WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

revert pkcs7 attrib structure for scep and add more macro guards for AES key size

pull/1373/head
Jacob Barthelmeh 2018-02-14 16:37:58 -07:00
parent 8006b68cac
commit 2a15b3912b
7 changed files with 602 additions and 197 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
src/ssl.c
View File

@ -3349,6 +3349,7 @@ const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_get_cipherbynid(int id)
return wolfSSL_EVP_aes_256_cbc();
#endif
#endif
#ifdef WOLFSSL_AES_COUNTER
#ifdef WOLFSSL_AES_128
case NID_aes_128_ctr:
return wolfSSL_EVP_aes_128_ctr();
@ -3361,6 +3362,8 @@ const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_get_cipherbynid(int id)
case NID_aes_256_ctr:
return wolfSSL_EVP_aes_256_ctr();
#endif
#endif /* WOLFSSL_AES_COUNTER */
#ifdef HAVE_AES_ECB
#ifdef WOLFSSL_AES_128
case NID_aes_128_ecb:
return wolfSSL_EVP_aes_128_ecb();
@ -3373,6 +3376,7 @@ const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_get_cipherbynid(int id)
case NID_aes_256_ecb:
return wolfSSL_EVP_aes_256_ecb();
#endif
#endif /* HAVE_AES_ECB */
#endif
#ifndef NO_DES3
@ -4521,15 +4525,23 @@ static int wolfssl_decrypt_buffer_key(DerBuffer* der, byte* password,
key, info->iv);
#endif /* NO_DES3 */
#if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(HAVE_AES_DECRYPT)
#ifdef WOLFSSL_AES_128
if (XSTRNCMP(info->name, EVP_AES_128_CBC, EVP_AES_SIZE) == 0)
ret = wc_AesCbcDecryptWithKey(der->buffer, der->buffer, der->length,
key, AES_128_KEY_SIZE, info->iv);
else if (XSTRNCMP(info->name, EVP_AES_192_CBC, EVP_AES_SIZE) == 0)
else
#endif /* WOLFSSL_AES_128 */
#ifdef WOLFSSL_AES_192
if (XSTRNCMP(info->name, EVP_AES_192_CBC, EVP_AES_SIZE) == 0)
ret = wc_AesCbcDecryptWithKey(der->buffer, der->buffer, der->length,
key, AES_192_KEY_SIZE, info->iv);
else if (XSTRNCMP(info->name, EVP_AES_256_CBC, EVP_AES_SIZE) == 0)
else
#endif /* WOLFSSL_AES_192 */
#ifdef WOLFSSL_AES_256
if (XSTRNCMP(info->name, EVP_AES_256_CBC, EVP_AES_SIZE) == 0)
ret = wc_AesCbcDecryptWithKey(der->buffer, der->buffer, der->length,
key, AES_256_KEY_SIZE, info->iv);
#endif /* WOLFSSL_AES_256 */
#endif /* !NO_AES && HAVE_AES_CBC && HAVE_AES_DECRYPT */
#ifdef WOLFSSL_SMALL_STACK
@ -4610,7 +4622,7 @@ static int wolfssl_encrypt_buffer_key(byte* der, word32 derSz, byte* password,
key, AES_192_KEY_SIZE, info->iv);
else
#endif
#ifdef WOLFSSL_AES_192
#ifdef WOLFSSL_AES_256
if (XSTRNCMP(info->name, EVP_AES_256_CBC, EVP_AES_SIZE) == 0)
ret = wc_AesCbcEncryptWithKey(der, der, derSz,
key, AES_256_KEY_SIZE, info->iv);
@ -12570,7 +12582,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
}
else
#endif
#ifdef WOLFSSL_AES_192
#ifdef WOLFSSL_AES_256
if (XSTRNCMP(type, EVP_AES_256_CBC, EVP_AES_SIZE) == 0) {
keyLen = AES_256_KEY_SIZE;
ivLen = AES_IV_SIZE;
@ -13521,7 +13533,6 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
}
ret = 0;
}
else
#endif /* WOLFSSL_AES_128 */
#ifdef WOLFSSL_AES_192
if (ctx->cipherType == AES_192_CBC_TYPE ||
@ -13547,7 +13558,6 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
}
ret = 0;
}
else
#endif /* WOLFSSL_AES_192 */
#ifdef WOLFSSL_AES_256
if (ctx->cipherType == AES_256_CBC_TYPE ||
@ -13581,7 +13591,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
#endif /* HAVE_AES_CBC */
#ifdef WOLFSSL_AES_COUNTER
#ifdef WOLFSSL_AES_128
else if (ctx->cipherType == AES_128_CTR_TYPE ||
if (ctx->cipherType == AES_128_CTR_TYPE ||
(type && XSTRNCMP(type, EVP_AES_128_CTR, EVP_AES_SIZE) == 0)) {
WOLFSSL_MSG("EVP_AES_128_CTR");
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -13604,7 +13614,6 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
}
ret = 0;
}
else
#endif /* WOLFSSL_AES_128 */
#ifdef WOLFSSL_AES_192
if (ctx->cipherType == AES_192_CTR_TYPE ||
@ -13630,7 +13639,6 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
}
ret = 0;
}
else
#endif /* WOLFSSL_AES_192 */
#ifdef WOLFSSL_AES_256
if (ctx->cipherType == AES_256_CTR_TYPE ||
@ -13659,7 +13667,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
#endif /* WOLFSSL_AES_256 */
#endif /* WOLFSSL_AES_CTR */
#ifdef WOLFSSL_AES_128
else if (ctx->cipherType == AES_128_ECB_TYPE ||
if (ctx->cipherType == AES_128_ECB_TYPE ||
(type && XSTRNCMP(type, EVP_AES_128_ECB, EVP_AES_SIZE) == 0)) {
WOLFSSL_MSG("EVP_AES_128_ECB");
ctx->cipherType = AES_128_ECB_TYPE;
@ -13677,7 +13685,6 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
return ret;
ret = 0;
}
else
#endif /* WOLFSSL_AES_128 */
#ifdef WOLFSSL_AES_192
if (ctx->cipherType == AES_192_ECB_TYPE ||
@ -13698,7 +13705,6 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
return ret;
ret = 0;
}
else
#endif /* WOLFSSL_AES_192 */
#ifdef WOLFSSL_AES_256
if (ctx->cipherType == AES_256_ECB_TYPE ||
@ -25701,17 +25707,31 @@ int wolfSSL_EVP_CIPHER_iv_length(const WOLFSSL_EVP_CIPHER* cipher)
WOLFSSL_MSG("wolfSSL_EVP_CIPHER_iv_length");
#ifndef NO_AES
if ((XSTRNCMP(name, EVP_AES_128_CBC, XSTRLEN(EVP_AES_128_CBC)) == 0) ||
(XSTRNCMP(name, EVP_AES_192_CBC, XSTRLEN(EVP_AES_192_CBC)) == 0) ||
(XSTRNCMP(name, EVP_AES_256_CBC, XSTRLEN(EVP_AES_256_CBC)) == 0)) {
#ifdef WOLFSSL_AES_128
if (XSTRNCMP(name, EVP_AES_128_CBC, XSTRLEN(EVP_AES_128_CBC)) == 0)
return AES_BLOCK_SIZE;
}
#endif
#ifdef WOLFSSL_AES_192
if (XSTRNCMP(name, EVP_AES_192_CBC, XSTRLEN(EVP_AES_192_CBC)) == 0)
return AES_BLOCK_SIZE;
#endif
#ifdef WOLFSSL_AES_256
if (XSTRNCMP(name, EVP_AES_256_CBC, XSTRLEN(EVP_AES_256_CBC)) == 0)
return AES_BLOCK_SIZE;
#endif
#ifdef WOLFSSL_AES_COUNTER
if ((XSTRNCMP(name, EVP_AES_128_CTR, XSTRLEN(EVP_AES_128_CTR)) == 0) ||
(XSTRNCMP(name, EVP_AES_192_CTR, XSTRLEN(EVP_AES_192_CTR)) == 0) ||
(XSTRNCMP(name, EVP_AES_256_CTR, XSTRLEN(EVP_AES_256_CTR)) == 0)) {
#ifdef WOLFSSL_AES_128
if (XSTRNCMP(name, EVP_AES_128_CTR, XSTRLEN(EVP_AES_128_CTR)) == 0)
return AES_BLOCK_SIZE;
}
#endif
#ifdef WOLFSSL_AES_192
if (XSTRNCMP(name, EVP_AES_192_CTR, XSTRLEN(EVP_AES_192_CTR)) == 0)
return AES_BLOCK_SIZE;
#endif
#ifdef WOLFSSL_AES_256
if (XSTRNCMP(name, EVP_AES_256_CTR, XSTRLEN(EVP_AES_256_CTR)) == 0)
return AES_BLOCK_SIZE;
#endif
#endif
#endif

