Merge remote-tracking branch 'public/pr/2287' into development
This commit is contained in:
commit
2a8d32c6c1
@ -197,8 +197,10 @@ int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
|
|||||||
* sets the encryption key.
|
* sets the encryption key.
|
||||||
*
|
*
|
||||||
* \param ctx The AES XTS context to which the key should be bound.
|
* \param ctx The AES XTS context to which the key should be bound.
|
||||||
|
* It must be initialized.
|
||||||
* \param key The encryption key. This is comprised of the XTS key1
|
* \param key The encryption key. This is comprised of the XTS key1
|
||||||
* concatenated with the XTS key2.
|
* concatenated with the XTS key2.
|
||||||
|
* This must be a readable buffer of size \p keybits bits.
|
||||||
* \param keybits The size of \p key passed in bits. Valid options are:
|
* \param keybits The size of \p key passed in bits. Valid options are:
|
||||||
* <ul><li>256 bits (each of key1 and key2 is a 128-bit key)</li>
|
* <ul><li>256 bits (each of key1 and key2 is a 128-bit key)</li>
|
||||||
* <li>512 bits (each of key1 and key2 is a 256-bit key)</li></ul>
|
* <li>512 bits (each of key1 and key2 is a 256-bit key)</li></ul>
|
||||||
@ -215,8 +217,10 @@ int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx,
|
|||||||
* sets the decryption key.
|
* sets the decryption key.
|
||||||
*
|
*
|
||||||
* \param ctx The AES XTS context to which the key should be bound.
|
* \param ctx The AES XTS context to which the key should be bound.
|
||||||
|
* It must be initialized.
|
||||||
* \param key The decryption key. This is comprised of the XTS key1
|
* \param key The decryption key. This is comprised of the XTS key1
|
||||||
* concatenated with the XTS key2.
|
* concatenated with the XTS key2.
|
||||||
|
* This must be a readable buffer of size \p keybits bits.
|
||||||
* \param keybits The size of \p key passed in bits. Valid options are:
|
* \param keybits The size of \p key passed in bits. Valid options are:
|
||||||
* <ul><li>256 bits (each of key1 and key2 is a 128-bit key)</li>
|
* <ul><li>256 bits (each of key1 and key2 is a 128-bit key)</li>
|
||||||
* <li>512 bits (each of key1 and key2 is a 256-bit key)</li></ul>
|
* <li>512 bits (each of key1 and key2 is a 256-bit key)</li></ul>
|
||||||
@ -242,10 +246,13 @@ int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx,
|
|||||||
* call to this API with the same context.
|
* call to this API with the same context.
|
||||||
*
|
*
|
||||||
* \param ctx The AES context to use for encryption or decryption.
|
* \param ctx The AES context to use for encryption or decryption.
|
||||||
|
* It must be initialized and bound to a key.
|
||||||
* \param mode The AES operation: #MBEDTLS_AES_ENCRYPT or
|
* \param mode The AES operation: #MBEDTLS_AES_ENCRYPT or
|
||||||
* #MBEDTLS_AES_DECRYPT.
|
* #MBEDTLS_AES_DECRYPT.
|
||||||
* \param input The 16-Byte buffer holding the input data.
|
* \param input The buffer holding the input data.
|
||||||
* \param output The 16-Byte buffer holding the output data.
|
* It must be readable and at least \c 16 Bytes long.
|
||||||
|
* \param output The buffer where the output data will be written.
|
||||||
|
* It must be writeable and at least \c 16 Bytes long.
|
||||||
|
|
||||||
* \return \c 0 on success.
|
* \return \c 0 on success.
|
||||||
*/
|
*/
|
||||||
@ -268,8 +275,8 @@ int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
|
|||||||
* mbedtls_aes_setkey_enc() or mbedtls_aes_setkey_dec() must be called
|
* mbedtls_aes_setkey_enc() or mbedtls_aes_setkey_dec() must be called
|
||||||
* before the first call to this API with the same context.
|
* before the first call to this API with the same context.
|
||||||
*
|
*
|
||||||
* \note This function operates on aligned blocks, that is, the input size
|
* \note This function operates on full blocks, that is, the input size
|
||||||
* must be a multiple of the AES block size of 16 Bytes.
|
* must be a multiple of the AES block size of \c 16 Bytes.
|
||||||
*
|
*
|
||||||
* \note Upon exit, the content of the IV is updated so that you can
|
* \note Upon exit, the content of the IV is updated so that you can
|
||||||
* call the same function again on the next
|
* call the same function again on the next
|
||||||
@ -280,13 +287,17 @@ int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
|
|||||||
*
|
*
|
||||||
*
|
*
|
||||||
* \param ctx The AES context to use for encryption or decryption.
|
* \param ctx The AES context to use for encryption or decryption.
|
||||||
|
* It must be initialized and bound to a key.
|
||||||
* \param mode The AES operation: #MBEDTLS_AES_ENCRYPT or
|
* \param mode The AES operation: #MBEDTLS_AES_ENCRYPT or
|
||||||
* #MBEDTLS_AES_DECRYPT.
|
* #MBEDTLS_AES_DECRYPT.
|
||||||
* \param length The length of the input data in Bytes. This must be a
|
* \param length The length of the input data in Bytes. This must be a
|
||||||
* multiple of the block size (16 Bytes).
|
* multiple of the block size (\c 16 Bytes).
|
||||||
* \param iv Initialization vector (updated after use).
|
* \param iv Initialization vector (updated after use).
|
||||||
|
* It must be a readable and writeable buffer of \c 16 Bytes.
|
||||||
* \param input The buffer holding the input data.
|
* \param input The buffer holding the input data.
