Xuyi Wang / wolfcrypt

Important changes to repositories hosted on mbed.com

Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.

To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.

It is also possible to export all your personal repositories from the account settings page.

Dependents:   OS

src/evp.c@1:e4ea39eba2fb, 2019-11-25 (annotated)

Committer:
sPymbed
Date:
Mon Nov 25 14:23:49 2019 +0000
Revision:
1:e4ea39eba2fb
Parent:
0:1387ff3eed4a 
improved

Who changed what in which revision?

UserRevisionLine numberNew contents of line
sPymbed 0:1387ff3eed4a 1 /* evp.c
sPymbed 0:1387ff3eed4a 2 *
sPymbed 0:1387ff3eed4a 3 * Copyright (C) 2006-2017 wolfSSL Inc.
sPymbed 0:1387ff3eed4a 4 *
sPymbed 0:1387ff3eed4a 5 * This file is part of wolfSSL.
sPymbed 0:1387ff3eed4a 6 *
sPymbed 0:1387ff3eed4a 7 * wolfSSL is free software; you can redistribute it and/or modify
sPymbed 0:1387ff3eed4a 8 * it under the terms of the GNU General Public License as published by
sPymbed 0:1387ff3eed4a 9 * the Free Software Foundation; either version 2 of the License, or
sPymbed 0:1387ff3eed4a 10 * (at your option) any later version.
sPymbed 0:1387ff3eed4a 11 *
sPymbed 0:1387ff3eed4a 12 * wolfSSL is distributed in the hope that it will be useful,
sPymbed 0:1387ff3eed4a 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
sPymbed 0:1387ff3eed4a 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
sPymbed 0:1387ff3eed4a 15 * GNU General Public License for more details.
sPymbed 0:1387ff3eed4a 16 *
sPymbed 0:1387ff3eed4a 17 * You should have received a copy of the GNU General Public License
sPymbed 0:1387ff3eed4a 18 * along with this program; if not, write to the Free Software
sPymbed 0:1387ff3eed4a 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
sPymbed 0:1387ff3eed4a 20 */
sPymbed 0:1387ff3eed4a 21
sPymbed 0:1387ff3eed4a 22 #if !defined(WOLFSSL_EVP_INCLUDED)
sPymbed 0:1387ff3eed4a 23 #ifndef WOLFSSL_IGNORE_FILE_WARN
sPymbed 0:1387ff3eed4a 24 #warning evp.c does not need to be compiled seperatly from ssl.c
sPymbed 0:1387ff3eed4a 25 #endif
sPymbed 0:1387ff3eed4a 26 #else
sPymbed 0:1387ff3eed4a 27
sPymbed 0:1387ff3eed4a 28 static unsigned int cipherType(const WOLFSSL_EVP_CIPHER *cipher);
sPymbed 0:1387ff3eed4a 29
sPymbed 0:1387ff3eed4a 30
sPymbed 0:1387ff3eed4a 31 /* Getter function for cipher key length
sPymbed 0:1387ff3eed4a 32 *
sPymbed 0:1387ff3eed4a 33 * c WOLFSSL_EVP_CIPHER structure to get key length from
sPymbed 0:1387ff3eed4a 34 *
sPymbed 0:1387ff3eed4a 35 * NOTE: OpenSSL_add_all_ciphers() should be called first before using this
sPymbed 0:1387ff3eed4a 36 * function
sPymbed 0:1387ff3eed4a 37 *
sPymbed 0:1387ff3eed4a 38 * Returns size of key in bytes
sPymbed 0:1387ff3eed4a 39 */
sPymbed 0:1387ff3eed4a 40 int wolfSSL_EVP_Cipher_key_length(const WOLFSSL_EVP_CIPHER* c)
sPymbed 0:1387ff3eed4a 41 {
sPymbed 0:1387ff3eed4a 42 WOLFSSL_ENTER("wolfSSL_EVP_Cipher_key_length");
sPymbed 0:1387ff3eed4a 43
sPymbed 0:1387ff3eed4a 44 if (c == NULL) {
sPymbed 0:1387ff3eed4a 45 return 0;
sPymbed 0:1387ff3eed4a 46 }
sPymbed 0:1387ff3eed4a 47
sPymbed 0:1387ff3eed4a 48 switch (cipherType(c)) {
sPymbed 0:1387ff3eed4a 49 #if !defined(NO_AES) && defined(HAVE_AES_CBC)
sPymbed 0:1387ff3eed4a 50 case AES_128_CBC_TYPE: return 16;
sPymbed 0:1387ff3eed4a 51 case AES_192_CBC_TYPE: return 24;
sPymbed 0:1387ff3eed4a 52 case AES_256_CBC_TYPE: return 32;
sPymbed 0:1387ff3eed4a 53 #endif
sPymbed 0:1387ff3eed4a 54 #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER)
sPymbed 0:1387ff3eed4a 55 case AES_128_CTR_TYPE: return 16;
sPymbed 0:1387ff3eed4a 56 case AES_192_CTR_TYPE: return 24;
sPymbed 0:1387ff3eed4a 57 case AES_256_CTR_TYPE: return 32;
sPymbed 0:1387ff3eed4a 58 #endif
sPymbed 0:1387ff3eed4a 59 #if !defined(NO_AES) && defined(HAVE_AES_ECB)
sPymbed 0:1387ff3eed4a 60 case AES_128_ECB_TYPE: return 16;
sPymbed 0:1387ff3eed4a 61 case AES_192_ECB_TYPE: return 24;
sPymbed 0:1387ff3eed4a 62 case AES_256_ECB_TYPE: return 32;
sPymbed 0:1387ff3eed4a 63 #endif
sPymbed 0:1387ff3eed4a 64 #ifndef NO_DES3
sPymbed 0:1387ff3eed4a 65 case DES_CBC_TYPE: return 8;
sPymbed 0:1387ff3eed4a 66 case DES_EDE3_CBC_TYPE: return 24;
sPymbed 0:1387ff3eed4a 67 case DES_ECB_TYPE: return 8;
sPymbed 0:1387ff3eed4a 68 case DES_EDE3_ECB_TYPE: return 24;
sPymbed 0:1387ff3eed4a 69 #endif
sPymbed 0:1387ff3eed4a 70 default:
sPymbed 0:1387ff3eed4a 71 return 0;
sPymbed 0:1387ff3eed4a 72 }
sPymbed 0:1387ff3eed4a 73 }
sPymbed 0:1387ff3eed4a 74
sPymbed 0:1387ff3eed4a 75
sPymbed 0:1387ff3eed4a 76 WOLFSSL_API int wolfSSL_EVP_EncryptInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
sPymbed 0:1387ff3eed4a 77 const WOLFSSL_EVP_CIPHER* type,
sPymbed 0:1387ff3eed4a 78 const unsigned char* key,
sPymbed 0:1387ff3eed4a 79 const unsigned char* iv)
sPymbed 0:1387ff3eed4a 80 {
sPymbed 0:1387ff3eed4a 81 return wolfSSL_EVP_CipherInit(ctx, type, (byte*)key, (byte*)iv, 1);
sPymbed 0:1387ff3eed4a 82 }
sPymbed 0:1387ff3eed4a 83
sPymbed 0:1387ff3eed4a 84 WOLFSSL_API int wolfSSL_EVP_EncryptInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
sPymbed 0:1387ff3eed4a 85 const WOLFSSL_EVP_CIPHER* type,
sPymbed 0:1387ff3eed4a 86 WOLFSSL_ENGINE *impl,
sPymbed 0:1387ff3eed4a 87 const unsigned char* key,
sPymbed 0:1387ff3eed4a 88 const unsigned char* iv)
sPymbed 0:1387ff3eed4a 89 {
sPymbed 0:1387ff3eed4a 90 (void) impl;
sPymbed 0:1387ff3eed4a 91 return wolfSSL_EVP_CipherInit(ctx, type, (byte*)key, (byte*)iv, 1);
sPymbed 0:1387ff3eed4a 92 }
sPymbed 0:1387ff3eed4a 93
sPymbed 0:1387ff3eed4a 94 WOLFSSL_API int wolfSSL_EVP_DecryptInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
sPymbed 0:1387ff3eed4a 95 const WOLFSSL_EVP_CIPHER* type,
sPymbed 0:1387ff3eed4a 96 const unsigned char* key,
sPymbed 0:1387ff3eed4a 97 const unsigned char* iv)
sPymbed 0:1387ff3eed4a 98 {
sPymbed 0:1387ff3eed4a 99 WOLFSSL_ENTER("wolfSSL_EVP_CipherInit");
sPymbed 0:1387ff3eed4a 100 return wolfSSL_EVP_CipherInit(ctx, type, (byte*)key, (byte*)iv, 0);
sPymbed 0:1387ff3eed4a 101 }
sPymbed 0:1387ff3eed4a 102
sPymbed 0:1387ff3eed4a 103 WOLFSSL_API int wolfSSL_EVP_DecryptInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
sPymbed 0:1387ff3eed4a 104 const WOLFSSL_EVP_CIPHER* type,
sPymbed 0:1387ff3eed4a 105 WOLFSSL_ENGINE *impl,
sPymbed 0:1387ff3eed4a 106 const unsigned char* key,
sPymbed 0:1387ff3eed4a 107 const unsigned char* iv)
sPymbed 0:1387ff3eed4a 108 {
sPymbed 0:1387ff3eed4a 109 (void) impl;
sPymbed 0:1387ff3eed4a 110 WOLFSSL_ENTER("wolfSSL_EVP_DecryptInit");
sPymbed 0:1387ff3eed4a 111 return wolfSSL_EVP_CipherInit(ctx, type, (byte*)key, (byte*)iv, 0);
sPymbed 0:1387ff3eed4a 112 }
sPymbed 0:1387ff3eed4a 113
sPymbed 0:1387ff3eed4a 114
sPymbed 0:1387ff3eed4a 115 WOLFSSL_API WOLFSSL_EVP_CIPHER_CTX *wolfSSL_EVP_CIPHER_CTX_new(void)
sPymbed 0:1387ff3eed4a 116 {
sPymbed 0:1387ff3eed4a 117 WOLFSSL_EVP_CIPHER_CTX *ctx = (WOLFSSL_EVP_CIPHER_CTX*)XMALLOC(sizeof *ctx,
sPymbed 0:1387ff3eed4a 118 NULL, DYNAMIC_TYPE_TMP_BUFFER);
sPymbed 0:1387ff3eed4a 119 if (ctx) {
sPymbed 0:1387ff3eed4a 120 WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_new");
sPymbed 0:1387ff3eed4a 121 wolfSSL_EVP_CIPHER_CTX_init(ctx);
sPymbed 0:1387ff3eed4a 122 }
sPymbed 0:1387ff3eed4a 123 return ctx;
sPymbed 0:1387ff3eed4a 124 }
sPymbed 0:1387ff3eed4a 125
sPymbed 0:1387ff3eed4a 126 WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_free(WOLFSSL_EVP_CIPHER_CTX *ctx)
sPymbed 0:1387ff3eed4a 127 {
sPymbed 0:1387ff3eed4a 128 if (ctx) {
sPymbed 0:1387ff3eed4a 129 WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_free");
sPymbed 0:1387ff3eed4a 130 wolfSSL_EVP_CIPHER_CTX_cleanup(ctx);
sPymbed 0:1387ff3eed4a 131 XFREE(ctx, NULL, DYNAMIC_TYPE_TMP_BUFFER);
sPymbed 0:1387ff3eed4a 132 }
sPymbed 0:1387ff3eed4a 133 }
sPymbed 0:1387ff3eed4a 134
sPymbed 0:1387ff3eed4a 135 WOLFSSL_API unsigned long wolfSSL_EVP_CIPHER_CTX_mode(const WOLFSSL_EVP_CIPHER_CTX *ctx)
sPymbed 0:1387ff3eed4a 136 {
sPymbed 0:1387ff3eed4a 137 if (ctx == NULL) return 0;
sPymbed 0:1387ff3eed4a 138 return ctx->flags & WOLFSSL_EVP_CIPH_MODE;
sPymbed 0:1387ff3eed4a 139 }
sPymbed 0:1387ff3eed4a 140
sPymbed 0:1387ff3eed4a 141 WOLFSSL_API int wolfSSL_EVP_EncryptFinal(WOLFSSL_EVP_CIPHER_CTX *ctx,
sPymbed 0:1387ff3eed4a 142 unsigned char *out, int *outl)
sPymbed 0:1387ff3eed4a 143 {
sPymbed 0:1387ff3eed4a 144 if (ctx && ctx->enc) {
sPymbed 0:1387ff3eed4a 145 WOLFSSL_ENTER("wolfSSL_EVP_EncryptFinal");
sPymbed 0:1387ff3eed4a 146 return wolfSSL_EVP_CipherFinal(ctx, out, outl);
sPymbed 0:1387ff3eed4a 147 }
sPymbed 0:1387ff3eed4a 148 else
