/* Generate blocks of random data. Underlying function used by the user-callable random data functions. */ static int pico_rand_generate_block (uint8_t* buffer, int buffer_size) { uint8_t encrypt_iv[PICO_RAND_ENCRYPT_IV_SIZE] = { 0 }; /* Can't use ECB mode and combine it with our external counter, so doing it this way */ /* Run encryption block */ if (!pico_rand_counter_is_zero (pico_rand_generator.counter)) { /* Refuse if not seeded */ if (buffer_size >= PICO_RAND_ENCRYPT_BLOCK_SIZE) { wc_AesSetKey(pico_rand_generator.aes, pico_rand_generator.key, PICO_RAND_ENCRYPT_KEY_SIZE, encrypt_iv, AES_ENCRYPTION); wc_AesCbcEncrypt(pico_rand_generator.aes, buffer, (const byte*) pico_rand_generator.counter, PICO_RAND_ENCRYPT_IV_SIZE); pico_rand_increment_counter (pico_rand_generator.counter); return 1; /* Done succesfully */ } /* Buffer size smaller than block size! */ return 0; } else { /* Not seeded, cannot produce anything! */ return 0; } }
/* AES CBC Encrypt */ int CRYPT_AES_CBC_Encrypt(CRYPT_AES_CTX* aes, unsigned char* out, const unsigned char* in, unsigned int inSz) { if (aes == NULL || out == NULL || in == NULL) return BAD_FUNC_ARG; return wc_AesCbcEncrypt((Aes*)aes, out, in, inSz); }
/* * Encrypts a file using AES */ int AesEncrypt(Aes* aes, byte* key, int size, FILE* inFile, FILE* outFile) { RNG rng; byte iv[AES_BLOCK_SIZE]; byte* input; byte* output; byte salt[SALT_SIZE] = {0}; int i = 0; int ret = 0; int inputLength; int length; int padCounter = 0; fseek(inFile, 0, SEEK_END); inputLength = ftell(inFile); fseek(inFile, 0, SEEK_SET); length = inputLength; /* pads the length until it evenly matches a block / increases pad number*/ while (length % AES_BLOCK_SIZE != 0) { length++; padCounter++; } input = malloc(length); output = malloc(length); ret = wc_InitRng(&rng); if (ret != 0) { printf("Failed to initialize random number generator\n"); return -1030; } /* reads from inFile and writes whatever is there to the input array */ ret = fread(input, 1, inputLength, inFile); if (ret == 0) { printf("Input file does not exist.\n"); return -1010; } for (i = inputLength; i < length; i++) { /* pads the added characters with the number of pads */ input[i] = padCounter; } ret = wc_RNG_GenerateBlock(&rng, iv, AES_BLOCK_SIZE); if (ret != 0) return -1020; /* stretches key to fit size */ ret = GenerateKey(&rng, key, size, salt, padCounter); if (ret != 0) return -1040; /* sets key */ ret = wc_AesSetKey(aes, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION); if (ret != 0) return -1001; /* encrypts the message to the output based on input length + padding */ ret = wc_AesCbcEncrypt(aes, output, input, length); if (ret != 0) return -1005; /* writes to outFile */ fwrite(salt, 1, SALT_SIZE, outFile); fwrite(iv, 1, AES_BLOCK_SIZE, outFile); fwrite(output, 1, length, outFile); /* closes the opened files and frees the memory*/ memset(input, 0, length); memset(output, 0, length); memset(key, 0, size); free(input); free(output); free(key); fclose(inFile); fclose(outFile); wc_FreeRng(&rng); return ret; }
