WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #1343 from ghoso/dev201801 

Fix decryption error when EVP_CipherInit is called mulitple times.
pull/1355/head
David Garske 2018-02-05 16:51:08 -08:00 committed by GitHub
parent 82850422fc 0101440cc8
commit 172989c3c4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 38 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
src/ssl.c
View File

@ -13324,20 +13324,23 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
return 0; /* failure */
}
if (type == NULL && ctx->cipherType == 0xff) {
if (type == NULL && ctx->cipherType == WOLFSSL_EVP_CIPH_TYPE_INIT) {
WOLFSSL_MSG("no type set");
return 0; /* failure */
}
ctx->bufUsed = 0;
ctx->lastUsed = 0;
ctx->flags = 0;
if (ctx->cipherType == WOLFSSL_EVP_CIPH_TYPE_INIT){
ctx->bufUsed = 0;
ctx->lastUsed = 0;
ctx->flags = 0;
}
ret = 0;
#ifndef NO_AES
if (ctx->cipherType == AES_128_CBC_TYPE ||
(type && XSTRNCMP(type, EVP_AES_128_CBC, EVP_AES_SIZE) == 0)) {
WOLFSSL_MSG("EVP_AES_128_CBC");
ctx->cipherType = AES_128_CBC_TYPE;
ctx->flags = WOLFSSL_EVP_CIPH_CBC_MODE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE;
ctx->keyLen = 16;
ctx->block_size = AES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
@ -13359,7 +13362,8 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
(type && XSTRNCMP(type, EVP_AES_192_CBC, EVP_AES_SIZE) == 0)) {
WOLFSSL_MSG("EVP_AES_192_CBC");
ctx->cipherType = AES_192_CBC_TYPE;
ctx->flags = WOLFSSL_EVP_CIPH_CBC_MODE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE;
ctx->keyLen = 24;
ctx->block_size = AES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
@ -13381,7 +13385,8 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
(type && XSTRNCMP(type, EVP_AES_256_CBC, EVP_AES_SIZE) == 0)) {
WOLFSSL_MSG("EVP_AES_256_CBC");
ctx->cipherType = AES_256_CBC_TYPE;
ctx->flags = WOLFSSL_EVP_CIPH_CBC_MODE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE;
ctx->keyLen = 32;
ctx->block_size = AES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
@ -13407,8 +13412,9 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
else if (ctx->cipherType == AES_128_CTR_TYPE ||
(type && XSTRNCMP(type, EVP_AES_128_CTR, EVP_AES_SIZE) == 0)) {
WOLFSSL_MSG("EVP_AES_128_CTR");
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
ctx->cipherType = AES_128_CTR_TYPE;
ctx->flags = WOLFSSL_EVP_CIPH_CTR_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_CTR_MODE;
ctx->keyLen = 16;
ctx->block_size = AES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
@ -13430,7 +13436,8 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
(type && XSTRNCMP(type, EVP_AES_192_CTR, EVP_AES_SIZE) == 0)) {
WOLFSSL_MSG("EVP_AES_192_CTR");
ctx->cipherType = AES_192_CTR_TYPE;
ctx->flags = WOLFSSL_EVP_CIPH_CTR_MODE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_CTR_MODE;
ctx->keyLen = 24;
ctx->block_size = AES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
@ -13452,7 +13459,8 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
(type && XSTRNCMP(type, EVP_AES_256_CTR, EVP_AES_SIZE) == 0)) {
WOLFSSL_MSG("EVP_AES_256_CTR");
ctx->cipherType = AES_256_CTR_TYPE;
ctx->flags = WOLFSSL_EVP_CIPH_CTR_MODE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_CTR_MODE;
ctx->keyLen = 32;
ctx->block_size = AES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
@ -13475,7 +13483,8 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
(type && XSTRNCMP(type, EVP_AES_128_ECB, EVP_AES_SIZE) == 0)) {
WOLFSSL_MSG("EVP_AES_128_ECB");
ctx->cipherType = AES_128_ECB_TYPE;
ctx->flags = WOLFSSL_EVP_CIPH_ECB_MODE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE;
ctx->keyLen = 16;
