feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

add XtsAes structure and change XTS-AES API

Browse Source
This commit is contained in:
Jacob Barthelmeh
2017-09-08 16:00:33 -06:00
parent c482524b78
commit 398252ddad
6 changed files with 178 additions and 190 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
wolfcrypt/benchmark/benchmark.c
View File

@ -1343,7 +1343,7 @@ exit:
#ifdef WOLFSSL_AES_XTS
void bench_aesxts(void)
{
Aes aes, tweak;
XtsAes aes;
double start;
int i, count, ret;
@ -1359,7 +1359,7 @@ void bench_aesxts(void)
0x6e, 0x4b, 0x92, 0x01, 0x3e, 0x76, 0x8a, 0xd5
};
ret = wc_AesXtsSetKey(&tweak, &aes, k1, sizeof(k1), AES_ENCRYPTION,
ret = wc_AesXtsSetKey(&aes, k1, sizeof(k1), AES_ENCRYPTION,
HEAP_HINT, devId);
if (ret != 0) {
printf("wc_AesXtsSetKey failed, ret = %d\n", ret);
@ -1369,7 +1369,7 @@ void bench_aesxts(void)
bench_stats_start(&count, &start);
do {
for (i = 0; i < numBlocks; i++) {
if ((ret = wc_AesXtsEncrypt(&tweak, &aes, bench_plain, bench_cipher,
if ((ret = wc_AesXtsEncrypt(&aes, bench_plain, bench_cipher,
BENCH_SIZE, i1, sizeof(i1))) != 0) {
printf("wc_AesXtsEncrypt failed, ret = %d\n", ret);
return;
@ -1378,11 +1378,10 @@ void bench_aesxts(void)
count += i;
} while (bench_stats_sym_check(start));
bench_stats_sym_finish("AES-XTS-enc", 0, count, start, ret);
wc_AesFree(&aes);
wc_AesFree(&tweak);
wc_AesXtsFree(&aes);
/* decryption benchmark */
ret = wc_AesXtsSetKey(&tweak, &aes, k1, sizeof(k1), AES_DECRYPTION,
ret = wc_AesXtsSetKey(&aes, k1, sizeof(k1), AES_DECRYPTION,
HEAP_HINT, devId);
if (ret != 0) {
printf("wc_AesXtsSetKey failed, ret = %d\n", ret);
@ -1392,7 +1391,7 @@ void bench_aesxts(void)
bench_stats_start(&count, &start);
do {
for (i = 0; i < numBlocks; i++) {
if ((ret = wc_AesXtsDecrypt(&tweak, &aes, bench_plain, bench_cipher,
if ((ret = wc_AesXtsDecrypt(&aes, bench_plain, bench_cipher,
BENCH_SIZE, i1, sizeof(i1))) != 0) {
printf("wc_AesXtsDecrypt failed, ret = %d\n", ret);
return;
@ -1401,8 +1400,7 @@ void bench_aesxts(void)
count += i;
} while (bench_stats_sym_check(start));
bench_stats_sym_finish("AES-XTS-dec", 0, count, start, ret);
wc_AesFree(&aes);
wc_AesFree(&tweak);
wc_AesXtsFree(&aes);
}
#endif /* WOLFSSL_AES_XTS */