sPymbed 0:1387ff3eed4a 149 return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 150 }
sPymbed 0:1387ff3eed4a 151
sPymbed 0:1387ff3eed4a 152
sPymbed 0:1387ff3eed4a 153 WOLFSSL_API int wolfSSL_EVP_CipherInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
sPymbed 0:1387ff3eed4a 154 const WOLFSSL_EVP_CIPHER* type,
sPymbed 0:1387ff3eed4a 155 WOLFSSL_ENGINE *impl,
sPymbed 0:1387ff3eed4a 156 const unsigned char* key,
sPymbed 0:1387ff3eed4a 157 const unsigned char* iv,
sPymbed 0:1387ff3eed4a 158 int enc)
sPymbed 0:1387ff3eed4a 159 {
sPymbed 0:1387ff3eed4a 160 (void)impl;
sPymbed 0:1387ff3eed4a 161 return wolfSSL_EVP_CipherInit(ctx, type, key, iv, enc);
sPymbed 0:1387ff3eed4a 162 }
sPymbed 0:1387ff3eed4a 163
sPymbed 0:1387ff3eed4a 164 WOLFSSL_API int wolfSSL_EVP_EncryptFinal_ex(WOLFSSL_EVP_CIPHER_CTX *ctx,
sPymbed 0:1387ff3eed4a 165 unsigned char *out, int *outl)
sPymbed 0:1387ff3eed4a 166 {
sPymbed 0:1387ff3eed4a 167 if (ctx && ctx->enc) {
sPymbed 0:1387ff3eed4a 168 WOLFSSL_ENTER("wolfSSL_EVP_EncryptFinal_ex");
sPymbed 0:1387ff3eed4a 169 return wolfSSL_EVP_CipherFinal(ctx, out, outl);
sPymbed 0:1387ff3eed4a 170 }
sPymbed 0:1387ff3eed4a 171 else
sPymbed 0:1387ff3eed4a 172 return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 173 }
sPymbed 0:1387ff3eed4a 174
sPymbed 0:1387ff3eed4a 175 WOLFSSL_API int wolfSSL_EVP_DecryptFinal(WOLFSSL_EVP_CIPHER_CTX *ctx,
sPymbed 0:1387ff3eed4a 176 unsigned char *out, int *outl)
sPymbed 0:1387ff3eed4a 177 {
sPymbed 0:1387ff3eed4a 178 if (ctx && ctx->enc)
sPymbed 0:1387ff3eed4a 179 return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 180 else {
sPymbed 0:1387ff3eed4a 181 WOLFSSL_ENTER("wolfSSL_EVP_DecryptFinal");
sPymbed 0:1387ff3eed4a 182 return wolfSSL_EVP_CipherFinal(ctx, out, outl);
sPymbed 0:1387ff3eed4a 183 }
sPymbed 0:1387ff3eed4a 184 }
sPymbed 0:1387ff3eed4a 185
sPymbed 0:1387ff3eed4a 186 WOLFSSL_API int wolfSSL_EVP_DecryptFinal_ex(WOLFSSL_EVP_CIPHER_CTX *ctx,
sPymbed 0:1387ff3eed4a 187 unsigned char *out, int *outl)
sPymbed 0:1387ff3eed4a 188 {
sPymbed 0:1387ff3eed4a 189 if (ctx && ctx->enc)
sPymbed 0:1387ff3eed4a 190 return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 191 else {
sPymbed 0:1387ff3eed4a 192 WOLFSSL_ENTER("wolfSSL_EVP_CipherFinal_ex");
sPymbed 0:1387ff3eed4a 193 return wolfSSL_EVP_CipherFinal(ctx, out, outl);
sPymbed 0:1387ff3eed4a 194 }
sPymbed 0:1387ff3eed4a 195 }
sPymbed 0:1387ff3eed4a 196
sPymbed 0:1387ff3eed4a 197
sPymbed 0:1387ff3eed4a 198 WOLFSSL_API int wolfSSL_EVP_DigestInit_ex(WOLFSSL_EVP_MD_CTX* ctx,
sPymbed 0:1387ff3eed4a 199 const WOLFSSL_EVP_MD* type,
sPymbed 0:1387ff3eed4a 200 WOLFSSL_ENGINE *impl)
sPymbed 0:1387ff3eed4a 201 {
sPymbed 0:1387ff3eed4a 202 (void) impl;
sPymbed 0:1387ff3eed4a 203 WOLFSSL_ENTER("wolfSSL_EVP_DigestInit_ex");
sPymbed 0:1387ff3eed4a 204 return wolfSSL_EVP_DigestInit(ctx, type);
sPymbed 0:1387ff3eed4a 205 }
sPymbed 0:1387ff3eed4a 206
sPymbed 0:1387ff3eed4a 207 #ifdef DEBUG_WOLFSSL_EVP
sPymbed 0:1387ff3eed4a 208 #define PRINT_BUF(b, sz) { int _i; for(_i=0; _i<(sz); _i++) { \
sPymbed 0:1387ff3eed4a 209 printf("%02x(%c),", (b)[_i], (b)[_i]); if ((_i+1)%8==0)printf("\n");}}
sPymbed 0:1387ff3eed4a 210 #else
sPymbed 0:1387ff3eed4a 211 #define PRINT_BUF(b, sz)
sPymbed 0:1387ff3eed4a 212 #endif
sPymbed 0:1387ff3eed4a 213
sPymbed 0:1387ff3eed4a 214 static int fillBuff(WOLFSSL_EVP_CIPHER_CTX *ctx, const unsigned char *in, int sz)
sPymbed 0:1387ff3eed4a 215 {
sPymbed 0:1387ff3eed4a 216 int fill;
sPymbed 0:1387ff3eed4a 217
sPymbed 0:1387ff3eed4a 218 if (sz > 0) {
sPymbed 0:1387ff3eed4a 219 if ((sz+ctx->bufUsed) > ctx->block_size) {
sPymbed 0:1387ff3eed4a 220 fill = ctx->block_size - ctx->bufUsed;
sPymbed 0:1387ff3eed4a 221 } else {
sPymbed 0:1387ff3eed4a 222 fill = sz;
sPymbed 0:1387ff3eed4a 223 }
sPymbed 0:1387ff3eed4a 224 XMEMCPY(&(ctx->buf[ctx->bufUsed]), in, fill);
sPymbed 0:1387ff3eed4a 225 ctx->bufUsed += fill;
sPymbed 0:1387ff3eed4a 226 return fill;
sPymbed 0:1387ff3eed4a 227 } else return 0;
sPymbed 0:1387ff3eed4a 228 }
sPymbed 0:1387ff3eed4a 229
sPymbed 0:1387ff3eed4a 230 static int evpCipherBlock(WOLFSSL_EVP_CIPHER_CTX *ctx,
sPymbed 0:1387ff3eed4a 231 unsigned char *out,
sPymbed 0:1387ff3eed4a 232 const unsigned char *in, int inl)
sPymbed 0:1387ff3eed4a 233 {
sPymbed 0:1387ff3eed4a 234 int ret = 0;
sPymbed 0:1387ff3eed4a 235
sPymbed 0:1387ff3eed4a 236 switch (ctx->cipherType) {
sPymbed 0:1387ff3eed4a 237 #if !defined(NO_AES) && defined(HAVE_AES_CBC)
sPymbed 0:1387ff3eed4a 238 case AES_128_CBC_TYPE:
sPymbed 0:1387ff3eed4a 239 case AES_192_CBC_TYPE:
sPymbed 0:1387ff3eed4a 240 case AES_256_CBC_TYPE:
sPymbed 0:1387ff3eed4a 241 if (ctx->enc)
sPymbed 0:1387ff3eed4a 242 ret = wc_AesCbcEncrypt(&ctx->cipher.aes, out, in, inl);
sPymbed 0:1387ff3eed4a 243 else
sPymbed 0:1387ff3eed4a 244 ret = wc_AesCbcDecrypt(&ctx->cipher.aes, out, in, inl);
sPymbed 0:1387ff3eed4a 245 break;
sPymbed 0:1387ff3eed4a 246 #endif
sPymbed 0:1387ff3eed4a 247 #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER)
sPymbed 0:1387ff3eed4a 248 case AES_128_CTR_TYPE:
sPymbed 0:1387ff3eed4a 249 case AES_192_CTR_TYPE:
sPymbed 0:1387ff3eed4a 250 case AES_256_CTR_TYPE:
sPymbed 0:1387ff3eed4a 251 ret = wc_AesCtrEncrypt(&ctx->cipher.aes, out, in, inl);
sPymbed 0:1387ff3eed4a 252 break;
sPymbed 0:1387ff3eed4a 253 #endif
sPymbed 0:1387ff3eed4a 254 #if !defined(NO_AES) && defined(HAVE_AES_ECB)
sPymbed 0:1387ff3eed4a 255 case AES_128_ECB_TYPE:
sPymbed 0:1387ff3eed4a 256 case AES_192_ECB_TYPE:
sPymbed 0:1387ff3eed4a 257 case AES_256_ECB_TYPE:
sPymbed 0:1387ff3eed4a 258 if (ctx->enc)
sPymbed 0:1387ff3eed4a 259 ret = wc_AesEcbEncrypt(&ctx->cipher.aes, out, in, inl);
sPymbed 0:1387ff3eed4a 260 else
sPymbed 0:1387ff3eed4a 261 ret = wc_AesEcbDecrypt(&ctx->cipher.aes, out, in, inl);
sPymbed 0:1387ff3eed4a 262 break;
sPymbed 0:1387ff3eed4a 263 #endif
sPymbed 0:1387ff3eed4a 264 #ifndef NO_DES3
sPymbed 0:1387ff3eed4a 265 case DES_CBC_TYPE:
sPymbed 0:1387ff3eed4a 266 if (ctx->enc)
sPymbed 0:1387ff3eed4a 267 ret = wc_Des_CbcEncrypt(&ctx->cipher.des, out, in, inl);
sPymbed 0:1387ff3eed4a 268 else
sPymbed 0:1387ff3eed4a 269 ret = wc_Des_CbcDecrypt(&ctx->cipher.des, out, in, inl);
sPymbed 0:1387ff3eed4a 270 break;
sPymbed 0:1387ff3eed4a 271 case DES_EDE3_CBC_TYPE:
sPymbed 0:1387ff3eed4a 272 if (ctx->enc)
sPymbed 0:1387ff3eed4a 273 ret = wc_Des3_CbcEncrypt(&ctx->cipher.des3, out, in, inl);
sPymbed 0:1387ff3eed4a 274 else
sPymbed 0:1387ff3eed4a 275 ret = wc_Des3_CbcDecrypt(&ctx->cipher.des3, out, in, inl);
sPymbed 0:1387ff3eed4a 276 break;
sPymbed 0:1387ff3eed4a 277 #if defined(WOLFSSL_DES_ECB)
sPymbed 0:1387ff3eed4a 278 case DES_ECB_TYPE:
sPymbed 0:1387ff3eed4a 279 ret = wc_Des_EcbEncrypt(&ctx->cipher.des, out, in, inl);
sPymbed 0:1387ff3eed4a 280 break;
sPymbed 0:1387ff3eed4a 281 case DES_EDE3_ECB_TYPE:
sPymbed 0:1387ff3eed4a 282 ret = wc_Des3_EcbEncrypt(&ctx->cipher.des3, out, in, inl);
sPymbed 0:1387ff3eed4a 283 break;
sPymbed 0:1387ff3eed4a 284 #endif
sPymbed 0:1387ff3eed4a 285 #endif
sPymbed 0:1387ff3eed4a 286 #ifndef NO_RC4
sPymbed 0:1387ff3eed4a 287 case ARC4_TYPE:
sPymbed 0:1387ff3eed4a 288 wc_Arc4Process(&ctx->cipher.arc4, out, in, inl);
sPymbed 0:1387ff3eed4a 289 break;
sPymbed 0:1387ff3eed4a 290 #endif
sPymbed 0:1387ff3eed4a 291 default:
sPymbed 0:1387ff3eed4a 292 return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 293 }
sPymbed 0:1387ff3eed4a 294
sPymbed 0:1387ff3eed4a 295 if (ret != 0)
sPymbed 0:1387ff3eed4a 296 return WOLFSSL_FAILURE; /* failure */
sPymbed 0:1387ff3eed4a 297
sPymbed 0:1387ff3eed4a 298 (void)in;
sPymbed 0:1387ff3eed4a 299 (void)inl;
sPymbed 0:1387ff3eed4a 300 (void)out;
sPymbed 0:1387ff3eed4a 301
sPymbed 0:1387ff3eed4a 302 return WOLFSSL_SUCCESS; /* success */
sPymbed 0:1387ff3eed4a 303 }
sPymbed 0:1387ff3eed4a 304
sPymbed 0:1387ff3eed4a 305 WOLFSSL_API int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx,
sPymbed 0:1387ff3eed4a 306 unsigned char *out, int *outl,
sPymbed 0:1387ff3eed4a 307 const unsigned char *in, int inl)
sPymbed 0:1387ff3eed4a 308 {
sPymbed 0:1387ff3eed4a 309 int blocks;
sPymbed 0:1387ff3eed4a 310 int fill;
sPymbed 0:1387ff3eed4a 311
sPymbed 0:1387ff3eed4a 312 if ((ctx == NULL) || (inl < 0) ||
sPymbed 0:1387ff3eed4a 313 (outl == NULL)|| (out == NULL) || (in == NULL)) return BAD_FUNC_ARG;
sPymbed 0:1387ff3eed4a 314 WOLFSSL_ENTER("wolfSSL_EVP_CipherUpdate");
sPymbed 0:1387ff3eed4a 315
sPymbed 0:1387ff3eed4a 316 *outl = 0;
sPymbed 0:1387ff3eed4a 317 if (inl == 0) return WOLFSSL_SUCCESS;
sPymbed 0:1387ff3eed4a 318
