Make CBC an option, step 3: individual ciphers
diff --git a/library/aes.c b/library/aes.c
index 6456c54..a3835ce 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -769,6 +769,7 @@
return( 0 );
}
+#if defined(POLARSSL_CIPHER_MODE_CBC)
/*
* AES-CBC buffer encryption/decryption
*/
@@ -832,6 +833,7 @@
return( 0 );
}
+#endif /* POLARSSL_CIPHER_MODE_CBC */
#if defined(POLARSSL_CIPHER_MODE_CFB)
/*
@@ -947,6 +949,7 @@
0xFF, 0x30, 0xB4, 0xEA, 0x21, 0x63, 0x6D, 0xA4 }
};
+#if defined(POLARSSL_CIPHER_MODE_CBC)
static const unsigned char aes_test_cbc_dec[3][16] =
{
{ 0xFA, 0xCA, 0x37, 0xE0, 0xB0, 0xC8, 0x53, 0x73,
@@ -966,6 +969,7 @@
{ 0xFE, 0x3C, 0x53, 0x65, 0x3E, 0x2F, 0x45, 0xB5,
0x6F, 0xCD, 0x88, 0xB2, 0xCC, 0x89, 0x8F, 0xF0 }
};
+#endif /* POLARSSL_CIPHER_MODE_CBC */
#if defined(POLARSSL_CIPHER_MODE_CFB)
/*
@@ -1104,8 +1108,10 @@
int i, j, u, v;
unsigned char key[32];
unsigned char buf[64];
- unsigned char prv[16];
unsigned char iv[16];
+#if defined(POLARSSL_CIPHER_MODE_CBC)
+ unsigned char prv[16];
+#endif
#if defined(POLARSSL_CIPHER_MODE_CTR) || defined(POLARSSL_CIPHER_MODE_CFB)
size_t offset;
#endif
@@ -1170,6 +1176,7 @@
if( verbose != 0 )
printf( "\n" );
+#if defined(POLARSSL_CIPHER_MODE_CBC)
/*
* CBC mode
*/
@@ -1231,6 +1238,7 @@
if( verbose != 0 )
printf( "\n" );
+#endif /* POLARSSL_CIPHER_MODE_CBC */
#if defined(POLARSSL_CIPHER_MODE_CFB)
/*
diff --git a/library/blowfish.c b/library/blowfish.c
index 719aea6..910d610 100644
--- a/library/blowfish.c
+++ b/library/blowfish.c
@@ -233,6 +233,7 @@
return( 0 );
}
+#if defined(POLARSSL_CIPHER_MODE_CBC)
/*
* Blowfish-CBC buffer encryption/decryption
*/
@@ -284,6 +285,7 @@
return( 0 );
}
+#endif /* POLARSSL_CIPHER_MODE_CBC */
#if defined(POLARSSL_CIPHER_MODE_CFB)
/*
diff --git a/library/camellia.c b/library/camellia.c
index bb87875..2366cae 100644
--- a/library/camellia.c
+++ b/library/camellia.c
@@ -523,6 +523,7 @@
return( 0 );
}
+#if defined(POLARSSL_CIPHER_MODE_CBC)
/*
* Camellia-CBC buffer encryption/decryption
*/
@@ -574,6 +575,7 @@
return( 0 );
}
+#endif /* POLARSSL_CIPHER_MODE_CBC */
#if defined(POLARSSL_CIPHER_MODE_CFB)
/*
@@ -732,6 +734,7 @@
}
};
+#if defined(POLARSSL_CIPHER_MODE_CBC)
#define CAMELLIA_TESTS_CBC 3
static const unsigned char camellia_test_cbc_key[3][32] =
@@ -793,6 +796,7 @@
0x33, 0x30, 0xCD, 0xF1, 0xB1, 0x86, 0x0A, 0x83 }
}
};
+#endif /* POLARSSL_CIPHER_MODE_CBC */
#if defined(POLARSSL_CIPHER_MODE_CTR)
/*
@@ -867,7 +871,9 @@
unsigned char buf[64];
unsigned char src[16];
unsigned char dst[16];
+#if defined(POLARSSL_CIPHER_MODE_CBC)
unsigned char iv[16];
+#endif
#if defined(POLARSSL_CIPHER_MODE_CTR)
size_t offset, len;
unsigned char nonce_counter[16];
@@ -917,6 +923,7 @@
if( verbose != 0 )
printf( "\n" );
+#if defined(POLARSSL_CIPHER_MODE_CBC)
/*
* CBC mode
*/
@@ -965,6 +972,7 @@
if( verbose != 0 )
printf( "passed\n" );
}
+#endif /* POLARSSL_CIPHER_MODE_CBC */
