Coverage Report

Created: 2020-03-07 10:10

/libfido2/src/aes256.c
Line
Count
Source
1
/*
2
 * Copyright (c) 2018 Yubico AB. All rights reserved.
3
 * Use of this source code is governed by a BSD-style
4
 * license that can be found in the LICENSE file.
5
 */
6
7
#include <openssl/evp.h>
8
#include <string.h>
9
10
#include "fido.h"
11
12
int
13
aes256_cbc_enc(const fido_blob_t *key, const fido_blob_t *in, fido_blob_t *out)
14
4.48k
{
15
4.48k
        EVP_CIPHER_CTX  *ctx = NULL;
16
4.48k
        unsigned char    iv[32];
17
4.48k
        int              len;
18
4.48k
        int              ok = -1;
19
4.48k
20
4.48k
        memset(iv, 0, sizeof(iv));
21
4.48k
        out->ptr = NULL;
22
4.48k
        out->len = 0;
23
4.48k
24
4.48k
        /* sanity check */
25
4.48k
        if (in->len > INT_MAX || (in->len % 16) != 0 ||
26
4.48k
            (out->ptr = calloc(1, in->len)) == NULL) {
27
12
                fido_log_debug("%s: in->len=%zu", __func__, in->len);
28
12
                goto fail;
29
12
        }
30
4.47k
31
4.47k
        if ((ctx = EVP_CIPHER_CTX_new()) == NULL || key->len != 32 ||
32
4.47k
            !EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key->ptr, iv) ||
33
4.47k
            !EVP_CIPHER_CTX_set_padding(ctx, 0) ||
34
4.47k
            !EVP_EncryptUpdate(ctx, out->ptr, &len, in->ptr, (int)in->len) ||
35
4.47k
            len < 0 || (size_t)len != in->len) {
36
67
                fido_log_debug("%s: EVP_Encrypt", __func__);
37
67
                goto fail;
38
67
        }
39
4.40k
40
4.40k
        out->len = (size_t)len;
41
4.40k
42
4.40k
        ok = 0;
43
4.48k
fail:
44
4.48k
        if (ctx != NULL)
45
4.48k
                EVP_CIPHER_CTX_free(ctx);
46
4.48k
47
4.48k
        if (ok < 0) {
48
79
                free(out->ptr);
49
79
                out->ptr = NULL;
50
79
                out->len = 0;
51
79
        }
52
4.48k
53
4.48k
        return (ok);
54
4.40k
}
55
56
int
57
aes256_cbc_dec(const fido_blob_t *key, const fido_blob_t *in, fido_blob_t *out)
58
3.24k
{
59
3.24k
        EVP_CIPHER_CTX  *ctx = NULL;
60
3.24k
        unsigned char    iv[32];
61
3.24k
        int              len;
62
3.24k
        int              ok = -1;
63
3.24k
64
3.24k
        memset(iv, 0, sizeof(iv));
65
3.24k
        out->ptr = NULL;
66
3.24k
        out->len = 0;
67
3.24k
68
3.24k
        /* sanity check */
69
3.24k
        if (in->len > INT_MAX || (in->len % 16) != 0 ||
70
3.24k
            (out->ptr = calloc(1, in->len)) == NULL) {
71
58
                fido_log_debug("%s: in->len=%zu", __func__, in->len);
72
58
                goto fail;
73
58
        }
74
3.18k
75
3.18k
        if ((ctx = EVP_CIPHER_CTX_new()) == NULL || key->len != 32 ||
76
3.18k
            !EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key->ptr, iv) ||
77
3.18k
            !EVP_CIPHER_CTX_set_padding(ctx, 0) ||
78
3.18k
            !EVP_DecryptUpdate(ctx, out->ptr, &len, in->ptr, (int)in->len) ||
79
3.18k
            len < 0 || (size_t)len > in->len + 32) {
80
41
                fido_log_debug("%s: EVP_Decrypt", __func__);
81
41
                goto fail;
82
41
        }
83
3.14k
84
3.14k
        out->len = (size_t)len;
85
3.14k
86
3.14k
        ok = 0;
87
3.24k
fail:
88
3.24k
        if (ctx != NULL)
89
3.24k
                EVP_CIPHER_CTX_free(ctx);
90
3.24k
91
3.24k
        if (ok < 0) {
92
99
                free(out->ptr);
93
99
                out->ptr = NULL;
94
99
                out->len = 0;
95
99
        }
96
3.24k
97
3.24k
        return (ok);
98
3.14k
}