 WOLFSSL_ENTER("wolfSSL_EVP_aes_128_ctr");
3798 return EVP_AES_128_CTR;
3799 }
3800 #endif /* WOLFSSL_AES_2128 */
3801
3802
3803 #ifdef WOLFSSL_AES_192
3804 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_ctr(void)
3805 {
3806 WOLFSSL_ENTER("wolfSSL_EVP_aes_192_ctr");
3807 return EVP_AES_192_CTR;
3808 }
3809 #endif /* WOLFSSL_AES_192 */
3810
3811
3812 #ifdef WOLFSSL_AES_256
3813 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_ctr(void)
3814 {
3815 WOLFSSL_ENTER("wolfSSL_EVP_aes_256_ctr");
3816 return EVP_AES_256_CTR;
3817 }
3818 #endif /* WOLFSSL_AES_256 */
3819 #endif /* WOLFSSL_AES_COUNTER */
3820
3821 #ifdef HAVE_AES_ECB
3822 #ifdef WOLFSSL_AES_128
3823 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_ecb(void)
3824 {
3825 WOLFSSL_ENTER("wolfSSL_EVP_aes_128_ecb");
3826 return EVP_AES_128_ECB;
3827 }
3828 #endif /* WOLFSSL_AES_128 */
3829
3830
3831 #ifdef WOLFSSL_AES_192
3832 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_ecb(void)
3833 {
3834 WOLFSSL_ENTER("wolfSSL_EVP_aes_192_ecb");
3835 return EVP_AES_192_ECB;
3836 }
3837 #endif /* WOLFSSL_AES_192*/
3838
3839
3840 #ifdef WOLFSSL_AES_256
3841 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_ecb(void)
3842 {
3843 WOLFSSL_ENTER("wolfSSL_EVP_aes_256_ecb");
3844 return EVP_AES_256_ECB;
3845 }
3846 #endif /* WOLFSSL_AES_256 */
3847 #endif /* HAVE_AES_ECB */
3848 #endif /* NO_AES */
3849
3850#ifndef NO_DES3
3851 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_cbc(void)
3852 {
3853 WOLFSSL_ENTER("wolfSSL_EVP_des_cbc");
3854 return EVP_DES_CBC;
3855 }
3856#ifdef WOLFSSL_DES_ECB
3857 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_ecb(void)
3858 {
3859 WOLFSSL_ENTER("wolfSSL_EVP_des_ecb");
3860 return EVP_DES_ECB;
3861 }
3862#endif
3863 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_ede3_cbc(void)
3864 {
3865 WOLFSSL_ENTER("wolfSSL_EVP_des_ede3_cbc");
3866 return EVP_DES_EDE3_CBC;
3867 }
3868#ifdef WOLFSSL_DES_ECB
3869 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_ede3_ecb(void)
3870 {
3871 WOLFSSL_ENTER("wolfSSL_EVP_des_ede3_ecb");
3872 return EVP_DES_EDE3_ECB;
3873 }
3874#endif
3875#endif /* NO_DES3 */
3876
3877#ifndef NO_RC4
3878 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_rc4(void)
3879 {
3880 WOLFSSL_ENTER("wolfSSL_EVP_rc4");
3881 return EVP_ARC4;
3882 }
3883#endif
3884
3885#ifdef HAVE_IDEA
3886 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_idea_cbc(void)
3887 {
3888 WOLFSSL_ENTER("wolfSSL_EVP_idea_cbc");
3889 return EVP_IDEA_CBC;
3890 }
3891#endif
3892 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_enc_null(void)
3893 {
3894 WOLFSSL_ENTER("wolfSSL_EVP_enc_null");
3895 return EVP_NULL;
3896 }
3897
3898 int wolfSSL_EVP_MD_CTX_cleanup(WOLFSSL_EVP_MD_CTX* ctx)
3899 {
3900 int ret = WOLFSSL_SUCCESS;
3901 WOLFSSL_ENTER("EVP_MD_CTX_cleanup");
3902 if (ctx->pctx != NULL)
3903 wolfSSL_EVP_PKEY_CTX_free(ctx->pctx);
3904
3905 if (ctx->isHMAC) {
3906 wc_HmacFree(&ctx->hash.hmac);
3907 }
3908 else {
3909 switch (ctx->macType) {
3910 case WC_HASH_TYPE_MD5:
3911 #ifndef NO_MD5
3912 wc_Md5Free((wc_Md5*)&ctx->hash.digest);
3913 #endif /* !NO_MD5 */
3914 break;
3915 case WC_HASH_TYPE_SHA:
3916 #ifndef NO_SHA
3917 wc_ShaFree((wc_Sha*)&ctx->hash.digest);
3918 #endif /* !NO_SHA */
3919 break;
3920 case WC_HASH_TYPE_SHA224:
3921 #ifdef WOLFSSL_SHA224
3922 wc_Sha224Free((wc_Sha224*)&ctx->hash.digest);
3923 #endif /* WOLFSSL_SHA224 */
3924 break;
3925 case WC_HASH_TYPE_SHA256:
3926 #ifndef NO_SHA256
3927 wc_Sha256Free((wc_Sha256*)&ctx->hash.digest);
3928 #endif /* !NO_SHA256 */
3929 break;
3930 case WC_HASH_TYPE_SHA384:
3931 #ifdef WOLFSSL_SHA384
3932 wc_Sha384Free((wc_Sha384*)&ctx->hash.digest);
3933 #endif /* WOLFSSL_SHA384 */
3934 break;
3935 case WC_HASH_TYPE_SHA512:
3936 #ifdef WOLFSSL_SHA512
3937 wc_Sha512Free((wc_Sha512*)&ctx->hash.digest);
3938 #endif /* WOLFSSL_SHA512 */
3939 break;
3940 case WC_HASH_TYPE_SHA3_224:
3941 #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
3942 wc_Sha3_224_Free((wc_Sha3*)&ctx->hash.digest);
3943 #endif
3944 break;
3945 case WC_HASH_TYPE_SHA3_256:
3946 #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
3947 wc_Sha3_256_Free((wc_Sha3*)&ctx->hash.digest);
3948 #endif
3949 break;
3950 case WC_HASH_TYPE_SHA3_384:
3951 #if defined(WOLFSSL_SHA3)
3952 wc_Sha3_384_Free((wc_Sha3*)&ctx->hash.digest);
3953 #endif
3954 break;
3955 case WC_HASH_TYPE_SHA3_512:
3956 #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512)
3957 wc_Sha3_512_Free((wc_Sha3*)&ctx->hash.digest);
3958 #endif
3959 break;
3960 case WC_HASH_TYPE_NONE:
3961 case WC_HASH_TYPE_MD2:
3962 case WC_HASH_TYPE_MD4:
3963 case WC_HASH_TYPE_MD5_SHA:
3964 case WC_HASH_TYPE_BLAKE2B:
3965 case WC_HASH_TYPE_BLAKE2S:
3966 default:
3967 ret = WOLFSSL_FAILURE;
3968 break;
3969 }
3970 }
3971 ForceZero(ctx, sizeof(*ctx));
3972 ctx->macType = WC_HASH_TYPE_NONE;
3973 return ret;
3974 }
3975
3976 void wolfSSL_EVP_CIPHER_CTX_init(WOLFSSL_EVP_CIPHER_CTX* ctx)
3977 {
3978 WOLFSSL_ENTER("EVP_CIPHER_CTX_init");
3979 if (ctx) {
3980 XMEMSET(ctx, 0, sizeof(WOLFSSL_EVP_CIPHER_CTX));
3981 ctx->cipherType = WOLFSSL_EVP_CIPH_TYPE_INIT; /* not yet initialized */
3982 ctx->keyLen = 0;
3983 ctx->enc = 1; /* start in encrypt mode */
3984 }
3985 }
3986
3987#if defined(HAVE_AESGCM) && !defined(HAVE_SELFTEST)
3988 static WC_INLINE void IncCtr(byte* ctr, word32 ctrSz)
3989 {
3990 int i;
3991 for (i = ctrSz-1; i >= 0; i--) {
3992 if (++ctr[i])
3993 break;
3994 }
3995 }
3996#endif
3997
3998 /* This function allows cipher specific parameters to be
3999 determined and set. */
4000 int wolfSSL_EVP_CIPHER_CTX_ctrl(WOLFSSL_EVP_CIPHER_CTX *ctx, int type, \
4001 int arg, void *ptr)
4002 {
4003 int ret = WOLFSSL_FAILURE;
4004#if defined(HAVE_AESGCM) && !defined(HAVE_SELFTEST) && !defined(WC_NO_RNG)
4005 WC_RNG rng;
4006#endif
4007 if (ctx == NULL)
4008 return WOLFSSL_FAILURE;
4009
4010 (void)arg;
4011 (void)ptr;
4012
4013 WOLFSSL_ENTER("EVP_CIPHER_CTX_ctrl");
4014
4015 switch(type) {
4016 case EVP_CTRL_INIT:
4017 wolfSSL_EVP_CIPHER_CTX_init(ctx);
4018 if(ctx)
4019 ret = WOLFSSL_SUCCESS;
4020 break;
4021 case EVP_CTRL_SET_KEY_LENGTH:
4022 ret = wolfSSL_EVP_CIPHER_CTX_set_key_length(ctx, arg);
4023 break;
4024#if defined(HAVE_AESGCM) && !defined(HAVE_SELFTEST) && !defined(WC_NO_RNG)
4025 case EVP_CTRL_GCM_SET_IVLEN:
4026 if(arg <= 0 || arg > 16)
4027 return WOLFSSL_FAILURE;
4028 ret = wolfSSL_EVP_CIPHER_CTX_set_iv_length(ctx, arg);
4029 break;
4030 case EVP_CTRL_AEAD_SET_IV_FIXED:
4031 if (arg == -1) {
4032 /* arg == -1 copies ctx->ivSz from ptr */
4033 ret = wolfSSL_EVP_CIPHER_CTX_set_iv(ctx, (byte*)ptr, ctx->ivSz);
4034 }
4035 else {
4036 /*
4037 * Fixed field must be at least 4 bytes and invocation
4038 * field at least 8.
4039 */
4040 if ((arg < 4) || (ctx->ivSz - arg) < 8) {
4041 WOLFSSL_MSG("Fixed field or invocation field too short");
4042 ret = WOLFSSL_FAILURE;
4043 break;
4044 }
4045 if (wc_InitRng(&rng) != 0) {
4046 WOLFSSL_MSG("wc_InitRng failed");
4047 ret = WOLFSSL_FAILURE;
4048 break;
4049 }
4050 if (arg) {
4051 XMEMCPY(ctx->iv, ptr, arg);
4052 }
4053 if (wc_RNG_GenerateBlock(&rng, ctx->iv + arg,
4054 ctx->ivSz - arg) != 0) {
4055 /* rng is freed immediately after if block so no need
4056 * to do it here
4057 */
4058 WOLFSSL_MSG("wc_RNG_GenerateBlock failed");
4059 ret = WOLFSSL_FAILURE;
4060 }
4061
4062 if (wc_FreeRng(&rng) != 0) {
4063 WOLFSSL_MSG("wc_FreeRng failed");
4064 ret = WOLFSSL_FAILURE;
4065 break;
4066 }
4067 }
4068 break;
4069#if !defined(_WIN32) && !defined(HAVE_FIPS)
4070 case EVP_CTRL_GCM_IV_GEN:
4071 if (ctx->cipher.aes.keylen == 0 || ctx->ivSz == 0) {
4072 ret = WOLFSSL_FAILURE;
4073 WOLFSSL_MSG("Key or IV not set");
4074 break;
4075 }
4076 if ((ret = wc_AesGcmSetExtIV(&ctx->cipher.aes, ctx->iv, ctx->ivSz)) != 0) {
4077 WOLFSSL_MSG("wc_AesGcmSetIV failed");
4078 ret = WOLFSSL_FAILURE;
4079 }
4080 /* OpenSSL increments the IV. Not sure why */
4081 IncCtr(ctx->iv, ctx->ivSz);
4082 break;
4083#endif
4084 case EVP_CTRL_AEAD_SET_TAG:
4085 if(arg <= 0 || arg > 16 || (ptr == NULL))
4086 return WOLFSSL_FAILURE;
4087
4088 XMEMCPY(ctx->authTag, ptr, arg);
4089 ctx->authTagSz = arg;
4090 ret = WOLFSSL_SUCCESS;
4091
4092 break;
4093 case EVP_CTRL_AEAD_GET_TAG:
4094 if(arg <= 0 || arg > 16)
4095 return WOLFSSL_FAILURE;
4096
4097 XMEMCPY(ptr, ctx->authTag, arg);
4098 ret = WOLFSSL_SUCCESS;
4099 break;
4100#endif /* HAVE_AESGCM && !HAVE_SELFTEST && !WC_NO_RNG */
4101 default:
4102 WOLFSSL_MSG("EVP_CIPHER_CTX_ctrl operation not yet handled");
4103 ret = WOLFSSL_FAILURE;
4104 }
4105 return ret;
4106 }
4107
4108 /* WOLFSSL_SUCCESS on ok */
4109 int wolfSSL_EVP_CIPHER_CTX_cleanup(WOLFSSL_EVP_CIPHER_CTX* ctx)
4110 {
4111 WOLFSSL_ENTER("EVP_CIPHER_CTX_cleanup");
4112 if (ctx) {
4113 ctx->cipherType = WOLFSSL_EVP_CIPH_TYPE_INIT; /* not yet initialized */
4114 ctx->keyLen = 0;
4115#ifdef HAVE_AESGCM
4116 if (ctx->gcmBuffer) {
4117 XFREE(ctx->gcmBuffer, NULL, DYNAMIC_TYPE_OPENSSL);
4118 ctx->gcmBuffer = NULL;
4119 }
4120 ctx->gcmBufferLen = 0;
4121 if (ctx->gcmAuthIn) {
4122 XFREE(ctx->gcmAuthIn, NULL, DYNAMIC_TYPE_OPENSSL);
4123 ctx->gcmAuthIn = NULL;
4124 }
4125 ctx->gcmAuthInSz = 0;
4126#endif
4127 }
4128
4129 return WOLFSSL_SUCCESS;
4130 }
4131
4132 /* Permanent stub for Qt compilation. */
4133 #if defined(WOLFSSL_QT) && !defined(NO_WOLFSSL_STUB)
4134 const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_rc2_cbc(void)
4135 {
4136 WOLFSSL_ENTER("wolfSSL_EVP_rc2_cbc");
4137 WOLFSSL_STUB("EVP_rc2_cbc");
4138 return NULL;
4139 }
4140 #endif
4141
4142#if defined(WOLFSSL_ENCRYPTED_KEYS) && !defined(NO_PWDBASED)
4143
4144 int wolfSSL_EVP_BytesToKey(const WOLFSSL_EVP_CIPHER* type,
4145 const WOLFSSL_EVP_MD* md, const byte* salt,
4146 const byte* data, int sz, int count, byte* key, byte* iv)
4147 {
4148 int ret;
4149 int hashType = WC_HASH_TYPE_NONE;
4150 #ifdef WOLFSSL_SMALL_STACK
4151 EncryptedInfo* info;
4152 #else
4153 EncryptedInfo info[1];
4154 #endif
4155
4156 #ifdef WOLFSSL_SMALL_STACK
4157 info = (EncryptedInfo*)XMALLOC(sizeof(EncryptedInfo), NULL,
4158 DYNAMIC_TYPE_ENCRYPTEDINFO);
4159 if (info == NULL) {
4160 WOLFSSL_MSG("malloc failed");
4161 return WOLFSSL_FAILURE;
4162 }
4163 #endif
4164
4165 XMEMSET(info, 0, sizeof(EncryptedInfo));
4166
4167 ret = wc_EncryptedInfoGet(info, type);
4168 if (ret < 0)
4169 goto end;
4170
4171 if (data == NULL) {
4172 ret = info->keySz;
4173 goto end;
4174 }
4175
4176 ret = wolfSSL_EVP_get_hashinfo(md, &hashType, NULL);
4177 if (ret == WOLFSSL_FAILURE)
4178 goto end;
4179
4180 ret = wc_PBKDF1_ex(key, info->keySz, iv, info->ivSz, data, sz, salt,
4181 EVP_SALT_SIZE, count, hashType, NULL);
4182 if (ret == 0)
4183 ret = info->keySz;
4184
4185 end:
4186 #ifdef WOLFSSL_SMALL_STACK
4187 XFREE(info, NULL, DYNAMIC_TYPE_ENCRYPTEDINFO);
4188 #endif
4189 if (ret < 0)
4190 return 0; /* failure - for compatibility */
4191
4192 return ret;
4193 }
4194
4195#endif /* WOLFSSL_ENCRYPTED_KEYS && !NO_PWDBASED */
4196
4197
4198#ifndef NO_AES
4199#if defined(WOLFSSL_AES_128) || defined(WOLFSSL_AES_192) || \
4200 defined(WOLFSSL_AES_256)
4201 #define AES_SIZE_ANY
4202#endif
4203
4204#if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_COUNTER) || \
4205 defined(HAVE_AES_ECB) || defined(WOLFSSL_AES_CFB) || \
4206 defined(WOLFSSSL_AES_OFB)
4207 #define AES_SET_KEY
4208#endif
4209
4210#if defined(AES_SIZE_ANY) && defined(AES_SET_KEY)
4211 static int AesSetKey_ex(Aes* aes, const byte* key, word32 len,
4212 const byte* iv, int dir, int direct)
4213 {
4214 int ret;
4215 /* wc_AesSetKey clear aes.reg if iv == NULL.
