espressif/esp-idf
1
0
Fork 1
mirror of https://github.com/espressif/esp-idf.git synced 2025-08-01 03:34:32 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix(mbedtls/gcm): Avoid using GCM hardware when config MBEDTLS_HARDWARE_GCM is disabled

Browse Source
This commit is contained in:
harshal.patil
2023-12-27 12:54:05 +05:30
parent 3bffba71c0
commit 7f20e696b6
2 changed files with 5 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
components/mbedtls/port/aes/dma/esp_aes.c
View File

@@ -50,10 +50,6 @@
#include "freertos/FreeRTOS.h"
#include "freertos/semphr.h"
#if SOC_AES_SUPPORT_GCM
#include "aes/esp_aes_gcm.h"
#endif
#if SOC_AES_GDMA
#define AES_LOCK() esp_crypto_sha_aes_lock_acquire()
#define AES_RELEASE() esp_crypto_sha_aes_lock_release()
@@ -470,7 +466,7 @@ cleanup:
}
#if SOC_AES_SUPPORT_GCM
#if CONFIG_MBEDTLS_HARDWARE_GCM
/* Encrypt/decrypt with AES-GCM the input using DMA
* The function esp_aes_process_dma_gcm zeroises the output buffer in the case of following conditions:
@@ -601,7 +597,7 @@ cleanup:
return ret;
}
#endif //SOC_AES_SUPPORT_GCM
#endif //CONFIG_MBEDTLS_HARDWARE_GCM
static int esp_aes_validate_input(esp_aes_context *ctx, const unsigned char *input,
unsigned char *output )

6
components/mbedtls/port/aes/esp_aes_gcm.c
View File

@@ -391,7 +391,7 @@ int esp_aes_gcm_starts( esp_gcm_context *ctx,
/* H and the lookup table are only generated once per ctx */
if (ctx->gcm_state == ESP_AES_GCM_STATE_INIT) {
/* Lock the AES engine to calculate ghash key H in hardware */
#if SOC_AES_SUPPORT_GCM
#if CONFIG_MBEDTLS_HARDWARE_GCM
esp_aes_acquire_hardware();
ctx->aes_ctx.key_in_hardware = aes_hal_setkey(ctx->aes_ctx.key, ctx->aes_ctx.key_bytes, mode);
aes_hal_mode_init(ESP_AES_BLOCK_MODE_GCM);
@@ -508,7 +508,7 @@ int esp_aes_gcm_finish( esp_gcm_context *ctx,
return esp_aes_crypt_ctr(&ctx->aes_ctx, tag_len, &nc_off, ctx->ori_j0, stream, ctx->ghash, tag);
}
#if SOC_AES_SUPPORT_GCM
#if CONFIG_MBEDTLS_HARDWARE_GCM
/* Due to restrictions in the hardware (e.g. need to do the whole conversion in one go),
some combinations of inputs are not supported */
static bool esp_aes_gcm_input_support_hw_accel(size_t length, const unsigned char *aad, size_t aad_len,
@@ -581,7 +581,7 @@ int esp_aes_gcm_crypt_and_tag( esp_gcm_context *ctx,
size_t tag_len,
unsigned char *tag )
{
#if SOC_AES_SUPPORT_GCM
#if CONFIG_MBEDTLS_HARDWARE_GCM
int ret;
lldesc_t aad_desc[2] = {};
lldesc_t *aad_head_desc = NULL;