Fix style and pull out ECB processing in separate function
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
This commit is contained in:
parent
ffecb7b982
commit
177deba54b
@ -3938,6 +3938,94 @@ exit:
|
||||
return( status );
|
||||
}
|
||||
|
||||
/* Process input for which the algorithm is set to ECB mode. This requires
|
||||
* manual processing, since the PSA API is defined as being able to process
|
||||
* arbitrary-length calls to psa_cipher_update() with ECB mode, but the
|
||||
* underlying mbedtls_cipher_update only takes full blocks. */
|
||||
static psa_status_t psa_cipher_update_ecb_internal(
|
||||
mbedtls_cipher_context_t *ctx,
|
||||
const uint8_t *input,
|
||||
size_t input_length,
|
||||
uint8_t *output,
|
||||
size_t output_size,
|
||||
size_t *output_length )
|
||||
{
|
||||
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||
size_t block_size = ctx->cipher_info->block_size;
|
||||
size_t internal_output_length = 0;
|
||||
*output_length = 0;
|
||||
|
||||
if( input_length == 0 )
|
||||
{
|
||||
status = PSA_SUCCESS;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ctx->unprocessed_len > 0 )
|
||||
{
|
||||
/* Fill up to block size, and run the block if there's a full one. */
|
||||
size_t bytes_to_copy = block_size - ctx->unprocessed_len;
|
||||
|
||||
if( input_length < bytes_to_copy )
|
||||
bytes_to_copy = input_length;
|
||||
|
||||
memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ),
|
||||
input, bytes_to_copy );
|
||||
input_length -= bytes_to_copy;
|
||||
input += bytes_to_copy;
|
||||
ctx->unprocessed_len += bytes_to_copy;
|
||||
|
||||
if( ctx->unprocessed_len == block_size )
|
||||
{
|
||||
status = mbedtls_to_psa_error(
|
||||
mbedtls_cipher_update( ctx,
|
||||
ctx->unprocessed_data,
|
||||
block_size,
|
||||
output, &internal_output_length ) );
|
||||
|
||||
if( status != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
output += internal_output_length;
|
||||
output_size -= internal_output_length;
|
||||
*output_length += internal_output_length;
|
||||
ctx->unprocessed_len = 0;
|
||||
}
|
||||
}
|
||||
|
||||
while( input_length >= block_size )
|
||||
{
|
||||
/* Run all full blocks we have, one by one */
|
||||
status = mbedtls_to_psa_error(
|
||||
mbedtls_cipher_update( ctx, input,
|
||||
block_size,
|
||||
output, &internal_output_length ) );
|
||||
|
||||
if( status != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
input_length -= block_size;
|
||||
input += block_size;
|
||||
|
||||
output += internal_output_length;
|
||||
output_size -= internal_output_length;
|
||||
*output_length += internal_output_length;
|
||||
}
|
||||
|
||||
if( input_length > 0 )
|
||||
{
|
||||
/* Save unprocessed bytes for later processing */
|
||||
memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ),
|
||||
input, input_length );
|
||||
ctx->unprocessed_len += input_length;
|
||||
}
|
||||
|
||||
status = PSA_SUCCESS;
|
||||
|
||||
exit:
|
||||
return( status );
|
||||
}
|
||||
|
||||
psa_status_t psa_cipher_update( psa_cipher_operation_t *operation,
|
||||
const uint8_t *input,
|
||||
size_t input_length,
|
||||
@ -3947,7 +4035,6 @@ psa_status_t psa_cipher_update( psa_cipher_operation_t *operation,
|
||||
{
|
||||
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||
size_t expected_output_size;
|
||||
size_t internal_output_length;
|
||||
|
||||
if( operation->alg == 0 )
|
||||
{
|
||||
@ -3980,71 +4067,12 @@ psa_status_t psa_cipher_update( psa_cipher_operation_t *operation,
|
||||
/* mbedtls_cipher_update has an API inconsistency: it will only
|
||||
* process a single block at a time in ECB mode. Abstract away that
|
||||
* inconsistency here to match the PSA API behaviour. */
|
||||
*output_length = 0;
|
||||
|
||||
if( input_length == 0 )
|
||||
{
|
||||
status = PSA_SUCCESS;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( expected_output_size > 0 )
