Bug fixes for when certain options are disabled
connerwolfssl
parent
c830060820
commit
9a11636cb2
|
|
@ -6,7 +6,7 @@ This is the wolfSSL: Command Line Utility (wolfCLU).
|
|||
|
||||
To use this feature, please configure and install wolfssl with the following commands:
|
||||
|
||||
./configure --enable-pwdbased --enable-opensslextra && make && make check
|
||||
./configure --enable-pwdbased --enable-opensslextra --enable-keygen && make && make check
|
||||
|
||||
If that succeeds, run:
|
||||
|
||||
|
|
@ -21,6 +21,8 @@ hexidecimal values.
|
|||
|
||||
`--enable-base64encode` enables Base64 encoding (not on by default)
|
||||
|
||||
`--enable-keygen` enables key generation (not on by default)
|
||||
|
||||
|
||||
Additional features that can be included when configuring wolfssl for
|
||||
encryption or decryption are:
|
||||
|
|
|
|||
|
|
@ -116,7 +116,7 @@ int wolfCLU_decrypt(char* alg, char* mode, byte* pwdKey, byte* key, int size,
|
|||
/* replicates old pwdKey if pwdKeys match */
|
||||
if (keyType == 1) {
|
||||
if (wc_PBKDF2(key, pwdKey, (int) strlen((const char*)pwdKey), salt,
|
||||
SALT_SIZE, 4096, size, SHA256) != 0) {
|
||||
SALT_SIZE, 4096, size, WC_SHA256) != 0) {
|
||||
printf("pwdKey set error.\n");
|
||||
wolfCLU_freeBins(input, output, NULL, NULL, NULL);
|
||||
return ENCRYPT_ERROR;
|
||||
|
|
|
|||
|
|
@ -159,8 +159,12 @@ int wolfCLU_genKey_ECC(RNG* rng, char* fName, int directive, int fmt,
|
|||
char fExtPriv[6] = ".priv\0";
|
||||
char fExtPub[6] = ".pub\0\0";
|
||||
char* fOutNameBuf = NULL;
|
||||
|
||||
|
||||
#ifdef NO_AES
|
||||
size_t maxDerBufSz = 4 * keySz * keySz-42;
|
||||
#else
|
||||
size_t maxDerBufSz = 4 * keySz * AES_BLOCK_SIZE;
|
||||
#endif
|
||||
byte* derBuf = NULL;
|
||||
int derBufSz = -1;
|
||||
|
||||
|
|
@ -299,7 +303,11 @@ int wolfCLU_genKey_RSA(RNG* rng, char* fName, int directive, int fmt, int
|
|||
char fExtPub[6] = ".pub\0\0";
|
||||
char* fOutNameBuf = NULL;
|
||||
|
||||
size_t maxDerBufSz = 5 * keySz * AES_BLOCK_SIZE;
|
||||
#ifdef NO_AES
|
||||
size_t maxDerBufSz = 4 * keySz * keySz-42;
|
||||
#else
|
||||
size_t maxDerBufSz = 4 * keySz * AES_BLOCK_SIZE;
|
||||
#endif
|
||||
byte* derBuf = NULL;
|
||||
int derBufSz = -1;
|
||||
|
||||
|
|
@ -443,7 +451,7 @@ int wolfCLU_genKey_PWDBASED(RNG* rng, byte* pwdKey, int size, byte* salt, int pa
|
|||
|
||||
/* stretches pwdKey */
|
||||
ret = (int) wc_PBKDF2(pwdKey, pwdKey, (int) strlen((const char*)pwdKey), salt, SALT_SIZE,
|
||||
4096, size, SHA256);
|
||||
4096, size, WC_SHA256);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
|
|
|
|||
|
|
@ -100,27 +100,27 @@ int wolfCLU_hash(char* in, char* out, char* alg, int size)
|
|||
}
|
||||
#endif
|
||||
#ifndef NO_SHA
|
||||