/* * benchmarking funciton */ int wolfCLU_benchmark(int timer, int* option) { int i = 0; /* A looping variable */ int loop = 1; /* benchmarking loop */ int64_t blocks = 0; /* blocks used during benchmarking */ #ifndef NO_AES Aes aes; /* aes declaration */ #endif #ifndef NO_DES3 Des3 des3; /* 3des declaration */ #endif RNG rng; /* random number generator */ int ret = 0; /* return variable */ double stop = 0.0; /* stop breaks loop */ double start; /* start time */ double currTime; /* current time*/ ALIGN16 byte* plain; /* plain text */ ALIGN16 byte* cipher; /* cipher */ ALIGN16 byte* key; /* key for testing */ ALIGN16 byte* iv; /* iv for initial encoding */ byte* digest; /* message digest */ wc_InitRng(&rng); signal(SIGALRM, wolfCLU_stop); i = 0; #ifndef NO_AES /* aes test */ if (option[i] == 1) { plain = XMALLOC(AES_BLOCK_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (plain == NULL) { return MEMORY_E; } cipher = XMALLOC(AES_BLOCK_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (cipher == NULL) { wolfCLU_freeBins(plain, NULL, NULL, NULL, NULL); return MEMORY_E; } key = XMALLOC(AES_BLOCK_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (key == NULL) { wolfCLU_freeBins(plain, cipher, NULL, NULL, NULL); return MEMORY_E; } iv = XMALLOC(AES_BLOCK_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (iv == NULL) { wolfCLU_freeBins(plain, cipher, key, NULL, NULL); return MEMORY_E; } wc_RNG_GenerateBlock(&rng, plain, AES_BLOCK_SIZE); wc_RNG_GenerateBlock(&rng, cipher, AES_BLOCK_SIZE); wc_RNG_GenerateBlock(&rng, key, AES_BLOCK_SIZE); wc_RNG_GenerateBlock(&rng, iv, AES_BLOCK_SIZE); start = wolfCLU_getTime(); alarm(timer); wc_AesSetKey(&aes, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION); while (loop) { wc_AesCbcEncrypt(&aes, cipher, plain, AES_BLOCK_SIZE); blocks++; currTime = wolfCLU_getTime(); stop = currTime - start; /* if stop >= timer, loop = 0 */ loop = (stop >= timer) ? 0 : 1; } printf("\n"); printf("AES-CBC "); wolfCLU_stats(start, AES_BLOCK_SIZE, blocks); XMEMSET(plain, 0, AES_BLOCK_SIZE); XMEMSET(cipher, 0, AES_BLOCK_SIZE); XMEMSET(key, 0, AES_BLOCK_SIZE); XMEMSET(iv, 0, AES_BLOCK_SIZE); wolfCLU_freeBins(plain, cipher, key, iv, NULL); blocks = 0; loop = 1; } i++; #endif #ifdef WOLFSSL_AES_COUNTER /* aes-ctr test */ if (option[i] == 1) { plain = XMALLOC(AES_BLOCK_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (plain == NULL) { return MEMORY_E; } cipher = XMALLOC(AES_BLOCK_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (cipher == NULL) { wolfCLU_freeBins(plain, NULL, NULL, NULL, NULL); return MEMORY_E; } key = XMALLOC(AES_BLOCK_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (key == NULL) { wolfCLU_freeBins(plain, cipher, NULL, NULL, NULL); return MEMORY_E; } iv = XMALLOC(AES_BLOCK_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (iv == NULL) { wolfCLU_freeBins(plain, cipher, key, NULL, NULL); return MEMORY_E; } wc_RNG_GenerateBlock(&rng, plain, AES_BLOCK_SIZE); wc_RNG_GenerateBlock(&rng, cipher, AES_BLOCK_SIZE); wc_RNG_GenerateBlock(&rng, key, AES_BLOCK_SIZE); wc_RNG_GenerateBlock(&rng, iv, AES_BLOCK_SIZE); start = wolfCLU_getTime(); alarm(timer); wc_AesSetKeyDirect(&aes, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION); while (loop) { wc_AesCtrEncrypt(&aes, cipher, plain, AES_BLOCK_SIZE); blocks++; currTime = wolfCLU_getTime(); stop = currTime - start; /* if stop >= timer, loop = 0 */ loop = (stop >= timer) ? 