crypto: Add return value to DES and AES encrypt/decrypt
These operations may fail with some crypto wrappers, so allow the functions to report their results to the caller. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
dca4b503f1
commit
5f0e165e80
9 changed files with 38 additions and 21 deletions
|
@ -147,10 +147,12 @@ d##3 = TD0(s##3) ^ TD1(s##2) ^ TD2(s##1) ^ TD3(s##0) ^ rk[4 * i + 3]
|
||||||
PUTU32(pt + 12, s3);
|
PUTU32(pt + 12, s3);
|
||||||
}
|
}
|
||||||
|
|
||||||
void aes_decrypt(void *ctx, const u8 *crypt, u8 *plain)
|
|
||||||
|
int aes_decrypt(void *ctx, const u8 *crypt, u8 *plain)
|
||||||
{
|
{
|
||||||
u32 *rk = ctx;
|
u32 *rk = ctx;
|
||||||
rijndaelDecrypt(ctx, rk[AES_PRIV_NR_POS], crypt, plain);
|
rijndaelDecrypt(ctx, rk[AES_PRIV_NR_POS], crypt, plain);
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -112,10 +112,11 @@ void * aes_encrypt_init(const u8 *key, size_t len)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt)
|
int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt)
|
||||||
{
|
{
|
||||||
u32 *rk = ctx;
|
u32 *rk = ctx;
|
||||||
rijndaelEncrypt(ctx, rk[AES_PRIV_NR_POS], plain, crypt);
|
rijndaelEncrypt(ctx, rk[AES_PRIV_NR_POS], plain, crypt);
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -12,10 +12,10 @@
|
||||||
#define AES_BLOCK_SIZE 16
|
#define AES_BLOCK_SIZE 16
|
||||||
|
|
||||||
void * aes_encrypt_init(const u8 *key, size_t len);
|
void * aes_encrypt_init(const u8 *key, size_t len);
|
||||||
void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt);
|
int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt);
|
||||||
void aes_encrypt_deinit(void *ctx);
|
void aes_encrypt_deinit(void *ctx);
|
||||||
void * aes_decrypt_init(const u8 *key, size_t len);
|
void * aes_decrypt_init(const u8 *key, size_t len);
|
||||||
void aes_decrypt(void *ctx, const u8 *crypt, u8 *plain);
|
int aes_decrypt(void *ctx, const u8 *crypt, u8 *plain);
|
||||||
void aes_decrypt_deinit(void *ctx);
|
void aes_decrypt_deinit(void *ctx);
|
||||||
|
|
||||||
#endif /* AES_H */
|
#endif /* AES_H */
|
||||||
|
|
|
@ -106,8 +106,9 @@ int sha512_vector(size_t num_elem, const u8 *addr[], const size_t *len,
|
||||||
* @clear: 8 octets (in)
|
* @clear: 8 octets (in)
|
||||||
* @key: 7 octets (in) (no parity bits included)
|
* @key: 7 octets (in) (no parity bits included)
|
||||||
* @cypher: 8 octets (out)
|
* @cypher: 8 octets (out)
|
||||||
|
* Returns: 0 on success, -1 on failure
|
||||||
*/
|
*/
|
||||||
void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher);
|
int des_encrypt(const u8 *clear, const u8 *key, u8 *cypher);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* aes_encrypt_init - Initialize AES for encryption
|
* aes_encrypt_init - Initialize AES for encryption
|
||||||
|
@ -122,8 +123,9 @@ void * aes_encrypt_init(const u8 *key, size_t len);
|
||||||
* @ctx: Context pointer from aes_encrypt_init()
|
* @ctx: Context pointer from aes_encrypt_init()
|
||||||
* @plain: Plaintext data to be encrypted (16 bytes)
|
* @plain: Plaintext data to be encrypted (16 bytes)
|
||||||
* @crypt: Buffer for the encrypted data (16 bytes)
|
* @crypt: Buffer for the encrypted data (16 bytes)
|
||||||
|
* Returns: 0 on success, -1 on failure
|
||||||
*/
|
*/
|
||||||
void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt);
|
int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* aes_encrypt_deinit - Deinitialize AES encryption
|
* aes_encrypt_deinit - Deinitialize AES encryption
|
||||||
|
@ -144,8 +146,9 @@ void * aes_decrypt_init(const u8 *key, size_t len);
|
||||||
* @ctx: Context pointer from aes_encrypt_init()
|
* @ctx: Context pointer from aes_encrypt_init()
|
||||||
