Xuyi Wang / wolfSSL

Important changes to repositories hosted on mbed.com

Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.

To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.

It is also possible to export all your personal repositories from the account settings page.

Dependents:   OS

wolfcrypt/src/evp.c@15:117db924cf7c, 2018-08-18 (annotated)

Committer:
wolfSSL
Date:
Sat Aug 18 22:20:43 2018 +0000
Revision:
15:117db924cf7c
wolfSSL 3.15.3

Who changed what in which revision?

UserRevisionLine numberNew contents of line
wolfSSL 15:117db924cf7c 1 /* evp.c
wolfSSL 15:117db924cf7c 2 *
wolfSSL 15:117db924cf7c 3 * Copyright (C) 2006-2017 wolfSSL Inc.
wolfSSL 15:117db924cf7c 4 *
wolfSSL 15:117db924cf7c 5 * This file is part of wolfSSL.
wolfSSL 15:117db924cf7c 6 *
wolfSSL 15:117db924cf7c 7 * wolfSSL is free software; you can redistribute it and/or modify
wolfSSL 15:117db924cf7c 8 * it under the terms of the GNU General Public License as published by
wolfSSL 15:117db924cf7c 9 * the Free Software Foundation; either version 2 of the License, or
wolfSSL 15:117db924cf7c 10 * (at your option) any later version.
wolfSSL 15:117db924cf7c 11 *
wolfSSL 15:117db924cf7c 12 * wolfSSL is distributed in the hope that it will be useful,
wolfSSL 15:117db924cf7c 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
wolfSSL 15:117db924cf7c 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
wolfSSL 15:117db924cf7c 15 * GNU General Public License for more details.
wolfSSL 15:117db924cf7c 16 *
wolfSSL 15:117db924cf7c 17 * You should have received a copy of the GNU General Public License
wolfSSL 15:117db924cf7c 18 * along with this program; if not, write to the Free Software
wolfSSL 15:117db924cf7c 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
wolfSSL 15:117db924cf7c 20 */
wolfSSL 15:117db924cf7c 21
wolfSSL 15:117db924cf7c 22 #if !defined(WOLFSSL_EVP_INCLUDED)
wolfSSL 15:117db924cf7c 23 #ifndef WOLFSSL_IGNORE_FILE_WARN
wolfSSL 15:117db924cf7c 24 #warning evp.c does not need to be compiled seperatly from ssl.c
wolfSSL 15:117db924cf7c 25 #endif
wolfSSL 15:117db924cf7c 26 #else
wolfSSL 15:117db924cf7c 27
wolfSSL 15:117db924cf7c 28 static unsigned int cipherType(const WOLFSSL_EVP_CIPHER *cipher);
wolfSSL 15:117db924cf7c 29
wolfSSL 15:117db924cf7c 30
wolfSSL 15:117db924cf7c 31 /* Getter function for cipher key length
wolfSSL 15:117db924cf7c 32 *
wolfSSL 15:117db924cf7c 33 * c WOLFSSL_EVP_CIPHER structure to get key length from
wolfSSL 15:117db924cf7c 34 *
wolfSSL 15:117db924cf7c 35 * NOTE: OpenSSL_add_all_ciphers() should be called first before using this
wolfSSL 15:117db924cf7c 36 * function
wolfSSL 15:117db924cf7c 37 *
wolfSSL 15:117db924cf7c 38 * Returns size of key in bytes
wolfSSL 15:117db924cf7c 39 */
wolfSSL 15:117db924cf7c 40 int wolfSSL_EVP_Cipher_key_length(const WOLFSSL_EVP_CIPHER* c)
wolfSSL 15:117db924cf7c 41 {
wolfSSL 15:117db924cf7c 42 WOLFSSL_ENTER("wolfSSL_EVP_Cipher_key_length");
wolfSSL 15:117db924cf7c 43
wolfSSL 15:117db924cf7c 44 if (c == NULL) {
wolfSSL 15:117db924cf7c 45 return 0;
wolfSSL 15:117db924cf7c 46 }
wolfSSL 15:117db924cf7c 47
wolfSSL 15:117db924cf7c 48 switch (cipherType(c)) {
wolfSSL 15:117db924cf7c 49 #if !defined(NO_AES) && defined(HAVE_AES_CBC)
wolfSSL 15:117db924cf7c 50 case AES_128_CBC_TYPE: return 16;
wolfSSL 15:117db924cf7c 51 case AES_192_CBC_TYPE: return 24;
wolfSSL 15:117db924cf7c 52 case AES_256_CBC_TYPE: return 32;
wolfSSL 15:117db924cf7c 53 #endif
wolfSSL 15:117db924cf7c 54 #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER)
wolfSSL 15:117db924cf7c 55 case AES_128_CTR_TYPE: return 16;
wolfSSL 15:117db924cf7c 56 case AES_192_CTR_TYPE: return 24;
wolfSSL 15:117db924cf7c 57 case AES_256_CTR_TYPE: return 32;
wolfSSL 15:117db924cf7c 58 #endif
wolfSSL 15:117db924cf7c 59 #if !defined(NO_AES) && defined(HAVE_AES_ECB)
wolfSSL 15:117db924cf7c 60 case AES_128_ECB_TYPE: return 16;
wolfSSL 15:117db924cf7c 61 case AES_192_ECB_TYPE: return 24;
wolfSSL 15:117db924cf7c 62 case AES_256_ECB_TYPE: return 32;
wolfSSL 15:117db924cf7c 63 #endif
wolfSSL 15:117db924cf7c 64 #ifndef NO_DES3
wolfSSL 15:117db924cf7c 65 case DES_CBC_TYPE: return 8;
wolfSSL 15:117db924cf7c 66 case DES_EDE3_CBC_TYPE: return 24;
wolfSSL 15:117db924cf7c 67 case DES_ECB_TYPE: return 8;
wolfSSL 15:117db924cf7c 68 case DES_EDE3_ECB_TYPE: return 24;
wolfSSL 15:117db924cf7c 69 #endif
wolfSSL 15:117db924cf7c 70 default:
wolfSSL 15:117db924cf7c 71 return 0;
wolfSSL 15:117db924cf7c 72 }
wolfSSL 15:117db924cf7c 73 }
wolfSSL 15:117db924cf7c 74
wolfSSL 15:117db924cf7c 75
wolfSSL 15:117db924cf7c 76 WOLFSSL_API int wolfSSL_EVP_EncryptInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
wolfSSL 15:117db924cf7c 77 const WOLFSSL_EVP_CIPHER* type,
wolfSSL 15:117db924cf7c 78 const unsigned char* key,
wolfSSL 15:117db924cf7c 79 const unsigned char* iv)
wolfSSL 15:117db924cf7c 80 {
wolfSSL 15:117db924cf7c 81 return wolfSSL_EVP_CipherInit(ctx, type, (byte*)key, (byte*)iv, 1);
wolfSSL 15:117db924cf7c 82 }
wolfSSL 15:117db924cf7c 83
wolfSSL 15:117db924cf7c 84 WOLFSSL_API int wolfSSL_EVP_EncryptInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
wolfSSL 15:117db924cf7c 85 const WOLFSSL_EVP_CIPHER* type,
wolfSSL 15:117db924cf7c 86 WOLFSSL_ENGINE *impl,
wolfSSL 15:117db924cf7c 87 const unsigned char* key,
wolfSSL 15:117db924cf7c 88 const unsigned char* iv)
wolfSSL 15:117db924cf7c 89 {
wolfSSL 15:117db924cf7c 90 (void) impl;
wolfSSL 15:117db924cf7c 91 return wolfSSL_EVP_CipherInit(ctx, type, (byte*)key, (byte*)iv, 1);
wolfSSL 15:117db924cf7c 92 }
wolfSSL 15:117db924cf7c 93
wolfSSL 15:117db924cf7c 94 WOLFSSL_API int wolfSSL_EVP_DecryptInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
wolfSSL 15:117db924cf7c 95 const WOLFSSL_EVP_CIPHER* type,
wolfSSL 15:117db924cf7c 96 const unsigned char* key,
wolfSSL 15:117db924cf7c 97 const unsigned char* iv)
wolfSSL 15:117db924cf7c 98 {
wolfSSL 15:117db924cf7c 99 WOLFSSL_ENTER("wolfSSL_EVP_CipherInit");
wolfSSL 15:117db924cf7c 100 return wolfSSL_EVP_CipherInit(ctx, type, (byte*)key, (byte*)iv, 0);
wolfSSL 15:117db924cf7c 101 }
wolfSSL 15:117db924cf7c 102
wolfSSL 15:117db924cf7c 103 WOLFSSL_API int wolfSSL_EVP_DecryptInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
wolfSSL 15:117db924cf7c 104 const WOLFSSL_EVP_CIPHER* type,
wolfSSL 15:117db924cf7c 105 WOLFSSL_ENGINE *impl,
wolfSSL 15:117db924cf7c 106 const unsigned char* key,
wolfSSL 15:117db924cf7c 107 const unsigned char* iv)
wolfSSL 15:117db924cf7c 108 {
wolfSSL 15:117db924cf7c 109 (void) impl;
wolfSSL 15:117db924cf7c 110 WOLFSSL_ENTER("wolfSSL_EVP_DecryptInit");
wolfSSL 15:117db924cf7c 111 return wolfSSL_EVP_CipherInit(ctx, type, (byte*)key, (byte*)iv, 0);
wolfSSL 15:117db924cf7c 112 }
wolfSSL 15:117db924cf7c 113
wolfSSL 15:117db924cf7c 114
wolfSSL 15:117db924cf7c 115 WOLFSSL_API WOLFSSL_EVP_CIPHER_CTX *wolfSSL_EVP_CIPHER_CTX_new(void)
wolfSSL 15:117db924cf7c 116 {
wolfSSL 15:117db924cf7c 117 WOLFSSL_EVP_CIPHER_CTX *ctx = (WOLFSSL_EVP_CIPHER_CTX*)XMALLOC(sizeof *ctx,
wolfSSL 15:117db924cf7c 118 NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL 15:117db924cf7c 119 if (ctx) {
wolfSSL 15:117db924cf7c 120 WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_new");
wolfSSL 15:117db924cf7c 121 wolfSSL_EVP_CIPHER_CTX_init(ctx);
wolfSSL 15:117db924cf7c 122 }
wolfSSL 15:117db924cf7c 123 return ctx;
wolfSSL 15:117db924cf7c 124 }
wolfSSL 15:117db924cf7c 125
wolfSSL 15:117db924cf7c 126 WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_free(WOLFSSL_EVP_CIPHER_CTX *ctx)
wolfSSL 15:117db924cf7c 127 {
wolfSSL 15:117db924cf7c 128 if (ctx) {
wolfSSL 15:117db924cf7c 129 WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_free");
wolfSSL 15:117db924cf7c 130 wolfSSL_EVP_CIPHER_CTX_cleanup(ctx);
wolfSSL 15:117db924cf7c 131 XFREE(ctx, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL 15:117db924cf7c 132 }
wolfSSL 15:117db924cf7c 133 }
wolfSSL 15:117db924cf7c 134
wolfSSL 15:117db924cf7c 135 WOLFSSL_API unsigned long wolfSSL_EVP_CIPHER_CTX_mode(const WOLFSSL_EVP_CIPHER_CTX *ctx)
wolfSSL 15:117db924cf7c 136 {
wolfSSL 15:117db924cf7c 137 if (ctx == NULL) return 0;
wolfSSL 15:117db924cf7c 138 return ctx->flags & WOLFSSL_EVP_CIPH_MODE;
wolfSSL 15:117db924cf7c 139 }
wolfSSL 15:117db924cf7c 140
wolfSSL 15:117db924cf7c 141 WOLFSSL_API int wolfSSL_EVP_EncryptFinal(WOLFSSL_EVP_CIPHER_CTX *ctx,
wolfSSL 15:117db924cf7c 142 unsigned char *out, int *outl)
wolfSSL 15:117db924cf7c 143 {
wolfSSL 15:117db924cf7c 144 if (ctx && ctx->enc) {
wolfSSL 15:117db924cf7c 145 WOLFSSL_ENTER("wolfSSL_EVP_EncryptFinal");
wolfSSL 15:117db924cf7c 146 return wolfSSL_EVP_CipherFinal(ctx, out, outl);
wolfSSL 15:117db924cf7c 147 }
wolfSSL 15:117db924cf7c 148 else