102
wolfcrypt/src/aes.c
View File

@ -1794,9 +1794,6 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
if (!((keylen == 16) || (keylen == 24) || (keylen == 32)))
return BAD_FUNC_ARG;
#ifdef WOLFSSL_AES_XTS
aes->type = (byte)dir;
#endif
aes->keylen = keylen;
aes->rounds = keylen/4 + 6;
XMEMCPY(rk, userKey, keylen);
@ -1866,9 +1863,6 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
if (aes == NULL)
return BAD_FUNC_ARG;
#ifdef WOLFSSL_AES_XTS
aes->type = (byte)dir;
#endif
aes->keylen = keylen;
aes->rounds = keylen/4 + 6;
XMEMCPY(aes->key, userKey, keylen);
@ -1888,9 +1882,6 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
aes->rounds = keylen/4 + 6;
XMEMCPY(aes->key, userKey, keylen);
#ifdef WOLFSSL_AES_XTS
aes->type = (byte)dir;
#endif
#ifdef WOLFSSL_AES_COUNTER
aes->left = 0;
#endif /* WOLFSSL_AES_COUNTER */
@ -1918,9 +1909,6 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
if (rk == NULL)
return BAD_FUNC_ARG;
#ifdef WOLFSSL_AES_XTS
aes->type = (byte)dir;
#endif
#ifdef WOLFSSL_AES_COUNTER
aes->left = 0;
#endif /* WOLFSSL_AES_COUNTER */
@ -1961,9 +1949,6 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
if (keylen != 16)
return BAD_FUNC_ARG;
#ifdef WOLFSSL_AES_XTS
aes->type = (byte)dir;
#endif
aes->keylen = keylen;
aes->rounds = keylen/4 + 6;
ret = nrf51_aes_set_key(userKey);
@ -1990,9 +1975,6 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
#ifdef WOLFSSL_AESNI
aes->use_aesni = 0;
#endif /* WOLFSSL_AESNI */
#ifdef WOLFSSL_AES_XTS
aes->type = (byte)dir;
#endif
#ifdef WOLFSSL_AES_COUNTER
aes->left = 0;
#endif /* WOLFSSL_AES_COUNTER */
@ -2155,9 +2137,6 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
if (keylen > max_key_len) {
return BAD_FUNC_ARG;
}
#endif
#ifdef WOLFSSL_AES_XTS
aes->type = (byte)dir;
#endif
aes->keylen = keylen;
aes->rounds = keylen/4 + 6;
@ -8051,28 +8030,34 @@ int wc_AesKeyUnWrap(const byte* key, word32 keySz, const byte* in, word32 inSz,
*
* return 0 on success
*/
int wc_AesXtsSetKey(Aes* tweak, Aes* aes, const byte* key, word32 len, int dir,
int wc_AesXtsSetKey(XtsAes* aes, const byte* key, word32 len, int dir,
void* heap, int devId)
{
word32 keySz;
int ret = 0;
if (aes == NULL || tweak == NULL || key == NULL) {
if (aes == NULL || key == NULL) {
return BAD_FUNC_ARG;
}
if ((ret = wc_AesInit(tweak, heap, devId)) != 0) {
if ((ret = wc_AesInit(&aes->tweak, heap, devId)) != 0) {
return ret;
}
if ((ret = wc_AesInit(aes, heap, devId)) != 0) {
if ((ret = wc_AesInit(&aes->aes, heap, devId)) != 0) {
return ret;
}
keySz = len/2;
if ((ret = wc_AesSetKey(aes, key, keySz, NULL, dir)) == 0) {
ret = wc_AesSetKey(tweak, key + keySz, keySz, NULL, AES_ENCRYPTION);
if (keySz != 16 && keySz != 32) {
WOLFSSL_MSG("Unsupported key size");
return WC_KEY_SIZE_E;
}
if ((ret = wc_AesSetKey(&aes->aes, key, keySz, NULL, dir)) == 0) {
ret = wc_AesSetKey(&aes->tweak, key + keySz, keySz, NULL,
AES_ENCRYPTION);
if (ret != 0) {
wc_AesFree(aes);
wc_AesFree(&aes->aes);
}
}
@ -8080,12 +8065,28 @@ int wc_AesXtsSetKey(Aes* tweak, Aes* aes, const byte* key, word32 len, int dir,
}
/* This is used to free up resources used by Aes structs
*
* aes AES keys to free
*
* return 0 on success
*/
int wc_AesXtsFree(XtsAes* aes)
{
if (aes != NULL) {
wc_AesFree(&aes->aes);
wc_AesFree(&aes->tweak);
}
return 0;
}
/* Same process as wc_AesXtsEncrypt but uses a word64 type as the tweak value
* instead of a byte array. This just converts the word64 to a byte array and
* calls wc_AesXtsEncrypt.
*
* tweak AES tweak key to use
* aes AES key to use for block encrypt/decrypt
* aes AES keys to use for block encrypt/decrypt
* out output buffer to hold cipher text
* in input plain text buffer to encrypt
* sz size of both out and in buffers
@ -8093,7 +8094,7 @@ int wc_AesXtsSetKey(Aes* tweak, Aes* aes, const byte* key, word32 len, int dir,