sPymbed 0:1387ff3eed4a 319 if (ctx->bufUsed > 0) { /* concatinate them if there is anything */
sPymbed 0:1387ff3eed4a 320 fill = fillBuff(ctx, in, inl);
sPymbed 0:1387ff3eed4a 321 inl -= fill;
sPymbed 0:1387ff3eed4a 322 in += fill;
sPymbed 0:1387ff3eed4a 323 }
sPymbed 0:1387ff3eed4a 324 if ((ctx->enc == 0)&& (ctx->lastUsed == 1)) {
sPymbed 0:1387ff3eed4a 325 PRINT_BUF(ctx->lastBlock, ctx->block_size);
sPymbed 0:1387ff3eed4a 326 XMEMCPY(out, ctx->lastBlock, ctx->block_size);
sPymbed 0:1387ff3eed4a 327 *outl+= ctx->block_size;
sPymbed 0:1387ff3eed4a 328 out += ctx->block_size;
sPymbed 0:1387ff3eed4a 329 }
sPymbed 0:1387ff3eed4a 330 if (ctx->bufUsed == ctx->block_size) {
sPymbed 0:1387ff3eed4a 331 /* the buff is full, flash out */
sPymbed 0:1387ff3eed4a 332 PRINT_BUF(ctx->buf, ctx->block_size);
sPymbed 0:1387ff3eed4a 333 if (evpCipherBlock(ctx, out, ctx->buf, ctx->block_size) == 0)
sPymbed 0:1387ff3eed4a 334 return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 335 PRINT_BUF(out, ctx->block_size);
sPymbed 0:1387ff3eed4a 336 if (ctx->enc == 0) {
sPymbed 0:1387ff3eed4a 337 ctx->lastUsed = 1;
sPymbed 0:1387ff3eed4a 338 XMEMCPY(ctx->lastBlock, out, ctx->block_size);
sPymbed 0:1387ff3eed4a 339 } else {
sPymbed 0:1387ff3eed4a 340 *outl+= ctx->block_size;
sPymbed 0:1387ff3eed4a 341 out += ctx->block_size;
sPymbed 0:1387ff3eed4a 342 }
sPymbed 0:1387ff3eed4a 343 ctx->bufUsed = 0;
sPymbed 0:1387ff3eed4a 344 }
sPymbed 0:1387ff3eed4a 345
sPymbed 0:1387ff3eed4a 346 blocks = inl / ctx->block_size;
sPymbed 0:1387ff3eed4a 347 if (blocks > 0) {
sPymbed 0:1387ff3eed4a 348 /* process blocks */
sPymbed 0:1387ff3eed4a 349 if (evpCipherBlock(ctx, out, in, blocks * ctx->block_size) == 0)
sPymbed 0:1387ff3eed4a 350 return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 351 PRINT_BUF(in, ctx->block_size*blocks);
sPymbed 0:1387ff3eed4a 352 PRINT_BUF(out,ctx->block_size*blocks);
sPymbed 0:1387ff3eed4a 353 inl -= ctx->block_size * blocks;
sPymbed 0:1387ff3eed4a 354 in += ctx->block_size * blocks;
sPymbed 0:1387ff3eed4a 355 if (ctx->enc == 0) {
sPymbed 0:1387ff3eed4a 356 if ((ctx->flags & WOLFSSL_EVP_CIPH_NO_PADDING) ||
sPymbed 0:1387ff3eed4a 357 (ctx->block_size == 1)) {
sPymbed 0:1387ff3eed4a 358 ctx->lastUsed = 0;
sPymbed 0:1387ff3eed4a 359 XMEMCPY(ctx->lastBlock, &out[ctx->block_size * blocks], ctx->block_size);
sPymbed 0:1387ff3eed4a 360 *outl+= ctx->block_size * blocks;
sPymbed 0:1387ff3eed4a 361 } else {
sPymbed 0:1387ff3eed4a 362 ctx->lastUsed = 1;
sPymbed 0:1387ff3eed4a 363 XMEMCPY(ctx->lastBlock, &out[ctx->block_size * (blocks-1)], ctx->block_size);
sPymbed 0:1387ff3eed4a 364 *outl+= ctx->block_size * (blocks-1);
sPymbed 0:1387ff3eed4a 365 }
sPymbed 0:1387ff3eed4a 366 } else {
sPymbed 0:1387ff3eed4a 367 *outl+= ctx->block_size * blocks;
sPymbed 0:1387ff3eed4a 368 }
sPymbed 0:1387ff3eed4a 369 }
sPymbed 0:1387ff3eed4a 370 if (inl > 0) {
sPymbed 0:1387ff3eed4a 371 /* put fraction into buff */
sPymbed 0:1387ff3eed4a 372 fillBuff(ctx, in, inl);
sPymbed 0:1387ff3eed4a 373 /* no increase of outl */
sPymbed 0:1387ff3eed4a 374 }
sPymbed 0:1387ff3eed4a 375
sPymbed 0:1387ff3eed4a 376 (void)out; /* silence warning in case not read */
sPymbed 0:1387ff3eed4a 377
sPymbed 0:1387ff3eed4a 378 return WOLFSSL_SUCCESS;
sPymbed 0:1387ff3eed4a 379 }
sPymbed 0:1387ff3eed4a 380
sPymbed 0:1387ff3eed4a 381 static void padBlock(WOLFSSL_EVP_CIPHER_CTX *ctx)
sPymbed 0:1387ff3eed4a 382 {
sPymbed 0:1387ff3eed4a 383 int i;
sPymbed 0:1387ff3eed4a 384 for (i = ctx->bufUsed; i < ctx->block_size; i++)
sPymbed 0:1387ff3eed4a 385 ctx->buf[i] = (byte)(ctx->block_size - ctx->bufUsed);
sPymbed 0:1387ff3eed4a 386 }
sPymbed 0:1387ff3eed4a 387
sPymbed 0:1387ff3eed4a 388 static int checkPad(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *buff)
sPymbed 0:1387ff3eed4a 389 {
sPymbed 0:1387ff3eed4a 390 int i;
sPymbed 0:1387ff3eed4a 391 int n;
sPymbed 0:1387ff3eed4a 392 n = buff[ctx->block_size-1];
sPymbed 0:1387ff3eed4a 393 if (n > ctx->block_size) return -1;
sPymbed 0:1387ff3eed4a 394 for (i = 0; i < n; i++) {
sPymbed 0:1387ff3eed4a 395 if (buff[ctx->block_size-i-1] != n)
sPymbed 0:1387ff3eed4a 396 return -1;
sPymbed 0:1387ff3eed4a 397 }
sPymbed 0:1387ff3eed4a 398 return ctx->block_size - n;
sPymbed 0:1387ff3eed4a 399 }
sPymbed 0:1387ff3eed4a 400
sPymbed 0:1387ff3eed4a 401 WOLFSSL_API int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx,
sPymbed 0:1387ff3eed4a 402 unsigned char *out, int *outl)
sPymbed 0:1387ff3eed4a 403 {
sPymbed 0:1387ff3eed4a 404 int fl;
sPymbed 0:1387ff3eed4a 405 if (ctx == NULL || out == NULL) return BAD_FUNC_ARG;
sPymbed 0:1387ff3eed4a 406 WOLFSSL_ENTER("wolfSSL_EVP_CipherFinal");
sPymbed 0:1387ff3eed4a 407 if (ctx->flags & WOLFSSL_EVP_CIPH_NO_PADDING) {
sPymbed 0:1387ff3eed4a 408 if (ctx->bufUsed != 0) return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 409 *outl = 0;
sPymbed 0:1387ff3eed4a 410 return WOLFSSL_SUCCESS;
sPymbed 0:1387ff3eed4a 411 }
sPymbed 0:1387ff3eed4a 412 if (ctx->enc) {
sPymbed 0:1387ff3eed4a 413 if (ctx->block_size == 1) {
sPymbed 0:1387ff3eed4a 414 *outl = 0;
sPymbed 0:1387ff3eed4a 415 return WOLFSSL_SUCCESS;
sPymbed 0:1387ff3eed4a 416 }
sPymbed 0:1387ff3eed4a 417 if ((ctx->bufUsed >= 0) && (ctx->block_size != 1)) {
sPymbed 0:1387ff3eed4a 418 padBlock(ctx);
sPymbed 0:1387ff3eed4a 419 PRINT_BUF(ctx->buf, ctx->block_size);
sPymbed 0:1387ff3eed4a 420 if (evpCipherBlock(ctx, out, ctx->buf, ctx->block_size) == 0)
sPymbed 0:1387ff3eed4a 421 return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 422
sPymbed 0:1387ff3eed4a 423 PRINT_BUF(out, ctx->block_size);
sPymbed 0:1387ff3eed4a 424 *outl = ctx->block_size;
sPymbed 0:1387ff3eed4a 425 }
sPymbed 0:1387ff3eed4a 426 } else {
sPymbed 0:1387ff3eed4a 427 if (ctx->block_size == 1) {
sPymbed 0:1387ff3eed4a 428 *outl = 0;
sPymbed 0:1387ff3eed4a 429 return WOLFSSL_SUCCESS;
sPymbed 0:1387ff3eed4a 430 }
sPymbed 0:1387ff3eed4a 431 if (ctx->lastUsed) {
sPymbed 0:1387ff3eed4a 432 PRINT_BUF(ctx->lastBlock, ctx->block_size);
sPymbed 0:1387ff3eed4a 433 if ((fl = checkPad(ctx, ctx->lastBlock)) >= 0) {
sPymbed 0:1387ff3eed4a 434 XMEMCPY(out, ctx->lastBlock, fl);
sPymbed 0:1387ff3eed4a 435 *outl = fl;
sPymbed 0:1387ff3eed4a 436 } else return 0;
sPymbed 0:1387ff3eed4a 437 }
sPymbed 0:1387ff3eed4a 438 }
sPymbed 0:1387ff3eed4a 439 return WOLFSSL_SUCCESS;
sPymbed 0:1387ff3eed4a 440 }
sPymbed 0:1387ff3eed4a 441
sPymbed 0:1387ff3eed4a 442 WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_block_size(const WOLFSSL_EVP_CIPHER_CTX *ctx)
sPymbed 0:1387ff3eed4a 443 {
sPymbed 0:1387ff3eed4a 444 if (ctx == NULL) return BAD_FUNC_ARG;
sPymbed 0:1387ff3eed4a 445 switch (ctx->cipherType) {
sPymbed 0:1387ff3eed4a 446 #if !defined(NO_AES) || !defined(NO_DES3)
sPymbed 0:1387ff3eed4a 447 #if !defined(NO_AES) && defined(HAVE_AES_CBC)
sPymbed 0:1387ff3eed4a 448 case AES_128_CBC_TYPE:
sPymbed 0:1387ff3eed4a 449 case AES_192_CBC_TYPE:
sPymbed 0:1387ff3eed4a 450 case AES_256_CBC_TYPE:
sPymbed 0:1387ff3eed4a 451 #endif
sPymbed 0:1387ff3eed4a 452 #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER)
sPymbed 0:1387ff3eed4a 453 case AES_128_CTR_TYPE:
sPymbed 0:1387ff3eed4a 454 case AES_192_CTR_TYPE:
sPymbed 0:1387ff3eed4a 455 case AES_256_CTR_TYPE:
sPymbed 0:1387ff3eed4a 456 #endif
sPymbed 0:1387ff3eed4a 457 #if !defined(NO_AES)
sPymbed 0:1387ff3eed4a 458 case AES_128_ECB_TYPE:
sPymbed 0:1387ff3eed4a 459 case AES_192_ECB_TYPE:
sPymbed 0:1387ff3eed4a 460 case AES_256_ECB_TYPE:
sPymbed 0:1387ff3eed4a 461 #endif
sPymbed 0:1387ff3eed4a 462 #ifndef NO_DES3
sPymbed 0:1387ff3eed4a 463 case DES_CBC_TYPE:
sPymbed 0:1387ff3eed4a 464 case DES_ECB_TYPE:
sPymbed 0:1387ff3eed4a 465 case DES_EDE3_CBC_TYPE:
sPymbed 0:1387ff3eed4a 466 case DES_EDE3_ECB_TYPE:
sPymbed 0:1387ff3eed4a 467 #endif
sPymbed 0:1387ff3eed4a 468 return ctx->block_size;
sPymbed 0:1387ff3eed4a 469 #endif /* !NO_AES || !NO_DES3 */
sPymbed 0:1387ff3eed4a 470 default:
sPymbed 0:1387ff3eed4a 471 return 0;
sPymbed 0:1387ff3eed4a 472 }
sPymbed 0:1387ff3eed4a 473 }
sPymbed 0:1387ff3eed4a 474
sPymbed 0:1387ff3eed4a 475 static unsigned int cipherType(const WOLFSSL_EVP_CIPHER *cipher)
sPymbed 0:1387ff3eed4a 476 {
sPymbed 0:1387ff3eed4a 477 if (cipher == NULL) return 0; /* dummy for #ifdef */
sPymbed 0:1387ff3eed4a 478 #ifndef NO_DES3
sPymbed 0:1387ff3eed4a 479 else if (XSTRNCMP(cipher, EVP_DES_CBC, EVP_DES_SIZE) == 0)
sPymbed 0:1387ff3eed4a 480 return DES_CBC_TYPE;
sPymbed 0:1387ff3eed4a 481 else if (XSTRNCMP(cipher, EVP_DES_EDE3_CBC, EVP_DES_EDE3_SIZE) == 0)
sPymbed 0:1387ff3eed4a 482 return DES_EDE3_CBC_TYPE;
sPymbed 0:1387ff3eed4a 483 #if !defined(NO_DES3)