wolfSSL 15:117db924cf7c 149 return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 150 }
wolfSSL 15:117db924cf7c 151
wolfSSL 15:117db924cf7c 152
wolfSSL 15:117db924cf7c 153 WOLFSSL_API int wolfSSL_EVP_CipherInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
wolfSSL 15:117db924cf7c 154 const WOLFSSL_EVP_CIPHER* type,
wolfSSL 15:117db924cf7c 155 WOLFSSL_ENGINE *impl,
wolfSSL 15:117db924cf7c 156 const unsigned char* key,
wolfSSL 15:117db924cf7c 157 const unsigned char* iv,
wolfSSL 15:117db924cf7c 158 int enc)
wolfSSL 15:117db924cf7c 159 {
wolfSSL 15:117db924cf7c 160 (void)impl;
wolfSSL 15:117db924cf7c 161 return wolfSSL_EVP_CipherInit(ctx, type, key, iv, enc);
wolfSSL 15:117db924cf7c 162 }
wolfSSL 15:117db924cf7c 163
wolfSSL 15:117db924cf7c 164 WOLFSSL_API int wolfSSL_EVP_EncryptFinal_ex(WOLFSSL_EVP_CIPHER_CTX *ctx,
wolfSSL 15:117db924cf7c 165 unsigned char *out, int *outl)
wolfSSL 15:117db924cf7c 166 {
wolfSSL 15:117db924cf7c 167 if (ctx && ctx->enc) {
wolfSSL 15:117db924cf7c 168 WOLFSSL_ENTER("wolfSSL_EVP_EncryptFinal_ex");
wolfSSL 15:117db924cf7c 169 return wolfSSL_EVP_CipherFinal(ctx, out, outl);
wolfSSL 15:117db924cf7c 170 }
wolfSSL 15:117db924cf7c 171 else
wolfSSL 15:117db924cf7c 172 return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 173 }
wolfSSL 15:117db924cf7c 174
wolfSSL 15:117db924cf7c 175 WOLFSSL_API int wolfSSL_EVP_DecryptFinal(WOLFSSL_EVP_CIPHER_CTX *ctx,
wolfSSL 15:117db924cf7c 176 unsigned char *out, int *outl)
wolfSSL 15:117db924cf7c 177 {
wolfSSL 15:117db924cf7c 178 if (ctx && ctx->enc)
wolfSSL 15:117db924cf7c 179 return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 180 else {
wolfSSL 15:117db924cf7c 181 WOLFSSL_ENTER("wolfSSL_EVP_DecryptFinal");
wolfSSL 15:117db924cf7c 182 return wolfSSL_EVP_CipherFinal(ctx, out, outl);
wolfSSL 15:117db924cf7c 183 }
wolfSSL 15:117db924cf7c 184 }
wolfSSL 15:117db924cf7c 185
wolfSSL 15:117db924cf7c 186 WOLFSSL_API int wolfSSL_EVP_DecryptFinal_ex(WOLFSSL_EVP_CIPHER_CTX *ctx,
wolfSSL 15:117db924cf7c 187 unsigned char *out, int *outl)
wolfSSL 15:117db924cf7c 188 {
wolfSSL 15:117db924cf7c 189 if (ctx && ctx->enc)
wolfSSL 15:117db924cf7c 190 return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 191 else {
wolfSSL 15:117db924cf7c 192 WOLFSSL_ENTER("wolfSSL_EVP_CipherFinal_ex");
wolfSSL 15:117db924cf7c 193 return wolfSSL_EVP_CipherFinal(ctx, out, outl);
wolfSSL 15:117db924cf7c 194 }
wolfSSL 15:117db924cf7c 195 }
wolfSSL 15:117db924cf7c 196
wolfSSL 15:117db924cf7c 197
wolfSSL 15:117db924cf7c 198 WOLFSSL_API int wolfSSL_EVP_DigestInit_ex(WOLFSSL_EVP_MD_CTX* ctx,
wolfSSL 15:117db924cf7c 199 const WOLFSSL_EVP_MD* type,
wolfSSL 15:117db924cf7c 200 WOLFSSL_ENGINE *impl)
wolfSSL 15:117db924cf7c 201 {
wolfSSL 15:117db924cf7c 202 (void) impl;
wolfSSL 15:117db924cf7c 203 WOLFSSL_ENTER("wolfSSL_EVP_DigestInit_ex");
wolfSSL 15:117db924cf7c 204 return wolfSSL_EVP_DigestInit(ctx, type);
wolfSSL 15:117db924cf7c 205 }
wolfSSL 15:117db924cf7c 206
wolfSSL 15:117db924cf7c 207 #ifdef DEBUG_WOLFSSL_EVP
wolfSSL 15:117db924cf7c 208 #define PRINT_BUF(b, sz) { int _i; for(_i=0; _i<(sz); _i++) { \
wolfSSL 15:117db924cf7c 209 printf("%02x(%c),", (b)[_i], (b)[_i]); if ((_i+1)%8==0)printf("\n");}}
wolfSSL 15:117db924cf7c 210 #else
wolfSSL 15:117db924cf7c 211 #define PRINT_BUF(b, sz)
wolfSSL 15:117db924cf7c 212 #endif
wolfSSL 15:117db924cf7c 213
wolfSSL 15:117db924cf7c 214 static int fillBuff(WOLFSSL_EVP_CIPHER_CTX *ctx, const unsigned char *in, int sz)
wolfSSL 15:117db924cf7c 215 {
wolfSSL 15:117db924cf7c 216 int fill;
wolfSSL 15:117db924cf7c 217
wolfSSL 15:117db924cf7c 218 if (sz > 0) {
wolfSSL 15:117db924cf7c 219 if ((sz+ctx->bufUsed) > ctx->block_size) {
wolfSSL 15:117db924cf7c 220 fill = ctx->block_size - ctx->bufUsed;
wolfSSL 15:117db924cf7c 221 } else {
wolfSSL 15:117db924cf7c 222 fill = sz;
wolfSSL 15:117db924cf7c 223 }
wolfSSL 15:117db924cf7c 224 XMEMCPY(&(ctx->buf[ctx->bufUsed]), in, fill);
wolfSSL 15:117db924cf7c 225 ctx->bufUsed += fill;
wolfSSL 15:117db924cf7c 226 return fill;
wolfSSL 15:117db924cf7c 227 } else return 0;
wolfSSL 15:117db924cf7c 228 }
wolfSSL 15:117db924cf7c 229
wolfSSL 15:117db924cf7c 230 static int evpCipherBlock(WOLFSSL_EVP_CIPHER_CTX *ctx,
wolfSSL 15:117db924cf7c 231 unsigned char *out,
wolfSSL 15:117db924cf7c 232 const unsigned char *in, int inl)
wolfSSL 15:117db924cf7c 233 {
wolfSSL 15:117db924cf7c 234 int ret = 0;
wolfSSL 15:117db924cf7c 235
wolfSSL 15:117db924cf7c 236 switch (ctx->cipherType) {
wolfSSL 15:117db924cf7c 237 #if !defined(NO_AES) && defined(HAVE_AES_CBC)
wolfSSL 15:117db924cf7c 238 case AES_128_CBC_TYPE:
wolfSSL 15:117db924cf7c 239 case AES_192_CBC_TYPE:
wolfSSL 15:117db924cf7c 240 case AES_256_CBC_TYPE:
wolfSSL 15:117db924cf7c 241 if (ctx->enc)
wolfSSL 15:117db924cf7c 242 ret = wc_AesCbcEncrypt(&ctx->cipher.aes, out, in, inl);
wolfSSL 15:117db924cf7c 243 else
wolfSSL 15:117db924cf7c 244 ret = wc_AesCbcDecrypt(&ctx->cipher.aes, out, in, inl);
wolfSSL 15:117db924cf7c 245 break;
wolfSSL 15:117db924cf7c 246 #endif
wolfSSL 15:117db924cf7c 247 #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER)
wolfSSL 15:117db924cf7c 248 case AES_128_CTR_TYPE:
wolfSSL 15:117db924cf7c 249 case AES_192_CTR_TYPE:
wolfSSL 15:117db924cf7c 250 case AES_256_CTR_TYPE:
wolfSSL 15:117db924cf7c 251 ret = wc_AesCtrEncrypt(&ctx->cipher.aes, out, in, inl);
wolfSSL 15:117db924cf7c 252 break;
wolfSSL 15:117db924cf7c 253 #endif
wolfSSL 15:117db924cf7c 254 #if !defined(NO_AES) && defined(HAVE_AES_ECB)
wolfSSL 15:117db924cf7c 255 case AES_128_ECB_TYPE:
wolfSSL 15:117db924cf7c 256 case AES_192_ECB_TYPE:
wolfSSL 15:117db924cf7c 257 case AES_256_ECB_TYPE:
wolfSSL 15:117db924cf7c 258 if (ctx->enc)
wolfSSL 15:117db924cf7c 259 ret = wc_AesEcbEncrypt(&ctx->cipher.aes, out, in, inl);
wolfSSL 15:117db924cf7c 260 else
wolfSSL 15:117db924cf7c 261 ret = wc_AesEcbDecrypt(&ctx->cipher.aes, out, in, inl);
wolfSSL 15:117db924cf7c 262 break;
wolfSSL 15:117db924cf7c 263 #endif
wolfSSL 15:117db924cf7c 264 #ifndef NO_DES3
wolfSSL 15:117db924cf7c 265 case DES_CBC_TYPE:
wolfSSL 15:117db924cf7c 266 if (ctx->enc)
wolfSSL 15:117db924cf7c 267 ret = wc_Des_CbcEncrypt(&ctx->cipher.des, out, in, inl);
wolfSSL 15:117db924cf7c 268 else
wolfSSL 15:117db924cf7c 269 ret = wc_Des_CbcDecrypt(&ctx->cipher.des, out, in, inl);
wolfSSL 15:117db924cf7c 270 break;
wolfSSL 15:117db924cf7c 271 case DES_EDE3_CBC_TYPE:
wolfSSL 15:117db924cf7c 272 if (ctx->enc)
wolfSSL 15:117db924cf7c 273 ret = wc_Des3_CbcEncrypt(&ctx->cipher.des3, out, in, inl);
wolfSSL 15:117db924cf7c 274 else
wolfSSL 15:117db924cf7c 275 ret = wc_Des3_CbcDecrypt(&ctx->cipher.des3, out, in, inl);
wolfSSL 15:117db924cf7c 276 break;
wolfSSL 15:117db924cf7c 277 #if defined(WOLFSSL_DES_ECB)
wolfSSL 15:117db924cf7c 278 case DES_ECB_TYPE:
wolfSSL 15:117db924cf7c 279 ret = wc_Des_EcbEncrypt(&ctx->cipher.des, out, in, inl);
wolfSSL 15:117db924cf7c 280 break;
wolfSSL 15:117db924cf7c 281 case DES_EDE3_ECB_TYPE:
wolfSSL 15:117db924cf7c 282 ret = wc_Des3_EcbEncrypt(&ctx->cipher.des3, out, in, inl);
wolfSSL 15:117db924cf7c 283 break;
wolfSSL 15:117db924cf7c 284 #endif
wolfSSL 15:117db924cf7c 285 #endif
wolfSSL 15:117db924cf7c 286 #ifndef NO_RC4
wolfSSL 15:117db924cf7c 287 case ARC4_TYPE:
wolfSSL 15:117db924cf7c 288 wc_Arc4Process(&ctx->cipher.arc4, out, in, inl);
wolfSSL 15:117db924cf7c 289 break;
wolfSSL 15:117db924cf7c 290 #endif
wolfSSL 15:117db924cf7c 291 default:
wolfSSL 15:117db924cf7c 292 return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 293 }
wolfSSL 15:117db924cf7c 294
wolfSSL 15:117db924cf7c 295 if (ret != 0)
wolfSSL 15:117db924cf7c 296 return WOLFSSL_FAILURE; /* failure */
wolfSSL 15:117db924cf7c 297
wolfSSL 15:117db924cf7c 298 (void)in;
wolfSSL 15:117db924cf7c 299 (void)inl;
wolfSSL 15:117db924cf7c 300 (void)out;
wolfSSL 15:117db924cf7c 301
wolfSSL 15:117db924cf7c 302 return WOLFSSL_SUCCESS; /* success */
wolfSSL 15:117db924cf7c 303 }
wolfSSL 15:117db924cf7c 304
wolfSSL 15:117db924cf7c 305 WOLFSSL_API int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx,
wolfSSL 15:117db924cf7c 306 unsigned char *out, int *outl,
wolfSSL 15:117db924cf7c 307 const unsigned char *in, int inl)
wolfSSL 15:117db924cf7c 308 {
wolfSSL 15:117db924cf7c 309 int blocks;
wolfSSL 15:117db924cf7c 310 int fill;
wolfSSL 15:117db924cf7c 311
wolfSSL 15:117db924cf7c 312 if ((ctx == NULL) || (inl < 0) ||
wolfSSL 15:117db924cf7c 313 (outl == NULL)|| (out == NULL) || (in == NULL)) return BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 314 WOLFSSL_ENTER("wolfSSL_EVP_CipherUpdate");
wolfSSL 15:117db924cf7c 315
wolfSSL 15:117db924cf7c 316 *outl = 0;
wolfSSL 15:117db924cf7c 317 if (inl == 0) return WOLFSSL_SUCCESS;
wolfSSL 15:117db924cf7c 318
wolfSSL 15:117db924cf7c 319 if (ctx->bufUsed > 0) { /* concatinate them if there is anything */