0 : 1; } printf("AES-CTR "); wolfCLU_stats(start, AES_BLOCK_SIZE, blocks); XMEMSET(plain, 0, AES_BLOCK_SIZE); XMEMSET(cipher, 0, AES_BLOCK_SIZE); XMEMSET(key, 0, AES_BLOCK_SIZE); XMEMSET(iv, 0, AES_BLOCK_SIZE); wolfCLU_freeBins(plain, cipher, key, iv, NULL); blocks = 0; loop = 1; } i++; #endif #ifndef NO_DES3 /* 3des test */ if (option[i] == 1) { plain = XMALLOC(DES3_BLOCK_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (plain == NULL) { return MEMORY_E; } cipher = XMALLOC(DES3_BLOCK_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (cipher == NULL) { wolfCLU_freeBins(plain, NULL, NULL, NULL, NULL); return MEMORY_E; } key = XMALLOC(DES3_BLOCK_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (key == NULL) { wolfCLU_freeBins(plain, cipher, NULL, NULL, NULL); return MEMORY_E; } iv = XMALLOC(DES3_BLOCK_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (iv == NULL) { wolfCLU_freeBins(plain, cipher, key, NULL, NULL); return MEMORY_E; } wc_RNG_GenerateBlock(&rng, plain, DES3_BLOCK_SIZE); wc_RNG_GenerateBlock(&rng, cipher, DES3_BLOCK_SIZE); wc_RNG_GenerateBlock(&rng, key, DES3_BLOCK_SIZE); wc_RNG_GenerateBlock(&rng, iv, DES3_BLOCK_SIZE); start = wolfCLU_getTime(); alarm(timer); wc_Des3_SetKey(&des3, key, iv, DES_ENCRYPTION); while (loop) { wc_Des3_CbcEncrypt(&des3, cipher, plain, DES3_BLOCK_SIZE); blocks++; currTime = wolfCLU_getTime(); stop = currTime - start; /* if stop >= timer, loop = 0 */ loop = (stop >= timer) ? 0 : 1; } printf("3DES "); wolfCLU_stats(start, DES3_BLOCK_SIZE, blocks); XMEMSET(plain, 0, DES3_BLOCK_SIZE); XMEMSET(cipher, 0, DES3_BLOCK_SIZE); XMEMSET(key, 0, DES3_BLOCK_SIZE); XMEMSET(iv, 0, DES3_BLOCK_SIZE); wolfCLU_freeBins(plain, cipher, key, iv, NULL); blocks = 0; loop = 1; } i++; #endif #ifdef HAVE_CAMELLIA #define CAM_SZ CAMELLIA_BLOCK_SIZE /* camellia test */ if (option[i] == 1) { Camellia camellia; plain = XMALLOC(CAM_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (plain == NULL) { return MEMORY_E; } cipher = XMALLOC(CAM_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (cipher == NULL) { wolfCLU_freeBins(plain, NULL, NULL, NULL, NULL); return MEMORY_E; } key = XMALLOC(CAM_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (key == NULL) { wolfCLU_freeBins(plain, cipher, NULL, NULL, NULL); return MEMORY_E; } iv = XMALLOC(CAM_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (iv == NULL) { wolfCLU_freeBins(plain, cipher, key, NULL, NULL); return MEMORY_E; } wc_RNG_GenerateBlock(&rng, plain, CAMELLIA_BLOCK_SIZE); wc_RNG_GenerateBlock(&rng, cipher, CAMELLIA_BLOCK_SIZE); wc_RNG_GenerateBlock(&rng, key, CAMELLIA_BLOCK_SIZE); wc_RNG_GenerateBlock(&rng, iv, CAMELLIA_BLOCK_SIZE); start = wolfCLU_getTime(); alarm(timer); wc_CamelliaSetKey(&camellia, key, CAMELLIA_BLOCK_SIZE, iv); while (loop) { wc_CamelliaCbcEncrypt(&camellia, cipher, plain, CAMELLIA_BLOCK_SIZE); blocks++; currTime = wolfCLU_getTime(); stop = currTime - start; /* if stop >= timer, loop = 0 */ loop = (stop >= timer) ? 0 : 1; } printf("Camellia "); wolfCLU_stats(start, CAMELLIA_BLOCK_SIZE, blocks); XMEMSET(plain, 0, CAMELLIA_BLOCK_SIZE); XMEMSET(cipher, 0, CAMELLIA_BLOCK_SIZE); XMEMSET(key, 0, CAMELLIA_BLOCK_SIZE); XMEMSET(iv, 0, CAMELLIA_BLOCK_SIZE); wolfCLU_freeBins(plain, cipher, key, iv, NULL); blocks = 0; loop = 1; } i++; #endif #ifndef NO_MD5 /* md5 test */ if (option[i] == 1) { Md5 md5; digest = XMALLOC(MD5_DIGEST_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (digest == NULL) return MEMORY_E; plain = XMALLOC(MEGABYTE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (plain == NULL) { wolfCLU_freeBins(digest, NULL, NULL, NULL, NULL); return MEMORY_E; } wc_RNG_GenerateBlock(&rng, plain, MEGABYTE); wc_InitMd5(&md5); start = wolfCLU_getTime(); alarm(timer); while (loop) { wc_Md5Update(&md5, plain, MEGABYTE); blocks++; currTime = wolfCLU_getTime(); stop = currTime - start; /* if stop >= timer, loop = 0 */ loop = (stop >= timer) ? 