Merge pull request #7431 from lealem47/aes_cfb

JacobBarthelmeh · web-flow · commit 69be7a7c5438 · 2024-04-19T10:55:27.000-06:00
Fix for AES-CFB1 encrypt/decrypt on size (8*x-1) bits
diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c
@@ -11870,7 +11870,7 @@ static WARN_UNUSED_RESULT int wc_AesFeedbackCFB1(
     }
 
     if (ret == 0) {
-        if (bit > 0 && bit < 7) {
+        if (bit >= 0 && bit < 7) {
             out[0] = cur;
         }
     }
diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c
@@ -9209,6 +9209,11 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key,
         {
             0xC0
         };
+
+        WOLFSSL_SMALL_STACK_STATIC const byte cipher1_7bit[] =
+        {
+            0x1C
+        };
 #endif /* WOLFSSL_AES_128 */
 #ifdef WOLFSSL_AES_192
         WOLFSSL_SMALL_STACK_STATIC const byte iv2[] = {
@@ -9309,6 +9314,15 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key,
             ERROR_OUT(WC_TEST_RET_ENC_NC, out);
     #endif /* HAVE_AES_DECRYPT */
 
+        XMEMSET(cipher, 0, sizeof(cipher));
+        ret = wc_AesCfb1Encrypt(enc, cipher, msg1, 7);
+
+        if (ret != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+
+        if (cipher[0] != cipher1_7bit[0])
+            ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+
     #ifdef OPENSSL_EXTRA
         ret = wc_AesSetKey(enc, key1, AES_BLOCK_SIZE, iv, AES_ENCRYPTION);
         if (ret != 0)

Original file line number	Diff line number	Diff line change
`@@ -11870,7 +11870,7 @@ static WARN_UNUSED_RESULT int wc_AesFeedbackCFB1(`
`11870`	`11870`	`}`
`11871`	`11871`
`11872`	`11872`	`if (ret == 0) {`
`11873`		`- if (bit > 0 && bit < 7) {`
	`11873`	`+ if (bit >= 0 && bit < 7) {`
`11874`	`11874`	`out[0] = cur;`
`11875`	`11875`	`}`
`11876`	`11876`	`}`