wolfSSL 15:117db924cf7c 320 fill = fillBuff(ctx, in, inl);
wolfSSL 15:117db924cf7c 321 inl -= fill;
wolfSSL 15:117db924cf7c 322 in += fill;
wolfSSL 15:117db924cf7c 323 }
wolfSSL 15:117db924cf7c 324 if ((ctx->enc == 0)&& (ctx->lastUsed == 1)) {
wolfSSL 15:117db924cf7c 325 PRINT_BUF(ctx->lastBlock, ctx->block_size);
wolfSSL 15:117db924cf7c 326 XMEMCPY(out, ctx->lastBlock, ctx->block_size);
wolfSSL 15:117db924cf7c 327 *outl+= ctx->block_size;
wolfSSL 15:117db924cf7c 328 out += ctx->block_size;
wolfSSL 15:117db924cf7c 329 }
wolfSSL 15:117db924cf7c 330 if (ctx->bufUsed == ctx->block_size) {
wolfSSL 15:117db924cf7c 331 /* the buff is full, flash out */
wolfSSL 15:117db924cf7c 332 PRINT_BUF(ctx->buf, ctx->block_size);
wolfSSL 15:117db924cf7c 333 if (evpCipherBlock(ctx, out, ctx->buf, ctx->block_size) == 0)
wolfSSL 15:117db924cf7c 334 return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 335 PRINT_BUF(out, ctx->block_size);
wolfSSL 15:117db924cf7c 336 if (ctx->enc == 0) {
wolfSSL 15:117db924cf7c 337 ctx->lastUsed = 1;
wolfSSL 15:117db924cf7c 338 XMEMCPY(ctx->lastBlock, out, ctx->block_size);
wolfSSL 15:117db924cf7c 339 } else {
wolfSSL 15:117db924cf7c 340 *outl+= ctx->block_size;
wolfSSL 15:117db924cf7c 341 out += ctx->block_size;
wolfSSL 15:117db924cf7c 342 }
wolfSSL 15:117db924cf7c 343 ctx->bufUsed = 0;
wolfSSL 15:117db924cf7c 344 }
wolfSSL 15:117db924cf7c 345
wolfSSL 15:117db924cf7c 346 blocks = inl / ctx->block_size;
wolfSSL 15:117db924cf7c 347 if (blocks > 0) {
wolfSSL 15:117db924cf7c 348 /* process blocks */
wolfSSL 15:117db924cf7c 349 if (evpCipherBlock(ctx, out, in, blocks * ctx->block_size) == 0)
wolfSSL 15:117db924cf7c 350 return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 351 PRINT_BUF(in, ctx->block_size*blocks);
wolfSSL 15:117db924cf7c 352 PRINT_BUF(out,ctx->block_size*blocks);
wolfSSL 15:117db924cf7c 353 inl -= ctx->block_size * blocks;
wolfSSL 15:117db924cf7c 354 in += ctx->block_size * blocks;
wolfSSL 15:117db924cf7c 355 if (ctx->enc == 0) {
wolfSSL 15:117db924cf7c 356 if ((ctx->flags & WOLFSSL_EVP_CIPH_NO_PADDING) ||
wolfSSL 15:117db924cf7c 357 (ctx->block_size == 1)) {
wolfSSL 15:117db924cf7c 358 ctx->lastUsed = 0;
wolfSSL 15:117db924cf7c 359 XMEMCPY(ctx->lastBlock, &out[ctx->block_size * blocks], ctx->block_size);
wolfSSL 15:117db924cf7c 360 *outl+= ctx->block_size * blocks;
wolfSSL 15:117db924cf7c 361 } else {
wolfSSL 15:117db924cf7c 362 ctx->lastUsed = 1;
wolfSSL 15:117db924cf7c 363 XMEMCPY(ctx->lastBlock, &out[ctx->block_size * (blocks-1)], ctx->block_size);
wolfSSL 15:117db924cf7c 364 *outl+= ctx->block_size * (blocks-1);
wolfSSL 15:117db924cf7c 365 }
wolfSSL 15:117db924cf7c 366 } else {
wolfSSL 15:117db924cf7c 367 *outl+= ctx->block_size * blocks;
wolfSSL 15:117db924cf7c 368 }
wolfSSL 15:117db924cf7c 369 }
wolfSSL 15:117db924cf7c 370 if (inl > 0) {
wolfSSL 15:117db924cf7c 371 /* put fraction into buff */
wolfSSL 15:117db924cf7c 372 fillBuff(ctx, in, inl);
wolfSSL 15:117db924cf7c 373 /* no increase of outl */
wolfSSL 15:117db924cf7c 374 }
wolfSSL 15:117db924cf7c 375
wolfSSL 15:117db924cf7c 376 (void)out; /* silence warning in case not read */
wolfSSL 15:117db924cf7c 377
wolfSSL 15:117db924cf7c 378 return WOLFSSL_SUCCESS;
wolfSSL 15:117db924cf7c 379 }
wolfSSL 15:117db924cf7c 380
wolfSSL 15:117db924cf7c 381 static void padBlock(WOLFSSL_EVP_CIPHER_CTX *ctx)
wolfSSL 15:117db924cf7c 382 {
wolfSSL 15:117db924cf7c 383 int i;
wolfSSL 15:117db924cf7c 384 for (i = ctx->bufUsed; i < ctx->block_size; i++)
wolfSSL 15:117db924cf7c 385 ctx->buf[i] = (byte)(ctx->block_size - ctx->bufUsed);
wolfSSL 15:117db924cf7c 386 }
wolfSSL 15:117db924cf7c 387
wolfSSL 15:117db924cf7c 388 static int checkPad(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *buff)
wolfSSL 15:117db924cf7c 389 {
wolfSSL 15:117db924cf7c 390 int i;
wolfSSL 15:117db924cf7c 391 int n;
wolfSSL 15:117db924cf7c 392 n = buff[ctx->block_size-1];
wolfSSL 15:117db924cf7c 393 if (n > ctx->block_size) return -1;
wolfSSL 15:117db924cf7c 394 for (i = 0; i < n; i++) {
wolfSSL 15:117db924cf7c 395 if (buff[ctx->block_size-i-1] != n)
wolfSSL 15:117db924cf7c 396 return -1;
wolfSSL 15:117db924cf7c 397 }
wolfSSL 15:117db924cf7c 398 return ctx->block_size - n;
wolfSSL 15:117db924cf7c 399 }
wolfSSL 15:117db924cf7c 400
wolfSSL 15:117db924cf7c 401 WOLFSSL_API int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx,
wolfSSL 15:117db924cf7c 402 unsigned char *out, int *outl)
wolfSSL 15:117db924cf7c 403 {
wolfSSL 15:117db924cf7c 404 int fl;
wolfSSL 15:117db924cf7c 405 if (ctx == NULL || out == NULL) return BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 406 WOLFSSL_ENTER("wolfSSL_EVP_CipherFinal");
wolfSSL 15:117db924cf7c 407 if (ctx->flags & WOLFSSL_EVP_CIPH_NO_PADDING) {
wolfSSL 15:117db924cf7c 408 if (ctx->bufUsed != 0) return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 409 *outl = 0;
wolfSSL 15:117db924cf7c 410 return WOLFSSL_SUCCESS;
wolfSSL 15:117db924cf7c 411 }
wolfSSL 15:117db924cf7c 412 if (ctx->enc) {
wolfSSL 15:117db924cf7c 413 if (ctx->block_size == 1) {
wolfSSL 15:117db924cf7c 414 *outl = 0;
wolfSSL 15:117db924cf7c 415 return WOLFSSL_SUCCESS;
wolfSSL 15:117db924cf7c 416 }
wolfSSL 15:117db924cf7c 417 if ((ctx->bufUsed >= 0) && (ctx->block_size != 1)) {
wolfSSL 15:117db924cf7c 418 padBlock(ctx);
wolfSSL 15:117db924cf7c 419 PRINT_BUF(ctx->buf, ctx->block_size);
wolfSSL 15:117db924cf7c 420 if (evpCipherBlock(ctx, out, ctx->buf, ctx->block_size) == 0)
wolfSSL 15:117db924cf7c 421 return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 422
wolfSSL 15:117db924cf7c 423 PRINT_BUF(out, ctx->block_size);
wolfSSL 15:117db924cf7c 424 *outl = ctx->block_size;
wolfSSL 15:117db924cf7c 425 }
wolfSSL 15:117db924cf7c 426 } else {
wolfSSL 15:117db924cf7c 427 if (ctx->block_size == 1) {
wolfSSL 15:117db924cf7c 428 *outl = 0;
wolfSSL 15:117db924cf7c 429 return WOLFSSL_SUCCESS;
wolfSSL 15:117db924cf7c 430 }
wolfSSL 15:117db924cf7c 431 if (ctx->lastUsed) {
wolfSSL 15:117db924cf7c 432 PRINT_BUF(ctx->lastBlock, ctx->block_size);
wolfSSL 15:117db924cf7c 433 if ((fl = checkPad(ctx, ctx->lastBlock)) >= 0) {
wolfSSL 15:117db924cf7c 434 XMEMCPY(out, ctx->lastBlock, fl);
wolfSSL 15:117db924cf7c 435 *outl = fl;
wolfSSL 15:117db924cf7c 436 } else return 0;
wolfSSL 15:117db924cf7c 437 }
wolfSSL 15:117db924cf7c 438 }
wolfSSL 15:117db924cf7c 439 return WOLFSSL_SUCCESS;
wolfSSL 15:117db924cf7c 440 }
wolfSSL 15:117db924cf7c 441
wolfSSL 15:117db924cf7c 442 WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_block_size(const WOLFSSL_EVP_CIPHER_CTX *ctx)
wolfSSL 15:117db924cf7c 443 {
wolfSSL 15:117db924cf7c 444 if (ctx == NULL) return BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 445 switch (ctx->cipherType) {
wolfSSL 15:117db924cf7c 446 #if !defined(NO_AES) || !defined(NO_DES3)
wolfSSL 15:117db924cf7c 447 #if !defined(NO_AES) && defined(HAVE_AES_CBC)
wolfSSL 15:117db924cf7c 448 case AES_128_CBC_TYPE:
wolfSSL 15:117db924cf7c 449 case AES_192_CBC_TYPE:
wolfSSL 15:117db924cf7c 450 case AES_256_CBC_TYPE:
wolfSSL 15:117db924cf7c 451 #endif
wolfSSL 15:117db924cf7c 452 #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER)
wolfSSL 15:117db924cf7c 453 case AES_128_CTR_TYPE:
wolfSSL 15:117db924cf7c 454 case AES_192_CTR_TYPE:
wolfSSL 15:117db924cf7c 455 case AES_256_CTR_TYPE:
wolfSSL 15:117db924cf7c 456 #endif
wolfSSL 15:117db924cf7c 457 #if !defined(NO_AES)
wolfSSL 15:117db924cf7c 458 case AES_128_ECB_TYPE:
wolfSSL 15:117db924cf7c 459 case AES_192_ECB_TYPE:
wolfSSL 15:117db924cf7c 460 case AES_256_ECB_TYPE:
wolfSSL 15:117db924cf7c 461 #endif
wolfSSL 15:117db924cf7c 462 #ifndef NO_DES3
wolfSSL 15:117db924cf7c 463 case DES_CBC_TYPE:
wolfSSL 15:117db924cf7c 464 case DES_ECB_TYPE:
wolfSSL 15:117db924cf7c 465 case DES_EDE3_CBC_TYPE:
wolfSSL 15:117db924cf7c 466 case DES_EDE3_ECB_TYPE:
wolfSSL 15:117db924cf7c 467 #endif
wolfSSL 15:117db924cf7c 468 return ctx->block_size;
wolfSSL 15:117db924cf7c 469 #endif /* !NO_AES || !NO_DES3 */
wolfSSL 15:117db924cf7c 470 default:
wolfSSL 15:117db924cf7c 471 return 0;
wolfSSL 15:117db924cf7c 472 }
wolfSSL 15:117db924cf7c 473 }
wolfSSL 15:117db924cf7c 474
wolfSSL 15:117db924cf7c 475 static unsigned int cipherType(const WOLFSSL_EVP_CIPHER *cipher)
wolfSSL 15:117db924cf7c 476 {
wolfSSL 15:117db924cf7c 477 if (cipher == NULL) return 0; /* dummy for #ifdef */
wolfSSL 15:117db924cf7c 478 #ifndef NO_DES3
wolfSSL 15:117db924cf7c 479 else if (XSTRNCMP(cipher, EVP_DES_CBC, EVP_DES_SIZE) == 0)
wolfSSL 15:117db924cf7c 480 return DES_CBC_TYPE;
wolfSSL 15:117db924cf7c 481 else if (XSTRNCMP(cipher, EVP_DES_EDE3_CBC, EVP_DES_EDE3_SIZE) == 0)
wolfSSL 15:117db924cf7c 482 return DES_EDE3_CBC_TYPE;
wolfSSL 15:117db924cf7c 483 #if !defined(NO_DES3)