0 : 1; } wc_Md5Final(&md5, digest); printf("MD5 "); wolfCLU_stats(start, MEGABYTE, blocks); XMEMSET(plain, 0, MEGABYTE); XMEMSET(digest, 0, MD5_DIGEST_SIZE); wolfCLU_freeBins(digest, plain, NULL, NULL, NULL); blocks = 0; loop = 1; } i++; #endif #ifndef NO_SHA /* sha test */ if (option[i] == 1) { Sha sha; digest = XMALLOC(SHA_DIGEST_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (digest == NULL) return MEMORY_E; plain = XMALLOC(MEGABYTE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (plain == NULL) { wolfCLU_freeBins(digest, NULL, NULL, NULL, NULL); return MEMORY_E; } wc_RNG_GenerateBlock(&rng, plain, MEGABYTE); wc_InitSha(&sha); start = wolfCLU_getTime(); alarm(timer); while (loop) { wc_ShaUpdate(&sha, plain, MEGABYTE); blocks++; currTime = wolfCLU_getTime(); stop = currTime - start; /* if stop >= timer, loop = 0 */ loop = (stop >= timer) ? 0 : 1; } wc_ShaFinal(&sha, digest); printf("Sha "); wolfCLU_stats(start, MEGABYTE, blocks); XMEMSET(plain, 0, MEGABYTE); XMEMSET(digest, 0, SHA_DIGEST_SIZE); wolfCLU_freeBins(plain, digest, NULL, NULL, NULL); blocks = 0; loop = 1; } i++; #endif #ifndef NO_SHA256 #define SHA256_SZ SHA256_DIGEST_SIZE /* sha256 test */ if (option[i] == 1) { Sha256 sha256; digest = XMALLOC(SHA256_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (digest == NULL) return MEMORY_E; plain = XMALLOC(MEGABYTE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (plain == NULL) { wolfCLU_freeBins(digest, NULL, NULL, NULL, NULL); return MEMORY_E; } wc_RNG_GenerateBlock(&rng, plain, MEGABYTE); wc_InitSha256(&sha256); start = wolfCLU_getTime(); alarm(timer); while (loop) { wc_Sha256Update(&sha256, plain, MEGABYTE); blocks++; currTime = wolfCLU_getTime(); stop = currTime - start; /* if stop >= timer, loop = 0 */ loop = (stop >= timer) ? 0 : 1; } wc_Sha256Final(&sha256, digest); printf("Sha256 "); wolfCLU_stats(start, MEGABYTE, blocks); XMEMSET(plain, 0, MEGABYTE); XMEMSET(digest, 0, SHA256_DIGEST_SIZE); wolfCLU_freeBins(plain, digest, NULL, NULL, NULL); /* resets used for debug, uncomment if needed */ blocks = 0; loop = 1; } i++; #endif #ifdef WOLFSSL_SHA384 #define SHA384_SZ SHA384_DIGEST_SIZE /* sha384 test */ if (option[i] == 1) { Sha384 sha384; digest = XMALLOC(SHA384_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (digest == NULL) return MEMORY_E; plain = XMALLOC(MEGABYTE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (plain == NULL) { wolfCLU_freeBins(digest, NULL, NULL, NULL, NULL); return MEMORY_E; } wc_RNG_GenerateBlock(&rng, plain, MEGABYTE); wc_InitSha384(&sha384); start = wolfCLU_getTime(); alarm(timer); while (loop) { wc_Sha384Update(&sha384, plain, MEGABYTE); blocks++; currTime = wolfCLU_getTime(); stop = currTime - start; /* if stop >= timer, loop = 0 */ loop = (stop >= timer) ? 