Merge variable key length for Blowfish in cipher layer
diff --git a/ChangeLog b/ChangeLog
index 4b266d5..c1df109 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -10,6 +10,7 @@
* Support for CCM and CCM_8 ciphersuites
* Support for parsing and verifying RSASSA-PSS signatures in the X.509
modules (certificates, CRLs and CSRs).
+ * Blowfish in the cipher layer now supports variable length keys.
Changes
* Add LINK_WITH_PTHREAD option in CMake for explicit linking that is
diff --git a/include/polarssl/cipher.h b/include/polarssl/cipher.h
index 4325f9f..5153461 100644
--- a/include/polarssl/cipher.h
+++ b/include/polarssl/cipher.h
@@ -61,6 +61,9 @@
#define POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280 /**< Decryption of block requires a full block. */
#define POLARSSL_ERR_CIPHER_AUTH_FAILED -0x6300 /**< Authentication failed (for AEAD modes). */
+#define POLARSSL_CIPHER_VARIABLE_IV_LEN 0x01 /**< Cipher accepts IVs of variable length */
+#define POLARSSL_CIPHER_VARIABLE_KEY_LEN 0x02 /**< Cipher accepts keys of variable length */
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -238,8 +241,8 @@
* For cipher that accept many sizes: recommended size */
unsigned int iv_size;
- /** Flag for ciphers that accept many sizes of IV/NONCE */
- int accepts_variable_iv_size;
+ /** Flags for variable IV size, variable key size, etc. */
+ int flags;
/** block size, in bytes */
unsigned int block_size;
diff --git a/library/cipher.c b/library/cipher.c
index edef2f9..558c4b3 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -168,8 +168,11 @@
if( NULL == ctx || NULL == ctx->cipher_info )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
- if( (int) ctx->cipher_info->key_length != key_length )
+ if( ( ctx->cipher_info->flags & POLARSSL_CIPHER_VARIABLE_KEY_LEN ) == 0 &&
+ (int) ctx->cipher_info->key_length != key_length )
+ {
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
+ }
ctx->key_length = key_length;
ctx->operation = operation;
@@ -204,7 +207,7 @@
if( iv_len > POLARSSL_MAX_IV_LENGTH )
return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE );
- if( ctx->cipher_info->accepts_variable_iv_size )
+ if( ( ctx->cipher_info->flags & POLARSSL_CIPHER_VARIABLE_IV_LEN ) != 0 )
actual_iv_size = iv_len;
else
{
diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c
index efc4d44..f4d39fa 100644
--- a/library/cipher_wrap.c
+++ b/library/cipher_wrap.c
@@ -374,7 +374,7 @@
128,
"AES-128-GCM",
12,
- 1,
+ POLARSSL_CIPHER_VARIABLE_IV_LEN,
16,
&gcm_aes_info
};
@@ -385,7 +385,7 @@
192,
"AES-192-GCM",
12,
- 1,
+ POLARSSL_CIPHER_VARIABLE_IV_LEN,
16,
&gcm_aes_info
};
@@ -396,7 +396,7 @@
256,
"AES-256-GCM",
12,
- 1,
+ POLARSSL_CIPHER_VARIABLE_IV_LEN,
16,
&gcm_aes_info
};
@@ -429,7 +429,7 @@
128,
"AES-128-CCM",
12,
- 1,
+ POLARSSL_CIPHER_VARIABLE_IV_LEN,
16,
&ccm_aes_info
};
@@ -440,7 +440,7 @@
192,
"AES-192-CCM",
12,
- 1,
+ POLARSSL_CIPHER_VARIABLE_IV_LEN,
16,
&ccm_aes_info
};
@@ -451,7 +451,7 @@
256,
"AES-256-CCM",
12,
- 1,
+ POLARSSL_CIPHER_VARIABLE_IV_LEN,
16,
&ccm_aes_info
};
@@ -728,7 +728,7 @@
128,
"CAMELLIA-128-GCM",
12,
- 1,
+ POLARSSL_CIPHER_VARIABLE_IV_LEN,
16,
&gcm_camellia_info
};
@@ -739,7 +739,7 @@
192,
"CAMELLIA-192-GCM",
12,
- 1,
+ POLARSSL_CIPHER_VARIABLE_IV_LEN,
16,
&gcm_camellia_info
};
@@ -750,7 +750,7 @@
256,
"CAMELLIA-256-GCM",
12,
- 1,
+ POLARSSL_CIPHER_VARIABLE_IV_LEN,
16,
&gcm_camellia_info
};
@@ -783,7 +783,7 @@
128,
"CAMELLIA-128-CCM",
12,
- 1,
+ POLARSSL_CIPHER_VARIABLE_IV_LEN,
16,
&ccm_camellia_info
};
@@ -794,7 +794,7 @@
192,
"CAMELLIA-192-CCM",
12,
- 1,
+ POLARSSL_CIPHER_VARIABLE_IV_LEN,
16,
&ccm_camellia_info
};
@@ -805,7 +805,7 @@
256,
"CAMELLIA-256-CCM",
12,
- 1,
+ POLARSSL_CIPHER_VARIABLE_IV_LEN,