sPymbed 0:1387ff3eed4a 484 else if (XSTRNCMP(cipher, EVP_DES_ECB, EVP_DES_SIZE) == 0)
sPymbed 0:1387ff3eed4a 485 return DES_ECB_TYPE;
sPymbed 0:1387ff3eed4a 486 else if (XSTRNCMP(cipher, EVP_DES_EDE3_ECB, EVP_DES_EDE3_SIZE) == 0)
sPymbed 0:1387ff3eed4a 487 return DES_EDE3_ECB_TYPE;
sPymbed 0:1387ff3eed4a 488 #endif /* NO_DES3 && HAVE_AES_ECB */
sPymbed 0:1387ff3eed4a 489 #endif
sPymbed 0:1387ff3eed4a 490
sPymbed 0:1387ff3eed4a 491 #if !defined(NO_AES) && defined(HAVE_AES_CBC)
sPymbed 0:1387ff3eed4a 492 #ifdef WOLFSSL_AES_128
sPymbed 0:1387ff3eed4a 493 else if (XSTRNCMP(cipher, EVP_AES_128_CBC, EVP_AES_SIZE) == 0)
sPymbed 0:1387ff3eed4a 494 return AES_128_CBC_TYPE;
sPymbed 0:1387ff3eed4a 495 #endif
sPymbed 0:1387ff3eed4a 496 #ifdef WOLFSSL_AES_192
sPymbed 0:1387ff3eed4a 497 else if (XSTRNCMP(cipher, EVP_AES_192_CBC, EVP_AES_SIZE) == 0)
sPymbed 0:1387ff3eed4a 498 return AES_192_CBC_TYPE;
sPymbed 0:1387ff3eed4a 499 #endif
sPymbed 0:1387ff3eed4a 500 #ifdef WOLFSSL_AES_256
sPymbed 0:1387ff3eed4a 501 else if (XSTRNCMP(cipher, EVP_AES_256_CBC, EVP_AES_SIZE) == 0)
sPymbed 0:1387ff3eed4a 502 return AES_256_CBC_TYPE;
sPymbed 0:1387ff3eed4a 503 #endif
sPymbed 0:1387ff3eed4a 504 #endif /* !NO_AES && HAVE_AES_CBC */
sPymbed 0:1387ff3eed4a 505 #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER)
sPymbed 0:1387ff3eed4a 506 #ifdef WOLFSSL_AES_128
sPymbed 0:1387ff3eed4a 507 else if (XSTRNCMP(cipher, EVP_AES_128_CTR, EVP_AES_SIZE) == 0)
sPymbed 0:1387ff3eed4a 508 return AES_128_CTR_TYPE;
sPymbed 0:1387ff3eed4a 509 #endif
sPymbed 0:1387ff3eed4a 510 #ifdef WOLFSSL_AES_192
sPymbed 0:1387ff3eed4a 511 else if (XSTRNCMP(cipher, EVP_AES_192_CTR, EVP_AES_SIZE) == 0)
sPymbed 0:1387ff3eed4a 512 return AES_192_CTR_TYPE;
sPymbed 0:1387ff3eed4a 513 #endif
sPymbed 0:1387ff3eed4a 514 #ifdef WOLFSSL_AES_256
sPymbed 0:1387ff3eed4a 515 else if (XSTRNCMP(cipher, EVP_AES_256_CTR, EVP_AES_SIZE) == 0)
sPymbed 0:1387ff3eed4a 516 return AES_256_CTR_TYPE;
sPymbed 0:1387ff3eed4a 517 #endif
sPymbed 0:1387ff3eed4a 518 #endif /* !NO_AES && HAVE_AES_CBC */
sPymbed 0:1387ff3eed4a 519 #if !defined(NO_AES) && defined(HAVE_AES_ECB)
sPymbed 0:1387ff3eed4a 520 #ifdef WOLFSSL_AES_128
sPymbed 0:1387ff3eed4a 521 else if (XSTRNCMP(cipher, EVP_AES_128_ECB, EVP_AES_SIZE) == 0)
sPymbed 0:1387ff3eed4a 522 return AES_128_ECB_TYPE;
sPymbed 0:1387ff3eed4a 523 #endif
sPymbed 0:1387ff3eed4a 524 #ifdef WOLFSSL_AES_192
sPymbed 0:1387ff3eed4a 525 else if (XSTRNCMP(cipher, EVP_AES_192_ECB, EVP_AES_SIZE) == 0)
sPymbed 0:1387ff3eed4a 526 return AES_192_ECB_TYPE;
sPymbed 0:1387ff3eed4a 527 #endif
sPymbed 0:1387ff3eed4a 528 #ifdef WOLFSSL_AES_256
sPymbed 0:1387ff3eed4a 529 else if (XSTRNCMP(cipher, EVP_AES_256_ECB, EVP_AES_SIZE) == 0)
sPymbed 0:1387ff3eed4a 530 return AES_256_ECB_TYPE;
sPymbed 0:1387ff3eed4a 531 #endif
sPymbed 0:1387ff3eed4a 532 #endif /* !NO_AES && HAVE_AES_CBC */
sPymbed 0:1387ff3eed4a 533 else return 0;
sPymbed 0:1387ff3eed4a 534 }
sPymbed 0:1387ff3eed4a 535
sPymbed 0:1387ff3eed4a 536 WOLFSSL_API int wolfSSL_EVP_CIPHER_block_size(const WOLFSSL_EVP_CIPHER *cipher)
sPymbed 0:1387ff3eed4a 537 {
sPymbed 0:1387ff3eed4a 538 if (cipher == NULL) return BAD_FUNC_ARG;
sPymbed 0:1387ff3eed4a 539 switch (cipherType(cipher)) {
sPymbed 0:1387ff3eed4a 540 #if !defined(NO_AES) && defined(HAVE_AES_CBC)
sPymbed 0:1387ff3eed4a 541 case AES_128_CBC_TYPE:
sPymbed 0:1387ff3eed4a 542 case AES_192_CBC_TYPE:
sPymbed 0:1387ff3eed4a 543 case AES_256_CBC_TYPE:
sPymbed 0:1387ff3eed4a 544 return AES_BLOCK_SIZE;
sPymbed 0:1387ff3eed4a 545 #endif
sPymbed 0:1387ff3eed4a 546 #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER)
sPymbed 0:1387ff3eed4a 547 case AES_128_CTR_TYPE:
sPymbed 0:1387ff3eed4a 548 case AES_192_CTR_TYPE:
sPymbed 0:1387ff3eed4a 549 case AES_256_CTR_TYPE:
sPymbed 0:1387ff3eed4a 550 return AES_BLOCK_SIZE;
sPymbed 0:1387ff3eed4a 551 #endif
sPymbed 0:1387ff3eed4a 552 #if !defined(NO_AES) && defined(HAVE_AES_ECB)
sPymbed 0:1387ff3eed4a 553 case AES_128_ECB_TYPE:
sPymbed 0:1387ff3eed4a 554 case AES_192_ECB_TYPE:
sPymbed 0:1387ff3eed4a 555 case AES_256_ECB_TYPE:
sPymbed 0:1387ff3eed4a 556 return AES_BLOCK_SIZE;
sPymbed 0:1387ff3eed4a 557 #endif
sPymbed 0:1387ff3eed4a 558 #ifndef NO_DES3
sPymbed 0:1387ff3eed4a 559 case DES_CBC_TYPE: return 8;
sPymbed 0:1387ff3eed4a 560 case DES_EDE3_CBC_TYPE: return 8;
sPymbed 0:1387ff3eed4a 561 case DES_ECB_TYPE: return 8;
sPymbed 0:1387ff3eed4a 562 case DES_EDE3_ECB_TYPE: return 8;
sPymbed 0:1387ff3eed4a 563 #endif
sPymbed 0:1387ff3eed4a 564 default:
sPymbed 0:1387ff3eed4a 565 return 0;
sPymbed 0:1387ff3eed4a 566 }
sPymbed 0:1387ff3eed4a 567 }
sPymbed 0:1387ff3eed4a 568
sPymbed 0:1387ff3eed4a 569 unsigned long WOLFSSL_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher)
sPymbed 0:1387ff3eed4a 570 {
sPymbed 0:1387ff3eed4a 571 switch (cipherType(cipher)) {
sPymbed 0:1387ff3eed4a 572 #if !defined(NO_AES) && defined(HAVE_AES_CBC)
sPymbed 0:1387ff3eed4a 573 case AES_128_CBC_TYPE:
sPymbed 0:1387ff3eed4a 574 case AES_192_CBC_TYPE:
sPymbed 0:1387ff3eed4a 575 case AES_256_CBC_TYPE:
sPymbed 0:1387ff3eed4a 576 return WOLFSSL_EVP_CIPH_CBC_MODE;
sPymbed 0:1387ff3eed4a 577 #endif
sPymbed 0:1387ff3eed4a 578 #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER)
sPymbed 0:1387ff3eed4a 579 case AES_128_CTR_TYPE:
sPymbed 0:1387ff3eed4a 580 case AES_192_CTR_TYPE:
sPymbed 0:1387ff3eed4a 581 case AES_256_CTR_TYPE:
sPymbed 0:1387ff3eed4a 582 return WOLFSSL_EVP_CIPH_CTR_MODE;
sPymbed 0:1387ff3eed4a 583 #endif
sPymbed 0:1387ff3eed4a 584 #if !defined(NO_AES)
sPymbed 0:1387ff3eed4a 585 case AES_128_ECB_TYPE:
sPymbed 0:1387ff3eed4a 586 case AES_192_ECB_TYPE:
sPymbed 0:1387ff3eed4a 587 case AES_256_ECB_TYPE:
sPymbed 0:1387ff3eed4a 588 return WOLFSSL_EVP_CIPH_ECB_MODE;
sPymbed 0:1387ff3eed4a 589 #endif
sPymbed 0:1387ff3eed4a 590 #ifndef NO_DES3
sPymbed 0:1387ff3eed4a 591 case DES_CBC_TYPE:
sPymbed 0:1387ff3eed4a 592 case DES_EDE3_CBC_TYPE:
sPymbed 0:1387ff3eed4a 593 return WOLFSSL_EVP_CIPH_CBC_MODE;
sPymbed 0:1387ff3eed4a 594 case DES_ECB_TYPE:
sPymbed 0:1387ff3eed4a 595 case DES_EDE3_ECB_TYPE:
sPymbed 0:1387ff3eed4a 596 return WOLFSSL_EVP_CIPH_ECB_MODE;
sPymbed 0:1387ff3eed4a 597 #endif
sPymbed 0:1387ff3eed4a 598 #ifndef NO_RC4
sPymbed 0:1387ff3eed4a 599 case ARC4_TYPE:
sPymbed 0:1387ff3eed4a 600 return EVP_CIPH_STREAM_CIPHER;
sPymbed 0:1387ff3eed4a 601 #endif
sPymbed 0:1387ff3eed4a 602 default:
sPymbed 0:1387ff3eed4a 603 return 0;
sPymbed 0:1387ff3eed4a 604 }
sPymbed 0:1387ff3eed4a 605 }
sPymbed 0:1387ff3eed4a 606
sPymbed 0:1387ff3eed4a 607 WOLFSSL_API unsigned long WOLFSSL_EVP_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher)
sPymbed 0:1387ff3eed4a 608 {
sPymbed 0:1387ff3eed4a 609 if (cipher == NULL) return 0;
sPymbed 0:1387ff3eed4a 610 return WOLFSSL_CIPHER_mode(cipher);
sPymbed 0:1387ff3eed4a 611 }
sPymbed 0:1387ff3eed4a 612
sPymbed 0:1387ff3eed4a 613 WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_set_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags)
sPymbed 0:1387ff3eed4a 614 {
sPymbed 0:1387ff3eed4a 615 if (ctx != NULL) {
sPymbed 0:1387ff3eed4a 616 ctx->flags = flags;
sPymbed 0:1387ff3eed4a 617 }
sPymbed 0:1387ff3eed4a 618 }
sPymbed 0:1387ff3eed4a 619
sPymbed 0:1387ff3eed4a 620 WOLFSSL_API unsigned long wolfSSL_EVP_CIPHER_flags(const WOLFSSL_EVP_CIPHER *cipher)
sPymbed 0:1387ff3eed4a 621 {
sPymbed 0:1387ff3eed4a 622 if (cipher == NULL) return 0;
sPymbed 0:1387ff3eed4a 623 return WOLFSSL_CIPHER_mode(cipher);
sPymbed 0:1387ff3eed4a 624 }
sPymbed 0:1387ff3eed4a 625
sPymbed 0:1387ff3eed4a 626 WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_set_padding(WOLFSSL_EVP_CIPHER_CTX *ctx, int padding)
sPymbed 0:1387ff3eed4a 627 {
sPymbed 0:1387ff3eed4a 628 if (ctx == NULL) return BAD_FUNC_ARG;
sPymbed 0:1387ff3eed4a 629 if (padding) {
sPymbed 0:1387ff3eed4a 630 ctx->flags &= ~WOLFSSL_EVP_CIPH_NO_PADDING;
sPymbed 0:1387ff3eed4a 631 }
sPymbed 0:1387ff3eed4a 632 else {
sPymbed 0:1387ff3eed4a 633 ctx->flags |= WOLFSSL_EVP_CIPH_NO_PADDING;
sPymbed 0:1387ff3eed4a 634 }
sPymbed 0:1387ff3eed4a 635 return 1;
sPymbed 0:1387ff3eed4a 636 }
sPymbed 0:1387ff3eed4a 637
sPymbed 0:1387ff3eed4a 638 WOLFSSL_API int wolfSSL_EVP_add_digest(const WOLFSSL_EVP_MD *digest)
sPymbed 0:1387ff3eed4a 639 {
sPymbed 0:1387ff3eed4a 640 (void)digest;
sPymbed 0:1387ff3eed4a 641 /* nothing to do */
sPymbed 0:1387ff3eed4a 642 return 0;
sPymbed 0:1387ff3eed4a 643 }
sPymbed 0:1387ff3eed4a 644
sPymbed 0:1387ff3eed4a 645
sPymbed 0:1387ff3eed4a 646 /* Frees the WOLFSSL_EVP_PKEY_CTX passed in.