0 : 1; } wc_Sha384Final(&sha384, digest); printf("Sha384 "); wolfCLU_stats(start, MEGABYTE, blocks); XMEMSET(plain, 0, MEGABYTE); XMEMSET(digest, 0, SHA384_DIGEST_SIZE); wolfCLU_freeBins(plain, digest, NULL, NULL, NULL); blocks = 0; loop = 1; } i++; #endif #ifdef WOLFSSL_SHA512 #define SHA512_SZ SHA512_DIGEST_SIZE /* sha512 test */ if (option[i] == 1) { Sha512 sha512; digest = XMALLOC(SHA512_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (digest == NULL) return MEMORY_E; plain = XMALLOC(MEGABYTE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (plain == NULL) { wolfCLU_freeBins(digest, NULL, NULL, NULL, NULL); return MEMORY_E; } wc_RNG_GenerateBlock(&rng, plain, MEGABYTE); wc_InitSha512(&sha512); start = wolfCLU_getTime(); alarm(timer); while (loop) { wc_Sha512Update(&sha512, plain, MEGABYTE); blocks++; currTime = wolfCLU_getTime(); stop = currTime - start; /* if stop >= timer, loop = 0 */ loop = (stop >= timer) ? 0 : 1; } wc_Sha512Final(&sha512, digest); printf("Sha512 "); wolfCLU_stats(start, MEGABYTE, blocks); XMEMSET(plain, 0, MEGABYTE); XMEMSET(digest, 0, SHA512_DIGEST_SIZE); wolfCLU_freeBins(plain, digest, NULL, NULL, NULL); blocks = 0; loop = 1; } i++; #endif #ifdef HAVE_BLAKE2 /* blake2b test */ if (option[i] == 1) { Blake2b b2b; digest = XMALLOC(BLAKE_DIGEST_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (digest == NULL) return MEMORY_E; plain = XMALLOC(MEGABYTE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (plain == NULL) { wolfCLU_freeBins(digest, NULL, NULL, NULL, NULL); return MEMORY_E; } wc_RNG_GenerateBlock(&rng, plain, MEGABYTE); wc_InitBlake2b(&b2b, BLAKE_DIGEST_SIZE); start = wolfCLU_getTime(); alarm(timer); while (loop) { wc_Blake2bUpdate(&b2b, plain, MEGABYTE); blocks++; currTime = wolfCLU_getTime(); stop = currTime - start; /* if stop >= timer, loop = 0 */ loop = (stop >= timer) ? 0 : 1; } wc_Blake2bFinal(&b2b, digest, BLAKE_DIGEST_SIZE); printf("Blake2b "); wolfCLU_stats(start, MEGABYTE, blocks); XMEMSET(plain, 0, MEGABYTE); XMEMSET(digest, 0, BLAKE_DIGEST_SIZE); wolfCLU_freeBins(digest, plain, NULL, NULL, NULL); } #endif return ret; }
void aes_encrypt(Aes *aes, unsigned char *cipher, const unsigned char *message) { wc_AesSetIV(aes, 0); wc_AesCbcEncrypt(aes, cipher, message, BLOCKSIZE); }
int wolfsslEncrypt(char* alg, char* mode, byte* pwdKey, byte* key, int size, char* in, char* out, byte* iv, int block, int ivCheck, int inputHex) { #ifndef NO_AES Aes aes; /* aes declaration */ #endif #ifndef NO_DES3 Des3 des3; /* 3des declaration */ #endif #ifdef HAVE_CAMELLIA Camellia camellia; /* camellia declaration */ #endif FILE* tempInFile = NULL; /* if user not provide a file */ FILE* inFile = NULL; /* input file */ FILE* outFile = NULL; /* output file */ RNG rng; /* random number generator declaration */ byte* input = NULL; /* input buffer */ byte* output = NULL; /* output buffer */ byte salt[SALT_SIZE] = {0}; /* salt variable */ int ret = 0; /* return variable */ int inputLength = 0; /* length of input */ int length = 0; /* total length */ int padCounter = 0; /* number of padded bytes */ int i = 0; /* loop variable */ int hexRet = 0; /* hex -> bin return*/ word32 tempInputL = 0; /* temporary input Length */ word32 tempMax = MAX; /* controls encryption amount */ char inputString[MAX]; /* the input string */ char* userInputBuffer = NULL; /* buffer when input is not a file */ if (access (in, F_OK) == -1) { printf("file did not exist, encrypting string following \"-i\"" "instead.