EVP support for wrapping algorithms.

Add support for key wrap algorithms via EVP interface.

Generalise AES wrap algorithm and add to modes, making existing
AES wrap algorithm a special case.

Move test code to evptests.txt

1 files changed, 10 insertions, 1 deletions

diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 5b3bf3b..f705967 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -174,7 +174,8 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
 			ctx->cipher_data = NULL;
 			}
 		ctx->key_len = cipher->key_len;
-		ctx->flags = 0;
+		/* Preserve wrap enable flag, zero everything else */
+		ctx->flags &= EVP_CIPHER_CTX_FLAG_WRAP_ALLOW;
 		if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT)
 			{
 			if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL))
@@ -197,6 +198,13 @@ skip_to_init:
 	    || ctx->cipher->block_size == 8
 	    || ctx->cipher->block_size == 16);
 
+	if(!(ctx->flags & EVP_CIPHER_CTX_FLAG_WRAP_ALLOW)
+		&& EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_WRAP_MODE)
+		{
+		EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_WRAP_MODE_NOT_ALLOWED);
+		return 0;
+		}
+
 	if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
 		switch(EVP_CIPHER_CTX_mode(ctx)) {
 
@@ -230,6 +238,7 @@ skip_to_init:
 			break;
 		}
 	}
+		
 
 	if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) {
 		if(!ctx->cipher->init(ctx,key,iv,enc)) return 0;