4216 Keep IV for openSSL compatibility */
4217 if (iv == NULL)
4218 XMEMCPY((byte *)aes->tmp, (byte *)aes->reg, AES_BLOCK_SIZE);
4219 if (direct) {
4220 #if defined(WOLFSSL_AES_DIRECT)
4221 ret = wc_AesSetKeyDirect(aes, key, len, iv, dir);
4222 #else
4223 ret = NOT_COMPILED_IN;
4224 #endif
4225 }
4226 else {
4227 ret = wc_AesSetKey(aes, key, len, iv, dir);
4228 }
4229 if (iv == NULL)
4230 XMEMCPY((byte *)aes->reg, (byte *)aes->tmp, AES_BLOCK_SIZE);
4231 return ret;
4232 }
4233#endif /* AES_ANY_SIZE && AES_SET_KEY */
4234#endif /* NO_AES */
4235
4236 /* return WOLFSSL_SUCCESS on ok, 0 on failure to match API compatibility */
4237 int wolfSSL_EVP_CipherInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
4238 const WOLFSSL_EVP_CIPHER* type, const byte* key,
4239 const byte* iv, int enc)
4240 {
4241 int ret = 0;
4242 (void)key;
4243 (void)iv;
4244 (void)enc;
4245
4246 WOLFSSL_ENTER("wolfSSL_EVP_CipherInit");
4247 if (ctx == NULL) {
4248 WOLFSSL_MSG("no ctx");
4249 return WOLFSSL_FAILURE;
4250 }
4251
4252 if (type == NULL && ctx->cipherType == WOLFSSL_EVP_CIPH_TYPE_INIT) {
4253 WOLFSSL_MSG("no type set");
4254 return WOLFSSL_FAILURE;
4255 }
4256 if (ctx->cipherType == WOLFSSL_EVP_CIPH_TYPE_INIT){
4257 /* only first EVP_CipherInit invoke. ctx->cipherType is set below */
4258 XMEMSET(&ctx->cipher, 0, sizeof(ctx->cipher));
4259 ctx->flags = 0;
4260 }
4261 /* always clear buffer state */
4262 ctx->bufUsed = 0;
4263 ctx->lastUsed = 0;
4264
4265#ifdef HAVE_WOLFSSL_EVP_CIPHER_CTX_IV
4266 if (!iv && ctx->ivSz) {
4267 iv = ctx->iv;
4268 }
4269#endif
4270#ifdef HAVE_AESGCM
4271 if (ctx->gcmAuthIn) {
4272 XFREE(ctx->gcmAuthIn, NULL, DYNAMIC_TYPE_OPENSSL);
4273 ctx->gcmAuthIn = NULL;
4274 }
4275 ctx->gcmAuthInSz = 0;
4276#endif
4277
4278#ifndef NO_AES
4279 #ifdef HAVE_AES_CBC
4280 #ifdef WOLFSSL_AES_128
4281 if (ctx->cipherType == AES_128_CBC_TYPE ||
4282 (type && XSTRNCMP(type, EVP_AES_128_CBC, EVP_AES_SIZE) == 0)) {
4283 WOLFSSL_MSG("EVP_AES_128_CBC");
4284 ctx->cipherType = AES_128_CBC_TYPE;
4285 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4286 ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE;
4287 ctx->keyLen = 16;
4288 ctx->block_size = AES_BLOCK_SIZE;
4289 ctx->ivSz = AES_BLOCK_SIZE;
4290 if (enc == 0 || enc == 1)
4291 ctx->enc = enc ? 1 : 0;
4292 if (key) {
4293 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4294 ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 0);
4295 if (ret != 0)
4296 return WOLFSSL_FAILURE;
4297 }
4298 if (iv && key == NULL) {
4299 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4300 if (ret != 0)
4301 return WOLFSSL_FAILURE;
4302 }
4303 }
4304 #endif /* WOLFSSL_AES_128 */
4305 #ifdef WOLFSSL_AES_192
4306 if (ctx->cipherType == AES_192_CBC_TYPE ||
4307 (type && XSTRNCMP(type, EVP_AES_192_CBC, EVP_AES_SIZE) == 0)) {
4308 WOLFSSL_MSG("EVP_AES_192_CBC");
4309 ctx->cipherType = AES_192_CBC_TYPE;
4310 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4311 ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE;
4312 ctx->keyLen = 24;
4313 ctx->block_size = AES_BLOCK_SIZE;
4314 ctx->ivSz = AES_BLOCK_SIZE;
4315 if (enc == 0 || enc == 1)
4316 ctx->enc = enc ? 1 : 0;
4317 if (key) {
4318 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4319 ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 0);
4320 if (ret != 0)
4321 return WOLFSSL_FAILURE;
4322 }
4323 if (iv && key == NULL) {
4324 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4325 if (ret != 0)
4326 return WOLFSSL_FAILURE;
4327 }
4328 }
4329 #endif /* WOLFSSL_AES_192 */
4330 #ifdef WOLFSSL_AES_256
4331 if (ctx->cipherType == AES_256_CBC_TYPE ||
4332 (type && XSTRNCMP(type, EVP_AES_256_CBC, EVP_AES_SIZE) == 0)) {
4333 WOLFSSL_MSG("EVP_AES_256_CBC");
4334 ctx->cipherType = AES_256_CBC_TYPE;
4335 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4336 ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE;
4337 ctx->keyLen = 32;
4338 ctx->block_size = AES_BLOCK_SIZE;
4339 ctx->ivSz = AES_BLOCK_SIZE;
4340 if (enc == 0 || enc == 1)
4341 ctx->enc = enc ? 1 : 0;
4342 if (key) {
4343 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4344 ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 0);
4345 if (ret != 0){
4346 WOLFSSL_MSG("AesSetKey() failed");
4347 return WOLFSSL_FAILURE;
4348 }
4349 }
4350 if (iv && key == NULL) {
4351 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4352 if (ret != 0){
4353 WOLFSSL_MSG("wc_AesSetIV() failed");
4354 return WOLFSSL_FAILURE;
4355 }
4356 }
4357 }
4358 #endif /* WOLFSSL_AES_256 */
4359 #endif /* HAVE_AES_CBC */
4360#if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \
4361 (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
4362 #ifdef HAVE_AESGCM
4363 #ifdef WOLFSSL_AES_128
4364 if (ctx->cipherType == AES_128_GCM_TYPE ||
4365 (type && XSTRNCMP(type, EVP_AES_128_GCM, EVP_AES_SIZE) == 0)) {
4366 WOLFSSL_MSG("EVP_AES_128_GCM");
4367 ctx->cipherType = AES_128_GCM_TYPE;
4368 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4369 ctx->flags |= WOLFSSL_EVP_CIPH_GCM_MODE |
4370 WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER;
4371 ctx->keyLen = 16;
4372 ctx->block_size = AES_BLOCK_SIZE;
4373 ctx->authTagSz = AES_BLOCK_SIZE;
4374 ctx->ivSz = GCM_NONCE_MID_SZ;
4375
4376 if (key && wc_AesGcmSetKey(&ctx->cipher.aes, key, ctx->keyLen)) {
4377 WOLFSSL_MSG("wc_AesGcmSetKey() failed");
4378 return WOLFSSL_FAILURE;
4379 }
4380 if (iv && wc_AesGcmSetExtIV(&ctx->cipher.aes, iv, GCM_NONCE_MID_SZ)) {
4381 WOLFSSL_MSG("wc_AesGcmSetExtIV() failed");
4382 return WOLFSSL_FAILURE;
4383 }
4384 if (enc == 0 || enc == 1)
4385 ctx->enc = enc ? 1 : 0;
4386 }
4387 #endif /* WOLFSSL_AES_128 */
4388 #ifdef WOLFSSL_AES_192
4389 if (ctx->cipherType == AES_192_GCM_TYPE ||
4390 (type && XSTRNCMP(type, EVP_AES_192_GCM, EVP_AES_SIZE) == 0)) {
4391 WOLFSSL_MSG("EVP_AES_192_GCM");
4392 ctx->cipherType = AES_192_GCM_TYPE;
4393 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4394 ctx->flags |= WOLFSSL_EVP_CIPH_GCM_MODE |
4395 WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER;
4396 ctx->keyLen = 24;
4397 ctx->block_size = AES_BLOCK_SIZE;
4398 ctx->authTagSz = AES_BLOCK_SIZE;
4399 ctx->ivSz = GCM_NONCE_MID_SZ;
4400
4401 if (key && wc_AesGcmSetKey(&ctx->cipher.aes, key, ctx->keyLen)) {
4402 WOLFSSL_MSG("wc_AesGcmSetKey() failed");
4403 return WOLFSSL_FAILURE;
4404 }
4405 if (iv && wc_AesGcmSetExtIV(&ctx->cipher.aes, iv, GCM_NONCE_MID_SZ)) {
4406 WOLFSSL_MSG("wc_AesGcmSetExtIV() failed");
4407 return WOLFSSL_FAILURE;
4408 }
4409 if (enc == 0 || enc == 1)
4410 ctx->enc = enc ? 1 : 0;
4411 }
4412 #endif /* WOLFSSL_AES_192 */
4413 #ifdef WOLFSSL_AES_256
4414 if (ctx->cipherType == AES_256_GCM_TYPE ||
4415 (type && XSTRNCMP(type, EVP_AES_256_GCM, EVP_AES_SIZE) == 0)) {
4416 WOLFSSL_MSG("EVP_AES_256_GCM");
4417 ctx->cipherType = AES_256_GCM_TYPE;
4418 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4419 ctx->flags |= WOLFSSL_EVP_CIPH_GCM_MODE |
4420 WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER;
4421 ctx->keyLen = 32;
4422 ctx->block_size = AES_BLOCK_SIZE;
4423 ctx->authTagSz = AES_BLOCK_SIZE;
4424 ctx->ivSz = GCM_NONCE_MID_SZ;
4425
4426 if (key && wc_AesGcmSetKey(&ctx->cipher.aes, key, ctx->keyLen)) {
4427 WOLFSSL_MSG("wc_AesGcmSetKey() failed");
4428 return WOLFSSL_FAILURE;
4429 }
4430 if (iv && wc_AesGcmSetExtIV(&ctx->cipher.aes, iv, GCM_NONCE_MID_SZ)) {
4431 WOLFSSL_MSG("wc_AesGcmSetExtIV() failed");
4432 return WOLFSSL_FAILURE;
4433 }
4434 if (enc == 0 || enc == 1)
4435 ctx->enc = enc ? 1 : 0;
4436 }
4437 #endif /* WOLFSSL_AES_256 */
4438 #endif /* HAVE_AESGCM */
4439#endif /*!HAVE_FIPS && !HAVE_SELFTEST ||(HAVE_FIPS_VERSION && HAVE_FIPS_VERSION > 2)*/
4440#ifdef WOLFSSL_AES_COUNTER
4441 #ifdef WOLFSSL_AES_128
4442 if (ctx->cipherType == AES_128_CTR_TYPE ||
4443 (type && XSTRNCMP(type, EVP_AES_128_CTR, EVP_AES_SIZE) == 0)) {
4444 WOLFSSL_MSG("EVP_AES_128_CTR");
4445 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4446 ctx->cipherType = AES_128_CTR_TYPE;
4447 ctx->flags |= WOLFSSL_EVP_CIPH_CTR_MODE;
4448 ctx->keyLen = 16;
4449 ctx->block_size = NO_PADDING_BLOCK_SIZE;
4450 ctx->ivSz = AES_BLOCK_SIZE;
4451#if defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_CFB)
4452 ctx->cipher.aes.left = 0;
4453#endif
4454 if (enc == 0 || enc == 1)
4455 ctx->enc = enc ? 1 : 0;
4456 if (key) {
4457 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4458 AES_ENCRYPTION, 1);
4459 if (ret != 0)
4460 return WOLFSSL_FAILURE;
4461 }
4462 if (iv && key == NULL) {
4463 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4464 if (ret != 0)
4465 return WOLFSSL_FAILURE;
4466 }
4467 }
4468 #endif /* WOLFSSL_AES_128 */
4469 #ifdef WOLFSSL_AES_192
4470 if (ctx->cipherType == AES_192_CTR_TYPE ||
4471 (type && XSTRNCMP(type, EVP_AES_192_CTR, EVP_AES_SIZE) == 0)) {
4472 WOLFSSL_MSG("EVP_AES_192_CTR");
4473 ctx->cipherType = AES_192_CTR_TYPE;
4474 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4475 ctx->flags |= WOLFSSL_EVP_CIPH_CTR_MODE;
4476 ctx->keyLen = 24;
4477 ctx->block_size = NO_PADDING_BLOCK_SIZE;
4478 ctx->ivSz = AES_BLOCK_SIZE;
4479#if defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_CFB)
4480 ctx->cipher.aes.left = 0;
4481#endif
4482 if (enc == 0 || enc == 1)
4483 ctx->enc = enc ? 1 : 0;
4484 if (key) {
4485 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4486 AES_ENCRYPTION, 1);
4487 if (ret != 0)
4488 return WOLFSSL_FAILURE;
4489 }
4490 if (iv && key == NULL) {
4491 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4492 if (ret != 0)
4493 return WOLFSSL_FAILURE;
4494 }
4495 }
4496 #endif /* WOLFSSL_AES_192 */
4497 #ifdef WOLFSSL_AES_256
4498 if (ctx->cipherType == AES_256_CTR_TYPE ||
4499 (type && XSTRNCMP(type, EVP_AES_256_CTR, EVP_AES_SIZE) == 0)) {
4500 WOLFSSL_MSG("EVP_AES_256_CTR");
4501 ctx->cipherType = AES_256_CTR_TYPE;
4502 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4503 ctx->flags |= WOLFSSL_EVP_CIPH_CTR_MODE;
4504 ctx->keyLen = 32;
4505 ctx->block_size = NO_PADDING_BLOCK_SIZE;
4506 ctx->ivSz = AES_BLOCK_SIZE;
4507#if defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_CFB)
4508 ctx->cipher.aes.left = 0;
4509#endif
4510 if (enc == 0 || enc == 1)
4511 ctx->enc = enc ? 1 : 0;
4512 if (key) {
4513 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4514 AES_ENCRYPTION, 1);
4515 if (ret != 0)
4516 return WOLFSSL_FAILURE;
4517 }
4518 if (iv && key == NULL) {
4519 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4520 if (ret != 0)
4521 return WOLFSSL_FAILURE;
4522 }
4523 }
4524 #endif /* WOLFSSL_AES_256 */
4525#endif /* WOLFSSL_AES_COUNTER */
4526 #ifdef HAVE_AES_ECB
4527 #ifdef WOLFSSL_AES_128
4528 if (ctx->cipherType == AES_128_ECB_TYPE ||
4529 (type && XSTRNCMP(type, EVP_AES_128_ECB, EVP_AES_SIZE) == 0)) {
4530 WOLFSSL_MSG("EVP_AES_128_ECB");
4531 ctx->cipherType = AES_128_ECB_TYPE;
4532 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4533 ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE;
4534 ctx->keyLen = 16;
4535 ctx->block_size = AES_BLOCK_SIZE;
4536 if (enc == 0 || enc == 1)
4537 ctx->enc = enc ? 1 : 0;
4538 if (key) {