\n"); /* use user entered data to encrypt */ inputLength = (int) strlen(in); userInputBuffer = (char*) malloc(inputLength); /* writes the entered text to the input buffer */ XMEMCPY(userInputBuffer, in, inputLength); /* open the file to write */ tempInFile = fopen(in, "wb"); fwrite(userInputBuffer, 1, inputLength, tempInFile); fclose(tempInFile); /* free buffer */ free(userInputBuffer); } /* open the inFile in read mode */ inFile = fopen(in, "rb"); /* find length */ fseek(inFile, 0, SEEK_END); inputLength = (int) ftell(inFile); fseek(inFile, 0, SEEK_SET); length = inputLength; /* Start up the random number generator */ ret = (int) wc_InitRng(&rng); if (ret != 0) { printf("Random Number Generator failed to start.\n"); return ret; } /* pads the length until it matches a block, * and increases pad number */ while (length % block != 0) { length++; padCounter++; } /* if the iv was not explicitly set, * generate an iv and use the pwdKey */ if (ivCheck == 0) { /* IV not set, generate it */ ret = wc_RNG_GenerateBlock(&rng, iv, block); if (ret != 0) { return ret; } /* stretches pwdKey to fit size based on wolfsslGetAlgo() */ ret = wolfsslGenKey(&rng, pwdKey, size, salt, padCounter); if (ret != 0) { printf("failed to set pwdKey.\n"); return ret; } /* move the generated pwdKey to "key" for encrypting */ for (i = 0; i < size; i++) { key[i] = pwdKey[i]; } } /* open the outFile in write mode */ outFile = fopen(out, "wb"); fwrite(salt, 1, SALT_SIZE, outFile); fwrite(iv, 1, block, outFile); fclose(outFile); /* malloc 1kB buffers */ input = (byte*) malloc(MAX); output = (byte*) malloc(MAX); /* loop, encrypt 1kB at a time till length <= 0 */ while (length > 0) { /* Read in 1kB to input[] */ if (inputHex == 1) ret = (int) fread(inputString, 1, MAX, inFile); else ret = (int) fread(input, 1, MAX, inFile); if (ret != MAX) { /* check for end of file */ if (feof(inFile)) { /* hex or ascii */ if (inputHex == 1) { hexRet = wolfsslHexToBin(inputString, &input, &tempInputL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL); if (hexRet != 0) { printf("failed during conversion of input," " ret = %d\n", hexRet); return hexRet; } }/* end hex or ascii */ /* pad to end of block */ for (i = ret ; i < (ret + padCounter); i++) { input[i] = padCounter; } /* adjust tempMax for less than 1kB encryption */ tempMax = ret + padCounter; } else { /* otherwise we got a file read error */ wolfsslFreeBins(input, output, NULL, NULL, NULL); return FREAD_ERROR; }/* End feof check */ }/* End fread check */ /* sets key encrypts the message to ouput from input */ #ifndef NO_AES if (XSTRNCMP(alg, "aes", 3) == 0) { if (XSTRNCMP(mode, "cbc", 3) == 0) { ret = wc_AesSetKey(&aes, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION); if (ret != 0) { printf("wc_AesSetKey failed.\n"); wolfsslFreeBins(input, output, NULL, NULL, NULL); return ret; } ret = wc_AesCbcEncrypt(&aes, output, input, tempMax); if (ret != 0) { printf("wc_AesCbcEncrypt failed.\n"); wolfsslFreeBins(input, output, NULL, NULL, NULL); return ENCRYPT_ERROR; } } #ifdef WOLFSSL_AES_COUNTER else if (XSTRNCMP(mode, "ctr", 3) == 0) { /* if mode is ctr */ wc_AesSetKeyDirect(&aes, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION); wc_AesCtrEncrypt(&aes, output, input, tempMax); } #endif } #endif #ifndef NO_DES3 if (XSTRNCMP(alg, "3des", 4) == 0) { ret = wc_Des3_SetKey(&des3, key, iv, DES_ENCRYPTION); if (ret != 0) { printf("wc_Des3_SetKey failed.