sPymbed 0:1387ff3eed4a 647 *
sPymbed 0:1387ff3eed4a 648 * return WOLFSSL_SUCCESS on success
sPymbed 0:1387ff3eed4a 649 */
sPymbed 0:1387ff3eed4a 650 WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx)
sPymbed 0:1387ff3eed4a 651 {
sPymbed 0:1387ff3eed4a 652 if (ctx == NULL) return 0;
sPymbed 0:1387ff3eed4a 653 WOLFSSL_ENTER("EVP_PKEY_CTX_free");
sPymbed 0:1387ff3eed4a 654 XFREE(ctx, NULL, DYNAMIC_TYPE_PUBLIC_KEY);
sPymbed 0:1387ff3eed4a 655 return WOLFSSL_SUCCESS;
sPymbed 0:1387ff3eed4a 656 }
sPymbed 0:1387ff3eed4a 657
sPymbed 0:1387ff3eed4a 658
sPymbed 0:1387ff3eed4a 659 /* Creates a new WOLFSSL_EVP_PKEY_CTX structure.
sPymbed 0:1387ff3eed4a 660 *
sPymbed 0:1387ff3eed4a 661 * pkey key structure to use with new WOLFSSL_EVP_PEKY_CTX
sPymbed 0:1387ff3eed4a 662 * e engine to use. It should be NULL at this time.
sPymbed 0:1387ff3eed4a 663 *
sPymbed 0:1387ff3eed4a 664 * return the new structure on success and NULL if failed.
sPymbed 0:1387ff3eed4a 665 */
sPymbed 0:1387ff3eed4a 666 WOLFSSL_API WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_ENGINE *e)
sPymbed 0:1387ff3eed4a 667 {
sPymbed 0:1387ff3eed4a 668 WOLFSSL_EVP_PKEY_CTX* ctx;
sPymbed 0:1387ff3eed4a 669
sPymbed 0:1387ff3eed4a 670 if (pkey == NULL) return 0;
sPymbed 0:1387ff3eed4a 671 if (e != NULL) return 0;
sPymbed 0:1387ff3eed4a 672 WOLFSSL_ENTER("EVP_PKEY_CTX_new");
sPymbed 0:1387ff3eed4a 673
sPymbed 0:1387ff3eed4a 674 ctx = (WOLFSSL_EVP_PKEY_CTX*)XMALLOC(sizeof(WOLFSSL_EVP_PKEY_CTX), NULL,
sPymbed 0:1387ff3eed4a 675 DYNAMIC_TYPE_PUBLIC_KEY);
sPymbed 0:1387ff3eed4a 676 if (ctx == NULL) return NULL;
sPymbed 0:1387ff3eed4a 677 XMEMSET(ctx, 0, sizeof(WOLFSSL_EVP_PKEY_CTX));
sPymbed 0:1387ff3eed4a 678 ctx->pkey = pkey;
sPymbed 0:1387ff3eed4a 679 #if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
sPymbed 0:1387ff3eed4a 680 ctx->padding = RSA_PKCS1_PADDING;
sPymbed 0:1387ff3eed4a 681 #endif
sPymbed 0:1387ff3eed4a 682
sPymbed 0:1387ff3eed4a 683 return ctx;
sPymbed 0:1387ff3eed4a 684 }
sPymbed 0:1387ff3eed4a 685
sPymbed 0:1387ff3eed4a 686
sPymbed 0:1387ff3eed4a 687 /* Sets the type of RSA padding to use.
sPymbed 0:1387ff3eed4a 688 *
sPymbed 0:1387ff3eed4a 689 * ctx structure to set padding in.
sPymbed 0:1387ff3eed4a 690 * padding RSA padding type
sPymbed 0:1387ff3eed4a 691 *
sPymbed 0:1387ff3eed4a 692 * returns WOLFSSL_SUCCESS on success.
sPymbed 0:1387ff3eed4a 693 */
sPymbed 0:1387ff3eed4a 694 WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set_rsa_padding(WOLFSSL_EVP_PKEY_CTX *ctx, int padding)
sPymbed 0:1387ff3eed4a 695 {
sPymbed 0:1387ff3eed4a 696 if (ctx == NULL) return 0;
sPymbed 0:1387ff3eed4a 697 WOLFSSL_ENTER("EVP_PKEY_CTX_set_rsa_padding");
sPymbed 0:1387ff3eed4a 698 ctx->padding = padding;
sPymbed 0:1387ff3eed4a 699 return WOLFSSL_SUCCESS;
sPymbed 0:1387ff3eed4a 700 }
sPymbed 0:1387ff3eed4a 701
sPymbed 0:1387ff3eed4a 702
sPymbed 0:1387ff3eed4a 703 /* Uses the WOLFSSL_EVP_PKEY_CTX to decrypt a buffer.
sPymbed 0:1387ff3eed4a 704 *
sPymbed 0:1387ff3eed4a 705 * ctx structure to decrypt with
sPymbed 0:1387ff3eed4a 706 * out buffer to hold the results
sPymbed 0:1387ff3eed4a 707 * outlen initially holds size of out buffer and gets set to decrypt result size
sPymbed 0:1387ff3eed4a 708 * in buffer decrypt
sPymbed 0:1387ff3eed4a 709 * inlen length of in buffer
sPymbed 0:1387ff3eed4a 710 *
sPymbed 0:1387ff3eed4a 711 * returns WOLFSSL_SUCCESS on success.
sPymbed 0:1387ff3eed4a 712 */
sPymbed 0:1387ff3eed4a 713 WOLFSSL_API int wolfSSL_EVP_PKEY_decrypt(WOLFSSL_EVP_PKEY_CTX *ctx,
sPymbed 0:1387ff3eed4a 714 unsigned char *out, size_t *outlen,
sPymbed 0:1387ff3eed4a 715 const unsigned char *in, size_t inlen)
sPymbed 0:1387ff3eed4a 716 {
sPymbed 0:1387ff3eed4a 717 int len;
sPymbed 0:1387ff3eed4a 718
sPymbed 0:1387ff3eed4a 719 if (ctx == NULL) return 0;
sPymbed 0:1387ff3eed4a 720 WOLFSSL_ENTER("EVP_PKEY_decrypt");
sPymbed 0:1387ff3eed4a 721
sPymbed 0:1387ff3eed4a 722 (void)out;
sPymbed 0:1387ff3eed4a 723 (void)outlen;
sPymbed 0:1387ff3eed4a 724 (void)in;
sPymbed 0:1387ff3eed4a 725 (void)inlen;
sPymbed 0:1387ff3eed4a 726 (void)len;
sPymbed 0:1387ff3eed4a 727
sPymbed 0:1387ff3eed4a 728 switch (ctx->pkey->type) {
sPymbed 0:1387ff3eed4a 729 #if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
sPymbed 0:1387ff3eed4a 730 case EVP_PKEY_RSA:
sPymbed 0:1387ff3eed4a 731 len = wolfSSL_RSA_private_decrypt((int)inlen, (unsigned char*)in, out,
sPymbed 0:1387ff3eed4a 732 ctx->pkey->rsa, ctx->padding);
sPymbed 0:1387ff3eed4a 733 if (len < 0) break;
sPymbed 0:1387ff3eed4a 734 else {
sPymbed 0:1387ff3eed4a 735 *outlen = len;
sPymbed 0:1387ff3eed4a 736 return WOLFSSL_SUCCESS;
sPymbed 0:1387ff3eed4a 737 }
sPymbed 0:1387ff3eed4a 738 #endif /* NO_RSA */
sPymbed 0:1387ff3eed4a 739
sPymbed 0:1387ff3eed4a 740 case EVP_PKEY_EC:
sPymbed 0:1387ff3eed4a 741 WOLFSSL_MSG("not implemented");
sPymbed 0:1387ff3eed4a 742 FALL_THROUGH;
sPymbed 0:1387ff3eed4a 743 default:
sPymbed 0:1387ff3eed4a 744 break;
sPymbed 0:1387ff3eed4a 745 }
sPymbed 0:1387ff3eed4a 746 return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 747 }
sPymbed 0:1387ff3eed4a 748
sPymbed 0:1387ff3eed4a 749
sPymbed 0:1387ff3eed4a 750 /* Initialize a WOLFSSL_EVP_PKEY_CTX structure for decryption
sPymbed 0:1387ff3eed4a 751 *
sPymbed 0:1387ff3eed4a 752 * ctx WOLFSSL_EVP_PKEY_CTX structure to use with decryption
sPymbed 0:1387ff3eed4a 753 *
sPymbed 0:1387ff3eed4a 754 * Returns WOLFSSL_FAILURE on failure and WOLFSSL_SUCCESS on success
sPymbed 0:1387ff3eed4a 755 */
sPymbed 0:1387ff3eed4a 756 WOLFSSL_API int wolfSSL_EVP_PKEY_decrypt_init(WOLFSSL_EVP_PKEY_CTX *ctx)
sPymbed 0:1387ff3eed4a 757 {
sPymbed 0:1387ff3eed4a 758 if (ctx == NULL) return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 759 WOLFSSL_ENTER("EVP_PKEY_decrypt_init");
sPymbed 0:1387ff3eed4a 760 switch (ctx->pkey->type) {
sPymbed 0:1387ff3eed4a 761 case EVP_PKEY_RSA:
sPymbed 0:1387ff3eed4a 762 ctx->op = EVP_PKEY_OP_DECRYPT;
sPymbed 0:1387ff3eed4a 763 return WOLFSSL_SUCCESS;
sPymbed 0:1387ff3eed4a 764 case EVP_PKEY_EC:
sPymbed 0:1387ff3eed4a 765 WOLFSSL_MSG("not implemented");
sPymbed 0:1387ff3eed4a 766 FALL_THROUGH;
sPymbed 0:1387ff3eed4a 767 default:
sPymbed 0:1387ff3eed4a 768 break;
sPymbed 0:1387ff3eed4a 769 }
sPymbed 0:1387ff3eed4a 770 return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 771 }
sPymbed 0:1387ff3eed4a 772
sPymbed 0:1387ff3eed4a 773
sPymbed 0:1387ff3eed4a 774 /* Use a WOLFSSL_EVP_PKEY_CTX structure to encrypt data
sPymbed 0:1387ff3eed4a 775 *
sPymbed 0:1387ff3eed4a 776 * ctx WOLFSSL_EVP_PKEY_CTX structure to use with encryption
sPymbed 0:1387ff3eed4a 777 * out buffer to hold encrypted data
sPymbed 0:1387ff3eed4a 778 * outlen length of out buffer
sPymbed 0:1387ff3eed4a 779 * in data to be encrypted
sPymbed 0:1387ff3eed4a 780 * inlen length of in buffer
sPymbed 0:1387ff3eed4a 781 *
sPymbed 0:1387ff3eed4a 782 * Returns WOLFSSL_FAILURE on failure and WOLFSSL_SUCCESS on success
sPymbed 0:1387ff3eed4a 783 */
sPymbed 0:1387ff3eed4a 784 WOLFSSL_API int wolfSSL_EVP_PKEY_encrypt(WOLFSSL_EVP_PKEY_CTX *ctx,
sPymbed 0:1387ff3eed4a 785 unsigned char *out, size_t *outlen,
sPymbed 0:1387ff3eed4a 786 const unsigned char *in, size_t inlen)
sPymbed 0:1387ff3eed4a 787 {
sPymbed 0:1387ff3eed4a 788 int len;
sPymbed 0:1387ff3eed4a 789 if (ctx == NULL) return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 790 WOLFSSL_ENTER("EVP_PKEY_encrypt");
sPymbed 0:1387ff3eed4a 791 if (ctx->op != EVP_PKEY_OP_ENCRYPT) return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 792
sPymbed 0:1387ff3eed4a 793 (void)out;
sPymbed 0:1387ff3eed4a 794 (void)outlen;
sPymbed 0:1387ff3eed4a 795 (void)in;
sPymbed 0:1387ff3eed4a 796 (void)inlen;
sPymbed 0:1387ff3eed4a 797 (void)len;
sPymbed 0:1387ff3eed4a 798 switch (ctx->pkey->type) {
sPymbed 0:1387ff3eed4a 799 #if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
sPymbed 0:1387ff3eed4a 800 case EVP_PKEY_RSA:
sPymbed 0:1387ff3eed4a 801 len = wolfSSL_RSA_public_encrypt((int)inlen, (unsigned char *)in, out,
sPymbed 0:1387ff3eed4a 802 ctx->pkey->rsa, ctx->padding);
sPymbed 0:1387ff3eed4a 803 if (len < 0)
sPymbed 0:1387ff3eed4a 804 break;
sPymbed 0:1387ff3eed4a 805 else {
sPymbed 0:1387ff3eed4a 806 *outlen = len;
sPymbed 0:1387ff3eed4a 807 return WOLFSSL_SUCCESS;
sPymbed 0:1387ff3eed4a 808 }
sPymbed 0:1387ff3eed4a 809 #endif /* NO_RSA */
sPymbed 0:1387ff3eed4a 810
sPymbed 0:1387ff3eed4a 811 case EVP_PKEY_EC:
sPymbed 0:1387ff3eed4a 812 WOLFSSL_MSG("not implemented");
sPymbed 0:1387ff3eed4a 813 FALL_THROUGH;