if( verbose != 0 )
printf( "\n" );
diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c
index ede299b..c5abae9 100644
--- a/library/cipher_wrap.c
+++ b/library/cipher_wrap.c
@@ -77,7 +77,18 @@
static int aes_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length,
unsigned char *iv, const unsigned char *input, unsigned char *output )
{
+#if defined(POLARSSL_CIPHER_MODE_CBC)
return aes_crypt_cbc( (aes_context *) ctx, operation, length, iv, input, output );
+#else
+ ((void) ctx);
+ ((void) operation);
+ ((void) length);
+ ((void) iv);
+ ((void) input);
+ ((void) output);
+
+ return POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE;
+#endif /* POLARSSL_CIPHER_MODE_CBC */
}
static int aes_crypt_cfb128_wrap( void *ctx, operation_t operation, size_t length,
@@ -367,7 +378,18 @@
static int camellia_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length,
unsigned char *iv, const unsigned char *input, unsigned char *output )
{
+#if defined(POLARSSL_CIPHER_MODE_CBC)
return camellia_crypt_cbc( (camellia_context *) ctx, operation, length, iv, input, output );
+#else
+ ((void) ctx);
+ ((void) operation);
+ ((void) length);
+ ((void) iv);
+ ((void) input);
+ ((void) output);
+
+ return POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE;
+#endif /* POLARSSL_CIPHER_MODE_CBC */
}
static int camellia_crypt_cfb128_wrap( void *ctx, operation_t operation, size_t length,
@@ -600,13 +622,35 @@
static int des_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length,
unsigned char *iv, const unsigned char *input, unsigned char *output )
{
+#if defined(POLARSSL_CIPHER_MODE_CBC)
return des_crypt_cbc( (des_context *) ctx, operation, length, iv, input, output );
+#else
+ ((void) ctx);
+ ((void) operation);
+ ((void) length);
+ ((void) iv);
+ ((void) input);
+ ((void) output);
+
+ return POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE;
+#endif /* POLARSSL_CIPHER_MODE_CBC */
}
static int des3_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length,
unsigned char *iv, const unsigned char *input, unsigned char *output )
{
+#if defined(POLARSSL_CIPHER_MODE_CBC)
return des3_crypt_cbc( (des3_context *) ctx, operation, length, iv, input, output );
+#else
+ ((void) ctx);
+ ((void) operation);
+ ((void) length);
+ ((void) iv);
+ ((void) input);
+ ((void) output);
+
+ return POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE;
+#endif /* POLARSSL_CIPHER_MODE_CBC */
}
static int des_crypt_cfb128_wrap( void *ctx, operation_t operation, size_t length,
@@ -817,7 +861,18 @@
static int blowfish_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length,
unsigned char *iv, const unsigned char *input, unsigned char *output )
{
+#if defined(POLARSSL_CIPHER_MODE_CBC)
return blowfish_crypt_cbc( (blowfish_context *) ctx, operation, length, iv, input, output );
+#else
+ ((void) ctx);
+ ((void) operation);