\n"); wolfsslFreeBins(input, output, NULL, NULL, NULL); return ret; } ret = wc_Des3_CbcEncrypt(&des3, output, input, tempMax); if (ret != 0) { printf("wc_Des3_cbcEncrypt failed.\n"); wolfsslFreeBins(input, output, NULL, NULL, NULL); return ENCRYPT_ERROR; } } #endif #ifdef HAVE_CAMELLIA if (XSTRNCMP(alg, "camellia", 8) == 0) { ret = wc_CamelliaSetKey(&camellia, key, block, iv); if (ret != 0) { printf("CamelliaSetKey failed.\n"); wolfsslFreeBins(input, output, NULL, NULL, NULL); return ret; } if (XSTRNCMP(mode, "cbc", 3) == 0) { wc_CamelliaCbcEncrypt(&camellia, output, input, tempMax); } else { printf("Incompatible mode while using Camellia.\n"); wolfsslFreeBins(input, output, NULL, NULL, NULL); return FATAL_ERROR; } } #endif /* HAVE_CAMELLIA */ /* this method added for visual confirmation of nist test vectors, * automated tests to come soon */ /* something in the output buffer and using hex */ if (output != NULL && inputHex == 1) { int tempi; printf("\nUser specified hex input this is a representation of " "what\nis being written to file in hex form.\n\n[ "); for (tempi = 0; tempi < block; tempi++ ) { printf("%02x", output[tempi]); } printf(" ]\n\n"); } /* end visual confirmation */ /* Open the outFile in append mode */ outFile = fopen(out, "ab"); ret = (int) fwrite(output, 1, tempMax, outFile); if (ferror(outFile)) { printf("failed to write to file.\n"); if (input != NULL) XMEMSET(input, 0, tempMax); if (output != NULL) XMEMSET(output, 0, tempMax); wolfsslFreeBins(input, output, NULL, NULL, NULL); return FWRITE_ERROR; } if (ret > MAX) { printf("Wrote too much to file.\n"); if (input != NULL) XMEMSET(input, 0, tempMax); if (output != NULL) XMEMSET(output, 0, tempMax); wolfsslFreeBins(input, output, NULL, NULL, NULL); return FWRITE_ERROR; } /* close the outFile */ fclose(outFile); length -= tempMax; if (length < 0) printf("length went past zero.\n"); if (input != NULL) XMEMSET(input, 0, tempMax); if (output != NULL) XMEMSET(output, 0, tempMax); } /* closes the opened files and frees the memory */ fclose(inFile); XMEMSET(key, 0, size); XMEMSET(iv, 0 , block); XMEMSET(alg, 0, size); XMEMSET(mode, 0 , block); /* Use the wolfssl free for rng */ wc_FreeRng(&rng); wolfsslFreeBins(input, output, NULL, NULL, NULL); return 0; }
/* check mcapi aes cbc */ static int check_aescbc(void) { CRYPT_AES_CTX mcAes; Aes defAes; int ret; byte out1[AES_TEST_SIZE]; byte out2[AES_TEST_SIZE]; strncpy((char*)key, "1234567890abcdefghijklmnopqrstuv", 32); strncpy((char*)iv, "1234567890abcdef", 16); /* 128 cbc encrypt */ ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_ENCRYPTION); if (ret != 0) { printf("mcapi aes-128 key set failed\n"); return -1; } ret = wc_AesSetKey(&defAes, key, 16, iv, AES_ENCRYPTION); if (ret != 0) { printf("default aes-128 key set failed\n"); return -1; } ret = CRYPT_AES_CBC_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE); if (ret != 0) { printf("mcapi aes-128 cbc encrypt failed\n"); return -1; } wc_AesCbcEncrypt(&defAes, out2, ourData, AES_TEST_SIZE); if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { printf("mcapi aes-128 cbc encrypt cmp failed\n"); return -1; } /* 128 cbc decrypt */ ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_DECRYPTION); if (ret != 0) { printf("mcapi aes-128 