diff --git a/components/mbedtls/port/esp32s2/aes.c b/components/mbedtls/port/esp32s2/aes.c index 6ac113c88e..ed367a494d 100644 --- a/components/mbedtls/port/esp32s2/aes.c +++ b/components/mbedtls/port/esp32s2/aes.c @@ -405,7 +405,8 @@ static int esp_aes_process_dma(esp_aes_context *ctx, const unsigned char *input, { lldesc_t stream_in_desc, stream_out_desc; lldesc_t *in_desc_head, *out_desc_head; - lldesc_t *block_desc = NULL, *block_in_desc, *block_out_desc; + lldesc_t *out_desc_tail = NULL; /* pointer to the final output descriptor */ + lldesc_t *block_desc = NULL, *block_in_desc = NULL, *block_out_desc = NULL; size_t lldesc_num; uint8_t stream_in[16] = {}; unsigned stream_bytes = len % AES_BLOCK_BYTES; // bytes which aren't in a full block @@ -472,8 +473,10 @@ static int esp_aes_process_dma(esp_aes_context *ctx, const unsigned char *input, block_in_desc = block_desc; block_out_desc = block_desc + lldesc_num; - lldesc_setup_link(block_desc, input, block_bytes, 0); - lldesc_setup_link(block_desc + lldesc_num, output, block_bytes, 0); + lldesc_setup_link(block_in_desc, input, block_bytes, 0); + lldesc_setup_link(block_out_desc, output, block_bytes, 0); + + out_desc_tail = &block_out_desc[lldesc_num - 1]; } /* Any leftover bytes which are appended as an additional DMA list */ @@ -488,6 +491,8 @@ static int esp_aes_process_dma(esp_aes_context *ctx, const unsigned char *input, block_in_desc[lldesc_num - 1].empty = (uint32_t)&stream_in_desc; block_out_desc[lldesc_num - 1].empty = (uint32_t)&stream_out_desc; } + + out_desc_tail = &stream_out_desc; } // block buffers are sent to DMA first, unless there aren't any @@ -516,7 +521,7 @@ static int esp_aes_process_dma(esp_aes_context *ctx, const unsigned char *input, /* Start AES operation */ REG_WRITE(AES_TRIGGER_REG, 1); - esp_aes_dma_wait_complete(use_intr, out_desc_head); + esp_aes_dma_wait_complete(use_intr, out_desc_tail); diff --git a/components/mbedtls/test/test_aes.c b/components/mbedtls/test/test_aes.c index aaa2f5f5f6..9da0645510 100644 --- a/components/mbedtls/test/test_aes.c +++ b/components/mbedtls/test/test_aes.c @@ -8,6 +8,7 @@ #include "mbedtls/gcm.h" #include "unity.h" #include "sdkconfig.h" +#include "esp_log.h" #include "esp_timer.h" #include "esp_heap_caps.h" #include "test_utils.h" @@ -73,7 +74,7 @@ TEST_CASE("mbedtls CTR stream test", "[aes]") no matter how many bytes we encrypt each call */ for (int bytes_to_process = 1; bytes_to_process < SZ; bytes_to_process++) { - + ESP_LOGD("test", "bytes_to_process %d", bytes_to_process); memset(nonce, 0xEE, 16); memset(chipertext, 0x0, SZ); memset(decryptedtext, 0x0, SZ); @@ -87,10 +88,14 @@ TEST_CASE("mbedtls CTR stream test", "[aes]") mbedtls_aes_crypt_ctr(&ctx, length, &offset, nonce, stream_block, plaintext + idx, chipertext + idx ); } + ESP_LOG_BUFFER_HEXDUMP("expected", expected_cipher, SZ, ESP_LOG_DEBUG); + ESP_LOG_BUFFER_HEXDUMP("actual ", chipertext, SZ, ESP_LOG_DEBUG); + TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_cipher, chipertext, SZ); // Decrypt memset(nonce, 0xEE, 16); + memset(decryptedtext, 0x22, SZ); offset = 0; for (int idx = 0; idx < SZ; idx = idx + bytes_to_process) { // Limit length of last call to avoid exceeding buffer size @@ -98,6 +103,7 @@ TEST_CASE("mbedtls CTR stream test", "[aes]") mbedtls_aes_crypt_ctr(&ctx, length, &offset, nonce, stream_block, chipertext + idx, decryptedtext + idx ); } + ESP_LOG_BUFFER_HEXDUMP("decrypted", decryptedtext, SZ, ESP_LOG_DEBUG); TEST_ASSERT_EQUAL_HEX8_ARRAY(plaintext, decryptedtext, SZ); } free(plaintext); @@ -273,6 +279,7 @@ TEST_CASE("mbedtls OFB stream test", "[aes]") */ for (int bytes_to_process = 1; bytes_to_process < SZ; bytes_to_process++) { + ESP_LOGD("test", "bytes_to_process %d", bytes_to_process); // Encrypt memset(iv, 0xEE, 16); size_t offset = 0; @@ -286,6 +293,7 @@ TEST_CASE("mbedtls OFB stream test", "[aes]") // Decrypt memset(iv, 0xEE, 16); + memset(decryptedtext, 0x22, SZ); offset = 0; for (int idx = 0; idx < SZ; idx = idx + bytes_to_process) { // Limit length of last call to avoid exceeding buffer size