wolfSSL 15:117db924cf7c 484 else if (XSTRNCMP(cipher, EVP_DES_ECB, EVP_DES_SIZE) == 0)
wolfSSL 15:117db924cf7c 485 return DES_ECB_TYPE;
wolfSSL 15:117db924cf7c 486 else if (XSTRNCMP(cipher, EVP_DES_EDE3_ECB, EVP_DES_EDE3_SIZE) == 0)
wolfSSL 15:117db924cf7c 487 return DES_EDE3_ECB_TYPE;
wolfSSL 15:117db924cf7c 488 #endif /* NO_DES3 && HAVE_AES_ECB */
wolfSSL 15:117db924cf7c 489 #endif
wolfSSL 15:117db924cf7c 490
wolfSSL 15:117db924cf7c 491 #if !defined(NO_AES) && defined(HAVE_AES_CBC)
wolfSSL 15:117db924cf7c 492 #ifdef WOLFSSL_AES_128
wolfSSL 15:117db924cf7c 493 else if (XSTRNCMP(cipher, EVP_AES_128_CBC, EVP_AES_SIZE) == 0)
wolfSSL 15:117db924cf7c 494 return AES_128_CBC_TYPE;
wolfSSL 15:117db924cf7c 495 #endif
wolfSSL 15:117db924cf7c 496 #ifdef WOLFSSL_AES_192
wolfSSL 15:117db924cf7c 497 else if (XSTRNCMP(cipher, EVP_AES_192_CBC, EVP_AES_SIZE) == 0)
wolfSSL 15:117db924cf7c 498 return AES_192_CBC_TYPE;
wolfSSL 15:117db924cf7c 499 #endif
wolfSSL 15:117db924cf7c 500 #ifdef WOLFSSL_AES_256
wolfSSL 15:117db924cf7c 501 else if (XSTRNCMP(cipher, EVP_AES_256_CBC, EVP_AES_SIZE) == 0)
wolfSSL 15:117db924cf7c 502 return AES_256_CBC_TYPE;
wolfSSL 15:117db924cf7c 503 #endif
wolfSSL 15:117db924cf7c 504 #endif /* !NO_AES && HAVE_AES_CBC */
wolfSSL 15:117db924cf7c 505 #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER)
wolfSSL 15:117db924cf7c 506 #ifdef WOLFSSL_AES_128
wolfSSL 15:117db924cf7c 507 else if (XSTRNCMP(cipher, EVP_AES_128_CTR, EVP_AES_SIZE) == 0)
wolfSSL 15:117db924cf7c 508 return AES_128_CTR_TYPE;
wolfSSL 15:117db924cf7c 509 #endif
wolfSSL 15:117db924cf7c 510 #ifdef WOLFSSL_AES_192
wolfSSL 15:117db924cf7c 511 else if (XSTRNCMP(cipher, EVP_AES_192_CTR, EVP_AES_SIZE) == 0)
wolfSSL 15:117db924cf7c 512 return AES_192_CTR_TYPE;
wolfSSL 15:117db924cf7c 513 #endif
wolfSSL 15:117db924cf7c 514 #ifdef WOLFSSL_AES_256
wolfSSL 15:117db924cf7c 515 else if (XSTRNCMP(cipher, EVP_AES_256_CTR, EVP_AES_SIZE) == 0)
wolfSSL 15:117db924cf7c 516 return AES_256_CTR_TYPE;
wolfSSL 15:117db924cf7c 517 #endif
wolfSSL 15:117db924cf7c 518 #endif /* !NO_AES && HAVE_AES_CBC */
wolfSSL 15:117db924cf7c 519 #if !defined(NO_AES) && defined(HAVE_AES_ECB)
wolfSSL 15:117db924cf7c 520 #ifdef WOLFSSL_AES_128
wolfSSL 15:117db924cf7c 521 else if (XSTRNCMP(cipher, EVP_AES_128_ECB, EVP_AES_SIZE) == 0)
wolfSSL 15:117db924cf7c 522 return AES_128_ECB_TYPE;
wolfSSL 15:117db924cf7c 523 #endif
wolfSSL 15:117db924cf7c 524 #ifdef WOLFSSL_AES_192
wolfSSL 15:117db924cf7c 525 else if (XSTRNCMP(cipher, EVP_AES_192_ECB, EVP_AES_SIZE) == 0)
wolfSSL 15:117db924cf7c 526 return AES_192_ECB_TYPE;
wolfSSL 15:117db924cf7c 527 #endif
wolfSSL 15:117db924cf7c 528 #ifdef WOLFSSL_AES_256
wolfSSL 15:117db924cf7c 529 else if (XSTRNCMP(cipher, EVP_AES_256_ECB, EVP_AES_SIZE) == 0)
wolfSSL 15:117db924cf7c 530 return AES_256_ECB_TYPE;
wolfSSL 15:117db924cf7c 531 #endif
wolfSSL 15:117db924cf7c 532 #endif /* !NO_AES && HAVE_AES_CBC */
wolfSSL 15:117db924cf7c 533 else return 0;
wolfSSL 15:117db924cf7c 534 }
wolfSSL 15:117db924cf7c 535
wolfSSL 15:117db924cf7c 536 WOLFSSL_API int wolfSSL_EVP_CIPHER_block_size(const WOLFSSL_EVP_CIPHER *cipher)
wolfSSL 15:117db924cf7c 537 {
wolfSSL 15:117db924cf7c 538 if (cipher == NULL) return BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 539 switch (cipherType(cipher)) {
wolfSSL 15:117db924cf7c 540 #if !defined(NO_AES) && defined(HAVE_AES_CBC)
wolfSSL 15:117db924cf7c 541 case AES_128_CBC_TYPE:
wolfSSL 15:117db924cf7c 542 case AES_192_CBC_TYPE:
wolfSSL 15:117db924cf7c 543 case AES_256_CBC_TYPE:
wolfSSL 15:117db924cf7c 544 return AES_BLOCK_SIZE;
wolfSSL 15:117db924cf7c 545 #endif
wolfSSL 15:117db924cf7c 546 #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER)
wolfSSL 15:117db924cf7c 547 case AES_128_CTR_TYPE:
wolfSSL 15:117db924cf7c 548 case AES_192_CTR_TYPE:
wolfSSL 15:117db924cf7c 549 case AES_256_CTR_TYPE:
wolfSSL 15:117db924cf7c 550 return AES_BLOCK_SIZE;
wolfSSL 15:117db924cf7c 551 #endif
wolfSSL 15:117db924cf7c 552 #if !defined(NO_AES) && defined(HAVE_AES_ECB)
wolfSSL 15:117db924cf7c 553 case AES_128_ECB_TYPE:
wolfSSL 15:117db924cf7c 554 case AES_192_ECB_TYPE:
wolfSSL 15:117db924cf7c 555 case AES_256_ECB_TYPE:
wolfSSL 15:117db924cf7c 556 return AES_BLOCK_SIZE;
wolfSSL 15:117db924cf7c 557 #endif
wolfSSL 15:117db924cf7c 558 #ifndef NO_DES3
wolfSSL 15:117db924cf7c 559 case DES_CBC_TYPE: return 8;
wolfSSL 15:117db924cf7c 560 case DES_EDE3_CBC_TYPE: return 8;
wolfSSL 15:117db924cf7c 561 case DES_ECB_TYPE: return 8;
wolfSSL 15:117db924cf7c 562 case DES_EDE3_ECB_TYPE: return 8;
wolfSSL 15:117db924cf7c 563 #endif
wolfSSL 15:117db924cf7c 564 default:
wolfSSL 15:117db924cf7c 565 return 0;
wolfSSL 15:117db924cf7c 566 }
wolfSSL 15:117db924cf7c 567 }
wolfSSL 15:117db924cf7c 568
wolfSSL 15:117db924cf7c 569 unsigned long WOLFSSL_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher)
wolfSSL 15:117db924cf7c 570 {
wolfSSL 15:117db924cf7c 571 switch (cipherType(cipher)) {
wolfSSL 15:117db924cf7c 572 #if !defined(NO_AES) && defined(HAVE_AES_CBC)
wolfSSL 15:117db924cf7c 573 case AES_128_CBC_TYPE:
wolfSSL 15:117db924cf7c 574 case AES_192_CBC_TYPE:
wolfSSL 15:117db924cf7c 575 case AES_256_CBC_TYPE:
wolfSSL 15:117db924cf7c 576 return WOLFSSL_EVP_CIPH_CBC_MODE;
wolfSSL 15:117db924cf7c 577 #endif
wolfSSL 15:117db924cf7c 578 #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER)
wolfSSL 15:117db924cf7c 579 case AES_128_CTR_TYPE:
wolfSSL 15:117db924cf7c 580 case AES_192_CTR_TYPE:
wolfSSL 15:117db924cf7c 581 case AES_256_CTR_TYPE:
wolfSSL 15:117db924cf7c 582 return WOLFSSL_EVP_CIPH_CTR_MODE;
wolfSSL 15:117db924cf7c 583 #endif
wolfSSL 15:117db924cf7c 584 #if !defined(NO_AES)
wolfSSL 15:117db924cf7c 585 case AES_128_ECB_TYPE:
wolfSSL 15:117db924cf7c 586 case AES_192_ECB_TYPE:
wolfSSL 15:117db924cf7c 587 case AES_256_ECB_TYPE:
wolfSSL 15:117db924cf7c 588 return WOLFSSL_EVP_CIPH_ECB_MODE;
wolfSSL 15:117db924cf7c 589 #endif
wolfSSL 15:117db924cf7c 590 #ifndef NO_DES3
wolfSSL 15:117db924cf7c 591 case DES_CBC_TYPE:
wolfSSL 15:117db924cf7c 592 case DES_EDE3_CBC_TYPE:
wolfSSL 15:117db924cf7c 593 return WOLFSSL_EVP_CIPH_CBC_MODE;
wolfSSL 15:117db924cf7c 594 case DES_ECB_TYPE:
wolfSSL 15:117db924cf7c 595 case DES_EDE3_ECB_TYPE:
wolfSSL 15:117db924cf7c 596 return WOLFSSL_EVP_CIPH_ECB_MODE;
wolfSSL 15:117db924cf7c 597 #endif
wolfSSL 15:117db924cf7c 598 #ifndef NO_RC4
wolfSSL 15:117db924cf7c 599 case ARC4_TYPE:
wolfSSL 15:117db924cf7c 600 return EVP_CIPH_STREAM_CIPHER;
wolfSSL 15:117db924cf7c 601 #endif
wolfSSL 15:117db924cf7c 602 default:
wolfSSL 15:117db924cf7c 603 return 0;
wolfSSL 15:117db924cf7c 604 }
wolfSSL 15:117db924cf7c 605 }
wolfSSL 15:117db924cf7c 606
wolfSSL 15:117db924cf7c 607 WOLFSSL_API unsigned long WOLFSSL_EVP_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher)
wolfSSL 15:117db924cf7c 608 {
wolfSSL 15:117db924cf7c 609 if (cipher == NULL) return 0;
wolfSSL 15:117db924cf7c 610 return WOLFSSL_CIPHER_mode(cipher);
wolfSSL 15:117db924cf7c 611 }
wolfSSL 15:117db924cf7c 612
wolfSSL 15:117db924cf7c 613 WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_set_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags)
wolfSSL 15:117db924cf7c 614 {
wolfSSL 15:117db924cf7c 615 if (ctx != NULL) {
wolfSSL 15:117db924cf7c 616 ctx->flags = flags;
wolfSSL 15:117db924cf7c 617 }
wolfSSL 15:117db924cf7c 618 }
wolfSSL 15:117db924cf7c 619
wolfSSL 15:117db924cf7c 620 WOLFSSL_API unsigned long wolfSSL_EVP_CIPHER_flags(const WOLFSSL_EVP_CIPHER *cipher)
wolfSSL 15:117db924cf7c 621 {
wolfSSL 15:117db924cf7c 622 if (cipher == NULL) return 0;
wolfSSL 15:117db924cf7c 623 return WOLFSSL_CIPHER_mode(cipher);
wolfSSL 15:117db924cf7c 624 }
wolfSSL 15:117db924cf7c 625
wolfSSL 15:117db924cf7c 626 WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_set_padding(WOLFSSL_EVP_CIPHER_CTX *ctx, int padding)
wolfSSL 15:117db924cf7c 627 {
wolfSSL 15:117db924cf7c 628 if (ctx == NULL) return BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 629 if (padding) {
wolfSSL 15:117db924cf7c 630 ctx->flags &= ~WOLFSSL_EVP_CIPH_NO_PADDING;
wolfSSL 15:117db924cf7c 631 }
wolfSSL 15:117db924cf7c 632 else {
wolfSSL 15:117db924cf7c 633 ctx->flags |= WOLFSSL_EVP_CIPH_NO_PADDING;
wolfSSL 15:117db924cf7c 634 }
wolfSSL 15:117db924cf7c 635 return 1;
wolfSSL 15:117db924cf7c 636 }
wolfSSL 15:117db924cf7c 637
wolfSSL 15:117db924cf7c 638 WOLFSSL_API int wolfSSL_EVP_add_digest(const WOLFSSL_EVP_MD *digest)
wolfSSL 15:117db924cf7c 639 {
wolfSSL 15:117db924cf7c 640 (void)digest;
wolfSSL 15:117db924cf7c 641 /* nothing to do */
wolfSSL 15:117db924cf7c 642 return 0;
wolfSSL 15:117db924cf7c 643 }
wolfSSL 15:117db924cf7c 644
wolfSSL 15:117db924cf7c 645
wolfSSL 15:117db924cf7c 646 /* Frees the WOLFSSL_EVP_PKEY_CTX passed in.
