From f190eb92b612f5d64f2758d4530153e9ee35554e Mon Sep 17 00:00:00 2001 From: ruiliio Date: Sun, 11 May 2025 16:13:14 -0700 Subject: [PATCH 1/5] Implement ChaCha20Poly1305 AEAD --- include/wolfprovider/alg_funcs.h | 4 + src/include.am | 1 + src/wp_chapoly.c | 986 +++++++++++++++++++++++++++++++ src/wp_wolfprov.c | 3 + 4 files changed, 994 insertions(+) create mode 100644 src/wp_chapoly.c diff --git a/include/wolfprovider/alg_funcs.h b/include/wolfprovider/alg_funcs.h index d1ca52f6..bc6d4f82 100644 --- a/include/wolfprovider/alg_funcs.h +++ b/include/wolfprovider/alg_funcs.h @@ -122,6 +122,8 @@ typedef void (*DFUNC)(void); #define WP_NAMES_DES_EDE3_CBC "DES-EDE3-CBC:DES3:1.2.840.113549.3.7" +#define WP_NAMES_CHACHA20_POLY1305 "ChaCha20-Poly1305" + /* Internal cipher flags. */ #define WP_CIPHER_FLAG_AEAD 0x0001 #define WP_CIPHER_FLAG_CUSTOM_IV 0x0002 @@ -284,6 +286,8 @@ extern const OSSL_DISPATCH wp_aes128wrap_functions[]; extern const OSSL_DISPATCH wp_des3cbc_functions[]; +extern const OSSL_DISPATCH wp_chacha20_poly1305_functions[]; + /* MAC implementations. */ extern const OSSL_DISPATCH wp_hmac_functions[]; extern const OSSL_DISPATCH wp_cmac_functions[]; diff --git a/src/include.am b/src/include.am index e4729015..d3312af9 100644 --- a/src/include.am +++ b/src/include.am @@ -10,6 +10,7 @@ libwolfprov_la_SOURCES += src/wp_aes_block.c libwolfprov_la_SOURCES += src/wp_aes_stream.c libwolfprov_la_SOURCES += src/wp_aes_aead.c libwolfprov_la_SOURCES += src/wp_aes_wrap.c +libwolfprov_la_SOURCES += src/wp_chapoly.c libwolfprov_la_SOURCES += src/wp_des.c libwolfprov_la_SOURCES += src/wp_hmac.c libwolfprov_la_SOURCES += src/wp_cmac.c diff --git a/src/wp_chapoly.c b/src/wp_chapoly.c new file mode 100644 index 00000000..89616472 --- /dev/null +++ b/src/wp_chapoly.c @@ -0,0 +1,986 @@ +/* Dispatch functions for wp_chacha20_poly1305 cipher */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#define CHACHA20_POLY1305_AEAD_INITIAL_COUNTER 0 + +#define CHACHA_U8TOU32(p) ( \ + ((unsigned int)(p)[0]) | ((unsigned int)(p)[1]<<8) | \ + ((unsigned int)(p)[2]<<16) | ((unsigned int)(p)[3]<<24) ) + +// include all define and declaration here, cuz there is no wp_xxx.h ? and no chacha or poly for wp ? +#define POLY1305_BLOCK_SIZE 16 +#define CHACHA_CTR_SIZE 16 + +/** (chacha20_poly1305) + * Authenticated Encryption with Associated Data structure. + */ +typedef struct wp_CP_AeadCtx { + ChaChaPoly_Aead ChaChaPoly_Aead; + + /** Provider context that we are constructed from. */ + WOLFPROV_CTX* provCtx; + + /** Cipher mode: chacha20_poly1305 */ + int mode; + + /** Length of key. */ + size_t keyLen; + /** Length of iv/nonce. */ + size_t ivLen; + /** Authentication tag length. */ + size_t tagLen; + /** TLS additional authentication data size. */ + size_t tlsAadLen; + /** TLS pad size. */ + size_t tlsAadPadSz; + + /** Initialized for encryption or decryption. */ + unsigned int enc:1; + /** AAD set with call to update. */ + unsigned int aadSet:1; + unsigned int ivSet:1; + unsigned int keySet:1; + + /** IV/nonce data. */ + unsigned char iv[CHACHA20_POLY1305_AEAD_IV_SIZE]; + unsigned int nonce[12 / 4]; + + /** Length of AAD data cached. */ + size_t aadLen; + + unsigned char key[CHACHA20_POLY1305_AEAD_KEYSIZE]; + + /** Buffer to hold tag. */ + unsigned char tag[POLY1305_BLOCK_SIZE]; + /** Buffer to hold TLS AAD. */ + unsigned char tls_aad[POLY1305_BLOCK_SIZE]; + + struct { uint64_t aad, text; } len; + + unsigned int mac_inited : 1; // to remove + +} wp_CP_AeadCtx; + + +/** Uninitialized value for a field of type size_t. */ +#define UNINITIALISED_SIZET ((size_t)-1) + +// TODO: merge with existing wc aead cp defines +#define WP_CHACHA20_POLY1305_KEYLEN 32 +#define WP_CHACHA20_POLY1305_BLKLEN 1 +#define WP_CHACHA20_POLY1305_IVLEN 12 +#define WP_CHACHA20_POLY1305_MAX_IVLEN 12 +#define WP_CHACHA20_POLY1305_MODE 0 +/** AEAD cipher flags. */ +#define WP_CHACHA20_POLY1305_AEAD_FLAGS (WP_CIPHER_FLAG_AEAD \ + | WP_CIPHER_FLAG_CUSTOM_IV) + +static OSSL_FUNC_cipher_newctx_fn wp_chacha20_poly1305_newctx; +static OSSL_FUNC_cipher_freectx_fn wp_chacha20_poly1305_freectx; +static OSSL_FUNC_cipher_dupctx_fn wp_chacha20_poly1305_dupctx; +static OSSL_FUNC_cipher_encrypt_init_fn wp_chacha20_poly1305_einit; +static OSSL_FUNC_cipher_decrypt_init_fn wp_chacha20_poly1305_dinit; +static OSSL_FUNC_cipher_get_params_fn wp_chacha20_poly1305_get_params; +static OSSL_FUNC_cipher_get_ctx_params_fn wp_chacha20_poly1305_get_ctx_params; +static OSSL_FUNC_cipher_set_ctx_params_fn wp_chacha20_poly1305_set_ctx_params; +static OSSL_FUNC_cipher_cipher_fn wp_chacha20_poly1305_cipher; +static OSSL_FUNC_cipher_final_fn wp_chacha20_poly1305_final; +static OSSL_FUNC_cipher_gettable_ctx_params_fn wp_chacha20_poly1305_gettable_ctx_params; + +#define wp_chacha20_poly1305_settable_ctx_params wp_cp_aead_settable_ctx_params +#define wp_chacha20_poly1305_gettable_params wp_cp_aead_gettable_params +#define wp_chacha20_poly1305_update wp_chacha20_poly1305_cipher + +/** + * Initialize AEAD cipher for use with TLS. Return extra padding (tag length). + * + * @param [in, out] ctx AEAD context object. + * @param [in] aad Additional authentication data. + * @param [in] aadLen Length of AAD in bytes. + * @return Length of extra padding in bytes on success. + * @return 0 on failure. + */ +static int wp_cp_aead_tls_init(wp_CP_AeadCtx* ctx, unsigned char* aad, size_t aadLen) +{ + printf("called wp_cp_aead_tls_init\n"); + int ok = 1; + size_t len = 0; + + size_t tagLen = POLY1305_BLOCK_SIZE; + + if (!wolfssl_prov_is_running()) { + ok = 0; + } + if (aadLen != EVP_AEAD_TLS1_AAD_LEN) { + ok = 0; + } + + if (ok) { + /* Cache AAD. */ + XMEMCPY(ctx->tls_aad, aad, EVP_AEAD_TLS1_AAD_LEN); //XMEMCPY(buf, aad, aadLen); + ctx->tlsAadLen = aadLen; + + len = aad[EVP_AEAD_TLS1_AAD_LEN - 2] << 8 | aad[EVP_AEAD_TLS1_AAD_LEN - 1]; + if (len >= POLY1305_BLOCK_SIZE ) { //EVP_AEAD_TLS_EXPLICIT_IV_LEN = 8 + len -= POLY1305_BLOCK_SIZE; + } + else { // len < POLY1305_BLOCK_SIZE + ok = 0; + } + } + + if (ok ) { + if (!ctx->enc) { /* If decrypting, correct for tag too. */ + if (len < tagLen) { + ok = 0; + } + if (ok) { + len -= tagLen; /* discount attached tag */ + aad[aadLen - 2] = (unsigned char)(len >> 8); + aad[aadLen - 1] = (unsigned char)(len & 0xff); + } + } + ctx->tlsAadLen = len; + + // AEAD_CHACHA20_POLY1305 requires a 96-bit nonce, which is formed as follows: + // 1. The 64-bit record sequence number is serialized as an 8-byte, + // big-endian value and padded on the left with four 0x00 bytes. + // 2. The padded sequence number is XORed with the client_write_IV + // (when the client is sending) or server_write_IV (when the server is sending). + // the |counter| argument is pointer to concatenated nonce and counter values collected into 4 32-bit elements. + + /* merge record sequence number as per RFC7905 */ + ctx->ChaChaPoly_Aead.chacha.X[1] = ctx->nonce[0]; + ctx->ChaChaPoly_Aead.chacha.X[2] = ctx->nonce[1] ^ CHACHA_U8TOU32(aad); + ctx->ChaChaPoly_Aead.chacha.X[3] = ctx->nonce[2] ^ CHACHA_U8TOU32(aad+4); + + ctx->mac_inited = 0; + /** + * IV(nonce) changes with each record + * counter is for what value the block counter should start ... usually 0 + */ + // assume iv set? and then merge records. otherwise non-set iv merge is pointless? + // tls-init with aad info: store aad val in the ctx for later use. + // same as tls-set-fixed-iv, all only matters after aead init complete? + } + + if (!ok) { + tagLen = 0; + } + /* Extra padding: tag appended to record. */ + return (int)tagLen; +} + +/** + * Set the fixed nonce for ChaChaPoly cipher. + * + * @param [in, out] ctx AEAD context object. + * @param [in] iv Fixed part of IV/nonce. + * @param [in] len Length of fixed part. + * @return 1 on success. + * @return 0 on failure. + */ +static int wp_cp_aead_tls_iv_set_fixed(wp_CP_AeadCtx* ctx, unsigned char* fixed, size_t flen) +{ + printf("called wp_cp_aead_tls_ivSet_fixed\n"); + int ok = 1; + + if (!wolfssl_prov_is_running()) { + ok = 0; + } + + if (flen != WP_CHACHA20_POLY1305_IVLEN) { + ok = 0; + } + + if (ok) { + // check key init status first ? no one is chekcing? + ctx->nonce[0] = ctx->ChaChaPoly_Aead.chacha.X[1] = CHACHA_U8TOU32(fixed); //LITTLE32(fixed); + ctx->nonce[1] = ctx->ChaChaPoly_Aead.chacha.X[2] = CHACHA_U8TOU32(fixed + 4); //LITTLE32(fixed + 4); + ctx->nonce[2] = ctx->ChaChaPoly_Aead.chacha.X[3] = CHACHA_U8TOU32(fixed + 8);//LITTLE32(fixed + 8); + } + + WOLFPROV_LEAVE(WP_LOG_CIPHER, __FILE__ ":" WOLFPROV_STRINGIZE(__LINE__), ok); + return ok; +} + +/** + * Return an array of supported gettable parameters for the AEAD cipher. + * + * @param [in] provCtx Provider context object. Unused. + * @return Array of parameters with data type. + */ +static const OSSL_PARAM *wp_cp_aead_gettable_params(WOLFPROV_CTX* provCtx) +{ + /** + * Supported gettable parameters for AEAD cipher. + */ + static const OSSL_PARAM wp_cp_aead_supported_gettable_params[] = { + OSSL_PARAM_uint(OSSL_CIPHER_PARAM_MODE, NULL), + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL), + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_BLOCK_SIZE, NULL), + OSSL_PARAM_int(OSSL_CIPHER_PARAM_AEAD, NULL), + OSSL_PARAM_int(OSSL_CIPHER_PARAM_CUSTOM_IV, NULL), + OSSL_PARAM_int(OSSL_CIPHER_PARAM_HAS_RAND_KEY, NULL), + OSSL_PARAM_END + }; + (void)provCtx; + return wp_cp_aead_supported_gettable_params; +} + +/** + * Get the AEAD cipher parameters. + * + * @param [in, out] params Array of parameters and values. + * @param [in] md Message digest id. + * @param [in] flags Flags of cipher. + * @param [in] keyBits Size of key in bits. + * @param [in] blkBits Size of block in bits. + * @param [in] ivBits Size of IV/nonce in bits. + * @return 1 on success. + * @return 0 on failure. + */ +static int wp_cp_aead_get_params(OSSL_PARAM params[], unsigned int md, + uint64_t flags, size_t keyBits, size_t blkBits, size_t ivBits) +{ + int ok = 1; + OSSL_PARAM* p; + + p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_MODE); + if ((p != NULL) && (!OSSL_PARAM_set_uint(p, md))) { + ok = 0; + } + if (ok) { + p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD); + if ((p != NULL) && + (!OSSL_PARAM_set_int(p, (flags & WP_CIPHER_FLAG_AEAD) != 0))) { + ok = 0; + } + } + if (ok) { + p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_CUSTOM_IV); + if ((p != NULL) && + (!OSSL_PARAM_set_int(p, (flags & WP_CIPHER_FLAG_CUSTOM_IV) != 0))) { + ok = 0; + } + } + if (ok) { + p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_HAS_RAND_KEY); + if ((p != NULL) && + (!OSSL_PARAM_set_int(p, (flags & WP_CIPHER_FLAG_RAND_KEY) != 0))) { + ok = 0; + } + } + if (ok) { + p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN); + if ((p != NULL) && (!OSSL_PARAM_set_size_t(p, keyBits / 8))) { + ok = 0; + } + } + if (ok) { + p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_BLOCK_SIZE); + if ((p != NULL) && (!OSSL_PARAM_set_size_t(p, blkBits / 8))) { + ok = 0; + } + } + if (ok) { + p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN); + if ((p != NULL) && (!OSSL_PARAM_set_size_t(p, ivBits / 8))) { + ok = 0; + } + } + + WOLFPROV_LEAVE(WP_LOG_CIPHER, __FILE__ ":" WOLFPROV_STRINGIZE(__LINE__), ok); + return ok; +} + +/** + * Return an array of supported settable parameters for the AEAD context. + * + * @param [in] ctx AEAD context object. Unused. + * @param [in] provCtx Provider context object. Unused. + * @return Array of parameters with data type. + */ +static const OSSL_PARAM *wp_cp_aead_settable_ctx_params(wp_CP_AeadCtx* ctx, + WOLFPROV_CTX* provCtx) +{ + /** + * Supported settable parameters for AEAD context. + */ + static const OSSL_PARAM wp_cp_aead_supported_settable_ctx_params[] = { + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_IVLEN, NULL), + OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0), + OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD, NULL, 0), + OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_IV_FIXED, NULL, 0), + OSSL_PARAM_END + }; + (void)ctx; + (void)provCtx; + return wp_cp_aead_supported_settable_ctx_params; +} + +/** + * Create