Skip to content

Commit 0e2bb28

Browse files
dgarskedgarske
authored
Merge pull request #7529 from SparkiDev/aes_decrypt_fixes
AES: NO_AES_DECRYPT defined
2 parents 1ee315b + e127401 commit 0e2bb28

4 files changed

Lines changed: 48 additions & 10 deletions

File tree

wolfcrypt/benchmark/benchmark.c

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5222,6 +5222,7 @@ void bench_aesccm(int useDeviceID)
52225222
goto exit;
52235223
}
52245224

5225+
#ifdef HAVE_AES_DECRYPT
52255226
RESET_MULTI_VALUE_STATS_VARS();
52265227

52275228
bench_stats_start(&count, &start);
@@ -5248,6 +5249,7 @@ void bench_aesccm(int useDeviceID)
52485249
printf("wc_AesCcmEncrypt failed, ret = %d\n", ret);
52495250
goto exit;
52505251
}
5252+
#endif
52515253

52525254
exit:
52535255

wolfcrypt/src/aes.c

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11447,6 +11447,7 @@ static WARN_UNUSED_RESULT int _AesEcbEncrypt(
1144711447
return ret;
1144811448
}
1144911449

11450+
#ifdef HAVE_AES_DECRYPT
1145011451
static WARN_UNUSED_RESULT int _AesEcbDecrypt(
1145111452
Aes* aes, byte* out, const byte* in, word32 sz)
1145211453
{
@@ -11497,6 +11498,7 @@ static WARN_UNUSED_RESULT int _AesEcbDecrypt(
1149711498

1149811499
return ret;
1149911500
}
11501+
#endif
1150011502

1150111503
int wc_AesEcbEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
1150211504
{
@@ -11509,6 +11511,7 @@ int wc_AesEcbEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
1150911511
return _AesEcbEncrypt(aes, out, in, sz);
1151011512
}
1151111513

11514+
#ifdef HAVE_AES_DECRYPT
1151211515
int wc_AesEcbDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
1151311516
{
1151411517
if ((in == NULL) || (out == NULL) || (aes == NULL))
@@ -11519,6 +11522,7 @@ int wc_AesEcbDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
1151911522

1152011523
return _AesEcbDecrypt(aes, out, in, sz);
1152111524
}
11525+
#endif /* HAVE_AES_DECRYPT */
1152211526
#endif
1152311527
#endif /* HAVE_AES_ECB */
1152411528

wolfcrypt/src/wc_encrypt.c

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -658,15 +658,21 @@ int wc_CryptKey(const char* password, int passwordSz, byte* salt,
658658
AES_ENCRYPTION);
659659
}
660660
else {
661+
#ifdef HAVE_AES_DECRYPT
661662
ret = wc_AesSetKey(aes, key, derivedLen, cbcIv,
662663
AES_DECRYPTION);
664+
#else
665+
ret = NOT_COMPILED_IN;
666+
#endif
663667
}
664668
}
665669
if (ret == 0) {
666670
if (enc)
667671
ret = wc_AesCbcEncrypt(aes, input, input, (word32)length);
672+
#ifdef HAVE_AES_DECRYPT
668673
else
669674
ret = wc_AesCbcDecrypt(aes, input, input, (word32)length);
675+
#endif
670676
}
671677
if (free_aes)
672678
wc_AesFree(aes);

wolfcrypt/test/test.c

Lines changed: 36 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -8654,9 +8654,11 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key,
86548654
if (ret != 0)
86558655
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
86568656

8657+
#ifdef HAVE_AES_DECRYPT
86578658
ret = wc_AesInit(dec, HEAP_HINT, INVALID_DEVID);
86588659
if (ret != 0)
86598660
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
8661+
#endif
86608662

86618663
ret = wc_AesSetKey(enc, key2, sizeof(key2), iv2, AES_ENCRYPTION);
86628664
if (ret != 0)
@@ -8882,7 +8884,9 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key,
88828884
out:
88838885