wolfSSL 15:117db924cf7c 647 *
wolfSSL 15:117db924cf7c 648 * return WOLFSSL_SUCCESS on success
wolfSSL 15:117db924cf7c 649 */
wolfSSL 15:117db924cf7c 650 WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx)
wolfSSL 15:117db924cf7c 651 {
wolfSSL 15:117db924cf7c 652 if (ctx == NULL) return 0;
wolfSSL 15:117db924cf7c 653 WOLFSSL_ENTER("EVP_PKEY_CTX_free");
wolfSSL 15:117db924cf7c 654 XFREE(ctx, NULL, DYNAMIC_TYPE_PUBLIC_KEY);
wolfSSL 15:117db924cf7c 655 return WOLFSSL_SUCCESS;
wolfSSL 15:117db924cf7c 656 }
wolfSSL 15:117db924cf7c 657
wolfSSL 15:117db924cf7c 658
wolfSSL 15:117db924cf7c 659 /* Creates a new WOLFSSL_EVP_PKEY_CTX structure.
wolfSSL 15:117db924cf7c 660 *
wolfSSL 15:117db924cf7c 661 * pkey key structure to use with new WOLFSSL_EVP_PEKY_CTX
wolfSSL 15:117db924cf7c 662 * e engine to use. It should be NULL at this time.
wolfSSL 15:117db924cf7c 663 *
wolfSSL 15:117db924cf7c 664 * return the new structure on success and NULL if failed.
wolfSSL 15:117db924cf7c 665 */
wolfSSL 15:117db924cf7c 666 WOLFSSL_API WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_ENGINE *e)
wolfSSL 15:117db924cf7c 667 {
wolfSSL 15:117db924cf7c 668 WOLFSSL_EVP_PKEY_CTX* ctx;
wolfSSL 15:117db924cf7c 669
wolfSSL 15:117db924cf7c 670 if (pkey == NULL) return 0;
wolfSSL 15:117db924cf7c 671 if (e != NULL) return 0;
wolfSSL 15:117db924cf7c 672 WOLFSSL_ENTER("EVP_PKEY_CTX_new");
wolfSSL 15:117db924cf7c 673
wolfSSL 15:117db924cf7c 674 ctx = (WOLFSSL_EVP_PKEY_CTX*)XMALLOC(sizeof(WOLFSSL_EVP_PKEY_CTX), NULL,
wolfSSL 15:117db924cf7c 675 DYNAMIC_TYPE_PUBLIC_KEY);
wolfSSL 15:117db924cf7c 676 if (ctx == NULL) return NULL;
wolfSSL 15:117db924cf7c 677 XMEMSET(ctx, 0, sizeof(WOLFSSL_EVP_PKEY_CTX));
wolfSSL 15:117db924cf7c 678 ctx->pkey = pkey;
wolfSSL 15:117db924cf7c 679 #if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
wolfSSL 15:117db924cf7c 680 ctx->padding = RSA_PKCS1_PADDING;
wolfSSL 15:117db924cf7c 681 #endif
wolfSSL 15:117db924cf7c 682
wolfSSL 15:117db924cf7c 683 return ctx;
wolfSSL 15:117db924cf7c 684 }
wolfSSL 15:117db924cf7c 685
wolfSSL 15:117db924cf7c 686
wolfSSL 15:117db924cf7c 687 /* Sets the type of RSA padding to use.
wolfSSL 15:117db924cf7c 688 *
wolfSSL 15:117db924cf7c 689 * ctx structure to set padding in.
wolfSSL 15:117db924cf7c 690 * padding RSA padding type
wolfSSL 15:117db924cf7c 691 *
wolfSSL 15:117db924cf7c 692 * returns WOLFSSL_SUCCESS on success.
wolfSSL 15:117db924cf7c 693 */
wolfSSL 15:117db924cf7c 694 WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set_rsa_padding(WOLFSSL_EVP_PKEY_CTX *ctx, int padding)
wolfSSL 15:117db924cf7c 695 {
wolfSSL 15:117db924cf7c 696 if (ctx == NULL) return 0;
wolfSSL 15:117db924cf7c 697 WOLFSSL_ENTER("EVP_PKEY_CTX_set_rsa_padding");
wolfSSL 15:117db924cf7c 698 ctx->padding = padding;
wolfSSL 15:117db924cf7c 699 return WOLFSSL_SUCCESS;
wolfSSL 15:117db924cf7c 700 }
wolfSSL 15:117db924cf7c 701
wolfSSL 15:117db924cf7c 702
wolfSSL 15:117db924cf7c 703 /* Uses the WOLFSSL_EVP_PKEY_CTX to decrypt a buffer.
wolfSSL 15:117db924cf7c 704 *
wolfSSL 15:117db924cf7c 705 * ctx structure to decrypt with
wolfSSL 15:117db924cf7c 706 * out buffer to hold the results
wolfSSL 15:117db924cf7c 707 * outlen initially holds size of out buffer and gets set to decrypt result size
wolfSSL 15:117db924cf7c 708 * in buffer decrypt
wolfSSL 15:117db924cf7c 709 * inlen length of in buffer
wolfSSL 15:117db924cf7c 710 *
wolfSSL 15:117db924cf7c 711 * returns WOLFSSL_SUCCESS on success.
wolfSSL 15:117db924cf7c 712 */
wolfSSL 15:117db924cf7c 713 WOLFSSL_API int wolfSSL_EVP_PKEY_decrypt(WOLFSSL_EVP_PKEY_CTX *ctx,
wolfSSL 15:117db924cf7c 714 unsigned char *out, size_t *outlen,
wolfSSL 15:117db924cf7c 715 const unsigned char *in, size_t inlen)
wolfSSL 15:117db924cf7c 716 {
wolfSSL 15:117db924cf7c 717 int len;
wolfSSL 15:117db924cf7c 718
wolfSSL 15:117db924cf7c 719 if (ctx == NULL) return 0;
wolfSSL 15:117db924cf7c 720 WOLFSSL_ENTER("EVP_PKEY_decrypt");
wolfSSL 15:117db924cf7c 721
wolfSSL 15:117db924cf7c 722 (void)out;
wolfSSL 15:117db924cf7c 723 (void)outlen;
wolfSSL 15:117db924cf7c 724 (void)in;
wolfSSL 15:117db924cf7c 725 (void)inlen;
wolfSSL 15:117db924cf7c 726 (void)len;
wolfSSL 15:117db924cf7c 727
wolfSSL 15:117db924cf7c 728 switch (ctx->pkey->type) {
wolfSSL 15:117db924cf7c 729 #if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
wolfSSL 15:117db924cf7c 730 case EVP_PKEY_RSA:
wolfSSL 15:117db924cf7c 731 len = wolfSSL_RSA_private_decrypt((int)inlen, (unsigned char*)in, out,
wolfSSL 15:117db924cf7c 732 ctx->pkey->rsa, ctx->padding);
wolfSSL 15:117db924cf7c 733 if (len < 0) break;
wolfSSL 15:117db924cf7c 734 else {
wolfSSL 15:117db924cf7c 735 *outlen = len;
wolfSSL 15:117db924cf7c 736 return WOLFSSL_SUCCESS;
wolfSSL 15:117db924cf7c 737 }
wolfSSL 15:117db924cf7c 738 #endif /* NO_RSA */
wolfSSL 15:117db924cf7c 739
wolfSSL 15:117db924cf7c 740 case EVP_PKEY_EC:
wolfSSL 15:117db924cf7c 741 WOLFSSL_MSG("not implemented");
wolfSSL 15:117db924cf7c 742 FALL_THROUGH;
wolfSSL 15:117db924cf7c 743 default:
wolfSSL 15:117db924cf7c 744 break;
wolfSSL 15:117db924cf7c 745 }
wolfSSL 15:117db924cf7c 746 return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 747 }
wolfSSL 15:117db924cf7c 748
wolfSSL 15:117db924cf7c 749
wolfSSL 15:117db924cf7c 750 /* Initialize a WOLFSSL_EVP_PKEY_CTX structure for decryption
wolfSSL 15:117db924cf7c 751 *
wolfSSL 15:117db924cf7c 752 * ctx WOLFSSL_EVP_PKEY_CTX structure to use with decryption
wolfSSL 15:117db924cf7c 753 *
wolfSSL 15:117db924cf7c 754 * Returns WOLFSSL_FAILURE on failure and WOLFSSL_SUCCESS on success
wolfSSL 15:117db924cf7c 755 */
wolfSSL 15:117db924cf7c 756 WOLFSSL_API int wolfSSL_EVP_PKEY_decrypt_init(WOLFSSL_EVP_PKEY_CTX *ctx)
wolfSSL 15:117db924cf7c 757 {
wolfSSL 15:117db924cf7c 758 if (ctx == NULL) return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 759 WOLFSSL_ENTER("EVP_PKEY_decrypt_init");
wolfSSL 15:117db924cf7c 760 switch (ctx->pkey->type) {
wolfSSL 15:117db924cf7c 761 case EVP_PKEY_RSA:
wolfSSL 15:117db924cf7c 762 ctx->op = EVP_PKEY_OP_DECRYPT;
wolfSSL 15:117db924cf7c 763 return WOLFSSL_SUCCESS;
wolfSSL 15:117db924cf7c 764 case EVP_PKEY_EC:
wolfSSL 15:117db924cf7c 765 WOLFSSL_MSG("not implemented");
wolfSSL 15:117db924cf7c 766 FALL_THROUGH;
wolfSSL 15:117db924cf7c 767 default:
wolfSSL 15:117db924cf7c 768 break;
wolfSSL 15:117db924cf7c 769 }
wolfSSL 15:117db924cf7c 770 return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 771 }
wolfSSL 15:117db924cf7c 772
wolfSSL 15:117db924cf7c 773
wolfSSL 15:117db924cf7c 774 /* Use a WOLFSSL_EVP_PKEY_CTX structure to encrypt data
wolfSSL 15:117db924cf7c 775 *
wolfSSL 15:117db924cf7c 776 * ctx WOLFSSL_EVP_PKEY_CTX structure to use with encryption
wolfSSL 15:117db924cf7c 777 * out buffer to hold encrypted data
wolfSSL 15:117db924cf7c 778 * outlen length of out buffer
wolfSSL 15:117db924cf7c 779 * in data to be encrypted
wolfSSL 15:117db924cf7c 780 * inlen length of in buffer
wolfSSL 15:117db924cf7c 781 *
wolfSSL 15:117db924cf7c 782 * Returns WOLFSSL_FAILURE on failure and WOLFSSL_SUCCESS on success
wolfSSL 15:117db924cf7c 783 */
wolfSSL 15:117db924cf7c 784 WOLFSSL_API int wolfSSL_EVP_PKEY_encrypt(WOLFSSL_EVP_PKEY_CTX *ctx,
wolfSSL 15:117db924cf7c 785 unsigned char *out, size_t *outlen,
wolfSSL 15:117db924cf7c 786 const unsigned char *in, size_t inlen)
wolfSSL 15:117db924cf7c 787 {
wolfSSL 15:117db924cf7c 788 int len;
wolfSSL 15:117db924cf7c 789 if (ctx == NULL) return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 790 WOLFSSL_ENTER("EVP_PKEY_encrypt");
wolfSSL 15:117db924cf7c 791 if (ctx->op != EVP_PKEY_OP_ENCRYPT) return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 792
wolfSSL 15:117db924cf7c 793 (void)out;
wolfSSL 15:117db924cf7c 794 (void)outlen;
wolfSSL 15:117db924cf7c 795 (void)in;
wolfSSL 15:117db924cf7c 796 (void)inlen;
wolfSSL 15:117db924cf7c 797 (void)len;
wolfSSL 15:117db924cf7c 798 switch (ctx->pkey->type) {
wolfSSL 15:117db924cf7c 799 #if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
wolfSSL 15:117db924cf7c 800 case EVP_PKEY_RSA:
wolfSSL 15:117db924cf7c 801 len = wolfSSL_RSA_public_encrypt((int)inlen, (unsigned char *)in, out,
wolfSSL 15:117db924cf7c 802 ctx->pkey->rsa, ctx->padding);
wolfSSL 15:117db924cf7c 803 if (len < 0)
wolfSSL 15:117db924cf7c 804 break;
wolfSSL 15:117db924cf7c 805 else {
wolfSSL 15:117db924cf7c 806 *outlen = len;
wolfSSL 15:117db924cf7c 807 return WOLFSSL_SUCCESS;
wolfSSL 15:117db924cf7c 808 }
wolfSSL 15:117db924cf7c 809 #endif /* NO_RSA */
wolfSSL 15:117db924cf7c 810
wolfSSL 15:117db924cf7c 811 case EVP_PKEY_EC:
wolfSSL 15:117db924cf7c 812 WOLFSSL_MSG("not implemented");
wolfSSL 15:117db924cf7c 813 FALL_THROUGH;