|
||||||
|
* It must be readable and of size \p length Bytes.
|
||||||
* \param output The buffer holding the output data.
|
* \param output The buffer holding the output data.
|
||||||
|
* It must be writeable and of size \p length Bytes.
|
||||||
*
|
*
|
||||||
* \return \c 0 on success.
|
* \return \c 0 on success.
|
||||||
* \return #MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH
|
* \return #MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH
|
||||||
@ -314,9 +325,10 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
|
|||||||
* returns #MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH.
|
* returns #MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH.
|
||||||
*
|
*
|
||||||
* \param ctx The AES XTS context to use for AES XTS operations.
|
* \param ctx The AES XTS context to use for AES XTS operations.
|
||||||
|
* It must be initialized and bound to a key.
|
||||||
* \param mode The AES operation: #MBEDTLS_AES_ENCRYPT or
|
* \param mode The AES operation: #MBEDTLS_AES_ENCRYPT or
|
||||||
* #MBEDTLS_AES_DECRYPT.
|
* #MBEDTLS_AES_DECRYPT.
|
||||||
* \param length The length of a data unit in bytes. This can be any
|
* \param length The length of a data unit in Bytes. This can be any
|
||||||
* length between 16 bytes and 2^24 bytes inclusive
|
* length between 16 bytes and 2^24 bytes inclusive
|
||||||
* (between 1 and 2^20 block cipher blocks).
|
* (between 1 and 2^20 block cipher blocks).
|
||||||
* \param data_unit The address of the data unit encoded as an array of 16
|
* \param data_unit The address of the data unit encoded as an array of 16
|
||||||
@ -324,15 +336,15 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
|
|||||||
* is typically the index of the block device sector that
|
* is typically the index of the block device sector that
|
||||||
* contains the data.
|
* contains the data.
|
||||||
* \param input The buffer holding the input data (which is an entire
|
* \param input The buffer holding the input data (which is an entire
|
||||||
* data unit). This function reads \p length bytes from \p
|
* data unit). This function reads \p length Bytes from \p
|
||||||
* input.
|
* input.
|
||||||
* \param output The buffer holding the output data (which is an entire
|
* \param output The buffer holding the output data (which is an entire
|
||||||
* data unit). This function writes \p length bytes to \p
|
* data unit). This function writes \p length Bytes to \p
|
||||||
* output.
|
* output.
|
||||||
*
|
*
|
||||||
* \return \c 0 on success.
|
* \return \c 0 on success.
|
||||||
* \return #MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH if \p length is
|
* \return #MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH if \p length is
|
||||||
* smaller than an AES block in size (16 bytes) or if \p
|
* smaller than an AES block in size (16 Bytes) or if \p
|
||||||
* length is larger than 2^20 blocks (16 MiB).
|
* length is larger than 2^20 blocks (16 MiB).
|
||||||
*/
|
*/
|
||||||
int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
|
int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
|
||||||
@ -368,13 +380,18 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
|
|||||||
*
|
*
|
||||||
*
|
*
|
||||||
* \param ctx The AES context to use for encryption or decryption.
|
* \param ctx The AES context to use for encryption or decryption.
|
||||||
|
* It must be initialized and bound to a key.
|
||||||
* \param mode The AES operation: #MBEDTLS_AES_ENCRYPT or
|
* \param mode The AES operation: #MBEDTLS_AES_ENCRYPT or
|
||||||
* #MBEDTLS_AES_DECRYPT.
|
* #MBEDTLS_AES_DECRYPT.
|
||||||
* \param length The length of the input data.
|
* \param length The length of the input data in Bytes.
|
||||||
* \param iv_off The offset in IV (updated after use).
|
* \param iv_off The offset in IV (updated after use).
|
||||||
|
* It must point to a valid \c size_t.
|
||||||
* \param iv The initialization vector (updated after use).
|
* \param iv The initialization vector (updated after use).
|
||||||
|
* It must be a readable and writeable buffer of \c 16 Bytes.
|
||||||
* \param input The buffer holding the input data.
|
* \param input The buffer holding the input data.
|
||||||
|
* It must be readable and of size \p length Bytes.
|
||||||
* \param output The buffer holding the output data.
|
* \param output The buffer holding the output data.
|
||||||
|
* It must be writeable and of size \p length Bytes.
|
||||||
*
|
*
|
||||||
* \return \c 0 on success.
|
* \return \c 0 on success.
|
||||||
*/
|
*/
|
||||||
@ -409,12 +426,16 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
|
|||||||
*
|
*
|
||||||
*
|
*
|
||||||
* \param ctx The AES context to use for encryption or decryption.
|
* \param ctx The AES context to use for encryption or decryption.
|
||||||
|
* It must be initialized and bound to a key.
|
||||||
* \param mode The AES operation: #MBEDTLS_AES_ENCRYPT or
|
* \param mode The AES operation: #MBEDTLS_AES_ENCRYPT or
|
||||||
* #MBEDTLS_AES_DECRYPT
|
* #MBEDTLS_AES_DECRYPT
|
||||||
* \param length The length of the input data.
|
* \param length The length of the input data.
|
||||||
* \param iv The initialization vector (updated after use).
|
* \param iv The initialization vector (updated after use).
|
||||||
|
* It must be a readable and writeable buffer of \c 16 Bytes.
|
||||||
* \param input The buffer holding the input data.
|
* \param input The buffer holding the input data.
|
||||||
|
* It must be readable and of size \p length Bytes.
|
||||||
* \param output The buffer holding the output data.
|
* \param output The buffer holding the output data.
|
||||||
|
* It must be writeable and of size \p length Bytes.
