Merge pull request #213 from ColtonWilley/aes_ctr_dont_reinit_after_keying

douzzer · web-flow · commit 70670a5e9a20 · 2024-06-10T17:39:24.000-04:00
Modify AES-CTR to not reinit after being keyed
diff --git a/src/we_aes_ctr.c b/src/we_aes_ctr.c
@@ -34,6 +34,7 @@ typedef struct we_AesCtr
 {
     /* The wolfSSL AES data object. */
     Aes aes;
+    word32 inited;
 } we_AesCtr;
 
 
@@ -67,12 +68,14 @@ static int we_aes_ctr_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
         ret = 0;
     }
 
-    if (ret == 1) {
+    /* Do not reinitialize if already keyed, unless setting a new key */
+    if ((ret == 1) && (aes->inited == 0)) {
         rc = wc_AesInit(&aes->aes, NULL, INVALID_DEVID);
         if (rc != 0) {
             WOLFENGINE_ERROR_FUNC(WE_LOG_CIPHER, "wc_AesInit", rc);
             ret = 0;
         }
+        aes->inited = 1;
     }
     if ((ret == 1) && (key != NULL)) {
         if (tmpIv == NULL) {
@@ -94,7 +97,7 @@ static int we_aes_ctr_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
             ret = -1;
         }
         else {
-            /* 
+            /*
              * wc_AesSetIV should clear this field, but it doesn't in some
              * wolfSSL versions.
              */
diff --git a/test/test_cipher.c b/test/test_cipher.c
@@ -599,7 +599,26 @@ int test_aes_ctr_leftover_data_regression(ENGINE *e, void *data)
         }
     }
 
-    /* Try the other way, now. Encrypt with wolfEngine, decrypt with wolfSSL. */
+    /* Try the other way, now. Encrypt with wolfEngine, decrypt with openSSL.
+     * The EVP_CIPHER_CTX remembers any engine it was loaded with, meaning we
+     * need to reset the ctxs before reuse or the decCtx will still pick up
+     * wolfEngine */
+    if (err == 0) {
+        if (encCtx != NULL)
+            EVP_CIPHER_CTX_free(encCtx);
+    }
+    if (err == 0) {
+        if (decCtx != NULL)
+            EVP_CIPHER_CTX_free(decCtx);
+    }
+
+    if (err == 0) {
+        err = (encCtx = EVP_CIPHER_CTX_new()) == NULL;
+    }
+    if (err == 0) {
+        err = (decCtx = EVP_CIPHER_CTX_new()) == NULL;
+    }
+
     if (err == 0) {
         err = EVP_CipherInit_ex(encCtx, EVP_aes_128_ctr(), e, key,
                                 NULL, -1) != 1;

Original file line number	Diff line number	Diff line change
`@@ -34,6 +34,7 @@ typedef struct we_AesCtr`
`34`	`34`	`{`
`35`	`35`	`/* The wolfSSL AES data object. */`
`36`	`36`	`Aes aes;`
	`37`	`+ word32 inited;`
`37`	`38`	`} we_AesCtr;`
`38`	`39`
`39`	`40`
`@@ -67,12 +68,14 @@ static int we_aes_ctr_init(EVP_CIPHER_CTX ctx, const unsigned char key,`
`67`	`68`	`ret = 0;`
`68`	`69`	`}`
`69`	`70`
`70`		`- if (ret == 1) {`
	`71`	`+ /* Do not reinitialize if already keyed, unless setting a new key */`
	`72`	`+ if ((ret == 1) && (aes->inited == 0)) {`
`71`	`73`	`rc = wc_AesInit(&aes->aes, NULL, INVALID_DEVID);`
`72`	`74`	`if (rc != 0) {`
`73`	`75`	`WOLFENGINE_ERROR_FUNC(WE_LOG_CIPHER, "wc_AesInit", rc);`
`74`	`76`	`ret = 0;`
`75`	`77`	`}`
	`78`	`+ aes->inited = 1;`
`76`	`79`	`}`
`77`	`80`	`if ((ret == 1) && (key != NULL)) {`
`78`	`81`	`if (tmpIv == NULL) {`
`@@ -94,7 +97,7 @@ static int we_aes_ctr_init(EVP_CIPHER_CTX ctx, const unsigned char key,`
`94`	`97`	`ret = -1;`
`95`	`98`	`}`
`96`	`99`	`else {`
`97`		`- /*`
	`100`	`+ /*`
`98`	`101`	`* wc_AesSetIV should clear this field, but it doesn't in some`
`99`	`102`	`* wolfSSL versions.`
`100`	`103`	`*/`