espressif/esp-idf
1
0
Fork 1
mirror of https://github.com/espressif/esp-idf.git synced 2025-08-01 19:54:32 +02:00
Code Issues Packages Projects Releases Wiki Activity

mbedtls: update usage of mbedtls_aes_encrypt/decrypt

Browse Source
This commit is contained in:
Ivan Grokhotkov
2018-05-08 23:50:22 +08:00
parent aad51ea8a0
commit dbc919eff5
6 changed files with 44 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
components/esp32/hwcrypto/aes.c
View File

@@ -155,7 +155,7 @@ static inline void esp_aes_block(const void *input, void *output)
/* /*
* AES-ECB block encryption * AES-ECB block encryption
*/ */
void esp_aes_encrypt( esp_aes_context *ctx, int esp_internal_aes_encrypt( esp_aes_context *ctx,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ) unsigned char output[16] )
{ {
@@ -163,13 +163,21 @@ void esp_aes_encrypt( esp_aes_context *ctx,
esp_aes_setkey_hardware(ctx, ESP_AES_ENCRYPT); esp_aes_setkey_hardware(ctx, ESP_AES_ENCRYPT);
esp_aes_block(input, output); esp_aes_block(input, output);
esp_aes_release_hardware(); esp_aes_release_hardware();
return 0;
}
void esp_aes_encrypt( esp_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16] )
{
esp_internal_aes_encrypt(ctx, input, output);
} }
/* /*
* AES-ECB block decryption * AES-ECB block decryption
*/ */
void esp_aes_decrypt( esp_aes_context *ctx, int esp_internal_aes_decrypt( esp_aes_context *ctx,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ) unsigned char output[16] )
{ {
@@ -177,6 +185,14 @@ void esp_aes_decrypt( esp_aes_context *ctx,
esp_aes_setkey_hardware(ctx, ESP_AES_DECRYPT); esp_aes_setkey_hardware(ctx, ESP_AES_DECRYPT);
esp_aes_block(input, output); esp_aes_block(input, output);
esp_aes_release_hardware(); esp_aes_release_hardware();
return 0;
}
void esp_aes_decrypt( esp_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16] )
{
esp_internal_aes_decrypt(ctx, input, output);
} }

10
components/esp32/include/hwcrypto/aes.h
View File

@@ -243,7 +243,10 @@ int esp_aes_crypt_ctr( esp_aes_context *ctx,
* \param input Plaintext block * \param input Plaintext block
* \param output Output (ciphertext) block * \param output Output (ciphertext) block
*/ */
void esp_aes_encrypt( esp_aes_context *ctx, const unsigned char input[16], unsigned char output[16] ); int esp_internal_aes_encrypt( esp_aes_context *ctx, const unsigned char input[16], unsigned char output[16] );
/** Deprecated, see esp_aes_internal_encrypt */
void esp_aes_encrypt( esp_aes_context *ctx, const unsigned char input[16], unsigned char output[16] ) __attribute__((deprecated));
/** /**
* \brief Internal AES block decryption function * \brief Internal AES block decryption function
@@ -254,7 +257,10 @@ void esp_aes_encrypt( esp_aes_context *ctx, const unsigned char input[16], unsig
* \param input Ciphertext block * \param input Ciphertext block
* \param output Output (plaintext) block * \param output Output (plaintext) block
*/ */
void esp_aes_decrypt( esp_aes_context *ctx, const unsigned char input[16], unsigned char output[16] ); int esp_internal_aes_decrypt( esp_aes_context *ctx, const unsigned char input[16], unsigned char output[16] );
/** Deprecated, see esp_aes_internal_decrypt */
void esp_aes_decrypt( esp_aes_context *ctx, const unsigned char input[16], unsigned char output[16] ) __attribute__((deprecated));
#ifdef __cplusplus #ifdef __cplusplus
} }

4
components/mbedtls/port/include/aes_alt.h
View File

@@ -47,8 +47,8 @@ typedef esp_aes_context mbedtls_aes_context;
#if defined(MBEDTLS_CIPHER_MODE_CTR) #if defined(MBEDTLS_CIPHER_MODE_CTR)
#define mbedtls_aes_crypt_ctr esp_aes_crypt_ctr #define mbedtls_aes_crypt_ctr esp_aes_crypt_ctr
#endif #endif
#define mbedtls_aes_encrypt esp_aes_encrypt #define mbedtls_internal_aes_encrypt esp_internal_aes_encrypt
#define mbedtls_aes_decrypt esp_aes_decrypt #define mbedtls_internal_aes_decrypt esp_internal_aes_decrypt
#endif /* MBEDTLS_AES_ALT */ #endif /* MBEDTLS_AES_ALT */
#ifdef __cplusplus #ifdef __cplusplus