wolfSSL 15:117db924cf7c 814 default:
wolfSSL 15:117db924cf7c 815 break;
wolfSSL 15:117db924cf7c 816 }
wolfSSL 15:117db924cf7c 817 return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 818 }
wolfSSL 15:117db924cf7c 819
wolfSSL 15:117db924cf7c 820
wolfSSL 15:117db924cf7c 821 /* Initialize a WOLFSSL_EVP_PKEY_CTX structure to encrypt data
wolfSSL 15:117db924cf7c 822 *
wolfSSL 15:117db924cf7c 823 * ctx WOLFSSL_EVP_PKEY_CTX structure to use with encryption
wolfSSL 15:117db924cf7c 824 *
wolfSSL 15:117db924cf7c 825 * Returns WOLFSSL_FAILURE on failure and WOLFSSL_SUCCESS on success
wolfSSL 15:117db924cf7c 826 */
wolfSSL 15:117db924cf7c 827 WOLFSSL_API int wolfSSL_EVP_PKEY_encrypt_init(WOLFSSL_EVP_PKEY_CTX *ctx)
wolfSSL 15:117db924cf7c 828 {
wolfSSL 15:117db924cf7c 829 if (ctx == NULL) return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 830 WOLFSSL_ENTER("EVP_PKEY_encrypt_init");
wolfSSL 15:117db924cf7c 831
wolfSSL 15:117db924cf7c 832 switch (ctx->pkey->type) {
wolfSSL 15:117db924cf7c 833 case EVP_PKEY_RSA:
wolfSSL 15:117db924cf7c 834 ctx->op = EVP_PKEY_OP_ENCRYPT;
wolfSSL 15:117db924cf7c 835 return WOLFSSL_SUCCESS;
wolfSSL 15:117db924cf7c 836 case EVP_PKEY_EC:
wolfSSL 15:117db924cf7c 837 WOLFSSL_MSG("not implemented");
wolfSSL 15:117db924cf7c 838 FALL_THROUGH;
wolfSSL 15:117db924cf7c 839 default:
wolfSSL 15:117db924cf7c 840 break;
wolfSSL 15:117db924cf7c 841 }
wolfSSL 15:117db924cf7c 842 return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 843 }
wolfSSL 15:117db924cf7c 844
wolfSSL 15:117db924cf7c 845
wolfSSL 15:117db924cf7c 846 /* Get the size in bits for WOLFSSL_EVP_PKEY key
wolfSSL 15:117db924cf7c 847 *
wolfSSL 15:117db924cf7c 848 * pkey WOLFSSL_EVP_PKEY structure to get key size of
wolfSSL 15:117db924cf7c 849 *
wolfSSL 15:117db924cf7c 850 * returns the size in bits of key on success
wolfSSL 15:117db924cf7c 851 */
wolfSSL 15:117db924cf7c 852 WOLFSSL_API int wolfSSL_EVP_PKEY_bits(const WOLFSSL_EVP_PKEY *pkey)
wolfSSL 15:117db924cf7c 853 {
wolfSSL 15:117db924cf7c 854 int bytes;
wolfSSL 15:117db924cf7c 855
wolfSSL 15:117db924cf7c 856 if (pkey == NULL) return 0;
wolfSSL 15:117db924cf7c 857 WOLFSSL_ENTER("EVP_PKEY_bits");
wolfSSL 15:117db924cf7c 858 if ((bytes = wolfSSL_EVP_PKEY_size((WOLFSSL_EVP_PKEY*)pkey)) ==0) return 0;
wolfSSL 15:117db924cf7c 859 return bytes*8;
wolfSSL 15:117db924cf7c 860 }
wolfSSL 15:117db924cf7c 861
wolfSSL 15:117db924cf7c 862
wolfSSL 15:117db924cf7c 863 /* Get the size in bytes for WOLFSSL_EVP_PKEY key
wolfSSL 15:117db924cf7c 864 *
wolfSSL 15:117db924cf7c 865 * pkey WOLFSSL_EVP_PKEY structure to get key size of
wolfSSL 15:117db924cf7c 866 *
wolfSSL 15:117db924cf7c 867 * returns the size of a key on success which is the maximum size of a
wolfSSL 15:117db924cf7c 868 * signature
wolfSSL 15:117db924cf7c 869 */
wolfSSL 15:117db924cf7c 870 WOLFSSL_API int wolfSSL_EVP_PKEY_size(WOLFSSL_EVP_PKEY *pkey)
wolfSSL 15:117db924cf7c 871 {
wolfSSL 15:117db924cf7c 872 if (pkey == NULL) return 0;
wolfSSL 15:117db924cf7c 873 WOLFSSL_ENTER("EVP_PKEY_size");
wolfSSL 15:117db924cf7c 874
wolfSSL 15:117db924cf7c 875 switch (pkey->type) {
wolfSSL 15:117db924cf7c 876 #if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
wolfSSL 15:117db924cf7c 877 case EVP_PKEY_RSA:
wolfSSL 15:117db924cf7c 878 return (int)wolfSSL_RSA_size((const WOLFSSL_RSA*)(pkey->rsa));
wolfSSL 15:117db924cf7c 879 #endif /* NO_RSA */
wolfSSL 15:117db924cf7c 880
wolfSSL 15:117db924cf7c 881 #ifdef HAVE_ECC
wolfSSL 15:117db924cf7c 882 case EVP_PKEY_EC:
wolfSSL 15:117db924cf7c 883 if (pkey->ecc == NULL || pkey->ecc->internal == NULL) {
wolfSSL 15:117db924cf7c 884 WOLFSSL_MSG("No ECC key has been set");
wolfSSL 15:117db924cf7c 885 break;
wolfSSL 15:117db924cf7c 886 }
wolfSSL 15:117db924cf7c 887 return wc_ecc_size((ecc_key*)(pkey->ecc->internal));
wolfSSL 15:117db924cf7c 888 #endif /* HAVE_ECC */
wolfSSL 15:117db924cf7c 889
wolfSSL 15:117db924cf7c 890 default:
wolfSSL 15:117db924cf7c 891 break;
wolfSSL 15:117db924cf7c 892 }
wolfSSL 15:117db924cf7c 893 return 0;
wolfSSL 15:117db924cf7c 894 }
wolfSSL 15:117db924cf7c 895
wolfSSL 15:117db924cf7c 896
wolfSSL 15:117db924cf7c 897 /* Initialize structure for signing
wolfSSL 15:117db924cf7c 898 *
wolfSSL 15:117db924cf7c 899 * ctx WOLFSSL_EVP_MD_CTX structure to initialize
wolfSSL 15:117db924cf7c 900 * type is the type of message digest to use
wolfSSL 15:117db924cf7c 901 *
wolfSSL 15:117db924cf7c 902 * returns WOLFSSL_SUCCESS on success
wolfSSL 15:117db924cf7c 903 */
wolfSSL 15:117db924cf7c 904 WOLFSSL_API int wolfSSL_EVP_SignInit(WOLFSSL_EVP_MD_CTX *ctx, const WOLFSSL_EVP_MD *type)
wolfSSL 15:117db924cf7c 905 {
wolfSSL 15:117db924cf7c 906 if (ctx == NULL) return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 907 WOLFSSL_ENTER("EVP_SignInit");
wolfSSL 15:117db924cf7c 908 return wolfSSL_EVP_DigestInit(ctx,type);
wolfSSL 15:117db924cf7c 909 }
wolfSSL 15:117db924cf7c 910
wolfSSL 15:117db924cf7c 911
wolfSSL 15:117db924cf7c 912 /* Update structure with data for signing
wolfSSL 15:117db924cf7c 913 *
wolfSSL 15:117db924cf7c 914 * ctx WOLFSSL_EVP_MD_CTX structure to update
wolfSSL 15:117db924cf7c 915 * data buffer holding data to update with for sign
wolfSSL 15:117db924cf7c 916 * len length of data buffer
wolfSSL 15:117db924cf7c 917 *
wolfSSL 15:117db924cf7c 918 * returns WOLFSSL_SUCCESS on success
wolfSSL 15:117db924cf7c 919 */
wolfSSL 15:117db924cf7c 920 WOLFSSL_API int wolfSSL_EVP_SignUpdate(WOLFSSL_EVP_MD_CTX *ctx, const void *data, size_t len)
wolfSSL 15:117db924cf7c 921 {
wolfSSL 15:117db924cf7c 922 if (ctx == NULL) return 0;
wolfSSL 15:117db924cf7c 923 WOLFSSL_ENTER("EVP_SignUpdate(");
wolfSSL 15:117db924cf7c 924 return wolfSSL_EVP_DigestUpdate(ctx, data, len);
wolfSSL 15:117db924cf7c 925 }
wolfSSL 15:117db924cf7c 926
wolfSSL 15:117db924cf7c 927 /* macro gaurd because currently only used with RSA */
wolfSSL 15:117db924cf7c 928 #if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
wolfSSL 15:117db924cf7c 929 /* Helper function for getting the NID value from md
wolfSSL 15:117db924cf7c 930 *
wolfSSL 15:117db924cf7c 931 * returns the NID value associated with md on success */
wolfSSL 15:117db924cf7c 932 static int md2nid(int md)
wolfSSL 15:117db924cf7c 933 {
wolfSSL 15:117db924cf7c 934 const char * d;
wolfSSL 15:117db924cf7c 935 d = (const char *)wolfSSL_EVP_get_md((const unsigned char)md);
wolfSSL 15:117db924cf7c 936 if (XSTRNCMP(d, "SHA", 3) == 0) {
wolfSSL 15:117db924cf7c 937 if (XSTRLEN(d) > 3) {
wolfSSL 15:117db924cf7c 938 if (XSTRNCMP(d, "SHA256", 6) == 0) {
wolfSSL 15:117db924cf7c 939 return NID_sha256;
wolfSSL 15:117db924cf7c 940 }
wolfSSL 15:117db924cf7c 941 if (XSTRNCMP(d, "SHA384", 6) == 0) {
wolfSSL 15:117db924cf7c 942 return NID_sha384;
wolfSSL 15:117db924cf7c 943 }
wolfSSL 15:117db924cf7c 944 if (XSTRNCMP(d, "SHA512", 6) == 0) {
wolfSSL 15:117db924cf7c 945 return NID_sha512;
wolfSSL 15:117db924cf7c 946 }
wolfSSL 15:117db924cf7c 947 WOLFSSL_MSG("Unknown SHA type");
wolfSSL 15:117db924cf7c 948 return 0;
wolfSSL 15:117db924cf7c 949 }
wolfSSL 15:117db924cf7c 950 else {
wolfSSL 15:117db924cf7c 951 return NID_sha1;
wolfSSL 15:117db924cf7c 952 }
wolfSSL 15:117db924cf7c 953 }
wolfSSL 15:117db924cf7c 954 if (XSTRNCMP(d, "MD5", 3) == 0)
wolfSSL 15:117db924cf7c 955 return NID_md5;
wolfSSL 15:117db924cf7c 956 return 0;
wolfSSL 15:117db924cf7c 957 }
wolfSSL 15:117db924cf7c 958 #endif /* NO_RSA */
wolfSSL 15:117db924cf7c 959
wolfSSL 15:117db924cf7c 960 /* Finalize structure for signing
wolfSSL 15:117db924cf7c 961 *
wolfSSL 15:117db924cf7c 962 * ctx WOLFSSL_EVP_MD_CTX structure to finalize
wolfSSL 15:117db924cf7c 963 * sigret buffer to hold resulting signature
wolfSSL 15:117db924cf7c 964 * siglen length of sigret buffer
wolfSSL 15:117db924cf7c 965 * pkey key to sign with
wolfSSL 15:117db924cf7c 966 *
wolfSSL 15:117db924cf7c 967 * returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure
wolfSSL 15:117db924cf7c 968 */
wolfSSL 15:117db924cf7c 969 WOLFSSL_API int wolfSSL_EVP_SignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sigret,
wolfSSL 15:117db924cf7c 970 unsigned int *siglen, WOLFSSL_EVP_PKEY *pkey)
wolfSSL 15:117db924cf7c 971 {
wolfSSL 15:117db924cf7c 972 unsigned int mdsize;
wolfSSL 15:117db924cf7c 973 unsigned char md[WC_MAX_DIGEST_SIZE];
wolfSSL 15:117db924cf7c 974 int ret;
wolfSSL 15:117db924cf7c 975 if (ctx == NULL) return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 976 WOLFSSL_ENTER("EVP_SignFinal");
wolfSSL 15:117db924cf7c 977
wolfSSL 15:117db924cf7c 978 ret = wolfSSL_EVP_DigestFinal(ctx, md, &mdsize);
wolfSSL 15:117db924cf7c 979 if (ret <= 0) return ret;
wolfSSL 15:117db924cf7c 980
