From: Andreas Steffen Date: Thu, 18 Mar 2021 06:28:00 +0000 (+0100) Subject: wolfssl: Support AES_ECB X-Git-Tag: 5.9.3dr1~10 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b57215ba2beeca7e053926f120addfca4c56980d;p=thirdparty%2Fstrongswan.git wolfssl: Support AES_ECB --- diff --git a/src/libstrongswan/plugins/wolfssl/wolfssl_crypter.c b/src/libstrongswan/plugins/wolfssl/wolfssl_crypter.c index a39c25b955..0ad7c739f7 100644 --- a/src/libstrongswan/plugins/wolfssl/wolfssl_crypter.c +++ b/src/libstrongswan/plugins/wolfssl/wolfssl_crypter.c @@ -1,5 +1,6 @@ /* * Copyright (C) 2019 Sean Parkinson, wolfSSL Inc. + * Copyright (C) 2021 Andreas Steffen, strongSec GmbH * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -47,7 +48,7 @@ struct private_wolfssl_crypter_t { * wolfSSL cipher */ union { -#if !defined(NO_AES) && (!defined(NO_AES_CBC) || defined(WOLFSSL_AES_COUNTER)) +#if !defined(NO_AES) && (!defined(NO_AES_CBC) || defined(HAVE_AES_ECB) || defined(WOLFSSL_AES_COUNTER)) Aes aes; #endif #ifdef HAVE_CAMELLIA @@ -128,6 +129,18 @@ METHOD(crypter_t, decrypt, bool, success = (ret == 0); break; #endif +#if !defined(NO_AES) && defined(HAVE_AES_ECB) + case ENCR_AES_ECB: + ret = wc_AesSetKey(&this->cipher.aes, this->key.ptr, this->key.len, + iv.ptr, AES_DECRYPTION); + if (ret == 0) + { + ret = wc_AesEcbDecrypt(&this->cipher.aes, out, data.ptr, + data.len); + } + success = (ret == 0); + break; + #endif #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER) case ENCR_AES_CTR: if (out == data.ptr) @@ -248,6 +261,18 @@ METHOD(crypter_t, encrypt, bool, success = (ret == 0); break; #endif +#if !defined(NO_AES) && defined(HAVE_AES_ECB) + case ENCR_AES_ECB: + ret = wc_AesSetKey(&this->cipher.aes, this->key.ptr, this->key.len, + iv.ptr, AES_ENCRYPTION); + if (ret == 0) + { + ret = wc_AesEcbEncrypt(&this->cipher.aes, out, data.ptr, + data.len); + } + success = (ret == 0); + break; +#endif #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER) case ENCR_AES_CTR: if (out == data.ptr) @@ -365,6 +390,11 @@ METHOD(crypter_t, destroy, void, wc_AesFree(&this->cipher.aes); break; #endif +#if !defined(NO_AES) && defined(HAVE_AES_ECB) + case ENCR_AES_ECB: + wc_AesFree(&this->cipher.aes); + break; +#endif #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER) case ENCR_AES_CTR: wc_AesFree(&this->cipher.aes); @@ -418,6 +448,24 @@ wolfssl_crypter_t *wolfssl_crypter_create(encryption_algorithm_t algo, } break; #endif +#if !defined(NO_AES) && defined(HAVE_AES_ECB) + case ENCR_AES_ECB: + switch (key_size) + { + case 0: + key_size = 16; + /* fall-through */ + case 16: + case 24: + case 32: + block_size = AES_BLOCK_SIZE; + iv_size = AES_IV_SIZE; + break; + default: + return NULL; + } + break; +#endif #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER) case ENCR_AES_CTR: switch (key_size) @@ -504,6 +552,11 @@ wolfssl_crypter_t *wolfssl_crypter_create(encryption_algorithm_t algo, ret = wc_AesInit(&this->cipher.aes, NULL, INVALID_DEVID); break; #endif +#if !defined(NO_AES) && defined(HAVE_AES_ECB) + case ENCR_AES_ECB: + ret = wc_AesInit(&this->cipher.aes, NULL, INVALID_DEVID); + break; +#endif #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER) case ENCR_AES_CTR: ret = wc_AesInit(&this->cipher.aes, NULL, INVALID_DEVID); diff --git a/src/libstrongswan/plugins/wolfssl/wolfssl_plugin.c b/src/libstrongswan/plugins/wolfssl/wolfssl_plugin.c index 6602730613..d64be69de5 100644 --- a/src/libstrongswan/plugins/wolfssl/wolfssl_plugin.c +++ b/src/libstrongswan/plugins/wolfssl/wolfssl_plugin.c @@ -80,6 +80,11 @@ METHOD(plugin_t, get_features, int, PLUGIN_PROVIDE(CRYPTER, ENCR_AES_CBC, 24), PLUGIN_PROVIDE(CRYPTER, ENCR_AES_CBC, 32), #endif +#if !defined(NO_AES) && defined(HAVE_AES_ECB) + PLUGIN_PROVIDE(CRYPTER, ENCR_AES_ECB, 16), + PLUGIN_PROVIDE(CRYPTER, ENCR_AES_ECB, 24), + PLUGIN_PROVIDE(CRYPTER, ENCR_AES_ECB, 32), +#endif #ifdef HAVE_CAMELLIA PLUGIN_PROVIDE(CRYPTER, ENCR_CAMELLIA_CBC, 16), PLUGIN_PROVIDE(CRYPTER, ENCR_CAMELLIA_CBC, 24),