else if (strcmp(alg, "sha") == 0) {
|
||||
if (strcmp(alg, "sha") == 0) {
|
||||
ret = wc_ShaHash(input, length, output);
|
||||
}
|
||||
#endif
|
||||
#ifndef NO_SHA256
|
||||
else if (strcmp(alg, "sha256") == 0) {
|
||||
if (strcmp(alg, "sha256") == 0) {
|
||||
ret = wc_Sha256Hash(input, length, output);
|
||||
}
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA384
|
||||
else if (strcmp(alg, "sha384") == 0) {
|
||||
if (strcmp(alg, "sha384") == 0) {
|
||||
ret = wc_Sha384Hash(input, length, output);
|
||||
}
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA512
|
||||
else if (strcmp(alg, "sha512") == 0) {
|
||||
if (strcmp(alg, "sha512") == 0) {
|
||||
ret = wc_Sha512Hash(input, length, output);
|
||||
}
|
||||
#endif
|
||||
#ifdef HAVE_BLAKE2
|
||||
else if (strcmp(alg, "blake2b") == 0) {
|
||||
if (strcmp(alg, "blake2b") == 0) {
|
||||
ret = wc_InitBlake2b(&hash, size);
|
||||
if (ret != 0) return ret;
|
||||
ret = wc_Blake2bUpdate(&hash, input, length);
|
||||
|
|
@ -132,12 +132,12 @@ int wolfCLU_hash(char* in, char* out, char* alg, int size)
|
|||
|
||||
#ifndef NO_CODING
|
||||
#ifdef WOLFSSL_BASE64_ENCODE
|
||||
else if (strcmp(alg, "base64enc") == 0) {
|
||||
if (strcmp(alg, "base64enc") == 0) {
|
||||
ret = Base64_Encode(input, length, output, (word32*)&size);
|
||||
outputAsHexString = 0;
|
||||
}
|
||||
#endif /* WOLFSSL_BASE64_ENCODE */
|
||||
else if (strcmp(alg, "base64dec") == 0) {
|
||||
if (strcmp(alg, "base64dec") == 0) {
|
||||
ret = Base64_Decode(input, length, output, (word32*)&size);
|
||||
outputAsHexString = 0;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -79,8 +79,9 @@ void wolfCLU_verboseHelp()
|
|||
|
||||
/* hash options */
|
||||
const char* algsenc[] = { /* list of acceptable algorithms */
|
||||
"Algorihms:"
|
||||
#ifndef NO_MD5
|
||||
"md5"
|
||||
,"md5"
|
||||
#endif
|
||||
#ifndef NO_SHA
|
||||
,"sha"
|
||||
|
|
@ -107,8 +108,9 @@ void wolfCLU_verboseHelp()
|
|||
|
||||
/* benchmark options */
|
||||
const char* algsother[] = { /* list of acceptable algorithms */
|
||||
"ALGS: "
|
||||
#ifndef NO_AES
|
||||
"aes-cbc"
|
||||
, "aes-cbc"
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_COUNTER
|
||||
, "aes-ctr"
|
||||
|
|
@ -234,8 +236,9 @@ void wolfCLU_hashHelp()
|
|||
printf("\n");
|
||||
/* hash options */
|
||||
const char* algsenc[] = { /* list of acceptable algorithms */
|
||||
"Algorithms: "
|
||||
#ifndef NO_MD5
|
||||
"md5"
|
||||
,"md5"
|
||||
#endif
|
||||
#ifndef NO_SHA
|
||||
,"sha"
|
||||
|
|
@ -280,8 +283,9 @@ void wolfCLU_benchHelp()
|
|||
|
||||
/* benchmark options */
|
||||
const char* algsother[] = { /* list of acceptable algorithms */
|
||||
"ALGS: "
|
||||
#ifndef NO_AES
|
||||
"aes-cbc"
|
||||
, "aes-cbc"