|
||||
{
|
||||
size_t ctx_bytes = operation->ctx.cipher.unprocessed_len;
|
||||
if( ctx_bytes > 0 )
|
||||
{
|
||||
/* Fill up to block size and run the block */
|
||||
size_t bytes_to_copy = operation->block_size - ctx_bytes;
|
||||
memcpy( &( operation->ctx.cipher.unprocessed_data[ctx_bytes] ),
|
||||
input, bytes_to_copy );
|
||||
input_length -= bytes_to_copy;
|
||||
input += bytes_to_copy;
|
||||
operation->ctx.cipher.unprocessed_len = 0;
|
||||
|
||||
status = mbedtls_to_psa_error(
|
||||
mbedtls_cipher_update( &operation->ctx.cipher,
|
||||
operation->ctx.cipher.unprocessed_data,
|
||||
operation->block_size,
|
||||
output, &internal_output_length ) );
|
||||
|
||||
if( status != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
output += internal_output_length;
|
||||
output_size -= internal_output_length;
|
||||
*output_length += internal_output_length;
|
||||
}
|
||||
|
||||
size_t blocks = input_length / operation->block_size;
|
||||
for( ; blocks > 0; blocks-- )
|
||||
{
|
||||
/* Run all full blocks we have, one by one */
|
||||
status = mbedtls_to_psa_error(
|
||||
mbedtls_cipher_update( &operation->ctx.cipher, input,
|
||||
operation->block_size,
|
||||
output, &internal_output_length ) );
|
||||
|
||||
if( status != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
input_length -= operation->block_size;
|
||||
input += operation->block_size;
|
||||
|
||||
output += internal_output_length;
|
||||
output_size -= internal_output_length;
|
||||
*output_length += internal_output_length;
|
||||
}
|
||||
}
|
||||
|
||||
if( input_length > 0 )
|
||||
{
|
||||
/* Save unprocessed bytes for later processing */
|
||||
memcpy( &( operation->ctx.cipher.unprocessed_data[operation->ctx.cipher.unprocessed_len] ),
|
||||
input, input_length );
|
||||
operation->ctx.cipher.unprocessed_len += input_length;
|
||||
}
|
||||
|
||||
status = PSA_SUCCESS;
|
||||
status = psa_cipher_update_ecb_internal( &operation->ctx.cipher,
|
||||
input,
|
||||
input_length,
|
||||
output,
|
||||
output_size,
|
||||
output_length );
|
||||
}
|
||||
else
|
||||
{
|
||||
|
@ -1152,7 +1152,7 @@ cipher_encrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4
|
||||
|
||||
PSA symmetric encrypt: AES-ECB, input too short (15 bytes)
|
||||
depends_on:MBEDTLS_AES_C
|
||||
cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e11739317":"3ad77bb40d7a3660a89ecaf32466ef":PSA_ERROR_INVALID_ARGUMENT
|
||||
cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e11739317":"":PSA_ERROR_INVALID_ARGUMENT
|
||||
|
||||
PSA symmetric encrypt: AES-CBC-nopad, input too short
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
@ -1306,23 +1306,23 @@ PSA symmetric encryption multipart: AES-CBC-nopad, 20+12 bytes
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f"
|
||||
|
||||
PSA symmetric encryption multipart: AES-CTR, 11+5 bytes [#1]
|
||||
PSA symmetric encryption multipart: AES-CTR, 11+5 bytes
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
|
||||
cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32"
|
||||
|
||||
PSA symmetric encryption multipart: AES-CTR, 16+16 bytes [#1]
|
||||
PSA symmetric encryption multipart: AES-CTR, 16+16 bytes
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
|
||||
cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
|
||||
|
||||
PSA symmetric encryption multipart: AES-CTR, 12+20 bytes [#1]
|
||||
PSA symmetric encryption multipart: AES-CTR, 12+20 bytes
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
|
||||
cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
|
||||
|
||||
PSA symmetric encryption multipart: AES-CTR, 20+12 bytes [#1]
|
||||
PSA symmetric encryption multipart: AES-CTR, 20+12 bytes
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
|
||||
cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
