diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c index 02af3d605..a909325f8 100644 --- a/wolfcrypt/src/evp.c +++ b/wolfcrypt/src/evp.c @@ -5051,7 +5051,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) } #endif - /* WOLFSSL_SUCCESS on ok */ + /* Return length on ok */ int wolfSSL_EVP_Cipher(WOLFSSL_EVP_CIPHER_CTX* ctx, byte* dst, byte* src, word32 len) { @@ -5064,12 +5064,12 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) ctx->cipherType != AES_192_GCM_TYPE && ctx->cipherType != AES_256_GCM_TYPE)) { WOLFSSL_MSG("Bad function argument"); - return 0; /* failure */ + return WOLFSSL_FATAL_ERROR; } if (ctx->cipherType == 0xff) { WOLFSSL_MSG("no init"); - return 0; /* failure */ + return WOLFSSL_FATAL_ERROR; } switch (ctx->cipherType) { @@ -5084,6 +5084,8 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) ret = wc_AesCbcEncrypt(&ctx->cipher.aes, dst, src, len); else ret = wc_AesCbcDecrypt(&ctx->cipher.aes, dst, src, len); + if (ret == 0) + ret = (len / AES_BLOCK_SIZE) * AES_BLOCK_SIZE; break; #endif /* HAVE_AES_CBC */ @@ -5097,6 +5099,8 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) ret = wc_AesCfb1Encrypt(&ctx->cipher.aes, dst, src, len); else ret = wc_AesCfb1Decrypt(&ctx->cipher.aes, dst, src, len); + if (ret == 0) + ret = len; break; case AES_128_CFB8_TYPE: case AES_192_CFB8_TYPE: @@ -5106,6 +5110,8 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) ret = wc_AesCfb8Encrypt(&ctx->cipher.aes, dst, src, len); else ret = wc_AesCfb8Decrypt(&ctx->cipher.aes, dst, src, len); + if (ret == 0) + ret = len; break; #endif /* !HAVE_SELFTEST && !HAVE_FIPS */ case AES_128_CFB128_TYPE: @@ -5116,6 +5122,8 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) ret = wc_AesCfbEncrypt(&ctx->cipher.aes, dst, src, len); else ret = wc_AesCfbDecrypt(&ctx->cipher.aes, dst, src, len); + if (ret == 0) + ret = len; break; #endif /* WOLFSSL_AES_CFB */ #if defined(WOLFSSL_AES_OFB) @@ -5127,6 +5135,8 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) ret = wc_AesOfbEncrypt(&ctx->cipher.aes, dst, src, len); else ret = wc_AesOfbDecrypt(&ctx->cipher.aes, dst, src, len); + if (ret == 0) + ret = len; break; #endif /* WOLFSSL_AES_OFB */ #if defined(WOLFSSL_AES_XTS) @@ -5139,6 +5149,8 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) else ret = wc_AesXtsDecrypt(&ctx->cipher.xts, dst, src, len, ctx->iv, ctx->ivSz); + if (ret == 0) + ret = len; break; #endif /* WOLFSSL_AES_XTS */ @@ -5185,7 +5197,8 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) ctx->authTagSz, NULL, 0); } } - + if (ret == 0) + ret = len; break; #endif /* HAVE_AESGCM */ #ifdef HAVE_AES_ECB @@ -5197,14 +5210,18 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) ret = wc_AesEcbEncrypt(&ctx->cipher.aes, dst, src, len); else ret = wc_AesEcbDecrypt(&ctx->cipher.aes, dst, src, len); + if (ret == 0) + ret = (len / AES_BLOCK_SIZE) * AES_BLOCK_SIZE; break; #endif #ifdef WOLFSSL_AES_COUNTER case AES_128_CTR_TYPE : case AES_192_CTR_TYPE : case AES_256_CTR_TYPE : - WOLFSSL_MSG("AES CTR"); - ret = wc_AesCtrEncrypt(&ctx->cipher.aes, dst, src, len); + WOLFSSL_MSG("AES CTR"); + ret = wc_AesCtrEncrypt(&ctx->cipher.aes, dst, src, len); + if (ret == 0) + ret = len; break; #endif /* WOLFSSL_AES_COUNTER */ #endif /* NO_AES */ @@ -5216,6 +5233,8 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) wc_Des_CbcEncrypt(&ctx->cipher.des, dst, src, len); else wc_Des_CbcDecrypt(&ctx->cipher.des, dst, src, len); + if (ret == 0) + ret = (len / DES_BLOCK_SIZE) * DES_BLOCK_SIZE; break; case DES_EDE3_CBC_TYPE : WOLFSSL_MSG("DES3 CBC"); @@ -5223,15 +5242,21 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) ret = wc_Des3_CbcEncrypt(&ctx->cipher.des3, dst, src, len); else ret = wc_Des3_CbcDecrypt(&ctx->cipher.des3, dst, src, len); + if (ret == 0) + ret = (len / DES_BLOCK_SIZE) * DES_BLOCK_SIZE; break; #ifdef WOLFSSL_DES_ECB case DES_ECB_TYPE : WOLFSSL_MSG("DES ECB"); ret = wc_Des_EcbEncrypt(&ctx->cipher.des, dst, src, len); + if (ret == 0) + ret = (len / DES_BLOCK_SIZE) * DES_BLOCK_SIZE; break; case DES_EDE3_ECB_TYPE : WOLFSSL_MSG("DES3 ECB"); ret = wc_Des3_EcbEncrypt(&ctx->cipher.des3, dst, src, len); + if (ret == 0) + ret = (len / DES_BLOCK_SIZE) * DES_BLOCK_SIZE; break; #endif #endif /* !NO_DES3 */ @@ -5240,6 +5265,8 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) case ARC4_TYPE : WOLFSSL_MSG("ARC4"); wc_Arc4Process(&ctx->cipher.arc4, dst, src, len); + if (ret == 0) + ret = len; break; #endif @@ -5250,30 +5277,33 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) wc_IdeaCbcEncrypt(&ctx->cipher.idea, dst, src, len); else wc_IdeaCbcDecrypt(&ctx->cipher.idea, dst, src, len); + if (ret == 0) + ret = (len / IDEA_BLOCK_SIZE) * IDEA_BLOCK_SIZE; break; #endif case NULL_CIPHER_TYPE : WOLFSSL_MSG("NULL CIPHER"); XMEMCPY(dst, src, len); + ret = len; break; default: { WOLFSSL_MSG("bad type"); - return 0; /* failure */ + return WOLFSSL_FATAL_ERROR; } } - if (ret != 0) { + if (ret < 0) { WOLFSSL_MSG("wolfSSL_EVP_Cipher failure"); - return 0; /* failure */ + return WOLFSSL_FATAL_ERROR; } if (wolfSSL_StoreExternalIV(ctx) != WOLFSSL_SUCCESS) { - return WOLFSSL_FAILURE; + return WOLFSSL_FATAL_ERROR; } WOLFSSL_MSG("wolfSSL_EVP_Cipher success"); - return WOLFSSL_SUCCESS; /* success */ + return ret; } /* WOLFSSL_SUCCESS on ok */ diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index cd85a33a5..a0955c45b 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -16203,7 +16203,7 @@ static int openssl_aes_test(void) if (EVP_CipherInit(&ctx, EVP_aes_128_cbc(), key, iv, 1) == 0) return -8469; - if (EVP_Cipher(&ctx, cipher, (byte*)msg, 16) == 0) + if (EVP_Cipher(&ctx, cipher, (byte*)msg, 16) != 16) return -8470; if (XMEMCMP(cipher, verify, AES_BLOCK_SIZE)) @@ -16213,7 +16213,7 @@ static int openssl_aes_test(void) if (EVP_CipherInit(&ctx, EVP_aes_128_cbc(), key, iv, 0) == 0) return -8472; - if (EVP_Cipher(&ctx, plain, cipher, 16) == 0) + if (EVP_Cipher(&ctx, plain, cipher, 16) != 16) return -8473; if (XMEMCMP(plain, msg, AES_BLOCK_SIZE)) @@ -16255,7 +16255,7 @@ static int openssl_aes_test(void) if (EVP_CipherInit(&ctx, EVP_aes_256_ecb(), (unsigned char*)key, NULL, 1) == 0) return -8475; - if (EVP_Cipher(&ctx, cipher, (byte*)msg, 16) == 0) + if (EVP_Cipher(&ctx, cipher, (byte*)msg, 16) != 16) return -8476; if (XMEMCMP(cipher, verify, AES_BLOCK_SIZE)) @@ -16265,7 +16265,7 @@ static int openssl_aes_test(void) if (EVP_CipherInit(&ctx, EVP_aes_256_ecb(), (unsigned char*)key, NULL, 0) == 0) return -8478; - if (EVP_Cipher(&ctx, plain, cipher, 16) == 0) + if (EVP_Cipher(&ctx, plain, cipher, 16) != 16) return -8479; if (XMEMCMP(plain, msg, AES_BLOCK_SIZE)) @@ -16445,7 +16445,7 @@ static int openssl_aes_test(void) (unsigned char*)ctrKey, (unsigned char*)ctrIv, 0) == 0) return -8483; if (EVP_Cipher(&en, (byte*)cipherBuff, (byte*)ctrPlain, - AES_BLOCK_SIZE*4) == 0) + AES_BLOCK_SIZE*4) != AES_BLOCK_SIZE*4) return -8484; EVP_CIPHER_CTX_init(&de); if (EVP_CipherInit(&de, EVP_aes_128_ctr(), @@ -16453,7 +16453,7 @@ static int openssl_aes_test(void) return -8485; if (EVP_Cipher(&de, (byte*)plainBuff, (byte*)cipherBuff, - AES_BLOCK_SIZE*4) == 0) + AES_BLOCK_SIZE*4) != AES_BLOCK_SIZE*4) return -8486; if (XMEMCMP(cipherBuff, ctrCipher, AES_BLOCK_SIZE*4)) @@ -16472,14 +16472,14 @@ static int openssl_aes_test(void) (unsigned char*)ctrKey, (unsigned char*)ctrIv, 0) == 0) return -8491; if (EVP_Cipher(p_en, (byte*)cipherBuff, (byte*)ctrPlain, - AES_BLOCK_SIZE*4) == 0) + AES_BLOCK_SIZE*4) != AES_BLOCK_SIZE*4) return -8492; if (EVP_CipherInit(p_de, EVP_aes_128_ctr(), (unsigned char*)ctrKey, (unsigned char*)ctrIv, 0) == 0) return -8493; if (EVP_Cipher(p_de, (byte*)plainBuff, (byte*)cipherBuff, - AES_BLOCK_SIZE*4) == 0) + AES_BLOCK_SIZE*4) != AES_BLOCK_SIZE*4) return -8494; wolfSSL_EVP_CIPHER_CTX_free(p_en); @@ -16494,7 +16494,7 @@ static int openssl_aes_test(void) if (EVP_CipherInit(&en, EVP_aes_128_ctr(), (unsigned char*)ctrKey, (unsigned char*)ctrIv, 0) == 0) return -8497; - if (EVP_Cipher(&en, (byte*)cipherBuff, (byte*)ctrPlain, 9) == 0) + if (EVP_Cipher(&en, (byte*)cipherBuff, (byte*)ctrPlain, 9) != 9) return -8498; EVP_CIPHER_CTX_init(&de); @@ -16502,7 +16502,7 @@ static int openssl_aes_test(void) (unsigned char*)ctrKey, (unsigned char*)ctrIv, 0) == 0) return -8499; - if (EVP_Cipher(&de, (byte*)plainBuff, (byte*)cipherBuff, 9) == 0) + if (EVP_Cipher(&de, (byte*)plainBuff, (byte*)cipherBuff, 9) != 9) return -8500; if (XMEMCMP(plainBuff, ctrPlain, 9)) @@ -16510,9 +16510,9 @@ static int openssl_aes_test(void) if (XMEMCMP(cipherBuff, ctrCipher, 9)) return -8502; - if (EVP_Cipher(&en, (byte*)cipherBuff, (byte*)ctrPlain, 9) == 0) + if (EVP_Cipher(&en, (byte*)cipherBuff, (byte*)ctrPlain, 9) != 9) return -8503; - if (EVP_Cipher(&de, (byte*)plainBuff, (byte*)cipherBuff, 9) == 0) + if (EVP_Cipher(&de, (byte*)plainBuff, (byte*)cipherBuff, 9) != 9) return -8504; if (XMEMCMP(plainBuff, ctrPlain, 9)) @@ -16527,7 +16527,7 @@ static int openssl_aes_test(void) (unsigned char*)ctr192Key, (unsigned char*)ctr192Iv, 0) == 0) return -8507; if (EVP_Cipher(&en, (byte*)cipherBuff, (byte*)ctr192Plain, - AES_BLOCK_SIZE) == 0) + AES_BLOCK_SIZE) != AES_BLOCK_SIZE) return -8508; EVP_CIPHER_CTX_init(&de); if (EVP_CipherInit(&de, EVP_aes_192_ctr(), @@ -16536,7 +16536,7 @@ static int openssl_aes_test(void) XMEMSET(plainBuff, 0, sizeof(plainBuff)); if (EVP_Cipher(&de, (byte*)plainBuff, (byte*)cipherBuff, - AES_BLOCK_SIZE) == 0) + AES_BLOCK_SIZE) != AES_BLOCK_SIZE) return -8510; if (XMEMCMP(plainBuff, ctr192Plain, sizeof(ctr192Plain))) @@ -16551,7 +16551,7 @@ static int openssl_aes_test(void) (unsigned char*)ctr256Key, (unsigned char*)ctr256Iv, 0) == 0) return -8513; if (EVP_Cipher(&en, (byte*)cipherBuff, (byte*)ctr256Plain, - AES_BLOCK_SIZE) == 0) + AES_BLOCK_SIZE) != AES_BLOCK_SIZE) return -8514; EVP_CIPHER_CTX_init(&de); if (EVP_CipherInit(&de, EVP_aes_256_ctr(), @@ -16560,7 +16560,7 @@ static int openssl_aes_test(void) XMEMSET(plainBuff, 0, sizeof(plainBuff)); if (EVP_Cipher(&de, (byte*)plainBuff, (byte*)cipherBuff, - AES_BLOCK_SIZE) == 0) + AES_BLOCK_SIZE) != AES_BLOCK_SIZE) return -8516; if (XMEMCMP(plainBuff, ctr256Plain, sizeof(ctr256Plain))) @@ -17098,7 +17098,7 @@ static int openssl_test(void) if (ret == WOLFSSL_SUCCESS) ret = EVP_Cipher(&ctx, cipher, (byte*)msg, 16); EVP_CIPHER_CTX_cleanup(&ctx); - if (ret != WOLFSSL_SUCCESS) + if (ret != 16) return -8625; if (XMEMCMP(cipher, verify, AES_BLOCK_SIZE)) return -8626; @@ -17108,7 +17108,7 @@ static int openssl_test(void) if (ret == WOLFSSL_SUCCESS) ret = EVP_Cipher(&ctx, plain, cipher, 16); EVP_CIPHER_CTX_cleanup(&ctx); - if (ret != WOLFSSL_SUCCESS) + if (ret != 16) return -8627; if (XMEMCMP(plain, msg, AES_BLOCK_SIZE)) return -8628; @@ -17293,7 +17293,7 @@ static int openssl_test(void) (unsigned char*)ctrKey, (unsigned char*)ctrIv, 0) == 0) return -8629; if (EVP_Cipher(&en, (byte*)cipherBuff, (byte*)ctrPlain, - AES_BLOCK_SIZE*4) == 0) + AES_BLOCK_SIZE*4) != AES_BLOCK_SIZE*4) return -8630; EVP_CIPHER_CTX_init(&de); if (EVP_CipherInit(&de, EVP_aes_128_ctr(), @@ -17301,7 +17301,7 @@ static int openssl_test(void) return -8631; if (EVP_Cipher(&de, (byte*)plainBuff, (byte*)cipherBuff, - AES_BLOCK_SIZE*4) == 0) + AES_BLOCK_SIZE*4) != AES_BLOCK_SIZE*4) return -8632; if (XMEMCMP(cipherBuff, ctrCipher, AES_BLOCK_SIZE*4)) @@ -17318,14 +17318,14 @@ static int openssl_test(void) (unsigned