88848886
wc_AesFree(enc);
8887+
#ifdef HAVE_AES_DECRYPT
88858888
wc_AesFree(dec);
8889+
#endif
88868890
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
88878891
if (enc)
88888892
XFREE(enc, HEAP_HINT, DYNAMIC_TYPE_AES);
@@ -9211,8 +9215,10 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key,
92119215

92129216
if (enc_inited)
92139217
wc_AesFree(enc);
9218+
#ifdef HAVE_AES_DECRYPT
92149219
if (dec_inited)
92159220
wc_AesFree(dec);
9221+
#endif
92169222

92179223
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
92189224
if (enc)
@@ -10933,6 +10939,8 @@ static wc_test_ret_t aes_cbc_test(void)
1093310939
#if defined(HAVE_AES_ECB) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
1093410940
static wc_test_ret_t aesecb_test(void)
1093510941
{
10942+
wc_test_ret_t ret = 0;
10943+
#if defined(WOLFSSL_AES_256)
1093610944
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1093710945
Aes *enc = (Aes *)XMALLOC(sizeof *enc, HEAP_HINT, DYNAMIC_TYPE_AES);
1093810946
#else
@@ -10947,11 +10955,9 @@ static wc_test_ret_t aesecb_test(void)
1094710955
Aes dec[1];
1094810956
#endif
1094910957
int dec_inited = 0;
10950-
byte plain [AES_BLOCK_SIZE * 4];
10958+
byte plain[AES_BLOCK_SIZE * 4];
1095110959
#endif /* HAVE_AES_DECRYPT */
10952-
wc_test_ret_t ret = 0;
1095310960

10954-
#if defined(WOLFSSL_AES_256)
1095510961
{
1095610962
WOLFSSL_SMALL_STACK_STATIC const byte niPlain[] =
1095710963
{
@@ -11026,6 +11032,7 @@ static wc_test_ret_t aesecb_test(void)
1102611032
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
1102711033
#endif
1102811034

11035+
#ifdef HAVE_AES_DECRYPT
1102911036
XMEMSET(plain, 0, AES_BLOCK_SIZE);
1103011037
ret = wc_AesSetKey(dec, niKey, sizeof(niKey), plain, AES_DECRYPTION);
1103111038
if (ret != 0)
@@ -11069,6 +11076,7 @@ static wc_test_ret_t aesecb_test(void)
1106911076
if (XMEMCMP(plain, niPlain, AES_BLOCK_SIZE) != 0)
1107011077
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
1107111078
#endif
11079+
#endif /* HAVE_AES_DECRYPT */
1107211080
}
1107311081

1107411082
out:
@@ -11796,15 +11804,15 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_test(void)
1179611804
#endif
1179711805
int enc_inited = 0;
1179811806
byte cipher[AES_BLOCK_SIZE * 4];
11799-
#ifdef HAVE_AES_DECRYPT
11807+
#if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER)
1180011808
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1180111809
Aes *dec = (Aes *)XMALLOC(sizeof *dec, HEAP_HINT, DYNAMIC_TYPE_AES);
1180211810
#else
1180311811
Aes dec[1];
1180411812
#endif
1180511813
int dec_inited = 0;
1180611814
byte plain [AES_BLOCK_SIZE * 4];
11807-
#endif /* HAVE_AES_DECRYPT */
11815+
#endif /* HAVE_AES_DECRYPT || WOLFSSL_AES_COUNTER */
1180811816
#endif /* HAVE_AES_CBC || WOLFSSL_AES_COUNTER || WOLFSSL_AES_DIRECT */
1180911817
wc_test_ret_t ret = 0;
1181011818

@@ -11836,7 +11844,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_test(void)
1183611844
if (enc == NULL)
1183711845
ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out);
1183811846
#endif
11839-
#if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_DIRECT)
11847+
#if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER)
1184011848
if (dec == NULL)
1184111849
ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out);
1184211850
#endif
@@ -12235,6 +12243,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_test(void)
1223512243
if (XMEMCMP(cipher, niCipher, AES_BLOCK_SIZE) != 0)
1223612244
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
1223712245