a new AEAD context object for performing CHACHA20_POLY1305. + * + * @return NULL on failure. + * @return AEAD context object on success. + */ +static void *wp_chacha20_poly1305_newctx(void *provctx) +{ + printf("called wp_chacha20_poly1305_newctx\n"); + + wp_CP_AeadCtx *ctx = NULL; + + (void)provctx; + + if (wolfssl_prov_is_running()) { + ctx = OPENSSL_zalloc(sizeof(*ctx)); + } + if (ctx != NULL) { + + ctx->keyLen = WP_CHACHA20_POLY1305_KEYLEN; // new define or use wssldef ? OSSL ONLY HAS PROV DEFINES + ctx->ivLen = WP_CHACHA20_POLY1305_IVLEN; // TLS_EXPLICIT_IV_LEN ??? + ctx->mode = WP_CHACHA20_POLY1305_MODE; + ctx->tagLen = UNINITIALISED_SIZET; + + // ossl from chacha20_poly1305_initkey || chacha20_poly1305_initiv + ctx->len.aad = 0; + ctx->len.text = 0; + ctx->aadSet = 0; + ctx->mac_inited = 0; + ctx->tlsAadLen = UNINITIALISED_SIZET; // must + memset(ctx->tls_aad, 0, POLY1305_BLOCK_SIZE); + } + return ctx; +} + +static void *wp_chacha20_poly1305_dupctx(void *provctx) +{ + printf("called wp_chacha20_poly1305_dupctx\n"); + wp_CP_AeadCtx *ctx = provctx; + wp_CP_AeadCtx *dctx = NULL; + + if (ctx == NULL) + return NULL; + dctx = OPENSSL_memdup(ctx, sizeof(*ctx)); + + return dctx; +} + +static void wp_chacha20_poly1305_freectx(void *vctx) +{ + printf("called wp_chacha20_poly1305_freectx\n"); + wp_CP_AeadCtx *ctx = (wp_CP_AeadCtx *)vctx; + + if (ctx != NULL) { + /* reset and cleanup sensitive context */ + memset(&ctx->ChaChaPoly_Aead, 0, sizeof(ChaChaPoly_Aead)); + OPENSSL_clear_free(ctx, sizeof(*ctx)); + } +} + +static int wp_chacha20_poly1305_get_params(OSSL_PARAM params[]) +{ + printf("called wp_chacha20_poly1305_get_params\n"); + return wp_cp_aead_get_params(params, 0, WP_CHACHA20_POLY1305_AEAD_FLAGS, + WP_CHACHA20_POLY1305_KEYLEN * 8, + WP_CHACHA20_POLY1305_BLKLEN * 8, + WP_CHACHA20_POLY1305_IVLEN * 8); +} + +static int wp_chacha20_poly1305_get_ctx_params(void *vctx, OSSL_PARAM params[]) +{ + printf("called wp_chacha20_poly1305_get_ctx_params\n"); + + wp_CP_AeadCtx *ctx = (wp_CP_AeadCtx *)vctx; + OSSL_PARAM *p; + + p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN); + if (p != NULL) { + if (!OSSL_PARAM_set_size_t(p, WP_CHACHA20_POLY1305_IVLEN)) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); + return 0; + } + printf("get_ctx_params: IVLEN \n"); + } + p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN); + if (p != NULL ) { + if (!OSSL_PARAM_set_size_t(p, WP_CHACHA20_POLY1305_KEYLEN)) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); + return 0; + } + printf("get_ctx_params: KEYLEN \n"); + } + + p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TAGLEN); + if (p != NULL) { + if (!OSSL_PARAM_set_size_t(p, ctx->tagLen)) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); + return 0; + } + printf("get_ctx_params: tagLEN \n"); + } + p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD); + if (p != NULL ) { + if (!OSSL_PARAM_set_size_t(p, ctx->tlsAadPadSz)) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); + return 0; + } + printf("get_ctx_params: aad pad \n"); + } + + p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TAG); + if (p != NULL) { + if (p->data_type != OSSL_PARAM_OCTET_STRING) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); + return 0; + } + if (!ctx->enc) { + ERR_raise(ERR_LIB_PROV, PROV_R_TAG_NOT_SET); + return 0; + } + if (p->data_size == 0 || p->data_size > POLY1305_BLOCK_SIZE) { + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAG_LENGTH); + return 0; + } + memcpy(p->data, ctx->tag, p->data_size); + printf("get_ctx_params: tag \n"); + } + + return 1; +} + +static const OSSL_PARAM wp_chacha20_poly1305_known_gettable_ctx_params[] = { + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL), + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TAGLEN, NULL), + OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0), + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD, NULL), + OSSL_PARAM_END +}; +static const OSSL_PARAM *wp_chacha20_poly1305_gettable_ctx_params + (ossl_unused void *cctx, ossl_unused void *provctx) +{ + printf("called wp_chacha20_poly1305_gettable_ctx_params\n"); + return wp_chacha20_poly1305_known_gettable_ctx_params; +} + +static int wp_chacha20_poly1305_set_ctx_params(void *vctx, const OSSL_PARAM params[]) //*******temp unused void */ +{ + printf("called wp_chacha20_poly1305_set_ctx_params\n"); + const OSSL_PARAM *p; + size_t len = 0; + wp_CP_AeadCtx *ctx = (wp_CP_AeadCtx *)vctx; + + if (params == NULL) + return 1; + + p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN); + if (p != NULL) { + if (!OSSL_PARAM_get_size_t(p, &len)) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); + return 0; + } + if (len != WP_CHACHA20_POLY1305_KEYLEN) { + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); + return 0; + } + printf("done setting keylen len=%ld\n", len); + } + p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_IVLEN); + if (p != NULL) { + if (!OSSL_PARAM_get_size_t(p, &len)) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); + return 0; + } + if (len != WP_CHACHA20_POLY1305_MAX_IVLEN) { + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); + return 0; + } + printf("done setting ivlen len=%ld\n", len); + } + + p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_TAG); + if (p != NULL) { + if (p->data_type != OSSL_PARAM_OCTET_STRING) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); + return 0; + } + if (p->data_size == 0 || p->data_size > POLY1305_BLOCK_SIZE) { + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAG_LENGTH); + return 0; + } + if (p->data != NULL) { + if (ctx->enc) { + ERR_raise(ERR_LIB_PROV, PROV_R_TAG_NOT_NEEDED); + return 0; + } + memcpy(ctx->tag, p->data, p->data_size); + } + ctx->tagLen = p->data_size; + printf("done setting AEAD_TAG len=%ld\n", ctx->tagLen); + } + + p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_TLS1_AAD); + if (p != NULL) { + + printf("located aad\n"); + if (p->data_type != OSSL_PARAM_OCTET_STRING) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); + return 0; + } + len = wp_cp_aead_tls_init(ctx, (unsigned char*)p->data, (size_t)p->data_size); + if (len == 0) { + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_DATA); + return 0; + } + ctx->tlsAadPadSz = len; + } + + p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_TLS1_IV_FIXED); + if (p != NULL) { + printf("located TLS1_IV_FIXED\n"); + if (p->data_type != OSSL_PARAM_OCTET_STRING) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); + return 0; + } + + if (!wp_cp_aead_tls_iv_set_fixed(ctx, (unsigned char*)p->data, (size_t)p->data_size)) { + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); + return 0; + } + } + /* ignore OSSL_CIPHER_PARAM_AEAD_MAC_KEY */ + + return 1; +} + +/** + * Initialize CHACHA20_POLY1305 cipher for encryption. + * + * Sets the parameters as well as key and IV/nonce. + * + * @param [in, out] ctx AEAD context object. + * @param [in] key Private key to initialize with. May be NULL. + * @param [in] keyLen Length of key in bytes. + * @param [in] iv IV/nonce to initialize with. May be NULL. + * @param [in] ivLen Length of IV/nonce in bytes. + * @param [in] params Array of parameters and values. + * @return 1 on success. + * @return 0 on failure. + */ +static int wp_chacha20_poly1305_einit(void *vctx, const unsigned char *key, + size_t keyLen, const unsigned char *iv, + size_t ivLen, const OSSL_PARAM params[]) +{ + printf("called wp_chacha20_poly1305_einit\n"); + wp_CP_AeadCtx *ctx = (wp_CP_AeadCtx *)vctx; + int ok = 1; + int rc = 0; + + if (!wolfssl_prov_is_running()) { + return 0; + } + printf("yes running\n"); + + if(key == NULL) { + printf("key == NULL\n"); + } + if(iv == NULL) { + printf("iv == NULL\n"); + } + printf(" keylen= %ld\n", keyLen); + printf(" ivlen= %ld\n", ivLen); + + if (key) { + if (keyLen == 0 || keyLen != CHACHA20_POLY1305_AEAD_KEYSIZE) { + ok = 0; + } + if (ok) { + // cache user key + XMEMCPY(ctx->key, key, keyLen); + ctx->keySet = 1; + } + printf(" cache key_Init ok= %d\n", ok); + } + + if (iv) { + if (ivLen == 0 || ivLen != CHACHA20_POLY1305_AEAD_IV_SIZE) { + ok = 0; + } + if (ok) { + // cache iv + XMEMCPY(ctx->iv, iv, ivLen); + ctx->ivSet = 1; + } + printf(" cache iv_Init ok= %d\n", ok); + } + + if (ctx->ivSet && ctx->keySet) { + rc = wc_ChaCha20Poly1305_Init(&ctx->ChaChaPoly_Aead, + (const byte*)ctx->key, + (const byte*)ctx->iv, + CHACHA20_POLY1305_AEAD_ENCRYPT); + if (rc != 0) { + ok = 0; + } + if (ok) { + // set ctx nonce val + ctx->nonce[0] = ctx->ChaChaPoly_Aead.chacha.X[1]; + ctx->nonce[1] = ctx->ChaChaPoly_Aead.chacha.X[2]; + ctx->nonce[2] = ctx->ChaChaPoly_Aead.chacha.X[3]; + // ctx->ivSet = 1; + ctx->mac_inited = 1; + } + printf(" wc_ChaCha20Poly1305_Init ok= %d\n", ok); + } + + if (ok) { + ctx->enc = 1; // CHACHA20_POLY1305_AEAD_ENCRYPT + ctx->tlsAadLen = UNINITIALISED_SIZET; + + ok = wp_chacha20_poly1305_set_ctx_params(ctx, params); + } + + WOLFPROV_LEAVE(WP_LOG_CIPHER, __FILE__ ":" WOLFPROV_STRINGIZE(__LINE__), ok); + return ok; +} + + +/** + * Initialize CHACHA20_POLY1305 cipher for decryption. + * + * Sets the parameters as well as key and IV/nonce. + * + * @param [in, out] ctx AEAD context object. + * @param [in] key Private key to initialize with. May be NULL. + * @param [in] keyLen Length of key in bytes. + * @param [in] iv IV/nonce to initialize with. May be NULL. + * @param [in] ivLen Length of IV/nonce in bytes. + * @param [in] params Array of parameters and values. + * @return 1 on success. + * @return 0 on failure. + */ +static int wp_chacha20_poly1305_dinit(void *vctx, const unsigned char *key, + size_t keyLen, const unsigned char *iv, + size_t ivLen, const OSSL_PARAM params[]) +{ + printf("called wp_chacha20_poly1305_dinit\n"); + wp_CP_AeadCtx *ctx = (wp_CP_AeadCtx *)vctx; + int ok = 1; + int rc = 0; + + if (!wolfssl_prov_is_running()) { + return 0; + } + + if(key == NULL) { + printf("D key == NULL\n"); + } + if(iv == NULL) { + printf("D iv == NULL\n"); + } + printf("D keylen= %ld\n", keyLen); + printf("D ivlen= %ld\n", ivLen); + if (key) { + if (keyLen == 0 || keyLen != CHACHA20_POLY1305_AEAD_KEYSIZE) { + ok = 0; + } + if (ok) { + // cache user key + XMEMCPY(ctx->key, key, keyLen); + ctx->keySet = 1; + } + printf(" cache key_Init ok= %d\n", ok); + } + + if (iv) { + if (ivLen == 0 || ivLen != CHACHA20_POLY1305_AEAD_IV_SIZE) { + ok = 0; + } + if (ok) { + // cache iv + XMEMCPY(ctx->iv, iv, ivLen); + ctx->ivSet = 1; + } + printf(" cache iv_Init ok= %d\n", ok); + } + + if (ctx->ivSet && ctx->keySet) { + rc = wc_ChaCha20Poly1305_Init(&ctx->ChaChaPoly_Aead, + (const byte*)ctx->key, + (const byte*)ctx->iv, + CHACHA20_POLY1305_AEAD_DECRYPT); + if (rc != 0) { + ok = 0; + } + if (ok) { + // set ctx nonce val + ctx->nonce[0] = ctx->ChaChaPoly_Aead.chacha.X[1]; + ctx->nonce[1] = ctx->ChaChaPoly_Aead.chacha.X[2]; + ctx->nonce[2] = ctx->ChaChaPoly_Aead.chacha.X[3]; + // ctx->ivSet = 1; + ctx->mac_inited = 1; + } + printf(" wc_ChaCha20Poly1305_Init ok= %d\n", ok); + } + + if (ok) { + ctx->enc = 0; // CHACHA20_POLY1305_AEAD_DECRYPT + ctx->tlsAadLen = UNINITIALISED_SIZET; + + ok = wp_chacha20_poly1305_set_ctx_params(ctx, params); + } + + WOLFPROV_LEAVE(WP_LOG_CIPHER, __FILE__ ":" WOLFPROV_STRINGIZE(__LINE__), ok); + return ok; +} + +/** + * Cipher update for CHACHA20_POLY1305_AEAD. + * + * @param [in, out] ctx AEAD context object. + * @param [out] out Buffer to hold encrypted/decrypted data. + * @param [out] outLen Length of data in output buffer. + * @param [in] outSize Size of output buffer in bytes. + * @param [in] in Data to be encrypted/decrypted. + * @param [in] inLen Length of data to be encrypted/decrypted. + * @return 1 on success. + * @return 0 on failure. + */ +static int wp_chacha20_poly1305_cipher(void *vctx, unsigned char *out, + size_t *outLen, size_t outSize, + const unsigned char *in, size_t inLen) +{ + printf("called wp_chacha20_poly1305_cipher\n"); + wp_CP_AeadCtx *ctx = (wp_CP_AeadCtx *)vctx; + int ok = 1; + int ret = 0; + int oLen = 0; + + if (!wolfssl_prov_is_running()) { + return 0; + } + + if (inLen == 0) { + *outLen = 0; + return 1; + } + + if (outSize < inLen) { + ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); + return 0; + } + + if (ctx->tlsAadLen != UNINITIALISED_SIZET) { + //if (inLen != ctx->tlsAadLen + POLY1305_BLOCK_SIZE) { // aadLen + 16 return 0; // ok = 0; + printf(" not implemented\n"); +#if 0 + if (out == NULL) { + if (in == NULL) { + ret = wc_ChaCha20Poly1305_UpdateAad(&ctx->ChaChaPoly_Aead, (const byte*)ctx->tls_aad, (word32)ctx->tlsAadLen); + oLen = (word32)inLen; //inlen == 0 + } + else { + // buf[ctx->tlsAadLen+inlen] + //ret = wc_ChaCha20Poly1305_UpdateAad(&ctx->ChaChaPoly_Aead, (const byte*)ctx->tls_aad+in, (word32)ctx->tlsAadLen+inlen); + oLen = (word32)inLen; + } + } + else { + ret = wc_ChaCha20Poly1305_UpdateAad(&ctx->ChaChaPoly_Aead, (const byte*)ctx->tls_aad, (word32)ctx->tlsAadLen); + + ret = wc_ChaCha20Poly1305_UpdateData(&ctx->ChaChaPoly_Aead, (const byte*)in, (byte*)out, (word32)inLen); + oLen = (word32)inLen; + } +#endif + } + else { // non-tls + + if ((out == NULL) && (in == NULL)) { + /* Nothing to do. */ + oLen = (word32)inLen; + } + else if ((out == NULL) && (in != NULL)) { + /* AAD only. */ + ret = wc_ChaCha20Poly1305_UpdateAad(&ctx->ChaChaPoly_Aead, (const byte*)in, (word32)inLen); + if (ret != 0) { + ok = 0; + } + printf("done wc_ChaCha20Poly1305_UpdateAad ok=%d\n", ok); + if (ok) { + // ctx->len.aad += inLen; ctx->ChaChaPoly_Aead UPDATED + ctx->aadSet = 1; + oLen = (word32)inLen; + } + } + else if (outSize < inLen) { + ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); + ok = 0; + } + else if (inLen > 0) { // out not null, in not null, inlen valid + ret = wc_ChaCha20Poly1305_UpdateData(&ctx->ChaChaPoly_Aead, (const byte*)in, (byte*)out, (word32)inLen); + if (ret != 0) { + ok = 0; + } + if (ok) { + oLen = (word32)inLen; //->ChaChaPoly_Aead.dataLen; + } + printf("done wc_ChaCha20Poly1305_UpdateData ok=%d\n", ok); + + } + + *outLen = oLen; + } +#if 0 + // chacha20_poly1305_not inited (poly auth key not created) + //if (!ctx->mac_inited) { // or aead state not ready, COULD IGNORE + + // tls operation: tlsAadLen set by tls-init(aad updated) and expect output + if (ctx->tlsAadLen != UNINITIALISED_SIZET) { + if (out != NULL) { + + if (inLen != ctx->tlsAadLen + POLY1305_BLOCK_SIZE) { // aadLen + 16 + return 0; // ok = 0; + } + // ossl: return chacha20_poly1305_tls_cipher(bctx, out, outl, in, inl); + // inited + update aad + update data + final + // update add + update data(encdec) + + // tls-init: just store aad val in ctx, dont merge other stuff ? + + ret = wc_ChaCha20Poly1305_UpdateAad(&ctx->ChaChaPoly_Aead, (const byte*)ctx->tls_aad, (word32)ctx->tlsAadLen); + if (ret != 0) { + ok = 0; + } + if (ok) { + ctx->len.aad = EVP_AEAD_TLS1_AAD_LEN; + ctx->aadSet = 1; + oLen = (word32)ctx->tlsAadLen; + } + printf("ctx->tlsAadLen: done wc_ChaCha20Poly1305_UpdateAad ok=%d\n", ok); + ret = wc_ChaCha20Poly1305_UpdateData(&ctx->ChaChaPoly_Aead, (const byte*)in, (byte*)out, (word32)inLen); + if (ret != 0) { + ok = 0; + oLen = ctx->ChaChaPoly_Aead.dataLen; + } + printf("ctx->tlsAadLen: done wc_ChaCha20Poly1305_UpdateData ok=%d\n", ok); + } + else { + // tls operation not set (by tls-init(aad updated)) OR not expect output (update aad only) + // aad not set yet (not from params, no output indicates set here) + // check aead state ? (already checked iniside wc_ChaCha20Poly1305_UpdateAad) + ret = wc_ChaCha20Poly1305_UpdateAad(&ctx->ChaChaPoly_Aead, (const byte*)ctx->tls_aad, (word32)EVP_AEAD_TLS1_AAD_LEN); // ctx->tlsAadLen + if (ret != 0) { + ok = 0; + } + if (ok) { + ctx->len.aad = EVP_AEAD_TLS1_AAD_LEN; + ctx->aadSet = 1; + oLen = (word32)ctx->tlsAadLen; + } + printf("ctx->tlsAadLen: done wc_ChaCha20Poly1305_UpdateAad ok=%d\n", ok); + } + } +#endif + + //else { + // printf("ready for tls cipher, ctx->tlsAadLen != UNINITIALISED_SIZET\n"); + // // ok = wp_aesgcm_tls_cipher(ctx, out, outLen, in, inLen); + // // call enc/dec directly? + //} + + WOLFPROV_LEAVE(WP_LOG_CIPHER, __FILE__ ":" WOLFPROV_STRINGIZE(__LINE__), ok); + return ok; +} + +/** + * Cipher final for CHACHA20_POLY1305. + * + * @param [in, out] vctx AEAD context object. + * @param [out] out Buffer to hold encrypted/decrypted data. + * @param [out] outLen Length of data in output buffer. + * @param [in] outSize Size of output buffer in bytes. + * @return 1 on success. + * @return 0 on failure. + */ +static int wp_chacha20_poly1305_final(void *vctx, unsigned char *out, size_t *outl, + size_t outsize) +{ + printf("called wp_chacha20_poly1305_final\n"); + wp_CP_AeadCtx *ctx = (wp_CP_AeadCtx *)vctx; + int ok = 1; + int ret = 0; + + printf("outSize= %ld\n", outsize); // 0 + printf("CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE= %d\n", CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE); // 16 + //(void)outSize; + (void)outl; + (void)out; + + byte outAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE]; + + if (ctx->tlsAadLen != UNINITIALISED_SIZET) { + printf("ready for tls cipher, ctx->tlsAadLen != UNINITIALISED_SIZET\n"); + //ok = wp_aesgcm_tls_cipher(ctx, out, outLen, NULL, 0); + } + else { + ret = wc_ChaCha20Poly1305_Final(&ctx->ChaChaPoly_Aead, (byte*)outAuthTag); // ctx->tag + if (ret != 0) { + ok = 0; + } + if (ok) { + ctx->mac_inited = 0; + } + printf("done wc_ChaCha20Poly1305_Final ok=%d\n", ok); + + printf("outauthtag: \n"); + for (int i = 0; i < CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE; i++) printf("%02x", outAuthTag[i]); + printf("\n"); + + // cmp should be done at caller funcs, + memcpy(ctx->tag, outAuthTag, CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE); + } + *outl = 0; + + WOLFPROV_LEAVE(WP_LOG_CIPHER, __FILE__ ":" WOLFPROV_STRINGIZE(__LINE__), ok); + return ok; + +} + +/* ossl_chacha20_ossl_poly1305_functions */ +const OSSL_DISPATCH wp_chacha20_poly1305_functions[] = { + { OSSL_FUNC_CIPHER_NEWCTX, (void (*)(void))wp_chacha20_poly1305_newctx }, + { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))wp_chacha20_poly1305_freectx }, + { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))wp_chacha20_poly1305_dupctx }, + { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))wp_chacha20_poly1305_einit }, + { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))wp_chacha20_poly1305_dinit }, + { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))wp_chacha20_poly1305_update }, + { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))wp_chacha20_poly1305_final }, + { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))wp_chacha20_poly1305_cipher }, + { OSSL_FUNC_CIPHER_GET_PARAMS, + (void (*)(void))wp_chacha20_poly1305_get_params }, + { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, + (void (*)(void))wp_chacha20_poly1305_gettable_params }, + { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, + (void (*)(void))wp_chacha20_poly1305_get_ctx_params }, + { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, + (void (*)(void))wp_chacha20_poly1305_gettable_ctx_params }, + { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, + (void (*)(void))wp_chacha20_poly1305_set_ctx_params }, + { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, + (void (*)(void))wp_chacha20_poly1305_settable_ctx_params }, + OSSL_DISPATCH_END +}; + diff --git a/src/wp_wolfprov.c b/src/wp_wolfprov.c index 4e458ba6..c7711ff0 100644 --- a/src/wp_wolfprov.c +++ b/src/wp_wolfprov.c @@ -497,6 +497,9 @@ static const OSSL_ALGORITHM wolfprov_ciphers[] = { "" }, #endif + { WP_NAMES_CHACHA20_POLY1305, WOLFPROV_PROPERTIES, wp_chacha20_poly1305_functions, + "" }, + { NULL, NULL, NULL, NULL } }; From 59e16af4ef403b17c149c0469df5b9a660a7ca27 Mon Sep 17 00:00:00 2001 From: ruiliio Date: Mon, 12 May 2025 14:30:19 -0700 Subject: [PATCH 2/5] Use WOLFPROV_MSG --- src/wp_chapoly.c | 136 ++++++++++++++++++++++------------------------- 1 file changed, 63 insertions(+), 73 deletions(-) diff --git a/src/wp_chapoly.c b/src/wp_chapoly.c index 89616472..9ccb8358 100644 --- a/src/wp_chapoly.c +++ b/src/wp_chapoly.c @@ -21,7 +21,7 @@ #define POLY1305_BLOCK_SIZE 16 #define CHACHA_CTR_SIZE 16 -/** (chacha20_poly1305) +/** * Authenticated Encryption with Associated Data structure. */ typedef struct wp_CP_AeadCtx { @@ -54,12 +54,7 @@ typedef struct wp_CP_AeadCtx { /** IV/nonce data. */ unsigned char iv[CHACHA20_POLY1305_AEAD_IV_SIZE]; unsigned int nonce[12 / 4]; - - /** Length of AAD data cached. */ - size_t aadLen; - unsigned char key[CHACHA20_POLY1305_AEAD_KEYSIZE]; - /** Buffer to hold tag. */ unsigned char tag[POLY1305_BLOCK_SIZE]; /** Buffer to hold TLS AAD. */ @@ -75,10 +70,7 @@ typedef struct wp_CP_AeadCtx { /** Uninitialized value for a field of type size_t. */ #define UNINITIALISED_SIZET ((size_t)-1) -// TODO: merge with existing wc aead cp defines -#define WP_CHACHA20_POLY1305_KEYLEN 32 #define WP_CHACHA20_POLY1305_BLKLEN 1 -#define WP_CHACHA20_POLY1305_IVLEN 12 #define WP_CHACHA20_POLY1305_MAX_IVLEN 12 #define WP_CHACHA20_POLY1305_MODE 0 /** AEAD cipher flags. */ @@ -112,7 +104,7 @@ static OSSL_FUNC_cipher_gettable_ctx_params_fn wp_chacha20_poly1305_gettable_ctx */ static int wp_cp_aead_tls_init(wp_CP_AeadCtx* ctx, unsigned char* aad, size_t aadLen) { - printf("called wp_cp_aead_tls_init\n"); + WOLFPROV_MSG(WP_LOG_PK,"called wp_cp_aead_tls_init\n"); int ok = 1; size_t len = 0; @@ -192,19 +184,19 @@ static int wp_cp_aead_tls_init(wp_CP_AeadCtx* ctx, unsigned char* aad, size_t aa */ static int wp_cp_aead_tls_iv_set_fixed(wp_CP_AeadCtx* ctx, unsigned char* fixed, size_t flen) { - printf("called wp_cp_aead_tls_ivSet_fixed\n"); + WOLFPROV_MSG(WP_LOG_PK,"called wp_cp_aead_tls_ivSet_fixed\n"); int ok = 1; if (!wolfssl_prov_is_running()) { ok = 0; } - if (flen != WP_CHACHA20_POLY1305_IVLEN) { + if (flen != CHACHA20_POLY1305_AEAD_IV_SIZE) { ok = 0; } if (ok) { - // check key init status first ? no one is chekcing? + // check key init status first ? no one is checking? ctx->nonce[0] = ctx->ChaChaPoly_Aead.chacha.X[1] = CHACHA_U8TOU32(fixed); //LITTLE32(fixed); ctx->nonce[1] = ctx->ChaChaPoly_Aead.chacha.X[2] = CHACHA_U8TOU32(fixed + 4); //LITTLE32(fixed + 4); ctx->nonce[2] = ctx->ChaChaPoly_Aead.chacha.X[3] = CHACHA_U8TOU32(fixed + 8);//LITTLE32(fixed + 8); @@ -338,7 +330,7 @@ static const OSSL_PARAM *wp_cp_aead_settable_ctx_params(wp_CP_AeadCtx* ctx, */ static void *wp_chacha20_poly1305_newctx(void *provctx) { - printf("called wp_chacha20_poly1305_newctx\n"); + WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_newctx\n"); wp_CP_AeadCtx *ctx = NULL; @@ -348,9 +340,8 @@ static void *wp_chacha20_poly1305_newctx(void *provctx) ctx = OPENSSL_zalloc(sizeof(*ctx)); } if (ctx != NULL) { - - ctx->keyLen = WP_CHACHA20_POLY1305_KEYLEN; // new define or use wssldef ? OSSL ONLY HAS PROV DEFINES - ctx->ivLen = WP_CHACHA20_POLY1305_IVLEN; // TLS_EXPLICIT_IV_LEN ??? + ctx->keyLen = CHACHA20_POLY1305_AEAD_KEYSIZE; // new define or use wssldef ? OSSL ONLY HAS PROV DEFINES + ctx->ivLen = CHACHA20_POLY1305_AEAD_IV_SIZE; // TLS_EXPLICIT_IV_LEN ??? ctx->mode = WP_CHACHA20_POLY1305_MODE; ctx->tagLen = UNINITIALISED_SIZET; @@ -367,7 +358,7 @@ static void *wp_chacha20_poly1305_newctx(void *provctx) static void *wp_chacha20_poly1305_dupctx(void *provctx) { - printf("called wp_chacha20_poly1305_dupctx\n"); + WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_dupctx\n"); wp_CP_AeadCtx *ctx = provctx; wp_CP_AeadCtx *dctx = NULL; @@ -380,7 +371,7 @@ static void *wp_chacha20_poly1305_dupctx(void *provctx) static void wp_chacha20_poly1305_freectx(void *vctx) { - printf("called wp_chacha20_poly1305_freectx\n"); + WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_freectx\n"); wp_CP_AeadCtx *ctx = (wp_CP_AeadCtx *)vctx; if (ctx != NULL) { @@ -392,35 +383,35 @@ static void wp_chacha20_poly1305_freectx(void *vctx) static int wp_chacha20_poly1305_get_params(OSSL_PARAM params[]) { - printf("called wp_chacha20_poly1305_get_params\n"); + WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_get_params\n"); return wp_cp_aead_get_params(params, 0, WP_CHACHA20_POLY1305_AEAD_FLAGS, - WP_CHACHA20_POLY1305_KEYLEN * 8, - WP_CHACHA20_POLY1305_BLKLEN * 8, - WP_CHACHA20_POLY1305_IVLEN * 8); + CHACHA20_POLY1305_AEAD_KEYSIZE * 8, + WP_CHACHA20_POLY1305_BLKLEN * 8, + CHACHA20_POLY1305_AEAD_IV_SIZE * 8); } static int wp_chacha20_poly1305_get_ctx_params(void *vctx, OSSL_PARAM params[]) { - printf("called wp_chacha20_poly1305_get_ctx_params\n"); + WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_get_ctx_params\n"); wp_CP_AeadCtx *ctx = (wp_CP_AeadCtx *)vctx; OSSL_PARAM *p; p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN); if (p != NULL) { - if (!OSSL_PARAM_set_size_t(p, WP_CHACHA20_POLY1305_IVLEN)) { + if (!OSSL_PARAM_set_size_t(p, CHACHA20_POLY1305_AEAD_IV_SIZE)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - printf("get_ctx_params: IVLEN \n"); + WOLFPROV_MSG(WP_LOG_PK,"get_ctx_params: IVLEN \n"); } p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN); if (p != NULL ) { - if (!OSSL_PARAM_set_size_t(p, WP_CHACHA20_POLY1305_KEYLEN)) { + if (!OSSL_PARAM_set_size_t(p, CHACHA20_POLY1305_AEAD_KEYSIZE)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - printf("get_ctx_params: KEYLEN \n"); + WOLFPROV_MSG(WP_LOG_PK,"get_ctx_params: KEYLEN \n"); } p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TAGLEN); @@ -429,7 +420,7 @@ static int wp_chacha20_poly1305_get_ctx_params(void *vctx, OSSL_PARAM params[]) ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - printf("get_ctx_params: tagLEN \n"); + WOLFPROV_MSG(WP_LOG_PK,"get_ctx_params: tagLEN \n"); } p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD); if (p != NULL ) { @@ -437,7 +428,7 @@ static int wp_chacha20_poly1305_get_ctx_params(void *vctx, OSSL_PARAM params[]) ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - printf("get_ctx_params: aad pad \n"); + WOLFPROV_MSG(WP_LOG_PK,"get_ctx_params: aad pad \n"); } p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TAG); @@ -455,7 +446,7 @@ static int wp_chacha20_poly1305_get_ctx_params(void *vctx, OSSL_PARAM params[]) return 0; } memcpy(p->data, ctx->tag, p->data_size); - printf("get_ctx_params: tag \n"); + WOLFPROV_MSG(WP_LOG_PK,"get_ctx_params: tag \n"); } return 1; @@ -472,13 +463,13 @@ static const OSSL_PARAM wp_chacha20_poly1305_known_gettable_ctx_params[] = { static const OSSL_PARAM *wp_chacha20_poly1305_gettable_ctx_params (ossl_unused void *cctx, ossl_unused void *provctx) { - printf("called wp_chacha20_poly1305_gettable_ctx_params\n"); + WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_gettable_ctx_params\n"); return wp_chacha20_poly1305_known_gettable_ctx_params; } static int wp_chacha20_poly1305_set_ctx_params(void *vctx, const OSSL_PARAM params[]) //*******temp unused void */ { - printf("called wp_chacha20_poly1305_set_ctx_params\n"); + WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_set_ctx_params\n"); const OSSL_PARAM *p; size_t len = 0; wp_CP_AeadCtx *ctx = (wp_CP_AeadCtx *)vctx; @@ -492,11 +483,11 @@ static int wp_chacha20_poly1305_set_ctx_params(void *vctx, const OSSL_PARAM para ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } - if (len != WP_CHACHA20_POLY1305_KEYLEN) { + if (len != CHACHA20_POLY1305_AEAD_KEYSIZE) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } - printf("done setting keylen len=%ld\n", len); + WOLFPROV_MSG(WP_LOG_PK,"done setting keylen len=%ld\n", len); } p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_IVLEN); if (p != NULL) { @@ -508,7 +499,7 @@ static int wp_chacha20_poly1305_set_ctx_params(void *vctx, const OSSL_PARAM para ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); return 0; } - printf("done setting ivlen len=%ld\n", len); + WOLFPROV_MSG(WP_LOG_PK,"done setting ivlen len=%ld\n", len); } p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_TAG); @@ -529,13 +520,13 @@ static int wp_chacha20_poly1305_set_ctx_params(void *vctx, const OSSL_PARAM para memcpy(ctx->tag, p->data, p->data_size); } ctx->tagLen = p->data_size; - printf("done setting AEAD_TAG len=%ld\n", ctx->tagLen); + WOLFPROV_MSG(WP_LOG_PK,"done setting AEAD_TAG len=%ld\n", ctx->tagLen); } p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_TLS1_AAD); if (p != NULL) { - printf("located aad\n"); + WOLFPROV_MSG(WP_LOG_PK,"located aad\n"); if (p->data_type != OSSL_PARAM_OCTET_STRING) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; @@ -550,7 +541,7 @@ static int wp_chacha20_poly1305_set_ctx_params(void *vctx, const OSSL_PARAM para p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_TLS1_IV_FIXED); if (p != NULL) { - printf("located TLS1_IV_FIXED\n"); + WOLFPROV_MSG(WP_LOG_PK,"located TLS1_IV_FIXED\n"); if (p->data_type != OSSL_PARAM_OCTET_STRING) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; @@ -584,7 +575,7 @@ static int wp_chacha20_poly1305_einit(void *vctx, const unsigned char *key, size_t keyLen, const unsigned char *iv, size_t ivLen, const OSSL_PARAM params[]) { - printf("called wp_chacha20_poly1305_einit\n"); + WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_einit\n"); wp_CP_AeadCtx *ctx = (wp_CP_AeadCtx *)vctx; int ok = 1; int rc = 0; @@ -592,16 +583,16 @@ static int wp_chacha20_poly1305_einit(void *vctx, const unsigned char *key, if (!wolfssl_prov_is_running()) { return 0; } - printf("yes running\n"); + WOLFPROV_MSG(WP_LOG_PK,"yes running\n"); if(key == NULL) { - printf("key == NULL\n"); + WOLFPROV_MSG(WP_LOG_PK,"key == NULL\n"); } if(iv == NULL) { - printf("iv == NULL\n"); + WOLFPROV_MSG(WP_LOG_PK,"iv == NULL\n"); } - printf(" keylen= %ld\n", keyLen); - printf(" ivlen= %ld\n", ivLen); + WOLFPROV_MSG(WP_LOG_PK," keylen= %ld\n", keyLen); + WOLFPROV_MSG(WP_LOG_PK," ivlen= %ld\n", ivLen); if (key) { if (keyLen == 0 || keyLen != CHACHA20_POLY1305_AEAD_KEYSIZE) { @@ -612,7 +603,7 @@ static int wp_chacha20_poly1305_einit(void *vctx, const unsigned char *key, XMEMCPY(ctx->key, key, keyLen); ctx->keySet = 1; } - printf(" cache key_Init ok= %d\n", ok); + WOLFPROV_MSG(WP_LOG_PK," cache key_Init ok= %d\n", ok); } if (iv) { @@ -624,7 +615,7 @@ static int wp_chacha20_poly1305_einit(void *vctx, const unsigned char *key, XMEMCPY(ctx->iv, iv, ivLen); ctx->ivSet = 1; } - printf(" cache iv_Init ok= %d\n", ok); + WOLFPROV_MSG(WP_LOG_PK," cache iv_Init ok= %d\n", ok); } if (ctx->ivSet && ctx->keySet) { @@ -643,7 +634,7 @@ static int wp_chacha20_poly1305_einit(void *vctx, const unsigned char *key, // ctx->ivSet = 1; ctx->mac_inited = 1; } - printf(" wc_ChaCha20Poly1305_Init ok= %d\n", ok); + WOLFPROV_MSG(WP_LOG_PK," wc_ChaCha20Poly1305_Init ok= %d\n", ok); } if (ok) { @@ -676,7 +667,7 @@ static int wp_chacha20_poly1305_dinit(void *vctx, const unsigned char *key, size_t keyLen, const unsigned char *iv, size_t ivLen, const OSSL_PARAM params[]) { - printf("called wp_chacha20_poly1305_dinit\n"); + WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_dinit\n"); wp_CP_AeadCtx *ctx = (wp_CP_AeadCtx *)vctx; int ok = 1; int rc = 0; @@ -686,13 +677,13 @@ static int wp_chacha20_poly1305_dinit(void *vctx, const unsigned char *key, } if(key == NULL) { - printf("D key == NULL\n"); + WOLFPROV_MSG(WP_LOG_PK,"D key == NULL\n"); } if(iv == NULL) { - printf("D iv == NULL\n"); + WOLFPROV_MSG(WP_LOG_PK,"D iv == NULL\n"); } - printf("D keylen= %ld\n", keyLen); - printf("D ivlen= %ld\n", ivLen); + WOLFPROV_MSG(WP_LOG_PK,"D keylen= %ld\n", keyLen); + WOLFPROV_MSG(WP_LOG_PK,"D ivlen= %ld\n", ivLen); if (key) { if (keyLen == 0 || keyLen != CHACHA20_POLY1305_AEAD_KEYSIZE) { ok = 0; @@ -702,7 +693,7 @@ static int wp_chacha20_poly1305_dinit(void *vctx, const unsigned char *key, XMEMCPY(ctx->key, key, keyLen); ctx->keySet = 1; } - printf(" cache key_Init ok= %d\n", ok); + WOLFPROV_MSG(WP_LOG_PK," cache key_Init ok= %d\n", ok); } if (iv) { @@ -714,7 +705,7 @@ static int wp_chacha20_poly1305_dinit(void *vctx, const unsigned char *key, XMEMCPY(ctx->iv, iv, ivLen); ctx->ivSet = 1; } - printf(" cache iv_Init ok= %d\n", ok); + WOLFPROV_MSG(WP_LOG_PK," cache iv_Init ok= %d\n", ok); } if (ctx->ivSet && ctx->keySet) { @@ -733,7 +724,7 @@ static int wp_chacha20_poly1305_dinit(void *vctx, const unsigned char *key, // ctx->ivSet = 1; ctx->mac_inited = 1; } - printf(" wc_ChaCha20Poly1305_Init ok= %d\n", ok); + WOLFPROV_MSG(WP_LOG_PK," wc_ChaCha20Poly1305_Init ok= %d\n", ok); } if (ok) { @@ -763,7 +754,7 @@ static int wp_chacha20_poly1305_cipher(void *vctx, unsigned char *out, size_t *outLen, size_t outSize, const unsigned char *in, size_t inLen) { - printf("called wp_chacha20_poly1305_cipher\n"); + WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_cipher\n"); wp_CP_AeadCtx *ctx = (wp_CP_AeadCtx *)vctx; int ok = 1; int ret = 0; @@ -785,7 +776,7 @@ static int wp_chacha20_poly1305_cipher(void *vctx, unsigned char *out, if (ctx->tlsAadLen != UNINITIALISED_SIZET) { //if (inLen != ctx->tlsAadLen + POLY1305_BLOCK_SIZE) { // aadLen + 16 return 0; // ok = 0; - printf(" not implemented\n"); + WOLFPROV_MSG(WP_LOG_PK," not implemented\n"); #if 0 if (out == NULL) { if (in == NULL) { @@ -818,7 +809,7 @@ static int wp_chacha20_poly1305_cipher(void *vctx, unsigned char *out, if (ret != 0) { ok = 0; } - printf("done wc_ChaCha20Poly1305_UpdateAad ok=%d\n", ok); + WOLFPROV_MSG(WP_LOG_PK,"done wc_ChaCha20Poly1305_UpdateAad ok=%d\n", ok); if (ok) { // ctx->len.aad += inLen; ctx->ChaChaPoly_Aead UPDATED ctx->aadSet = 1; @@ -837,7 +828,7 @@ static int wp_chacha20_poly1305_cipher(void *vctx, unsigned char *out, if (ok) { oLen = (word32)inLen; //->ChaChaPoly_Aead.dataLen; } - printf("done wc_ChaCha20Poly1305_UpdateData ok=%d\n", ok); + WOLFPROV_MSG(WP_LOG_PK,"done wc_ChaCha20Poly1305_UpdateData ok=%d\n", ok); } @@ -869,13 +860,13 @@ static int wp_chacha20_poly1305_cipher(void *vctx, unsigned char *out, ctx->aadSet = 1; oLen = (word32)ctx->tlsAadLen; } - printf("ctx->tlsAadLen: done wc_ChaCha20Poly1305_UpdateAad ok=%d\n", ok); + WOLFPROV_MSG(WP_LOG_PK,"ctx->tlsAadLen: done wc_ChaCha20Poly1305_UpdateAad ok=%d\n", ok); ret = wc_ChaCha20Poly1305_UpdateData(&ctx->ChaChaPoly_Aead, (const byte*)in, (byte*)out, (word32)inLen); if (ret != 0) { ok = 0; oLen = ctx->ChaChaPoly_Aead.dataLen; } - printf("ctx->tlsAadLen: done wc_ChaCha20Poly1305_UpdateData ok=%d\n", ok); + WOLFPROV_MSG(WP_LOG_PK,"ctx->tlsAadLen: done wc_ChaCha20Poly1305_UpdateData ok=%d\n", ok); } else { // tls operation not set (by tls-init(aad updated)) OR not expect output (update aad only) @@ -890,13 +881,13 @@ static int wp_chacha20_poly1305_cipher(void *vctx, unsigned char *out, ctx->aadSet = 1; oLen = (word32)ctx->tlsAadLen; } - printf("ctx->tlsAadLen: done wc_ChaCha20Poly1305_UpdateAad ok=%d\n", ok); + WOLFPROV_MSG(WP_LOG_PK,"ctx->tlsAadLen: done wc_ChaCha20Poly1305_UpdateAad ok=%d\n", ok); } } #endif //else { - // printf("ready for tls cipher, ctx->tlsAadLen != UNINITIALISED_SIZET\n"); + // WOLFPROV_MSG(WP_LOG_PK,"ready for tls cipher, ctx->tlsAadLen != UNINITIALISED_SIZET\n"); // // ok = wp_aesgcm_tls_cipher(ctx, out, outLen, in, inLen); // // call enc/dec directly? //} @@ -918,13 +909,13 @@ static int wp_chacha20_poly1305_cipher(void *vctx, unsigned char *out, static int wp_chacha20_poly1305_final(void *vctx, unsigned char *out, size_t *outl, size_t outsize) { - printf("called wp_chacha20_poly1305_final\n"); + WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_final\n"); wp_CP_AeadCtx *ctx = (wp_CP_AeadCtx *)vctx; int ok = 1; int ret = 0; - printf("outSize= %ld\n", outsize); // 0 - printf("CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE= %d\n", CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE); // 16 + WOLFPROV_MSG(WP_LOG_PK,"outSize= %ld\n", outsize); // 0 + WOLFPROV_MSG(WP_LOG_PK,"CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE= %d\n", CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE); // 16 //(void)outSize; (void)outl; (void)out; @@ -932,7 +923,7 @@ static int wp_chacha20_poly1305_final(void *vctx, unsigned char *out, size_t *ou byte outAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE]; if (ctx->tlsAadLen != UNINITIALISED_SIZET) { - printf("ready for tls cipher, ctx->tlsAadLen != UNINITIALISED_SIZET\n"); + WOLFPROV_MSG(WP_LOG_PK,"ready for tls cipher, ctx->tlsAadLen != UNINITIALISED_SIZET\n"); //ok = wp_aesgcm_tls_cipher(ctx, out, outLen, NULL, 0); } else { @@ -943,11 +934,11 @@ static int wp_chacha20_poly1305_final(void *vctx, unsigned char *out, size_t *ou if (ok) { ctx->mac_inited = 0; } - printf("done wc_ChaCha20Poly1305_Final ok=%d\n", ok); + WOLFPROV_MSG(WP_LOG_PK,"done wc_ChaCha20Poly1305_Final ok=%d\n", ok); - printf("outauthtag: \n"); - for (int i = 0; i < CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE; i++) printf("%02x", outAuthTag[i]); - printf("\n"); + WOLFPROV_MSG(WP_LOG_PK,"outauthtag: \n"); + for (int i = 0; i < CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE; i++) WOLFPROV_MSG(WP_LOG_PK,"%02x", outAuthTag[i]); + WOLFPROV_MSG(WP_LOG_PK,"\n"); // cmp should be done at caller funcs, memcpy(ctx->tag, outAuthTag, CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE); @@ -956,7 +947,6 @@ static int wp_chacha20_poly1305_final(void *vctx, unsigned char *out, size_t *ou WOLFPROV_LEAVE(WP_LOG_CIPHER, __FILE__ ":" WOLFPROV_STRINGIZE(__LINE__), ok); return ok; - } /* ossl_chacha20_ossl_poly1305_functions */ From 5cedda58121bd9e1cf01a7a0ee0f8ad7a9cf3eb9 Mon Sep 17 00:00:00 2001 From: ruiliio Date: Mon, 12 May 2025 14:37:44 -0700 Subject: [PATCH 3/5] Use WOLFPROV_MSG instead of printf --- src/wp_chapoly.c | 102 +++++++++++++++++++++++------------------------ 1 file changed, 51 insertions(+), 51 deletions(-) diff --git a/src/wp_chapoly.c b/src/wp_chapoly.c index 9ccb8358..899e685a 100644 --- a/src/wp_chapoly.c +++ b/src/wp_chapoly.c @@ -104,7 +104,7 @@ static OSSL_FUNC_cipher_gettable_ctx_params_fn wp_chacha20_poly1305_gettable_ctx */ static int wp_cp_aead_tls_init(wp_CP_AeadCtx* ctx, unsigned char* aad, size_t aadLen) { - WOLFPROV_MSG(WP_LOG_PK,"called wp_cp_aead_tls_init\n"); + WOLFPROV_MSG(WP_LOG_PK,"called wp_cp_aead_tls_init"); int ok = 1; size_t len = 0; @@ -184,7 +184,7 @@ static int wp_cp_aead_tls_init(wp_CP_AeadCtx* ctx, unsigned char* aad, size_t aa */ static int wp_cp_aead_tls_iv_set_fixed(wp_CP_AeadCtx* ctx, unsigned char* fixed, size_t flen) { - WOLFPROV_MSG(WP_LOG_PK,"called wp_cp_aead_tls_ivSet_fixed\n"); + WOLFPROV_MSG(WP_LOG_PK,"called wp_cp_aead_tls_ivSet_fixed"); int ok = 1; if (!wolfssl_prov_is_running()) { @@ -330,7 +330,7 @@ static const OSSL_PARAM *wp_cp_aead_settable_ctx_params(wp_CP_AeadCtx* ctx, */ static void *wp_chacha20_poly1305_newctx(void *provctx) { - WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_newctx\n"); + WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_newctx"); wp_CP_AeadCtx *ctx = NULL; @@ -358,7 +358,7 @@ static void *wp_chacha20_poly1305_newctx(void *provctx) static void *wp_chacha20_poly1305_dupctx(void *provctx) { - WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_dupctx\n"); + WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_dupctx"); wp_CP_AeadCtx *ctx = provctx; wp_CP_AeadCtx *dctx = NULL; @@ -371,7 +371,7 @@ static void *wp_chacha20_poly1305_dupctx(void *provctx) static void wp_chacha20_poly1305_freectx(void *vctx) { - WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_freectx\n"); + WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_freectx"); wp_CP_AeadCtx *ctx = (wp_CP_AeadCtx *)vctx; if (ctx != NULL) { @@ -383,7 +383,7 @@ static void wp_chacha20_poly1305_freectx(void *vctx) static int wp_chacha20_poly1305_get_params(OSSL_PARAM params[]) { - WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_get_params\n"); + WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_get_params"); return wp_cp_aead_get_params(params, 0, WP_CHACHA20_POLY1305_AEAD_FLAGS, CHACHA20_POLY1305_AEAD_KEYSIZE * 8, WP_CHACHA20_POLY1305_BLKLEN * 8, @@ -392,7 +392,7 @@ static int wp_chacha20_poly1305_get_params(OSSL_PARAM params[]) static int wp_chacha20_poly1305_get_ctx_params(void *vctx, OSSL_PARAM params[]) { - WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_get_ctx_params\n"); + WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_get_ctx_params"); wp_CP_AeadCtx *ctx = (wp_CP_AeadCtx *)vctx; OSSL_PARAM *p; @@ -403,7 +403,7 @@ static int wp_chacha20_poly1305_get_ctx_params(void *vctx, OSSL_PARAM params[]) ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - WOLFPROV_MSG(WP_LOG_PK,"get_ctx_params: IVLEN \n"); + WOLFPROV_MSG(WP_LOG_PK,"get_ctx_params: IVLEN "); } p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN); if (p != NULL ) { @@ -411,7 +411,7 @@ static int wp_chacha20_poly1305_get_ctx_params(void *vctx, OSSL_PARAM params[]) ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - WOLFPROV_MSG(WP_LOG_PK,"get_ctx_params: KEYLEN \n"); + WOLFPROV_MSG(WP_LOG_PK,"get_ctx_params: KEYLEN "); } p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TAGLEN); @@ -420,7 +420,7 @@ static int wp_chacha20_poly1305_get_ctx_params(void *vctx, OSSL_PARAM params[]) ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - WOLFPROV_MSG(WP_LOG_PK,"get_ctx_params: tagLEN \n"); + WOLFPROV_MSG(WP_LOG_PK,"get_ctx_params: tagLEN "); } p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD); if (p != NULL ) { @@ -428,7 +428,7 @@ static int wp_chacha20_poly1305_get_ctx_params(void *vctx, OSSL_PARAM params[]) ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - WOLFPROV_MSG(WP_LOG_PK,"get_ctx_params: aad pad \n"); + WOLFPROV_MSG(WP_LOG_PK,"get_ctx_params: aad pad "); } p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TAG); @@ -446,7 +446,7 @@ static int wp_chacha20_poly1305_get_ctx_params(void *vctx, OSSL_PARAM params[]) return 0; } memcpy(p->data, ctx->tag, p->data_size); - WOLFPROV_MSG(WP_LOG_PK,"get_ctx_params: tag \n"); + WOLFPROV_MSG(WP_LOG_PK,"get_ctx_params: tag "); } return 1; @@ -463,13 +463,13 @@ static const OSSL_PARAM wp_chacha20_poly1305_known_gettable_ctx_params[] = { static const OSSL_PARAM *wp_chacha20_poly1305_gettable_ctx_params (ossl_unused void *cctx, ossl_unused void *provctx) { - WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_gettable_ctx_params\n"); + WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_gettable_ctx_params"); return wp_chacha20_poly1305_known_gettable_ctx_params; } static int wp_chacha20_poly1305_set_ctx_params(void *vctx, const OSSL_PARAM params[]) //*******temp unused void */ { - WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_set_ctx_params\n"); + WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_set_ctx_params"); const OSSL_PARAM *p; size_t len = 0; wp_CP_AeadCtx *ctx = (wp_CP_AeadCtx *)vctx; @@ -487,7 +487,7 @@ static int wp_chacha20_poly1305_set_ctx_params(void *vctx, const OSSL_PARAM para ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } - WOLFPROV_MSG(WP_LOG_PK,"done setting keylen len=%ld\n", len); + WOLFPROV_MSG(WP_LOG_PK,"done setting keylen len=%ld", len); } p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_IVLEN); if (p != NULL) { @@ -499,7 +499,7 @@ static int wp_chacha20_poly1305_set_ctx_params(void *vctx, const OSSL_PARAM para ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); return 0; } - WOLFPROV_MSG(WP_LOG_PK,"done setting ivlen len=%ld\n", len); + WOLFPROV_MSG(WP_LOG_PK,"done setting ivlen len=%ld", len); } p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_TAG); @@ -520,13 +520,13 @@ static int wp_chacha20_poly1305_set_ctx_params(void *vctx, const OSSL_PARAM para memcpy(ctx->tag, p->data, p->data_size); } ctx->tagLen = p->data_size; - WOLFPROV_MSG(WP_LOG_PK,"done setting AEAD_TAG len=%ld\n", ctx->tagLen); + WOLFPROV_MSG(WP_LOG_PK,"done setting AEAD_TAG len=%ld", ctx->tagLen); } p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_TLS1_AAD); if (p != NULL) { - WOLFPROV_MSG(WP_LOG_PK,"located aad\n"); + WOLFPROV_MSG(WP_LOG_PK,"located aad"); if (p->data_type != OSSL_PARAM_OCTET_STRING) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; @@ -541,7 +541,7 @@ static int wp_chacha20_poly1305_set_ctx_params(void *vctx, const OSSL_PARAM para p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_TLS1_IV_FIXED); if (p != NULL) { - WOLFPROV_MSG(WP_LOG_PK,"located TLS1_IV_FIXED\n"); + WOLFPROV_MSG(WP_LOG_PK,"located TLS1_IV_FIXED"); if (p->data_type != OSSL_PARAM_OCTET_STRING) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; @@ -575,7 +575,7 @@ static int wp_chacha20_poly1305_einit(void *vctx, const unsigned char *key, size_t keyLen, const unsigned char *iv, size_t ivLen, const OSSL_PARAM params[]) { - WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_einit\n"); + WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_einit"); wp_CP_AeadCtx *ctx = (wp_CP_AeadCtx *)vctx; int ok = 1; int rc = 0; @@ -583,16 +583,16 @@ static int wp_chacha20_poly1305_einit(void *vctx, const unsigned char *key, if (!wolfssl_prov_is_running()) { return 0; } - WOLFPROV_MSG(WP_LOG_PK,"yes running\n"); + WOLFPROV_MSG(WP_LOG_PK,"yes running"); if(key == NULL) { - WOLFPROV_MSG(WP_LOG_PK,"key == NULL\n"); + WOLFPROV_MSG(WP_LOG_PK,"key == NULL"); } if(iv == NULL) { - WOLFPROV_MSG(WP_LOG_PK,"iv == NULL\n"); + WOLFPROV_MSG(WP_LOG_PK,"iv == NULL"); } - WOLFPROV_MSG(WP_LOG_PK," keylen= %ld\n", keyLen); - WOLFPROV_MSG(WP_LOG_PK," ivlen= %ld\n", ivLen); + //WOLFPROV_MSG(WP_LOG_PK," keylen= %ld", keyLen); + //WOLFPROV_MSG(WP_LOG_PK," ivlen= %ld", ivLen); if (key) { if (keyLen == 0 || keyLen != CHACHA20_POLY1305_AEAD_KEYSIZE) { @@ -603,7 +603,7 @@ static int wp_chacha20_poly1305_einit(void *vctx, const unsigned char *key, XMEMCPY(ctx->key, key, keyLen); ctx->keySet = 1; } - WOLFPROV_MSG(WP_LOG_PK," cache key_Init ok= %d\n", ok); + //WOLFPROV_MSG(WP_LOG_PK," cache key_Init ok= %d", ok); } if (iv) { @@ -615,7 +615,7 @@ static int wp_chacha20_poly1305_einit(void *vctx, const unsigned char *key, XMEMCPY(ctx->iv, iv, ivLen); ctx->ivSet = 1; } - WOLFPROV_MSG(WP_LOG_PK," cache iv_Init ok= %d\n", ok); + //WOLFPROV_MSG(WP_LOG_PK," cache iv_Init ok= %d", ok); } if (ctx->ivSet && ctx->keySet) { @@ -634,7 +634,7 @@ static int wp_chacha20_poly1305_einit(void *vctx, const unsigned char *key, // ctx->ivSet = 1; ctx->mac_inited = 1; } - WOLFPROV_MSG(WP_LOG_PK," wc_ChaCha20Poly1305_Init ok= %d\n", ok); + //WOLFPROV_MSG(WP_LOG_PK," wc_ChaCha20Poly1305_Init ok= %d", ok); } if (ok) { @@ -667,7 +667,7 @@ static int wp_chacha20_poly1305_dinit(void *vctx, const unsigned char *key, size_t keyLen, const unsigned char *iv, size_t ivLen, const OSSL_PARAM params[]) { - WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_dinit\n"); + WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_dinit"); wp_CP_AeadCtx *ctx = (wp_CP_AeadCtx *)vctx; int ok = 1; int rc = 0; @@ -677,13 +677,13 @@ static int wp_chacha20_poly1305_dinit(void *vctx, const unsigned char *key, } if(key == NULL) { - WOLFPROV_MSG(WP_LOG_PK,"D key == NULL\n"); + WOLFPROV_MSG(WP_LOG_PK,"D key == NULL"); } if(iv == NULL) { - WOLFPROV_MSG(WP_LOG_PK,"D iv == NULL\n"); + WOLFPROV_MSG(WP_LOG_PK,"D iv == NULL"); } - WOLFPROV_MSG(WP_LOG_PK,"D keylen= %ld\n", keyLen); - WOLFPROV_MSG(WP_LOG_PK,"D ivlen= %ld\n", ivLen); + //WOLFPROV_MSG(WP_LOG_PK,"D keylen= %ld", keyLen); + //WOLFPROV_MSG(WP_LOG_PK,"D ivlen= %ld", ivLen); if (key) { if (keyLen == 0 || keyLen != CHACHA20_POLY1305_AEAD_KEYSIZE) { ok = 0; @@ -693,7 +693,7 @@ static int wp_chacha20_poly1305_dinit(void *vctx, const unsigned char *key, XMEMCPY(ctx->key, key, keyLen); ctx->keySet = 1; } - WOLFPROV_MSG(WP_LOG_PK," cache key_Init ok= %d\n", ok); + //WOLFPROV_MSG(WP_LOG_PK," cache key_Init ok= %d", ok); } if (iv) { @@ -705,7 +705,7 @@ static int wp_chacha20_poly1305_dinit(void *vctx, const unsigned char *key, XMEMCPY(ctx->iv, iv, ivLen); ctx->ivSet = 1; } - WOLFPROV_MSG(WP_LOG_PK," cache iv_Init ok= %d\n", ok); + //WOLFPROV_MSG(WP_LOG_PK," cache iv_Init ok= %d", ok); } if (ctx->ivSet && ctx->keySet) { @@ -724,7 +724,7 @@ static int wp_chacha20_poly1305_dinit(void *vctx, const unsigned char *key, // ctx->ivSet = 1; ctx->mac_inited = 1; } - WOLFPROV_MSG(WP_LOG_PK," wc_ChaCha20Poly1305_Init ok= %d\n", ok); + //WOLFPROV_MSG(WP_LOG_PK," wc_ChaCha20Poly1305_Init ok= %d", ok); } if (ok) { @@ -754,7 +754,7 @@ static int wp_chacha20_poly1305_cipher(void *vctx, unsigned char *out, size_t *outLen, size_t outSize, const unsigned char *in, size_t