242
tests/api.c
View File

@ -957,15 +957,79 @@ static void test_wolfSSL_EC(void)
static void test_wolfSSL_EVP_get_cipherbynid(void)
{
#ifndef NO_AES
AssertNotNull(strcmp("EVP_AES_128_CBC", wolfSSL_EVP_get_cipherbynid(419)));
AssertNotNull(strcmp("EVP_AES_192_CBC", wolfSSL_EVP_get_cipherbynid(423)));
AssertNotNull(strcmp("EVP_AES_256_CBC", wolfSSL_EVP_get_cipherbynid(427)));
AssertNotNull(strcmp("EVP_AES_128_CTR", wolfSSL_EVP_get_cipherbynid(904)));
AssertNotNull(strcmp("EVP_AES_192_CTR", wolfSSL_EVP_get_cipherbynid(905)));
AssertNotNull(strcmp("EVP_AES_256_CTR", wolfSSL_EVP_get_cipherbynid(906)));
AssertNotNull(strcmp("EVP_AES_128_ECB", wolfSSL_EVP_get_cipherbynid(418)));
AssertNotNull(strcmp("EVP_AES_192_ECB", wolfSSL_EVP_get_cipherbynid(422)));
AssertNotNull(strcmp("EVP_AES_256_ECB", wolfSSL_EVP_get_cipherbynid(426)));
const WOLFSSL_EVP_CIPHER* c;
c = wolfSSL_EVP_get_cipherbynid(419);
#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
AssertNotNull(c);
AssertNotNull(strcmp("EVP_AES_128_CBC", c));
#else
AssertNull(c);
#endif
c = wolfSSL_EVP_get_cipherbynid(423);
#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_192)
AssertNotNull(c);
AssertNotNull(strcmp("EVP_AES_192_CBC", c));
#else
AssertNull(c);
#endif
c = wolfSSL_EVP_get_cipherbynid(427);
#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_256)
AssertNotNull(c);
AssertNotNull(strcmp("EVP_AES_256_CBC", c));
#else
AssertNull(c);
#endif
c = wolfSSL_EVP_get_cipherbynid(904);
#if defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_128)
AssertNotNull(c);
AssertNotNull(strcmp("EVP_AES_128_CTR", c));
#else
AssertNull(c);
#endif
c = wolfSSL_EVP_get_cipherbynid(905);
#if defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_192)
AssertNotNull(c);
AssertNotNull(strcmp("EVP_AES_192_CTR", c));
#else
AssertNull(c);
#endif
c = wolfSSL_EVP_get_cipherbynid(906);
#if defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_256)
AssertNotNull(c);
AssertNotNull(strcmp("EVP_AES_256_CTR", c));
#else
AssertNull(c);
#endif
c = wolfSSL_EVP_get_cipherbynid(418);
#if defined(HAVE_AES_ECB) && defined(WOLFSSL_AES_128)
AssertNotNull(c);
AssertNotNull(strcmp("EVP_AES_128_ECB", c));
#else
AssertNull(c);
#endif
c = wolfSSL_EVP_get_cipherbynid(422);
#if defined(HAVE_AES_ECB) && defined(WOLFSSL_AES_192)
AssertNotNull(c);
AssertNotNull(strcmp("EVP_AES_192_ECB", c));
#else
AssertNull(c);
#endif
c = wolfSSL_EVP_get_cipherbynid(426);
#if defined(HAVE_AES_ECB) && defined(WOLFSSL_AES_256)
AssertNotNull(c);
AssertNotNull(strcmp("EVP_AES_256_ECB", c));
#else
AssertNull(c);
#endif
#endif
#ifndef NO_DES3
@ -6813,13 +6877,18 @@ static int test_wc_InitCmac (void)
printf(testingFmt, "wc_InitCmac()");
#ifdef WOLFSSL_AES_128
ret = wc_InitCmac(&cmac1, key1, key1Sz, type, NULL);
if (ret == 0) {
#endif
#ifdef WOLFSSL_AES_192
if (ret == 0)
ret = wc_InitCmac(&cmac2, key2, key2Sz, type, NULL);
}
if (ret == 0) {
#endif
#ifdef WOLFSSL_AES_256
if (ret == 0)
ret = wc_InitCmac(&cmac3, key3, key3Sz, type, NULL);
}
#endif
/* Test bad args. */
if (ret == 0) {
ret = wc_InitCmac(NULL, key3, key3Sz, type, NULL);
@ -6839,6 +6908,13 @@ static int test_wc_InitCmac (void)
}
}
(void)key1;
(void)key1Sz;
(void)key2;
(void)key2Sz;
(void)cmac1;
(void)cmac2;
printf(resultFmt, ret == 0 ? passed : failed);
#endif
@ -6854,7 +6930,7 @@ static int test_wc_CmacUpdate (void)
{
int ret = 0;
#if defined(WOLFSSL_CMAC) && !defined(NO_AES)
#if defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_128)
Cmac cmac;
byte key[] =
{
@ -6908,7 +6984,7 @@ static int test_wc_CmacFinal (void)
{
int ret = 0;
#if defined(WOLFSSL_CMAC) && !defined(NO_AES)
#if defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_128)
Cmac cmac;
byte key[] =
{
@ -6984,7 +7060,7 @@ static int test_wc_CmacFinal (void)
static int test_wc_AesCmacGenerate (void)
{
int ret = 0;
#if defined(WOLFSSL_CMAC) && !defined(NO_AES)
#if defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_128)
Cmac cmac;
byte key[] =
{
@ -7662,7 +7738,7 @@ static int test_wc_ChaCha20Poly1305_aead (void)
static int test_wc_AesSetIV (void)
{
int ret = 0;
#ifndef NO_AES
#if !defined(NO_AES) && defined(WOLFSSL_AES_128)
Aes aes;
byte key16[] =
{
@ -7716,12 +7792,15 @@ static int test_wc_AesSetKey (void)
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
#ifdef WOLFSSL_AES_192
byte key24[] =
{
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37
};
#endif
#ifdef WOLFSSL_AES_256
byte key32[] =
{
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
@ -7729,6 +7808,7 @@ static int test_wc_AesSetKey (void)
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
#endif
byte badKey16[] =
{
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
@ -7742,16 +7822,23 @@ static int test_wc_AesSetKey (void)
if (ret != 0)
return ret;
#ifdef WOLFSSL_AES_128
ret = wc_AesSetKey(&aes, key16, (word32) sizeof(key16) / sizeof(byte),
iv, AES_ENCRYPTION);
#endif
#ifdef WOLFSSL_AES_192
if (ret == 0) {
ret = wc_AesSetKey (&aes, key24, (word32) sizeof(key24) / sizeof(byte),
iv, AES_ENCRYPTION);
}
#endif
#ifdef WOLFSSL_AES_256
if (ret == 0) {
ret = wc_AesSetKey (&aes, key32, (word32) sizeof(key32) / sizeof(byte),
iv, AES_ENCRYPTION);
}
#endif
/* Pass in bad args. */
if (ret == 0) {
ret = wc_AesSetKey (NULL, key16, (word32) sizeof(key16) / sizeof(byte),
@ -7785,7 +7872,8 @@ static int test_wc_AesSetKey (void)
static int test_wc_AesCbcEncryptDecrypt (void)
{
int ret = 0;
#if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(HAVE_AES_DECRYPT)
#if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(HAVE_AES_DECRYPT)&& \
defined(WOLFSSL_AES_256)
Aes aes;
byte key32[] =
{
@ -7931,7 +8019,7 @@ static int test_wc_AesCbcEncryptDecrypt (void)
static int test_wc_AesCtrEncryptDecrypt (void)
{
int ret = 0;
#if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER)
#if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_256)
Aes aesEnc, aesDec;
byte key32[] =
{
@ -8018,17 +8106,22 @@ static int test_wc_AesGcmSetKey (void)
#if !defined(NO_AES) && defined(HAVE_AESGCM)
Aes aes;
#ifdef WOLFSSL_AES_128
byte key16[] =
{
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
#endif
#ifdef WOLFSSL_AES_192
byte key24[] =
{
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37
};
#endif
#ifdef WOLFSSL_AES_256
byte key32[] =
{
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
@ -8036,6 +8129,7 @@ static int test_wc_AesGcmSetKey (void)
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
#endif
byte badKey16[] =
{
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
@ -8061,13 +8155,19 @@ static int test_wc_AesGcmSetKey (void)
if (ret != 0)
return ret;
#ifdef WOLFSSL_AES_128
ret = wc_AesGcmSetKey(&aes, key16, sizeof(key16)/sizeof(byte));
#endif
#ifdef WOLFSSL_AES_192
if (ret == 0) {
ret = wc_AesGcmSetKey(&aes, key24, sizeof(key24)/sizeof(byte));
}
#endif
#ifdef WOLFSSL_AES_256
if (ret == 0) {
ret = wc_AesGcmSetKey(&aes, key32, sizeof(key32)/sizeof(byte));
}
#endif
/* Pass in bad args. */
if (ret == 0) {
@ -8099,7 +8199,7 @@ static int test_wc_AesGcmSetKey (void)
static int test_wc_AesGcmEncryptDecrypt (void)
{
int ret = 0;
#if !defined(NO_AES) && defined(HAVE_AESGCM)
#if !defined(NO_AES) && defined(HAVE_AESGCM) && defined(WOLFSSL_AES_256)
Aes aes;
byte key32[] =
@ -8250,12 +8350,15 @@ static int test_wc_GmacSetKey (void)
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
#ifdef WOLFSSL_AES_192
byte key24[] =
{
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37
};
#endif
#ifdef WOLFSSL_AES_256
byte key32[] =
{
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
@ -8263,6 +8366,7 @@ static int test_wc_GmacSetKey (void)
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
#endif
byte badKey16[] =
{
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
@ -8288,13 +8392,19 @@ static int test_wc_GmacSetKey (void)
if (ret != 0)
return ret;
#ifdef WOLFSSL_AES_128
ret = wc_GmacSetKey(&gmac, key16, sizeof(key16)/sizeof(byte));
#endif
#ifdef WOLFSSL_AES_192
if (ret == 0) {
ret = wc_GmacSetKey(&gmac, key24, sizeof(key24)/sizeof(byte));
}
#endif
#ifdef WOLFSSL_AES_256
if (ret == 0) {
ret = wc_GmacSetKey(&gmac, key32, sizeof(key32)/sizeof(byte));
}
#endif
/* Pass in bad args. */
if (ret == 0) {
@ -8335,17 +8445,22 @@ static int test_wc_GmacUpdate (void)
int ret = 0;
#if !defined(NO_AES) && defined(HAVE_AESGCM)
Gmac gmac;
#ifdef WOLFSSL_AES_128
const byte key16[] =
{
0x89, 0xc9, 0x49, 0xe9, 0xc8, 0x04, 0xaf, 0x01,
0x4d, 0x56, 0x04, 0xb3, 0x94, 0x59, 0xf2, 0xc8
};
#endif
#ifdef WOLFSSL_AES_192
byte key24[] =
{
0x41, 0xc5, 0xda, 0x86, 0x67, 0xef, 0x72, 0x52,
0x20, 0xff, 0xe3, 0x9a, 0xe0, 0xac, 0x59, 0x0a,
0xc9, 0xfc, 0xa7, 0x29, 0xab, 0x60, 0xad, 0xa0
};
#endif
#ifdef WOLFSSL_AES_256
byte key32[] =
{
0x78, 0xdc, 0x4e, 0x0a, 0xaf, 0x52, 0xd9, 0x35,
@ -8353,46 +8468,59 @@ static int test_wc_GmacUpdate (void)
0xca, 0x1f, 0xd4, 0x75, 0xf5, 0xda, 0x86, 0xa4,
0x9c, 0x8d, 0xd7, 0x3d, 0x68, 0xc8, 0xe2, 0x23
};
#endif
#ifdef WOLFSSL_AES_128
const byte authIn[] =
{
0x82, 0xad, 0xcd, 0x63, 0x8d, 0x3f, 0xa9, 0xd9,
0xf3, 0xe8, 0x41, 0x00, 0xd6, 0x1e, 0x07, 0x77
};
#endif
#ifdef WOLFSSL_AES_192
const byte authIn2[] =
{
0x8b, 0x5c, 0x12, 0x4b, 0xef, 0x6e, 0x2f, 0x0f,
0xe4, 0xd8, 0xc9, 0x5c, 0xd5, 0xfa, 0x4c, 0xf1
};
#endif
const byte authIn3[] =
{
0xb9, 0x6b, 0xaa, 0x8c, 0x1c, 0x75, 0xa6, 0x71,
0xbf, 0xb2, 0xd0, 0x8d, 0x06, 0xbe, 0x5f, 0x36
};
#ifdef WOLFSSL_AES_128
const byte tag1[] = /* Known. */
{
0x88, 0xdb, 0x9d, 0x62, 0x17, 0x2e, 0xd0, 0x43,
0xaa, 0x10, 0xf1, 0x6d, 0x22, 0x7d, 0xc4, 0x1b
};
#endif
#ifdef WOLFSSL_AES_192
const byte tag2[] = /* Known */
{
0x20, 0x4b, 0xdb, 0x1b, 0xd6, 0x21, 0x54, 0xbf,
0x08, 0x92, 0x2a, 0xaa, 0x54, 0xee, 0xd7, 0x05
};
#endif
const byte tag3[] = /* Known */
{
0x3e, 0x5d, 0x48, 0x6a, 0xa2, 0xe3, 0x0b, 0x22,
0xe0, 0x40, 0xb8, 0x57, 0x23, 0xa0, 0x6e, 0x76
};
#ifdef WOLFSSL_AES_128
const byte iv[] =
{
0xd1, 0xb1, 0x04, 0xc8, 0x15, 0xbf, 0x1e, 0x94,
0xe2, 0x8c, 0x8f, 0x16
};
#endif
#ifdef WOLFSSL_AES_192
const byte iv2[] =
{
0x05, 0xad, 0x13, 0xa5, 0xe2, 0xc2, 0xab, 0x66,
0x7e, 0x1a, 0x6f, 0xbc
};
#endif
const byte iv3[] =
{
0xd7, 0x9c, 0xf2, 0x2d, 0x50, 0x4c, 0xc7, 0x93,
@ -8413,6 +8541,7 @@ static int test_wc_GmacUpdate (void)
if (ret != 0)
return ret;
#ifdef WOLFSSL_AES_128
ret = wc_GmacSetKey(&gmac, key16, sizeof(key16));
if (ret == 0) {
ret = wc_GmacUpdate(&gmac, iv, sizeof(iv), authIn, sizeof(authIn),
@ -8420,29 +8549,36 @@ static int test_wc_GmacUpdate (void)
if (ret == 0) {
ret = XMEMCMP(tag1, tagOut, sizeof(tag1));
}
if (ret == 0) {
XMEMSET(&gmac, 0, sizeof(Gmac));
ret = wc_GmacSetKey(&gmac, key24, sizeof(key24)/sizeof(byte));
}
if (ret == 0) {
ret = wc_GmacUpdate(&gmac, iv2, sizeof(iv2), authIn2,
sizeof(authIn2), tagOut2, sizeof(tag2));
}
if (ret == 0) {
ret = XMEMCMP(tagOut2, tag2, sizeof(tag2));
}
if (ret == 0) {
XMEMSET(&gmac, 0, sizeof(Gmac));
ret = wc_GmacSetKey(&gmac, key32, sizeof(key32)/sizeof(byte));
}
if (ret == 0) {
ret = wc_GmacUpdate(&gmac, iv3, sizeof(iv3), authIn3,
sizeof(authIn3), tagOut3, sizeof(tag3));
}
if (ret == 0) {
ret = XMEMCMP(tag3, tagOut3, sizeof(tag3));
}
}
#endif
#ifdef WOLFSSL_AES_192
if (ret == 0) {
XMEMSET(&gmac, 0, sizeof(Gmac));
ret = wc_GmacSetKey(&gmac, key24, sizeof(key24)/sizeof(byte));
}
if (ret == 0) {
ret = wc_GmacUpdate(&gmac, iv2, sizeof(iv2), authIn2,
sizeof(authIn2), tagOut2, sizeof(tag2));
}
if (ret == 0) {
ret = XMEMCMP(tagOut2, tag2, sizeof(tag2));
}
#endif
#ifdef WOLFSSL_AES_256
if (ret == 0) {
XMEMSET(&gmac, 0, sizeof(Gmac));
ret = wc_GmacSetKey(&gmac, key32, sizeof(key32)/sizeof(byte));
}
if (ret == 0) {
ret = wc_GmacUpdate(&gmac, iv3, sizeof(iv3), authIn3,
sizeof(authIn3), tagOut3, sizeof(tag3));
}
if (ret == 0) {
ret = XMEMCMP(tag3, tagOut3, sizeof(tag3));
}
#endif
/*Pass bad args. */
if (ret == 0) {
@ -10141,13 +10277,19 @@ static int test_wc_AesCcmSetKey (void)
if (ret != 0)
return ret;
#ifdef WOLFSSL_AES_128
ret = wc_AesCcmSetKey(&aes, key16, sizeof(key16));
#endif
#ifdef WOLFSSL_AES_192
if (ret == 0) {
ret = wc_AesCcmSetKey(&aes, key24, sizeof(key24));
if (ret == 0) {
ret = wc_AesCcmSetKey(&aes, key32, sizeof(key32));
}
}
#endif
#ifdef WOLFSSL_AES_256
if (ret == 0) {
ret = wc_AesCcmSetKey(&aes, key32, sizeof(key32));
}
#endif
/* Test bad args. */
if (ret == 0) {
@ -10180,7 +10322,7 @@ static int test_wc_AesCcmSetKey (void)
static int test_wc_AesCcmEncryptDecrypt (void)
{
int ret = 0;
#ifdef HAVE_AESCCM
#if defined(HAVE_AESCCM) && defined(WOLFSSL_AES_128)
Aes aes;
const byte key16[] =
{
@ -12883,7 +13025,7 @@ static int test_wc_ecc_encryptDecrypt (void)
{
int ret = 0;
#if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT)
#if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && defined(WOLFSSL_AES_128)
ecc_key srvKey, cliKey;
WC_RNG rng;
const char* msg = "EccBlock Size 16";
@ -17007,8 +17149,14 @@ static int my_DhCallback(WOLFSSL* ssl, struct DhKey* key,
static void test_dh_ctx_setup(WOLFSSL_CTX* ctx) {
wolfSSL_CTX_SetDhAgreeCb(ctx, my_DhCallback);
#ifdef WOLFSSL_AES_128
AssertIntEQ(wolfSSL_CTX_set_cipher_list(ctx, "DHE-RSA-AES128-SHA256"),
WOLFSSL_SUCCESS);
#endif
#ifdef WOLFSSL_AES_256
AssertIntEQ(wolfSSL_CTX_set_cipher_list(ctx, "DHE-RSA-AES256-SHA256"),
WOLFSSL_SUCCESS);
#endif
}

18
wolfcrypt/src/evp.c
View File

@ -493,28 +493,46 @@ static unsigned int cipherType(const WOLFSSL_EVP_CIPHER *cipher)
#endif
#if !defined(NO_AES) && defined(HAVE_AES_CBC)
#ifdef WOLFSSL_AES_128
else if (XSTRNCMP(cipher, EVP_AES_128_CBC, EVP_AES_SIZE) == 0)
return AES_128_CBC_TYPE;
#endif
#ifdef WOLFSSL_AES_192
else if (XSTRNCMP(cipher, EVP_AES_192_CBC, EVP_AES_SIZE) == 0)
return AES_192_CBC_TYPE;
#endif
#ifdef WOLFSSL_AES_256
else if (XSTRNCMP(cipher, EVP_AES_256_CBC, EVP_AES_SIZE) == 0)
return AES_256_CBC_TYPE;
#endif
#endif /* !NO_AES && HAVE_AES_CBC */
#if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER)
#ifdef WOLFSSL_AES_128
else if (XSTRNCMP(cipher, EVP_AES_128_CTR, EVP_AES_SIZE) == 0)
return AES_128_CTR_TYPE;
#endif
#ifdef WOLFSSL_AES_192
else if (XSTRNCMP(cipher, EVP_AES_192_CTR, EVP_AES_SIZE) == 0)
return AES_192_CTR_TYPE;
#endif
#ifdef WOLFSSL_AES_256
else if (XSTRNCMP(cipher, EVP_AES_256_CTR, EVP_AES_SIZE) == 0)
return AES_256_CTR_TYPE;
#endif
#endif /* !NO_AES && HAVE_AES_CBC */
#if !defined(NO_AES) && defined(HAVE_AES_ECB)
#ifdef WOLFSSL_AES_128
else if (XSTRNCMP(cipher, EVP_AES_128_ECB, EVP_AES_SIZE) == 0)
return AES_128_ECB_TYPE;
#endif
#ifdef WOLFSSL_AES_192
else if (XSTRNCMP(cipher, EVP_AES_192_ECB, EVP_AES_SIZE) == 0)
return AES_192_ECB_TYPE;
#endif
#ifdef WOLFSSL_AES_256
else if (XSTRNCMP(cipher, EVP_AES_256_ECB, EVP_AES_SIZE) == 0)
return AES_256_ECB_TYPE;
#endif
#endif /* !NO_AES && HAVE_AES_CBC */
else return 0;
}

291
wolfcrypt/test/test.c
View File

File diff suppressed because it is too large Load Diff

178
wolfssl/internal.h
View File

@ -277,32 +277,54 @@
#if !defined(NO_RSA) && !defined(NO_AES) && !defined(NO_TLS)
#if !defined(NO_SHA)
#if defined(WOLFSSL_STATIC_RSA)
#define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA
#define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA
#ifdef WOLFSSL_AES_128
#define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA
#endif
#ifdef WOLFSSL_AES_256
#define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA
#endif
#endif
#if defined(HAVE_NTRU) && defined(WOLFSSL_STATIC_RSA)
#ifdef WOLFSSL_AES_128
#define BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA
#endif
#ifdef WOLFSSL_AES_256
#define BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA
#endif
#endif
#endif
#if defined(WOLFSSL_STATIC_RSA)
#if !defined (NO_SHA256)
#define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256
#define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256
#ifdef WOLFSSL_AES_128
#define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256
#endif
#ifdef WOLFSSL_AES_256
#define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256
#endif
#endif
#if defined (HAVE_AESGCM)
#define BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256
#if defined (WOLFSSL_SHA384)
#ifdef WOLFSSL_AES_128
#define BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256
#endif
#if defined (WOLFSSL_SHA384) && defined(WOLFSSL_AES_256)
#define BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384
#endif
#endif
#if defined (HAVE_AESCCM)
#define BUILD_TLS_RSA_WITH_AES_128_CCM_8
#define BUILD_TLS_RSA_WITH_AES_256_CCM_8
#ifdef WOLFSSL_AES_128
#define BUILD_TLS_RSA_WITH_AES_128_CCM_8
#endif
#ifdef WOLFSSL_AES_256
#define BUILD_TLS_RSA_WITH_AES_256_CCM_8
#endif
#endif
#if defined(HAVE_BLAKE2)
#define BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256
#define BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256
#ifdef WOLFSSL_AES_128
#define BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256
#endif
#ifdef WOLFSSL_AES_256
#define BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256
#endif
#endif
#endif
#endif
@ -335,22 +357,32 @@
#if defined(WOLFSSL_STATIC_PSK)
#if !defined(NO_PSK) && !defined(NO_AES) && !defined(NO_TLS)
#if !defined(NO_SHA)
#define BUILD_TLS_PSK_WITH_AES_128_CBC_SHA
#define BUILD_TLS_PSK_WITH_AES_256_CBC_SHA
#ifdef WOLFSSL_AES_128
#define BUILD_TLS_PSK_WITH_AES_128_CBC_SHA
#endif
#ifdef WOLFSSL_AES_256
#define BUILD_TLS_PSK_WITH_AES_256_CBC_SHA
#endif
#endif
#ifndef NO_SHA256
#ifdef WOLFSSL_AES_128
#define BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256
#ifdef HAVE_AESGCM
#define BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256
#endif
#endif /* WOLFSSL_AES_128 */
#ifdef HAVE_AESCCM
#define BUILD_TLS_PSK_WITH_AES_128_CCM_8
#define BUILD_TLS_PSK_WITH_AES_256_CCM_8
#define BUILD_TLS_PSK_WITH_AES_128_CCM
#define BUILD_TLS_PSK_WITH_AES_256_CCM
#ifdef WOLFSSL_AES_128
#define BUILD_TLS_PSK_WITH_AES_128_CCM_8
#define BUILD_TLS_PSK_WITH_AES_128_CCM
#endif
#ifdef WOLFSSL_AES_256
#define BUILD_TLS_PSK_WITH_AES_256_CCM_8
#define BUILD_TLS_PSK_WITH_AES_256_CCM
#endif
#endif
#endif
#ifdef WOLFSSL_SHA384
#if defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256)
#define BUILD_TLS_PSK_WITH_AES_256_CBC_SHA384
#ifdef HAVE_AESGCM
#define BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384
@ -407,26 +439,34 @@
!defined(NO_RSA)
#if !defined(NO_SHA)
#define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
#define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
#ifdef WOLFSSL_AES_128
#define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
#endif
#ifdef WOLFSSL_AES_256
#define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
#endif
#if !defined(NO_DES3)
#define BUILD_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
#endif
#endif
#if !defined(NO_SHA256)
#define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
#define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
#if !defined(NO_SHA256) && defined(HAVE_AES_CBC)
#ifdef WOLFSSL_AES_128
#define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
#endif
#ifdef WOLFSSL_AES_256
#define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
#endif
#endif
#endif
#if defined(HAVE_ANON) && !defined(NO_TLS) && !defined(NO_DH) && \
!defined(NO_AES) && !defined(NO_SHA)
!defined(NO_AES) && !defined(NO_SHA) && defined(WOLFSSL_AES_128)
#define BUILD_TLS_DH_anon_WITH_AES_128_CBC_SHA
#endif
#if !defined(NO_DH) && !defined(NO_PSK) && !defined(NO_TLS)
#ifndef NO_SHA256
#ifndef NO_AES
#if !defined(NO_AES) && defined(WOLFSSL_AES_128)
#define BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
#endif
#ifdef HAVE_NULL_CIPHER
@ -434,7 +474,7 @@
#endif
#endif
#ifdef WOLFSSL_SHA384
#ifndef NO_AES
#if !defined(NO_AES) && defined(WOLFSSL_AES_256)
#define BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
#endif
#ifdef HAVE_NULL_CIPHER
@ -447,23 +487,39 @@
#if !defined(NO_AES)
#if !defined(NO_SHA)
#if !defined(NO_RSA)
#define BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
#define BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
#ifdef WOLFSSL_AES_128
#define BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
#endif
#ifdef WOLFSSL_AES_256
#define BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
#endif
#if defined(WOLFSSL_STATIC_DH)
#define BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
#define BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
#ifdef WOLFSSL_AES_128
#define BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
#endif
#ifdef WOLFSSL_AES_256
#define BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
#endif
#endif
#endif
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
#ifdef WOLFSSL_AES_128
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
#endif
#ifdef WOLFSSL_AES_256
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
#endif
#if defined(WOLFSSL_STATIC_DH)
#define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
#define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
#ifdef WOLFSSL_AES_128
#define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
#endif
#ifdef WOLFSSL_AES_256
#define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
#endif
#endif
#endif /* NO_SHA */
#ifndef NO_SHA256
#if !defined(NO_SHA256) && defined(WOLFSSL_AES_128)
#if !defined(NO_RSA)
#define BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
#if defined(WOLFSSL_STATIC_DH)
@ -476,7 +532,7 @@
#endif
#endif
#ifdef WOLFSSL_SHA384
#if defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256)
#if !defined(NO_RSA)
#define BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
#if defined(WOLFSSL_STATIC_DH)
@ -492,21 +548,25 @@
#if defined (HAVE_AESGCM)
#if !defined(NO_RSA)
#if defined(WOLFSSL_STATIC_DH)
#define BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
#ifdef WOLFSSL_AES_128
#define BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
#endif
#endif
#if defined(WOLFSSL_SHA384)
#if defined(WOLFSSL_STATIC_DH)
#define BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
#ifdef WOLFSSL_AES_256
#define BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
#endif
#endif
#endif
#endif
#if defined(WOLFSSL_STATIC_DH)
#if defined(WOLFSSL_STATIC_DH) && defined(WOLFSSL_AES_128)
#define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
#endif
#if defined(WOLFSSL_SHA384)
#if defined(WOLFSSL_STATIC_DH)
#if defined(WOLFSSL_STATIC_DH) && defined(WOLFSSL_AES_256)
#define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
#endif
#endif
@ -550,7 +610,8 @@
#define BUILD_TLS_ECDHE_PSK_WITH_NULL_SHA256
#endif
#endif
#if !defined(NO_PSK) && !defined(NO_SHA256) && !defined(NO_AES)
#if !defined(NO_PSK) && !defined(NO_SHA256) && !defined(NO_AES) && \
defined(WOLFSSL_AES_128)
#define BUILD_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
#endif
#endif
@ -582,39 +643,44 @@
#if !defined(NO_DH) && !defined(NO_AES) && !defined(NO_TLS) && \
!defined(NO_RSA) && defined(HAVE_AESGCM)
#ifndef NO_SHA256
#if !defined(NO_SHA256) && defined(WOLFSSL_AES_128)
#define BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
#endif
#ifdef WOLFSSL_SHA384
#if defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256)
#define BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
#endif
#endif
#if !defined(NO_DH) && !defined(NO_PSK) && !defined(NO_TLS)
#ifndef NO_SHA256
#ifdef HAVE_AESGCM
#if defined(HAVE_AESGCM) && defined(WOLFSSL_AES_128)
#define BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
#endif
#ifdef HAVE_AESCCM
#define BUILD_TLS_DHE_PSK_WITH_AES_128_CCM
#define BUILD_TLS_DHE_PSK_WITH_AES_256_CCM
#ifdef WOLFSSL_AES_128
#define BUILD_TLS_DHE_PSK_WITH_AES_128_CCM
#endif
#ifdef WOLFSSL_AES_256
#define BUILD_TLS_DHE_PSK_WITH_AES_256_CCM
#endif
#endif
#endif
#if defined(WOLFSSL_SHA384) && defined(HAVE_AESGCM)
#if defined(WOLFSSL_SHA384) && defined(HAVE_AESGCM) && \
defined(WOLFSSL_AES_256)
#define BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
#endif
#endif
#if defined(HAVE_ECC) && !defined(NO_TLS) && !defined(NO_AES)
#ifdef HAVE_AESGCM
#ifndef NO_SHA256
#if !defined(NO_SHA256) && defined(WOLFSSL_AES_128)
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
#ifndef NO_RSA
#define BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
#endif
#endif
#ifdef WOLFSSL_SHA384
#if defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256)
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
#ifndef NO_RSA
#define BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
@ -622,9 +688,13 @@
#endif
#endif
#if defined(HAVE_AESCCM) && !defined(NO_SHA256)
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
#ifdef WOLFSSL_AES_128
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
#endif
#ifdef WOLFSSL_AES_256
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
#endif
#endif
#endif
@ -642,10 +712,10 @@
#if defined(WOLFSSL_TLS13)
#ifdef HAVE_AESGCM
#ifndef NO_SHA256
#if !defined(NO_SHA256) && defined(WOLFSSL_AES_128)
#define BUILD_TLS_AES_128_GCM_SHA256
#endif
#ifdef WOLFSSL_SHA384
#if defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256)
#define BUILD_TLS_AES_256_GCM_SHA384
#endif
#endif
@ -657,7 +727,7 @@
#endif
#ifdef HAVE_AESCCM
#ifndef NO_SHA256
#if !defined(NO_SHA256) && defined(WOLFSSL_AES_128)
#define BUILD_TLS_AES_128_CCM_SHA256
#define BUILD_TLS_AES_128_CCM_8_SHA256
#endif