sPymbed 0:1387ff3eed4a 814 default:
sPymbed 0:1387ff3eed4a 815 break;
sPymbed 0:1387ff3eed4a 816 }
sPymbed 0:1387ff3eed4a 817 return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 818 }
sPymbed 0:1387ff3eed4a 819
sPymbed 0:1387ff3eed4a 820
sPymbed 0:1387ff3eed4a 821 /* Initialize a WOLFSSL_EVP_PKEY_CTX structure to encrypt data
sPymbed 0:1387ff3eed4a 822 *
sPymbed 0:1387ff3eed4a 823 * ctx WOLFSSL_EVP_PKEY_CTX structure to use with encryption
sPymbed 0:1387ff3eed4a 824 *
sPymbed 0:1387ff3eed4a 825 * Returns WOLFSSL_FAILURE on failure and WOLFSSL_SUCCESS on success
sPymbed 0:1387ff3eed4a 826 */
sPymbed 0:1387ff3eed4a 827 WOLFSSL_API int wolfSSL_EVP_PKEY_encrypt_init(WOLFSSL_EVP_PKEY_CTX *ctx)
sPymbed 0:1387ff3eed4a 828 {
sPymbed 0:1387ff3eed4a 829 if (ctx == NULL) return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 830 WOLFSSL_ENTER("EVP_PKEY_encrypt_init");
sPymbed 0:1387ff3eed4a 831
sPymbed 0:1387ff3eed4a 832 switch (ctx->pkey->type) {
sPymbed 0:1387ff3eed4a 833 case EVP_PKEY_RSA:
sPymbed 0:1387ff3eed4a 834 ctx->op = EVP_PKEY_OP_ENCRYPT;
sPymbed 0:1387ff3eed4a 835 return WOLFSSL_SUCCESS;
sPymbed 0:1387ff3eed4a 836 case EVP_PKEY_EC:
sPymbed 0:1387ff3eed4a 837 WOLFSSL_MSG("not implemented");
sPymbed 0:1387ff3eed4a 838 FALL_THROUGH;
sPymbed 0:1387ff3eed4a 839 default:
sPymbed 0:1387ff3eed4a 840 break;
sPymbed 0:1387ff3eed4a 841 }
sPymbed 0:1387ff3eed4a 842 return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 843 }
sPymbed 0:1387ff3eed4a 844
sPymbed 0:1387ff3eed4a 845
sPymbed 0:1387ff3eed4a 846 /* Get the size in bits for WOLFSSL_EVP_PKEY key
sPymbed 0:1387ff3eed4a 847 *
sPymbed 0:1387ff3eed4a 848 * pkey WOLFSSL_EVP_PKEY structure to get key size of
sPymbed 0:1387ff3eed4a 849 *
sPymbed 0:1387ff3eed4a 850 * returns the size in bits of key on success
sPymbed 0:1387ff3eed4a 851 */
sPymbed 0:1387ff3eed4a 852 WOLFSSL_API int wolfSSL_EVP_PKEY_bits(const WOLFSSL_EVP_PKEY *pkey)
sPymbed 0:1387ff3eed4a 853 {
sPymbed 0:1387ff3eed4a 854 int bytes;
sPymbed 0:1387ff3eed4a 855
sPymbed 0:1387ff3eed4a 856 if (pkey == NULL) return 0;
sPymbed 0:1387ff3eed4a 857 WOLFSSL_ENTER("EVP_PKEY_bits");
sPymbed 0:1387ff3eed4a 858 if ((bytes = wolfSSL_EVP_PKEY_size((WOLFSSL_EVP_PKEY*)pkey)) ==0) return 0;
sPymbed 0:1387ff3eed4a 859 return bytes*8;
sPymbed 0:1387ff3eed4a 860 }
sPymbed 0:1387ff3eed4a 861
sPymbed 0:1387ff3eed4a 862
sPymbed 0:1387ff3eed4a 863 /* Get the size in bytes for WOLFSSL_EVP_PKEY key
sPymbed 0:1387ff3eed4a 864 *
sPymbed 0:1387ff3eed4a 865 * pkey WOLFSSL_EVP_PKEY structure to get key size of
sPymbed 0:1387ff3eed4a 866 *
sPymbed 0:1387ff3eed4a 867 * returns the size of a key on success which is the maximum size of a
sPymbed 0:1387ff3eed4a 868 * signature
sPymbed 0:1387ff3eed4a 869 */
sPymbed 0:1387ff3eed4a 870 WOLFSSL_API int wolfSSL_EVP_PKEY_size(WOLFSSL_EVP_PKEY *pkey)
sPymbed 0:1387ff3eed4a 871 {
sPymbed 0:1387ff3eed4a 872 if (pkey == NULL) return 0;
sPymbed 0:1387ff3eed4a 873 WOLFSSL_ENTER("EVP_PKEY_size");
sPymbed 0:1387ff3eed4a 874
sPymbed 0:1387ff3eed4a 875 switch (pkey->type) {
sPymbed 0:1387ff3eed4a 876 #if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
sPymbed 0:1387ff3eed4a 877 case EVP_PKEY_RSA:
sPymbed 0:1387ff3eed4a 878 return (int)wolfSSL_RSA_size((const WOLFSSL_RSA*)(pkey->rsa));
sPymbed 0:1387ff3eed4a 879 #endif /* NO_RSA */
sPymbed 0:1387ff3eed4a 880
sPymbed 0:1387ff3eed4a 881 #ifdef HAVE_ECC
sPymbed 0:1387ff3eed4a 882 case EVP_PKEY_EC:
sPymbed 0:1387ff3eed4a 883 if (pkey->ecc == NULL || pkey->ecc->internal == NULL) {
sPymbed 0:1387ff3eed4a 884 WOLFSSL_MSG("No ECC key has been set");
sPymbed 0:1387ff3eed4a 885 break;
sPymbed 0:1387ff3eed4a 886 }
sPymbed 0:1387ff3eed4a 887 return wc_ecc_size((ecc_key*)(pkey->ecc->internal));
sPymbed 0:1387ff3eed4a 888 #endif /* HAVE_ECC */
sPymbed 0:1387ff3eed4a 889
sPymbed 0:1387ff3eed4a 890 default:
sPymbed 0:1387ff3eed4a 891 break;
sPymbed 0:1387ff3eed4a 892 }
sPymbed 0:1387ff3eed4a 893 return 0;
sPymbed 0:1387ff3eed4a 894 }
sPymbed 0:1387ff3eed4a 895
sPymbed 0:1387ff3eed4a 896
sPymbed 0:1387ff3eed4a 897 /* Initialize structure for signing
sPymbed 0:1387ff3eed4a 898 *
sPymbed 0:1387ff3eed4a 899 * ctx WOLFSSL_EVP_MD_CTX structure to initialize
sPymbed 0:1387ff3eed4a 900 * type is the type of message digest to use
sPymbed 0:1387ff3eed4a 901 *
sPymbed 0:1387ff3eed4a 902 * returns WOLFSSL_SUCCESS on success
sPymbed 0:1387ff3eed4a 903 */
sPymbed 0:1387ff3eed4a 904 WOLFSSL_API int wolfSSL_EVP_SignInit(WOLFSSL_EVP_MD_CTX *ctx, const WOLFSSL_EVP_MD *type)
sPymbed 0:1387ff3eed4a 905 {
sPymbed 0:1387ff3eed4a 906 if (ctx == NULL) return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 907 WOLFSSL_ENTER("EVP_SignInit");
sPymbed 0:1387ff3eed4a 908 return wolfSSL_EVP_DigestInit(ctx,type);
sPymbed 0:1387ff3eed4a 909 }
sPymbed 0:1387ff3eed4a 910
sPymbed 0:1387ff3eed4a 911
sPymbed 0:1387ff3eed4a 912 /* Update structure with data for signing
sPymbed 0:1387ff3eed4a 913 *
sPymbed 0:1387ff3eed4a 914 * ctx WOLFSSL_EVP_MD_CTX structure to update
sPymbed 0:1387ff3eed4a 915 * data buffer holding data to update with for sign
sPymbed 0:1387ff3eed4a 916 * len length of data buffer
sPymbed 0:1387ff3eed4a 917 *
sPymbed 0:1387ff3eed4a 918 * returns WOLFSSL_SUCCESS on success
sPymbed 0:1387ff3eed4a 919 */
sPymbed 0:1387ff3eed4a 920 WOLFSSL_API int wolfSSL_EVP_SignUpdate(WOLFSSL_EVP_MD_CTX *ctx, const void *data, size_t len)
sPymbed 0:1387ff3eed4a 921 {
sPymbed 0:1387ff3eed4a 922 if (ctx == NULL) return 0;
sPymbed 0:1387ff3eed4a 923 WOLFSSL_ENTER("EVP_SignUpdate(");
sPymbed 0:1387ff3eed4a 924 return wolfSSL_EVP_DigestUpdate(ctx, data, len);
sPymbed 0:1387ff3eed4a 925 }
sPymbed 0:1387ff3eed4a 926
sPymbed 0:1387ff3eed4a 927 /* macro gaurd because currently only used with RSA */
sPymbed 0:1387ff3eed4a 928 #if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
sPymbed 0:1387ff3eed4a 929 /* Helper function for getting the NID value from md
sPymbed 0:1387ff3eed4a 930 *
sPymbed 0:1387ff3eed4a 931 * returns the NID value associated with md on success */
sPymbed 0:1387ff3eed4a 932 static int md2nid(int md)
sPymbed 0:1387ff3eed4a 933 {
sPymbed 0:1387ff3eed4a 934 const char * d;
sPymbed 0:1387ff3eed4a 935 d = (const char *)wolfSSL_EVP_get_md((const unsigned char)md);
sPymbed 0:1387ff3eed4a 936 if (XSTRNCMP(d, "SHA", 3) == 0) {
sPymbed 0:1387ff3eed4a 937 if (XSTRLEN(d) > 3) {
sPymbed 0:1387ff3eed4a 938 if (XSTRNCMP(d, "SHA256", 6) == 0) {
sPymbed 0:1387ff3eed4a 939 return NID_sha256;
sPymbed 0:1387ff3eed4a 940 }
sPymbed 0:1387ff3eed4a 941 if (XSTRNCMP(d, "SHA384", 6) == 0) {
sPymbed 0:1387ff3eed4a 942 return NID_sha384;
sPymbed 0:1387ff3eed4a 943 }
sPymbed 0:1387ff3eed4a 944 if (XSTRNCMP(d, "SHA512", 6) == 0) {
sPymbed 0:1387ff3eed4a 945 return NID_sha512;
sPymbed 0:1387ff3eed4a 946 }
sPymbed 0:1387ff3eed4a 947 WOLFSSL_MSG("Unknown SHA type");
sPymbed 0:1387ff3eed4a 948 return 0;
sPymbed 0:1387ff3eed4a 949 }
sPymbed 0:1387ff3eed4a 950 else {
sPymbed 0:1387ff3eed4a 951 return NID_sha1;
sPymbed 0:1387ff3eed4a 952 }
sPymbed 0:1387ff3eed4a 953 }
sPymbed 0:1387ff3eed4a 954 if (XSTRNCMP(d, "MD5", 3) == 0)
sPymbed 0:1387ff3eed4a 955 return NID_md5;
sPymbed 0:1387ff3eed4a 956 return 0;
sPymbed 0:1387ff3eed4a 957 }
sPymbed 0:1387ff3eed4a 958 #endif /* NO_RSA */
sPymbed 0:1387ff3eed4a 959
sPymbed 0:1387ff3eed4a 960 /* Finalize structure for signing
sPymbed 0:1387ff3eed4a 961 *
sPymbed 0:1387ff3eed4a 962 * ctx WOLFSSL_EVP_MD_CTX structure to finalize
sPymbed 0:1387ff3eed4a 963 * sigret buffer to hold resulting signature
sPymbed 0:1387ff3eed4a 964 * siglen length of sigret buffer
sPymbed 0:1387ff3eed4a 965 * pkey key to sign with
sPymbed 0:1387ff3eed4a 966 *
sPymbed 0:1387ff3eed4a 967 * returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure
sPymbed 0:1387ff3eed4a 968 */
sPymbed 0:1387ff3eed4a 969 WOLFSSL_API int wolfSSL_EVP_SignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sigret,
sPymbed 0:1387ff3eed4a 970 unsigned int *siglen, WOLFSSL_EVP_PKEY *pkey)
sPymbed 0:1387ff3eed4a 971 {
sPymbed 0:1387ff3eed4a 972 unsigned int mdsize;
sPymbed 0:1387ff3eed4a 973 unsigned char md[WC_MAX_DIGEST_SIZE];
sPymbed 0:1387ff3eed4a 974 int ret;
sPymbed 0:1387ff3eed4a 975 if (ctx == NULL) return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 976 WOLFSSL_ENTER("EVP_SignFinal");
sPymbed 0:1387ff3eed4a 977
sPymbed 0:1387ff3eed4a 978 ret = wolfSSL_EVP_DigestFinal(ctx, md, &mdsize);
sPymbed 0:1387ff3eed4a 979 if (ret <= 0) return ret;
sPymbed 0:1387ff3eed4a 980