+ ((void) length);
+ ((void) iv);
+ ((void) input);
+ ((void) output);
+
+ return POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE;
+#endif /* POLARSSL_CIPHER_MODE_CBC */
}
static int blowfish_crypt_cfb64_wrap( void *ctx, operation_t operation, size_t length,
diff --git a/library/des.c b/library/des.c
index 0cf4b3d..153810d 100644
--- a/library/des.c
+++ b/library/des.c
@@ -606,6 +606,7 @@
return( 0 );
}
+#if defined(POLARSSL_CIPHER_MODE_CBC)
/*
* DES-CBC buffer encryption/decryption
*/
@@ -657,6 +658,7 @@
return( 0 );
}
+#endif /* POLARSSL_CIPHER_MODE_CBC */
/*
* 3DES-ECB block encryption/decryption
@@ -701,6 +703,7 @@
return( 0 );
}
+#if defined(POLARSSL_CIPHER_MODE_CBC)
/*
* 3DES-CBC buffer encryption/decryption
*/
@@ -752,6 +755,7 @@
return( 0 );
}
+#endif /* POLARSSL_CIPHER_MODE_CBC */
#endif /* !POLARSSL_DES_ALT */
@@ -819,8 +823,10 @@
des3_context ctx3;
unsigned char key[24];
unsigned char buf[8];
+#if defined(POLARSSL_CIPHER_MODE_CBC)
unsigned char prv[8];
unsigned char iv[8];
+#endif
memset( key, 0, 24 );
@@ -895,6 +901,7 @@
if( verbose != 0 )
printf( "\n" );
+#if defined(POLARSSL_CIPHER_MODE_CBC)
/*
* CBC mode
*/
@@ -985,6 +992,7 @@
if( verbose != 0 )
printf( "passed\n" );
}
+#endif /* POLARSSL_CIPHER_MODE_CBC */
if( verbose != 0 )
printf( "\n" );
diff --git a/library/pem.c b/library/pem.c
index 3f6d330..8a6de3a 100644
--- a/library/pem.c
+++ b/library/pem.c
@@ -48,7 +48,8 @@
memset( ctx, 0, sizeof( pem_context ) );
}
-#if defined(POLARSSL_MD5_C) && (defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C))
+#if defined(POLARSSL_MD5_C) && defined(POLARSSL_CIPHER_MODE_CBC) && \
+ ( defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C) )
/*
* Read a 16-byte hex string and convert it to binary
*/
@@ -183,7 +184,8 @@
}
#endif /* POLARSSL_AES_C */
-#endif /* POLARSSL_MD5_C && (POLARSSL_AES_C || POLARSSL_DES_C) */
+#endif /* POLARSSL_MD5_C && POLARSSL_CIPHER_MODE_CBC &&
+ ( POLARSSL_AES_C || POLARSSL_DES_C ) */
int pem_read_buffer( pem_context *ctx, const char *header, const char *footer,
const unsigned char *data, const unsigned char *pwd,
@@ -193,13 +195,15 @@
size_t len;
unsigned char *buf;
const unsigned char *s1, *s2, *end;
-#if defined(POLARSSL_MD5_C) && (defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C))
+#if defined(POLARSSL_MD5_C) && defined(POLARSSL_CIPHER_MODE_CBC) && \
+ ( defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C) )
unsigned char pem_iv[16];
cipher_type_t enc_alg = POLARSSL_CIPHER_NONE;
#else
((void) pwd);
((void) pwdlen);
-#endif /* POLARSSL_MD5_C && (POLARSSL_AES_C || POLARSSL_DES_C) */
+#endif /* POLARSSL_MD5_C && POLARSSL_CIPHER_MODE_CBC &&
+ ( POLARSSL_AES_C || POLARSSL_DES_C ) */
if( ctx == NULL )
return( POLARSSL_ERR_PEM_BAD_INPUT_DATA );
@@ -229,7 +233,8 @@
if( memcmp( s1, "Proc-Type: 4,ENCRYPTED", 22 ) == 0 )
{