ctx->block_size = AES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
@ -13492,7 +13501,8 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
(type && XSTRNCMP(type, EVP_AES_192_ECB, EVP_AES_SIZE) == 0)) {
WOLFSSL_MSG("EVP_AES_192_ECB");
ctx->cipherType = AES_192_ECB_TYPE;
ctx->flags = WOLFSSL_EVP_CIPH_ECB_MODE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE;
ctx->keyLen = 24;
ctx->block_size = AES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
@ -13509,7 +13519,8 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
(type && XSTRNCMP(type, EVP_AES_256_ECB, EVP_AES_SIZE) == 0)) {
WOLFSSL_MSG("EVP_AES_256_ECB");
ctx->cipherType = AES_256_ECB_TYPE;
ctx->flags = WOLFSSL_EVP_CIPH_ECB_MODE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE;
ctx->keyLen = 32;
ctx->block_size = AES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
@ -13529,7 +13540,8 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
(type && XSTRNCMP(type, EVP_DES_CBC, EVP_DES_SIZE) == 0)) {
WOLFSSL_MSG("EVP_DES_CBC");
ctx->cipherType = DES_CBC_TYPE;
ctx->flags = WOLFSSL_EVP_CIPH_CBC_MODE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE;
ctx->keyLen = 8;
ctx->block_size = DES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
@ -13550,12 +13562,14 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
(type && XSTRNCMP(type, EVP_DES_ECB, EVP_DES_SIZE) == 0)) {
WOLFSSL_MSG("EVP_DES_ECB");
ctx->cipherType = DES_ECB_TYPE;
ctx->flags = WOLFSSL_EVP_CIPH_ECB_MODE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE;
ctx->keyLen = 8;
ctx->block_size = DES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
if (key) {
WOLFSSL_MSG("Des_SetKey");
ret = wc_Des_SetKey(&ctx->cipher.des, key, NULL,
ctx->enc ? DES_ENCRYPTION : DES_DECRYPTION);
if (ret != 0)
@ -13569,7 +13583,8 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
XSTRNCMP(type, EVP_DES_EDE3_CBC, EVP_DES_EDE3_SIZE) == 0)) {
WOLFSSL_MSG("EVP_DES_EDE3_CBC");
ctx->cipherType = DES_EDE3_CBC_TYPE;
ctx->flags = WOLFSSL_EVP_CIPH_CBC_MODE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE;
ctx->keyLen = 24;
ctx->block_size = DES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
@ -13593,7 +13608,8 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
XSTRNCMP(type, EVP_DES_EDE3_ECB, EVP_DES_EDE3_SIZE) == 0)) {
WOLFSSL_MSG("EVP_DES_EDE3_ECB");
ctx->cipherType = DES_EDE3_ECB_TYPE;
ctx->flags = WOLFSSL_EVP_CIPH_ECB_MODE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE;
ctx->keyLen = 24;
ctx->block_size = DES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
@ -13612,7 +13628,8 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
XSTRNCMP(type, "ARC4", 4) == 0)) {
WOLFSSL_MSG("ARC4");
ctx->cipherType = ARC4_TYPE;
ctx->flags = WOLFSSL_EVP_CIPH_STREAM_CIPHER;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_STREAM_CIPHER;
ctx->block_size = 1;
if (ctx->keyLen == 0) /* user may have already set */
ctx->keyLen = 16; /* default to 128 */
@ -13626,7 +13643,8 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
(type && XSTRNCMP(type, EVP_IDEA_CBC, EVP_IDEA_SIZE) == 0)) {
WOLFSSL_MSG("EVP_IDEA_CBC");
ctx->cipherType = IDEA_CBC_TYPE;
ctx->flags = WOLFSSL_EVP_CIPH_CBC_MODE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE;
ctx->keyLen = IDEA_KEY_SIZE;
ctx->block_size = 8;
if (enc == 0 || enc == 1)

1
wolfssl/openssl/evp.h
View File

@ -415,6 +415,7 @@ WOLFSSL_API int wolfSSL_PKCS5_PBKDF2_HMAC_SHA1(const char * pass, int passlen,
#define WOLFSSL_EVP_CIPH_GCM_MODE 0x6
#define WOLFSSL_EVP_CIPH_CCM_MODE 0x7
#define WOLFSSL_EVP_CIPH_NO_PADDING 0x100
#define WOLFSSL_EVP_CIPH_TYPE_INIT 0xff
/* end OpenSSH compat */