Coverage Report

Created: 2020-12-02 17:02

/libfido2/src/aes256.c
Line
Count
Source
1
/*
2
 * Copyright (c) 2018 Yubico AB. All rights reserved.
3
 * Use of this source code is governed by a BSD-style
4
 * license that can be found in the LICENSE file.
5
 */
6
7
#include <openssl/evp.h>
8
#include <string.h>
9
10
#include "fido.h"
11
12
int
13
aes256_cbc_enc(const fido_blob_t *key, const fido_blob_t *in, fido_blob_t *out)
14
2.93k
{
15
2.93k
        EVP_CIPHER_CTX  *ctx = NULL;
16
2.93k
        unsigned char    iv[32];
17
2.93k
        int              len;
18
2.93k
        int              ok = -1;
19
2.93k
20
2.93k
        memset(iv, 0, sizeof(iv));
21
2.93k
        out->ptr = NULL;
22
2.93k
        out->len = 0;
23
2.93k
24
2.93k
        /* sanity check */
25
2.93k
        if (in->len > INT_MAX || (in->len % 16) != 0 ||
26
2.93k
            (out->ptr = calloc(1, in->len)) == NULL) {
27
9
                fido_log_debug("%s: in->len=%zu", __func__, in->len);
28
9
                goto fail;
29
9
        }
30
2.92k
31
2.92k
        if ((ctx = EVP_CIPHER_CTX_new()) == NULL || key->len != 32 ||
32
2.92k
            !EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key->ptr, iv) ||
33
2.92k
            !EVP_CIPHER_CTX_set_padding(ctx, 0) ||
34
2.92k
            !EVP_EncryptUpdate(ctx, out->ptr, &len, in->ptr, (int)in->len) ||
35
2.92k
            len < 0 || (size_t)len != in->len) {
36
40
                fido_log_debug("%s: EVP_Encrypt", __func__);
37
40
                goto fail;
38
40
        }
39
2.88k
40
2.88k
        out->len = (size_t)len;
41
2.88k
42
2.88k
        ok = 0;
43
2.93k
fail:
44
2.93k
        if (ctx != NULL)
45
2.93k
                EVP_CIPHER_CTX_free(ctx);
46
2.93k
47
2.93k
        if (ok < 0) {
48
49
                free(out->ptr);
49
49
                out->ptr = NULL;
50
49
                out->len = 0;
51
49
        }
52
2.93k
53
2.93k
        return (ok);
54
2.88k
}
55
56
int
57
aes256_cbc_dec(const fido_blob_t *key, const fido_blob_t *in, fido_blob_t *out)
58
2.20k
{
59
2.20k
        EVP_CIPHER_CTX  *ctx = NULL;
60
2.20k
        unsigned char    iv[32];
61
2.20k
        int              len;
62
2.20k
        int              ok = -1;
63
2.20k
64
2.20k
        memset(iv, 0, sizeof(iv));
65
2.20k
        out->ptr = NULL;
66
2.20k
        out->len = 0;
67
2.20k
68
2.20k
        /* sanity check */
69
2.20k
        if (in->len > INT_MAX || (in->len % 16) != 0 ||
70
2.20k
            (out->ptr = calloc(1, in->len)) == NULL) {
71
31
                fido_log_debug("%s: in->len=%zu", __func__, in->len);
72
31
                goto fail;
73
31
        }
74
2.17k
75
2.17k
        if ((ctx = EVP_CIPHER_CTX_new()) == NULL || key->len != 32 ||
76
2.17k
            !EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key->ptr, iv) ||
77
2.17k
            !EVP_CIPHER_CTX_set_padding(ctx, 0) ||
78
2.17k
            !EVP_DecryptUpdate(ctx, out->ptr, &len, in->ptr, (int)in->len) ||
79
2.17k
            len < 0 || (size_t)len > in->len + 32) {
80
28
                fido_log_debug("%s: EVP_Decrypt", __func__);
81
28
                goto fail;
82
28
        }
83
2.14k
84
2.14k
        out->len = (size_t)len;
85
2.14k
86
2.14k
        ok = 0;
87
2.20k
fail:
88
2.20k
        if (ctx != NULL)
89
2.20k
                EVP_CIPHER_CTX_free(ctx);
90
2.20k
91
2.20k
        if (ok < 0) {
92
59
                free(out->ptr);
93
59
                out->ptr = NULL;
94
59
                out->len = 0;
95
59
        }
96
2.20k
97
2.20k
        return (ok);
98
2.14k
}