add EVP_CIPHER_CTX_block_size/mode/set_flags/set_padding

src/ssl.c

@@ -10452,6 +10452,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
                     ret = wc_AesCbcDecrypt(&ctx->cipher.aes, dst, src, len);
                 break;
 #endif /* HAVE_AES_CBC */
+#ifdef HAVE_AES_ECB
             case AES_128_ECB_TYPE :
             case AES_192_ECB_TYPE :
             case AES_256_ECB_TYPE :
@@ -10461,6 +10462,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
                 else
                     ret = wc_AesEcbDecrypt(&ctx->cipher.aes, dst, src, len);
                 break;
+#endif
 #ifdef WOLFSSL_AES_COUNTER
             case AES_128_CTR_TYPE :
             case AES_192_CTR_TYPE :

wolfcrypt/src/evp.c

@@ -19,6 +19,8 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
 
+static unsigned char cipherType(const WOLFSSL_EVP_CIPHER *cipher);
+
 WOLFSSL_API int  wolfSSL_EVP_EncryptInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
                                         const WOLFSSL_EVP_CIPHER* type,
                                         unsigned char* key, unsigned char* iv)
@@ -62,6 +64,7 @@ WOLFSSL_API int wolfSSL_EVP_DigestInit_ex(WOLFSSL_EVP_MD_CTX* ctx,
 
 WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_block_size(const WOLFSSL_EVP_CIPHER_CTX *ctx)
 {
+  if(ctx == NULL)return BAD_FUNC_ARG;
     switch(ctx->cipherType){
 
 #if !defined(NO_AES) && defined(HAVE_AES_CBC)
@@ -136,6 +139,7 @@ static unsigned char cipherType(const WOLFSSL_EVP_CIPHER *cipher)
 
 WOLFSSL_API int wolfSSL_EVP_CIPHER_block_size(const WOLFSSL_EVP_CIPHER *cipher)
 {
+  if(cipher == NULL)return BAD_FUNC_ARG;
   switch(cipherType(cipher)){
   #if !defined(NO_AES) && defined(HAVE_AES_CBC)
       case AES_128_CBC_TYPE: return 16;
@@ -163,7 +167,7 @@ WOLFSSL_API int wolfSSL_EVP_CIPHER_block_size(const WOLFSSL_EVP_CIPHER *cipher)
       }
 }
 
-WOLFSSL_API unsigned long WOLFSSL_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher)
+static unsigned long WOLFSSL_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher)
 {
     switch(cipherType(cipher)){
     #if !defined(NO_AES) && defined(HAVE_AES_CBC)
@@ -197,18 +201,27 @@ WOLFSSL_API unsigned long WOLFSSL_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher)
         }
 }
 
+WOLFSSL_API unsigned long WOLFSSL_EVP_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher)
+{
+  if(cipher == NULL)return BAD_FUNC_ARG;
+  return WOLFSSL_CIPHER_mode(cipher);
+}
+
+WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_set_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags)
+{
+  ctx->flags = flags;
+}
+
 WOLFSSL_API unsigned long wolfSSL_EVP_CIPHER_flags(const WOLFSSL_EVP_CIPHER *cipher)
 {
+  if(cipher == NULL)return BAD_FUNC_ARG;
   return WOLFSSL_CIPHER_mode(cipher);
 }
 
 WOLFSSL_API int  wolfSSL_EVP_CIPHER_CTX_set_padding(WOLFSSL_EVP_CIPHER_CTX *ctx, int padding)
 {
-  (void) ctx;
-  (void) padding;
-  /*
+  if(ctx == NULL)return BAD_FUNC_ARG;
   if(padding)ctx->flags &= ~WOLFSSL_EVP_CIPH_NO_PADDING;
   else       ctx->flags |=  WOLFSSL_EVP_CIPH_NO_PADDING;
-  */
-  return 0;
+  return 1;
 }

wolfcrypt/test/openssl_test_ex.c

@@ -0,0 +1,64 @@
+
+#ifdef OPENSSL_EXTRA
+
+#define OPENSSL_TEST_ERROR -10000
+
+static int openssl_test_ex(void)
+{
+
+  /* Test: AES_encrypt/decrypt/set Key */
+
+  AES_KEY enc;
+#ifdef HAVE_AES_DECRYPT
+  AES_KEY dec;
+#endif
+
+  byte cipher[AES_BLOCK_SIZE * 4];
+  byte plain [AES_BLOCK_SIZE * 4];
+
+  int  ret = 0;
+
+#ifdef HAVE_AES_CBC
+  const byte msg[] = { /* "Now is the time for all " w/o trailing 0 */
+      0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
+      0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
+      0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
+  };
+
+  const byte verify[] =
+  {
+      0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53,
+      0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb
+  };
+
+  byte encKey[] = "0123456789abcdef   ";  /* align */
+  byte decKey[] = "0123456789abcdef   ";  /* align */
+  byte iv[]     = "1234567890abcdef   ";  /* align */
+
+
+  printf("openSSL extra test\n") ;
+
+  ret = AES_set_encrypt_key(encKey, sizeof(encKey)*8, &enc);
+  if (ret != 0)
+      return OPENSSL_TEST_ERROR-1001;
+
+#ifdef HAVE_AES_DECRYPT
+  printf("test AES_decrypt\n");
+  ret = AES_set_decrypt_Key(decKey, sizeof(decKey)*8, &dec);
+  if (ret != 0)
+      return OPENSSL_TEST_ERROR-1002;
+#endif
+
+  AES_encrypt(&enc, cipher, msg);
+
+#ifdef HAVE_AES_DECRYPT
+  AES_decrypt(&dec, plain, cipher);
+  if (XMEMCMP(plain, msg, AES_BLOCK_SIZE))
+      return OPENSSL_TEST_ERROR--60;
+#endif /* HAVE_AES_DECRYPT */
+
+  if (XMEMCMP(cipher, verify, AES_BLOCK_SIZE))
+      return OPENSSL_TEST_ERROR--61;
+
+  return 0;
+}

wolfssl/openssl/evp.h

@@ -155,6 +155,7 @@ enum {
 typedef struct WOLFSSL_EVP_CIPHER_CTX {
     int            keyLen;         /* user may set for variable */
     int            block_size;
+    unsigned long  flags;
     unsigned char  enc;            /* if encrypt side, then true */
     unsigned char  cipherType;
 #ifndef NO_AES
@@ -258,7 +259,7 @@ WOLFSSL_API int  wolfSSL_SetInternalIV(WOLFSSL_EVP_CIPHER_CTX* ctx);
 
 WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_block_size(const WOLFSSL_EVP_CIPHER_CTX *ctx);
 WOLFSSL_API int wolfSSL_EVP_CIPHER_block_size(const WOLFSSL_EVP_CIPHER *cipher);
-WOLFSSL_API unsigned long WOLFSSL_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher);
+WOLFSSL_API unsigned long WOLFSSL_EVP_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher);
 WOLFSSL_API unsigned long wolfSSL_EVP_CIPHER_flags(const WOLFSSL_EVP_CIPHER *cipher);
 WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_set_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags);
 WOLFSSL_API int  wolfSSL_EVP_CIPHER_CTX_set_padding(WOLFSSL_EVP_CIPHER_CTX *c, int pad);
@@ -272,6 +273,7 @@ WOLFSSL_API int  wolfSSL_EVP_CIPHER_CTX_set_padding(WOLFSSL_EVP_CIPHER_CTX *c, i
 #define WOLFSSL_EVP_CIPH_CTR_MODE           0x5
 #define WOLFSSL_EVP_CIPH_GCM_MODE           0x6
 #define WOLFSSL_EVP_CIPH_CCM_MODE           0x7
+#define WOLFSSL_EVP_CIPH_NO_PADDING       0x100
 
 #define wolfSSL_EVP_CIPHER_CTX_flags(c) wolfSSL_EVP_CIPHER_flags(WOLFSSL_EVP_CIPHER_CTX_cipher(c))