4539 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, NULL,
4540 ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 1);
4541 }
4542 if (ret != 0)
4543 return WOLFSSL_FAILURE;
4544 }
4545 #endif /* WOLFSSL_AES_128 */
4546 #ifdef WOLFSSL_AES_192
4547 if (ctx->cipherType == AES_192_ECB_TYPE ||
4548 (type && XSTRNCMP(type, EVP_AES_192_ECB, EVP_AES_SIZE) == 0)) {
4549 WOLFSSL_MSG("EVP_AES_192_ECB");
4550 ctx->cipherType = AES_192_ECB_TYPE;
4551 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4552 ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE;
4553 ctx->keyLen = 24;
4554 ctx->block_size = AES_BLOCK_SIZE;
4555 if (enc == 0 || enc == 1)
4556 ctx->enc = enc ? 1 : 0;
4557 if (key) {
4558 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, NULL,
4559 ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 1);
4560 }
4561 if (ret != 0)
4562 return WOLFSSL_FAILURE;
4563 }
4564 #endif /* WOLFSSL_AES_192 */
4565 #ifdef WOLFSSL_AES_256
4566 if (ctx->cipherType == AES_256_ECB_TYPE ||
4567 (type && XSTRNCMP(type, EVP_AES_256_ECB, EVP_AES_SIZE) == 0)) {
4568 WOLFSSL_MSG("EVP_AES_256_ECB");
4569 ctx->cipherType = AES_256_ECB_TYPE;
4570 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4571 ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE;
4572 ctx->keyLen = 32;
4573 ctx->block_size = AES_BLOCK_SIZE;
4574 if (enc == 0 || enc == 1)
4575 ctx->enc = enc ? 1 : 0;
4576 if (key) {
4577 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, NULL,
4578 ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 1);
4579 }
4580 if (ret != 0)
4581 return WOLFSSL_FAILURE;
4582 }
4583 #endif /* WOLFSSL_AES_256 */
4584 #endif /* HAVE_AES_ECB */
4585 #ifdef WOLFSSL_AES_CFB
4586 #ifdef WOLFSSL_AES_128
4587 if (ctx->cipherType == AES_128_CFB1_TYPE ||
4588 (type && XSTRNCMP(type, EVP_AES_128_CFB1, EVP_AESCFB_SIZE) == 0)) {
4589 WOLFSSL_MSG("EVP_AES_128_CFB1");
4590 ctx->cipherType = AES_128_CFB1_TYPE;
4591 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4592 ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE;
4593 ctx->keyLen = 16;
4594 ctx->block_size = 1;
4595 if (enc == 0 || enc == 1)
4596 ctx->enc = enc ? 1 : 0;
4597 if (key) {
4598 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4599 AES_ENCRYPTION, 0);
4600 if (ret != 0)
4601 return WOLFSSL_FAILURE;
4602 }
4603 if (iv && key == NULL) {
4604 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4605 if (ret != 0)
4606 return WOLFSSL_FAILURE;
4607 }
4608 }
4609 #endif /* WOLFSSL_AES_128 */
4610 #ifdef WOLFSSL_AES_192
4611 if (ctx->cipherType == AES_192_CFB1_TYPE ||
4612 (type && XSTRNCMP(type, EVP_AES_192_CFB1, EVP_AESCFB_SIZE) == 0)) {
4613 WOLFSSL_MSG("EVP_AES_192_CFB1");
4614 ctx->cipherType = AES_192_CFB1_TYPE;
4615 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4616 ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE;
4617 ctx->keyLen = 24;
4618 ctx->block_size = 1;
4619 if (enc == 0 || enc == 1)
4620 ctx->enc = enc ? 1 : 0;
4621 if (key) {
4622 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4623 AES_ENCRYPTION, 0);
4624 if (ret != 0)
4625 return WOLFSSL_FAILURE;
4626 }
4627 if (iv && key == NULL) {
4628 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4629 if (ret != 0)
4630 return WOLFSSL_FAILURE;
4631 }
4632 }
4633 #endif /* WOLFSSL_AES_192 */
4634 #ifdef WOLFSSL_AES_256
4635 if (ctx->cipherType == AES_256_CFB1_TYPE ||
4636 (type && XSTRNCMP(type, EVP_AES_256_CFB1, EVP_AESCFB_SIZE) == 0)) {
4637 WOLFSSL_MSG("EVP_AES_256_CFB1");
4638 ctx->cipherType = AES_256_CFB1_TYPE;
4639 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4640 ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE;
4641 ctx->keyLen = 32;
4642 ctx->block_size = 1;
4643 if (enc == 0 || enc == 1)
4644 ctx->enc = enc ? 1 : 0;
4645 if (key) {
4646 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4647 AES_ENCRYPTION, 0);
4648 if (ret != 0){
4649 WOLFSSL_MSG("AesSetKey() failed");
4650 return WOLFSSL_FAILURE;
4651 }
4652 }
4653 if (iv && key == NULL) {
4654 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4655 if (ret != 0){
4656 WOLFSSL_MSG("wc_AesSetIV() failed");
4657 return WOLFSSL_FAILURE;
4658 }
4659 }
4660 }
4661 #endif /* WOLFSSL_AES_256 */
4662 #ifdef WOLFSSL_AES_128
4663 if (ctx->cipherType == AES_128_CFB8_TYPE ||
4664 (type && XSTRNCMP(type, EVP_AES_128_CFB8, EVP_AESCFB_SIZE) == 0)) {
4665 WOLFSSL_MSG("EVP_AES_128_CFB8");
4666 ctx->cipherType = AES_128_CFB8_TYPE;
4667 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4668 ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE;
4669 ctx->keyLen = 16;
4670 ctx->block_size = 1;
4671 if (enc == 0 || enc == 1)
4672 ctx->enc = enc ? 1 : 0;
4673 if (key) {
4674 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4675 AES_ENCRYPTION, 0);
4676 if (ret != 0)
4677 return WOLFSSL_FAILURE;
4678 }
4679 if (iv && key == NULL) {
4680 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4681 if (ret != 0)
4682 return WOLFSSL_FAILURE;
4683 }
4684 }
4685 #endif /* WOLFSSL_AES_128 */
4686 #ifdef WOLFSSL_AES_192
4687 if (ctx->cipherType == AES_192_CFB8_TYPE ||
4688 (type && XSTRNCMP(type, EVP_AES_192_CFB8, EVP_AESCFB_SIZE) == 0)) {
4689 WOLFSSL_MSG("EVP_AES_192_CFB8");
4690 ctx->cipherType = AES_192_CFB8_TYPE;
4691 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4692 ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE;
4693 ctx->keyLen = 24;
4694 ctx->block_size = 1;
4695 if (enc == 0 || enc == 1)
4696 ctx->enc = enc ? 1 : 0;
4697 if (key) {
4698 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4699 AES_ENCRYPTION, 0);
4700 if (ret != 0)
4701 return WOLFSSL_FAILURE;
4702 }
4703 if (iv && key == NULL) {
4704 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4705 if (ret != 0)
4706 return WOLFSSL_FAILURE;
4707 }
4708 }
4709 #endif /* WOLFSSL_AES_192 */
4710 #ifdef WOLFSSL_AES_256
4711 if (ctx->cipherType == AES_256_CFB8_TYPE ||
4712 (type && XSTRNCMP(type, EVP_AES_256_CFB8, EVP_AESCFB_SIZE) == 0)) {
4713 WOLFSSL_MSG("EVP_AES_256_CFB8");
4714 ctx->cipherType = AES_256_CFB8_TYPE;
4715 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4716 ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE;
4717 ctx->keyLen = 32;
4718 ctx->block_size = 1;
4719 if (enc == 0 || enc == 1)
4720 ctx->enc = enc ? 1 : 0;
4721 if (key) {
4722 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4723 AES_ENCRYPTION, 0);
4724 if (ret != 0){
4725 WOLFSSL_MSG("AesSetKey() failed");
4726 return WOLFSSL_FAILURE;
4727 }
4728 }
4729 if (iv && key == NULL) {
4730 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4731 if (ret != 0){
4732 WOLFSSL_MSG("wc_AesSetIV() failed");
4733 return WOLFSSL_FAILURE;
4734 }
4735 }
4736 }
4737 #endif /* WOLFSSL_AES_256 */
4738 #ifdef WOLFSSL_AES_128
4739 if (ctx->cipherType == AES_128_CFB128_TYPE ||
4740 (type && XSTRNCMP(type, EVP_AES_128_CFB128, EVP_AESCFB_SIZE) == 0)) {
4741 WOLFSSL_MSG("EVP_AES_128_CFB128");
4742 ctx->cipherType = AES_128_CFB128_TYPE;
4743 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4744 ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE;
4745 ctx->keyLen = 16;
4746 ctx->block_size = 1;
4747 if (enc == 0 || enc == 1)
4748 ctx->enc = enc ? 1 : 0;
4749 if (key) {
4750 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4751 AES_ENCRYPTION, 0);
4752 if (ret != 0)
4753 return WOLFSSL_FAILURE;
4754 }
4755 if (iv && key == NULL) {
4756 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4757 if (ret != 0)
4758 return WOLFSSL_FAILURE;
4759 }
4760 }
4761 #endif /* WOLFSSL_AES_128 */
4762 #ifdef WOLFSSL_AES_192
4763 if (ctx->cipherType == AES_192_CFB128_TYPE ||
4764 (type && XSTRNCMP(type, EVP_AES_192_CFB128, EVP_AESCFB_SIZE) == 0)) {
4765 WOLFSSL_MSG("EVP_AES_192_CFB128");
4766 ctx->cipherType = AES_192_CFB128_TYPE;
4767 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4768 ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE;
4769 ctx->keyLen = 24;
4770 ctx->block_size = 1;
4771 if (enc == 0 || enc == 1)
4772 ctx->enc = enc ? 1 : 0;
4773 if (key) {
4774 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4775 AES_ENCRYPTION, 0);
4776 if (ret != 0)
4777 return WOLFSSL_FAILURE;
4778 }
4779 if (iv && key == NULL) {
4780 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4781 if (ret != 0)
4782 return WOLFSSL_FAILURE;
4783 }
4784 }
4785 #endif /* WOLFSSL_AES_192 */
4786 #ifdef WOLFSSL_AES_256
4787 if (ctx->cipherType == AES_256_CFB128_TYPE ||
4788 (type && XSTRNCMP(type, EVP_AES_256_CFB128, EVP_AESCFB_SIZE) == 0)) {
4789 WOLFSSL_MSG("EVP_AES_256_CFB128");
4790 ctx->cipherType = AES_256_CFB128_TYPE;
4791 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4792 ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE;
4793 ctx->keyLen = 32;
4794 ctx->block_size = 1;
4795 if (enc == 0 || enc == 1)
4796 ctx->enc = enc ? 1 : 0;
4797 if (key) {
4798 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4799 AES_ENCRYPTION, 0);
4800 if (ret != 0){
4801 WOLFSSL_MSG("AesSetKey() failed");
4802 return WOLFSSL_FAILURE;
4803 }
4804 }
4805 if (iv && key == NULL) {
4806 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4807 if (ret != 0){
4808 WOLFSSL_MSG("wc_AesSetIV() failed");
4809 return WOLFSSL_FAILURE;
4810 }
4811 }
4812 }
4813 #endif /* WOLFSSL_AES_256 */
4814 #endif /* WOLFSSL_AES_CFB */
4815 #ifdef WOLFSSL_AES_OFB
4816 #ifdef WOLFSSL_AES_128
4817 if (ctx->cipherType == AES_128_OFB_TYPE ||
4818 (type && XSTRNCMP(type, EVP_AES_128_OFB, EVP_AES_SIZE) == 0)) {
4819 WOLFSSL_MSG("EVP_AES_128_OFB");
4820 ctx->cipherType = AES_128_OFB_TYPE;
4821 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4822 ctx->flags |= WOLFSSL_EVP_CIPH_OFB_MODE;
4823 ctx->keyLen = 16;
4824 ctx->block_size = 1;
4825 if (enc == 0 || enc == 1)
4826 ctx->enc = enc ? 1 : 0;
4827 if (key) {
4828 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4829 AES_ENCRYPTION, 0);
4830 if (ret != 0)
4831 return WOLFSSL_FAILURE;
4832 }
4833 if (iv && key == NULL) {
4834 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4835 if (ret != 0)
4836 return WOLFSSL_FAILURE;
4837 }
4838 }
4839 #endif /* WOLFSSL_AES_128 */
4840 #ifdef WOLFSSL_AES_192
4841 if (ctx->cipherType == AES_192_OFB_TYPE ||
4842 (type && XSTRNCMP(type, EVP_AES_192_OFB, EVP_AES_SIZE) == 0)) {
4843 WOLFSSL_MSG("EVP_AES_192_OFB");
4844 ctx->cipherType = AES_192_OFB_TYPE;
4845 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4846 ctx->flags |= WOLFSSL_EVP_CIPH_OFB_MODE;
4847 ctx->keyLen = 24;
4848 ctx->block_size = 1;
4849 if (enc == 0 || enc == 1)
4850 ctx->enc = enc ? 1 : 0;
4851 if (key) {
4852 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4853 AES_ENCRYPTION, 0);
4854 if (ret != 0)
4855 return WOLFSSL_FAILURE;
4856 }
4857 if (iv && key == NULL) {
4858 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4859 if (ret != 0)
4860 return WOLFSSL_FAILURE;
4861 }
4862 }
4863 #endif /* WOLFSSL_AES_192 */
4864 #ifdef WOLFSSL_AES_256
4865 if (ctx->cipherType == AES_256_OFB_TYPE ||
4866 (type && XSTRNCMP(type, EVP_AES_256_OFB, EVP_AES_SIZE) == 0)) {
4867 WOLFSSL_MSG("EVP_AES_256_OFB");
4868 ctx->cipherType = AES_256_OFB_TYPE;
4869 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4870 ctx->flags |= WOLFSSL_EVP_CIPH_OFB_MODE;
4871 ctx->keyLen = 32;
4872 ctx->block_size = 1;
4873 if (enc == 0 || enc == 1)
4874 ctx->enc = enc ? 1 : 0;
4875 if (key) {
4876 ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
4877 AES_ENCRYPTION, 0);
4878 if (ret != 0){
4879 WOLFSSL_MSG("AesSetKey() failed");
4880 return WOLFSSL_FAILURE;
4881 }
4882 }
4883 if (iv && key == NULL) {
4884 ret = wc_AesSetIV(&ctx->cipher.aes, iv);
4885 if (ret != 0){
4886 WOLFSSL_MSG("wc_AesSetIV() failed");
4887 return WOLFSSL_FAILURE;
4888 }
4889 }
4890 }
4891 #endif /* WOLFSSL_AES_256 */
4892 #endif /* HAVE_AES_OFB */
4893 #ifdef WOLFSSL_AES_XTS
4894 #ifdef WOLFSSL_AES_128
4895 if (ctx->cipherType == AES_128_XTS_TYPE ||
4896 (type && XSTRNCMP(type, EVP_AES_128_XTS, EVP_AES_SIZE) == 0)) {
4897 WOLFSSL_MSG("EVP_AES_128_XTS");
4898 ctx->cipherType = AES_128_XTS_TYPE;
4899 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4900 ctx->flags |= WOLFSSL_EVP_CIPH_XTS_MODE;
4901 ctx->keyLen = 32;
4902 ctx->block_size = 1;
4903 ctx->ivSz = AES_BLOCK_SIZE;
4904
4905 if (iv != NULL) {
4906 if (iv != ctx->iv) /* Valgrind error when src == dst */
4907 XMEMCPY(ctx->iv, iv, ctx->ivSz);
4908 }
4909 else
4910 XMEMSET(ctx->iv, 0, AES_BLOCK_SIZE);
4911
4912 if (enc == 0 || enc == 1)
4913 ctx->enc = enc ? 1 : 0;
4914 if (key) {
4915 ret = wc_AesXtsSetKey(&ctx->cipher.xts, key, ctx->keyLen,
4916 ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, NULL, 0);
4917 if (ret != 0) {
4918 WOLFSSL_MSG("wc_AesXtsSetKey() failed");
4919 return WOLFSSL_FAILURE;
4920 }
4921 }
4922 }
4923 #endif /* WOLFSSL_AES_128 */
4924 #ifdef WOLFSSL_AES_256
4925 if (ctx->cipherType == AES_256_XTS_TYPE ||
4926 (type && XSTRNCMP(type, EVP_AES_256_XTS, EVP_AES_SIZE) == 0)) {
4927 WOLFSSL_MSG("EVP_AES_256_XTS");
4928 ctx->cipherType = AES_256_XTS_TYPE;
4929 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4930 ctx->flags |= WOLFSSL_EVP_CIPH_XTS_MODE;
4931 ctx->keyLen = 64;
4932 ctx->block_size = 1;
4933 ctx->ivSz = AES_BLOCK_SIZE;
4934
4935 if (iv != NULL) {
4936 if (iv != ctx->iv) /* Valgrind error when src == dst */
4937 XMEMCPY(ctx->iv, iv, ctx->ivSz);
4938 }
4939 else
4940 XMEMSET(ctx->iv, 0, AES_BLOCK_SIZE);
4941
4942 if (enc == 0 || enc == 1)
4943 ctx->enc = enc ? 1 : 0;
4944 if (key) {
4945 ret = wc_AesXtsSetKey(&ctx->cipher.xts, key, ctx->keyLen,
4946 ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, NULL, 0);
4947 if (ret != 0) {
4948 WOLFSSL_MSG("wc_AesXtsSetKey() failed");
4949 return WOLFSSL_FAILURE;
4950 }
4951 }
4952 }
4953 #endif /* WOLFSSL_AES_256 */
4954 #endif /* HAVE_AES_XTS */
4955#endif /* NO_AES */
4956
4957#ifndef NO_DES3
4958 if (ctx->cipherType == DES_CBC_TYPE ||
4959 (type && XSTRNCMP(type, EVP_DES_CBC, EVP_DES_SIZE) == 0)) {
4960 WOLFSSL_MSG("EVP_DES_CBC");
4961 ctx->cipherType = DES_CBC_TYPE;
4962 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4963 ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE;
4964 ctx->keyLen = 8;
4965 ctx->block_size = DES_BLOCK_SIZE;
4966 ctx->ivSz = DES_BLOCK_SIZE;
4967 if (enc == 0 || enc == 1)
4968 ctx->enc = enc ? 1 : 0;
4969 if (key) {
4970 ret = wc_Des_SetKey(&ctx->cipher.des, key, iv,
4971 ctx->enc ? DES_ENCRYPTION : DES_DECRYPTION);
4972 if (ret != 0)
4973 return WOLFSSL_FAILURE;
4974 }
4975
4976 if (iv && key == NULL)
4977 wc_Des_SetIV(&ctx->cipher.des, iv);
4978 }
4979#ifdef WOLFSSL_DES_ECB
4980 else if (ctx->cipherType == DES_ECB_TYPE ||
4981 (type && XSTRNCMP(type, EVP_DES_ECB, EVP_DES_SIZE) == 0)) {
4982 WOLFSSL_MSG("EVP_DES_ECB");
4983 ctx->cipherType = DES_ECB_TYPE;
4984 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
4985 ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE;
4986 ctx->keyLen = 8;
4987 ctx->block_size = DES_BLOCK_SIZE;
4988 if (enc == 0 || enc == 1)
4989 ctx->enc = enc ? 1 : 0;
4990 if (key) {
4991 WOLFSSL_MSG("Des_SetKey");
4992 ret = wc_Des_SetKey(&ctx->cipher.des, key, NULL,
4993 ctx->enc ? DES_ENCRYPTION : DES_DECRYPTION);
4994 if (ret != 0)
4995 return WOLFSSL_FAILURE;
4996 }
4997 }
4998#endif
4999 else if (ctx->cipherType == DES_EDE3_CBC_TYPE ||
5000 (type &&
5001 XSTRNCMP(type, EVP_DES_EDE3_CBC, EVP_DES_EDE3_SIZE) == 0)) {
5002 WOLFSSL_MSG("EVP_DES_EDE3_CBC");
5003 ctx->cipherType = DES_EDE3_CBC_TYPE;
5004 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
5005 ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE;
5006 ctx->keyLen = 24;
5007 ctx->block_size = DES_BLOCK_SIZE;
5008 ctx->ivSz = DES_BLOCK_SIZE;
5009 if (enc == 0 || enc == 1)
5010 ctx->enc = enc ? 1 : 0;
5011 if (key) {
5012 ret = wc_Des3_SetKey(&ctx->cipher.des3, key, iv,
5013 ctx->enc ? DES_ENCRYPTION : DES_DECRYPTION);
5014 if (ret != 0)
5015 return WOLFSSL_FAILURE;
5016 }
5017
5018 if (iv && key == NULL) {
5019 ret = wc_Des3_SetIV(&ctx->cipher.des3, iv);
5020 if (ret != 0)
5021 return WOLFSSL_FAILURE;
5022 }
5023 }
5024 else if (ctx->cipherType == DES_EDE3_ECB_TYPE ||
5025 (type &&
5026 XSTRNCMP(type, EVP_DES_EDE3_ECB, EVP_DES_EDE3_SIZE) == 0)) {
5027 WOLFSSL_MSG("EVP_DES_EDE3_ECB");
5028 ctx->cipherType = DES_EDE3_ECB_TYPE;
5029 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
5030 ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE;
5031 ctx->keyLen = 24;
5032 ctx->block_size = DES_BLOCK_SIZE;
5033 if (enc == 0 || enc == 1)
5034 ctx->enc = enc ? 1 : 0;
5035 if (key) {
5036 ret = wc_Des3_SetKey(&ctx->cipher.des3, key, NULL,
5037 ctx->enc ? DES_ENCRYPTION : DES_DECRYPTION);
5038 if (ret != 0)
5039 return WOLFSSL_FAILURE;
5040 }
5041 }
5042#endif /* NO_DES3 */
5043#ifndef NO_RC4
5044 if (ctx->cipherType == ARC4_TYPE ||
5045 (type && XSTRNCMP(type, EVP_ARC4, 4) == 0)) {
5046 WOLFSSL_MSG("ARC4");
5047 ctx->cipherType = ARC4_TYPE;
5048 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
5049 ctx->flags |= WOLFSSL_EVP_CIPH_STREAM_CIPHER;
5050 ctx->block_size = 1;
5051 if (ctx->keyLen == 0) /* user may have already set */
5052 ctx->keyLen = 16; /* default to 128 */
5053 if (key)
5054 wc_Arc4SetKey(&ctx->cipher.arc4, key, ctx->keyLen);
5055 }
5056#endif /* NO_RC4 */
5057#ifdef HAVE_IDEA
5058 if (ctx->cipherType == IDEA_CBC_TYPE ||
5059 (type && XSTRNCMP(type, EVP_IDEA_CBC, EVP_IDEA_SIZE) == 0)) {
5060 WOLFSSL_MSG("EVP_IDEA_CBC");
5061 ctx->cipherType = IDEA_CBC_TYPE;
5062 ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
5063 ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE;
5064 ctx->keyLen = IDEA_KEY_SIZE;
5065 ctx->block_size = 8;
5066 ctx->ivSz = IDEA_BLOCK_SIZE;
5067 if (enc == 0 || enc == 1)
5068 ctx->enc = enc ? 1 : 0;
5069 if (key) {
5070 ret = wc_IdeaSetKey(&ctx->cipher.idea, key, (word16)ctx->keyLen,
5071 iv, ctx->enc ? IDEA_ENCRYPTION :
5072 IDEA_DECRYPTION);
5073 if (ret != 0)
5074 return WOLFSSL_FAILURE;
5075 }
5076
5077 if (iv && key == NULL)
5078 wc_IdeaSetIV(&ctx->cipher.idea, iv);
5079 }
5080#endif /* HAVE_IDEA */
5081 if (ctx->cipherType == NULL_CIPHER_TYPE ||
5082 (type && XSTRNCMP(type, EVP_NULL, 4) == 0)) {
5083 WOLFSSL_MSG("NULL cipher");
5084 ctx->cipherType = NULL_CIPHER_TYPE;
5085 ctx->keyLen = 0;
5086 ctx->block_size = 16;
5087 }
5088#ifdef HAVE_WOLFSSL_EVP_CIPHER_CTX_IV
5089 if (iv && iv != ctx->iv) {
5090 if (wolfSSL_StoreExternalIV(ctx) != WOLFSSL_SUCCESS) {
5091 return WOLFSSL_FAILURE;
5092 }
5093 }
5094#endif
5095 (void)ret; /* remove warning. If execution reaches this point, ret=0 */
5096 return WOLFSSL_SUCCESS;
5097 }
5098
5099 /* WOLFSSL_SUCCESS on ok */
5100 int wolfSSL_EVP_CIPHER_CTX_key_length(WOLFSSL_EVP_CIPHER_CTX* ctx)
5101 {
5102 WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_key_length");
5103 if (ctx)
5104 return ctx->keyLen;
5105
5106 return 0; /* failure */
5107 }
5108
5109 /* WOLFSSL_SUCCESS on ok */
5110 int wolfSSL_EVP_CIPHER_CTX_set_key_length(WOLFSSL_EVP_CIPHER_CTX* ctx,
5111 int keylen)
5112 {
5113 WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_set_key_length");
5114 if (ctx)
5115 ctx->keyLen = keylen;
5116 else
5117 return 0; /* failure */
5118
5119 return WOLFSSL_SUCCESS;
5120 }
5121#if defined(HAVE_AESGCM)
5122 /* returns WOLFSSL_SUCCESS on success, otherwise returns WOLFSSL_FAILURE */
5123 int wolfSSL_EVP_CIPHER_CTX_set_iv_length(WOLFSSL_EVP_CIPHER_CTX* ctx,
5124 int ivLen)
5125 {
5126 WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_set_iv_length");
5127 if (ctx)
5128 ctx->ivSz= ivLen;
5129 else
5130 return WOLFSSL_FAILURE;
5131
5132 return WOLFSSL_SUCCESS;
5133 }
5134
5135 /* returns WOLFSSL_SUCCESS on success, otherwise returns WOLFSSL_FAILURE */
5136 int wolfSSL_EVP_CIPHER_CTX_set_iv(WOLFSSL_EVP_CIPHER_CTX* ctx, byte* iv,
5137 int ivLen)
5138 {
5139 int expectedIvLen;
5140
5141 WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_set_iv_length");
5142 if (!ctx || !iv || !ivLen) {
5143 return WOLFSSL_FAILURE;
5144 }
5145
5146 expectedIvLen = wolfSSL_EVP_CIPHER_CTX_iv_length(ctx);
5147
5148 if (expectedIvLen == 0 || expectedIvLen != ivLen) {
5149 WOLFSSL_MSG("Wrong ivLen value");
5150 return WOLFSSL_FAILURE;
5151 }
5152
5153 return wolfSSL_EVP_CipherInit(ctx, NULL, NULL, iv, -1);
5154 }
5155#endif
5156
5157 /* Return length on ok */
5158 int wolfSSL_EVP_Cipher(WOLFSSL_EVP_CIPHER_CTX* ctx, byte* dst, byte* src,
5159 word32 len)
5160 {
5161 int ret = 0;
5162 WOLFSSL_ENTER("wolfSSL_EVP_Cipher");
5163
5164 if (ctx == NULL || src == NULL ||
5165 (dst == NULL &&
5166 ctx->cipherType != AES_128_GCM_TYPE &&
5167 ctx->cipherType != AES_192_GCM_TYPE &&
5168 ctx->cipherType != AES_256_GCM_TYPE)) {
5169 WOLFSSL_MSG("Bad function argument");
5170 return WOLFSSL_FATAL_ERROR;
5171 }
5172
5173 if (ctx->cipherType == 0xff) {
5174 WOLFSSL_MSG("no init");
5175 return WOLFSSL_FATAL_ERROR;
5176 }
5177
5178 switch (ctx->cipherType) {
5179
5180#ifndef NO_AES
5181#ifdef HAVE_AES_CBC
5182 case AES_128_CBC_TYPE :
5183 case AES_192_CBC_TYPE :
5184 case AES_256_CBC_TYPE :
5185 WOLFSSL_MSG("AES CBC");
5186 if (ctx->enc)
5187 ret = wc_AesCbcEncrypt(&ctx->cipher.aes, dst, src, len);
5188 else
5189 ret = wc_AesCbcDecrypt(&ctx->cipher.aes, dst, src, len);
5190 if (ret == 0)
5191 ret = (len / AES_BLOCK_SIZE) * AES_BLOCK_SIZE;
5192 break;
5193#endif /* HAVE_AES_CBC */
5194
5195#ifdef WOLFSSL_AES_CFB
5196#if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
5197 case AES_128_CFB1_TYPE:
5198 case AES_192_CFB1_TYPE:
5199 case AES_256_CFB1_TYPE:
5200 WOLFSSL_MSG("AES CFB1");
5201 if (ctx->enc)
5202 ret = wc_AesCfb1Encrypt(&ctx->cipher.aes, dst, src, len);
5203 else
5204 ret = wc_AesCfb1Decrypt(&ctx->cipher.aes, dst, src, len);
5205 if (ret == 0)
5206 ret = len;
5207 break;
5208 case AES_128_CFB8_TYPE:
5209 case AES_192_CFB8_TYPE:
5210 case AES_256_CFB8_TYPE:
5211 WOLFSSL_MSG("AES CFB8");
5212 if (ctx->enc)
5213 ret = wc_AesCfb8Encrypt(&ctx->cipher.aes, dst, src, len);
5214 else
5215 ret = wc_AesCfb8Decrypt(&ctx->cipher.aes, dst, src, len);
5216 if (ret == 0)
5217 ret = len;
5218 break;
5219#endif /* !HAVE_SELFTEST && !HAVE_FIPS */
5220 case AES_128_CFB128_TYPE:
5221 case AES_192_CFB128_TYPE:
5222 case AES_256_CFB128_TYPE:
5223 WOLFSSL_MSG("AES CFB128");
5224 if (ctx->enc)
5225 ret = wc_AesCfbEncrypt(&ctx->cipher.aes, dst, src, len);
5226 else