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_COUNTER
|
||||
, "aes-ctr"
|
||||
|
|
@ -340,6 +344,24 @@ void wolfCLU_certHelp()
|
|||
}
|
||||
|
||||
void wolfCLU_genKeyHelp() {
|
||||
|
||||
const char* keysother[] = { /* list of acceptable key types */
|
||||
"KEYS: "
|
||||
#ifdef HAVE_ED25519
|
||||
,"ed25519"
|
||||
#endif
|
||||
#ifdef HAVE_ECC
|
||||
,"ecc"
|
||||
#endif
|
||||
#ifdef HAVE_CURVE25519
|
||||
,"curve25519"
|
||||
#endif
|
||||
};
|
||||
|
||||
printf("Available keys with current configure settings:\n");
|
||||
for(i = 0; i < (int) sizeof(keysother)/(int) sizeof(keysother[0]); i++) {
|
||||
printf("%s\n", keysother[i]);
|
||||
}
|
||||
printf("\n\n");
|
||||
printf("***************************************************************\n");
|
||||
printf("\ngenkey USAGE:\nwolfssl -genkey <keytype> -out <filename> -outform"
|
||||
|
|
@ -364,8 +386,9 @@ int wolfCLU_getAlgo(char* name, char** alg, char** mode, int* size)
|
|||
char* sz = 0; /* key size provided */
|
||||
|
||||
const char* acceptAlgs[] = { /* list of acceptable algorithms */
|
||||
"ALGS: "
|
||||
#ifndef NO_AES
|
||||
"aes"
|
||||
, "aes"
|
||||
#endif
|
||||
#ifndef NO_DES3
|
||||
, "3des"
|
||||
|
|
@ -406,38 +429,50 @@ int wolfCLU_getAlgo(char* name, char** alg, char** mode, int* size)
|
|||
*size = atoi(sz);
|
||||
|
||||
/* checks key sizes for acceptability */
|
||||
#ifndef NO_AES
|
||||
if (strcmp(*alg, "aes") == 0) {
|
||||
#ifdef NO_AES
|
||||
printf("AES not compiled in.\n");
|
||||
return NOT_COMPILED_IN;
|
||||
#else
|
||||
ret = AES_BLOCK_SIZE;
|
||||
if (*size != 128 && *size != 192 && *size != 256) {
|
||||
printf("Invalid AES pwdKey size. Should be: %d\n", ret);
|
||||
ret = FATAL_ERROR;
|
||||
}
|
||||
#endif
|
||||
}
|
||||
#endif
|
||||
#ifndef NO_DES3
|
||||
|
||||
else if (strcmp(*alg, "3des") == 0) {
|
||||
#ifdef NO_DES3
|
||||
printf("3DES not compiled in.\n");
|
||||
return NOT_COMPILED_IN;
|
||||
#else
|
||||
ret = DES3_BLOCK_SIZE;
|
||||
if (*size != 56 && *size != 112 && *size != 168) {
|
||||
printf("Invalid 3DES pwdKey size\n");
|
||||
ret = FATAL_ERROR;
|
||||
}
|
||||
#endif
|
||||
}
|
||||
#endif
|
||||
#ifdef HAVE_CAMELLIA
|
||||
|
||||
else if (strcmp(*alg, "camellia") == 0) {
|
||||
#ifndef HAVE_CAMELIA
|
||||
printf("CAMELIA not compile in.\n");
|
||||
return NOT_COMPILED_IN;
|
||||
#else
|
||||
ret = CAMELLIA_BLOCK_SIZE;
|
||||
if (*size != 128 && *size != 192 && *size != 256) {
|
||||
printf("Invalid Camellia pwdKey size\n");
|
||||
ret = FATAL_ERROR;
|
||||
}
|
||||
#endif
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
else {
|
||||
printf("Invalid algorithm: %s\n", *alg);
|
||||
ret = FATAL_ERROR;
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue