mirror of
https://github.com/espressif/mbedtls.git
synced 2025-05-10 03:39:03 +08:00
Merge pull request #7825 from daverodgman/cipher_wrap_size
Cipher wrap size improvement
This commit is contained in:
Dave Rodgman
GitHub
commit
3d0c8255aa
@ -270,45 +270,58 @@ typedef struct mbedtls_cmac_context_t mbedtls_cmac_context_t;
|
|||||||
* mbedtls_cipher_info_from_type(),
|
* mbedtls_cipher_info_from_type(),
|
||||||
* mbedtls_cipher_info_from_values(),
|
* mbedtls_cipher_info_from_values(),
|
||||||
* mbedtls_cipher_info_from_psa().
|
* mbedtls_cipher_info_from_psa().
|
||||||
|
*
|
||||||
|
* \note Some fields store a value that has been right-shifted to save
|
||||||
|
* code-size, so should not be used directly. The accessor
|
||||||
|
* functions adjust for this and return the "natural" value.
|
||||||
*/
|
*/
|
||||||
typedef struct mbedtls_cipher_info_t {
|
typedef struct mbedtls_cipher_info_t {
|
||||||
/** Full cipher identifier. For example,
|
|
||||||
* MBEDTLS_CIPHER_AES_256_CBC.
|
|
||||||
*/
|
|
||||||
mbedtls_cipher_type_t MBEDTLS_PRIVATE(type);
|
|
||||||
|
|
||||||
/** The cipher mode. For example, MBEDTLS_MODE_CBC. */
|
|
||||||
mbedtls_cipher_mode_t MBEDTLS_PRIVATE(mode);
|
|
||||||
|
|
||||||
/** The cipher key length, in bits. This is the
|
|
||||||
* default length for variable sized ciphers.
|
|
||||||
* Includes parity bits for ciphers like DES.
|
|
||||||
*/
|
|
||||||
unsigned int MBEDTLS_PRIVATE(key_bitlen);
|
|
||||||
|
|
||||||
/** Name of the cipher. */
|
/** Name of the cipher. */
|
||||||
const char *MBEDTLS_PRIVATE(name);
|
const char *MBEDTLS_PRIVATE(name);
|
||||||
|
|
||||||
/** IV or nonce size, in Bytes.
|
/** The block size, in bytes. */
|
||||||
|
unsigned int MBEDTLS_PRIVATE(block_size) : 5;
|
||||||
|
|
||||||
|
/** IV or nonce size, in bytes (right shifted by #MBEDTLS_IV_SIZE_SHIFT).
|
||||||
* For ciphers that accept variable IV sizes,
|
* For ciphers that accept variable IV sizes,
|
||||||
* this is the recommended size.
|
* this is the recommended size.
|
||||||
*/
|
*/
|
||||||
unsigned int MBEDTLS_PRIVATE(iv_size);
|
unsigned int MBEDTLS_PRIVATE(iv_size) : 3;
|
||||||
|
|
||||||
|
/** The cipher key length, in bits (right shifted by #MBEDTLS_KEY_BITLEN_SHIFT).
|
||||||
|
* This is the default length for variable sized ciphers.
|
||||||
|
* Includes parity bits for ciphers like DES.
|
||||||
|
*/
|
||||||
|
unsigned int MBEDTLS_PRIVATE(key_bitlen) : 4;
|
||||||
|
|
||||||
|
/** The cipher mode (as per mbedtls_cipher_mode_t).
|
||||||
|
* For example, MBEDTLS_MODE_CBC.
|
||||||
|
*/
|
||||||
|
unsigned int MBEDTLS_PRIVATE(mode) : 4;
|
||||||
|
|
||||||
|
/** Full cipher identifier (as per mbedtls_cipher_type_t).
|
||||||
|
* For example, MBEDTLS_CIPHER_AES_256_CBC.
|
||||||
|
*
|
||||||
|
* This could be 7 bits, but 8 bits retains byte alignment for the
|
||||||
|
* next field, which reduces code size to access that field.
|
||||||
|
*/
|
||||||
|
unsigned int MBEDTLS_PRIVATE(type) : 8;
|
||||||
|
|
||||||
/** Bitflag comprised of MBEDTLS_CIPHER_VARIABLE_IV_LEN and
|
/** Bitflag comprised of MBEDTLS_CIPHER_VARIABLE_IV_LEN and
|
||||||
* MBEDTLS_CIPHER_VARIABLE_KEY_LEN indicating whether the
|
* MBEDTLS_CIPHER_VARIABLE_KEY_LEN indicating whether the
|
||||||
* cipher supports variable IV or variable key sizes, respectively.
|
* cipher supports variable IV or variable key sizes, respectively.
|
||||||
*/
|
*/
|
||||||
int MBEDTLS_PRIVATE(flags);
|
unsigned int MBEDTLS_PRIVATE(flags) : 2;
|
||||||
|
|
||||||
/** The block size, in Bytes. */
|
/** Index to LUT for base cipher information and functions. */
|
||||||
unsigned int MBEDTLS_PRIVATE(block_size);
|
unsigned int MBEDTLS_PRIVATE(base_idx) : 5;
|
||||||
|
|
||||||
/** Struct for base cipher information and functions. */
|
|
||||||
const mbedtls_cipher_base_t *MBEDTLS_PRIVATE(base);
|
|
||||||
|
|
||||||
} mbedtls_cipher_info_t;
|
} mbedtls_cipher_info_t;
|
||||||
|
|
||||||
|
/* For internal use only.
|
||||||
|
* These are used to more compactly represent the fields above. */
|
||||||
|
#define MBEDTLS_KEY_BITLEN_SHIFT 6
|
||||||
|
#define MBEDTLS_IV_SIZE_SHIFT 2
|
||||||
/**
|
/**
|
||||||
* Generic cipher context.
|
* Generic cipher context.
|
||||||
*/
|
*/
|
||||||
@ -439,7 +452,7 @@ static inline mbedtls_cipher_type_t mbedtls_cipher_info_get_type(
|
|||||||
if (info == NULL) {
|
if (info == NULL) {
|
||||||
return MBEDTLS_CIPHER_NONE;
|
return MBEDTLS_CIPHER_NONE;
|
||||||
} else {
|
} else {
|
||||||
return info->MBEDTLS_PRIVATE(type);
|
return (mbedtls_cipher_type_t) info->MBEDTLS_PRIVATE(type);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -458,7 +471,7 @@ static inline mbedtls_cipher_mode_t mbedtls_cipher_info_get_mode(
|
|||||||
if (info == NULL) {
|
if (info == NULL) {
|
||||||
return MBEDTLS_MODE_NONE;
|
return MBEDTLS_MODE_NONE;
|
||||||
} else {
|
} else {
|
||||||
return info->MBEDTLS_PRIVATE(mode);
|
return (mbedtls_cipher_mode_t) info->MBEDTLS_PRIVATE(mode);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -479,7 +492,7 @@ static inline size_t mbedtls_cipher_info_get_key_bitlen(
|
|||||||
if (info == NULL) {
|
if (info == NULL) {
|
||||||
return 0;
|
return 0;
|
||||||
} else {
|
} else {
|
||||||
return info->MBEDTLS_PRIVATE(key_bitlen);
|
return info->MBEDTLS_PRIVATE(key_bitlen) << MBEDTLS_KEY_BITLEN_SHIFT;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -521,7 +534,7 @@ static inline size_t mbedtls_cipher_info_get_iv_size(
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
return (size_t) info->MBEDTLS_PRIVATE(iv_size);
|
return ((size_t) info->MBEDTLS_PRIVATE(iv_size)) << MBEDTLS_IV_SIZE_SHIFT;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -541,7 +554,7 @@ static inline size_t mbedtls_cipher_info_get_block_size(
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
return (size_t) info->MBEDTLS_PRIVATE(block_size);
|
return (size_t) (info->MBEDTLS_PRIVATE(block_size));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -682,7 +695,7 @@ static inline unsigned int mbedtls_cipher_get_block_size(
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(block_size);
|
return (unsigned int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(block_size);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -702,7 +715,7 @@ static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode(
|
|||||||
return MBEDTLS_MODE_NONE;
|
return MBEDTLS_MODE_NONE;
|
||||||
}
|
}
|
||||||
|
|
||||||
return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(mode);
|
return (mbedtls_cipher_mode_t) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(mode);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -727,7 +740,8 @@ static inline int mbedtls_cipher_get_iv_size(
|
|||||||
return (int) ctx->MBEDTLS_PRIVATE(iv_size);
|
return (int) ctx->MBEDTLS_PRIVATE(iv_size);
|
||||||
}
|
}
|
||||||
|
|
||||||
return (int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(iv_size);
|
return (int) (((int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(iv_size)) <<
|
||||||
|
MBEDTLS_IV_SIZE_SHIFT);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -747,7 +761,7 @@ static inline mbedtls_cipher_type_t mbedtls_cipher_get_type(
|
|||||||
return MBEDTLS_CIPHER_NONE;
|
return MBEDTLS_CIPHER_NONE;
|
||||||
}
|
}
|
||||||
|
|
||||||
return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(type);
|
return (mbedtls_cipher_type_t) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(type);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -788,7 +802,8 @@ static inline int mbedtls_cipher_get_key_bitlen(
|
|||||||
return MBEDTLS_KEY_LENGTH_NONE;
|
return MBEDTLS_KEY_LENGTH_NONE;
|
||||||
}
|
}
|
||||||
|
|
||||||
return (int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(key_bitlen);
|
return (int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(key_bitlen) <<
|
||||||
|
MBEDTLS_KEY_BITLEN_SHIFT;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@ -70,7 +70,7 @@ int mbedtls_ccm_setkey(mbedtls_ccm_context *ctx,
|
|||||||
return MBEDTLS_ERR_CCM_BAD_INPUT;
|
return MBEDTLS_ERR_CCM_BAD_INPUT;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (cipher_info->block_size != 16) {
|
if (mbedtls_cipher_info_get_block_size(cipher_info) != 16) {
|
||||||
return MBEDTLS_ERR_CCM_BAD_INPUT;
|
return MBEDTLS_ERR_CCM_BAD_INPUT;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
192
library/cipher.c
192
library/cipher.c
@ -67,6 +67,12 @@
|
|||||||
|
|
||||||
static int supported_init = 0;
|
static int supported_init = 0;
|
||||||
|
|
||||||
|
static inline const mbedtls_cipher_base_t *mbedtls_cipher_get_base(
|
||||||
|
const mbedtls_cipher_info_t *info)
|
||||||
|
{
|
||||||
|
return mbedtls_cipher_base_lookup_table[info->base_idx];
|
||||||
|
}
|
||||||
|
|
||||||
const int *mbedtls_cipher_list(void)
|
const int *mbedtls_cipher_list(void)
|
||||||
{
|
{
|
||||||
const mbedtls_cipher_definition_t *def;
|
const mbedtls_cipher_definition_t *def;
|
||||||
@ -128,8 +134,8 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values(
|
|||||||
const mbedtls_cipher_definition_t *def;
|
const mbedtls_cipher_definition_t *def;
|
||||||
|
|
||||||
for (def = mbedtls_cipher_definitions; def->info != NULL; def++) {
|
for (def = mbedtls_cipher_definitions; def->info != NULL; def++) {
|
||||||
if (def->info->base->cipher == cipher_id &&
|
if (mbedtls_cipher_get_base(def->info)->cipher == cipher_id &&
|
||||||
def->info->key_bitlen == (unsigned) key_bitlen &&
|
mbedtls_cipher_info_get_key_bitlen(def->info) == (unsigned) key_bitlen &&
|
||||||
def->info->mode == mode) {
|
def->info->mode == mode) {
|
||||||
return def->info;
|
return def->info;
|
||||||
}
|
}
|
||||||
@ -178,7 +184,7 @@ void mbedtls_cipher_free(mbedtls_cipher_context_t *ctx)
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
if (ctx->cipher_ctx) {
|
if (ctx->cipher_ctx) {
|
||||||
ctx->cipher_info->base->ctx_free_func(ctx->cipher_ctx);
|
mbedtls_cipher_get_base(ctx->cipher_info)->ctx_free_func(ctx->cipher_ctx);
|
||||||
}
|
}
|
||||||
|
|
||||||
mbedtls_platform_zeroize(ctx, sizeof(mbedtls_cipher_context_t));
|
mbedtls_platform_zeroize(ctx, sizeof(mbedtls_cipher_context_t));
|
||||||
@ -193,7 +199,7 @@ int mbedtls_cipher_setup(mbedtls_cipher_context_t *ctx,
|
|||||||
|
|
||||||
memset(ctx, 0, sizeof(mbedtls_cipher_context_t));
|
memset(ctx, 0, sizeof(mbedtls_cipher_context_t));
|
||||||
|
|
||||||
if (NULL == (ctx->cipher_ctx = cipher_info->base->ctx_alloc_func())) {
|
if (NULL == (ctx->cipher_ctx = mbedtls_cipher_get_base(cipher_info)->ctx_alloc_func())) {
|
||||||
return MBEDTLS_ERR_CIPHER_ALLOC_FAILED;
|
return MBEDTLS_ERR_CIPHER_ALLOC_FAILED;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -228,11 +234,11 @@ int mbedtls_cipher_setup_psa(mbedtls_cipher_context_t *ctx,
|
|||||||
|
|
||||||
/* Check that the underlying cipher mode and cipher type are
|
/* Check that the underlying cipher mode and cipher type are
|
||||||
* supported by the underlying PSA Crypto implementation. */
|
* supported by the underlying PSA Crypto implementation. */