-#if defined(POLARSSL_MD5_C) && (defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C))
+#if defined(POLARSSL_MD5_C) && defined(POLARSSL_CIPHER_MODE_CBC) && \
+ ( defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C) )
enc++;
s1 += 22;
@@ -289,7 +294,8 @@
else return( POLARSSL_ERR_PEM_INVALID_DATA );
#else
return( POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE );
-#endif /* POLARSSL_MD5_C && (POLARSSL_AES_C || POLARSSL_DES_C) */
+#endif /* POLARSSL_MD5_C && POLARSSL_CIPHER_MODE_CBC &&
+ ( POLARSSL_AES_C || POLARSSL_DES_C ) */
}
len = 0;
@@ -309,7 +315,8 @@
if( enc != 0 )
{
-#if defined(POLARSSL_MD5_C) && (defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C))
+#if defined(POLARSSL_MD5_C) && defined(POLARSSL_CIPHER_MODE_CBC) && \
+ ( defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C) )
if( pwd == NULL )
{
polarssl_free( buf );
@@ -346,7 +353,8 @@
#else
polarssl_free( buf );
return( POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE );
-#endif
+#endif /* POLARSSL_MD5_C && POLARSSL_CIPHER_MODE_CBC &&
+ ( POLARSSL_AES_C || POLARSSL_DES_C ) */
}
ctx->buf = buf;
diff --git a/library/x509parse.c b/library/x509parse.c
index d606615..f5e8688 100644
--- a/library/x509parse.c
+++ b/library/x509parse.c
@@ -4270,7 +4270,6 @@
#if defined(POLARSSL_CERTS_C) && defined(POLARSSL_MD5_C)
int ret;
int flags;
- size_t i, j;
x509_cert cacert;
x509_cert clicert;
pk_context pkey;
@@ -4305,23 +4304,25 @@
return( ret );
}
+#if defined(POLARSSL_MD5_C) && defined(POLARSSL_CIPHER_MODE_CBC) && \
+ defined(POLARSSL_DES_C) && defined(POLARSSL_AES_C)
if( verbose != 0 )
printf( "passed\n X.509 private key load: " );
- i = strlen( test_ca_key );
- j = strlen( test_ca_pwd );
-
pk_init( &pkey );
if( ( ret = x509parse_key( &pkey,
- (const unsigned char *) test_ca_key, i,
- (const unsigned char *) test_ca_pwd, j ) ) != 0 )
+ (const unsigned char *) test_ca_key,
+ strlen( test_ca_key ),
+ (const unsigned char *) test_ca_pwd,
+ strlen( test_ca_pwd ) ) ) != 0 )
{
if( verbose != 0 )
printf( "failed\n" );
return( ret );
}
+#endif
if( verbose != 0 )
printf( "passed\n X.509 signature verify: ");
@@ -4341,10 +4342,8 @@
if( verbose != 0 )
printf( "passed\n X.509 DHM parameter load: " );
- i = strlen( test_dhm_params );
- j = strlen( test_ca_pwd );
-
- if( ( ret = x509parse_dhm( &dhm, (const unsigned char *) test_dhm_params, i ) ) != 0 )
+ if( ( ret = x509parse_dhm( &dhm, (const unsigned char *) test_dhm_params,
+ strlen( test_dhm_params ) ) ) != 0 )
{
if( verbose != 0 )
printf( "failed\n" );
diff --git a/library/xtea.c b/library/xtea.c
index 9404927..2cb2f30 100644
--- a/library/xtea.c
+++ b/library/xtea.c
@@ -111,6 +111,7 @@
return( 0 );
}
+#if defined(POLARSSL_CIPHER_MODE_CBC)
/*
* XTEA-CBC buffer encryption/decryption
*/
@@ -159,6 +160,7 @@
return( 0 );
}
+#endif /* POLARSSL_CIPHER_MODE_CBC */
#endif /* !POLARSSL_XTEA_ALT */
#if defined(POLARSSL_SELF_TEST)