*
* returns 0 on success
*/
int wc_AesXtsEncryptSector(Aes* tweak, Aes* aes, byte* out, const byte* in,
int wc_AesXtsEncryptSector(XtsAes* aes, byte* out, const byte* in,
word32 sz, word64 sector)
{
byte* pt;
@ -8106,16 +8107,14 @@ int wc_AesXtsEncryptSector(Aes* tweak, Aes* aes, byte* out, const byte* in,
pt = (byte*)&sector;
XMEMCPY(i, pt, sizeof(word64));
return wc_AesXtsEncrypt(tweak, aes, out, in, sz,
(const byte*)i, AES_BLOCK_SIZE);
return wc_AesXtsEncrypt(aes, out, in, sz, (const byte*)i, AES_BLOCK_SIZE);
}
/* Same process as wc_AesXtsDecrypt but uses a word64 type as the tweak value
* instead of a byte array. This just converts the word64 to a byte array.
*
* tweak AES tweak key to use
* aes AES key to use for block encrypt/decrypt
* aes AES keys to use for block encrypt/decrypt
* out output buffer to hold plain text
* in input cipher text buffer to encrypt
* sz size of both out and in buffers
@ -8123,7 +8122,7 @@ int wc_AesXtsEncryptSector(Aes* tweak, Aes* aes, byte* out, const byte* in,
*
* returns 0 on success
*/
int wc_AesXtsDecryptSector(Aes* tweak, Aes* aes, byte* out, const byte* in, word32 sz,
int wc_AesXtsDecryptSector(XtsAes* aes, byte* out, const byte* in, word32 sz,
word64 sector)
{
byte* pt;
@ -8136,15 +8135,13 @@ int wc_AesXtsDecryptSector(Aes* tweak, Aes* aes, byte* out, const byte* in, word
pt = (byte*)&sector;
XMEMCPY(i, pt, sizeof(word64));
return wc_AesXtsDecrypt(tweak, aes, out, in, sz,
(const byte*)i, AES_BLOCK_SIZE);
return wc_AesXtsDecrypt(aes, out, in, sz, (const byte*)i, AES_BLOCK_SIZE);
}
/* AES with XTS mode. (XTS) XEX encryption with Tweak and cipher text Stealing.
*
* tweak AES tweak key to use
* aes AES key to use for block encrypt/decrypt
* xaes AES keys to use for block encrypt/decrypt
* out output buffer to hold cipher text
* in input plain text buffer to encrypt
* sz size of both out and in buffers
@ -8154,20 +8151,19 @@ int wc_AesXtsDecryptSector(Aes* tweak, Aes* aes, byte* out, const byte* in, word
*
* returns 0 on success
*/
int wc_AesXtsEncrypt(Aes* tweak, Aes* aes, byte* out, const byte* in, word32 sz,
int wc_AesXtsEncrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
const byte* i, word32 iSz)
{
int ret = 0;
word32 blocks = (sz / AES_BLOCK_SIZE);
Aes *aes, *tweak;
if (aes == NULL || tweak == NULL) {
if (xaes == NULL || out == NULL) {
return BAD_FUNC_ARG;
}
if (aes->type != AES_ENCRYPTION || tweak->type != AES_ENCRYPTION) {
WOLFSSL_MSG("Both aes and tweak type should be AES_ENCRYPTION");
return BAD_FUNC_ARG;
}
aes = &xaes->aes;
tweak = &xaes->tweak;
if (iSz < AES_BLOCK_SIZE) {
return BAD_FUNC_ARG;
@ -8238,8 +8234,7 @@ int wc_AesXtsEncrypt(Aes* tweak, Aes* aes, byte* out, const byte* in, word32 sz,
/* Same process as encryption but Aes key is AES_DECRYPTION type.
*
* tweak AES tweak key to use
* aes AES key to use for block encrypt/decrypt
* xaes AES keys to use for block encrypt/decrypt
* out output buffer to hold plain text
* in input cipher text buffer to decrypt
* sz size of both out and in buffers
@ -8249,20 +8244,19 @@ int wc_AesXtsEncrypt(Aes* tweak, Aes* aes, byte* out, const byte* in, word32 sz,
*
* returns 0 on success
*/
int wc_AesXtsDecrypt(Aes* tweak, Aes* aes, byte* out, const byte* in, word32 sz,
int wc_AesXtsDecrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
const byte* i, word32 iSz)
{
int ret = 0;
word32 blocks = (sz / AES_BLOCK_SIZE);
Aes *aes, *tweak;
if (aes == NULL || tweak == NULL) {
if (xaes == NULL || out == NULL) {
return BAD_FUNC_ARG;
}
if (aes->type != AES_DECRYPTION || tweak->type != AES_ENCRYPTION) {
WOLFSSL_MSG("aes param should be decryption type and tweak encryption");
return BAD_FUNC_ARG;
}
aes = &xaes->aes;
tweak = &xaes->tweak;
if (iSz < AES_BLOCK_SIZE) {
return BAD_FUNC_ARG;