* @crypt: Encrypted data (16 bytes)
|
* @crypt: Encrypted data (16 bytes)
|
||||||
* @plain: Buffer for the decrypted data (16 bytes)
|
* @plain: Buffer for the decrypted data (16 bytes)
|
||||||
|
* Returns: 0 on success, -1 on failure
|
||||||
*/
|
*/
|
||||||
void aes_decrypt(void *ctx, const u8 *crypt, u8 *plain);
|
int aes_decrypt(void *ctx, const u8 *crypt, u8 *plain);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* aes_decrypt_deinit - Deinitialize AES decryption
|
* aes_decrypt_deinit - Deinitialize AES decryption
|
||||||
|
|
|
@ -30,7 +30,7 @@ int md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
|
int des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
|
||||||
{
|
{
|
||||||
gcry_cipher_hd_t hd;
|
gcry_cipher_hd_t hd;
|
||||||
u8 pkey[8], next, tmp;
|
u8 pkey[8], next, tmp;
|
||||||
|
@ -49,6 +49,7 @@ void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
|
||||||
gcry_err_code(gcry_cipher_setkey(hd, pkey, 8));
|
gcry_err_code(gcry_cipher_setkey(hd, pkey, 8));
|
||||||
gcry_cipher_encrypt(hd, cypher, 8, clear, 8);
|
gcry_cipher_encrypt(hd, cypher, 8, clear, 8);
|
||||||
gcry_cipher_close(hd);
|
gcry_cipher_close(hd);
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -107,10 +108,11 @@ void * aes_encrypt_init(const u8 *key, size_t len)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt)
|
int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt)
|
||||||
{
|
{
|
||||||
gcry_cipher_hd_t hd = ctx;
|
gcry_cipher_hd_t hd = ctx;
|
||||||
gcry_cipher_encrypt(hd, crypt, 16, plain, 16);
|
gcry_cipher_encrypt(hd, crypt, 16, plain, 16);
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -137,10 +139,11 @@ void * aes_decrypt_init(const u8 *key, size_t len)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
void aes_decrypt(void *ctx, const u8 *crypt, u8 *plain)
|
int aes_decrypt(void *ctx, const u8 *crypt, u8 *plain)
|
||||||
{
|
{
|
||||||
gcry_cipher_hd_t hd = ctx;
|
gcry_cipher_hd_t hd = ctx;
|
||||||
gcry_cipher_decrypt(hd, plain, 16, crypt, 16);
|
gcry_cipher_decrypt(hd, plain, 16, crypt, 16);
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -35,7 +35,7 @@ int md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
|
int des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
|
||||||
{
|
{
|
||||||
u8 pkey[8], next, tmp;
|
u8 pkey[8], next, tmp;
|
||||||
int i;
|
int i;
|
||||||
|
@ -53,6 +53,7 @@ void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
|
||||||
des_setup(pkey, 8, 0, &skey);
|
des_setup(pkey, 8, 0, &skey);
|
||||||
des_ecb_encrypt(clear, cypher, &skey);
|
des_ecb_encrypt(clear, cypher, &skey);
|
||||||
des_done(&skey);
|
des_done(&skey);
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -96,10 +97,10 @@ void * aes_encrypt_init(const u8 *key, size_t len)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt)
|
int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt)
|
||||||
{
|
{
|
||||||
symmetric_key *skey = ctx;
|
symmetric_key *skey = ctx;
|
||||||
aes_ecb_encrypt(plain, crypt, skey);
|
return aes_ecb_encrypt(plain, crypt, skey) == CRYPT_OK ? 0 : -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -125,10 +126,10 @@ void * aes_decrypt_init(const u8 *key, size_t len)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
void aes_decrypt(void *ctx, const u8 *crypt, u8 *plain)
|
int aes_decrypt(void *ctx, const u8 *crypt, u8 *plain)
|
||||||
{
|
{
|
||||||
symmetric_key *skey = ctx;
|
symmetric_key *skey = ctx;
|
||||||
aes_ecb_encrypt(plain, (u8 *) crypt, skey);
|
return aes_ecb_encrypt(plain, (u8 *) crypt, skey) == CRYPT_OK ? 0 : -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -297,7 +298,7 @@ struct crypto_cipher {
|
||||||