|
||||||
alg = mbedtls_psa_translate_cipher_mode(cipher_info->mode, taglen);
|
alg = mbedtls_psa_translate_cipher_mode(((mbedtls_cipher_mode_t) cipher_info->mode), taglen);
|
||||||
if (alg == 0) {
|
if (alg == 0) {
|
||||||
return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
|
return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
|
||||||
}
|
}
|
||||||
if (mbedtls_psa_translate_cipher_type(cipher_info->type) == 0) {
|
if (mbedtls_psa_translate_cipher_type(((mbedtls_cipher_type_t) cipher_info->type)) == 0) {
|
||||||
return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
|
return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -285,7 +291,7 @@ int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx,
|
|||||||
}
|
}
|
||||||
|
|
||||||
key_type = mbedtls_psa_translate_cipher_type(
|
key_type = mbedtls_psa_translate_cipher_type(
|
||||||
ctx->cipher_info->type);
|
((mbedtls_cipher_type_t) ctx->cipher_info->type));
|
||||||
if (key_type == 0) {
|
if (key_type == 0) {
|
||||||
return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
|
return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
|
||||||
}
|
}
|
||||||
@ -323,7 +329,7 @@ int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx,
|
|||||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||||
|
|
||||||
if ((ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_KEY_LEN) == 0 &&
|
if ((ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_KEY_LEN) == 0 &&
|
||||||
(int) ctx->cipher_info->key_bitlen != key_bitlen) {
|
(int) mbedtls_cipher_info_get_key_bitlen(ctx->cipher_info) != key_bitlen) {
|
||||||
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
|
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -334,15 +340,15 @@ int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx,
|
|||||||
* For OFB, CFB and CTR mode always use the encryption key schedule
|
* For OFB, CFB and CTR mode always use the encryption key schedule
|
||||||
*/
|
*/
|
||||||
if (MBEDTLS_ENCRYPT == operation ||
|
if (MBEDTLS_ENCRYPT == operation ||
|
||||||
MBEDTLS_MODE_CFB == ctx->cipher_info->mode ||
|
MBEDTLS_MODE_CFB == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) ||
|
||||||
MBEDTLS_MODE_OFB == ctx->cipher_info->mode ||
|
MBEDTLS_MODE_OFB == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) ||
|
||||||
MBEDTLS_MODE_CTR == ctx->cipher_info->mode) {
|
MBEDTLS_MODE_CTR == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) {
|
||||||
return ctx->cipher_info->base->setkey_enc_func(ctx->cipher_ctx, key,
|
return mbedtls_cipher_get_base(ctx->cipher_info)->setkey_enc_func(ctx->cipher_ctx, key,
|
||||||
ctx->key_bitlen);
|
ctx->key_bitlen);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (MBEDTLS_DECRYPT == operation) {
|
if (MBEDTLS_DECRYPT == operation) {
|
||||||
return ctx->cipher_info->base->setkey_dec_func(ctx->cipher_ctx, key,
|
return mbedtls_cipher_get_base(ctx->cipher_info)->setkey_dec_func(ctx->cipher_ctx, key,
|
||||||
ctx->key_bitlen);
|
ctx->key_bitlen);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -375,7 +381,7 @@ int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx,
|
|||||||
if ((ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_IV_LEN) != 0) {
|
if ((ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_IV_LEN) != 0) {
|
||||||
actual_iv_size = iv_len;
|
actual_iv_size = iv_len;
|
||||||
} else {
|
} else {
|
||||||
actual_iv_size = ctx->cipher_info->iv_size;
|
actual_iv_size = mbedtls_cipher_info_get_iv_size(ctx->cipher_info);
|
||||||
|
|
||||||
/* avoid reading past the end of input buffer */
|
/* avoid reading past the end of input buffer */
|
||||||
if (actual_iv_size > iv_len) {
|
if (actual_iv_size > iv_len) {
|
||||||
@ -384,7 +390,7 @@ int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx,
|
|||||||
}
|
}
|
||||||
|
|
||||||
#if defined(MBEDTLS_CHACHA20_C)
|
#if defined(MBEDTLS_CHACHA20_C)
|
||||||
if (ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20) {
|
if (((mbedtls_cipher_type_t) ctx->cipher_info->type) == MBEDTLS_CIPHER_CHACHA20) {
|
||||||
/* Even though the actual_iv_size is overwritten with a correct value
|
/* Even though the actual_iv_size is overwritten with a correct value
|
||||||
* of 12 from the cipher info, return an error to indicate that
|
* of 12 from the cipher info, return an error to indicate that
|
||||||
* the input iv_len is wrong. */
|
* the input iv_len is wrong. */
|
||||||
@ -399,7 +405,7 @@ int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx,
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
#if defined(MBEDTLS_CHACHAPOLY_C)
|
#if defined(MBEDTLS_CHACHAPOLY_C)
|
||||||
if (ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305 &&
|
if (((mbedtls_cipher_type_t) ctx->cipher_info->type) == MBEDTLS_CIPHER_CHACHA20_POLY1305 &&
|
||||||
iv_len != 12) {
|
iv_len != 12) {
|
||||||
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
|
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
|
||||||
}
|
}
|
||||||
@ -407,7 +413,7 @@ int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx,
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(MBEDTLS_GCM_C)
|
#if defined(MBEDTLS_GCM_C)
|
||||||
if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) {
|
if (MBEDTLS_MODE_GCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) {
|
||||||
return mbedtls_gcm_starts((mbedtls_gcm_context *) ctx->cipher_ctx,
|
return mbedtls_gcm_starts((mbedtls_gcm_context *) ctx->cipher_ctx,
|
||||||
ctx->operation,
|
ctx->operation,
|
||||||
iv, iv_len);
|
iv, iv_len);
|
||||||
@ -415,7 +421,7 @@ int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx,
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(MBEDTLS_CCM_C)
|
#if defined(MBEDTLS_CCM_C)
|
||||||
if (MBEDTLS_MODE_CCM_STAR_NO_TAG == ctx->cipher_info->mode) {
|
if (MBEDTLS_MODE_CCM_STAR_NO_TAG == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) {
|
||||||
int set_lengths_result;
|
int set_lengths_result;
|
||||||
int ccm_star_mode;
|
int ccm_star_mode;
|
||||||
|
|
||||||
@ -485,14 +491,14 @@ int mbedtls_cipher_update_ad(mbedtls_cipher_context_t *ctx,
|
|||||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||||
|
|
||||||
#if defined(MBEDTLS_GCM_C)
|
#if defined(MBEDTLS_GCM_C)
|
||||||
if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) {
|
if (MBEDTLS_MODE_GCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) {
|
||||||
return mbedtls_gcm_update_ad((mbedtls_gcm_context *) ctx->cipher_ctx,
|
return mbedtls_gcm_update_ad((mbedtls_gcm_context *) ctx->cipher_ctx,
|
||||||
ad, ad_len);
|
ad, ad_len);
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(MBEDTLS_CHACHAPOLY_C)
|
#if defined(MBEDTLS_CHACHAPOLY_C)
|
||||||
if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) {
|
if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ((mbedtls_cipher_type_t) ctx->cipher_info->type)) {
|
||||||
int result;
|
int result;
|
||||||
mbedtls_chachapoly_mode_t mode;
|
mbedtls_chachapoly_mode_t mode;
|
||||||
|
|
||||||
@ -541,15 +547,16 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in
|
|||||||
return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT;
|
return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ctx->cipher_info->mode == MBEDTLS_MODE_ECB) {
|
if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) == MBEDTLS_MODE_ECB) {
|
||||||
if (ilen != block_size) {
|
if (ilen != block_size) {
|
||||||
return MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED;
|
return MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED;
|
||||||
}
|
}
|
||||||
|
|
||||||
*olen = ilen;
|
*olen = ilen;
|
||||||
|
|
||||||
if (0 != (ret = ctx->cipher_info->base->ecb_func(ctx->cipher_ctx,
|
if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->ecb_func(ctx->cipher_ctx,
|
||||||
ctx->operation, input, output))) {
|
ctx->operation, input,
|
||||||
|
output))) {
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -557,7 +564,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in
|
|||||||
}
|
}
|
||||||
|
|
||||||
#if defined(MBEDTLS_GCM_C)
|
#if defined(MBEDTLS_GCM_C)
|
||||||
if (ctx->cipher_info->mode == MBEDTLS_MODE_GCM) {
|
if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) == MBEDTLS_MODE_GCM) {
|
||||||
return mbedtls_gcm_update((mbedtls_gcm_context *) ctx->cipher_ctx,
|
return mbedtls_gcm_update((mbedtls_gcm_context *) ctx->cipher_ctx,
|
||||||
input, ilen,
|
input, ilen,
|
||||||
output, ilen, olen);
|
output, ilen, olen);
|
||||||
@ -565,7 +572,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(MBEDTLS_CCM_C)
|
#if defined(MBEDTLS_CCM_C)
|
||||||
if (ctx->cipher_info->mode == MBEDTLS_MODE_CCM_STAR_NO_TAG) {
|
if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) == MBEDTLS_MODE_CCM_STAR_NO_TAG) {
|
||||||
return mbedtls_ccm_update((mbedtls_ccm_context *) ctx->cipher_ctx,
|
return mbedtls_ccm_update((mbedtls_ccm_context *) ctx->cipher_ctx,
|
||||||
input, ilen,
|
input, ilen,
|
||||||
output, ilen, olen);
|
output, ilen, olen);
|
||||||
@ -573,7 +580,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(MBEDTLS_CHACHAPOLY_C)
|
#if defined(MBEDTLS_CHACHAPOLY_C)
|
||||||
if (ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305) {
|
if (((mbedtls_cipher_type_t) ctx->cipher_info->type) == MBEDTLS_CIPHER_CHACHA20_POLY1305) {
|
||||||
*olen = ilen;
|
*olen = ilen;
|
||||||
return mbedtls_chachapoly_update((mbedtls_chachapoly_context *) ctx->cipher_ctx,
|
return mbedtls_chachapoly_update((mbedtls_chachapoly_context *) ctx->cipher_ctx,
|
||||||
ilen, input, output);
|
ilen, input, output);
|
||||||
@ -586,7 +593,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in
|
|||||||
}
|
}
|
||||||
|
|
||||||
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
||||||
if (ctx->cipher_info->mode == MBEDTLS_MODE_CBC) {
|
if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) == MBEDTLS_MODE_CBC) {
|
||||||
size_t copy_len = 0;
|
size_t copy_len = 0;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -614,9 +621,12 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in
|
|||||||
memcpy(&(ctx->unprocessed_data[ctx->unprocessed_len]), input,
|
memcpy(&(ctx->unprocessed_data[ctx->unprocessed_len]), input,
|
||||||
copy_len);
|
copy_len);
|
||||||
|
|
||||||
if (0 != (ret = ctx->cipher_info->base->cbc_func(ctx->cipher_ctx,
|
if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->cbc_func(ctx->cipher_ctx,
|
||||||
ctx->operation, block_size, ctx->iv,
|
ctx->operation,
|
||||||
ctx->unprocessed_data, output))) {
|
block_size, ctx->iv,
|
||||||
|
ctx->
|
||||||
|
unprocessed_data,
|
||||||
|
output))) {
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -654,8 +664,10 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in
|
|||||||
* Process remaining full blocks
|
* Process remaining full blocks
|
||||||
*/
|
*/
|
||||||
if (ilen) {
|
if (ilen) {
|
||||||
if (0 != (ret = ctx->cipher_info->base->cbc_func(ctx->cipher_ctx,
|
if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->cbc_func(ctx->cipher_ctx,
|
||||||
ctx->operation, ilen, ctx->iv, input,
|
ctx->operation,
|
||||||
|
ilen, ctx->iv,
|
||||||
|
input,
|
||||||
output))) {
|
output))) {
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
@ -668,10 +680,11 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in
|
|||||||
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
||||||
|
|
||||||
#if defined(MBEDTLS_CIPHER_MODE_CFB)
|
#if defined(MBEDTLS_CIPHER_MODE_CFB)
|
||||||
if (ctx->cipher_info->mode == MBEDTLS_MODE_CFB) {
|
if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) == MBEDTLS_MODE_CFB) {
|
||||||
if (0 != (ret = ctx->cipher_info->base->cfb_func(ctx->cipher_ctx,
|
if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->cfb_func(ctx->cipher_ctx,
|
||||||
ctx->operation, ilen,
|
ctx->operation, ilen,
|
||||||
&ctx->unprocessed_len, ctx->iv,
|
&ctx->unprocessed_len,
|
||||||
|
ctx->iv,
|
||||||
input, output))) {
|
input, output))) {
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
@ -683,9 +696,11 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in
|
|||||||
#endif /* MBEDTLS_CIPHER_MODE_CFB */
|
#endif /* MBEDTLS_CIPHER_MODE_CFB */
|
||||||
|
|
||||||
#if defined(MBEDTLS_CIPHER_MODE_OFB)
|
#if defined(MBEDTLS_CIPHER_MODE_OFB)
|
||||||
if (ctx->cipher_info->mode == MBEDTLS_MODE_OFB) {
|
if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) == MBEDTLS_MODE_OFB) {
|
||||||
if (0 != (ret = ctx->cipher_info->base->ofb_func(ctx->cipher_ctx,
|
if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->ofb_func(ctx->cipher_ctx,
|
||||||
ilen, &ctx->unprocessed_len, ctx->iv,
|
ilen,
|
||||||
|
&ctx->unprocessed_len,
|
||||||
|
ctx->iv,
|
||||||
input, output))) {
|
input, output))) {
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
@ -697,10 +712,13 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in
|
|||||||
#endif /* MBEDTLS_CIPHER_MODE_OFB */
|
#endif /* MBEDTLS_CIPHER_MODE_OFB */
|
||||||
|
|
||||||
#if defined(MBEDTLS_CIPHER_MODE_CTR)
|
#if defined(MBEDTLS_CIPHER_MODE_CTR)
|
||||||
if (ctx->cipher_info->mode == MBEDTLS_MODE_CTR) {
|
if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) == MBEDTLS_MODE_CTR) {
|
||||||
if (0 != (ret = ctx->cipher_info->base->ctr_func(ctx->cipher_ctx,
|
if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->ctr_func(ctx->cipher_ctx,
|
||||||
ilen, &ctx->unprocessed_len, ctx->iv,
|
ilen,
|
||||||
ctx->unprocessed_data, input, output))) {
|
&ctx->unprocessed_len,
|
||||||
|
ctx->iv,
|
||||||
|
ctx->unprocessed_data,
|
||||||
|
input, output))) {
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -711,14 +729,18 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in
