wolfssl: Support of AES-CFB encryption

diff --git a/src/libstrongswan/plugins/wolfssl/wolfssl_crypter.c b/src/libstrongswan/plugins/wolfssl/wolfssl_crypter.c
index 0ad7c739f7303cd346aa228e084fb7631c979ccb..cffe7ba23752c8632a6596dd1e82476f73ed7c76 100644 (file)
--- a/src/libstrongswan/plugins/wolfssl/wolfssl_crypter.c
+++ b/src/libstrongswan/plugins/wolfssl/wolfssl_crypter.c
@@ -48,7 +48,7 @@ struct private_wolfssl_crypter_t {
         * wolfSSL cipher
         */
        union {
-#if !defined(NO_AES) && (!defined(NO_AES_CBC) || defined(HAVE_AES_ECB) || defined(WOLFSSL_AES_COUNTER))
+#if !defined(NO_AES) && (!defined(NO_AES_CBC) || defined(HAVE_AES_ECB) || defined(WOLFSSL_AES_CFB) || defined(WOLFSSL_AES_COUNTER))
                Aes aes;
 #endif
 #ifdef HAVE_CAMELLIA
@@ -141,6 +141,18 @@ METHOD(crypter_t, decrypt, bool,
                        success = (ret == 0);
                        break;
        #endif
+#if !defined(NO_AES) && defined(WOLFSSL_AES_CFB)
+               case ENCR_AES_CFB:
+                       ret = wc_AesSetKey(&this->cipher.aes, this->key.ptr, this->key.len,
+                                                          iv.ptr, AES_ENCRYPTION);
+                       if (ret == 0)
+                       {
+                               ret = wc_AesCfbDecrypt(&this->cipher.aes, out, data.ptr,
+                                                                          data.len);
+                       }
+                       success = (ret == 0);
+                       break;
+       #endif
 #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER)
                case ENCR_AES_CTR:
                        if (out == data.ptr)
@@ -273,6 +285,18 @@ METHOD(crypter_t, encrypt, bool,
                        success = (ret == 0);
                        break;
 #endif
+#if !defined(NO_AES) && defined(WOLFSSL_AES_CFB)
+               case ENCR_AES_CFB:
+                       ret = wc_AesSetKey(&this->cipher.aes, this->key.ptr, this->key.len,
+                                                          iv.ptr, AES_ENCRYPTION);
+                       if (ret == 0)
+                       {
+                               ret = wc_AesCfbEncrypt(&this->cipher.aes, out, data.ptr,
+                                                                          data.len);
+                       }
+                       success = (ret == 0);
+                       break;
+#endif
 #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER)
                case ENCR_AES_CTR:
                        if (out == data.ptr)
@@ -395,6 +419,11 @@ METHOD(crypter_t, destroy, void,
                        wc_AesFree(&this->cipher.aes);
                        break;
 #endif
+#if !defined(NO_AES) && defined(WOLFSSL_AES_CFB)
+               case ENCR_AES_CFB:
+                       wc_AesFree(&this->cipher.aes);
+                       break;
+#endif
 #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER)
                case ENCR_AES_CTR:
                        wc_AesFree(&this->cipher.aes);
@@ -466,6 +495,24 @@ wolfssl_crypter_t *wolfssl_crypter_create(encryption_algorithm_t algo,
                        }
                        break;
 #endif
+#if !defined(NO_AES) && defined(WOLFSSL_AES_CFB)
+               case ENCR_AES_CFB:
+                       switch (key_size)
+                       {
+                               case 0:
+                                       key_size = 16;
+                                       /* fall-through */
+                               case 16:
+                               case 24:
+                               case 32:
+                                       block_size = AES_BLOCK_SIZE;
+                                       iv_size = AES_IV_SIZE;
+                                       break;
+                               default:
+                                       return NULL;
+                       }
+                       break;
+#endif
 #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER)
                case ENCR_AES_CTR:
                        switch (key_size)
@@ -557,6 +604,11 @@ wolfssl_crypter_t *wolfssl_crypter_create(encryption_algorithm_t algo,
                        ret = wc_AesInit(&this->cipher.aes, NULL, INVALID_DEVID);
                        break;
 #endif
+#if !defined(NO_AES) && defined(WOLFSSL_AES_CFB)
+               case ENCR_AES_CFB:
+                       ret = wc_AesInit(&this->cipher.aes, NULL, INVALID_DEVID);
+                       break;
+#endif
 #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER)
                case ENCR_AES_CTR:
                        ret = wc_AesInit(&this->cipher.aes, NULL, INVALID_DEVID);

diff --git a/src/libstrongswan/plugins/wolfssl/wolfssl_plugin.c b/src/libstrongswan/plugins/wolfssl/wolfssl_plugin.c
index 6b35aa3d9f1adc236e871220bf53bb417fff7114..cea577709b95b335ec59a7ff96972266d2760077 100644 (file)
--- a/src/libstrongswan/plugins/wolfssl/wolfssl_plugin.c
+++ b/src/libstrongswan/plugins/wolfssl/wolfssl_plugin.c
@@ -87,6 +87,11 @@ METHOD(plugin_t, get_features, int,
                        PLUGIN_PROVIDE(CRYPTER, ENCR_AES_ECB, 24),
                        PLUGIN_PROVIDE(CRYPTER, ENCR_AES_ECB, 32),
 #endif
+#if !defined(NO_AES) && defined(WOLFSSL_AES_CFB)
+                       PLUGIN_PROVIDE(CRYPTER, ENCR_AES_CFB, 16),
+                       PLUGIN_PROVIDE(CRYPTER, ENCR_AES_CFB, 24),
+                       PLUGIN_PROVIDE(CRYPTER, ENCR_AES_CFB, 32),
+#endif
 #ifdef HAVE_CAMELLIA
                        PLUGIN_PROVIDE(CRYPTER, ENCR_CAMELLIA_CBC, 16),
                        PLUGIN_PROVIDE(CRYPTER, ENCR_CAMELLIA_CBC, 24),

diff --git a/testing/scripts/recipes/012_wolfssl.mk b/testing/scripts/recipes/012_wolfssl.mk
index 926858e86a456f50e934c5f4309df6e5e827f00b..552329f90f78ed2227ef5f5e14982e8a67dad1b3 100644 (file)
--- a/testing/scripts/recipes/012_wolfssl.mk
+++ b/testing/scripts/recipes/012_wolfssl.mk
@@ -19,6 +19,7 @@ CONFIG_OPTS = \
        --enable-silent-rules \
        --enable-aesccm \
        --enable-aesctr \
+       --enable-aescfb \
        --enable-camellia \
        --enable-curve25519 \
        --enable-curve448 \