wolfSSL 15:117db924cf7c 981 (void)sigret;
wolfSSL 15:117db924cf7c 982 (void)siglen;
wolfSSL 15:117db924cf7c 983
wolfSSL 15:117db924cf7c 984 switch (pkey->type) {
wolfSSL 15:117db924cf7c 985 #if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
wolfSSL 15:117db924cf7c 986 case EVP_PKEY_RSA: {
wolfSSL 15:117db924cf7c 987 int nid = md2nid(ctx->macType);
wolfSSL 15:117db924cf7c 988 if (nid < 0) break;
wolfSSL 15:117db924cf7c 989 return wolfSSL_RSA_sign(nid, md, mdsize, sigret,
wolfSSL 15:117db924cf7c 990 siglen, pkey->rsa);
wolfSSL 15:117db924cf7c 991 }
wolfSSL 15:117db924cf7c 992 #endif /* NO_RSA */
wolfSSL 15:117db924cf7c 993
wolfSSL 15:117db924cf7c 994 case EVP_PKEY_DSA:
wolfSSL 15:117db924cf7c 995 case EVP_PKEY_EC:
wolfSSL 15:117db924cf7c 996 WOLFSSL_MSG("not implemented");
wolfSSL 15:117db924cf7c 997 FALL_THROUGH;
wolfSSL 15:117db924cf7c 998 default:
wolfSSL 15:117db924cf7c 999 break;
wolfSSL 15:117db924cf7c 1000 }
wolfSSL 15:117db924cf7c 1001 return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 1002 }
wolfSSL 15:117db924cf7c 1003
wolfSSL 15:117db924cf7c 1004
wolfSSL 15:117db924cf7c 1005 /* Initialize structure for verifying signature
wolfSSL 15:117db924cf7c 1006 *
wolfSSL 15:117db924cf7c 1007 * ctx WOLFSSL_EVP_MD_CTX structure to initialize
wolfSSL 15:117db924cf7c 1008 * type is the type of message digest to use
wolfSSL 15:117db924cf7c 1009 *
wolfSSL 15:117db924cf7c 1010 * returns WOLFSSL_SUCCESS on success
wolfSSL 15:117db924cf7c 1011 */
wolfSSL 15:117db924cf7c 1012 WOLFSSL_API int wolfSSL_EVP_VerifyInit(WOLFSSL_EVP_MD_CTX *ctx, const WOLFSSL_EVP_MD *type)
wolfSSL 15:117db924cf7c 1013 {
wolfSSL 15:117db924cf7c 1014 if (ctx == NULL) return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 1015 WOLFSSL_ENTER("EVP_VerifyInit");
wolfSSL 15:117db924cf7c 1016 return wolfSSL_EVP_DigestInit(ctx,type);
wolfSSL 15:117db924cf7c 1017 }
wolfSSL 15:117db924cf7c 1018
wolfSSL 15:117db924cf7c 1019
wolfSSL 15:117db924cf7c 1020 /* Update structure for verifying signature
wolfSSL 15:117db924cf7c 1021 *
wolfSSL 15:117db924cf7c 1022 * ctx WOLFSSL_EVP_MD_CTX structure to update
wolfSSL 15:117db924cf7c 1023 * data buffer holding data to update with for verify
wolfSSL 15:117db924cf7c 1024 * len length of data buffer
wolfSSL 15:117db924cf7c 1025 *
wolfSSL 15:117db924cf7c 1026 * returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure
wolfSSL 15:117db924cf7c 1027 */
wolfSSL 15:117db924cf7c 1028 WOLFSSL_API int wolfSSL_EVP_VerifyUpdate(WOLFSSL_EVP_MD_CTX *ctx, const void *data, size_t len)
wolfSSL 15:117db924cf7c 1029 {
wolfSSL 15:117db924cf7c 1030 if (ctx == NULL) return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 1031 WOLFSSL_ENTER("EVP_VerifyUpdate");
wolfSSL 15:117db924cf7c 1032 return wolfSSL_EVP_DigestUpdate(ctx, data, len);
wolfSSL 15:117db924cf7c 1033 }
wolfSSL 15:117db924cf7c 1034
wolfSSL 15:117db924cf7c 1035
wolfSSL 15:117db924cf7c 1036 /* Finalize structure for verifying signature
wolfSSL 15:117db924cf7c 1037 *
wolfSSL 15:117db924cf7c 1038 * ctx WOLFSSL_EVP_MD_CTX structure to finalize
wolfSSL 15:117db924cf7c 1039 * sig buffer holding signature
wolfSSL 15:117db924cf7c 1040 * siglen length of sig buffer
wolfSSL 15:117db924cf7c 1041 * pkey key to verify with
wolfSSL 15:117db924cf7c 1042 *
wolfSSL 15:117db924cf7c 1043 * returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure
wolfSSL 15:117db924cf7c 1044 */
wolfSSL 15:117db924cf7c 1045 WOLFSSL_API int wolfSSL_EVP_VerifyFinal(WOLFSSL_EVP_MD_CTX *ctx,
wolfSSL 15:117db924cf7c 1046 unsigned char*sig, unsigned int siglen, WOLFSSL_EVP_PKEY *pkey)
wolfSSL 15:117db924cf7c 1047 {
wolfSSL 15:117db924cf7c 1048 int ret;
wolfSSL 15:117db924cf7c 1049 unsigned char md[WC_MAX_DIGEST_SIZE];
wolfSSL 15:117db924cf7c 1050 unsigned int mdsize;
wolfSSL 15:117db924cf7c 1051
wolfSSL 15:117db924cf7c 1052 if (ctx == NULL) return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 1053 WOLFSSL_ENTER("EVP_VerifyFinal");
wolfSSL 15:117db924cf7c 1054 ret = wolfSSL_EVP_DigestFinal(ctx, md, &mdsize);
wolfSSL 15:117db924cf7c 1055 if (ret <= 0) return ret;
wolfSSL 15:117db924cf7c 1056
wolfSSL 15:117db924cf7c 1057 (void)sig;
wolfSSL 15:117db924cf7c 1058 (void)siglen;
wolfSSL 15:117db924cf7c 1059
wolfSSL 15:117db924cf7c 1060 switch (pkey->type) {
wolfSSL 15:117db924cf7c 1061 #if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
wolfSSL 15:117db924cf7c 1062 case EVP_PKEY_RSA: {
wolfSSL 15:117db924cf7c 1063 int nid = md2nid(ctx->macType);
wolfSSL 15:117db924cf7c 1064 if (nid < 0) break;
wolfSSL 15:117db924cf7c 1065 return wolfSSL_RSA_verify(nid, md, mdsize, sig,
wolfSSL 15:117db924cf7c 1066 (unsigned int)siglen, pkey->rsa);
wolfSSL 15:117db924cf7c 1067 }
wolfSSL 15:117db924cf7c 1068 #endif /* NO_RSA */
wolfSSL 15:117db924cf7c 1069
wolfSSL 15:117db924cf7c 1070 case EVP_PKEY_DSA:
wolfSSL 15:117db924cf7c 1071 case EVP_PKEY_EC:
wolfSSL 15:117db924cf7c 1072 WOLFSSL_MSG("not implemented");
wolfSSL 15:117db924cf7c 1073 FALL_THROUGH;
wolfSSL 15:117db924cf7c 1074 default:
wolfSSL 15:117db924cf7c 1075 break;
wolfSSL 15:117db924cf7c 1076 }
wolfSSL 15:117db924cf7c 1077 return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 1078 }
wolfSSL 15:117db924cf7c 1079
wolfSSL 15:117db924cf7c 1080 WOLFSSL_API int wolfSSL_EVP_add_cipher(const WOLFSSL_EVP_CIPHER *cipher)
wolfSSL 15:117db924cf7c 1081 {
wolfSSL 15:117db924cf7c 1082 (void)cipher;
wolfSSL 15:117db924cf7c 1083 /* nothing to do */
wolfSSL 15:117db924cf7c 1084 return 0;
wolfSSL 15:117db924cf7c 1085 }
wolfSSL 15:117db924cf7c 1086
wolfSSL 15:117db924cf7c 1087
wolfSSL 15:117db924cf7c 1088 WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_mac_key(int type, ENGINE* e,
wolfSSL 15:117db924cf7c 1089 const unsigned char* key, int keylen)
wolfSSL 15:117db924cf7c 1090 {
wolfSSL 15:117db924cf7c 1091 WOLFSSL_EVP_PKEY* pkey;
wolfSSL 15:117db924cf7c 1092
wolfSSL 15:117db924cf7c 1093 (void)e;
wolfSSL 15:117db924cf7c 1094
wolfSSL 15:117db924cf7c 1095 if (type != EVP_PKEY_HMAC || (key == NULL && keylen != 0))
wolfSSL 15:117db924cf7c 1096 return NULL;
wolfSSL 15:117db924cf7c 1097
wolfSSL 15:117db924cf7c 1098 pkey = wolfSSL_PKEY_new();
wolfSSL 15:117db924cf7c 1099 if (pkey != NULL) {
wolfSSL 15:117db924cf7c 1100 pkey->pkey.ptr = (char*)XMALLOC(keylen, NULL, DYNAMIC_TYPE_PUBLIC_KEY);
wolfSSL 15:117db924cf7c 1101 if (pkey->pkey.ptr == NULL && keylen > 0) {
wolfSSL 15:117db924cf7c 1102 wolfSSL_EVP_PKEY_free(pkey);
wolfSSL 15:117db924cf7c 1103 pkey = NULL;
wolfSSL 15:117db924cf7c 1104 }
wolfSSL 15:117db924cf7c 1105 else {
wolfSSL 15:117db924cf7c 1106 XMEMCPY(pkey->pkey.ptr, key, keylen);
wolfSSL 15:117db924cf7c 1107 pkey->pkey_sz = keylen;
wolfSSL 15:117db924cf7c 1108 pkey->type = pkey->save_type = type;
wolfSSL 15:117db924cf7c 1109 }
wolfSSL 15:117db924cf7c 1110 }
wolfSSL 15:117db924cf7c 1111
wolfSSL 15:117db924cf7c 1112 return pkey;
wolfSSL 15:117db924cf7c 1113 }
wolfSSL 15:117db924cf7c 1114
wolfSSL 15:117db924cf7c 1115
wolfSSL 15:117db924cf7c 1116 const unsigned char* wolfSSL_EVP_PKEY_get0_hmac(const WOLFSSL_EVP_PKEY* pkey,
wolfSSL 15:117db924cf7c 1117 size_t* len)
wolfSSL 15:117db924cf7c 1118 {
wolfSSL 15:117db924cf7c 1119 if (pkey == NULL || len == NULL)
wolfSSL 15:117db924cf7c 1120 return NULL;
wolfSSL 15:117db924cf7c 1121
wolfSSL 15:117db924cf7c 1122 *len = (size_t)pkey->pkey_sz;
wolfSSL 15:117db924cf7c 1123
wolfSSL 15:117db924cf7c 1124 return (const unsigned char*)pkey->pkey.ptr;
wolfSSL 15:117db924cf7c 1125 }
wolfSSL 15:117db924cf7c 1126
wolfSSL 15:117db924cf7c 1127
wolfSSL 15:117db924cf7c 1128 int wolfSSL_EVP_DigestSignInit(WOLFSSL_EVP_MD_CTX *ctx,
wolfSSL 15:117db924cf7c 1129 WOLFSSL_EVP_PKEY_CTX **pctx,
wolfSSL 15:117db924cf7c 1130 const WOLFSSL_EVP_MD *type,
wolfSSL 15:117db924cf7c 1131 WOLFSSL_ENGINE *e,
wolfSSL 15:117db924cf7c 1132 WOLFSSL_EVP_PKEY *pkey)
wolfSSL 15:117db924cf7c 1133 {
wolfSSL 15:117db924cf7c 1134 int hashType;
wolfSSL 15:117db924cf7c 1135 const unsigned char* key;
wolfSSL 15:117db924cf7c 1136 size_t keySz;
wolfSSL 15:117db924cf7c 1137
wolfSSL 15:117db924cf7c 1138 /* Unused parameters */
wolfSSL 15:117db924cf7c 1139 (void)pctx;
wolfSSL 15:117db924cf7c 1140 (void)e;
wolfSSL 15:117db924cf7c 1141
wolfSSL 15:117db924cf7c 1142 WOLFSSL_ENTER("EVP_DigestSignInit");
wolfSSL 15:117db924cf7c 1143
wolfSSL 15:117db924cf7c 1144 if (ctx == NULL || type == NULL || pkey == NULL)
wolfSSL 15:117db924cf7c 1145 return BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 1146
wolfSSL 15:117db924cf7c 1147 #ifdef WOLFSSL_ASYNC_CRYPT
wolfSSL 15:117db924cf7c 1148 /* compile-time validation of ASYNC_CTX_SIZE */
wolfSSL 15:117db924cf7c 1149 typedef char async_test[WC_ASYNC_DEV_SIZE >= sizeof(WC_ASYNC_DEV) ?