|
|||||||
#endif /* MBEDTLS_CIPHER_MODE_CTR */
|
#endif /* MBEDTLS_CIPHER_MODE_CTR */
|
||||||
|
|
||||||
#if defined(MBEDTLS_CIPHER_MODE_XTS)
|
#if defined(MBEDTLS_CIPHER_MODE_XTS)
|
||||||
if (ctx->cipher_info->mode == MBEDTLS_MODE_XTS) {
|
if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) == MBEDTLS_MODE_XTS) {
|
||||||
if (ctx->unprocessed_len > 0) {
|
if (ctx->unprocessed_len > 0) {
|
||||||
/* We can only process an entire data unit at a time. */
|
/* We can only process an entire data unit at a time. */
|
||||||
return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
|
return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = ctx->cipher_info->base->xts_func(ctx->cipher_ctx,
|
ret = mbedtls_cipher_get_base(ctx->cipher_info)->xts_func(ctx->cipher_ctx,
|
||||||
ctx->operation, ilen, ctx->iv, input, output);
|
ctx->operation,
|
||||||
|
ilen,
|
||||||
|
ctx->iv,
|
||||||
|
input,
|
||||||
|
output);
|
||||||
if (ret != 0) {
|
if (ret != 0) {
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
@ -730,9 +752,10 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in
|
|||||||
#endif /* MBEDTLS_CIPHER_MODE_XTS */
|
#endif /* MBEDTLS_CIPHER_MODE_XTS */
|
||||||
|
|
||||||
#if defined(MBEDTLS_CIPHER_MODE_STREAM)
|
#if defined(MBEDTLS_CIPHER_MODE_STREAM)
|
||||||
if (ctx->cipher_info->mode == MBEDTLS_MODE_STREAM) {
|
if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) == MBEDTLS_MODE_STREAM) {
|
||||||
if (0 != (ret = ctx->cipher_info->base->stream_func(ctx->cipher_ctx,
|
if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->stream_func(ctx->cipher_ctx,
|
||||||
ilen, input, output))) {
|
ilen, input,
|
||||||
|
output))) {
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -944,22 +967,22 @@ int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx,
|
|||||||
|
|
||||||
*olen = 0;
|
*olen = 0;
|
||||||
|
|
||||||
if (MBEDTLS_MODE_CFB == ctx->cipher_info->mode ||
|
if (MBEDTLS_MODE_CFB == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) ||
|
||||||
MBEDTLS_MODE_OFB == ctx->cipher_info->mode ||
|
MBEDTLS_MODE_OFB == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) ||
|
||||||
MBEDTLS_MODE_CTR == ctx->cipher_info->mode ||
|
MBEDTLS_MODE_CTR == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) ||
|
||||||
MBEDTLS_MODE_GCM == ctx->cipher_info->mode ||
|
MBEDTLS_MODE_GCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) ||
|
||||||
MBEDTLS_MODE_CCM_STAR_NO_TAG == ctx->cipher_info->mode ||
|
MBEDTLS_MODE_CCM_STAR_NO_TAG == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) ||
|
||||||
MBEDTLS_MODE_XTS == ctx->cipher_info->mode ||
|
MBEDTLS_MODE_XTS == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) ||
|
||||||
MBEDTLS_MODE_STREAM == ctx->cipher_info->mode) {
|
MBEDTLS_MODE_STREAM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((MBEDTLS_CIPHER_CHACHA20 == ctx->cipher_info->type) ||
|
if ((MBEDTLS_CIPHER_CHACHA20 == ((mbedtls_cipher_type_t) ctx->cipher_info->type)) ||
|
||||||
(MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type)) {
|
(MBEDTLS_CIPHER_CHACHA20_POLY1305 == ((mbedtls_cipher_type_t) ctx->cipher_info->type))) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (MBEDTLS_MODE_ECB == ctx->cipher_info->mode) {
|
if (MBEDTLS_MODE_ECB == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) {
|
||||||
if (ctx->unprocessed_len != 0) {
|
if (ctx->unprocessed_len != 0) {
|
||||||
return MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED;
|
return MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED;
|
||||||
}
|
}
|
||||||
@ -968,7 +991,7 @@ int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx,
|
|||||||
}
|
}
|
||||||
|
|
||||||
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
||||||
if (MBEDTLS_MODE_CBC == ctx->cipher_info->mode) {
|
if (MBEDTLS_MODE_CBC == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) {
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
|
|
||||||
if (MBEDTLS_ENCRYPT == ctx->operation) {
|
if (MBEDTLS_ENCRYPT == ctx->operation) {
|
||||||
@ -996,11 +1019,13 @@ int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx,
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* cipher block */
|
/* cipher block */
|
||||||
if (0 != (ret = ctx->cipher_info->base->cbc_func(ctx->cipher_ctx,
|
if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->cbc_func(ctx->cipher_ctx,
|
||||||
ctx->operation,
|
ctx->operation,
|
||||||
mbedtls_cipher_get_block_size(ctx),
|
mbedtls_cipher_get_block_size(
|
||||||
|
ctx),
|
||||||
ctx->iv,
|
ctx->iv,
|
||||||
ctx->unprocessed_data, output))) {
|
ctx->unprocessed_data,
|
||||||
|
output))) {
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1025,7 +1050,8 @@ int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx,
|
|||||||
int mbedtls_cipher_set_padding_mode(mbedtls_cipher_context_t *ctx,
|
int mbedtls_cipher_set_padding_mode(mbedtls_cipher_context_t *ctx,
|
||||||
mbedtls_cipher_padding_t mode)
|
mbedtls_cipher_padding_t mode)
|
||||||
{
|
{
|
||||||
if (NULL == ctx->cipher_info || MBEDTLS_MODE_CBC != ctx->cipher_info->mode) {
|
if (NULL == ctx->cipher_info ||
|
||||||
|
MBEDTLS_MODE_CBC != ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) {
|
||||||
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
|
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1102,7 +1128,7 @@ int mbedtls_cipher_write_tag(mbedtls_cipher_context_t *ctx,
|
|||||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||||
|
|
||||||
#if defined(MBEDTLS_GCM_C)
|
#if defined(MBEDTLS_GCM_C)
|
||||||
if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) {
|
if (MBEDTLS_MODE_GCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) {
|
||||||
size_t output_length;
|
size_t output_length;
|
||||||
/* The code here doesn't yet support alternative implementations
|
/* The code here doesn't yet support alternative implementations
|
||||||
* that can delay up to a block of output. */
|
* that can delay up to a block of output. */
|
||||||
@ -1113,7 +1139,7 @@ int mbedtls_cipher_write_tag(mbedtls_cipher_context_t *ctx,
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(MBEDTLS_CHACHAPOLY_C)
|
#if defined(MBEDTLS_CHACHAPOLY_C)
|
||||||
if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) {
|
if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ((mbedtls_cipher_type_t) ctx->cipher_info->type)) {
|
||||||
/* Don't allow truncated MAC for Poly1305 */
|
/* Don't allow truncated MAC for Poly1305 */
|
||||||
if (tag_len != 16U) {
|
if (tag_len != 16U) {
|
||||||
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
|
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
|
||||||
@ -1154,7 +1180,7 @@ int mbedtls_cipher_check_tag(mbedtls_cipher_context_t *ctx,
|
|||||||
ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
|
ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
|
||||||
|
|
||||||
#if defined(MBEDTLS_GCM_C)
|
#if defined(MBEDTLS_GCM_C)
|
||||||
if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) {
|
if (MBEDTLS_MODE_GCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) {
|
||||||
size_t output_length;
|
size_t output_length;
|
||||||
/* The code here doesn't yet support alternative implementations
|
/* The code here doesn't yet support alternative implementations
|
||||||
* that can delay up to a block of output. */
|
* that can delay up to a block of output. */
|
||||||
@ -1179,7 +1205,7 @@ int mbedtls_cipher_check_tag(mbedtls_cipher_context_t *ctx,
|
|||||||
#endif /* MBEDTLS_GCM_C */
|
#endif /* MBEDTLS_GCM_C */
|
||||||
|
|
||||||
#if defined(MBEDTLS_CHACHAPOLY_C)
|
#if defined(MBEDTLS_CHACHAPOLY_C)
|
||||||
if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) {
|
if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ((mbedtls_cipher_type_t) ctx->cipher_info->type)) {
|
||||||
/* Don't allow truncated MAC for Poly1305 */
|
/* Don't allow truncated MAC for Poly1305 */
|
||||||
if (tag_len != sizeof(check_tag)) {
|
if (tag_len != sizeof(check_tag)) {
|
||||||
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
|
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
|
||||||
@ -1250,7 +1276,7 @@ int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx,
|
|||||||
return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED;
|
return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ctx->cipher_info->mode != MBEDTLS_MODE_ECB) {
|
if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) != MBEDTLS_MODE_ECB) {
|
||||||
status = psa_cipher_set_iv(&cipher_op, iv, iv_len);
|
status = psa_cipher_set_iv(&cipher_op, iv, iv_len);
|
||||||
if (status != PSA_SUCCESS) {
|
if (status != PSA_SUCCESS) {
|
||||||
return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED;
|
return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED;
|
||||||
@ -1345,7 +1371,7 @@ static int mbedtls_cipher_aead_encrypt(mbedtls_cipher_context_t *ctx,
|
|||||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||||
|
|
||||||
#if defined(MBEDTLS_GCM_C)
|
#if defined(MBEDTLS_GCM_C)
|
||||||
if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) {
|
if (MBEDTLS_MODE_GCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) {
|
||||||
*olen = ilen;
|
*olen = ilen;
|
||||||
return mbedtls_gcm_crypt_and_tag(ctx->cipher_ctx, MBEDTLS_GCM_ENCRYPT,
|
return mbedtls_gcm_crypt_and_tag(ctx->cipher_ctx, MBEDTLS_GCM_ENCRYPT,
|
||||||
ilen, iv, iv_len, ad, ad_len,
|
ilen, iv, iv_len, ad, ad_len,
|
||||||
@ -1353,7 +1379,7 @@ static int mbedtls_cipher_aead_encrypt(mbedtls_cipher_context_t *ctx,
|
|||||||
}
|
}
|
||||||
#endif /* MBEDTLS_GCM_C */
|
#endif /* MBEDTLS_GCM_C */
|
||||||
#if defined(MBEDTLS_CCM_C)
|
#if defined(MBEDTLS_CCM_C)
|
||||||
if (MBEDTLS_MODE_CCM == ctx->cipher_info->mode) {
|
if (MBEDTLS_MODE_CCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) {
|
||||||
*olen = ilen;
|
*olen = ilen;
|
||||||
return mbedtls_ccm_encrypt_and_tag(ctx->cipher_ctx, ilen,
|
return mbedtls_ccm_encrypt_and_tag(ctx->cipher_ctx, ilen,
|
||||||
iv, iv_len, ad, ad_len, input, output,
|
iv, iv_len, ad, ad_len, input, output,
|
||||||
@ -1361,9 +1387,9 @@ static int mbedtls_cipher_aead_encrypt(mbedtls_cipher_context_t *ctx,
|
|||||||
}
|
}
|
||||||
#endif /* MBEDTLS_CCM_C */
|
#endif /* MBEDTLS_CCM_C */
|
||||||
#if defined(MBEDTLS_CHACHAPOLY_C)
|
#if defined(MBEDTLS_CHACHAPOLY_C)
|
||||||
if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) {
|
if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ((mbedtls_cipher_type_t) ctx->cipher_info->type)) {
|
||||||
/* ChachaPoly has fixed length nonce and MAC (tag) */
|
/* ChachaPoly has fixed length nonce and MAC (tag) */
|
||||||
if ((iv_len != ctx->cipher_info->iv_size) ||
|
if ((iv_len != mbedtls_cipher_info_get_iv_size(ctx->cipher_info)) ||
|
||||||
(tag_len != 16U)) {
|
(tag_len != 16U)) {
|
||||||
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
|
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
|
||||||
}
|
}
|
||||||
@ -1423,7 +1449,7 @@ static int mbedtls_cipher_aead_decrypt(mbedtls_cipher_context_t *ctx,
|
|||||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||||
|
|
||||||
#if defined(MBEDTLS_GCM_C)
|
#if defined(MBEDTLS_GCM_C)
|
||||||
if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) {
|
if (MBEDTLS_MODE_GCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) {
|
||||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||||
|
|
||||||
*olen = ilen;
|
*olen = ilen;
|
||||||
@ -1439,7 +1465,7 @@ static int mbedtls_cipher_aead_decrypt(mbedtls_cipher_context_t *ctx,
|
|||||||
}
|
}
|
||||||
#endif /* MBEDTLS_GCM_C */
|
#endif /* MBEDTLS_GCM_C */
|
||||||
#if defined(MBEDTLS_CCM_C)
|
#if defined(MBEDTLS_CCM_C)
|
||||||
if (MBEDTLS_MODE_CCM == ctx->cipher_info->mode) {
|
if (MBEDTLS_MODE_CCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) {
|
||||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||||
|
|
||||||
*olen = ilen;
|
*olen = ilen;
|
||||||
@ -1455,11 +1481,11 @@ static int mbedtls_cipher_aead_decrypt(mbedtls_cipher_context_t *ctx,
|
|||||||
}
|
}
|
||||||
#endif /* MBEDTLS_CCM_C */
|
#endif /* MBEDTLS_CCM_C */
|
||||||
#if defined(MBEDTLS_CHACHAPOLY_C)
|
#if defined(MBEDTLS_CHACHAPOLY_C)
|
||||||
if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) {
|
if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ((mbedtls_cipher_type_t) ctx->cipher_info->type)) {
|
||||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||||
|
|
||||||
/* ChachaPoly has fixed length nonce and MAC (tag) */
|
/* ChachaPoly has fixed length nonce and MAC (tag) */
|
||||||
if ((iv_len != ctx->cipher_info->iv_size) ||
|
if ((iv_len != mbedtls_cipher_info_get_iv_size(ctx->cipher_info)) ||
|
||||||
(tag_len != 16U)) {
|
(tag_len != 16U)) {
|
||||||
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
|
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
|
||||||
}
|
}
|
||||||
@ -1496,9 +1522,10 @@ int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx,
|
|||||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||||
ctx->psa_enabled == 0 &&
|
ctx->psa_enabled == 0 &&
|
||||||
#endif
|
#endif
|
||||||
(MBEDTLS_MODE_KW == ctx->cipher_info->mode ||
|
(MBEDTLS_MODE_KW == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) ||
|
||||||
MBEDTLS_MODE_KWP == ctx->cipher_info->mode)) {
|
MBEDTLS_MODE_KWP == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode))) {
|
||||||
mbedtls_nist_kw_mode_t mode = (MBEDTLS_MODE_KW == ctx->cipher_info->mode) ?
|
mbedtls_nist_kw_mode_t mode =
|
||||||
|
(MBEDTLS_MODE_KW == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) ?