char*)ctrKey, (unsigned char*)ctrIv, 0) == 0) return -8637; if (EVP_Cipher(p_en, (byte*)cipherBuff, (byte*)ctrPlain, - AES_BLOCK_SIZE*4) == 0) + AES_BLOCK_SIZE*4) != AES_BLOCK_SIZE*4) return -8638; if (EVP_CipherInit(p_de, EVP_aes_128_ctr(), (unsigned char*)ctrKey, (unsigned char*)ctrIv, 0) == 0) return -8639; if (EVP_Cipher(p_de, (byte*)plainBuff, (byte*)cipherBuff, - AES_BLOCK_SIZE*4) == 0) + AES_BLOCK_SIZE*4) != AES_BLOCK_SIZE*4) return -8640; wolfSSL_EVP_CIPHER_CTX_free(p_en); @@ -17340,7 +17340,7 @@ static int openssl_test(void) if (EVP_CipherInit(&en, EVP_aes_128_ctr(), (unsigned char*)ctrKey, (unsigned char*)ctrIv, 0) == 0) return -8643; - if (EVP_Cipher(&en, (byte*)cipherBuff, (byte*)ctrPlain, 9) == 0) + if (EVP_Cipher(&en, (byte*)cipherBuff, (byte*)ctrPlain, 9) != 9) return -8644; EVP_CIPHER_CTX_init(&de); @@ -17348,7 +17348,7 @@ static int openssl_test(void) (unsigned char*)ctrKey, (unsigned char*)ctrIv, 0) == 0) return -8645; - if (EVP_Cipher(&de, (byte*)plainBuff, (byte*)cipherBuff, 9) == 0) + if (EVP_Cipher(&de, (byte*)plainBuff, (byte*)cipherBuff, 9) != 9) return -8646; if (XMEMCMP(plainBuff, ctrPlain, 9)) @@ -17356,9 +17356,9 @@ static int openssl_test(void) if (XMEMCMP(cipherBuff, ctrCipher, 9)) return -8648; - if (EVP_Cipher(&en, (byte*)cipherBuff, (byte*)ctrPlain, 9) == 0) + if (EVP_Cipher(&en, (byte*)cipherBuff, (byte*)ctrPlain, 9) != 9) return -8649; - if (EVP_Cipher(&de, (byte*)plainBuff, (byte*)cipherBuff, 9) == 0) + if (EVP_Cipher(&de, (byte*)plainBuff, (byte*)cipherBuff, 9) != 9) return -8650; if (XMEMCMP(plainBuff, ctrPlain, 9)) @@ -17373,7 +17373,7 @@ static int openssl_test(void) (unsigned char*)ctr192Key, (unsigned char*)ctr192Iv, 0) == 0) return -8653; if (EVP_Cipher(&en, (byte*)cipherBuff, (byte*)ctr192Plain, - AES_BLOCK_SIZE) == 0) + AES_BLOCK_SIZE) != AES_BLOCK_SIZE) return -8654; EVP_CIPHER_CTX_init(&de); if (EVP_CipherInit(&de, EVP_aes_192_ctr(), @@ -17382,7 +17382,7 @@ static int openssl_test(void) XMEMSET(plainBuff, 0, sizeof(plainBuff)); if (EVP_Cipher(&de, (byte*)plainBuff, (byte*)cipherBuff, - AES_BLOCK_SIZE) == 0) + AES_BLOCK_SIZE) != AES_BLOCK_SIZE) return -8656; if (XMEMCMP(plainBuff, ctr192Plain, sizeof(ctr192Plain))) @@ -17397,7 +17397,7 @@ static int openssl_test(void) (unsigned char*)ctr256Key, (unsigned char*)ctr256Iv, 0) == 0) return -8659; if (EVP_Cipher(&en, (byte*)cipherBuff, (byte*)ctr256Plain, - AES_BLOCK_SIZE) == 0) + AES_BLOCK_SIZE) != AES_BLOCK_SIZE) return -8660; EVP_CIPHER_CTX_init(&de); if (EVP_CipherInit(&de, EVP_aes_256_ctr(), @@ -17406,7 +17406,7 @@ static int openssl_test(void) XMEMSET(plainBuff, 0, sizeof(plainBuff)); if (EVP_Cipher(&de, (byte*)plainBuff, (byte*)cipherBuff, - AES_BLOCK_SIZE) == 0) + AES_BLOCK_SIZE) != AES_BLOCK_SIZE) return -8662; if (XMEMCMP(plainBuff, ctr256Plain, sizeof(ctr256Plain)))