5227 ret = wc_AesCfbDecrypt(&ctx->cipher.aes, dst, src, len);
5228 if (ret == 0)
5229 ret = len;
5230 break;
5231#endif /* WOLFSSL_AES_CFB */
5232#if defined(WOLFSSL_AES_OFB)
5233 case AES_128_OFB_TYPE:
5234 case AES_192_OFB_TYPE:
5235 case AES_256_OFB_TYPE:
5236 WOLFSSL_MSG("AES OFB");
5237 if (ctx->enc)
5238 ret = wc_AesOfbEncrypt(&ctx->cipher.aes, dst, src, len);
5239 else
5240 ret = wc_AesOfbDecrypt(&ctx->cipher.aes, dst, src, len);
5241 if (ret == 0)
5242 ret = len;
5243 break;
5244#endif /* WOLFSSL_AES_OFB */
5245#if defined(WOLFSSL_AES_XTS)
5246 case AES_128_XTS_TYPE:
5247 case AES_256_XTS_TYPE:
5248 WOLFSSL_MSG("AES XTS");
5249 if (ctx->enc)
5250 ret = wc_AesXtsEncrypt(&ctx->cipher.xts, dst, src, len,
5251 ctx->iv, ctx->ivSz);
5252 else
5253 ret = wc_AesXtsDecrypt(&ctx->cipher.xts, dst, src, len,
5254 ctx->iv, ctx->ivSz);
5255 if (ret == 0)
5256 ret = len;
5257 break;
5258#endif /* WOLFSSL_AES_XTS */
5259
5260#ifdef HAVE_AESGCM
5261 case AES_128_GCM_TYPE :
5262 case AES_192_GCM_TYPE :
5263 case AES_256_GCM_TYPE :
5264 WOLFSSL_MSG("AES GCM");
5265 if (!dst) {
5266 ret = wolfSSL_EVP_CipherUpdate_GCM_AAD(ctx, src, len);
5267 }
5268 else {
5269 if (ctx->enc)
5270 ret = wc_AesGcmEncrypt(&ctx->cipher.aes, dst, src,
5271 len, ctx->iv, ctx->ivSz, ctx->authTag,
5272 ctx->authTagSz, ctx->gcmAuthIn, ctx->gcmAuthInSz);
5273 else
5274 ret = wc_AesGcmDecrypt(&ctx->cipher.aes, dst, src,
5275 len, ctx->iv, ctx->ivSz, ctx->authTag,
5276 ctx->authTagSz, ctx->gcmAuthIn, ctx->gcmAuthInSz);
5277 }
5278 if (ret == 0)
5279 ret = len;
5280 break;
5281#endif /* HAVE_AESGCM */
5282#ifdef HAVE_AES_ECB
5283 case AES_128_ECB_TYPE :
5284 case AES_192_ECB_TYPE :
5285 case AES_256_ECB_TYPE :
5286 WOLFSSL_MSG("AES ECB");
5287 if (ctx->enc)
5288 ret = wc_AesEcbEncrypt(&ctx->cipher.aes, dst, src, len);
5289 else
5290 ret = wc_AesEcbDecrypt(&ctx->cipher.aes, dst, src, len);
5291 if (ret == 0)
5292 ret = (len / AES_BLOCK_SIZE) * AES_BLOCK_SIZE;
5293 break;
5294#endif
5295#ifdef WOLFSSL_AES_COUNTER
5296 case AES_128_CTR_TYPE :
5297 case AES_192_CTR_TYPE :
5298 case AES_256_CTR_TYPE :
5299 WOLFSSL_MSG("AES CTR");
5300 ret = wc_AesCtrEncrypt(&ctx->cipher.aes, dst, src, len);
5301 if (ret == 0)
5302 ret = len;
5303 break;
5304#endif /* WOLFSSL_AES_COUNTER */
5305#endif /* NO_AES */
5306
5307#ifndef NO_DES3
5308 case DES_CBC_TYPE :
5309 WOLFSSL_MSG("DES CBC");
5310 if (ctx->enc)
5311 wc_Des_CbcEncrypt(&ctx->cipher.des, dst, src, len);
5312 else
5313 wc_Des_CbcDecrypt(&ctx->cipher.des, dst, src, len);
5314 if (ret == 0)
5315 ret = (len / DES_BLOCK_SIZE) * DES_BLOCK_SIZE;
5316 break;
5317 case DES_EDE3_CBC_TYPE :
5318 WOLFSSL_MSG("DES3 CBC");
5319 if (ctx->enc)
5320 ret = wc_Des3_CbcEncrypt(&ctx->cipher.des3, dst, src, len);
5321 else
5322 ret = wc_Des3_CbcDecrypt(&ctx->cipher.des3, dst, src, len);
5323 if (ret == 0)
5324 ret = (len / DES_BLOCK_SIZE) * DES_BLOCK_SIZE;
5325 break;
5326#ifdef WOLFSSL_DES_ECB
5327 case DES_ECB_TYPE :
5328 WOLFSSL_MSG("DES ECB");
5329 ret = wc_Des_EcbEncrypt(&ctx->cipher.des, dst, src, len);
5330 if (ret == 0)
5331 ret = (len / DES_BLOCK_SIZE) * DES_BLOCK_SIZE;
5332 break;
5333 case DES_EDE3_ECB_TYPE :
5334 WOLFSSL_MSG("DES3 ECB");
5335 ret = wc_Des3_EcbEncrypt(&ctx->cipher.des3, dst, src, len);
5336 if (ret == 0)
5337 ret = (len / DES_BLOCK_SIZE) * DES_BLOCK_SIZE;
5338 break;
5339#endif
5340#endif /* !NO_DES3 */
5341
5342#ifndef NO_RC4
5343 case ARC4_TYPE :
5344 WOLFSSL_MSG("ARC4");
5345 wc_Arc4Process(&ctx->cipher.arc4, dst, src, len);
5346 if (ret == 0)
5347 ret = len;
5348 break;
5349#endif
5350
5351#ifdef HAVE_IDEA
5352 case IDEA_CBC_TYPE :
5353 WOLFSSL_MSG("IDEA CBC");
5354 if (ctx->enc)
5355 wc_IdeaCbcEncrypt(&ctx->cipher.idea, dst, src, len);
5356 else
5357 wc_IdeaCbcDecrypt(&ctx->cipher.idea, dst, src, len);
5358 if (ret == 0)
5359 ret = (len / IDEA_BLOCK_SIZE) * IDEA_BLOCK_SIZE;
5360 break;
5361#endif
5362 case NULL_CIPHER_TYPE :
5363 WOLFSSL_MSG("NULL CIPHER");
5364 XMEMCPY(dst, src, len);
5365 ret = len;
5366 break;
5367
5368 default: {
5369 WOLFSSL_MSG("bad type");
5370 return WOLFSSL_FATAL_ERROR;
5371 }
5372 }
5373
5374 if (ret < 0) {
5375 WOLFSSL_MSG("wolfSSL_EVP_Cipher failure");
5376 return WOLFSSL_FATAL_ERROR;
5377 }
5378
5379 if (wolfSSL_StoreExternalIV(ctx) != WOLFSSL_SUCCESS) {
5380 return WOLFSSL_FATAL_ERROR;
5381 }
5382
5383 WOLFSSL_MSG("wolfSSL_EVP_Cipher success");
5384 return ret;
5385 }
5386
5387 /* WOLFSSL_SUCCESS on ok */
5388 int wolfSSL_EVP_DigestInit(WOLFSSL_EVP_MD_CTX* ctx,
5389 const WOLFSSL_EVP_MD* md)
5390 {
5391 int ret = WOLFSSL_SUCCESS;
5392
5393 WOLFSSL_ENTER("EVP_DigestInit");
5394
5395 if (ctx == NULL) {
5396 return BAD_FUNC_ARG;
5397 }
5398
5399
5400 #ifdef WOLFSSL_ASYNC_CRYPT
5401 /* compile-time validation of ASYNC_CTX_SIZE */
5402 typedef char async_test[WC_ASYNC_DEV_SIZE >= sizeof(WC_ASYNC_DEV) ?
5403 1 : -1];
5404 (void)sizeof(async_test);
5405 #endif
5406
5407 /* Set to 0 if no match */
5408 ctx->macType = wolfSSL_EVP_md2macType(md);
5409 if (md == NULL) {
5410 XMEMSET(&ctx->hash.digest, 0, sizeof(WOLFSSL_Hasher));
5411 }
5412 else if (XSTRNCMP(md, "SHA256", 6) == 0) {
5413 ret = wolfSSL_SHA256_Init(&(ctx->hash.digest.sha256));
5414 }
5415 #ifdef WOLFSSL_SHA224
5416 else if (XSTRNCMP(md, "SHA224", 6) == 0) {
5417 ret = wolfSSL_SHA224_Init(&(ctx->hash.digest.sha224));
5418 }
5419 #endif
5420 #ifdef WOLFSSL_SHA384
5421 else if (XSTRNCMP(md, "SHA384", 6) == 0) {
5422 ret = wolfSSL_SHA384_Init(&(ctx->hash.digest.sha384));
5423 }
5424 #endif
5425 #ifdef WOLFSSL_SHA512
5426 else if (XSTRNCMP(md, "SHA512", 6) == 0) {
5427 ret = wolfSSL_SHA512_Init(&(ctx->hash.digest.sha512));
5428 }
5429 #endif
5430 #ifndef NO_MD4
5431 else if (XSTRNCMP(md, "MD4", 3) == 0) {
5432 wolfSSL_MD4_Init(&(ctx->hash.digest.md4));
5433 }
5434 #endif
5435 #ifndef NO_MD5
5436 else if (XSTRNCMP(md, "MD5", 3) == 0) {
5437 ret = wolfSSL_MD5_Init(&(ctx->hash.digest.md5));
5438 }
5439 #endif
5440#ifdef WOLFSSL_SHA3
5441 #ifndef WOLFSSL_NOSHA3_224
5442 else if (XSTRNCMP(md, "SHA3_224", 8) == 0) {
5443 ret = wolfSSL_SHA3_224_Init(&(ctx->hash.digest.sha3_224));
5444 }
5445 #endif
5446 #ifndef WOLFSSL_NOSHA3_256
5447 else if (XSTRNCMP(md, "SHA3_256", 8) == 0) {
5448 ret = wolfSSL_SHA3_256_Init(&(ctx->hash.digest.sha3_256));
5449 }
5450 #endif
5451 else if (XSTRNCMP(md, "SHA3_384", 8) == 0) {
5452 ret = wolfSSL_SHA3_384_Init(&(ctx->hash.digest.sha3_384));
5453 }
5454 #ifndef WOLFSSL_NOSHA3_512
5455 else if (XSTRNCMP(md, "SHA3_512", 8) == 0) {
5456 ret = wolfSSL_SHA3_512_Init(&(ctx->hash.digest.sha3_512));
5457 }
5458 #endif
5459#endif
5460 #ifndef NO_SHA
5461 /* has to be last since would pick or 224, 256, 384, or 512 too */
5462 else if (XSTRNCMP(md, "SHA", 3) == 0) {
5463 ret = wolfSSL_SHA_Init(&(ctx->hash.digest.sha));
5464 }
5465 #endif /* NO_SHA */
5466 else {
5467 ctx->macType = WC_HASH_TYPE_NONE;
5468 return BAD_FUNC_ARG;
5469 }
5470
5471 return ret;
5472 }
5473
5474 /* WOLFSSL_SUCCESS on ok, WOLFSSL_FAILURE on failure */
5475 int wolfSSL_EVP_DigestUpdate(WOLFSSL_EVP_MD_CTX* ctx, const void* data,
5476 size_t sz)
5477 {
5478 int ret = WOLFSSL_FAILURE;
5479 enum wc_HashType macType;
5480
5481 WOLFSSL_ENTER("EVP_DigestUpdate");
5482
5483 macType = wolfSSL_EVP_md2macType(EVP_MD_CTX_md(ctx));
5484 switch (macType) {
5485 case WC_HASH_TYPE_MD4:
5486 #ifndef NO_MD4
5487 wolfSSL_MD4_Update((MD4_CTX*)&ctx->hash, data,
5488 (unsigned long)sz);
5489 ret = WOLFSSL_SUCCESS;
5490 #endif
5491 break;
5492 case WC_HASH_TYPE_MD5:
5493 #ifndef NO_MD5
5494 ret = wolfSSL_MD5_Update((MD5_CTX*)&ctx->hash, data,
5495 (unsigned long)sz);
5496 #endif
5497 break;
5498 case WC_HASH_TYPE_SHA:
5499 #ifndef NO_SHA
5500 ret = wolfSSL_SHA_Update((SHA_CTX*)&ctx->hash, data,
5501 (unsigned long)sz);
5502 #endif
5503 break;
5504 case WC_HASH_TYPE_SHA224:
5505 #ifdef WOLFSSL_SHA224
5506 ret = wolfSSL_SHA224_Update((SHA224_CTX*)&ctx->hash, data,
5507 (unsigned long)sz);
5508 #endif
5509 break;
5510 case WC_HASH_TYPE_SHA256:
5511 #ifndef NO_SHA256
5512 ret = wolfSSL_SHA256_Update((SHA256_CTX*)&ctx->hash, data,
5513 (unsigned long)sz);
5514 #endif /* !NO_SHA256 */
5515 break;
5516 case WC_HASH_TYPE_SHA384:
5517 #ifdef WOLFSSL_SHA384
5518 ret = wolfSSL_SHA384_Update((SHA384_CTX*)&ctx->hash, data,
5519 (unsigned long)sz);
5520 #endif
5521 break;
5522 case WC_HASH_TYPE_SHA512:
5523 #ifdef WOLFSSL_SHA512
5524 ret = wolfSSL_SHA512_Update((SHA512_CTX*)&ctx->hash, data,
5525 (unsigned long)sz);
5526 #endif /* WOLFSSL_SHA512 */
5527 break;
5528 case WC_HASH_TYPE_SHA3_224:
5529 #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
5530 ret = wolfSSL_SHA3_224_Update((SHA3_224_CTX*)&ctx->hash, data,
5531 (unsigned long)sz);
5532 #endif
5533 break;
5534 case WC_HASH_TYPE_SHA3_256:
5535 #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
5536 ret = wolfSSL_SHA3_256_Update((SHA3_256_CTX*)&ctx->hash, data,
5537 (unsigned long)sz);
5538 #endif
5539 break;
5540 case WC_HASH_TYPE_SHA3_384:
5541 #if defined(WOLFSSL_SHA3)
5542 ret = wolfSSL_SHA3_384_Update((SHA3_384_CTX*)&ctx->hash, data,
5543 (unsigned long)sz);
5544 #endif
5545 break;
5546 case WC_HASH_TYPE_SHA3_512:
5547 #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512)
5548 ret = wolfSSL_SHA3_512_Update((SHA3_512_CTX*)&ctx->hash, data,
5549 (unsigned long)sz);
5550 #endif
5551 break;
5552 case WC_HASH_TYPE_NONE:
5553 case WC_HASH_TYPE_MD2:
5554 case WC_HASH_TYPE_MD5_SHA:
5555 case WC_HASH_TYPE_BLAKE2B:
5556 case WC_HASH_TYPE_BLAKE2S:
5557 default:
5558 return WOLFSSL_FAILURE;
5559 }
5560
5561 return ret;
5562 }
5563
5564 /* WOLFSSL_SUCCESS on ok */
5565 int wolfSSL_EVP_DigestFinal(WOLFSSL_EVP_MD_CTX* ctx, unsigned char* md,
5566 unsigned int* s)
5567 {
5568 int ret = WOLFSSL_FAILURE;
5569 enum wc_HashType macType;
5570
5571 WOLFSSL_ENTER("EVP_DigestFinal");
5572 macType = wolfSSL_EVP_md2macType(EVP_MD_CTX_md(ctx));
5573 switch (macType) {
5574 case WC_HASH_TYPE_MD4:
5575 #ifndef NO_MD4
5576 wolfSSL_MD4_Final(md, (MD4_CTX*)&ctx->hash);
5577 if (s) *s = MD4_DIGEST_SIZE;
5578 ret = WOLFSSL_SUCCESS;
5579 #endif
5580 break;
5581 case WC_HASH_TYPE_MD5:
5582 #ifndef NO_MD5
5583 ret = wolfSSL_MD5_Final(md, (MD5_CTX*)&ctx->hash);
5584 if (s) *s = WC_MD5_DIGEST_SIZE;
5585 #endif
5586 break;
5587 case WC_HASH_TYPE_SHA:
5588 #ifndef NO_SHA
5589 ret = wolfSSL_SHA_Final(md, (SHA_CTX*)&ctx->hash);
5590 if (s) *s = WC_SHA_DIGEST_SIZE;
5591 #endif
5592 break;
5593 case WC_HASH_TYPE_SHA224:
5594 #ifdef WOLFSSL_SHA224
5595 ret = wolfSSL_SHA224_Final(md, (SHA224_CTX*)&ctx->hash);
5596 if (s) *s = WC_SHA224_DIGEST_SIZE;
5597 #endif
5598 break;
5599 case WC_HASH_TYPE_SHA256:
5600 #ifndef NO_SHA256
5601 ret = wolfSSL_SHA256_Final(md, (SHA256_CTX*)&ctx->hash);
5602 if (s) *s = WC_SHA256_DIGEST_SIZE;
5603 #endif /* !NO_SHA256 */
5604 break;
5605 case WC_HASH_TYPE_SHA384:
5606 #ifdef WOLFSSL_SHA384
5607 ret = wolfSSL_SHA384_Final(md, (SHA384_CTX*)&ctx->hash);
5608 if (s) *s = WC_SHA384_DIGEST_SIZE;
5609 #endif
5610 break;
5611 case WC_HASH_TYPE_SHA512:
5612 #ifdef WOLFSSL_SHA512
5613 ret = wolfSSL_SHA512_Final(md, (SHA512_CTX*)&ctx->hash);
5614 if (s) *s = WC_SHA512_DIGEST_SIZE;
5615 #endif /* WOLFSSL_SHA512 */
5616 break;
5617 case WC_HASH_TYPE_SHA3_224:
5618 #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
5619 ret = wolfSSL_SHA3_224_Final(md, (SHA3_224_CTX*)&ctx->hash);
5620 if (s) *s = WC_SHA3_224_DIGEST_SIZE;
5621 #endif
5622 break;
5623 case WC_HASH_TYPE_SHA3_256:
5624 #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
5625 ret = wolfSSL_SHA3_256_Final(md, (SHA3_256_CTX*)&ctx->hash);
5626 if (s) *s = WC_SHA3_256_DIGEST_SIZE;
5627 #endif
5628 break;
5629 case WC_HASH_TYPE_SHA3_384:
5630 #if defined(WOLFSSL_SHA3)
5631 ret = wolfSSL_SHA3_384_Final(md, (SHA3_384_CTX*)&ctx->hash);
5632 if (s) *s = WC_SHA3_384_DIGEST_SIZE;
5633 #endif
5634 break;
5635 case WC_HASH_TYPE_SHA3_512:
5636 #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512)
5637 ret = wolfSSL_SHA3_512_Final(md, (SHA3_512_CTX*)&ctx->hash);
5638 if (s) *s = WC_SHA3_512_DIGEST_SIZE;
5639 #endif
5640 break;
5641 case WC_HASH_TYPE_NONE:
5642 case WC_HASH_TYPE_MD2:
5643 case WC_HASH_TYPE_MD5_SHA:
5644 case WC_HASH_TYPE_BLAKE2B:
5645 case WC_HASH_TYPE_BLAKE2S:
5646 default:
5647 return WOLFSSL_FAILURE;
5648 }
5649
5650 return ret;
5651 }
5652
5653 /* WOLFSSL_SUCCESS on ok */
5654 int wolfSSL_EVP_DigestFinal_ex(WOLFSSL_EVP_MD_CTX* ctx, unsigned char* md,
5655 unsigned int* s)
5656 {
5657 WOLFSSL_ENTER("EVP_DigestFinal_ex");
5658 return EVP_DigestFinal(ctx, md, s);
5659 }
5660
5661 void wolfSSL_EVP_cleanup(void)
5662 {
5663 /* nothing to do here */
5664 }
5665
5666const WOLFSSL_EVP_MD* wolfSSL_EVP_get_digestbynid(int id)
5667{
5668 WOLFSSL_MSG("wolfSSL_get_digestbynid");
5669
5670 switch(id) {
5671#ifndef NO_MD5
5672 case NID_md5:
5673 return wolfSSL_EVP_md5();
5674#endif
5675#ifndef NO_SHA
5676 case NID_sha1:
5677 return wolfSSL_EVP_sha1();
5678#endif
5679#ifndef NO_SHA256
5680 case NID_sha256:
5681 return wolfSSL_EVP_sha256();
5682#endif
5683 default:
5684 WOLFSSL_MSG("Bad digest id value");
5685 }
5686
5687 return NULL;
5688}
5689
5690#ifndef NO_RSA
5691WOLFSSL_RSA* wolfSSL_EVP_PKEY_get0_RSA(WOLFSSL_EVP_PKEY *pkey)
5692{
5693 if (!pkey) {
5694 return NULL;
5695 }
5696 return pkey->rsa;
5697}
5698
5699WOLFSSL_RSA* wolfSSL_EVP_PKEY_get1_RSA(WOLFSSL_EVP_PKEY* key)
5700{
5701 WOLFSSL_RSA* local;
5702
5703 WOLFSSL_MSG("wolfSSL_EVP_PKEY_get1_RSA");
5704
5705 if (key == NULL) {
5706 return NULL;
5707 }
5708
5709 local = wolfSSL_RSA_new();
5710 if (local == NULL) {
5711 WOLFSSL_MSG("Error creating a new WOLFSSL_RSA structure");
5712 return NULL;
5713 }
5714
5715 if (key->type == EVP_PKEY_RSA) {
5716 if (wolfSSL_RSA_LoadDer(local, (const unsigned char*)key->pkey.ptr,
5717 key->pkey_sz) != SSL_SUCCESS) {
5718 /* now try public key */
5719 if (wolfSSL_RSA_LoadDer_ex(local,
5720 (const unsigned char*)key->pkey.ptr, key->pkey_sz,
5721 WOLFSSL_RSA_LOAD_PUBLIC) != SSL_SUCCESS) {
5722 wolfSSL_RSA_free(local);
5723 local = NULL;
5724 }
5725 }
5726 }
5727 else {
5728 WOLFSSL_MSG("WOLFSSL_EVP_PKEY does not hold an RSA key");
5729 wolfSSL_RSA_free(local);
5730 local = NULL;
5731 }
5732 return local;
5733}
5734
5735/* with set1 functions the pkey struct does not own the RSA structure
5736 *
5737 * returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure
5738 */
5739int wolfSSL_EVP_PKEY_set1_RSA(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_RSA *key)
5740{
5741#if defined(WOLFSSL_KEY_GEN) && !defined(HAVE_USER_RSA)
5742 int derMax = 0;
5743 int derSz = 0;
5744 byte* derBuf = NULL;
5745 RsaKey* rsa = NULL;
5746#endif
5747 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_set1_RSA");
5748 if ((pkey == NULL) || (key == NULL))
5749 return WOLFSSL_FAILURE;
5750
5751 if (wolfSSL_RSA_up_ref(key) != WOLFSSL_SUCCESS) {
5752 WOLFSSL_MSG("wolfSSL_RSA_up_ref failed");
5753 return WOLFSSL_FAILURE;
5754 }
5755 if (pkey->rsa != NULL && pkey->ownRsa == 1) {
5756 wolfSSL_RSA_free(pkey->rsa);
5757 }
5758 pkey->rsa = key;
5759 pkey->ownRsa = 1; /* pkey does not own RSA but needs to call free on it */
5760 pkey->type = EVP_PKEY_RSA;
5761 if (key->inSet == 0) {
5762 if (SetRsaInternal(key) != WOLFSSL_SUCCESS) {
5763 WOLFSSL_MSG("SetRsaInternal failed");
5764 return WOLFSSL_FAILURE;
5765 }
5766 }
5767
5768#if defined(WOLFSSL_KEY_GEN) && !defined(HAVE_USER_RSA)
5769 rsa = (RsaKey*)key->internal;
5770 /* 5 > size of n, d, p, q, d%(p-1), d(q-1), 1/q%p, e + ASN.1 additional
5771 * information */
5772 derMax = 5 * wolfSSL_RSA_size(key) + (2 * AES_BLOCK_SIZE);
5773
5774 derBuf = (byte*)XMALLOC(derMax, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
5775 if (derBuf == NULL) {
5776 WOLFSSL_MSG("malloc failed");
5777 return WOLFSSL_FAILURE;
5778 }
5779
5780 if (rsa->type == RSA_PRIVATE) {
5781 /* Private key to DER */
5782 derSz = wc_RsaKeyToDer(rsa, derBuf, derMax);
5783 }
5784 else {
5785 /* Public key to DER */
5786 derSz = wc_RsaKeyToPublicDer(rsa, derBuf, derMax);
5787 }
5788
5789 if (derSz < 0) {
5790 if (rsa->type == RSA_PRIVATE) {
5791 WOLFSSL_MSG("wc_RsaKeyToDer failed");
5792 }
5793 else {
5794 WOLFSSL_MSG("wc_RsaKeyToPublicDer failed");
5795 }
5796 XFREE(derBuf, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
5797 return WOLFSSL_FAILURE;
5798 }
5799
5800 pkey->pkey.ptr = (char*)XMALLOC(derSz, pkey->heap, DYNAMIC_TYPE_DER);
5801 if (pkey->pkey.ptr == NULL) {
5802 WOLFSSL_MSG("key malloc failed");
5803 XFREE(derBuf, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
5804 return WOLFSSL_FAILURE;
5805 }
5806 pkey->pkey_sz = derSz;
5807 XMEMCPY(pkey->pkey.ptr, derBuf, derSz);
5808 XFREE(derBuf, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
5809#endif /* WOLFSSL_KEY_GEN && !HAVE_USER_RSA */
5810
5811#ifdef WC_RSA_BLINDING
5812 if (key->ownRng == 0) {
5813 if (wc_RsaSetRNG((RsaKey*)(pkey->rsa->internal), &(pkey->rng)) != 0) {
5814 WOLFSSL_MSG("Error setting RSA rng");
5815 return WOLFSSL_FAILURE;
5816 }
5817 }
5818#endif
5819 return WOLFSSL_SUCCESS;
5820}
5821#endif /* !NO_RSA */
5822
5823#if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN)
5824/* with set1 functions the pkey struct does not own the DSA structure
5825 *
5826 * returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure
5827 */
5828int wolfSSL_EVP_PKEY_set1_DSA(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_DSA *key)
5829{
5830 int derMax = 0;
5831 int derSz = 0;
5832 DsaKey* dsa = NULL;
5833 byte* derBuf = NULL;
5834
5835 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_set1_DSA");
5836
5837 if((pkey == NULL) || (key == NULL))return WOLFSSL_FAILURE;
5838 if (pkey->dsa != NULL && pkey->ownDsa == 1) {
5839 wolfSSL_DSA_free(pkey->dsa);
5840 }
5841 pkey->dsa = key;
5842 pkey->ownDsa = 0; /* pkey does not own DSA */
5843 pkey->type = EVP_PKEY_DSA;
5844 if (key->inSet == 0) {
5845 if (SetDsaInternal(key) != WOLFSSL_SUCCESS) {
5846 WOLFSSL_MSG("SetDsaInternal failed");
5847 return WOLFSSL_FAILURE;
5848 }
5849 }
5850 dsa = (DsaKey*)key->internal;
5851
5852 /* 4 > size of pub, priv, p, q, g + ASN.1 additional information */
5853 derMax = 4 * wolfSSL_BN_num_bytes(key->g) + AES_BLOCK_SIZE;
5854
5855 derBuf = (byte*)XMALLOC(derMax, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
5856 if (derBuf == NULL) {
5857 WOLFSSL_MSG("malloc failed");
5858 return WOLFSSL_FAILURE;
5859 }
5860
5861 if (dsa->type == DSA_PRIVATE) {
5862 /* Private key to DER */
5863 derSz = wc_DsaKeyToDer(dsa, derBuf, derMax);
5864 }
5865 else {
5866 /* Public key to DER */
5867 derSz = wc_DsaKeyToPublicDer(dsa, derBuf, derMax);
5868 }
5869
5870 if (derSz < 0) {
5871 if (dsa->type == DSA_PRIVATE) {
5872 WOLFSSL_MSG("wc_DsaKeyToDer failed");
5873 }
5874 else {
5875 WOLFSSL_MSG("wc_DsaKeyToPublicDer failed");
5876 }
5877 XFREE(derBuf, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
5878 return WOLFSSL_FAILURE;
5879 }
5880
5881 pkey->pkey.ptr = (char*)XMALLOC(derSz, pkey->heap, DYNAMIC_TYPE_DER);
5882 if (pkey->pkey.ptr == NULL) {
5883 WOLFSSL_MSG("key malloc failed");
5884 XFREE(derBuf, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
5885 return WOLFSSL_FAILURE;
5886 }
5887 pkey->pkey_sz = derSz;
5888 XMEMCPY(pkey->pkey.ptr, derBuf, derSz);
5889 XFREE(derBuf, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
5890
5891 return WOLFSSL_SUCCESS;
5892}
5893
5894WOLFSSL_DSA* wolfSSL_EVP_PKEY_get0_DSA(struct WOLFSSL_EVP_PKEY *pkey)
5895{
5896 if (!pkey) {
5897 return NULL;
5898 }
5899 return pkey->dsa;
5900}
5901
5902WOLFSSL_DSA* wolfSSL_EVP_PKEY_get1_DSA(WOLFSSL_EVP_PKEY* key)
5903{
5904 WOLFSSL_DSA* local;
5905
5906 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_get1_DSA");
5907
5908 if (key == NULL) {
5909 WOLFSSL_MSG("Bad function argument");
5910 return NULL;
5911 }
5912
5913 local = wolfSSL_DSA_new();
5914 if (local == NULL) {
5915 WOLFSSL_MSG("Error creating a new WOLFSSL_DSA structure");
5916 return NULL;
5917 }
5918
5919 if (key->type == EVP_PKEY_DSA) {
5920 if (wolfSSL_DSA_LoadDer(local, (const unsigned char*)key->pkey.ptr,
5921 key->pkey_sz) != SSL_SUCCESS) {
5922 /* now try public key */
5923 if (wolfSSL_DSA_LoadDer_ex(local,
5924 (const unsigned char*)key->pkey.ptr, key->pkey_sz,
5925 WOLFSSL_DSA_LOAD_PUBLIC) != SSL_SUCCESS) {
5926 wolfSSL_DSA_free(local);
5927 local = NULL;
5928 }
5929 }
5930 }
5931 else {
5932 WOLFSSL_MSG("WOLFSSL_EVP_PKEY does not hold a DSA key");
5933 wolfSSL_DSA_free(local);
5934 local = NULL;
5935 }
5936 return local;
5937}
5938#endif /* !NO_DSA && !HAVE_SELFTEST && WOLFSSL_KEY_GEN */
5939
5940#ifdef HAVE_ECC
5941WOLFSSL_EC_KEY *wolfSSL_EVP_PKEY_get0_EC_KEY(WOLFSSL_EVP_PKEY *pkey)
5942{
5943 WOLFSSL_EC_KEY *eckey = NULL;
5944 if (pkey) {
5945#ifdef HAVE_ECC
5946 eckey = pkey->ecc;
5947#endif
5948 }
5949 return eckey;
5950}
5951
5952WOLFSSL_EC_KEY* wolfSSL_EVP_PKEY_get1_EC_KEY(WOLFSSL_EVP_PKEY* key)
5953{
5954 WOLFSSL_EC_KEY* local;
5955 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_get1_EC_KEY");
5956
5957 if (key == NULL) {
5958 return NULL;
5959 }
5960
5961 local = wolfSSL_EC_KEY_new();
5962 if (local == NULL) {
5963 WOLFSSL_MSG("Error creating a new WOLFSSL_EC_KEY structure");
5964 return NULL;
5965 }
5966
5967 if (key->type == EVP_PKEY_EC) {
5968 if (wolfSSL_EC_KEY_LoadDer(local, (const unsigned char*)key->pkey.ptr,
5969 key->pkey_sz) != SSL_SUCCESS) {
5970 /* now try public key */
5971 if (wolfSSL_EC_KEY_LoadDer_ex(local,
5972 (const unsigned char*)key->pkey.ptr,
5973 key->pkey_sz, WOLFSSL_EC_KEY_LOAD_PUBLIC) != SSL_SUCCESS) {
5974
5975 wolfSSL_EC_KEY_free(local);
5976 local = NULL;
5977 }
5978 }
5979 }
5980 else {
5981 WOLFSSL_MSG("WOLFSSL_EVP_PKEY does not hold an EC key");
5982 wolfSSL_EC_KEY_free(local);
5983 local = NULL;
5984 }
5985#ifdef OPENSSL_ALL
5986 if (!local && key->ecc) {
5987 local = wolfSSL_EC_KEY_dup(key->ecc);
5988 }
5989#endif
5990 return local;
5991}
5992#endif /* HAVE_ECC */
5993
5994#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
5995#if !defined(NO_DH) && !defined(NO_FILESYSTEM)
5996#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
5997/* with set1 functions the pkey struct does not own the DH structure
5998 * Build the following DH Key format from the passed in WOLFSSL_DH
5999 * then store in WOLFSSL_EVP_PKEY in DER format.
6000 *
6001 * returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure
6002 */
6003int wolfSSL_EVP_PKEY_set1_DH(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_DH *key)
6004{
6005 byte havePublic = 0, havePrivate = 0;
6006 int ret;
6007 word32 derSz = 0;
6008 byte* derBuf = NULL;
6009 DhKey* dhkey = NULL;
6010
6011 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_set1_DH");
6012
6013 if (pkey == NULL || key == NULL)
6014 return WOLFSSL_FAILURE;
6015
6016 if (pkey->dh != NULL && pkey->ownDh == 1)
6017 wolfSSL_DH_free(pkey->dh);
6018
6019 pkey->dh = key;
6020 pkey->ownDh = 0; /* pkey does not own DH */
6021 pkey->type = EVP_PKEY_DH;
6022 if (key->inSet == 0) {
6023 if (SetDhInternal(key) != WOLFSSL_SUCCESS) {
6024 WOLFSSL_MSG("SetDhInternal failed");
6025 return WOLFSSL_FAILURE;
6026 }
6027 }
6028
6029 dhkey = (DhKey*)key->internal;
6030
6031 havePublic = mp_unsigned_bin_size(&dhkey->pub) > 0;
6032 havePrivate = mp_unsigned_bin_size(&dhkey->priv) > 0;
6033
6034 /* Get size of DER buffer only */
6035 if (havePublic && !havePrivate) {
6036 ret = wc_DhPubKeyToDer(dhkey, NULL, &derSz);
6037 } else if (havePrivate && !havePublic) {
6038 ret = wc_DhPrivKeyToDer(dhkey, NULL, &derSz);
6039 } else {
6040 ret = wc_DhParamsToDer(dhkey,NULL,&derSz);
6041 }
6042
6043 if (derSz <= 0 || ret != LENGTH_ONLY_E) {
6044 WOLFSSL_MSG("Failed to get size of DH Key");
6045 return WOLFSSL_FAILURE;
6046 }
6047
6048 derBuf = (byte*)XMALLOC(derSz, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
6049 if (derBuf == NULL) {
6050 WOLFSSL_MSG("malloc failed");
6051 return WOLFSSL_FAILURE;
6052 }
6053
6054 /* Fill DER buffer */
6055 if (havePublic && !havePrivate) {
6056 ret = wc_DhPubKeyToDer(dhkey, derBuf, &derSz);
6057 } else if (havePrivate && !havePublic) {
6058 ret = wc_DhPrivKeyToDer(dhkey, derBuf, &derSz);
6059 } else {
6060 ret = wc_DhParamsToDer(dhkey,derBuf,&derSz);
6061 }
6062
6063 if (ret <= 0) {
6064 WOLFSSL_MSG("Failed to export DH Key");
6065 XFREE(derBuf, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
6066 return WOLFSSL_FAILURE;
6067 }
6068
6069 /* Store DH key into pkey (DER format) */
6070 pkey->pkey.ptr = (char*)derBuf;
6071 pkey->pkey_sz = derSz;
6072
6073 return WOLFSSL_SUCCESS;
6074}
6075#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
6076
6077WOLFSSL_DH* wolfSSL_EVP_PKEY_get0_DH(WOLFSSL_EVP_PKEY* key)
6078{
6079 if (!key) {
6080 return NULL;
6081 }
6082 return key->dh;
6083}
6084
6085#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
6086WOLFSSL_DH* wolfSSL_EVP_PKEY_get1_DH(WOLFSSL_EVP_PKEY* key)
6087{
6088 WOLFSSL_DH* local = NULL;
6089
6090 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_get1_DH");
6091
6092 if (key == NULL || key->dh == NULL) {
6093 WOLFSSL_MSG("Bad function argument");
6094 return NULL;
6095 }
6096
6097 if (key->type == EVP_PKEY_DH) {
6098 local = wolfSSL_DH_new();
6099 if (local == NULL) {
6100 WOLFSSL_MSG("Error creating a new WOLFSSL_DH structure");
6101 return NULL;
6102 }
6103
6104 if (wolfSSL_DH_LoadDer(local, (const unsigned char*)key->pkey.ptr,
6105 key->pkey_sz) != SSL_SUCCESS) {
6106 wolfSSL_DH_free(local);
6107 WOLFSSL_MSG("Error wolfSSL_DH_LoadDer");
6108 local = NULL;
6109 }
6110 }
6111 else {
6112 WOLFSSL_MSG("WOLFSSL_EVP_PKEY does not hold a DH key");
6113 wolfSSL_DH_free(local);
6114 return NULL;
6115 }
6116
6117 return local;
6118}
6119#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
6120#endif /* NO_DH && NO_FILESYSTEM */
6121
6122int wolfSSL_EVP_PKEY_assign(WOLFSSL_EVP_PKEY *pkey, int type, void *key)
6123{
6124 int ret;
6125
6126 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_assign");
6127
6128 /* pkey and key checked if NULL in subsequent assign functions */
6129 switch(type) {
6130 #ifndef NO_RSA
6131 case EVP_PKEY_RSA:
6132 ret = wolfSSL_EVP_PKEY_assign_RSA(pkey, (WOLFSSL_RSA*)key);
6133 break;
6134 #endif
6135 #ifndef NO_DSA
6136 case EVP_PKEY_DSA:
6137 ret = wolfSSL_EVP_PKEY_assign_DSA(pkey, (WOLFSSL_DSA*)key);
6138 break;
6139 #endif
6140 #ifdef HAVE_ECC
6141 case EVP_PKEY_EC:
6142 ret = wolfSSL_EVP_PKEY_assign_EC_KEY(pkey, (WOLFSSL_EC_KEY*)key);
6143 break;
6144 #endif
6145 #ifndef NO_DH
6146 case EVP_PKEY_DH:
6147 ret = wolfSSL_EVP_PKEY_assign_DH(pkey, (WOLFSSL_DH*)key);
6148 break;
6149 #endif
6150 default:
6151 WOLFSSL_MSG("Unknown EVP_PKEY type in wolfSSL_EVP_PKEY_assign.");
6152 ret = WOLFSSL_FAILURE;
6153 }
6154
6155 return ret;
6156}
6157#endif /* WOLFSSL_QT || OPENSSL_ALL */
6158
6159#if defined(HAVE_ECC)
6160/* try and populate public pkey_sz and pkey.ptr */
6161static int ECC_populate_EVP_PKEY(EVP_PKEY* pkey, ecc_key* ecc)
6162{
6163 word32 derSz = 0;
6164 if (!pkey || !ecc)
6165 return WOLFSSL_FAILURE;
6166 if (wc_EccKeyToPKCS8(ecc, NULL, &derSz) == LENGTH_ONLY_E) {
6167 byte* derBuf = (byte*)XMALLOC(derSz, NULL, DYNAMIC_TYPE_OPENSSL);
6168 if (derBuf) {
6169 if (wc_EccKeyToPKCS8(ecc, derBuf, &derSz) >= 0) {
6170 if (pkey->pkey.ptr) {
6171 XFREE(pkey->pkey.ptr, NULL, DYNAMIC_TYPE_OPENSSL);
6172 }
6173 pkey->pkey_sz = (int)derSz;
6174 pkey->pkey.ptr = (char*)derBuf;
6175 return WOLFSSL_SUCCESS;
6176 }
6177 else {
6178 XFREE(derBuf, NULL, DYNAMIC_TYPE_OPENSSL);
6179 derBuf = NULL;
6180 }
6181 }
6182 }
6183 return WOLFSSL_FAILURE;
6184}
6185
6186WOLFSSL_API int wolfSSL_EVP_PKEY_set1_EC_KEY(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_EC_KEY *key)
6187{
6188#ifdef HAVE_ECC
6189 if((pkey == NULL) || (key ==NULL))return WOLFSSL_FAILURE;
6190 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_set1_EC_KEY");
6191#ifndef NO_RSA
6192 if (pkey->rsa != NULL && pkey->ownRsa == 1) {
6193 wolfSSL_RSA_free(pkey->rsa);
6194 }
6195 pkey->ownRsa = 0;
6196#endif
6197#ifndef NO_DSA
6198 if (pkey->dsa != NULL && pkey->ownDsa == 1) {
6199 wolfSSL_DSA_free(pkey->dsa);
6200 }
6201 pkey->ownDsa = 0;
6202#endif
6203#ifndef NO_DH
6204 if (pkey->dh != NULL && pkey->ownDh == 1) {
6205 wolfSSL_DH_free(pkey->dh);
6206 }
6207 pkey->ownDh = 0;
6208#endif
6209 if (pkey->ecc != NULL && pkey->ownEcc == 1) {
6210 wolfSSL_EC_KEY_free(pkey->ecc);
6211 }
6212 pkey->ecc = key;
6213 pkey->ownEcc = 0; /* pkey does not own EC key */
6214 pkey->type = EVP_PKEY_EC;
6215 return ECC_populate_EVP_PKEY(pkey, (ecc_key*)key->internal);
6216#else
6217 (void)pkey;
6218 (void)key;
6219 return WOLFSSL_FAILURE;
6220#endif
6221}
6222
6223void* wolfSSL_EVP_X_STATE(const WOLFSSL_EVP_CIPHER_CTX* ctx)
6224{
6225 WOLFSSL_MSG("wolfSSL_EVP_X_STATE");
6226
6227 if (ctx) {
6228 switch (ctx->cipherType) {
6229 case ARC4_TYPE:
6230 WOLFSSL_MSG("returning arc4 state");
6231 return (void*)&ctx->cipher.arc4.x;
6232
6233 default:
6234 WOLFSSL_MSG("bad x state type");
6235 return 0;
6236 }
6237 }
6238
6239 return NULL;
6240}
6241int wolfSSL_EVP_PKEY_assign_EC_KEY(EVP_PKEY* pkey, WOLFSSL_EC_KEY* key)
6242{
6243 if (pkey == NULL || key == NULL)
6244 return WOLFSSL_FAILURE;
6245
6246 pkey->type = EVP_PKEY_EC;
6247 pkey->ecc = key;
6248 pkey->ownEcc = 1;
6249
6250 /* try and populate public pkey_sz and pkey.ptr */
6251 return ECC_populate_EVP_PKEY(pkey, (ecc_key*)key->internal);
6252}
6253#endif /* HAVE_ECC */
6254
6255#ifndef NO_WOLFSSL_STUB
6256const WOLFSSL_EVP_MD* wolfSSL_EVP_ripemd160(void)
6257{
6258 WOLFSSL_MSG("wolfSSL_ripemd160");
6259 WOLFSSL_STUB("EVP_ripemd160");
6260 return NULL;
6261}
6262#endif
6263
6264
6265int wolfSSL_EVP_MD_block_size(const WOLFSSL_EVP_MD* type)
6266{
6267 WOLFSSL_MSG("wolfSSL_EVP_MD_block_size");
6268
6269 if (type == NULL) {
6270 WOLFSSL_MSG("No md type arg");
6271 return BAD_FUNC_ARG;
6272 }
6273
6274 if (XSTRNCMP(type, "SHA256", 6) == 0) {
6275 return WC_SHA256_BLOCK_SIZE;
6276 }
6277#ifndef NO_MD5
6278 else if (XSTRNCMP(type, "MD5", 3) == 0) {
6279 return WC_MD5_BLOCK_SIZE;
6280 }
6281#endif
6282#ifdef WOLFSSL_SHA224
6283 else if (XSTRNCMP(type, "SHA224", 6) == 0) {
6284 return WC_SHA224_BLOCK_SIZE;
6285 }
6286#endif
6287#ifdef WOLFSSL_SHA384
6288 else if (XSTRNCMP(type, "SHA384", 6) == 0) {
6289 return WC_SHA384_BLOCK_SIZE;
6290 }
6291#endif
6292#ifdef WOLFSSL_SHA512
6293 else if (XSTRNCMP(type, "SHA512", 6) == 0) {
6294 return WC_SHA512_BLOCK_SIZE;
6295 }
6296#endif
6297#ifndef NO_SHA
6298 /* has to be last since would pick or 256, 384, or 512 too */
6299 else if (XSTRNCMP(type, "SHA", 3) == 0) {
6300 return WC_SHA_BLOCK_SIZE;
6301 }
6302#endif
6303
6304 return BAD_FUNC_ARG;
6305}
6306
6307int wolfSSL_EVP_MD_size(const WOLFSSL_EVP_MD* type)
6308{
6309 WOLFSSL_MSG("wolfSSL_EVP_MD_size");
6310
6311 if (type == NULL) {
6312 WOLFSSL_MSG("No md type arg");
6313 return BAD_FUNC_ARG;
6314 }
6315
6316 if (XSTRNCMP(type, "SHA256", 6) == 0) {
6317 return WC_SHA256_DIGEST_SIZE;
6318 }
6319#ifndef NO_MD5
6320 else if (XSTRNCMP(type, "MD5", 3) == 0) {
6321 return WC_MD5_DIGEST_SIZE;
6322 }
6323#endif
6324#ifdef WOLFSSL_SHA224
6325 else if (XSTRNCMP(type, "SHA224", 6) == 0) {
6326 return WC_SHA224_DIGEST_SIZE;
6327 }
6328#endif
6329#ifdef WOLFSSL_SHA384
6330 else if (XSTRNCMP(type, "SHA384", 6) == 0) {
6331 return WC_SHA384_DIGEST_SIZE;
6332 }
6333#endif
6334#ifdef WOLFSSL_SHA512
6335 else if (XSTRNCMP(type, "SHA512", 6) == 0) {
6336 return WC_SHA512_DIGEST_SIZE;
6337 }
6338#endif
6339#ifndef NO_SHA
6340 /* has to be last since would pick or 256, 384, or 512 too */
6341 else if (XSTRNCMP(type, "SHA", 3) == 0) {
6342 return WC_SHA_DIGEST_SIZE;
6343 }
6344#endif
6345
6346 return BAD_FUNC_ARG;
6347}
6348
6349
6350int wolfSSL_EVP_CIPHER_CTX_iv_length(const WOLFSSL_EVP_CIPHER_CTX* ctx)
6351{
6352 WOLFSSL_MSG("wolfSSL_EVP_CIPHER_CTX_iv_length");
6353
6354 switch (ctx->cipherType) {
6355
6356#ifdef HAVE_AES_CBC
6357 case AES_128_CBC_TYPE :
6358 case AES_192_CBC_TYPE :
6359 case AES_256_CBC_TYPE :
6360 WOLFSSL_MSG("AES CBC");
6361 return AES_BLOCK_SIZE;
6362#endif
6363#if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \
6364 (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
6365#ifdef HAVE_AESGCM
6366 case AES_128_GCM_TYPE :
6367 case AES_192_GCM_TYPE :
6368 case AES_256_GCM_TYPE :
6369 WOLFSSL_MSG("AES GCM");
6370 return GCM_NONCE_MID_SZ;
6371#endif
6372#endif /* (HAVE_FIPS && !HAVE_SELFTEST) || HAVE_FIPS_VERSION > 2 */
6373#ifdef WOLFSSL_AES_COUNTER
6374 case AES_128_CTR_TYPE :
6375 case AES_192_CTR_TYPE :
6376 case AES_256_CTR_TYPE :
6377 WOLFSSL_MSG("AES CTR");
6378 return AES_BLOCK_SIZE;
6379#endif
6380#ifndef NO_DES3
6381 case DES_CBC_TYPE :
6382 WOLFSSL_MSG("DES CBC");
6383 return DES_BLOCK_SIZE;
6384
6385 case DES_EDE3_CBC_TYPE :
6386 WOLFSSL_MSG("DES EDE3 CBC");
6387 return DES_BLOCK_SIZE;
6388#endif
6389#ifdef HAVE_IDEA
6390 case IDEA_CBC_TYPE :
6391 WOLFSSL_MSG("IDEA CBC");
6392 return IDEA_BLOCK_SIZE;
6393#endif
6394#ifndef NO_RC4
6395 case ARC4_TYPE :
6396 WOLFSSL_MSG("ARC4");
6397 return 0;
6398#endif
6399#ifdef WOLFSSL_AES_CFB
6400#if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
6401 case AES_128_CFB1_TYPE:
6402 case AES_192_CFB1_TYPE:
6403 case AES_256_CFB1_TYPE:
6404 WOLFSSL_MSG("AES CFB1");
6405 return AES_BLOCK_SIZE;
6406 case AES_128_CFB8_TYPE:
6407 case AES_192_CFB8_TYPE:
6408 case AES_256_CFB8_TYPE:
6409 WOLFSSL_MSG("AES CFB8");
6410 return AES_BLOCK_SIZE;
6411#endif /* !HAVE_SELFTEST && !HAVE_FIPS */
6412 case AES_128_CFB128_TYPE:
6413 case AES_192_CFB128_TYPE:
6414 case AES_256_CFB128_TYPE:
6415 WOLFSSL_MSG("AES CFB128");
6416 return AES_BLOCK_SIZE;
6417#endif /* WOLFSSL_AES_CFB */
6418#if defined(WOLFSSL_AES_OFB)
6419 case AES_128_OFB_TYPE:
6420 case AES_192_OFB_TYPE:
6421 case AES_256_OFB_TYPE:
6422 WOLFSSL_MSG("AES OFB");
6423 return AES_BLOCK_SIZE;
6424#endif /* WOLFSSL_AES_OFB */
6425#ifdef WOLFSSL_AES_XTS
6426 case AES_128_XTS_TYPE:
6427 case AES_256_XTS_TYPE:
6428 WOLFSSL_MSG("AES XTS");
6429 return AES_BLOCK_SIZE;
6430#endif /* WOLFSSL_AES_XTS */
6431
6432 case NULL_CIPHER_TYPE :
6433 WOLFSSL_MSG("NULL");
6434 return 0;
6435
6436 default: {
6437 WOLFSSL_MSG("bad type");
6438 }
6439 }
6440 return 0;
6441}
6442
6443int wolfSSL_EVP_CIPHER_iv_length(const WOLFSSL_EVP_CIPHER* cipher)
6444{
6445 const char *name = (const char *)cipher;
6446 WOLFSSL_MSG("wolfSSL_EVP_CIPHER_iv_length");
6447
6448#ifndef NO_AES
6449#ifdef HAVE_AES_CBC
6450 #ifdef WOLFSSL_AES_128
6451 if (XSTRNCMP(name, EVP_AES_128_CBC, XSTRLEN(EVP_AES_128_CBC)) == 0)
6452 return AES_BLOCK_SIZE;
6453 #endif
6454 #ifdef WOLFSSL_AES_192
6455 if (XSTRNCMP(name, EVP_AES_192_CBC, XSTRLEN(EVP_AES_192_CBC)) == 0)
6456 return AES_BLOCK_SIZE;
6457 #endif
6458 #ifdef WOLFSSL_AES_256
6459 if (XSTRNCMP(name, EVP_AES_256_CBC, XSTRLEN(EVP_AES_256_CBC)) == 0)
6460 return AES_BLOCK_SIZE;
6461 #endif
6462#endif /* HAVE_AES_CBC */
6463#if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \
6464 (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
6465#ifdef HAVE_AESGCM
6466 #ifdef WOLFSSL_AES_128
6467 if (XSTRNCMP(name, EVP_AES_128_GCM, XSTRLEN(EVP_AES_128_GCM)) == 0)
6468 return GCM_NONCE_MID_SZ;
6469 #endif
6470 #ifdef WOLFSSL_AES_192
6471 if (XSTRNCMP(name, EVP_AES_192_GCM, XSTRLEN(EVP_AES_192_GCM)) == 0)
6472 return GCM_NONCE_MID_SZ;
6473 #endif
6474 #ifdef WOLFSSL_AES_256
6475 if (XSTRNCMP(name, EVP_AES_256_GCM, XSTRLEN(EVP_AES_256_GCM)) == 0)
6476 return GCM_NONCE_MID_SZ;
6477 #endif
6478#endif /* HAVE_AESGCM */
6479#endif /* (HAVE_FIPS && !HAVE_SELFTEST) || HAVE_FIPS_VERSION > 2 */
6480#ifdef WOLFSSL_AES_COUNTER
6481 #ifdef WOLFSSL_AES_128
6482 if (XSTRNCMP(name, EVP_AES_128_CTR, XSTRLEN(EVP_AES_128_CTR)) == 0)
6483 return AES_BLOCK_SIZE;
6484 #endif
6485 #ifdef WOLFSSL_AES_192
6486 if (XSTRNCMP(name, EVP_AES_192_CTR, XSTRLEN(EVP_AES_192_CTR)) == 0)
6487 return AES_BLOCK_SIZE;
6488 #endif
6489 #ifdef WOLFSSL_AES_256
6490 if (XSTRNCMP(name, EVP_AES_256_CTR, XSTRLEN(EVP_AES_256_CTR)) == 0)
6491 return AES_BLOCK_SIZE;
6492 #endif
6493#endif
6494#ifdef WOLFSSL_AES_XTS
6495 #ifdef WOLFSSL_AES_128
6496 if (XSTRNCMP(name, EVP_AES_128_XTS, XSTRLEN(EVP_AES_128_XTS)) == 0)
6497 return AES_BLOCK_SIZE;
6498 #endif /* WOLFSSL_AES_128 */
6499
6500 #ifdef WOLFSSL_AES_256
6501 if (XSTRNCMP(name, EVP_AES_256_XTS, XSTRLEN(EVP_AES_256_XTS)) == 0)
6502 return AES_BLOCK_SIZE;
6503 #endif /* WOLFSSL_AES_256 */
6504#endif /* WOLFSSL_AES_XTS */
6505
6506#endif
6507
6508#ifndef NO_DES3
6509 if ((XSTRNCMP(name, EVP_DES_CBC, XSTRLEN(EVP_DES_CBC)) == 0) ||
6510 (XSTRNCMP(name, EVP_DES_EDE3_CBC, XSTRLEN(EVP_DES_EDE3_CBC)) == 0)) {
6511 return DES_BLOCK_SIZE;
6512 }
6513#endif
6514
6515#ifdef HAVE_IDEA
6516 if (XSTRNCMP(name, EVP_IDEA_CBC, XSTRLEN(EVP_IDEA_CBC)) == 0)
6517 return IDEA_BLOCK_SIZE;
6518#endif
6519
6520 (void)name;
6521
6522 return 0;
6523}
6524
6525
6526int wolfSSL_EVP_X_STATE_LEN(const WOLFSSL_EVP_CIPHER_CTX* ctx)
6527{
6528 WOLFSSL_MSG("wolfSSL_EVP_X_STATE_LEN");
6529
6530 if (ctx) {
6531 switch (ctx->cipherType) {
6532 case ARC4_TYPE:
6533 WOLFSSL_MSG("returning arc4 state size");
6534 return sizeof(Arc4);
6535
6536 default:
6537 WOLFSSL_MSG("bad x state type");
6538 return 0;
6539 }
6540 }
6541
6542 return 0;
6543}
6544
6545
6546/* return of pkey->type which will be EVP_PKEY_RSA for example.