key set failed\n"); return -1; } ret = wc_AesSetKey(&defAes, key, 16, iv, DES_DECRYPTION); if (ret != 0) { printf("default aes-128 key set failed\n"); return -1; } ret = CRYPT_AES_CBC_Decrypt(&mcAes, out2, out1, AES_TEST_SIZE); if (ret != 0) { printf("mcapi aes-128 cbc decrypt failed\n"); return -1; } wc_AesCbcDecrypt(&defAes, out1, out1, AES_TEST_SIZE); if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { printf("mcapi aes-128 cbc decrypt cmp failed\n"); return -1; } if (memcmp(out1, ourData, AES_TEST_SIZE) != 0) { printf("mcapi aes-128 cbc decrypt orig cmp failed\n"); return -1; } /* 192 cbc encrypt */ ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_ENCRYPTION); if (ret != 0) { printf("mcapi aes-192 key set failed\n"); return -1; } ret = wc_AesSetKey(&defAes, key, 24, iv, AES_ENCRYPTION); if (ret != 0) { printf("default aes-192 key set failed\n"); return -1; } ret = CRYPT_AES_CBC_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE); if (ret != 0) { printf("mcapi aes-192 cbc encrypt failed\n"); return -1; } wc_AesCbcEncrypt(&defAes, out2, ourData, AES_TEST_SIZE); if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { printf("mcapi aes-192 cbc encrypt cmp failed\n"); return -1; } /* 192 cbc decrypt */ ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_DECRYPTION); if (ret != 0) { printf("mcapi aes-192 key set failed\n"); return -1; } ret = wc_AesSetKey(&defAes, key, 24, iv, AES_DECRYPTION); if (ret != 0) { printf("default aes-192 key set failed\n"); return -1; } ret = CRYPT_AES_CBC_Decrypt(&mcAes, out2, out1, AES_TEST_SIZE); if (ret != 0) { printf("mcapi aes-192 cbc decrypt failed\n"); return -1; } wc_AesCbcDecrypt(&defAes, out1, out1, AES_TEST_SIZE); if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { printf("mcapi aes-192 cbc decrypt cmp failed\n"); return -1; } if (memcmp(out1, ourData, AES_TEST_SIZE) != 0) { printf("mcapi aes-192 cbc decrypt orig cmp failed\n"); return -1; } /* 256 cbc encrypt */ ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_ENCRYPTION); if (ret != 0) { printf("mcapi aes-256 key set failed\n"); return -1; } ret = wc_AesSetKey(&defAes, key, 32, iv, AES_ENCRYPTION); if (ret != 0) { printf("default aes-256 key set failed\n"); return -1; } ret = CRYPT_AES_CBC_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE); if (ret != 0) { printf("mcapi aes-256 cbc encrypt failed\n"); return -1; } wc_AesCbcEncrypt(&defAes, out2, ourData, AES_TEST_SIZE); if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { printf("mcapi aes-256 cbc encrypt cmp failed\n"); return -1; } /* 256 cbc decrypt */ ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_DECRYPTION); if (ret != 0) { printf("mcapi aes-256 key set failed\n"); return -1; } ret = wc_AesSetKey(&defAes, key, 32, iv, AES_DECRYPTION); if (ret != 0) { printf("default aes-256 key set failed\n"); return -1; } ret = CRYPT_AES_CBC_Decrypt(&mcAes, out2, out1, AES_TEST_SIZE); if (ret != 0) { printf("mcapi aes-256 cbc decrypt failed\n"); return -1; } wc_AesCbcDecrypt(&defAes, out1, out1, AES_TEST_SIZE); if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { printf("mcapi aes-256 cbc decrypt cmp failed\n"); return -1; } if (memcmp(out1, ourData, AES_TEST_SIZE) != 0) { printf("mcapi aes-256 cbc decrypt orig cmp failed\n"); return -1; } printf("aes-cbc mcapi test passed\n"); return 0; }