inLen) { - WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_cipher\n"); + WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_cipher"); wp_CP_AeadCtx *ctx = (wp_CP_AeadCtx *)vctx; int ok = 1; int ret = 0; @@ -776,7 +776,7 @@ static int wp_chacha20_poly1305_cipher(void *vctx, unsigned char *out, if (ctx->tlsAadLen != UNINITIALISED_SIZET) { //if (inLen != ctx->tlsAadLen + POLY1305_BLOCK_SIZE) { // aadLen + 16 return 0; // ok = 0; - WOLFPROV_MSG(WP_LOG_PK," not implemented\n"); + WOLFPROV_MSG(WP_LOG_PK," not implemented"); #if 0 if (out == NULL) { if (in == NULL) { @@ -809,7 +809,7 @@ static int wp_chacha20_poly1305_cipher(void *vctx, unsigned char *out, if (ret != 0) { ok = 0; } - WOLFPROV_MSG(WP_LOG_PK,"done wc_ChaCha20Poly1305_UpdateAad ok=%d\n", ok); + //WOLFPROV_MSG(WP_LOG_PK,"done wc_ChaCha20Poly1305_UpdateAad ok=%d", ok); if (ok) { // ctx->len.aad += inLen; ctx->ChaChaPoly_Aead UPDATED ctx->aadSet = 1; @@ -828,7 +828,7 @@ static int wp_chacha20_poly1305_cipher(void *vctx, unsigned char *out, if (ok) { oLen = (word32)inLen; //->ChaChaPoly_Aead.dataLen; } - WOLFPROV_MSG(WP_LOG_PK,"done wc_ChaCha20Poly1305_UpdateData ok=%d\n", ok); + //WOLFPROV_MSG(WP_LOG_PK,"done wc_ChaCha20Poly1305_UpdateData ok=%d", ok); } @@ -860,13 +860,13 @@ static int wp_chacha20_poly1305_cipher(void *vctx, unsigned char *out, ctx->aadSet = 1; oLen = (word32)ctx->tlsAadLen; } - WOLFPROV_MSG(WP_LOG_PK,"ctx->tlsAadLen: done wc_ChaCha20Poly1305_UpdateAad ok=%d\n", ok); + WOLFPROV_MSG(WP_LOG_PK,"ctx->tlsAadLen: done wc_ChaCha20Poly1305_UpdateAad ok=%d", ok); ret = wc_ChaCha20Poly1305_UpdateData(&ctx->ChaChaPoly_Aead, (const byte*)in, (byte*)out, (word32)inLen); if (ret != 0) { ok = 0; oLen = ctx->ChaChaPoly_Aead.dataLen; } - WOLFPROV_MSG(WP_LOG_PK,"ctx->tlsAadLen: done wc_ChaCha20Poly1305_UpdateData ok=%d\n", ok); + WOLFPROV_MSG(WP_LOG_PK,"ctx->tlsAadLen: done wc_ChaCha20Poly1305_UpdateData ok=%d", ok); } else { // tls operation not set (by tls-init(aad updated)) OR not expect output (update aad only) @@ -881,13 +881,13 @@ static int wp_chacha20_poly1305_cipher(void *vctx, unsigned char *out, ctx->aadSet = 1; oLen = (word32)ctx->tlsAadLen; } - WOLFPROV_MSG(WP_LOG_PK,"ctx->tlsAadLen: done wc_ChaCha20Poly1305_UpdateAad ok=%d\n", ok); + WOLFPROV_MSG(WP_LOG_PK,"ctx->tlsAadLen: done wc_ChaCha20Poly1305_UpdateAad ok=%d", ok); } } #endif //else { - // WOLFPROV_MSG(WP_LOG_PK,"ready for tls cipher, ctx->tlsAadLen != UNINITIALISED_SIZET\n"); + // WOLFPROV_MSG(WP_LOG_PK,"ready for tls cipher, ctx->tlsAadLen != UNINITIALISED_SIZET"); // // ok = wp_aesgcm_tls_cipher(ctx, out, outLen, in, inLen); // // call enc/dec directly? //} @@ -909,13 +909,13 @@ static int wp_chacha20_poly1305_cipher(void *vctx, unsigned char *out, static int wp_chacha20_poly1305_final(void *vctx, unsigned char *out, size_t *outl, size_t outsize) { - WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_final\n"); + WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_final"); wp_CP_AeadCtx *ctx = (wp_CP_AeadCtx *)vctx; int ok = 1; int ret = 0; - WOLFPROV_MSG(WP_LOG_PK,"outSize= %ld\n", outsize); // 0 - WOLFPROV_MSG(WP_LOG_PK,"CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE= %d\n", CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE); // 16 + //WOLFPROV_MSG(WP_LOG_PK,"outSize= %ld", outsize); // 0 + //WOLFPROV_MSG(WP_LOG_PK,"CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE= %d", CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE); // 16 //(void)outSize; (void)outl; (void)out; @@ -923,7 +923,7 @@ static int wp_chacha20_poly1305_final(void *vctx, unsigned char *out, size_t *ou byte outAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE]; if (ctx->tlsAadLen != UNINITIALISED_SIZET) { - WOLFPROV_MSG(WP_LOG_PK,"ready for tls cipher, ctx->tlsAadLen != UNINITIALISED_SIZET\n"); + WOLFPROV_MSG(WP_LOG_PK,"ready for tls cipher, ctx->tlsAadLen != UNINITIALISED_SIZET"); //ok = wp_aesgcm_tls_cipher(ctx, out, outLen, NULL, 0); } else { @@ -934,11 +934,11 @@ static int wp_chacha20_poly1305_final(void *vctx, unsigned char *out, size_t *ou if (ok) { ctx->mac_inited = 0; } - WOLFPROV_MSG(WP_LOG_PK,"done wc_ChaCha20Poly1305_Final ok=%d\n", ok); + //WOLFPROV_MSG(WP_LOG_PK,"done wc_ChaCha20Poly1305_Final ok=%d", ok); - WOLFPROV_MSG(WP_LOG_PK,"outauthtag: \n"); + WOLFPROV_MSG(WP_LOG_PK,"outauthtag: "); for (int i = 0; i < CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE; i++) WOLFPROV_MSG(WP_LOG_PK,"%02x", outAuthTag[i]); - WOLFPROV_MSG(WP_LOG_PK,"\n"); + WOLFPROV_MSG(WP_LOG_PK,""); // cmp should be done at caller funcs, memcpy(ctx->tag, outAuthTag, CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE); From 7afa1316d876efd1eddda77823fa4b5563f9689f Mon Sep 17 00:00:00 2001 From: ruiliio Date: Mon, 12 May 2025 14:42:08 -0700 Subject: [PATCH 4/5] Use WOLFPROV_MSG instead of printf and fix spelling errors --- src/wp_chapoly.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/wp_chapoly.c b/src/wp_chapoly.c index 899e685a..c3337383 100644 --- a/src/wp_chapoly.c +++ b/src/wp_chapoly.c @@ -871,7 +871,7 @@ static int wp_chacha20_poly1305_cipher(void *vctx, unsigned char *out, else { // tls operation not set (by tls-init(aad updated)) OR not expect output (update aad only) // aad not set yet (not from params, no output indicates set here) - // check aead state ? (already checked iniside wc_ChaCha20Poly1305_UpdateAad) + // check aead state ? (already checked inside wc_ChaCha20Poly1305_UpdateAad) ret = wc_ChaCha20Poly1305_UpdateAad(&ctx->ChaChaPoly_Aead, (const byte*)ctx->tls_aad, (word32)EVP_AEAD_TLS1_AAD_LEN); // ctx->tlsAadLen if (ret != 0) { ok = 0; @@ -916,7 +916,7 @@ static int wp_chacha20_poly1305_final(void *vctx, unsigned char *out, size_t *ou //WOLFPROV_MSG(WP_LOG_PK,"outSize= %ld", outsize); // 0 //WOLFPROV_MSG(WP_LOG_PK,"CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE= %d", CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE); // 16 - //(void)outSize; + (void)outsize; (void)outl; (void)out; From 9302012b9a55110627b2154843ba5c441acfb7d1 Mon Sep 17 00:00:00 2001 From: ruiliio Date: Sat, 24 May 2025 15:06:23 -0700 Subject: [PATCH 5/5] Add test case for ChaChaPoly AEAD --- src/include.am | 2 +- src/{wp_chapoly.c => wp_chachapoly_aead.c} | 337 ++++++--------------- test/include.am | 1 + test/test_chachapoly.c | 216 +++++++++++++ test/unit.c | 3 + test/unit.h | 2 + 6 files changed, 314 insertions(+), 247 deletions(-) rename src/{wp_chapoly.c => wp_chachapoly_aead.c} (69%) create mode 100644 test/test_chachapoly.c diff --git a/src/include.am b/src/include.am index d3312af9..4bbad1b0 100644 --- a/src/include.am +++ b/src/include.am @@ -10,7 +10,7 @@ libwolfprov_la_SOURCES += src/wp_aes_block.c libwolfprov_la_SOURCES += src/wp_aes_stream.c libwolfprov_la_SOURCES += src/wp_aes_aead.c libwolfprov_la_SOURCES += src/wp_aes_wrap.c -libwolfprov_la_SOURCES += src/wp_chapoly.c +libwolfprov_la_SOURCES += src/wp_chachapoly_aead.c libwolfprov_la_SOURCES += src/wp_des.c libwolfprov_la_SOURCES += src/wp_hmac.c libwolfprov_la_SOURCES += src/wp_cmac.c diff --git a/src/wp_chapoly.c b/src/wp_chachapoly_aead.c similarity index 69% rename from src/wp_chapoly.c rename to src/wp_chachapoly_aead.c index c3337383..0a5214cd 100644 --- a/src/wp_chapoly.c +++ b/src/wp_chachapoly_aead.c @@ -17,7 +17,6 @@ ((unsigned int)(p)[0]) | ((unsigned int)(p)[1]<<8) | \ ((unsigned int)(p)[2]<<16) | ((unsigned int)(p)[3]<<24) ) -// include all define and declaration here, cuz there is no wp_xxx.h ? and no chacha or poly for wp ? #define POLY1305_BLOCK_SIZE 16 #define CHACHA_CTR_SIZE 16 @@ -26,13 +25,8 @@ */ typedef struct wp_CP_AeadCtx { ChaChaPoly_Aead ChaChaPoly_Aead; - - /** Provider context that we are constructed from. */ - WOLFPROV_CTX* provCtx; - /** Cipher mode: chacha20_poly1305 */ int mode; - /** Length of key. */ size_t keyLen; /** Length of iv/nonce. */ @@ -43,33 +37,24 @@ typedef struct wp_CP_AeadCtx { size_t tlsAadLen; /** TLS pad size. */ size_t tlsAadPadSz; - /** Initialized for encryption or decryption. */ unsigned int enc:1; /** AAD set with call to update. */ unsigned int aadSet:1; - unsigned int ivSet:1; - unsigned int keySet:1; - - /** IV/nonce data. */ + /** IV/nonce data cached with call to init. */ unsigned char iv[CHACHA20_POLY1305_AEAD_IV_SIZE]; - unsigned int nonce[12 / 4]; + /** key data cached with call to init. */ unsigned char key[CHACHA20_POLY1305_AEAD_KEYSIZE]; + /** IV/nonce data. */ + unsigned int nonce[12 / 4]; /** Buffer to hold tag. */ unsigned char tag[POLY1305_BLOCK_SIZE]; /** Buffer to hold TLS AAD. */ unsigned char tls_aad[POLY1305_BLOCK_SIZE]; - - struct { uint64_t aad, text; } len; - - unsigned int mac_inited : 1; // to remove - } wp_CP_AeadCtx; - /** Uninitialized value for a field of type size_t. */ #define UNINITIALISED_SIZET ((size_t)-1) - #define WP_CHACHA20_POLY1305_BLKLEN 1 #define WP_CHACHA20_POLY1305_MAX_IVLEN 12 #define WP_CHACHA20_POLY1305_MODE 0 @@ -104,7 +89,6 @@ static OSSL_FUNC_cipher_gettable_ctx_params_fn wp_chacha20_poly1305_gettable_ctx */ static int wp_cp_aead_tls_init(wp_CP_AeadCtx* ctx, unsigned char* aad, size_t aadLen) { - WOLFPROV_MSG(WP_LOG_PK,"called wp_cp_aead_tls_init"); int ok = 1; size_t len = 0; @@ -119,14 +103,14 @@ static int wp_cp_aead_tls_init(wp_CP_AeadCtx* ctx, unsigned char* aad, size_t aa if (ok) { /* Cache AAD. */ - XMEMCPY(ctx->tls_aad, aad, EVP_AEAD_TLS1_AAD_LEN); //XMEMCPY(buf, aad, aadLen); + XMEMCPY(ctx->tls_aad, aad, EVP_AEAD_TLS1_AAD_LEN); ctx->tlsAadLen = aadLen; len = aad[EVP_AEAD_TLS1_AAD_LEN - 2] << 8 | aad[EVP_AEAD_TLS1_AAD_LEN - 1]; - if (len >= POLY1305_BLOCK_SIZE ) { //EVP_AEAD_TLS_EXPLICIT_IV_LEN = 8 + if (len >= POLY1305_BLOCK_SIZE ) { len -= POLY1305_BLOCK_SIZE; } - else { // len < POLY1305_BLOCK_SIZE + else { ok = 0; } } @@ -144,26 +128,10 @@ static int wp_cp_aead_tls_init(wp_CP_AeadCtx* ctx, unsigned char* aad, size_t aa } ctx->tlsAadLen = len; - // AEAD_CHACHA20_POLY1305 requires a 96-bit nonce, which is formed as follows: - // 1. The 64-bit record sequence number is serialized as an 8-byte, - // big-endian value and padded on the left with four 0x00 bytes. - // 2. The padded sequence number is XORed with the client_write_IV - // (when the client is sending) or server_write_IV (when the server is sending). - // the |counter| argument is pointer to concatenated nonce and counter values collected into 4 32-bit elements. - /* merge record sequence number as per RFC7905 */ ctx->ChaChaPoly_Aead.chacha.X[1] = ctx->nonce[0]; ctx->ChaChaPoly_Aead.chacha.X[2] = ctx->nonce[1] ^ CHACHA_U8TOU32(aad); ctx->ChaChaPoly_Aead.chacha.X[3] = ctx->nonce[2] ^ CHACHA_U8TOU32(aad+4); - - ctx->mac_inited = 0; - /** - * IV(nonce) changes with each record - * counter is for what value the block counter should start ... usually 0 - */ - // assume iv set? and then merge records. otherwise non-set iv merge is pointless? - // tls-init with aad info: store aad val in the ctx for later use. - // same as tls-set-fixed-iv, all only matters after aead init complete? } if (!ok) { @@ -184,7 +152,6 @@ static int wp_cp_aead_tls_init(wp_CP_AeadCtx* ctx, unsigned char* aad, size_t aa */ static int wp_cp_aead_tls_iv_set_fixed(wp_CP_AeadCtx* ctx, unsigned char* fixed, size_t flen) { - WOLFPROV_MSG(WP_LOG_PK,"called wp_cp_aead_tls_ivSet_fixed"); int ok = 1; if (!wolfssl_prov_is_running()) { @@ -196,10 +163,9 @@ static int wp_cp_aead_tls_iv_set_fixed(wp_CP_AeadCtx* ctx, unsigned char* fixed, } if (ok) { - // check key init status first ? no one is checking? - ctx->nonce[0] = ctx->ChaChaPoly_Aead.chacha.X[1] = CHACHA_U8TOU32(fixed); //LITTLE32(fixed); - ctx->nonce[1] = ctx->ChaChaPoly_Aead.chacha.X[2] = CHACHA_U8TOU32(fixed + 4); //LITTLE32(fixed + 4); - ctx->nonce[2] = ctx->ChaChaPoly_Aead.chacha.X[3] = CHACHA_U8TOU32(fixed + 8);//LITTLE32(fixed + 8); + ctx->nonce[0] = ctx->ChaChaPoly_Aead.chacha.X[1] = CHACHA_U8TOU32(fixed); + ctx->nonce[1] = ctx->ChaChaPoly_Aead.chacha.X[2] = CHACHA_U8TOU32(fixed + 4); + ctx->nonce[2] = ctx->ChaChaPoly_Aead.chacha.X[3] = CHACHA_U8TOU32(fixed + 8); } WOLFPROV_LEAVE(WP_LOG_CIPHER, __FILE__ ":" WOLFPROV_STRINGIZE(__LINE__), ok); @@ -244,7 +210,7 @@ static const OSSL_PARAM *wp_cp_aead_gettable_params(WOLFPROV_CTX* provCtx) * @return 0 on failure. */ static int wp_cp_aead_get_params(OSSL_PARAM params[], unsigned int md, - uint64_t flags, size_t keyBits, size_t blkBits, size_t ivBits) + uint64_t flags, size_t keyBits, size_t blkBits, size_t ivBits) { int ok = 1; OSSL_PARAM* p; @@ -330,27 +296,20 @@ static const OSSL_PARAM *wp_cp_aead_settable_ctx_params(wp_CP_AeadCtx* ctx, */ static void *wp_chacha20_poly1305_newctx(void *provctx) { - WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_newctx"); - wp_CP_AeadCtx *ctx = NULL; - (void)provctx; if (wolfssl_prov_is_running()) { ctx = OPENSSL_zalloc(sizeof(*ctx)); } if (ctx != NULL) { - ctx->keyLen = CHACHA20_POLY1305_AEAD_KEYSIZE; // new define or use wssldef ? OSSL ONLY HAS PROV DEFINES - ctx->ivLen = CHACHA20_POLY1305_AEAD_IV_SIZE; // TLS_EXPLICIT_IV_LEN ??? + ctx->keyLen = 0; + ctx->ivLen = 0; ctx->mode = WP_CHACHA20_POLY1305_MODE; ctx->tagLen = UNINITIALISED_SIZET; - // ossl from chacha20_poly1305_initkey || chacha20_poly1305_initiv - ctx->len.aad = 0; - ctx->len.text = 0; ctx->aadSet = 0; - ctx->mac_inited = 0; - ctx->tlsAadLen = UNINITIALISED_SIZET; // must + ctx->tlsAadLen = UNINITIALISED_SIZET; memset(ctx->tls_aad, 0, POLY1305_BLOCK_SIZE); } return ctx; @@ -358,7 +317,6 @@ static void *wp_chacha20_poly1305_newctx(void *provctx) static void *wp_chacha20_poly1305_dupctx(void *provctx) { - WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_dupctx"); wp_CP_AeadCtx *ctx = provctx; wp_CP_AeadCtx *dctx = NULL; @@ -371,7 +329,6 @@ static void *wp_chacha20_poly1305_dupctx(void *provctx) static void wp_chacha20_poly1305_freectx(void *vctx) { - WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_freectx"); wp_CP_AeadCtx *ctx = (wp_CP_AeadCtx *)vctx; if (ctx != NULL) { @@ -383,7 +340,6 @@ static void wp_chacha20_poly1305_freectx(void *vctx) static int wp_chacha20_poly1305_get_params(OSSL_PARAM params[]) { - WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_get_params"); return wp_cp_aead_get_params(params, 0, WP_CHACHA20_POLY1305_AEAD_FLAGS, CHACHA20_POLY1305_AEAD_KEYSIZE * 8, WP_CHACHA20_POLY1305_BLKLEN * 8, @@ -392,8 +348,6 @@ static int wp_chacha20_poly1305_get_params(OSSL_PARAM params[]) static int wp_chacha20_poly1305_get_ctx_params(void *vctx, OSSL_PARAM params[]) { - WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_get_ctx_params"); - wp_CP_AeadCtx *ctx = (wp_CP_AeadCtx *)vctx; OSSL_PARAM *p; @@ -403,7 +357,6 @@ static int wp_chacha20_poly1305_get_ctx_params(void *vctx, OSSL_PARAM params[]) ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - WOLFPROV_MSG(WP_LOG_PK,"get_ctx_params: IVLEN "); } p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN); if (p != NULL ) { @@ -411,7 +364,6 @@ static int wp_chacha20_poly1305_get_ctx_params(void *vctx, OSSL_PARAM params[]) ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - WOLFPROV_MSG(WP_LOG_PK,"get_ctx_params: KEYLEN "); } p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TAGLEN); @@ -420,7 +372,6 @@ static int wp_chacha20_poly1305_get_ctx_params(void *vctx, OSSL_PARAM params[]) ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - WOLFPROV_MSG(WP_LOG_PK,"get_ctx_params: tagLEN "); } p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD); if (p != NULL ) { @@ -428,7 +379,6 @@ static int wp_chacha20_poly1305_get_ctx_params(void *vctx, OSSL_PARAM params[]) ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - WOLFPROV_MSG(WP_LOG_PK,"get_ctx_params: aad pad "); } p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TAG); @@ -446,7 +396,6 @@ static int wp_chacha20_poly1305_get_ctx_params(void *vctx, OSSL_PARAM params[]) return 0; } memcpy(p->data, ctx->tag, p->data_size); - WOLFPROV_MSG(WP_LOG_PK,"get_ctx_params: tag "); } return 1; @@ -463,13 +412,11 @@ static const OSSL_PARAM wp_chacha20_poly1305_known_gettable_ctx_params[] = { static const OSSL_PARAM *wp_chacha20_poly1305_gettable_ctx_params (ossl_unused void *cctx, ossl_unused void *provctx) { - WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_gettable_ctx_params"); return wp_chacha20_poly1305_known_gettable_ctx_params; } -static int wp_chacha20_poly1305_set_ctx_params(void *vctx, const OSSL_PARAM params[]) //*******temp unused void */ +static int wp_chacha20_poly1305_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { - WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_set_ctx_params"); const OSSL_PARAM *p; size_t len = 0; wp_CP_AeadCtx *ctx = (wp_CP_AeadCtx *)vctx; @@ -487,7 +434,6 @@ static int wp_chacha20_poly1305_set_ctx_params(void *vctx, const OSSL_PARAM para ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } - WOLFPROV_MSG(WP_LOG_PK,"done setting keylen len=%ld", len); } p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_IVLEN); if (p != NULL) { @@ -499,7 +445,6 @@ static int wp_chacha20_poly1305_set_ctx_params(void *vctx, const OSSL_PARAM para ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); return 0; } - WOLFPROV_MSG(WP_LOG_PK,"done setting ivlen len=%ld", len); } p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_TAG); @@ -520,13 +465,10 @@ static int wp_chacha20_poly1305_set_ctx_params(void *vctx, const OSSL_PARAM para memcpy(ctx->tag, p->data, p->data_size); } ctx->tagLen = p->data_size; - WOLFPROV_MSG(WP_LOG_PK,"done setting AEAD_TAG len=%ld", ctx->tagLen); } p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_TLS1_AAD); if (p != NULL) { - - WOLFPROV_MSG(WP_LOG_PK,"located aad"); if (p->data_type != OSSL_PARAM_OCTET_STRING) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; @@ -541,12 +483,10 @@ static int wp_chacha20_poly1305_set_ctx_params(void *vctx, const OSSL_PARAM para p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_TLS1_IV_FIXED); if (p != NULL) { - WOLFPROV_MSG(WP_LOG_PK,"located TLS1_IV_FIXED"); if (p->data_type != OSSL_PARAM_OCTET_STRING) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } - if (!wp_cp_aead_tls_iv_set_fixed(ctx, (unsigned char*)p->data, (size_t)p->data_size)) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); return 0; @@ -575,7 +515,6 @@ static int wp_chacha20_poly1305_einit(void *vctx, const unsigned char *key, size_t keyLen, const unsigned char *iv, size_t ivLen, const OSSL_PARAM params[]) { - WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_einit"); wp_CP_AeadCtx *ctx = (wp_CP_AeadCtx *)vctx; int ok = 1; int rc = 0; @@ -583,16 +522,6 @@ static int wp_chacha20_poly1305_einit(void *vctx, const unsigned char *key, if (!wolfssl_prov_is_running()) { return 0; } - WOLFPROV_MSG(WP_LOG_PK,"yes running"); - - if(key == NULL) { - WOLFPROV_MSG(WP_LOG_PK,"key == NULL"); - } - if(iv == NULL) { - WOLFPROV_MSG(WP_LOG_PK,"iv == NULL"); - } - //WOLFPROV_MSG(WP_LOG_PK," keylen= %ld", keyLen); - //WOLFPROV_MSG(WP_LOG_PK," ivlen= %ld", ivLen); if (key) { if (keyLen == 0 || keyLen != CHACHA20_POLY1305_AEAD_KEYSIZE) { @@ -601,9 +530,8 @@ static int wp_chacha20_poly1305_einit(void *vctx, const unsigned char *key, if (ok) { // cache user key XMEMCPY(ctx->key, key, keyLen); - ctx->keySet = 1; + ctx->keyLen = keyLen; } - //WOLFPROV_MSG(WP_LOG_PK," cache key_Init ok= %d", ok); } if (iv) { @@ -613,12 +541,11 @@ static int wp_chacha20_poly1305_einit(void *vctx, const unsigned char *key, if (ok) { // cache iv XMEMCPY(ctx->iv, iv, ivLen); - ctx->ivSet = 1; + ctx->ivLen = ivLen; } - //WOLFPROV_MSG(WP_LOG_PK," cache iv_Init ok= %d", ok); } - if (ctx->ivSet && ctx->keySet) { + if (ctx->keyLen && ctx->ivLen) { rc = wc_ChaCha20Poly1305_Init(&ctx->ChaChaPoly_Aead, (const byte*)ctx->key, (const byte*)ctx->iv, @@ -631,10 +558,7 @@ static int wp_chacha20_poly1305_einit(void *vctx, const unsigned char *key, ctx->nonce[0] = ctx->ChaChaPoly_Aead.chacha.X[1]; ctx->nonce[1] = ctx->ChaChaPoly_Aead.chacha.X[2]; ctx->nonce[2] = ctx->ChaChaPoly_Aead.chacha.X[3]; - // ctx->ivSet = 1; - ctx->mac_inited = 1; } - //WOLFPROV_MSG(WP_LOG_PK," wc_ChaCha20Poly1305_Init ok= %d", ok); } if (ok) { @@ -667,7 +591,6 @@ static int wp_chacha20_poly1305_dinit(void *vctx, const unsigned char *key, size_t keyLen, const unsigned char *iv, size_t ivLen, const OSSL_PARAM params[]) { - WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_dinit"); wp_CP_AeadCtx *ctx = (wp_CP_AeadCtx *)vctx; int ok = 1; int rc = 0; @@ -675,15 +598,7 @@ static int wp_chacha20_poly1305_dinit(void *vctx, const unsigned char *key, if (!wolfssl_prov_is_running()) { return 0; } - - if(key == NULL) { - WOLFPROV_MSG(WP_LOG_PK,"D key == NULL"); - } - if(iv == NULL) { - WOLFPROV_MSG(WP_LOG_PK,"D iv == NULL"); - } - //WOLFPROV_MSG(WP_LOG_PK,"D keylen= %ld", keyLen); - //WOLFPROV_MSG(WP_LOG_PK,"D ivlen= %ld", ivLen); + if (key) { if (keyLen == 0 || keyLen != CHACHA20_POLY1305_AEAD_KEYSIZE) { ok = 0; @@ -691,9 +606,8 @@ static int wp_chacha20_poly1305_dinit(void *vctx, const unsigned char *key, if (ok) { // cache user key XMEMCPY(ctx->key, key, keyLen); - ctx->keySet = 1; + ctx->keyLen = keyLen; } - //WOLFPROV_MSG(WP_LOG_PK," cache key_Init ok= %d", ok); } if (iv) { @@ -702,13 +616,12 @@ static int wp_chacha20_poly1305_dinit(void *vctx, const unsigned char *key, } if (ok) { // cache iv - XMEMCPY(ctx->iv, iv, ivLen); - ctx->ivSet = 1; - } - //WOLFPROV_MSG(WP_LOG_PK," cache iv_Init ok= %d", ok); + XMEMCPY(ctx->iv, iv, ivLen); + ctx->ivLen = ivLen; + } } - if (ctx->ivSet && ctx->keySet) { + if (ctx->keyLen && ctx->ivLen) { rc = wc_ChaCha20Poly1305_Init(&ctx->ChaChaPoly_Aead, (const byte*)ctx->key, (const byte*)ctx->iv, @@ -721,10 +634,7 @@ static int wp_chacha20_poly1305_dinit(void *vctx, const unsigned char *key, ctx->nonce[0] = ctx->ChaChaPoly_Aead.chacha.X[1]; ctx->nonce[1] = ctx->ChaChaPoly_Aead.chacha.X[2]; ctx->nonce[2] = ctx->ChaChaPoly_Aead.chacha.X[3]; - // ctx->ivSet = 1; - ctx->mac_inited = 1; } - //WOLFPROV_MSG(WP_LOG_PK," wc_ChaCha20Poly1305_Init ok= %d", ok); } if (ok) { @@ -754,7 +664,6 @@ static int wp_chacha20_poly1305_cipher(void *vctx, unsigned char *out, size_t *outLen, size_t outSize, const unsigned char *in, size_t inLen) { - WOLFPROV_MSG(WP_LOG_PK,"called wp_chacha20_poly1305_cipher"); wp_CP_AeadCtx *ctx = (wp_CP_AeadCtx *)vctx; int ok = 1; int ret = 0; @@ -764,133 +673,72 @@ static int wp_chacha20_poly1305_cipher(void *vctx, unsigned char *out, return 0; } - if (inLen == 0) { - *outLen = 0; - return 1; - } - if (outSize < inLen) { ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); - return 0; + ok = 0; } - if (ctx->tlsAadLen != UNINITIALISED_SIZET) { - //if (inLen != ctx->tlsAadLen + POLY1305_BLOCK_SIZE) { // aadLen + 16 return 0; // ok = 0; - WOLFPROV_MSG(WP_LOG_PK," not implemented"); -#if 0 - if (out == NULL) { - if (in == NULL) { - ret = wc_ChaCha20Poly1305_UpdateAad(&ctx->ChaChaPoly_Aead, (const byte*)ctx->tls_aad, (word32)ctx->tlsAadLen); - oLen = (word32)inLen; //inlen == 0 - } - else { - // buf[ctx->tlsAadLen+inlen] - //ret = wc_ChaCha20Poly1305_UpdateAad(&ctx->ChaChaPoly_Aead, (const byte*)ctx->tls_aad+in, (word32)ctx->tlsAadLen+inlen); - oLen = (word32)inLen; - } - } - else { - ret = wc_ChaCha20Poly1305_UpdateAad(&ctx->ChaChaPoly_Aead, (const byte*)ctx->tls_aad, (word32)ctx->tlsAadLen); - - ret = wc_ChaCha20Poly1305_UpdateData(&ctx->ChaChaPoly_Aead, (const byte*)in, (byte*)out, (word32)inLen); - oLen = (word32)inLen; - } -#endif - } - else { // non-tls - - if ((out == NULL) && (in == NULL)) { - /* Nothing to do. */ - oLen = (word32)inLen; - } - else if ((out == NULL) && (in != NULL)) { - /* AAD only. */ - ret = wc_ChaCha20Poly1305_UpdateAad(&ctx->ChaChaPoly_Aead, (const byte*)in, (word32)inLen); - if (ret != 0) { + if (ok) { + if (ctx->tlsAadLen != UNINITIALISED_SIZET) { + WOLFPROV_MSG(WP_LOG_PK, "TLS-AAD is not used in openSSL TLS flow"); + // TLS-aad case + if (out == NULL && in != NULL) { ok = 0; } - //WOLFPROV_MSG(WP_LOG_PK,"done wc_ChaCha20Poly1305_UpdateAad ok=%d", ok); - if (ok) { - // ctx->len.aad += inLen; ctx->ChaChaPoly_Aead UPDATED - ctx->aadSet = 1; - oLen = (word32)inLen; - } - } - else if (outSize < inLen) { - ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); - ok = 0; - } - else if (inLen > 0) { // out not null, in not null, inlen valid - ret = wc_ChaCha20Poly1305_UpdateData(&ctx->ChaChaPoly_Aead, (const byte*)in, (byte*)out, (word32)inLen); - if (ret != 0) { + if (out != NULL && in == NULL) { ok = 0; } - if (ok) { - oLen = (word32)inLen; //->ChaChaPoly_Aead.dataLen; - } - //WOLFPROV_MSG(WP_LOG_PK,"done wc_ChaCha20Poly1305_UpdateData ok=%d", ok); - - } - - *outLen = oLen; - } -#if 0 - // chacha20_poly1305_not inited (poly auth key not created) - //if (!ctx->mac_inited) { // or aead state not ready, COULD IGNORE - - // tls operation: tlsAadLen set by tls-init(aad updated) and expect output - if (ctx->tlsAadLen != UNINITIALISED_SIZET) { - if (out != NULL) { - - if (inLen != ctx->tlsAadLen + POLY1305_BLOCK_SIZE) { // aadLen + 16 - return 0; // ok = 0; - } - // ossl: return chacha20_poly1305_tls_cipher(bctx, out, outl, in, inl); - // inited + update aad + update data + final - // update add + update data(encdec) - - // tls-init: just store aad val in ctx, dont merge other stuff ? - ret = wc_ChaCha20Poly1305_UpdateAad(&ctx->ChaChaPoly_Aead, (const byte*)ctx->tls_aad, (word32)ctx->tlsAadLen); - if (ret != 0) { - ok = 0; - } if (ok) { - ctx->len.aad = EVP_AEAD_TLS1_AAD_LEN; - ctx->aadSet = 1; - oLen = (word32)ctx->tlsAadLen; + ret = wc_ChaCha20Poly1305_UpdateAad(&ctx->ChaChaPoly_Aead, (const byte*)ctx->tls_aad, (word32)ctx->tlsAadLen); + if (ret != 0) { + ok = 0; + } + if (ok) { + ctx->aadSet = 1; + oLen = (word32)ctx->tlsAadLen; + ctx->tlsAadLen = UNINITIALISED_SIZET; + } } - WOLFPROV_MSG(WP_LOG_PK,"ctx->tlsAadLen: done wc_ChaCha20Poly1305_UpdateAad ok=%d", ok); - ret = wc_ChaCha20Poly1305_UpdateData(&ctx->ChaChaPoly_Aead, (const byte*)in, (byte*)out, (word32)inLen); - if (ret != 0) { - ok = 0; - oLen = ctx->ChaChaPoly_Aead.dataLen; + if (ok && out != NULL) { + ret = wc_ChaCha20Poly1305_UpdateData(&ctx->ChaChaPoly_Aead, (const byte*)in, (byte*)out, (word32)inLen); + if (ret != 0) { + ok = 0; + } + if (ok) { + oLen += (word32)inLen; + } } - WOLFPROV_MSG(WP_LOG_PK,"ctx->tlsAadLen: done wc_ChaCha20Poly1305_UpdateData ok=%d", ok); } - else { - // tls operation not set (by tls-init(aad updated)) OR not expect output (update aad only) - // aad not set yet (not from params, no output indicates set here) - // check aead state ? (already checked inside wc_ChaCha20Poly1305_UpdateAad) - ret = wc_ChaCha20Poly1305_UpdateAad(&ctx->ChaChaPoly_Aead, (const byte*)ctx->tls_aad, (word32)EVP_AEAD_TLS1_AAD_LEN); // ctx->tlsAadLen - if (ret != 0) { - ok = 0; + else { // non-tls + if ((out == NULL) && (in == NULL)) { + /* Nothing to do. */ + oLen = (word32)inLen; } - if (ok) { - ctx->len.aad = EVP_AEAD_TLS1_AAD_LEN; - ctx->aadSet = 1; - oLen = (word32)ctx->tlsAadLen; + else if ((out == NULL) && (in != NULL)) { + /* AAD only. */ + ret = wc_ChaCha20Poly1305_UpdateAad(&ctx->ChaChaPoly_Aead, (const byte*)in, (word32)inLen); + if (ret != 0) { + ok = 0; + } + + if (ok) { + ctx->aadSet = 1; + oLen = (word32)inLen; + } + } + else if (inLen > 0) { + ret = wc_ChaCha20Poly1305_UpdateData(&ctx->ChaChaPoly_Aead, (const byte*)in, (byte*)out, (word32)inLen); + if (ret != 0) { + ok = 0; + } + if (ok) { + oLen = (word32)inLen; + } } - WOLFPROV_MSG(WP_LOG_PK,"ctx->tlsAadLen: done wc_ChaCha20Poly1305_UpdateAad ok=%d", ok); + *outLen = oLen; } } -#endif - - //else { - // WOLFPROV_MSG(WP_LOG_PK,"ready for tls cipher, ctx->tlsAadLen != UNINITIALISED_SIZET"); - // // ok = wp_aesgcm_tls_cipher(ctx, out, outLen, in, inLen); - // // call enc/dec directly? - //} WOLFPROV_LEAVE(WP_LOG_CIPHER, __FILE__ ":" WOLFPROV_STRINGIZE(__LINE__), ok); return ok; @@ -913,35 +761,32 @@ static int wp_chacha20_poly1305_final(void *vctx, unsigned char *out, size_t *ou wp_CP_AeadCtx *ctx = (wp_CP_AeadCtx *)vctx; int ok = 1; int ret = 0; + byte outAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE]; - //WOLFPROV_MSG(WP_LOG_PK,"outSize= %ld", outsize); // 0 - //WOLFPROV_MSG(WP_LOG_PK,"CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE= %d", CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE); // 16 - (void)outsize; + (void)outsize; // 0 (void)outl; (void)out; - byte outAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE]; + if (!wolfssl_prov_is_running()) { + return 0; + } - if (ctx->tlsAadLen != UNINITIALISED_SIZET) { - WOLFPROV_MSG(WP_LOG_PK,"ready for tls cipher, ctx->tlsAadLen != UNINITIALISED_SIZET"); - //ok = wp_aesgcm_tls_cipher(ctx, out, outLen, NULL, 0); + ret = wc_ChaCha20Poly1305_Final(&ctx->ChaChaPoly_Aead, outAuthTag); + if (ret != 0) { + ok = 0; } - else { - ret = wc_ChaCha20Poly1305_Final(&ctx->ChaChaPoly_Aead, (byte*)outAuthTag); // ctx->tag - if (ret != 0) { - ok = 0; + if (ok) { + ctx->aadSet = 0; + + if (ctx->enc) { + memcpy(ctx->tag, outAuthTag, CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE); } - if (ok) { - ctx->mac_inited = 0; + else { + ret = memcmp(outAuthTag, ctx->tag, ctx->tagLen); + if (ret != 0) { + ok = 0; + } } - //WOLFPROV_MSG(WP_LOG_PK,"done wc_ChaCha20Poly1305_Final ok=%d", ok); - - WOLFPROV_MSG(WP_LOG_PK,"outauthtag: "); - for (int i = 0; i < CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE; i++) WOLFPROV_MSG(WP_LOG_PK,"%02x", outAuthTag[i]); - WOLFPROV_MSG(WP_LOG_PK,""); - - // cmp should be done at caller funcs, - memcpy(ctx->tag, outAuthTag, CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE); } *outl = 0; diff --git a/test/include.am b/test/include.am index bd6798d1..c6ce3d64 100644 --- a/test/include.am +++ b/test/include.am @@ -13,6 +13,7 @@ DISTCLEANFILES += test/.libs/unit.test test_unit_test_CPPFLAGS = -DCERTS_DIR='"$(abs_top_srcdir)/certs"' test_unit_test_SOURCES = \ test/test_aestag.c \ + test/test_chachapoly.c \ test/test_cipher.c \ test/test_cmac.c \ test/test_dh.c \ diff --git a/test/test_chachapoly.c b/test/test_chachapoly.c new file mode 100644 index 00000000..4f0fabb2 --- /dev/null +++ b/test/test_chachapoly.c @@ -0,0 +1,216 @@ +/* test_chacha20_poly1305.c */ + +#include "unit.h" + +/* Test tls encryption flow used by openSSL s-server/client */ +static int test_chacha20_poly1305_encrypt(const EVP_CIPHER *cipher, unsigned char *key, + unsigned char *nonce, int nonceLen, + unsigned char *aad, int aadLen, + unsigned char *tag, int tagLen, + unsigned char *plaintext, int plaintext_len, + unsigned char *ciphertext, int *ciphertext_len) +{ + int err = 0; + EVP_CIPHER_CTX *ctx = NULL; + int cipherLen = 0; + int len = 0; + + err = (ctx = EVP_CIPHER_CTX_new()) == NULL; + if (err == 0) { + err = EVP_EncryptInit_ex(ctx, cipher, NULL, NULL, NULL) != 1; + } + + if (err == 0) { + err = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, nonceLen, NULL) != 1; + } + + if (err == 0) { + err = EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL) != 1; + } + + if (err == 0) { + err = EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, nonce) != 1; + } + + if (err == 0) { + err = EVP_EncryptUpdate(ctx, NULL, &len, aad, aadLen) != 1; + } + + if (err == 0) { + err = EVP_EncryptUpdate(ctx, ciphertext, &len, plaintext, plaintext_len) != 1; + } + + if (err == 0) { + cipherLen = len; + err = EVP_EncryptFinal_ex(ctx, ciphertext + len, &len) != 1; + } + + if (err == 0) { + cipherLen += len; + err = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, tagLen, tag) != 1; + } + + if (err == 0) { + PRINT_BUFFER("Encrypted", ciphertext, cipherLen); + PRINT_BUFFER("Tag", tag, tagLen); + } + + *ciphertext_len = cipherLen; + + EVP_CIPHER_CTX_free(ctx); + + return err; +} + +static int test_chacha20_poly1305_decrypt(const EVP_CIPHER *cipher, unsigned char *key, + unsigned char *nonce, int nonceLen, + unsigned char *aad, int aadLen, + unsigned char *tag, int tagLen, + unsigned char *ciphertext, int ciphertext_len, + unsigned char *decrypttext, int *decrypttext_len) +{ + int err = 0; + + EVP_CIPHER_CTX *ctx = NULL; + int decryptLen = 0; + int len = 0; + + err = (ctx = EVP_CIPHER_CTX_new()) == NULL; + if (err == 0) { + err = EVP_DecryptInit_ex(ctx, cipher, NULL, NULL, NULL) != 1; + } + + if (err == 0) { + err = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, nonceLen, NULL) != 1; + } + + if (err == 0) { + err = EVP_DecryptInit_ex(ctx, NULL, NULL, key, NULL) != 1; + } + + if (err == 0) { + err = EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, nonce) != 1; + } + + if (err == 0) { + err = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, tagLen, tag) != 1; + } + + if (err == 0) { + err = EVP_DecryptUpdate(ctx, NULL, &len, aad, aadLen) != 1; + } + + if (err == 0) { + err = EVP_DecryptUpdate(ctx, decrypttext, &len, ciphertext, ciphertext_len) != 1; + } + + if (err == 0) { + decryptLen = len; + err = EVP_DecryptFinal_ex(ctx, decrypttext + len, &len) != 1; + } + + if (err == 0) { + decryptLen += len; + PRINT_BUFFER("Decrypted", decrypttext, decryptLen); + PRINT_BUFFER("Tag", tag, tagLen); + } + else { + fprintf(stderr, "Decryption failed: Tag mismatch or data corrupted\n"); + } + + *decrypttext_len = decryptLen; + + EVP_CIPHER_CTX_free(ctx); + + return err; +} + +int test_chacha20_poly1305(void *data) +{ + int err = 0; + unsigned char key[32]; + unsigned char nonce[12]; + unsigned char aad[] = "Associated Data"; + unsigned char msg[] = "Secret Message!"; + unsigned char ciphertext[sizeof(msg)] = {0}; + unsigned char decrypted[sizeof(msg)] = {0}; + unsigned char tag[16] = {0}; + int ciphertext_len = 0; + int decrypted_len = 0; + EVP_CIPHER* ocipher = NULL; + EVP_CIPHER* wcipher = NULL; + + (void)data; + + ocipher = EVP_CIPHER_fetch(osslLibCtx, "ChaCha20-Poly1305", ""); + wcipher = EVP_CIPHER_fetch(wpLibCtx, "ChaCha20-Poly1305", ""); + + // Generate random key and nonce + if (RAND_bytes(key, sizeof(key)) == 0) { + err = 1; + } + if (err == 0) { + if (RAND_bytes(nonce, sizeof(nonce)) == 0) { + err = 1; + } + } + + if (err == 0) { + PRINT_BUFFER("Key", key, sizeof(key)); + PRINT_BUFFER("Nonce", nonce, sizeof(nonce)); + PRINT_BUFFER("Aad", aad, sizeof(aad)); + PRINT_BUFFER("Message", msg, sizeof(msg)); + + PRINT_MSG("Encrypt with OpenSSL - TLS"); + err = test_chacha20_poly1305_encrypt(ocipher, key, nonce, sizeof(nonce), + aad, sizeof(aad), + tag, sizeof(tag), + msg, sizeof(msg), + ciphertext, &ciphertext_len); + } + + if (err == 0) { + PRINT_MSG("Decrypt with wolfprovider - TLS"); + err = test_chacha20_poly1305_decrypt(wcipher, key, nonce, sizeof(nonce), + aad, sizeof(aad), + tag, sizeof(tag), + ciphertext, ciphertext_len, + decrypted, &decrypted_len); + } + + if (err == 0) { + PRINT_MSG("Ensure the plain message and the decrypted message are the same."); + err = memcmp(msg, decrypted, sizeof(msg)) != 0; + } + + if (err == 0) { + memset(ciphertext, 0, sizeof(ciphertext)); + memset(decrypted, 0, sizeof(decrypted)); + + PRINT_MSG("Encrypt with wolfprovider - TLS"); + err = test_chacha20_poly1305_encrypt(wcipher, key, nonce, sizeof(nonce), + aad, sizeof(aad), + tag, sizeof(tag), + msg, sizeof(msg), + ciphertext, &ciphertext_len); + } + + if (err == 0) { + PRINT_MSG("Decrypt with OpenSSL - TLS"); + err = test_chacha20_poly1305_decrypt(ocipher, key, nonce, sizeof(nonce), + aad, sizeof(aad), + tag, sizeof(tag), + ciphertext, ciphertext_len, + decrypted, &decrypted_len); + } + + if (err == 0) { + PRINT_MSG("Ensure the plain message and the decrypted message are the same."); + err = memcmp(msg, decrypted, sizeof(msg)) != 0; + } + + EVP_CIPHER_free(wcipher); + EVP_CIPHER_free(ocipher); + + return err; +} \ No newline at end of file diff --git a/test/unit.c b/test/unit.c index bfe8020a..63ab77ad 100644 --- a/test/unit.c +++ b/test/unit.c @@ -136,6 +136,9 @@ TEST_CASE test_case[] = { TEST_DECL(test_aes128_gcm_fixed, NULL), TEST_DECL(test_aes128_gcm_tls, NULL), #endif + + TEST_DECL(test_chacha20_poly1305, NULL), + #ifdef WP_HAVE_AESCCM TEST_DECL(test_aes128_ccm, NULL), TEST_DECL(test_aes192_ccm, NULL), diff --git a/test/unit.h b/test/unit.h index 6f297cfa..5adcb20b 100644 --- a/test/unit.h +++ b/test/unit.h @@ -193,6 +193,8 @@ int test_aes128_ccm_tls(void *data); #endif /* WP_HAVE_AESCCM */ +int test_chacha20_poly1305(void *data); + #ifdef WP_HAVE_RANDOM int test_random(void *data);