|
||||||
*
|
*
|
||||||
* \return \c 0 on success.
|
* \return \c 0 on success.
|
||||||
*/
|
*/
|
||||||
@ -459,11 +480,16 @@ int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
|
|||||||
* will compromise security.
|
* will compromise security.
|
||||||
*
|
*
|
||||||
* \param ctx The AES context to use for encryption or decryption.
|
* \param ctx The AES context to use for encryption or decryption.
|
||||||
|
* It must be initialized and bound to a key.
|
||||||
* \param length The length of the input data.
|
* \param length The length of the input data.
|
||||||
* \param iv_off The offset in IV (updated after use).
|
* \param iv_off The offset in IV (updated after use).
|
||||||
|
* It must point to a valid \c size_t.
|
||||||
* \param iv The initialization vector (updated after use).
|
* \param iv The initialization vector (updated after use).
|
||||||
|
* It must be a readable and writeable buffer of \c 16 Bytes.
|
||||||
* \param input The buffer holding the input data.
|
* \param input The buffer holding the input data.
|
||||||
|
* It must be readable and of size \p length Bytes.
|
||||||
* \param output The buffer holding the output data.
|
* \param output The buffer holding the output data.
|
||||||
|
* It must be writeable and of size \p length Bytes.
|
||||||
*
|
*
|
||||||
* \return \c 0 on success.
|
* \return \c 0 on success.
|
||||||
*/
|
*/
|
||||||
@ -535,15 +561,21 @@ int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
|
|||||||
* securely discarded as soon as it's no longer needed.
|
* securely discarded as soon as it's no longer needed.
|
||||||
*
|
*
|
||||||
* \param ctx The AES context to use for encryption or decryption.
|
* \param ctx The AES context to use for encryption or decryption.
|
||||||
|
* It must be initialized and bound to a key.
|
||||||
* \param length The length of the input data.
|
* \param length The length of the input data.
|
||||||
* \param nc_off The offset in the current \p stream_block, for
|
* \param nc_off The offset in the current \p stream_block, for
|
||||||
* resuming within the current cipher stream. The
|
* resuming within the current cipher stream. The
|
||||||
* offset pointer should be 0 at the start of a stream.
|
* offset pointer should be 0 at the start of a stream.
|
||||||
|
* It must point to a valid \c size_t.
|
||||||
* \param nonce_counter The 128-bit nonce and counter.
|
* \param nonce_counter The 128-bit nonce and counter.
|
||||||
|
* It must be a readable-writeable buffer of \c 16 Bytes.
|
||||||
* \param stream_block The saved stream block for resuming. This is
|
* \param stream_block The saved stream block for resuming. This is
|
||||||
* overwritten by the function.
|
* overwritten by the function.
|
||||||
|
* It must be a readable-writeable buffer of \c 16 Bytes.
|
||||||
* \param input The buffer holding the input data.
|
* \param input The buffer holding the input data.
|
||||||
|
* It must be readable and of size \p length Bytes.
|
||||||
* \param output The buffer holding the output data.
|
* \param output The buffer holding the output data.
|
||||||
|
* It must be writeable and of size \p length Bytes.
|
||||||
*
|
*
|
||||||
* \return \c 0 on success.
|
* \return \c 0 on success.
|
||||||
*/
|
*/
|
||||||
@ -596,7 +628,7 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
|
|||||||
* \brief Deprecated internal AES block encryption function
|
* \brief Deprecated internal AES block encryption function
|
||||||
* without return value.
|
* without return value.
|
||||||
*
|
*
|
||||||
* \deprecated Superseded by mbedtls_aes_encrypt_ext() in 2.5.0.
|
* \deprecated Superseded by mbedtls_internal_aes_encrypt()
|
||||||
*
|
*
|
||||||
* \param ctx The AES context to use for encryption.
|
* \param ctx The AES context to use for encryption.
|
||||||
* \param input Plaintext block.
|
* \param input Plaintext block.
|
||||||
@ -610,7 +642,7 @@ MBEDTLS_DEPRECATED void mbedtls_aes_encrypt( mbedtls_aes_context *ctx,
|
|||||||
* \brief Deprecated internal AES block decryption function
|
* \brief Deprecated internal AES block decryption function
|
||||||
* without return value.
|
* without return value.
|
||||||
*
|
*
|
||||||
* \deprecated Superseded by mbedtls_aes_decrypt_ext() in 2.5.0.
|
* \deprecated Superseded by mbedtls_internal_aes_decrypt()
|
||||||
*
|
*
|
||||||
* \param ctx The AES context to use for decryption.
|
* \param ctx The AES context to use for decryption.
|
||||||
* \param input Ciphertext block.
|
* \param input Ciphertext block.
|
||||||
|
@ -2,6 +2,9 @@
|
|||||||
* \file aesni.h
|
* \file aesni.h
|
||||||
*
|
*
|
||||||
* \brief AES-NI for hardware AES acceleration on some Intel processors
|
* \brief AES-NI for hardware AES acceleration on some Intel processors
|
||||||
|
*
|
||||||
|
* \warning These functions are only for internal use by other library
|
||||||
|
* functions; you must not call them directly.
|
||||||
*/
|
*/
|
||||||
/*
|
/*
|
||||||
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
|
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
|
||||||
@ -42,7 +45,10 @@ extern "C" {
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief AES-NI features detection routine
|
* \brief Internal function to detect the AES-NI feature in CPUs.
|
||||||
|
*
|
||||||
|
* \note This function is only for internal use by other library
|
||||||
|
* functions; you must not call it directly.