12246+
#ifdef HAVE_AES_DECRYPT
1223812247
XMEMSET(plain, 0, AES_BLOCK_SIZE);
1223912248
ret = wc_AesSetKey(dec, niKey, sizeof(niKey), plain, AES_DECRYPTION);
1224012249
if (ret != 0)
@@ -12251,6 +12260,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_test(void)
1225112260
#endif
1225212261
if (XMEMCMP(plain, niPlain, AES_BLOCK_SIZE) != 0)
1225312262
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
12263+
#endif
1225412264
}
1225512265
#endif /* WOLFSSL_AES_DIRECT && WOLFSSL_AES_256 */
1225612266

@@ -12287,7 +12297,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_test(void)
1228712297
wc_AesFree(enc);
1228812298
#endif
1228912299
(void)cipher;
12290-
#ifdef HAVE_AES_DECRYPT
12300+
#if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER)
1229112301
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1229212302
if (dec) {
1229312303
if (dec_inited)
@@ -12299,7 +12309,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_test(void)
1229912309
wc_AesFree(dec);
1230012310
#endif
1230112311
(void)plain;
12302-
#endif /* HAVE_AES_DECRYPT */
12312+
#endif /* HAVE_AES_DECRYPT || WOLFSSL_AES_COUNTER */
1230312313
#endif /* HAVE_AES_CBC || WOLFSSL_AES_COUNTER || WOLFSSL_AES_DIRECT */
1230412314

1230512315
return ret;
@@ -12423,8 +12433,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes192_test(void)
1242312433
ret = wc_AesInit(dec, HEAP_HINT, devId);
1242412434
if (ret != 0)
1242512435
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
12426-
#endif
1242712436
dec_inited = 1;
12437+
#endif
1242812438

1242912439
ret = wc_AesSetKey(enc, key, (int) sizeof(key), iv, AES_ENCRYPTION);
1243012440
if (ret != 0)
@@ -12476,9 +12486,11 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes192_test(void)
1247612486
#else /* !WOLFSSL_SMALL_STACK || WOLFSSL_NO_MALLOC */
1247712487
if (enc_inited)
1247812488
wc_AesFree(enc);
12489+
#ifdef HAVE_AES_DECRYPT
1247912490
if (dec_inited)
1248012491
wc_AesFree(dec);
1248112492
#endif
12493+
#endif
1248212494
#endif /* HAVE_AES_CBC */
1248312495

1248412496
return ret;
@@ -12557,8 +12569,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes256_test(void)
1255712569
ret = wc_AesInit(dec, HEAP_HINT, devId);
1255812570
if (ret != 0)
1255912571
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
12560-
#endif
1256112572
dec_inited = 1;
12573+
#endif
1256212574

1256312575
ret = wc_AesSetKey(enc, key, keySz, iv, AES_ENCRYPTION);
1256412576
if (ret != 0)
@@ -12688,9 +12700,11 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes256_test(void)
1268812700
#else /* !WOLFSSL_SMALL_STACK || WOLFSSL_NO_MALLOC */
1268912701
if (enc_inited)
1269012702
wc_AesFree(enc);
12703+
#ifdef HAVE_AES_DECRYPT
1269112704
if (dec_inited)
1269212705
wc_AesFree(dec);
1269312706
#endif
12707+
#endif
1269412708
#endif /* HAVE_AES_CBC */
1269512709

1269612710
return ret;
@@ -13982,6 +13996,7 @@ static wc_test_ret_t aesccm_256_test(void)
1398213996
ret = WC_TEST_RET_ENC_NC;
1398313997
}
1398413998

13999+
#ifdef HAVE_AES_DECRYPT
1398514000
if (ret == 0) {
1398614001
/* decrypt inline */
1398714002
ret = wc_AesCcmDecrypt(aes, output, output, sizeof(output),
@@ -13995,6 +14010,7 @@ static wc_test_ret_t aesccm_256_test(void)
1399514010
XMEMCMP(output, in_plaintext, sizeof(output))) {
1399614011
ret = WC_TEST_RET_ENC_NC;
1399714012
}
14013+
#endif
1399814014