7
components/wpa_supplicant/src/fast_crypto/fast_aes-unwrap.c
View File

@@ -58,7 +58,10 @@ fast_aes_unwrap(const uint8_t *kek, int n, const uint8_t *cipher, uint8_t *plain
os_memcpy(b, a, 8); os_memcpy(b, a, 8);
b[7] ^= n * j + i; b[7] ^= n * j + i;
os_memcpy(b + 8, r, 8); os_memcpy(b + 8, r, 8);
mbedtls_aes_decrypt(&ctx, b, b); ret = mbedtls_internal_aes_decrypt(&ctx, b, b);
if (ret != 0) {
break;
}
os_memcpy(a, b, 8); os_memcpy(a, b, 8);
os_memcpy(r, b + 8, 8); os_memcpy(r, b + 8, 8);
r -= 8; r -= 8;
@@ -77,5 +80,5 @@ fast_aes_unwrap(const uint8_t *kek, int n, const uint8_t *cipher, uint8_t *plain
} }
} }
return 0; return ret;
} }

7
components/wpa_supplicant/src/fast_crypto/fast_aes-wrap.c
View File

@@ -61,7 +61,10 @@ int fast_aes_wrap(const uint8_t *kek, int n, const uint8_t *plain, uint8_t *ciph
for (i = 1; i <= n; i++) { for (i = 1; i <= n; i++) {
os_memcpy(b, a, 8); os_memcpy(b, a, 8);
os_memcpy(b + 8, r, 8); os_memcpy(b + 8, r, 8);
mbedtls_aes_encrypt(&ctx, b, b); ret = mbedtls_internal_aes_encrypt(&ctx, b, b);
if (ret != 0) {
break;
}
os_memcpy(a, b, 8); os_memcpy(a, b, 8);
a[7] ^= n * j + i; a[7] ^= n * j + i;
os_memcpy(r, b + 8, 8); os_memcpy(r, b + 8, 8);
@@ -76,5 +79,5 @@ int fast_aes_wrap(const uint8_t *kek, int n, const uint8_t *plain, uint8_t *ciph
* variables. * variables.
*/ */
return 0; return ret;
} }

8
components/wpa_supplicant/src/fast_crypto/fast_crypto_internal-cipher.c
View File

@@ -136,7 +136,9 @@ int fast_crypto_cipher_encrypt(struct crypto_cipher *ctx, const uint8_t *plain,
for (i = 0; i < blocks; i++) { for (i = 0; i < blocks; i++) {
for (j = 0; j < AES_BLOCK_SIZE; j++) for (j = 0; j < AES_BLOCK_SIZE; j++)
fast_ctx->u.aes.cbc[j] ^= plain[j]; fast_ctx->u.aes.cbc[j] ^= plain[j];
mbedtls_aes_encrypt(&(fast_ctx->u.aes.ctx_enc), fast_ctx->u.aes.cbc, fast_ctx->u.aes.cbc); if (mbedtls_internal_aes_encrypt(&(fast_ctx->u.aes.ctx_enc), fast_ctx->u.aes.cbc, fast_ctx->u.aes.cbc) != 0) {
return -1;
}
os_memcpy(crypt, fast_ctx->u.aes.cbc, AES_BLOCK_SIZE); os_memcpy(crypt, fast_ctx->u.aes.cbc, AES_BLOCK_SIZE);
plain += AES_BLOCK_SIZE; plain += AES_BLOCK_SIZE;
crypt += AES_BLOCK_SIZE; crypt += AES_BLOCK_SIZE;
@@ -209,7 +211,9 @@ int fast_crypto_cipher_decrypt(struct crypto_cipher *ctx, const uint8_t *crypt,
blocks = len / AES_BLOCK_SIZE; blocks = len / AES_BLOCK_SIZE;
for (i = 0; i < blocks; i++) { for (i = 0; i < blocks; i++) {
os_memcpy(tmp, crypt, AES_BLOCK_SIZE); os_memcpy(tmp, crypt, AES_BLOCK_SIZE);
mbedtls_aes_decrypt(&(fast_ctx->u.aes.ctx_dec), crypt, plain); if (mbedtls_internal_aes_decrypt(&(fast_ctx->u.aes.ctx_dec), crypt, plain) != 0) {
return -1;
}
for (j = 0; j < AES_BLOCK_SIZE; j++) for (j = 0; j < AES_BLOCK_SIZE; j++)
plain[j] ^= fast_ctx->u.aes.cbc[j]; plain[j] ^= fast_ctx->u.aes.cbc[j];
os_memcpy(fast_ctx->u.aes.cbc, tmp, AES_BLOCK_SIZE); os_memcpy(fast_ctx->u.aes.cbc, tmp, AES_BLOCK_SIZE);