|
||||||
MBEDTLS_KW_MODE_KW : MBEDTLS_KW_MODE_KWP;
|
MBEDTLS_KW_MODE_KW : MBEDTLS_KW_MODE_KWP;
|
||||||
|
|
||||||
/* There is no iv, tag or ad associated with KW and KWP,
|
/* There is no iv, tag or ad associated with KW and KWP,
|
||||||
@ -1546,9 +1573,10 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx,
|
|||||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||||
ctx->psa_enabled == 0 &&
|
ctx->psa_enabled == 0 &&
|
||||||
#endif
|
#endif
|
||||||
(MBEDTLS_MODE_KW == ctx->cipher_info->mode ||
|
(MBEDTLS_MODE_KW == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) ||
|
||||||
MBEDTLS_MODE_KWP == ctx->cipher_info->mode)) {
|
MBEDTLS_MODE_KWP == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode))) {
|
||||||
mbedtls_nist_kw_mode_t mode = (MBEDTLS_MODE_KW == ctx->cipher_info->mode) ?
|
mbedtls_nist_kw_mode_t mode =
|
||||||
|
(MBEDTLS_MODE_KW == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) ?
|
||||||
MBEDTLS_KW_MODE_KW : MBEDTLS_KW_MODE_KWP;
|
MBEDTLS_KW_MODE_KW : MBEDTLS_KW_MODE_KWP;
|
||||||
|
|
||||||
/* There is no iv, tag or ad associated with KW and KWP,
|
/* There is no iv, tag or ad associated with KW and KWP,
|
||||||
|
|||||||
File diff suppressed because it is too large
Load Diff
@ -135,6 +135,8 @@ extern const mbedtls_cipher_definition_t mbedtls_cipher_definitions[];
|
|||||||
|
|
||||||
extern int mbedtls_cipher_supported[];
|
extern int mbedtls_cipher_supported[];
|
||||||
|
|
||||||
|
extern const mbedtls_cipher_base_t *mbedtls_cipher_base_lookup_table[];
|
||||||
|
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|||||||
@ -119,7 +119,7 @@ static int cmac_generate_subkeys(mbedtls_cipher_context_t *ctx,
|
|||||||
|
|
||||||
mbedtls_platform_zeroize(L, sizeof(L));
|
mbedtls_platform_zeroize(L, sizeof(L));
|
||||||
|
|
||||||
block_size = ctx->cipher_info->block_size;
|
block_size = mbedtls_cipher_info_get_block_size(ctx->cipher_info);
|
||||||
|
|
||||||
/* Calculate Ek(0) */
|
/* Calculate Ek(0) */
|
||||||
if ((ret = mbedtls_cipher_update(ctx, L, block_size, L, &olen)) != 0) {
|
if ((ret = mbedtls_cipher_update(ctx, L, block_size, L, &olen)) != 0) {
|
||||||
@ -186,7 +186,7 @@ int mbedtls_cipher_cmac_starts(mbedtls_cipher_context_t *ctx,
|
|||||||
return retval;
|
return retval;
|
||||||
}
|
}
|
||||||
|
|
||||||
type = ctx->cipher_info->type;
|
type = mbedtls_cipher_info_get_type(ctx->cipher_info);
|
||||||
|
|
||||||
switch (type) {
|
switch (type) {
|
||||||
case MBEDTLS_CIPHER_AES_128_ECB:
|
case MBEDTLS_CIPHER_AES_128_ECB:
|
||||||
@ -226,7 +226,7 @@ int mbedtls_cipher_cmac_update(mbedtls_cipher_context_t *ctx,
|
|||||||
}
|
}
|
||||||
|
|
||||||
cmac_ctx = ctx->cmac_ctx;
|
cmac_ctx = ctx->cmac_ctx;
|
||||||
block_size = ctx->cipher_info->block_size;
|
block_size = mbedtls_cipher_info_get_block_size(ctx->cipher_info);
|
||||||
state = ctx->cmac_ctx->state;
|
state = ctx->cmac_ctx->state;
|
||||||
|
|
||||||
/* Is there data still to process from the last call, that's greater in
|
/* Is there data still to process from the last call, that's greater in
|
||||||
@ -295,7 +295,7 @@ int mbedtls_cipher_cmac_finish(mbedtls_cipher_context_t *ctx,
|
|||||||
}
|
}
|
||||||
|
|
||||||
cmac_ctx = ctx->cmac_ctx;
|
cmac_ctx = ctx->cmac_ctx;
|
||||||
block_size = ctx->cipher_info->block_size;
|
block_size = mbedtls_cipher_info_get_block_size(ctx->cipher_info);
|
||||||
state = cmac_ctx->state;
|
state = cmac_ctx->state;
|
||||||
|
|
||||||
mbedtls_platform_zeroize(K1, sizeof(K1));
|
mbedtls_platform_zeroize(K1, sizeof(K1));
|
||||||
|
|||||||
@ -147,7 +147,7 @@ int mbedtls_gcm_setkey(mbedtls_gcm_context *ctx,
|
|||||||
return MBEDTLS_ERR_GCM_BAD_INPUT;
|
return MBEDTLS_ERR_GCM_BAD_INPUT;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (cipher_info->block_size != 16) {
|
if (mbedtls_cipher_info_get_block_size(cipher_info) != 16) {
|
||||||
return MBEDTLS_ERR_GCM_BAD_INPUT;
|
return MBEDTLS_ERR_GCM_BAD_INPUT;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -75,7 +75,7 @@ int mbedtls_nist_kw_setkey(mbedtls_nist_kw_context *ctx,
|
|||||||
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
|
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (cipher_info->block_size != 16) {
|
if (mbedtls_cipher_info_get_block_size(cipher_info) != 16) {
|
||||||
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
|
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -151,11 +151,11 @@ int mbedtls_pkcs12_pbe(mbedtls_asn1_buf *pbe_params, int mode,
|
|||||||
return MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE;
|
return MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE;
|
||||||
}
|
}
|
||||||
|
|
||||||
keylen = cipher_info->key_bitlen / 8;
|
keylen = (int) mbedtls_cipher_info_get_key_bitlen(cipher_info) / 8;
|
||||||
|
|
||||||
if ((ret = pkcs12_pbe_derive_key_iv(pbe_params, md_type, pwd, pwdlen,
|
if ((ret = pkcs12_pbe_derive_key_iv(pbe_params, md_type, pwd, pwdlen,
|
||||||
key, keylen,
|
key, keylen,
|
||||||
iv, cipher_info->iv_size)) != 0) {
|
iv, mbedtls_cipher_info_get_iv_size(cipher_info))) != 0) {
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -171,7 +171,9 @@ int mbedtls_pkcs12_pbe(mbedtls_asn1_buf *pbe_params, int mode,
|
|||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((ret = mbedtls_cipher_set_iv(&cipher_ctx, iv, cipher_info->iv_size)) != 0) {
|
if ((ret =
|
||||||
|
mbedtls_cipher_set_iv(&cipher_ctx, iv,
|
||||||
|
mbedtls_cipher_info_get_iv_size(cipher_info))) != 0) {
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -176,10 +176,10 @@ int mbedtls_pkcs5_pbes2(const mbedtls_asn1_buf *pbe_params, int mode,
|
|||||||
* The value of keylen from pkcs5_parse_pbkdf2_params() is ignored
|
* The value of keylen from pkcs5_parse_pbkdf2_params() is ignored
|
||||||
* since it is optional and we don't know if it was set or not
|
* since it is optional and we don't know if it was set or not
|
||||||
*/
|
*/
|
||||||