1399914015
wc_AesFree(aes);
1400014016

@@ -14135,6 +14151,7 @@ static wc_test_ret_t aesccm_128_test(void)
1413514151
if (XMEMCMP(t, t2, sizeof(t2)))
1413614152
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
1413714153

14154+
#ifdef HAVE_AES_DECRYPT
1413814155
ret = wc_AesCcmDecrypt(enc, p2, c2, sizeof(p2), iv, sizeof(iv),
1413914156
t2, sizeof(t2), a, sizeof(a));
1414014157
if (ret != 0)
@@ -14154,6 +14171,7 @@ static wc_test_ret_t aesccm_128_test(void)
1415414171
XMEMSET(c2, 0, sizeof(c2));
1415514172
if (XMEMCMP(p2, c2, sizeof(p2)))
1415614173
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
14174+
#endif
1415714175
wc_AesFree(enc);
1415814176

1415914177
XMEMSET(enc, 0, sizeof(Aes)); /* clear context */
@@ -14212,12 +14230,14 @@ static wc_test_ret_t aesccm_128_test(void)
1421214230
if (XMEMCMP(tl, tl2, sizeof(tl2)))
1421314231
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
1421414232

14233+
#ifdef HAVE_AES_DECRYPT
1421514234
ret = wc_AesCcmDecrypt(enc, pl2, cl2, sizeof(pl2), iv, sizeof(iv),
1421614235
tl2, sizeof(tl2), a, sizeof(a));
1421714236
if (ret != 0)
1421814237
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
1421914238
if (XMEMCMP(pl, pl2, sizeof(pl2)))
1422014239
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
14240+
#endif
1422114241

1422214242
/* test empty message as null input or output with nonzero inSz. */
1422314243
ret = wc_AesCcmEncrypt(enc, pl2 /* out */, NULL /* in */, 1 /* inSz */,
@@ -14230,6 +14250,7 @@ static wc_test_ret_t aesccm_128_test(void)
1423014250
a, sizeof(a));
1423114251
if (ret != BAD_FUNC_ARG)
1423214252
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
14253+
#ifdef HAVE_AES_DECRYPT
1423314254
ret = wc_AesCcmDecrypt(enc, pl2, NULL /* in */, 1 /* inSz */,
1423414255
iv, sizeof(iv), t_empty2, sizeof(t_empty2), a,
1423514256
sizeof(a));
@@ -14240,6 +14261,7 @@ static wc_test_ret_t aesccm_128_test(void)
1424014261
sizeof(a));
1424114262
if (ret != BAD_FUNC_ARG)
1424214263
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
14264+
#endif
1424314265

1424414266
/* test empty message as null input and output with zero inSz --
1424514267
* must either succeed, or fail early with BAD_FUNC_ARG.
@@ -14253,11 +14275,13 @@ static wc_test_ret_t aesccm_128_test(void)
1425314275
if (XMEMCMP(t_empty, t_empty2, sizeof(t_empty2)))
1425414276
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
1425514277

14278+
#ifdef HAVE_AES_DECRYPT
1425614279
ret = wc_AesCcmDecrypt(enc, NULL /* out */, NULL /* in */,
1425714280
0 /* inSz */, iv, sizeof(iv), t_empty2,
1425814281
sizeof(t_empty2), a, sizeof(a));
1425914282
if (ret != 0)
1426014283
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
14284+
#endif
1426114285
}
1426214286

1426314287
/* test empty message as zero-length string -- must work. */
@@ -14269,11 +14293,13 @@ static wc_test_ret_t aesccm_128_test(void)
1426914293
if (XMEMCMP(t_empty, t_empty2, sizeof(t_empty2)))
1427014294
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
1427114295

14296+
#ifdef HAVE_AES_DECRYPT
1427214297
ret = wc_AesCcmDecrypt(enc, pl2, (const byte *)"", 0 /* inSz */,
1427314298
iv, sizeof(iv), t_empty2, sizeof(t_empty2), a,
1427414299
sizeof(a));
1427514300
if (ret != 0)
1427614301
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
14302+
#endif
1427714303

1427814304
wc_AesFree(enc);
1427914305

0 commit comments

Comments
 (0)