sPymbed 0:1387ff3eed4a 981 (void)sigret;
sPymbed 0:1387ff3eed4a 982 (void)siglen;
sPymbed 0:1387ff3eed4a 983
sPymbed 0:1387ff3eed4a 984 switch (pkey->type) {
sPymbed 0:1387ff3eed4a 985 #if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
sPymbed 0:1387ff3eed4a 986 case EVP_PKEY_RSA: {
sPymbed 0:1387ff3eed4a 987 int nid = md2nid(ctx->macType);
sPymbed 0:1387ff3eed4a 988 if (nid < 0) break;
sPymbed 0:1387ff3eed4a 989 return wolfSSL_RSA_sign(nid, md, mdsize, sigret,
sPymbed 0:1387ff3eed4a 990 siglen, pkey->rsa);
sPymbed 0:1387ff3eed4a 991 }
sPymbed 0:1387ff3eed4a 992 #endif /* NO_RSA */
sPymbed 0:1387ff3eed4a 993
sPymbed 0:1387ff3eed4a 994 case EVP_PKEY_DSA:
sPymbed 0:1387ff3eed4a 995 case EVP_PKEY_EC:
sPymbed 0:1387ff3eed4a 996 WOLFSSL_MSG("not implemented");
sPymbed 0:1387ff3eed4a 997 FALL_THROUGH;
sPymbed 0:1387ff3eed4a 998 default:
sPymbed 0:1387ff3eed4a 999 break;
sPymbed 0:1387ff3eed4a 1000 }
sPymbed 0:1387ff3eed4a 1001 return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 1002 }
sPymbed 0:1387ff3eed4a 1003
sPymbed 0:1387ff3eed4a 1004
sPymbed 0:1387ff3eed4a 1005 /* Initialize structure for verifying signature
sPymbed 0:1387ff3eed4a 1006 *
sPymbed 0:1387ff3eed4a 1007 * ctx WOLFSSL_EVP_MD_CTX structure to initialize
sPymbed 0:1387ff3eed4a 1008 * type is the type of message digest to use
sPymbed 0:1387ff3eed4a 1009 *
sPymbed 0:1387ff3eed4a 1010 * returns WOLFSSL_SUCCESS on success
sPymbed 0:1387ff3eed4a 1011 */
sPymbed 0:1387ff3eed4a 1012 WOLFSSL_API int wolfSSL_EVP_VerifyInit(WOLFSSL_EVP_MD_CTX *ctx, const WOLFSSL_EVP_MD *type)
sPymbed 0:1387ff3eed4a 1013 {
sPymbed 0:1387ff3eed4a 1014 if (ctx == NULL) return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 1015 WOLFSSL_ENTER("EVP_VerifyInit");
sPymbed 0:1387ff3eed4a 1016 return wolfSSL_EVP_DigestInit(ctx,type);
sPymbed 0:1387ff3eed4a 1017 }
sPymbed 0:1387ff3eed4a 1018
sPymbed 0:1387ff3eed4a 1019
sPymbed 0:1387ff3eed4a 1020 /* Update structure for verifying signature
sPymbed 0:1387ff3eed4a 1021 *
sPymbed 0:1387ff3eed4a 1022 * ctx WOLFSSL_EVP_MD_CTX structure to update
sPymbed 0:1387ff3eed4a 1023 * data buffer holding data to update with for verify
sPymbed 0:1387ff3eed4a 1024 * len length of data buffer
sPymbed 0:1387ff3eed4a 1025 *
sPymbed 0:1387ff3eed4a 1026 * returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure
sPymbed 0:1387ff3eed4a 1027 */
sPymbed 0:1387ff3eed4a 1028 WOLFSSL_API int wolfSSL_EVP_VerifyUpdate(WOLFSSL_EVP_MD_CTX *ctx, const void *data, size_t len)
sPymbed 0:1387ff3eed4a 1029 {
sPymbed 0:1387ff3eed4a 1030 if (ctx == NULL) return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 1031 WOLFSSL_ENTER("EVP_VerifyUpdate");
sPymbed 0:1387ff3eed4a 1032 return wolfSSL_EVP_DigestUpdate(ctx, data, len);
sPymbed 0:1387ff3eed4a 1033 }
sPymbed 0:1387ff3eed4a 1034
sPymbed 0:1387ff3eed4a 1035
sPymbed 0:1387ff3eed4a 1036 /* Finalize structure for verifying signature
sPymbed 0:1387ff3eed4a 1037 *
sPymbed 0:1387ff3eed4a 1038 * ctx WOLFSSL_EVP_MD_CTX structure to finalize
sPymbed 0:1387ff3eed4a 1039 * sig buffer holding signature
sPymbed 0:1387ff3eed4a 1040 * siglen length of sig buffer
sPymbed 0:1387ff3eed4a 1041 * pkey key to verify with
sPymbed 0:1387ff3eed4a 1042 *
sPymbed 0:1387ff3eed4a 1043 * returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure
sPymbed 0:1387ff3eed4a 1044 */
sPymbed 0:1387ff3eed4a 1045 WOLFSSL_API int wolfSSL_EVP_VerifyFinal(WOLFSSL_EVP_MD_CTX *ctx,
sPymbed 0:1387ff3eed4a 1046 unsigned char*sig, unsigned int siglen, WOLFSSL_EVP_PKEY *pkey)
sPymbed 0:1387ff3eed4a 1047 {
sPymbed 0:1387ff3eed4a 1048 int ret;
sPymbed 0:1387ff3eed4a 1049 unsigned char md[WC_MAX_DIGEST_SIZE];
sPymbed 0:1387ff3eed4a 1050 unsigned int mdsize;
sPymbed 0:1387ff3eed4a 1051
sPymbed 0:1387ff3eed4a 1052 if (ctx == NULL) return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 1053 WOLFSSL_ENTER("EVP_VerifyFinal");
sPymbed 0:1387ff3eed4a 1054 ret = wolfSSL_EVP_DigestFinal(ctx, md, &mdsize);
sPymbed 0:1387ff3eed4a 1055 if (ret <= 0) return ret;
sPymbed 0:1387ff3eed4a 1056
sPymbed 0:1387ff3eed4a 1057 (void)sig;
sPymbed 0:1387ff3eed4a 1058 (void)siglen;
sPymbed 0:1387ff3eed4a 1059
sPymbed 0:1387ff3eed4a 1060 switch (pkey->type) {
sPymbed 0:1387ff3eed4a 1061 #if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
sPymbed 0:1387ff3eed4a 1062 case EVP_PKEY_RSA: {
sPymbed 0:1387ff3eed4a 1063 int nid = md2nid(ctx->macType);
sPymbed 0:1387ff3eed4a 1064 if (nid < 0) break;
sPymbed 0:1387ff3eed4a 1065 return wolfSSL_RSA_verify(nid, md, mdsize, sig,
sPymbed 0:1387ff3eed4a 1066 (unsigned int)siglen, pkey->rsa);
sPymbed 0:1387ff3eed4a 1067 }
sPymbed 0:1387ff3eed4a 1068 #endif /* NO_RSA */
sPymbed 0:1387ff3eed4a 1069
sPymbed 0:1387ff3eed4a 1070 case EVP_PKEY_DSA:
sPymbed 0:1387ff3eed4a 1071 case EVP_PKEY_EC:
sPymbed 0:1387ff3eed4a 1072 WOLFSSL_MSG("not implemented");
sPymbed 0:1387ff3eed4a 1073 FALL_THROUGH;
sPymbed 0:1387ff3eed4a 1074 default:
sPymbed 0:1387ff3eed4a 1075 break;
sPymbed 0:1387ff3eed4a 1076 }
sPymbed 0:1387ff3eed4a 1077 return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 1078 }
sPymbed 0:1387ff3eed4a 1079
sPymbed 0:1387ff3eed4a 1080 WOLFSSL_API int wolfSSL_EVP_add_cipher(const WOLFSSL_EVP_CIPHER *cipher)
sPymbed 0:1387ff3eed4a 1081 {
sPymbed 0:1387ff3eed4a 1082 (void)cipher;
sPymbed 0:1387ff3eed4a 1083 /* nothing to do */
sPymbed 0:1387ff3eed4a 1084 return 0;
sPymbed 0:1387ff3eed4a 1085 }
sPymbed 0:1387ff3eed4a 1086
sPymbed 0:1387ff3eed4a 1087
sPymbed 0:1387ff3eed4a 1088 WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_mac_key(int type, ENGINE* e,
sPymbed 0:1387ff3eed4a 1089 const unsigned char* key, int keylen)
sPymbed 0:1387ff3eed4a 1090 {
sPymbed 0:1387ff3eed4a 1091 WOLFSSL_EVP_PKEY* pkey;
sPymbed 0:1387ff3eed4a 1092
sPymbed 0:1387ff3eed4a 1093 (void)e;
sPymbed 0:1387ff3eed4a 1094
sPymbed 0:1387ff3eed4a 1095 if (type != EVP_PKEY_HMAC || (key == NULL && keylen != 0))
sPymbed 0:1387ff3eed4a 1096 return NULL;
sPymbed 0:1387ff3eed4a 1097
sPymbed 0:1387ff3eed4a 1098 pkey = wolfSSL_PKEY_new();
sPymbed 0:1387ff3eed4a 1099 if (pkey != NULL) {
sPymbed 0:1387ff3eed4a 1100 pkey->pkey.ptr = (char*)XMALLOC(keylen, NULL, DYNAMIC_TYPE_PUBLIC_KEY);
sPymbed 0:1387ff3eed4a 1101 if (pkey->pkey.ptr == NULL && keylen > 0) {
sPymbed 0:1387ff3eed4a 1102 wolfSSL_EVP_PKEY_free(pkey);
sPymbed 0:1387ff3eed4a 1103 pkey = NULL;
sPymbed 0:1387ff3eed4a 1104 }
sPymbed 0:1387ff3eed4a 1105 else {
sPymbed 0:1387ff3eed4a 1106 XMEMCPY(pkey->pkey.ptr, key, keylen);
sPymbed 0:1387ff3eed4a 1107 pkey->pkey_sz = keylen;
sPymbed 0:1387ff3eed4a 1108 pkey->type = pkey->save_type = type;
sPymbed 0:1387ff3eed4a 1109 }
sPymbed 0:1387ff3eed4a 1110 }
sPymbed 0:1387ff3eed4a 1111
sPymbed 0:1387ff3eed4a 1112 return pkey;
sPymbed 0:1387ff3eed4a 1113 }
sPymbed 0:1387ff3eed4a 1114
sPymbed 0:1387ff3eed4a 1115
sPymbed 0:1387ff3eed4a 1116 const unsigned char* wolfSSL_EVP_PKEY_get0_hmac(const WOLFSSL_EVP_PKEY* pkey,
sPymbed 0:1387ff3eed4a 1117 size_t* len)
sPymbed 0:1387ff3eed4a 1118 {
sPymbed 0:1387ff3eed4a 1119 if (pkey == NULL || len == NULL)
sPymbed 0:1387ff3eed4a 1120 return NULL;
sPymbed 0:1387ff3eed4a 1121
sPymbed 0:1387ff3eed4a 1122 *len = (size_t)pkey->pkey_sz;
sPymbed 0:1387ff3eed4a 1123
sPymbed 0:1387ff3eed4a 1124 return (const unsigned char*)pkey->pkey.ptr;
sPymbed 0:1387ff3eed4a 1125 }
sPymbed 0:1387ff3eed4a 1126
sPymbed 0:1387ff3eed4a 1127
sPymbed 0:1387ff3eed4a 1128 int wolfSSL_EVP_DigestSignInit(WOLFSSL_EVP_MD_CTX *ctx,
sPymbed 0:1387ff3eed4a 1129 WOLFSSL_EVP_PKEY_CTX **pctx,
sPymbed 0:1387ff3eed4a 1130 const WOLFSSL_EVP_MD *type,
sPymbed 0:1387ff3eed4a 1131 WOLFSSL_ENGINE *e,
sPymbed 0:1387ff3eed4a 1132 WOLFSSL_EVP_PKEY *pkey)
sPymbed 0:1387ff3eed4a 1133 {
sPymbed 0:1387ff3eed4a 1134 int hashType;
sPymbed 0:1387ff3eed4a 1135 const unsigned char* key;
sPymbed 0:1387ff3eed4a 1136 size_t keySz;
sPymbed 0:1387ff3eed4a 1137
sPymbed 0:1387ff3eed4a 1138 /* Unused parameters */
sPymbed 0:1387ff3eed4a 1139 (void)pctx;
sPymbed 0:1387ff3eed4a 1140 (void)e;
sPymbed 0:1387ff3eed4a 1141
sPymbed 0:1387ff3eed4a 1142 WOLFSSL_ENTER("EVP_DigestSignInit");
sPymbed 0:1387ff3eed4a 1143
sPymbed 0:1387ff3eed4a 1144 if (ctx == NULL || type == NULL || pkey == NULL)
sPymbed 0:1387ff3eed4a 1145 return BAD_FUNC_ARG;
sPymbed 0:1387ff3eed4a 1146
sPymbed 0:1387ff3eed4a 1147 #ifdef WOLFSSL_ASYNC_CRYPT
sPymbed 0:1387ff3eed4a 1148 /* compile-time validation of ASYNC_CTX_SIZE */
sPymbed 0:1387ff3eed4a 1149 typedef char async_test[WC_ASYNC_DEV_SIZE >= sizeof(WC_ASYNC_DEV) ?