keylen = cipher_info->key_bitlen / 8;
|
keylen = (int) mbedtls_cipher_info_get_key_bitlen(cipher_info) / 8;
|
||||||
|
|
||||||
if (enc_scheme_params.tag != MBEDTLS_ASN1_OCTET_STRING ||
|
if (enc_scheme_params.tag != MBEDTLS_ASN1_OCTET_STRING ||
|
||||||
enc_scheme_params.len != cipher_info->iv_size) {
|
enc_scheme_params.len != mbedtls_cipher_info_get_iv_size(cipher_info)) {
|
||||||
return MBEDTLS_ERR_PKCS5_INVALID_FORMAT;
|
return MBEDTLS_ERR_PKCS5_INVALID_FORMAT;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -306,7 +306,7 @@ static psa_status_t psa_cipher_update_ecb(
|
|||||||
size_t *output_length)
|
size_t *output_length)
|
||||||
{
|
{
|
||||||
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||||
size_t block_size = ctx->cipher_info->block_size;
|
size_t block_size = mbedtls_cipher_info_get_block_size(ctx->cipher_info);
|
||||||
size_t internal_output_length = 0;
|
size_t internal_output_length = 0;
|
||||||
*output_length = 0;
|
*output_length = 0;
|
||||||
|
|
||||||
|
|||||||
@ -8323,7 +8323,7 @@ static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform,
|
|||||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||||
size_t block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type);
|
size_t block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type);
|
||||||
#else
|
#else
|
||||||
size_t block_size = cipher_info->block_size;
|
size_t block_size = mbedtls_cipher_info_get_block_size(cipher_info);
|
||||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||||
|
|
||||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||||
@ -8346,7 +8346,7 @@ static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform,
|
|||||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||||
transform->ivlen = PSA_CIPHER_IV_LENGTH(key_type, alg);
|
transform->ivlen = PSA_CIPHER_IV_LENGTH(key_type, alg);
|
||||||
#else
|
#else
|
||||||
transform->ivlen = cipher_info->iv_size;
|
transform->ivlen = mbedtls_cipher_info_get_iv_size(cipher_info);
|
||||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||||
|
|
||||||
/* Minimum length */
|
/* Minimum length */
|
||||||
|
|||||||
@ -1019,14 +1019,14 @@ int mbedtls_ssl_tls13_populate_transform(
|
|||||||
|
|
||||||
#if !defined(MBEDTLS_USE_PSA_CRYPTO)
|
#if !defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||||
if ((ret = mbedtls_cipher_setkey(&transform->cipher_ctx_enc,
|
if ((ret = mbedtls_cipher_setkey(&transform->cipher_ctx_enc,
|
||||||
key_enc, cipher_info->key_bitlen,
|
key_enc, mbedtls_cipher_info_get_key_bitlen(cipher_info),
|
||||||
MBEDTLS_ENCRYPT)) != 0) {
|
MBEDTLS_ENCRYPT)) != 0) {
|
||||||
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setkey", ret);
|
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setkey", ret);
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((ret = mbedtls_cipher_setkey(&transform->cipher_ctx_dec,
|
if ((ret = mbedtls_cipher_setkey(&transform->cipher_ctx_dec,
|
||||||
key_dec, cipher_info->key_bitlen,
|
key_dec, mbedtls_cipher_info_get_key_bitlen(cipher_info),
|
||||||
MBEDTLS_DECRYPT)) != 0) {
|
MBEDTLS_DECRYPT)) != 0) {
|
||||||
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setkey", ret);
|
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setkey", ret);
|
||||||
return ret;
|
return ret;
|
||||||
|
|||||||
@ -1142,11 +1142,11 @@ int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in,
|
|||||||
/* Pick cipher */
|
/* Pick cipher */
|
||||||
cipher_info = mbedtls_cipher_info_from_type(cipher_type);
|
cipher_info = mbedtls_cipher_info_from_type(cipher_type);
|
||||||
CHK(cipher_info != NULL);
|
CHK(cipher_info != NULL);
|
||||||
CHK(cipher_info->iv_size <= 16);
|
CHK(mbedtls_cipher_info_get_iv_size(cipher_info) <= 16);
|
||||||
CHK(cipher_info->key_bitlen % 8 == 0);
|
CHK(mbedtls_cipher_info_get_key_bitlen(cipher_info) % 8 == 0);
|
||||||
|
|
||||||
/* Pick keys */
|
/* Pick keys */
|
||||||
keylen = cipher_info->key_bitlen / 8;
|
keylen = mbedtls_cipher_info_get_key_bitlen(cipher_info) / 8;
|
||||||
/* Allocate `keylen + 1` bytes to ensure that we get
|
/* Allocate `keylen + 1` bytes to ensure that we get
|
||||||
* a non-NULL pointers from `mbedtls_calloc` even if
|
* a non-NULL pointers from `mbedtls_calloc` even if
|
||||||
* `keylen == 0` in the case of the NULL cipher. */
|
* `keylen == 0` in the case of the NULL cipher. */
|
||||||
@ -1273,7 +1273,7 @@ int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in,
|
|||||||
|
|
||||||
/* Pick IV's (regardless of whether they
|
/* Pick IV's (regardless of whether they
|
||||||
* are being used by the transform). */
|
* are being used by the transform). */
|
||||||
ivlen = cipher_info->iv_size;
|
ivlen = mbedtls_cipher_info_get_iv_size(cipher_info);
|
||||||
memset(iv_enc, 0x3, sizeof(iv_enc));
|
memset(iv_enc, 0x3, sizeof(iv_enc));
|
||||||
memset(iv_dec, 0x4, sizeof(iv_dec));
|
memset(iv_dec, 0x4, sizeof(iv_dec));
|
||||||
|
|
||||||
|
|||||||
@ -586,12 +586,12 @@ void dec_empty_buf(int cipher,
|
|||||||
ASSERT_ALLOC(iv, iv_len);
|
ASSERT_ALLOC(iv, iv_len);
|
||||||
memset(iv, 0, iv_len);
|
memset(iv, 0, iv_len);
|
||||||
|
|
||||||
TEST_ASSERT(sizeof(key) * 8 >= cipher_info->key_bitlen);
|
TEST_ASSERT(sizeof(key) * 8 >= mbedtls_cipher_info_get_key_bitlen(cipher_info));
|
||||||
|
|
||||||
TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx_dec, cipher_info));
|
TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx_dec, cipher_info));
|
||||||
|
|
||||||
TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx_dec,
|
TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx_dec,
|
||||||
key, cipher_info->key_bitlen,
|
key, mbedtls_cipher_info_get_key_bitlen(cipher_info),
|
||||||
MBEDTLS_DECRYPT));
|
MBEDTLS_DECRYPT));
|
||||||
|
|
||||||
TEST_ASSERT(0 == mbedtls_cipher_set_iv(&ctx_dec, iv, iv_len));
|
TEST_ASSERT(0 == mbedtls_cipher_set_iv(&ctx_dec, iv, iv_len));
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user