4
wolfssl/wolfcrypt/pkcs7.h
View File

@ -77,8 +77,8 @@ enum Pkcs7_Misc {
typedef struct PKCS7Attrib {
byte* oid;
byte* value;
word32 oidSz;
byte* value;
word32 valueSz;
} PKCS7Attrib;
@ -86,8 +86,8 @@ typedef struct PKCS7Attrib {
typedef struct PKCS7DecodedAttrib {
struct PKCS7DecodedAttrib* next;
byte* oid;
byte* value;
word32 oidSz;
byte* value;
word32 valueSz;
} PKCS7DecodedAttrib;

6
wolfssl/wolfcrypt/settings.h
View File

@ -1412,6 +1412,9 @@ extern void uITRON4_free(void *p) ;
#undef WOLFSSL_AES_256
#define WOLFSSL_AES_256
#endif
#if !defined(WOLFSSL_AES_128) && defined(HAVE_ECC_ENCRYPT)
#warning HAVE_ECC_ENCRYPT uses AES 128 bit keys
#endif
#ifndef NO_AES_DECRYPT
#undef HAVE_AES_DECRYPT
@ -1635,9 +1638,6 @@ extern void uITRON4_free(void *p) ;
#ifdef OPENSSL_EXTRA
#undef OPENSSL_EXTRA_X509_SMALL
#define OPENSSL_EXTRA_X509_SMALL
#undef OPENSSL_EXTRA_PKEY
#define OPENSSL_EXTRA_PKEY
#endif /* OPENSSL_EXTRA */
#ifdef __cplusplus