sPymbed 0:1387ff3eed4a 1150 1 : -1];
sPymbed 0:1387ff3eed4a 1151 (void)sizeof(async_test);
sPymbed 0:1387ff3eed4a 1152 #endif
sPymbed 0:1387ff3eed4a 1153
sPymbed 0:1387ff3eed4a 1154 if (XSTRNCMP(type, "SHA256", 6) == 0) {
sPymbed 0:1387ff3eed4a 1155 hashType = WC_SHA256;
sPymbed 0:1387ff3eed4a 1156 }
sPymbed 0:1387ff3eed4a 1157 #ifdef WOLFSSL_SHA224
sPymbed 0:1387ff3eed4a 1158 else if (XSTRNCMP(type, "SHA224", 6) == 0) {
sPymbed 0:1387ff3eed4a 1159 hashType = WC_SHA224;
sPymbed 0:1387ff3eed4a 1160 }
sPymbed 0:1387ff3eed4a 1161 #endif
sPymbed 0:1387ff3eed4a 1162 #ifdef WOLFSSL_SHA384
sPymbed 0:1387ff3eed4a 1163 else if (XSTRNCMP(type, "SHA384", 6) == 0) {
sPymbed 0:1387ff3eed4a 1164 hashType = WC_SHA384;
sPymbed 0:1387ff3eed4a 1165 }
sPymbed 0:1387ff3eed4a 1166 #endif
sPymbed 0:1387ff3eed4a 1167 #ifdef WOLFSSL_SHA512
sPymbed 0:1387ff3eed4a 1168 else if (XSTRNCMP(type, "SHA512", 6) == 0) {
sPymbed 0:1387ff3eed4a 1169 hashType = WC_SHA512;
sPymbed 0:1387ff3eed4a 1170 }
sPymbed 0:1387ff3eed4a 1171 #endif
sPymbed 0:1387ff3eed4a 1172 #ifndef NO_MD5
sPymbed 0:1387ff3eed4a 1173 else if (XSTRNCMP(type, "MD5", 3) == 0) {
sPymbed 0:1387ff3eed4a 1174 hashType = WC_MD5;
sPymbed 0:1387ff3eed4a 1175 }
sPymbed 0:1387ff3eed4a 1176 #endif
sPymbed 0:1387ff3eed4a 1177 #ifndef NO_SHA
sPymbed 0:1387ff3eed4a 1178 /* has to be last since would pick or 224, 256, 384, or 512 too */
sPymbed 0:1387ff3eed4a 1179 else if (XSTRNCMP(type, "SHA", 3) == 0) {
sPymbed 0:1387ff3eed4a 1180 hashType = WC_SHA;
sPymbed 0:1387ff3eed4a 1181 }
sPymbed 0:1387ff3eed4a 1182 #endif /* NO_SHA */
sPymbed 0:1387ff3eed4a 1183 else
sPymbed 0:1387ff3eed4a 1184 return BAD_FUNC_ARG;
sPymbed 0:1387ff3eed4a 1185
sPymbed 0:1387ff3eed4a 1186 key = wolfSSL_EVP_PKEY_get0_hmac(pkey, &keySz);
sPymbed 0:1387ff3eed4a 1187
sPymbed 0:1387ff3eed4a 1188 if (wc_HmacInit(&ctx->hash.hmac, NULL, INVALID_DEVID) != 0)
sPymbed 0:1387ff3eed4a 1189 return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 1190
sPymbed 0:1387ff3eed4a 1191 if (wc_HmacSetKey(&ctx->hash.hmac, hashType, key, (word32)keySz) != 0)
sPymbed 0:1387ff3eed4a 1192 return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 1193
sPymbed 0:1387ff3eed4a 1194 ctx->macType = NID_hmac & 0xFF;
sPymbed 0:1387ff3eed4a 1195
sPymbed 0:1387ff3eed4a 1196 return WOLFSSL_SUCCESS;
sPymbed 0:1387ff3eed4a 1197 }
sPymbed 0:1387ff3eed4a 1198
sPymbed 0:1387ff3eed4a 1199
sPymbed 0:1387ff3eed4a 1200 int wolfSSL_EVP_DigestSignUpdate(WOLFSSL_EVP_MD_CTX *ctx,
sPymbed 0:1387ff3eed4a 1201 const void *d, unsigned int cnt)
sPymbed 0:1387ff3eed4a 1202 {
sPymbed 0:1387ff3eed4a 1203 WOLFSSL_ENTER("EVP_DigestSignFinal");
sPymbed 0:1387ff3eed4a 1204
sPymbed 0:1387ff3eed4a 1205 if (ctx->macType != (NID_hmac & 0xFF))
sPymbed 0:1387ff3eed4a 1206 return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 1207
sPymbed 0:1387ff3eed4a 1208 if (wc_HmacUpdate(&ctx->hash.hmac, (const byte *)d, cnt) != 0)
sPymbed 0:1387ff3eed4a 1209 return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 1210
sPymbed 0:1387ff3eed4a 1211 return WOLFSSL_SUCCESS;
sPymbed 0:1387ff3eed4a 1212 }
sPymbed 0:1387ff3eed4a 1213
sPymbed 0:1387ff3eed4a 1214
sPymbed 0:1387ff3eed4a 1215 int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx,
sPymbed 0:1387ff3eed4a 1216 unsigned char *sig, size_t *siglen)
sPymbed 0:1387ff3eed4a 1217 {
sPymbed 0:1387ff3eed4a 1218 unsigned char digest[WC_MAX_DIGEST_SIZE];
sPymbed 0:1387ff3eed4a 1219 Hmac hmacCopy;
sPymbed 0:1387ff3eed4a 1220 int hashLen, ret;
sPymbed 0:1387ff3eed4a 1221
sPymbed 0:1387ff3eed4a 1222 WOLFSSL_ENTER("EVP_DigestSignFinal");
sPymbed 0:1387ff3eed4a 1223
sPymbed 0:1387ff3eed4a 1224 if (ctx == NULL || siglen == NULL)
sPymbed 0:1387ff3eed4a 1225 return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 1226
sPymbed 0:1387ff3eed4a 1227 if (ctx->macType != (NID_hmac & 0xFF))
sPymbed 0:1387ff3eed4a 1228 return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 1229
sPymbed 0:1387ff3eed4a 1230 switch (ctx->hash.hmac.macType) {
sPymbed 0:1387ff3eed4a 1231 #ifndef NO_MD5
sPymbed 0:1387ff3eed4a 1232 case WC_MD5:
sPymbed 0:1387ff3eed4a 1233 hashLen = WC_MD5_DIGEST_SIZE;
sPymbed 0:1387ff3eed4a 1234 break;
sPymbed 0:1387ff3eed4a 1235 #endif /* !NO_MD5 */
sPymbed 0:1387ff3eed4a 1236
sPymbed 0:1387ff3eed4a 1237 #ifndef NO_SHA
sPymbed 0:1387ff3eed4a 1238 case WC_SHA:
sPymbed 0:1387ff3eed4a 1239 hashLen = WC_SHA_DIGEST_SIZE;
sPymbed 0:1387ff3eed4a 1240 break;
sPymbed 0:1387ff3eed4a 1241 #endif /* !NO_SHA */
sPymbed 0:1387ff3eed4a 1242
sPymbed 0:1387ff3eed4a 1243 #ifdef WOLFSSL_SHA224
sPymbed 0:1387ff3eed4a 1244 case WC_SHA224:
sPymbed 0:1387ff3eed4a 1245 hashLen = WC_SHA224_DIGEST_SIZE;
sPymbed 0:1387ff3eed4a 1246 break;
sPymbed 0:1387ff3eed4a 1247 #endif /* WOLFSSL_SHA224 */
sPymbed 0:1387ff3eed4a 1248
sPymbed 0:1387ff3eed4a 1249 #ifndef NO_SHA256
sPymbed 0:1387ff3eed4a 1250 case WC_SHA256:
sPymbed 0:1387ff3eed4a 1251 hashLen = WC_SHA256_DIGEST_SIZE;
sPymbed 0:1387ff3eed4a 1252 break;
sPymbed 0:1387ff3eed4a 1253 #endif /* !NO_SHA256 */
sPymbed 0:1387ff3eed4a 1254
sPymbed 0:1387ff3eed4a 1255 #ifdef WOLFSSL_SHA512
sPymbed 0:1387ff3eed4a 1256 #ifdef WOLFSSL_SHA384
sPymbed 0:1387ff3eed4a 1257 case WC_SHA384:
sPymbed 0:1387ff3eed4a 1258 hashLen = WC_SHA384_DIGEST_SIZE;
sPymbed 0:1387ff3eed4a 1259 break;
sPymbed 0:1387ff3eed4a 1260 #endif /* WOLFSSL_SHA384 */
sPymbed 0:1387ff3eed4a 1261 case WC_SHA512:
sPymbed 0:1387ff3eed4a 1262 hashLen = WC_SHA512_DIGEST_SIZE;
sPymbed 0:1387ff3eed4a 1263 break;
sPymbed 0:1387ff3eed4a 1264 #endif /* WOLFSSL_SHA512 */
sPymbed 0:1387ff3eed4a 1265
sPymbed 0:1387ff3eed4a 1266 #ifdef HAVE_BLAKE2
sPymbed 0:1387ff3eed4a 1267 case BLAKE2B_ID:
sPymbed 0:1387ff3eed4a 1268 hashLen = BLAKE2B_OUTBYTES;
sPymbed 0:1387ff3eed4a 1269 break;
sPymbed 0:1387ff3eed4a 1270 #endif /* HAVE_BLAKE2 */
sPymbed 0:1387ff3eed4a 1271
sPymbed 0:1387ff3eed4a 1272 default:
sPymbed 0:1387ff3eed4a 1273 return 0;
sPymbed 0:1387ff3eed4a 1274 }
sPymbed 0:1387ff3eed4a 1275
sPymbed 0:1387ff3eed4a 1276 if (sig == NULL) {
sPymbed 0:1387ff3eed4a 1277 *siglen = hashLen;
sPymbed 0:1387ff3eed4a 1278 return WOLFSSL_SUCCESS;
sPymbed 0:1387ff3eed4a 1279 }
sPymbed 0:1387ff3eed4a 1280
sPymbed 0:1387ff3eed4a 1281 if ((int)(*siglen) > hashLen)
sPymbed 0:1387ff3eed4a 1282 *siglen = hashLen;
sPymbed 0:1387ff3eed4a 1283
sPymbed 0:1387ff3eed4a 1284 XMEMCPY(&hmacCopy, &ctx->hash.hmac, sizeof(hmacCopy));
sPymbed 0:1387ff3eed4a 1285 ret = wc_HmacFinal(&hmacCopy, digest) == 0;
sPymbed 0:1387ff3eed4a 1286 if (ret == 1)
sPymbed 0:1387ff3eed4a 1287 XMEMCPY(sig, digest, *siglen);
sPymbed 0:1387ff3eed4a 1288
sPymbed 0:1387ff3eed4a 1289 ForceZero(&hmacCopy, sizeof(hmacCopy));
sPymbed 0:1387ff3eed4a 1290 ForceZero(digest, sizeof(digest));
sPymbed 0:1387ff3eed4a 1291 return ret;
sPymbed 0:1387ff3eed4a 1292 }
sPymbed 0:1387ff3eed4a 1293 #endif /* WOLFSSL_EVP_INCLUDED */
sPymbed 0:1387ff3eed4a 1294
sPymbed 0:1387ff3eed4a 1295 #if defined(OPENSSL_EXTRA) && !defined(NO_PWDBASED) && !defined(NO_SHA)
sPymbed 0:1387ff3eed4a 1296 WOLFSSL_API int wolfSSL_PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
sPymbed 0:1387ff3eed4a 1297 const unsigned char *salt,
sPymbed 0:1387ff3eed4a 1298 int saltlen, int iter,
sPymbed 0:1387ff3eed4a 1299 int keylen, unsigned char *out)
sPymbed 0:1387ff3eed4a 1300 {
sPymbed 0:1387ff3eed4a 1301 const char *nostring = "";
sPymbed 0:1387ff3eed4a 1302 int ret = 0;
sPymbed 0:1387ff3eed4a 1303
sPymbed 0:1387ff3eed4a 1304 if (pass == NULL) {
sPymbed 0:1387ff3eed4a 1305 passlen = 0;
sPymbed 0:1387ff3eed4a 1306 pass = nostring;
sPymbed 0:1387ff3eed4a 1307 } else if (passlen == -1) {
sPymbed 0:1387ff3eed4a 1308 passlen = (int)XSTRLEN(pass);
sPymbed 0:1387ff3eed4a 1309 }
sPymbed 0:1387ff3eed4a 1310
sPymbed 0:1387ff3eed4a 1311 ret = wc_PBKDF2((byte*)out, (byte*)pass, passlen, (byte*)salt, saltlen,
sPymbed 0:1387ff3eed4a 1312 iter, keylen, WC_SHA);
sPymbed 0:1387ff3eed4a 1313 if (ret == 0)
sPymbed 0:1387ff3eed4a 1314 return WOLFSSL_SUCCESS;
sPymbed 0:1387ff3eed4a 1315 else
sPymbed 0:1387ff3eed4a 1316 return WOLFSSL_FAILURE;
sPymbed 0:1387ff3eed4a 1317 }
sPymbed 0:1387ff3eed4a 1318 #endif /* OPENSSL_EXTRA && !NO_PWDBASED !NO_SHA*/
sPymbed 0:1387ff3eed4a 1319