|
||||||
*
|
*
|
||||||
* \param what The feature to detect
|
* \param what The feature to detect
|
||||||
* (MBEDTLS_AESNI_AES or MBEDTLS_AESNI_CLMUL)
|
* (MBEDTLS_AESNI_AES or MBEDTLS_AESNI_CLMUL)
|
||||||
@ -52,7 +58,10 @@ extern "C" {
|
|||||||
int mbedtls_aesni_has_support( unsigned int what );
|
int mbedtls_aesni_has_support( unsigned int what );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief AES-NI AES-ECB block en(de)cryption
|
* \brief Internal AES-NI AES-ECB block encryption and decryption
|
||||||
|
*
|
||||||
|
* \note This function is only for internal use by other library
|
||||||
|
* functions; you must not call it directly.
|
||||||
*
|
*
|
||||||
* \param ctx AES context
|
* \param ctx AES context
|
||||||
* \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
|
* \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
|
||||||
@ -67,7 +76,10 @@ int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx,
|
|||||||
unsigned char output[16] );
|
unsigned char output[16] );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief GCM multiplication: c = a * b in GF(2^128)
|
* \brief Internal GCM multiplication: c = a * b in GF(2^128)
|
||||||
|
*
|
||||||
|
* \note This function is only for internal use by other library
|
||||||
|
* functions; you must not call it directly.
|
||||||
*
|
*
|
||||||
* \param c Result
|
* \param c Result
|
||||||
* \param a First operand
|
* \param a First operand
|
||||||
@ -81,17 +93,25 @@ void mbedtls_aesni_gcm_mult( unsigned char c[16],
|
|||||||
const unsigned char b[16] );
|
const unsigned char b[16] );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Compute decryption round keys from encryption round keys
|
* \brief Internal round key inversion. This function computes
|
||||||
|
* decryption round keys from the encryption round keys.
|
||||||
|
*
|
||||||
|
* \note This function is only for internal use by other library
|
||||||
|
* functions; you must not call it directly.
|
||||||
*
|
*
|
||||||
* \param invkey Round keys for the equivalent inverse cipher
|
* \param invkey Round keys for the equivalent inverse cipher
|
||||||
* \param fwdkey Original round keys (for encryption)
|
* \param fwdkey Original round keys (for encryption)
|
||||||
* \param nr Number of rounds (that is, number of round keys minus one)
|
* \param nr Number of rounds (that is, number of round keys minus one)
|
||||||
*/
|
*/
|
||||||
void mbedtls_aesni_inverse_key( unsigned char *invkey,
|
void mbedtls_aesni_inverse_key( unsigned char *invkey,
|
||||||
const unsigned char *fwdkey, int nr );
|
const unsigned char *fwdkey,
|
||||||
|
int nr );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Perform key expansion (for encryption)
|
* \brief Internal key expansion for encryption
|
||||||
|
*
|
||||||
|
* \note This function is only for internal use by other library
|
||||||
|
* functions; you must not call it directly.
|
||||||
*
|
*
|
||||||
* \param rk Destination buffer where the round keys are written
|
* \param rk Destination buffer where the round keys are written
|
||||||
* \param key Encryption key
|
* \param key Encryption key
|
||||||
|
@ -3,6 +3,9 @@
|
|||||||
*
|
*
|
||||||
* \brief VIA PadLock ACE for HW encryption/decryption supported by some
|
* \brief VIA PadLock ACE for HW encryption/decryption supported by some
|
||||||
* processors
|
* processors
|
||||||
|
*
|
||||||
|
* \warning These functions are only for internal use by other library
|
||||||
|
* functions; you must not call them directly.
|
||||||
*/
|
*/
|
||||||
/*
|
/*
|
||||||
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
|
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
|
||||||
@ -57,7 +60,10 @@ extern "C" {
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief PadLock detection routine
|
* \brief Internal PadLock detection routine
|
||||||
|
*
|
||||||
|
* \note This function is only for internal use by other library
|
||||||
|
* functions; you must not call it directly.
|
||||||
*
|
*
|
||||||
* \param feature The feature to detect
|
* \param feature The feature to detect
|
||||||
*
|
*
|
||||||
@ -66,7 +72,10 @@ extern "C" {
|
|||||||
int mbedtls_padlock_has_support( int feature );
|
int mbedtls_padlock_has_support( int feature );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief PadLock AES-ECB block en(de)cryption
|
* \brief Internal PadLock AES-ECB block en(de)cryption
|
||||||
|
*
|
||||||
|
* \note This function is only for internal use by other library
|
||||||
|
* functions; you must not call it directly.
|
||||||
*
|
*
|
||||||
* \param ctx AES context
|
* \param ctx AES context
|
||||||
* \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
|
* \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
|
||||||
@ -81,7 +90,10 @@ int mbedtls_padlock_xcryptecb( mbedtls_aes_context *ctx,
|
|||||||
unsigned char output[16] );
|
unsigned char output[16] );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief PadLock AES-CBC buffer en(de)cryption
|
* \brief Internal PadLock AES-CBC buffer en(de)cryption
|
||||||
|
*
|
||||||
|
* \note This function is only for internal use by other library
|
||||||
|
* functions; you must not call it directly.
|
||||||
*
|
*
|
||||||
* \param ctx AES context
|
* \param ctx AES context
|
||||||
* \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
|
* \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
|
||||||
|
@ -575,7 +575,6 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
|
|||||||
{
|
{
|
||||||
aes_gen_tables();
|
aes_gen_tables();
|
||||||
aes_init_done = 1;
|
aes_init_done = 1;
|
||||||
|
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
@ -771,6 +770,9 @@ int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx,
|
|||||||
const unsigned char *key1, *key2;
|
const unsigned char *key1, *key2;
|
||||||
unsigned int key1bits, key2bits;
|
unsigned int key1bits, key2bits;
|
||||||
|
|
||||||
|
AES_VALIDATE_RET( ctx != NULL );
|
||||||
|
AES_VALIDATE_RET( key != NULL );
|
||||||
|
|
||||||
ret = mbedtls_aes_xts_decode_keys( key, keybits, &key1, &key1bits,
|
ret = mbedtls_aes_xts_decode_keys( key, keybits, &key1, &key1bits,
|
||||||
&key2, &key2bits );
|
&key2, &key2bits );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
@ -793,6 +795,9 @@ int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx,
|
|||||||
const unsigned char *key1, *key2;
|
const unsigned char *key1, *key2;
|
||||||
unsigned int key1bits, key2bits;
|
unsigned int key1bits, key2bits;
|
||||||
|
|
||||||
|
AES_VALIDATE_RET( ctx != NULL );
|
||||||
|
AES_VALIDATE_RET( key != NULL );
|
||||||
|
|
||||||
ret = mbedtls_aes_xts_decode_keys( key, keybits, &key1, &key1bits,
|
ret = mbedtls_aes_xts_decode_keys( key, keybits, &key1, &key1bits,
|
||||||
&key2, &key2bits );
|
&key2, &key2bits );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
@ -1000,6 +1005,12 @@ int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
|
|||||||
const unsigned char input[16],
|
const unsigned char input[16],
|
||||||
unsigned char output[16] )
|
unsigned char output[16] )
|
||||||
{
|
{
|
||||||
|
AES_VALIDATE_RET( ctx != NULL );
|
||||||
|
AES_VALIDATE_RET( input != NULL );
|
||||||
|
AES_VALIDATE_RET( output != NULL );
|
||||||
|
AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT ||
|
||||||
|
mode == MBEDTLS_AES_DECRYPT );
|
||||||
|
|
||||||
#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
|
#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
|
||||||
if( mbedtls_aesni_has_support( MBEDTLS_AESNI_AES ) )
|
if( mbedtls_aesni_has_support( MBEDTLS_AESNI_AES ) )
|
||||||
return( mbedtls_aesni_crypt_ecb( ctx, mode, input, output ) );
|
return( mbedtls_aesni_crypt_ecb( ctx, mode, input, output ) );
|
||||||
@ -1037,6 +1048,13 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
|
|||||||
int i;
|
int i;
|
||||||
unsigned char temp[16];
|
unsigned char temp[16];
|
||||||
|
|
||||||
|
AES_VALIDATE_RET( ctx != NULL );
|
||||||
|
AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT ||
|
||||||
|
mode == MBEDTLS_AES_DECRYPT );
|
||||||
|
AES_VALIDATE_RET( iv != NULL );
|
||||||
|
AES_VALIDATE_RET( input != NULL );
|
||||||
|
AES_VALIDATE_RET( output != NULL );
|
||||||
|
|
||||||
if( length % 16 )
|
if( length % 16 )
|
||||||
return( MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
|
return( MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
|
||||||
|
|
||||||
@ -1162,6 +1180,13 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
|
|||||||
unsigned char prev_tweak[16];
|
unsigned char prev_tweak[16];
|
||||||
unsigned char tmp[16];
|
unsigned char tmp[16];
|
||||||
|
|
||||||
|
AES_VALIDATE_RET( ctx != NULL );
|
||||||
|
AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT ||
|
||||||
|
mode == MBEDTLS_AES_DECRYPT );
|
||||||
|
AES_VALIDATE_RET( data_unit != NULL );
|
||||||
|
AES_VALIDATE_RET( input != NULL );
|
||||||
|
AES_VALIDATE_RET( output != NULL );
|
||||||
|
|
||||||
/* Data units must be at least 16 bytes long. */
|
/* Data units must be at least 16 bytes long. */
|
||||||
if( length < 16 )
|
if( length < 16 )
|
||||||
return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
|
return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
|
||||||
@ -1261,7 +1286,20 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
|
|||||||
unsigned char *output )
|
unsigned char *output )
|
||||||
{
|
{
|
||||||
int c;
|
int c;
|
||||||
size_t n = *iv_off;
|
size_t n;
|
||||||
|
|
||||||
|
AES_VALIDATE_RET( ctx != NULL );
|
||||||
|
AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT ||
|
||||||
|
mode == MBEDTLS_AES_DECRYPT );
|
||||||
|
AES_VALIDATE_RET( iv_off != NULL );
|
||||||
|
AES_VALIDATE_RET( iv != NULL );
|
||||||
|
AES_VALIDATE_RET( input != NULL );
|
||||||
|
AES_VALIDATE_RET( output != NULL );
|
||||||
|
|
||||||
|
n = *iv_off;
|
||||||
|
|
||||||
|
if( n > 15 )
|
||||||
|
return( MBEDTLS_ERR_AES_BAD_INPUT_DATA );
|
||||||
|
|
||||||
if( mode == MBEDTLS_AES_DECRYPT )
|
if( mode == MBEDTLS_AES_DECRYPT )
|
||||||
{
|
{
|
||||||
@ -1308,6 +1346,12 @@ int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
|
|||||||
unsigned char c;
|
unsigned char c;
|
||||||
unsigned char ov[17];
|
unsigned char ov[17];
|
||||||
|
|
||||||
|
AES_VALIDATE_RET( ctx != NULL );
|
||||||
|
AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT ||
|
||||||
|
mode == MBEDTLS_AES_DECRYPT );
|
||||||
|
AES_VALIDATE_RET( iv != NULL );
|
||||||
|
AES_VALIDATE_RET( input != NULL );
|
||||||
|
AES_VALIDATE_RET( output != NULL );
|
||||||
while( length-- )
|
while( length-- )
|
||||||
{
|
{
|
||||||
memcpy( ov, iv, 16 );
|
memcpy( ov, iv, 16 );
|
||||||
@ -1340,7 +1384,18 @@ int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
|
|||||||
unsigned char *output )
|
unsigned char *output )
|
||||||
{
|
{
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
size_t n = *iv_off;
|
size_t n;
|
||||||
|
|
||||||
|
AES_VALIDATE_RET( ctx != NULL );
|
||||||
|
AES_VALIDATE_RET( iv_off != NULL );
|
||||||
|
AES_VALIDATE_RET( iv != NULL );
|
||||||
|
AES_VALIDATE_RET( input != NULL );
|
||||||
|
AES_VALIDATE_RET( output != NULL );
|
||||||
|
|
||||||
|
n = *iv_off;
|
||||||
|
|
||||||
|
if( n > 15 )
|
||||||
|
return( MBEDTLS_ERR_AES_BAD_INPUT_DATA );
|
||||||
|
|
||||||
while( length-- )
|
while( length-- )
|
||||||
{
|
{
|
||||||
@ -1375,7 +1430,16 @@ int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
|
|||||||
unsigned char *output )
|
unsigned char *output )
|
||||||
{
|
{
|
||||||
int c, i;
|
int c, i;
|
||||||
size_t n = *nc_off;
|
size_t n;
|
||||||
|
|
||||||
|
AES_VALIDATE_RET( ctx != NULL );
|
||||||
|
AES_VALIDATE_RET( nc_off != NULL );
|
||||||
|
AES_VALIDATE_RET( nonce_counter != NULL );
|
||||||
|
AES_VALIDATE_RET( stream_block != NULL );
|
||||||
|
AES_VALIDATE_RET( input != NULL );
|
||||||
|
AES_VALIDATE_RET( output != NULL );
|
||||||
|
|
||||||
|
n = *nc_off;
|
||||||
|
|
||||||
if ( n > 0x0F )
|
if ( n > 0x0F )
|
||||||
return( MBEDTLS_ERR_AES_BAD_INPUT_DATA );
|
return( MBEDTLS_ERR_AES_BAD_INPUT_DATA );
|
||||||
|
@ -194,8 +194,8 @@ exit:
|
|||||||
void aes_crypt_xts_size( int size, int retval )
|
void aes_crypt_xts_size( int size, int retval )
|
||||||
{
|
{
|
||||||
mbedtls_aes_xts_context ctx;
|
mbedtls_aes_xts_context ctx;
|
||||||
const unsigned char *src = NULL;
|
const unsigned char src[16] = { 0 };
|
||||||
unsigned char *output = NULL;
|
unsigned char output[16];
|
||||||
unsigned char data_unit[16];
|
unsigned char data_unit[16];
|
||||||
size_t length = size;
|
size_t length = size;
|
||||||
|
|
||||||
@ -203,10 +203,8 @@ void aes_crypt_xts_size( int size, int retval )
|
|||||||
memset( data_unit, 0x00, sizeof( data_unit ) );
|
memset( data_unit, 0x00, sizeof( data_unit ) );
|
||||||
|
|
||||||
|
|
||||||
/* Note that this function will most likely crash on failure, as NULL
|
/* Valid pointers are passed for builds with MBEDTLS_CHECK_PARAMS, as
|
||||||
* parameters will be used. In the passing case, the length check in
|
* otherwise we wouldn't get to the size check we're interested in. */
|
||||||
* mbedtls_aes_crypt_xts() will prevent any accesses to parameters by
|
|
||||||
* exiting the function early. */
|
|
||||||
TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, length, data_unit, src, output ) == retval );
|
TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, length, data_unit, src, output ) == retval );
|
||||||
}
|
}
|
||||||
/* END_CASE */
|
/* END_CASE */
|
||||||
@ -215,7 +213,7 @@ void aes_crypt_xts_size( int size, int retval )
|
|||||||
void aes_crypt_xts_keysize( int size, int retval )
|
void aes_crypt_xts_keysize( int size, int retval )
|
||||||
{
|
{
|
||||||
mbedtls_aes_xts_context ctx;
|
mbedtls_aes_xts_context ctx;
|
||||||
const unsigned char *key = NULL;
|
const unsigned char key[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 };
|
||||||
size_t key_len = size;
|
size_t key_len = size;
|
||||||
|
|
||||||
mbedtls_aes_xts_init( &ctx );
|
mbedtls_aes_xts_init( &ctx );
|
||||||
@ -372,39 +370,255 @@ exit:
|
|||||||
/* END_CASE */
|
/* END_CASE */
|
||||||
|
|
||||||
/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
|
/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
|
||||||
void aes_invalid_param( )
|
void aes_check_params( )
|
||||||
{
|
{
|
||||||
mbedtls_aes_context dummy_ctx;
|
mbedtls_aes_context aes_ctx;
|
||||||
|
#if defined(MBEDTLS_CIPHER_MODE_XTS)
|
||||||
|
mbedtls_aes_xts_context xts_ctx;
|
||||||
|
#endif
|
||||||
const unsigned char key[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 };
|
const unsigned char key[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 };
|
||||||
|
const unsigned char in[16] = { 0 };
|
||||||
|
unsigned char out[16];
|
||||||
|
size_t size;
|
||||||
|
const int valid_mode = MBEDTLS_AES_ENCRYPT;
|
||||||
|
const int invalid_mode = 42;
|
||||||
|
|
||||||
TEST_INVALID_PARAM( mbedtls_aes_init( NULL ) );
|
TEST_INVALID_PARAM( mbedtls_aes_init( NULL ) );
|
||||||
|
#if defined(MBEDTLS_CIPHER_MODE_XTS)
|
||||||
TEST_INVALID_PARAM( mbedtls_aes_xts_init( NULL ) );
|
TEST_INVALID_PARAM( mbedtls_aes_xts_init( NULL ) );
|
||||||
|
#endif
|
||||||
|
|
||||||
/* mbedtls_aes_setkey_enc() */
|
|
||||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
mbedtls_aes_setkey_enc( NULL, key, 128 ) );
|
mbedtls_aes_setkey_enc( NULL, key, 128 ) );
|
||||||
|
|
||||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
mbedtls_aes_setkey_enc( &dummy_ctx, NULL, 128 ) );
|
mbedtls_aes_setkey_enc( &aes_ctx, NULL, 128 ) );
|
||||||
|
|
||||||
/* mbedtls_aes_setkey_dec() */
|
|
||||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
mbedtls_aes_setkey_dec( NULL, key, 128 ) );
|
mbedtls_aes_setkey_dec( NULL, key, 128 ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_setkey_dec( &aes_ctx, NULL, 128 ) );
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_CIPHER_MODE_XTS)
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_xts_setkey_enc( NULL, key, 128 ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_xts_setkey_enc( &xts_ctx, NULL, 128 ) );
|
||||||
|
|
||||||
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
mbedtls_aes_setkey_dec( &dummy_ctx, NULL, 128 ) );
|
mbedtls_aes_xts_setkey_dec( NULL, key, 128 ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_xts_setkey_dec( &xts_ctx, NULL, 128 ) );
|
||||||
|
#endif
|
||||||
|
|
||||||
|
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_ecb( NULL,
|
||||||
|
valid_mode, in, out ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_ecb( &aes_ctx,
|
||||||
|
invalid_mode, in, out ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_ecb( &aes_ctx,
|
||||||
|
valid_mode, NULL, out ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_ecb( &aes_ctx,
|
||||||
|
valid_mode, in, NULL ) );
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_cbc( NULL,
|
||||||
|
valid_mode, 16,
|
||||||
|
out, in, out ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_cbc( &aes_ctx,
|
||||||
|
invalid_mode, 16,
|
||||||
|
out, in, out ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_cbc( &aes_ctx,
|
||||||
|
valid_mode, 16,
|
||||||
|
NULL, in, out ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_cbc( &aes_ctx,
|
||||||
|
valid_mode, 16,
|
||||||
|
out, NULL, out ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_cbc( &aes_ctx,
|
||||||
|
valid_mode, 16,
|
||||||
|
out, in, NULL ) );
|
||||||
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_CIPHER_MODE_XTS)
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_xts( NULL,
|
||||||
|
valid_mode, 16,
|
||||||
|
in, in, out ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_xts( &xts_ctx,
|
||||||
|
invalid_mode, 16,
|
||||||
|
in, in, out ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_xts( &xts_ctx,
|
||||||
|
valid_mode, 16,
|
||||||
|
NULL, in, out ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_xts( &xts_ctx,
|
||||||
|
valid_mode, 16,
|
||||||
|
in, NULL, out ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_xts( &xts_ctx,
|
||||||
|
valid_mode, 16,
|
||||||
|
in, in, NULL ) );
|
||||||
|
#endif /* MBEDTLS_CIPHER_MODE_XTS */
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_CIPHER_MODE_CFB)
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_cfb128( NULL,
|
||||||
|
valid_mode, 16,
|
||||||
|
&size, out, in, out ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_cfb128( &aes_ctx,
|
||||||
|
invalid_mode, 16,
|
||||||
|
&size, out, in, out ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_cfb128( &aes_ctx,
|
||||||
|
valid_mode, 16,
|
||||||
|
NULL, out, in, out ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_cfb128( &aes_ctx,
|
||||||
|
valid_mode, 16,
|
||||||
|
&size, NULL, in, out ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_cfb128( &aes_ctx,
|
||||||
|
valid_mode, 16,
|
||||||
|
&size, out, NULL, out ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_cfb128( &aes_ctx,
|
||||||
|
valid_mode, 16,
|
||||||
|
&size, out, in, NULL ) );
|
||||||
|
|
||||||
|
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_cfb8( NULL,
|
||||||
|
valid_mode, 16,
|
||||||
|
out, in, out ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_cfb8( &aes_ctx,
|
||||||
|
invalid_mode, 16,
|
||||||
|
out, in, out ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_cfb8( &aes_ctx,
|
||||||
|
valid_mode, 16,
|
||||||
|
NULL, in, out ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_cfb8( &aes_ctx,
|
||||||
|
valid_mode, 16,
|
||||||
|
out, NULL, out ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_cfb8( &aes_ctx,
|
||||||
|
valid_mode, 16,
|
||||||
|
out, in, NULL ) );
|
||||||
|
#endif /* MBEDTLS_CIPHER_MODE_CFB */
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_CIPHER_MODE_OFB)
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_ofb( NULL, 16,
|
||||||
|
&size, out, in, out ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_ofb( &aes_ctx, 16,
|
||||||
|
NULL, out, in, out ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_ofb( &aes_ctx, 16,
|
||||||
|
&size, NULL, in, out ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_ofb( &aes_ctx, 16,
|
||||||
|
&size, out, NULL, out ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_ofb( &aes_ctx, 16,
|
||||||
|
&size, out, in, NULL ) );
|
||||||
|
#endif /* MBEDTLS_CIPHER_MODE_OFB */
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_CIPHER_MODE_CTR)
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_ctr( NULL, 16, &size, out,
|
||||||
|
out, in, out ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_ctr( &aes_ctx, 16, NULL, out,
|
||||||
|
out, in, out ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_ctr( &aes_ctx, 16, &size, NULL,
|
||||||
|
out, in, out ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_ctr( &aes_ctx, 16, &size, out,
|
||||||
|
NULL, in, out ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_ctr( &aes_ctx, 16, &size, out,
|
||||||
|
out, NULL, out ) );
|
||||||
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA,
|
||||||
|
mbedtls_aes_crypt_ctr( &aes_ctx, 16, &size, out,
|
||||||
|
out, in, NULL ) );
|
||||||
|
#endif /* MBEDTLS_CIPHER_MODE_CTR */
|
||||||
}
|
}
|
||||||
/* END_CASE */
|
/* END_CASE */
|
||||||
|
|
||||||
/* BEGIN_CASE */
|
/* BEGIN_CASE */
|
||||||
void aes_valid_param( )
|
void aes_misc_params( )
|
||||||
{
|
{
|
||||||
|
#if defined(MBEDTLS_CIPHER_MODE_CBC) || \
|
||||||
|
defined(MBEDTLS_CIPHER_MODE_XTS) || \
|
||||||
|
defined(MBEDTLS_CIPHER_MODE_CFB) || \
|
||||||
|
defined(MBEDTLS_CIPHER_MODE_OFB)
|
||||||
|
mbedtls_aes_context aes_ctx;
|
||||||
|
const unsigned char in[16] = { 0 };
|
||||||
|
unsigned char out[16];
|
||||||
|
#endif
|
||||||
|
#if defined(MBEDTLS_CIPHER_MODE_XTS)
|
||||||
|
mbedtls_aes_xts_context xts_ctx;
|
||||||
|
#endif
|
||||||
|
#if defined(MBEDTLS_CIPHER_MODE_CFB) || \
|
||||||
|
defined(MBEDTLS_CIPHER_MODE_OFB)
|
||||||
|
size_t size;
|
||||||
|
#endif
|
||||||
|
|
||||||
/* These calls accept NULL */
|
/* These calls accept NULL */
|
||||||
TEST_VALID_PARAM( mbedtls_aes_free( NULL ) );
|
TEST_VALID_PARAM( mbedtls_aes_free( NULL ) );
|
||||||
#if defined(MBEDTLS_CIPHER_MODE_XTS)
|
#if defined(MBEDTLS_CIPHER_MODE_XTS)
|
||||||
TEST_VALID_PARAM( mbedtls_aes_xts_free( NULL ) );
|
TEST_VALID_PARAM( mbedtls_aes_xts_free( NULL ) );
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
||||||
|
TEST_ASSERT( mbedtls_aes_crypt_cbc( &aes_ctx, MBEDTLS_AES_ENCRYPT,
|
||||||
|
15,
|
||||||
|
out, in, out )
|
||||||
|
== MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
|
||||||
|
TEST_ASSERT( mbedtls_aes_crypt_cbc( &aes_ctx, MBEDTLS_AES_ENCRYPT,
|
||||||
|
17,
|
||||||
|
out, in, out )
|
||||||
|
== MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_CIPHER_MODE_XTS)
|
||||||
|
TEST_ASSERT( mbedtls_aes_crypt_xts( &xts_ctx, MBEDTLS_AES_ENCRYPT,
|
||||||
|
15,
|
||||||
|
in, in, out )
|
||||||
|
== MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
|
||||||
|
TEST_ASSERT( mbedtls_aes_crypt_xts( &xts_ctx, MBEDTLS_AES_ENCRYPT,
|
||||||
|
(1 << 24) + 1,
|
||||||
|
in, in, out )
|
||||||
|
== MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_CIPHER_MODE_CFB)
|
||||||
|
size = 16;
|
||||||
|
TEST_ASSERT( mbedtls_aes_crypt_cfb128( &aes_ctx, MBEDTLS_AES_ENCRYPT, 16,
|
||||||
|
&size, out, in, out )
|
||||||
|
== MBEDTLS_ERR_AES_BAD_INPUT_DATA );
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_CIPHER_MODE_OFB)
|
||||||
|
size = 16;
|
||||||
|
TEST_ASSERT( mbedtls_aes_crypt_ofb( &aes_ctx, 16, &size, out, in, out )
|
||||||
|
== MBEDTLS_ERR_AES_BAD_INPUT_DATA );
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
/* END_CASE */
|
/* END_CASE */
|
||||||
|
|
||||||
|
@ -10,11 +10,11 @@ aes_encrypt_cbc:"000000000000000000000000000000000000000000000000000000000000000
|
|||||||
AES-256-CBC Decrypt (Invalid input length)
|
AES-256-CBC Decrypt (Invalid input length)
|
||||||
aes_decrypt_cbc:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"623a52fcea5d443e48d9181ab32c74":"":MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH
|
aes_decrypt_cbc:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"623a52fcea5d443e48d9181ab32c74":"":MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH
|
||||||
|
|
||||||
AES - Invalid parameters
|
AES - Optional Parameter Validation (MBEDTLS_CHECK_PARAMS)
|
||||||
aes_invalid_param:
|
aes_check_params:
|
||||||
|
|
||||||
AES - Valid parameters
|
AES - Mandatory Parameter Validation and Valid Parameters
|
||||||
aes_valid_param:
|
aes_misc_params:
|
||||||
|
|
||||||
AES Selftest
|
AES Selftest
|
||||||
depends_on:MBEDTLS_SELF_TEST
|
depends_on:MBEDTLS_SELF_TEST
|
||||||
|
Loading…
Reference in New Issue
Block a user