From 111159b89c08b6f691b4fe33a2732f4bf84da9a9 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 10 Nov 2023 13:41:12 +0800 Subject: [PATCH] BLOCK_CIPHER_NO_DECRYPT: call encrypt direction unconditionally Signed-off-by: Yanray Wang --- include/mbedtls/aes.h | 2 -- library/aes.c | 9 ++++----- library/aesce.c | 9 ++++----- library/aesni.c | 25 ++++++++++--------------- library/psa_crypto.c | 1 - 5 files changed, 18 insertions(+), 28 deletions(-) diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h index c43134d456..c53f817c1f 100644 --- a/include/mbedtls/aes.h +++ b/include/mbedtls/aes.h @@ -60,8 +60,6 @@ /* Error codes in range 0x0021-0x0025 */ /** Invalid input data. */ #define MBEDTLS_ERR_AES_BAD_INPUT_DATA -0x0021 -/** The requested feature is not available. */ -#define MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE -0x0023 #ifdef __cplusplus extern "C" { diff --git a/library/aes.c b/library/aes.c index 9dc7b7d148..f91d2519f5 100644 --- a/library/aes.c +++ b/library/aes.c @@ -1064,14 +1064,13 @@ int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx, #endif #if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) - if (mode == MBEDTLS_AES_ENCRYPT) { - return mbedtls_internal_aes_encrypt(ctx, input, output); - } else { #if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) + if (mode == MBEDTLS_AES_DECRYPT) { return mbedtls_internal_aes_decrypt(ctx, input, output); -#else - return MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE; + } else #endif + { + return mbedtls_internal_aes_encrypt(ctx, input, output); } #endif /* !MBEDTLS_AES_USE_HARDWARE_ONLY */ } diff --git a/library/aesce.c b/library/aesce.c index 5883e6a83b..9a82731f0e 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -244,14 +244,13 @@ int mbedtls_aesce_crypt_ecb(mbedtls_aes_context *ctx, uint8x16_t block = vld1q_u8(&input[0]); unsigned char *keys = (unsigned char *) (ctx->buf + ctx->rk_offset); - if (mode == MBEDTLS_AES_ENCRYPT) { - block = aesce_encrypt_block(block, keys, ctx->nr); - } else { #if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) + if (mode == MBEDTLS_AES_DECRYPT) { block = aesce_decrypt_block(block, keys, ctx->nr); -#else - return MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE; + } else #endif + { + block = aesce_encrypt_block(block, keys, ctx->nr); } vst1q_u8(&output[0], block); diff --git a/library/aesni.c b/library/aesni.c index 6c917daec8..c68b081dea 100644 --- a/library/aesni.c +++ b/library/aesni.c @@ -93,24 +93,25 @@ int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx, ++rk; --nr; - if (mode == MBEDTLS_AES_ENCRYPT) { - while (nr != 0) { - state = _mm_aesenc_si128(state, *rk); - ++rk; - --nr; - } - state = _mm_aesenclast_si128(state, *rk); - } else { #if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) + if (mode == MBEDTLS_AES_DECRYPT) { while (nr != 0) { state = _mm_aesdec_si128(state, *rk); ++rk; --nr; } state = _mm_aesdeclast_si128(state, *rk); + } else #else - return MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE; + (void) mode; #endif + { + while (nr != 0) { + state = _mm_aesenc_si128(state, *rk); + ++rk; + --nr; + } + state = _mm_aesenclast_si128(state, *rk); } memcpy(output, &state, 16); @@ -445,12 +446,6 @@ int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx, const unsigned char input[16], unsigned char output[16]) { -#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) - if (mode == MBEDTLS_AES_DECRYPT) { - return MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE; - } -#endif - asm ("movdqu (%3), %%xmm0 \n\t" // load input "movdqu (%1), %%xmm1 \n\t" // load round key 0 "pxor %%xmm1, %%xmm0 \n\t" // round 0 diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 2ada2eb720..1faf1dd6ca 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -157,7 +157,6 @@ psa_status_t mbedtls_to_psa_error(int ret) #if defined(MBEDTLS_AES_C) case MBEDTLS_ERR_AES_INVALID_KEY_LENGTH: case MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH: - case MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE: return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_AES_BAD_INPUT_DATA: return PSA_ERROR_INVALID_ARGUMENT;