wolfSSL 15:117db924cf7c 1150 1 : -1];
wolfSSL 15:117db924cf7c 1151 (void)sizeof(async_test);
wolfSSL 15:117db924cf7c 1152 #endif
wolfSSL 15:117db924cf7c 1153
wolfSSL 15:117db924cf7c 1154 if (XSTRNCMP(type, "SHA256", 6) == 0) {
wolfSSL 15:117db924cf7c 1155 hashType = WC_SHA256;
wolfSSL 15:117db924cf7c 1156 }
wolfSSL 15:117db924cf7c 1157 #ifdef WOLFSSL_SHA224
wolfSSL 15:117db924cf7c 1158 else if (XSTRNCMP(type, "SHA224", 6) == 0) {
wolfSSL 15:117db924cf7c 1159 hashType = WC_SHA224;
wolfSSL 15:117db924cf7c 1160 }
wolfSSL 15:117db924cf7c 1161 #endif
wolfSSL 15:117db924cf7c 1162 #ifdef WOLFSSL_SHA384
wolfSSL 15:117db924cf7c 1163 else if (XSTRNCMP(type, "SHA384", 6) == 0) {
wolfSSL 15:117db924cf7c 1164 hashType = WC_SHA384;
wolfSSL 15:117db924cf7c 1165 }
wolfSSL 15:117db924cf7c 1166 #endif
wolfSSL 15:117db924cf7c 1167 #ifdef WOLFSSL_SHA512
wolfSSL 15:117db924cf7c 1168 else if (XSTRNCMP(type, "SHA512", 6) == 0) {
wolfSSL 15:117db924cf7c 1169 hashType = WC_SHA512;
wolfSSL 15:117db924cf7c 1170 }
wolfSSL 15:117db924cf7c 1171 #endif
wolfSSL 15:117db924cf7c 1172 #ifndef NO_MD5
wolfSSL 15:117db924cf7c 1173 else if (XSTRNCMP(type, "MD5", 3) == 0) {
wolfSSL 15:117db924cf7c 1174 hashType = WC_MD5;
wolfSSL 15:117db924cf7c 1175 }
wolfSSL 15:117db924cf7c 1176 #endif
wolfSSL 15:117db924cf7c 1177 #ifndef NO_SHA
wolfSSL 15:117db924cf7c 1178 /* has to be last since would pick or 224, 256, 384, or 512 too */
wolfSSL 15:117db924cf7c 1179 else if (XSTRNCMP(type, "SHA", 3) == 0) {
wolfSSL 15:117db924cf7c 1180 hashType = WC_SHA;
wolfSSL 15:117db924cf7c 1181 }
wolfSSL 15:117db924cf7c 1182 #endif /* NO_SHA */
wolfSSL 15:117db924cf7c 1183 else
wolfSSL 15:117db924cf7c 1184 return BAD_FUNC_ARG;
wolfSSL 15:117db924cf7c 1185
wolfSSL 15:117db924cf7c 1186 key = wolfSSL_EVP_PKEY_get0_hmac(pkey, &keySz);
wolfSSL 15:117db924cf7c 1187
wolfSSL 15:117db924cf7c 1188 if (wc_HmacInit(&ctx->hash.hmac, NULL, INVALID_DEVID) != 0)
wolfSSL 15:117db924cf7c 1189 return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 1190
wolfSSL 15:117db924cf7c 1191 if (wc_HmacSetKey(&ctx->hash.hmac, hashType, key, (word32)keySz) != 0)
wolfSSL 15:117db924cf7c 1192 return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 1193
wolfSSL 15:117db924cf7c 1194 ctx->macType = NID_hmac & 0xFF;
wolfSSL 15:117db924cf7c 1195
wolfSSL 15:117db924cf7c 1196 return WOLFSSL_SUCCESS;
wolfSSL 15:117db924cf7c 1197 }
wolfSSL 15:117db924cf7c 1198
wolfSSL 15:117db924cf7c 1199
wolfSSL 15:117db924cf7c 1200 int wolfSSL_EVP_DigestSignUpdate(WOLFSSL_EVP_MD_CTX *ctx,
wolfSSL 15:117db924cf7c 1201 const void *d, unsigned int cnt)
wolfSSL 15:117db924cf7c 1202 {
wolfSSL 15:117db924cf7c 1203 WOLFSSL_ENTER("EVP_DigestSignFinal");
wolfSSL 15:117db924cf7c 1204
wolfSSL 15:117db924cf7c 1205 if (ctx->macType != (NID_hmac & 0xFF))
wolfSSL 15:117db924cf7c 1206 return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 1207
wolfSSL 15:117db924cf7c 1208 if (wc_HmacUpdate(&ctx->hash.hmac, (const byte *)d, cnt) != 0)
wolfSSL 15:117db924cf7c 1209 return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 1210
wolfSSL 15:117db924cf7c 1211 return WOLFSSL_SUCCESS;
wolfSSL 15:117db924cf7c 1212 }
wolfSSL 15:117db924cf7c 1213
wolfSSL 15:117db924cf7c 1214
wolfSSL 15:117db924cf7c 1215 int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx,
wolfSSL 15:117db924cf7c 1216 unsigned char *sig, size_t *siglen)
wolfSSL 15:117db924cf7c 1217 {
wolfSSL 15:117db924cf7c 1218 unsigned char digest[WC_MAX_DIGEST_SIZE];
wolfSSL 15:117db924cf7c 1219 Hmac hmacCopy;
wolfSSL 15:117db924cf7c 1220 int hashLen, ret;
wolfSSL 15:117db924cf7c 1221
wolfSSL 15:117db924cf7c 1222 WOLFSSL_ENTER("EVP_DigestSignFinal");
wolfSSL 15:117db924cf7c 1223
wolfSSL 15:117db924cf7c 1224 if (ctx == NULL || siglen == NULL)
wolfSSL 15:117db924cf7c 1225 return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 1226
wolfSSL 15:117db924cf7c 1227 if (ctx->macType != (NID_hmac & 0xFF))
wolfSSL 15:117db924cf7c 1228 return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 1229
wolfSSL 15:117db924cf7c 1230 switch (ctx->hash.hmac.macType) {
wolfSSL 15:117db924cf7c 1231 #ifndef NO_MD5
wolfSSL 15:117db924cf7c 1232 case WC_MD5:
wolfSSL 15:117db924cf7c 1233 hashLen = WC_MD5_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 1234 break;
wolfSSL 15:117db924cf7c 1235 #endif /* !NO_MD5 */
wolfSSL 15:117db924cf7c 1236
wolfSSL 15:117db924cf7c 1237 #ifndef NO_SHA
wolfSSL 15:117db924cf7c 1238 case WC_SHA:
wolfSSL 15:117db924cf7c 1239 hashLen = WC_SHA_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 1240 break;
wolfSSL 15:117db924cf7c 1241 #endif /* !NO_SHA */
wolfSSL 15:117db924cf7c 1242
wolfSSL 15:117db924cf7c 1243 #ifdef WOLFSSL_SHA224
wolfSSL 15:117db924cf7c 1244 case WC_SHA224:
wolfSSL 15:117db924cf7c 1245 hashLen = WC_SHA224_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 1246 break;
wolfSSL 15:117db924cf7c 1247 #endif /* WOLFSSL_SHA224 */
wolfSSL 15:117db924cf7c 1248
wolfSSL 15:117db924cf7c 1249 #ifndef NO_SHA256
wolfSSL 15:117db924cf7c 1250 case WC_SHA256:
wolfSSL 15:117db924cf7c 1251 hashLen = WC_SHA256_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 1252 break;
wolfSSL 15:117db924cf7c 1253 #endif /* !NO_SHA256 */
wolfSSL 15:117db924cf7c 1254
wolfSSL 15:117db924cf7c 1255 #ifdef WOLFSSL_SHA512
wolfSSL 15:117db924cf7c 1256 #ifdef WOLFSSL_SHA384
wolfSSL 15:117db924cf7c 1257 case WC_SHA384:
wolfSSL 15:117db924cf7c 1258 hashLen = WC_SHA384_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 1259 break;
wolfSSL 15:117db924cf7c 1260 #endif /* WOLFSSL_SHA384 */
wolfSSL 15:117db924cf7c 1261 case WC_SHA512:
wolfSSL 15:117db924cf7c 1262 hashLen = WC_SHA512_DIGEST_SIZE;
wolfSSL 15:117db924cf7c 1263 break;
wolfSSL 15:117db924cf7c 1264 #endif /* WOLFSSL_SHA512 */
wolfSSL 15:117db924cf7c 1265
wolfSSL 15:117db924cf7c 1266 #ifdef HAVE_BLAKE2
wolfSSL 15:117db924cf7c 1267 case BLAKE2B_ID:
wolfSSL 15:117db924cf7c 1268 hashLen = BLAKE2B_OUTBYTES;
wolfSSL 15:117db924cf7c 1269 break;
wolfSSL 15:117db924cf7c 1270 #endif /* HAVE_BLAKE2 */
wolfSSL 15:117db924cf7c 1271
wolfSSL 15:117db924cf7c 1272 default:
wolfSSL 15:117db924cf7c 1273 return 0;
wolfSSL 15:117db924cf7c 1274 }
wolfSSL 15:117db924cf7c 1275
wolfSSL 15:117db924cf7c 1276 if (sig == NULL) {
wolfSSL 15:117db924cf7c 1277 *siglen = hashLen;
wolfSSL 15:117db924cf7c 1278 return WOLFSSL_SUCCESS;
wolfSSL 15:117db924cf7c 1279 }
wolfSSL 15:117db924cf7c 1280
wolfSSL 15:117db924cf7c 1281 if ((int)(*siglen) > hashLen)
wolfSSL 15:117db924cf7c 1282 *siglen = hashLen;
wolfSSL 15:117db924cf7c 1283
wolfSSL 15:117db924cf7c 1284 XMEMCPY(&hmacCopy, &ctx->hash.hmac, sizeof(hmacCopy));
wolfSSL 15:117db924cf7c 1285 ret = wc_HmacFinal(&hmacCopy, digest) == 0;
wolfSSL 15:117db924cf7c 1286 if (ret == 1)
wolfSSL 15:117db924cf7c 1287 XMEMCPY(sig, digest, *siglen);
wolfSSL 15:117db924cf7c 1288
wolfSSL 15:117db924cf7c 1289 ForceZero(&hmacCopy, sizeof(hmacCopy));
wolfSSL 15:117db924cf7c 1290 ForceZero(digest, sizeof(digest));
wolfSSL 15:117db924cf7c 1291 return ret;
wolfSSL 15:117db924cf7c 1292 }
wolfSSL 15:117db924cf7c 1293 #endif /* WOLFSSL_EVP_INCLUDED */
wolfSSL 15:117db924cf7c 1294
wolfSSL 15:117db924cf7c 1295 #if defined(OPENSSL_EXTRA) && !defined(NO_PWDBASED) && !defined(NO_SHA)
wolfSSL 15:117db924cf7c 1296 WOLFSSL_API int wolfSSL_PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
wolfSSL 15:117db924cf7c 1297 const unsigned char *salt,
wolfSSL 15:117db924cf7c 1298 int saltlen, int iter,
wolfSSL 15:117db924cf7c 1299 int keylen, unsigned char *out)
wolfSSL 15:117db924cf7c 1300 {
wolfSSL 15:117db924cf7c 1301 const char *nostring = "";
wolfSSL 15:117db924cf7c 1302 int ret = 0;
wolfSSL 15:117db924cf7c 1303
wolfSSL 15:117db924cf7c 1304 if (pass == NULL) {
wolfSSL 15:117db924cf7c 1305 passlen = 0;
wolfSSL 15:117db924cf7c 1306 pass = nostring;
wolfSSL 15:117db924cf7c 1307 } else if (passlen == -1) {
wolfSSL 15:117db924cf7c 1308 passlen = (int)XSTRLEN(pass);
wolfSSL 15:117db924cf7c 1309 }
wolfSSL 15:117db924cf7c 1310
wolfSSL 15:117db924cf7c 1311 ret = wc_PBKDF2((byte*)out, (byte*)pass, passlen, (byte*)salt, saltlen,
wolfSSL 15:117db924cf7c 1312 iter, keylen, WC_SHA);
wolfSSL 15:117db924cf7c 1313 if (ret == 0)
wolfSSL 15:117db924cf7c 1314 return WOLFSSL_SUCCESS;
wolfSSL 15:117db924cf7c 1315 else
wolfSSL 15:117db924cf7c 1316 return WOLFSSL_FAILURE;
wolfSSL 15:117db924cf7c 1317 }
wolfSSL 15:117db924cf7c 1318 #endif /* OPENSSL_EXTRA && !NO_PWDBASED !NO_SHA*/
wolfSSL 15:117db924cf7c 1319