struct crypto_cipher * crypto_cipher_init(enum crypto_cipher_alg alg,
|
struct crypto_cipher * crypto_cipher_init(enum crypto_cipher_alg alg,
|
||||||
const u8 *iv, const u8 *key,
|
const u8 *iv, const u8 *key,
|
||||||
size_t key_len)
|
size_t key_len)
|
||||||
{
|
{
|
||||||
struct crypto_cipher *ctx;
|
struct crypto_cipher *ctx;
|
||||||
int idx, res, rc4 = 0;
|
int idx, res, rc4 = 0;
|
||||||
|
|
||||||
|
|
|
@ -18,6 +18,7 @@ int md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
|
int des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
|
||||||
{
|
{
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
|
@ -161,7 +161,7 @@ int md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
|
||||||
#endif /* CONFIG_FIPS */
|
#endif /* CONFIG_FIPS */
|
||||||
|
|
||||||
|
|
||||||
void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
|
int des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
|
||||||
{
|
{
|
||||||
u8 pkey[8], next, tmp;
|
u8 pkey[8], next, tmp;
|
||||||
int i;
|
int i;
|
||||||
|
@ -179,6 +179,7 @@ void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
|
||||||
DES_set_key((DES_cblock *) &pkey, &ks);
|
DES_set_key((DES_cblock *) &pkey, &ks);
|
||||||
DES_ecb_encrypt((DES_cblock *) clear, (DES_cblock *) cypher, &ks,
|
DES_ecb_encrypt((DES_cblock *) clear, (DES_cblock *) cypher, &ks,
|
||||||
DES_ENCRYPT);
|
DES_ENCRYPT);
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -295,14 +296,16 @@ void * aes_encrypt_init(const u8 *key, size_t len)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt)
|
int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt)
|
||||||
{
|
{
|
||||||
EVP_CIPHER_CTX *c = ctx;
|
EVP_CIPHER_CTX *c = ctx;
|
||||||
int clen = 16;
|
int clen = 16;
|
||||||
if (EVP_EncryptUpdate(c, crypt, &clen, plain, 16) != 1) {
|
if (EVP_EncryptUpdate(c, crypt, &clen, plain, 16) != 1) {
|
||||||
wpa_printf(MSG_ERROR, "OpenSSL: EVP_EncryptUpdate failed: %s",
|
wpa_printf(MSG_ERROR, "OpenSSL: EVP_EncryptUpdate failed: %s",
|
||||||
ERR_error_string(ERR_get_error(), NULL));
|
ERR_error_string(ERR_get_error(), NULL));
|
||||||
|
return -1;
|
||||||
}
|
}
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -347,14 +350,16 @@ void * aes_decrypt_init(const u8 *key, size_t len)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
void aes_decrypt(void *ctx, const u8 *crypt, u8 *plain)
|
int aes_decrypt(void *ctx, const u8 *crypt, u8 *plain)
|
||||||
{
|
{
|
||||||
EVP_CIPHER_CTX *c = ctx;
|
EVP_CIPHER_CTX *c = ctx;
|
||||||
int plen = 16;
|
int plen = 16;
|
||||||
if (EVP_DecryptUpdate(c, plain, &plen, crypt, 16) != 1) {
|
if (EVP_DecryptUpdate(c, plain, &plen, crypt, 16) != 1) {
|
||||||
wpa_printf(MSG_ERROR, "OpenSSL: EVP_DecryptUpdate failed: %s",
|
wpa_printf(MSG_ERROR, "OpenSSL: EVP_DecryptUpdate failed: %s",
|
||||||
ERR_error_string(ERR_get_error(), NULL));
|
ERR_error_string(ERR_get_error(), NULL));
|
||||||
|
return -1;
|
||||||
}
|
}
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -396,7 +396,7 @@ static void desfunc(u32 *block, const u32 *keys)
|
||||||
|
|
||||||
/* wpa_supplicant/hostapd specific wrapper */
|
/* wpa_supplicant/hostapd specific wrapper */
|
||||||
|
|
||||||
void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
|
int des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
|
||||||
{
|
{
|
||||||
u8 pkey[8], next, tmp;
|
u8 pkey[8], next, tmp;
|
||||||
int i;
|
int i;
|
||||||
|
@ -421,6 +421,7 @@ void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
|
||||||
|
|
||||||
os_memset(pkey, 0, sizeof(pkey));
|
os_memset(pkey, 0, sizeof(pkey));
|
||||||
os_memset(ek, 0, sizeof(ek));
|
os_memset(ek, 0, sizeof(ek));
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue