From: Andreas Steffen Date: Mon, 6 Dec 2021 11:24:09 +0000 (+0100) Subject: wolfssl: Support of AES-CFB encryption X-Git-Tag: 5.9.5dr3~6 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=54d7e39d408c97f22ce477f89200d172fed7a8a7;p=thirdparty%2Fstrongswan.git wolfssl: Support of AES-CFB encryption --- diff --git a/src/libstrongswan/plugins/wolfssl/wolfssl_crypter.c b/src/libstrongswan/plugins/wolfssl/wolfssl_crypter.c index 0ad7c739f7..cffe7ba237 100644 --- a/src/libstrongswan/plugins/wolfssl/wolfssl_crypter.c +++ b/src/libstrongswan/plugins/wolfssl/wolfssl_crypter.c @@ -48,7 +48,7 @@ struct private_wolfssl_crypter_t { * wolfSSL cipher */ union { -#if !defined(NO_AES) && (!defined(NO_AES_CBC) || defined(HAVE_AES_ECB) || defined(WOLFSSL_AES_COUNTER)) +#if !defined(NO_AES) && (!defined(NO_AES_CBC) || defined(HAVE_AES_ECB) || defined(WOLFSSL_AES_CFB) || defined(WOLFSSL_AES_COUNTER)) Aes aes; #endif #ifdef HAVE_CAMELLIA @@ -141,6 +141,18 @@ METHOD(crypter_t, decrypt, bool, success = (ret == 0); break; #endif +#if !defined(NO_AES) && defined(WOLFSSL_AES_CFB) + case ENCR_AES_CFB: + ret = wc_AesSetKey(&this->cipher.aes, this->key.ptr, this->key.len, + iv.ptr, AES_ENCRYPTION); + if (ret == 0) + { + ret = wc_AesCfbDecrypt(&this->cipher.aes, out, data.ptr, + data.len); + } + success = (ret == 0); + break; + #endif #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER) case ENCR_AES_CTR: if (out == data.ptr) @@ -273,6 +285,18 @@ METHOD(crypter_t, encrypt, bool, success = (ret == 0); break; #endif +#if !defined(NO_AES) && defined(WOLFSSL_AES_CFB) + case ENCR_AES_CFB: + ret = wc_AesSetKey(&this->cipher.aes, this->key.ptr, this->key.len, + iv.ptr, AES_ENCRYPTION); + if (ret == 0) + { + ret = wc_AesCfbEncrypt(&this->cipher.aes, out, data.ptr, + data.len); + } + success = (ret == 0); + break; +#endif #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER) case ENCR_AES_CTR: if (out == data.ptr) @@ -395,6 +419,11 @@ METHOD(crypter_t, destroy, void, wc_AesFree(&this->cipher.aes); break; #endif +#if !defined(NO_AES) && defined(WOLFSSL_AES_CFB) + case ENCR_AES_CFB: + wc_AesFree(&this->cipher.aes); + break; +#endif #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER) case ENCR_AES_CTR: wc_AesFree(&this->cipher.aes); @@ -466,6 +495,24 @@ wolfssl_crypter_t *wolfssl_crypter_create(encryption_algorithm_t algo, } break; #endif +#if !defined(NO_AES) && defined(WOLFSSL_AES_CFB) + case ENCR_AES_CFB: + switch (key_size) + { + case 0: + key_size = 16; + /* fall-through */ + case 16: + case 24: + case 32: + block_size = AES_BLOCK_SIZE; + iv_size = AES_IV_SIZE; + break; + default: + return NULL; + } + break; +#endif #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER) case ENCR_AES_CTR: switch (key_size) @@ -557,6 +604,11 @@ wolfssl_crypter_t *wolfssl_crypter_create(encryption_algorithm_t algo, ret = wc_AesInit(&this->cipher.aes, NULL, INVALID_DEVID); break; #endif +#if !defined(NO_AES) && defined(WOLFSSL_AES_CFB) + case ENCR_AES_CFB: + ret = wc_AesInit(&this->cipher.aes, NULL, INVALID_DEVID); + break; +#endif #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER) case ENCR_AES_CTR: ret = wc_AesInit(&this->cipher.aes, NULL, INVALID_DEVID); diff --git a/src/libstrongswan/plugins/wolfssl/wolfssl_plugin.c b/src/libstrongswan/plugins/wolfssl/wolfssl_plugin.c index 6b35aa3d9f..cea577709b 100644 --- a/src/libstrongswan/plugins/wolfssl/wolfssl_plugin.c +++ b/src/libstrongswan/plugins/wolfssl/wolfssl_plugin.c @@ -87,6 +87,11 @@ METHOD(plugin_t, get_features, int, PLUGIN_PROVIDE(CRYPTER, ENCR_AES_ECB, 24), PLUGIN_PROVIDE(CRYPTER, ENCR_AES_ECB, 32), #endif +#if !defined(NO_AES) && defined(WOLFSSL_AES_CFB) + PLUGIN_PROVIDE(CRYPTER, ENCR_AES_CFB, 16), + PLUGIN_PROVIDE(CRYPTER, ENCR_AES_CFB, 24), + PLUGIN_PROVIDE(CRYPTER, ENCR_AES_CFB, 32), +#endif #ifdef HAVE_CAMELLIA PLUGIN_PROVIDE(CRYPTER, ENCR_CAMELLIA_CBC, 16), PLUGIN_PROVIDE(CRYPTER, ENCR_CAMELLIA_CBC, 24), diff --git a/testing/scripts/recipes/012_wolfssl.mk b/testing/scripts/recipes/012_wolfssl.mk index 926858e86a..552329f90f 100644 --- a/testing/scripts/recipes/012_wolfssl.mk +++ b/testing/scripts/recipes/012_wolfssl.mk @@ -19,6 +19,7 @@ CONFIG_OPTS = \ --enable-silent-rules \ --enable-aesccm \ --enable-aesctr \ + --enable-aescfb \ --enable-camellia \ --enable-curve25519 \ --enable-curve448 \