6547 *
6548 * type type of EVP_PKEY
6549 *
6550 * returns type or if type is not found then NID_undef
6551 */
6552int wolfSSL_EVP_PKEY_type(int type)
6553{
6554 WOLFSSL_MSG("wolfSSL_EVP_PKEY_type");
6555
6556 switch (type) {
6557 case EVP_PKEY_RSA:
6558 return EVP_PKEY_RSA;
6559 case EVP_PKEY_DSA:
6560 return EVP_PKEY_DSA;
6561 case EVP_PKEY_EC:
6562 return EVP_PKEY_EC;
6563 case EVP_PKEY_DH:
6564 return EVP_PKEY_DH;
6565 default:
6566 return NID_undef;
6567 }
6568}
6569
6570
6571int wolfSSL_EVP_PKEY_id(const WOLFSSL_EVP_PKEY *pkey)
6572{
6573 if (pkey != NULL)
6574 return pkey->type;
6575 return 0;
6576}
6577
6578
6579int wolfSSL_EVP_PKEY_base_id(const WOLFSSL_EVP_PKEY *pkey)
6580{
6581 if (pkey == NULL)
6582 return NID_undef;
6583 return wolfSSL_EVP_PKEY_type(pkey->type);
6584}
6585
6586int wolfSSL_EVP_PKEY_get_default_digest_nid(WOLFSSL_EVP_PKEY *pkey, int *pnid)
6587{
6588 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_get_default_digest_nid");
6589
6590 if (!pkey || !pnid) {
6591 WOLFSSL_MSG("Bad parameter");
6592 return WOLFSSL_FAILURE;
6593 }
6594
6595 switch (pkey->type) {
6596 case EVP_PKEY_HMAC:
6597#ifndef NO_DSA
6598 case EVP_PKEY_DSA:
6599#endif
6600#ifndef NO_RSA
6601 case EVP_PKEY_RSA:
6602#endif
6603#ifdef HAVE_ECC
6604 case EVP_PKEY_EC:
6605#endif
6606 *pnid = NID_sha256;
6607 return WOLFSSL_SUCCESS;
6608 default:
6609 return WOLFSSL_FAILURE;
6610 }
6611}
6612
6613/* increments ref count of WOLFSSL_EVP_PKEY. Return 1 on success, 0 on error */
6614int wolfSSL_EVP_PKEY_up_ref(WOLFSSL_EVP_PKEY* pkey)
6615{
6616 if (pkey) {
6617 if (wc_LockMutex(&pkey->refMutex) != 0) {
6618 WOLFSSL_MSG("Failed to lock pkey mutex");
6619 }
6620 pkey->references++;
6621 wc_UnLockMutex(&pkey->refMutex);
6622
6623 return WOLFSSL_SUCCESS;
6624 }
6625
6626 return WOLFSSL_FAILURE;
6627}
6628
6629#ifndef NO_RSA
6630int wolfSSL_EVP_PKEY_assign_RSA(EVP_PKEY* pkey, WOLFSSL_RSA* key)
6631{
6632 if (pkey == NULL || key == NULL)
6633 return WOLFSSL_FAILURE;
6634
6635 pkey->type = EVP_PKEY_RSA;
6636 pkey->rsa = key;
6637 pkey->ownRsa = 1;
6638
6639 /* try and populate public pkey_sz and pkey.ptr */
6640 if (key->internal) {
6641 RsaKey* rsa = (RsaKey*)key->internal;
6642 int ret = wc_RsaPublicKeyDerSize(rsa, 1);
6643 if (ret > 0) {
6644 int derSz = ret;
6645 char* derBuf = (char*)XMALLOC(derSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
6646 if (derBuf) {
6647 ret = wc_RsaKeyToPublicDer(rsa, (byte*)derBuf, derSz);
6648 if (ret >= 0) {
6649 pkey->pkey_sz = ret;
6650 pkey->pkey.ptr = derBuf;
6651 }
6652 else { /* failure - okay to ignore */
6653 XFREE(derBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
6654 derBuf = NULL;
6655 }
6656 }
6657 }
6658 }
6659
6660 return WOLFSSL_SUCCESS;
6661}
6662#endif /* !NO_RSA */
6663
6664#ifndef NO_DSA
6665int wolfSSL_EVP_PKEY_assign_DSA(EVP_PKEY* pkey, WOLFSSL_DSA* key)
6666{
6667 if (pkey == NULL || key == NULL)
6668 return WOLFSSL_FAILURE;
6669
6670 pkey->type = EVP_PKEY_DSA;
6671 pkey->dsa = key;
6672 pkey->ownDsa = 1;
6673
6674 return WOLFSSL_SUCCESS;
6675}
6676#endif /* !NO_DSA */
6677
6678#ifndef NO_DH
6679int wolfSSL_EVP_PKEY_assign_DH(EVP_PKEY* pkey, WOLFSSL_DH* key)
6680{
6681 if (pkey == NULL || key == NULL)
6682 return WOLFSSL_FAILURE;
6683
6684 pkey->type = EVP_PKEY_DH;
6685 pkey->dh = key;
6686 pkey->ownDh = 1;
6687
6688 return WOLFSSL_SUCCESS;
6689}
6690#endif /* !NO_DH */
6691
6692#endif /* OPENSSL_EXTRA */
6693
6694#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
6695/* Subset of OPENSSL_EXTRA for PKEY operations PKEY free is needed by the
6696 * subset of X509 API */
6697
6698WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new(void){
6699 return wolfSSL_EVP_PKEY_new_ex(NULL);
6700}
6701
6702WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_ex(void* heap)
6703{
6704 WOLFSSL_EVP_PKEY* pkey;
6705 int ret;
6706 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_new_ex");
6707 pkey = (WOLFSSL_EVP_PKEY*)XMALLOC(sizeof(WOLFSSL_EVP_PKEY), heap,
6708 DYNAMIC_TYPE_PUBLIC_KEY);
6709 if (pkey != NULL) {
6710 XMEMSET(pkey, 0, sizeof(WOLFSSL_EVP_PKEY));
6711 pkey->heap = heap;
6712 pkey->type = WOLFSSL_EVP_PKEY_DEFAULT;
6713#ifndef HAVE_FIPS
6714 ret = wc_InitRng_ex(&pkey->rng, heap, INVALID_DEVID);
6715#else
6716 ret = wc_InitRng(&pkey->rng);
6717#endif
6718 pkey->references = 1;
6719 wc_InitMutex(&pkey->refMutex); /* init of mutex needs to come before
6720 * wolfSSL_EVP_PKEY_free */
6721 if (ret != 0){
6722 wolfSSL_EVP_PKEY_free(pkey);
6723 WOLFSSL_MSG("memory failure");
6724 return NULL;
6725 }
6726 }
6727 else {
6728 WOLFSSL_MSG("memory failure");
6729 }
6730
6731 return pkey;
6732}
6733
6734void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY* key)
6735{
6736 int doFree = 0;
6737 WOLFSSL_ENTER("wolfSSL_EVP_PKEY_free");
6738 if (key != NULL) {
6739 if (wc_LockMutex(&key->refMutex) != 0) {
6740 WOLFSSL_MSG("Couldn't lock pkey mutex");
6741 }
6742
6743 /* only free if all references to it are done */
6744 key->references--;
6745 if (key->references == 0) {
6746 doFree = 1;
6747 }
6748 wc_UnLockMutex(&key->refMutex);
6749
6750 if (doFree) {
6751 wc_FreeRng(&key->rng);
6752
6753 if (key->pkey.ptr != NULL) {
6754 XFREE(key->pkey.ptr, key->heap, DYNAMIC_TYPE_PUBLIC_KEY);
6755 key->pkey.ptr = NULL;
6756 }
6757 switch(key->type)
6758 {
6759 #ifndef NO_RSA
6760 case EVP_PKEY_RSA:
6761 if (key->rsa != NULL && key->ownRsa == 1) {
6762 wolfSSL_RSA_free(key->rsa);
6763 key->rsa = NULL;
6764 }
6765 break;
6766 #endif /* NO_RSA */
6767
6768 #if defined(HAVE_ECC) && defined(OPENSSL_EXTRA)
6769 case EVP_PKEY_EC:
6770 if (key->ecc != NULL && key->ownEcc == 1) {
6771 wolfSSL_EC_KEY_free(key->ecc);
6772 key->ecc = NULL;
6773 }
6774 break;
6775 #endif /* HAVE_ECC && OPENSSL_EXTRA */
6776
6777 #ifndef NO_DSA
6778 case EVP_PKEY_DSA:
6779 if (key->dsa != NULL && key->ownDsa == 1) {
6780 wolfSSL_DSA_free(key->dsa);
6781 key->dsa = NULL;
6782 }
6783 break;
6784 #endif /* NO_DSA */
6785
6786 #if !defined(NO_DH) && (defined(WOLFSSL_QT) || defined(OPENSSL_ALL))
6787 case EVP_PKEY_DH:
6788 if (key->dh != NULL && key->ownDh == 1) {
6789 wolfSSL_DH_free(key->dh);
6790 key->dh = NULL;
6791 }
6792 break;
6793 #endif /* ! NO_DH ... */
6794
6795 default:
6796 break;
6797 }
6798
6799 if (wc_FreeMutex(&key->refMutex) != 0) {
6800 WOLFSSL_MSG("Couldn't free pkey mutex");
6801 }
6802 XFREE(key, key->heap, DYNAMIC_TYPE_PUBLIC_KEY);
6803 }
6804 }
6805}
6806
6807#if !defined(NO_PWDBASED)
6808int wolfSSL_EVP_get_hashinfo(const WOLFSSL_EVP_MD* evp,
6809 int* pHash, int* pHashSz)
6810{
6811 enum wc_HashType hash = WC_HASH_TYPE_NONE;
6812 int hashSz;
6813
6814 if (XSTRLEN(evp) < 3) {
6815 /* do not try comparing strings if size is too small */
6816 return WOLFSSL_FAILURE;
6817 }
6818
6819 if (XSTRNCMP("SHA", evp, 3) == 0) {
6820 if (XSTRLEN(evp) > 3) {
6821 #ifndef NO_SHA256
6822 if (XSTRNCMP("SHA256", evp, 6) == 0) {
6823 hash = WC_HASH_TYPE_SHA256;
6824 }
6825 else
6826 #endif
6827 #ifdef WOLFSSL_SHA384
6828 if (XSTRNCMP("SHA384", evp, 6) == 0) {
6829 hash = WC_HASH_TYPE_SHA384;
6830 }
6831 else
6832 #endif
6833 #ifdef WOLFSSL_SHA512
6834 if (XSTRNCMP("SHA512", evp, 6) == 0) {
6835 hash = WC_HASH_TYPE_SHA512;
6836 }
6837 else
6838 #endif
6839 if (XSTRNCMP("SHA1", evp, 4) == 0) {
6840 hash = WC_HASH_TYPE_SHA;
6841 }
6842 else {
6843 WOLFSSL_MSG("Unknown SHA hash");
6844 }
6845 }
6846 else {
6847 hash = WC_HASH_TYPE_SHA;
6848 }
6849 }
6850#ifdef WOLFSSL_MD2
6851 else if (XSTRNCMP("MD2", evp, 3) == 0) {
6852 hash = WC_HASH_TYPE_MD2;
6853 }
6854#endif
6855#ifndef NO_MD4
6856 else if (XSTRNCMP("MD4", evp, 3) == 0) {
6857 hash = WC_HASH_TYPE_MD4;
6858 }
6859#endif
6860#ifndef NO_MD5
6861 else if (XSTRNCMP("MD5", evp, 3) == 0) {
6862 hash = WC_HASH_TYPE_MD5;
6863 }
6864#endif
6865
6866 if (pHash)
6867 *pHash = hash;
6868
6869 hashSz = wc_HashGetDigestSize(hash);
6870 if (pHashSz)
6871 *pHashSz = hashSz;
6872
6873 if (hashSz < 0) {
6874 return WOLFSSL_FAILURE;
6875 }
6876
6877 return WOLFSSL_SUCCESS;
6878}
6879#endif /* !defined(NO_PWDBASED) */
6880
6881#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
6882
6883#endif /* WOLFSSL_EVP_INCLUDED */
Note: See TracBrowser for help on using the repository browser.