16,
&ccm_camellia_info
};
@@ -1180,7 +1180,7 @@
128,
"BLOWFISH-ECB",
8,
- 0,
+ POLARSSL_CIPHER_VARIABLE_KEY_LEN,
8,
&blowfish_info
};
@@ -1192,7 +1192,7 @@
128,
"BLOWFISH-CBC",
8,
- 0,
+ POLARSSL_CIPHER_VARIABLE_KEY_LEN,
8,
&blowfish_info
};
@@ -1205,7 +1205,7 @@
128,
"BLOWFISH-CFB64",
8,
- 0,
+ POLARSSL_CIPHER_VARIABLE_KEY_LEN,
8,
&blowfish_info
};
@@ -1218,7 +1218,7 @@
128,
"BLOWFISH-CTR",
8,
- 0,
+ POLARSSL_CIPHER_VARIABLE_KEY_LEN,
8,
&blowfish_info
};
diff --git a/tests/suites/test_suite_cipher.blowfish.data b/tests/suites/test_suite_cipher.blowfish.data
index de20521..bd0f890 100644
--- a/tests/suites/test_suite_cipher.blowfish.data
+++ b/tests/suites/test_suite_cipher.blowfish.data
@@ -549,3 +549,56 @@
BLOWFISH Encrypt and decrypt 32 bytes in multiple parts 1
depends_on:POLARSSL_BLOWFISH_C:POLARSSL_CIPHER_MODE_CTR
enc_dec_buf_multipart:POLARSSL_CIPHER_BLOWFISH_CTR:128:16:16:
+
+BLOWFISH CBC Encrypt and decrypt 7 bytes, 192-bits key
+depends_on:POLARSSL_BLOWFISH_C:POLARSSL_CIPHER_MODE_CBC:POLARSSL_CIPHER_PADDING_PKCS7
+enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":192:7:-1
+
+BLOWFISH CTR Encrypt and decrypt 7 bytes, 192-bits key
+depends_on:POLARSSL_BLOWFISH_C:POLARSSL_CIPHER_MODE_CTR
+enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":192:7:-1
+
+BLOWFISH CFB64 Encrypt and decrypt 7 bytes, 192-bits key
+depends_on:POLARSSL_BLOWFISH_C:POLARSSL_CIPHER_MODE_CFB
+enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":192:7:-1
+
+BLOWFISH ECB Encrypt test vector (SSLeay) #1
+depends_on:POLARSSL_BLOWFISH_C
+test_vec_ecb:POLARSSL_CIPHER_BLOWFISH_ECB:POLARSSL_ENCRYPT:"00000000000000000000000000000000":"0000000000000000":"4ef997456198dd78":0
+
+BLOWFISH ECB Encrypt test vector (SSLeay) #2
+depends_on:POLARSSL_BLOWFISH_C
+test_vec_ecb:POLARSSL_CIPHER_BLOWFISH_ECB:POLARSSL_ENCRYPT:"ffffffffffffffffffffffffffffffff":"ffffffffffffffff":"51866fd5b85ecb8a":0
+
+BLOWFISH ECB Encrypt test vector (SSLeay) #3
+depends_on:POLARSSL_BLOWFISH_C
+test_vec_ecb:POLARSSL_CIPHER_BLOWFISH_ECB:POLARSSL_ENCRYPT:"fedcba9876543210fedcba9876543210":"0123456789abcdef":"0aceab0fc6a0a28d":0
+
+BLOWFISH ECB Encrypt test vector (SSLeay) #3, 64-bit key
+depends_on:POLARSSL_BLOWFISH_C
+test_vec_ecb:POLARSSL_CIPHER_BLOWFISH_ECB:POLARSSL_ENCRYPT:"fedcba9876543210":"0123456789abcdef":"0aceab0fc6a0a28d":0
+
+BLOWFISH ECB Encrypt test vector (SSLeay) #3, 192-bit key
+depends_on:POLARSSL_BLOWFISH_C
+test_vec_ecb:POLARSSL_CIPHER_BLOWFISH_ECB:POLARSSL_ENCRYPT:"fedcba9876543210fedcba9876543210fedcba9876543210":"0123456789abcdef":"0aceab0fc6a0a28d":0
+
+BLOWFISH ECB Decrypt test vector (SSLeay) #1
+depends_on:POLARSSL_BLOWFISH_C
+test_vec_ecb:POLARSSL_CIPHER_BLOWFISH_ECB:POLARSSL_DECRYPT:"00000000000000000000000000000000":"4ef997456198dd78":"0000000000000000":0
+
+BLOWFISH ECB Decrypt test vector (SSLeay) #2
+depends_on:POLARSSL_BLOWFISH_C
+test_vec_ecb:POLARSSL_CIPHER_BLOWFISH_ECB:POLARSSL_DECRYPT:"ffffffffffffffffffffffffffffffff":"51866fd5b85ecb8a":"ffffffffffffffff":0
+
+BLOWFISH ECB Decrypt test vector (SSLeay) #3
+depends_on:POLARSSL_BLOWFISH_C
+test_vec_ecb:POLARSSL_CIPHER_BLOWFISH_ECB:POLARSSL_DECRYPT:"3849674c2602319e3849674c2602319e":"a25e7856cf2651eb":"51454b582ddf440a":0
+
+BLOWFISH ECB Decrypt test vector (SSLeay) #3, 64-bit key
+depends_on:POLARSSL_BLOWFISH_C
+test_vec_ecb:POLARSSL_CIPHER_BLOWFISH_ECB:POLARSSL_DECRYPT:"3849674c2602319e":"a25e7856cf2651eb":"51454b582ddf440a":0
+
+BLOWFISH ECB Decrypt test vector (SSLeay) #3, 192-bit key
+depends_on:POLARSSL_BLOWFISH_C
+test_vec_ecb:POLARSSL_CIPHER_BLOWFISH_ECB:POLARSSL_DECRYPT:"3849674c2602319e3849674c2602319e3849674c2602319e":"a25e7856cf2651eb":"51454b582ddf440a":0
+