|
||||
|
||||
PSA symmetric encryption multipart: AES-CTR, 12+10 bytes [#1]
|
||||
PSA symmetric encryption multipart: AES-CTR, 12+10 bytes
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
|
||||
cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b"
|
||||
|
||||
@ -1378,23 +1378,23 @@ PSA symmetric decryption multipart: AES-CBC-nopad, 20+12 bytes
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":20:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef"
|
||||
|
||||
PSA symmetric encryption multipart: AES-CTR, 11+5 bytes [#2]
|
||||
PSA symmetric decryption multipart: AES-CTR, 11+5 bytes
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
|
||||
cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32"
|
||||
|
||||
PSA symmetric decryption multipart: AES-CTR, 16+16 bytes [#2]
|
||||
PSA symmetric decryption multipart: AES-CTR, 16+16 bytes
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
|
||||
cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
|
||||
|
||||
PSA symmetric decryption multipart: AES-CTR, 12+20 bytes [#2]
|
||||
PSA symmetric decryption multipart: AES-CTR, 12+20 bytes
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
|
||||
cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
|
||||
|
||||
PSA symmetric decryption multipart: AES-CTR, 20+12 bytes [#2]
|
||||
PSA symmetric decryption multipart: AES-CTR, 20+12 bytes
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
|
||||
cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
|
||||
|
||||
PSA symmetric decryption multipart: AES-CTR, 12+10 bytes [#2]
|
||||
PSA symmetric decryption multipart: AES-CTR, 12+10 bytes
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
|
||||
cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b"
|
||||
|
||||
|
@ -3487,7 +3487,8 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
|
||||
PSA_ASSERT( psa_cipher_decrypt_setup( &operation,
|
||||
handle, alg ) );
|
||||
|
||||
if( iv->len > 0 ) {
|
||||
if( iv->len > 0 )
|
||||
{
|
||||
PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
|
||||
}
|
||||
|
||||
@ -3556,7 +3557,8 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
|
||||
PSA_ASSERT( psa_cipher_decrypt_setup( &operation,
|
||||
handle, alg ) );
|
||||
|
||||
if( iv->len > 0 ) {
|
||||
if( iv->len > 0 )
|
||||
{
|
||||
PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
|
||||
}
|
||||
|
||||
@ -3625,7 +3627,8 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
|
||||
PSA_ASSERT( psa_cipher_decrypt_setup( &operation2,
|
||||
handle, alg ) );
|
||||
|
||||
if( alg != PSA_ALG_ECB_NO_PADDING ) {
|
||||
if( alg != PSA_ALG_ECB_NO_PADDING )
|
||||
{
|
||||
PSA_ASSERT( psa_cipher_generate_iv( &operation1,
|
||||
iv, iv_size,
|
||||
&iv_length ) );
|
||||
@ -3649,7 +3652,8 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
|
||||
output2_size = output1_length;
|
||||
ASSERT_ALLOC( output2, output2_size );
|
||||
|
||||
if( iv_length > 0 ) {
|
||||
if( iv_length > 0 )
|
||||
{
|
||||
PSA_ASSERT( psa_cipher_set_iv( &operation2,
|
||||
iv, iv_length ) );
|
||||
}
|
||||
@ -3715,7 +3719,8 @@ void cipher_verify_output_multipart( int alg_arg,
|
||||
PSA_ASSERT( psa_cipher_decrypt_setup( &operation2,
|
||||
handle, alg ) );
|
||||
|
||||
if( alg != PSA_ALG_ECB_NO_PADDING ) {
|
||||
if( alg != PSA_ALG_ECB_NO_PADDING )
|
||||
{
|
||||
PSA_ASSERT( psa_cipher_generate_iv( &operation1,
|
||||
iv, iv_size,
|
||||
&iv_length ) );
|
||||
@ -3750,7 +3755,8 @@ void cipher_verify_output_multipart( int alg_arg,
|
||||
output2_buffer_size = output1_length;
|
||||
ASSERT_ALLOC( output2, output2_buffer_size );
|
||||
|
||||
if( iv_length > 0 ) {
|
||||
if( iv_length > 0 )
|
||||
{
|
||||
PSA_ASSERT( psa_cipher_set_iv( &operation2,
|
||||
iv, iv_length ) );
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user