3
wolfcrypt/src/port/arm/armv8-aes.c
View File

@ -172,9 +172,6 @@ int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
}
#endif
#ifdef WOLFSSL_AES_XTS
aes->type = dir;
#endif
#ifdef WOLFSSL_AES_COUNTER
aes->left = 0;
#endif /* WOLFSSL_AES_COUNTER */

3
wolfcrypt/src/port/ti/ti-aes.c
View File

@ -75,9 +75,6 @@ WOLFSSL_API int wc_AesSetKey(Aes* aes, const byte* key, word32 len, const byte*
}
XMEMCPY(aes->key, key, len) ;
#ifdef WOLFSSL_AES_XTS
aes->type = dir;
#endif
#ifdef WOLFSSL_AES_COUNTER
aes->left = 0;
#endif /* WOLFSSL_AES_COUNTER */

130
wolfcrypt/test/test.c
View File

@ -4206,8 +4206,7 @@ static int aes_key_size_test(void)
/* test vectors from http://csrc.nist.gov/groups/STM/cavp/block-cipher-modes.html */
static int aes_xts_128_test(void)
{
Aes aes;
Aes tweak;
XtsAes aes;
int ret = 0;
unsigned char buf[AES_BLOCK_SIZE * 2];
unsigned char cipher[AES_BLOCK_SIZE * 2];
@ -4269,10 +4268,10 @@ static int aes_xts_128_test(void)
};
XMEMSET(buf, 0, sizeof(buf));
if (wc_AesXtsSetKey(&tweak, &aes, k2, sizeof(k2), AES_ENCRYPTION,
if (wc_AesXtsSetKey(&aes, k2, sizeof(k2), AES_ENCRYPTION,
HEAP_HINT, devId) != 0)
return -4000;
ret = wc_AesXtsEncrypt(&tweak, &aes, buf, p2, sizeof(p2), i2, sizeof(i2));
ret = wc_AesXtsEncrypt(&aes, buf, p2, sizeof(p2), i2, sizeof(i2));
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
@ -4282,10 +4281,10 @@ static int aes_xts_128_test(void)
return -4002;
XMEMSET(buf, 0, sizeof(buf));
if (wc_AesXtsSetKey(&tweak, &aes, k1, sizeof(k1), AES_ENCRYPTION,
if (wc_AesXtsSetKey(&aes, k1, sizeof(k1), AES_ENCRYPTION,
HEAP_HINT, devId) != 0)
return -4003;
ret = wc_AesXtsEncrypt(&tweak, &aes, buf, p1, sizeof(p1), i1, sizeof(i1));
ret = wc_AesXtsEncrypt(&aes, buf, p1, sizeof(p1), i1, sizeof(i1));
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
@ -4296,21 +4295,20 @@ static int aes_xts_128_test(void)
/* partial block encryption test */
XMEMSET(cipher, 0, sizeof(cipher));
ret = wc_AesXtsEncrypt(&tweak, &aes, cipher, pp, sizeof(pp), i1, sizeof(i1));
ret = wc_AesXtsEncrypt(&aes, cipher, pp, sizeof(pp), i1, sizeof(i1));
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0)
return -4006;
wc_AesFree(&aes);
wc_AesFree(&tweak);
wc_AesXtsFree(&aes);
/* partial block decrypt test */
XMEMSET(buf, 0, sizeof(buf));
if (wc_AesXtsSetKey(&tweak, &aes, k1, sizeof(k1), AES_DECRYPTION,
if (wc_AesXtsSetKey(&aes, k1, sizeof(k1), AES_DECRYPTION,
HEAP_HINT, devId) != 0)
return -4007;
ret = wc_AesXtsDecrypt(&tweak, &aes, buf, cipher, sizeof(pp), i1, sizeof(i1));
ret = wc_AesXtsDecrypt(&aes, buf, cipher, sizeof(pp), i1, sizeof(i1));
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
@ -4321,7 +4319,7 @@ static int aes_xts_128_test(void)
/* NIST decrypt test vector */
XMEMSET(buf, 0, sizeof(buf));
ret = wc_AesXtsDecrypt(&tweak, &aes, buf, c1, sizeof(c1), i1, sizeof(i1));
ret = wc_AesXtsDecrypt(&aes, buf, c1, sizeof(c1), i1, sizeof(i1));
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
@ -4332,7 +4330,7 @@ static int aes_xts_128_test(void)
/* fail case with decrypting using wrong key */
XMEMSET(buf, 0, sizeof(buf));
ret = wc_AesXtsDecrypt(&tweak, &aes, buf, c2, sizeof(c2), i2, sizeof(i2));
ret = wc_AesXtsDecrypt(&aes, buf, c2, sizeof(c2), i2, sizeof(i2));
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
@ -4343,10 +4341,10 @@ static int aes_xts_128_test(void)
/* set correct key and retest */
XMEMSET(buf, 0, sizeof(buf));
if (wc_AesXtsSetKey(&tweak, &aes, k2, sizeof(k2), AES_DECRYPTION,
if (wc_AesXtsSetKey(&aes, k2, sizeof(k2), AES_DECRYPTION,
HEAP_HINT, devId) != 0)
return -4014;
ret = wc_AesXtsDecrypt(&tweak, &aes, buf, c2, sizeof(c2), i2, sizeof(i2));
ret = wc_AesXtsDecrypt(&aes, buf, c2, sizeof(c2), i2, sizeof(i2));
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
@ -4354,8 +4352,7 @@ static int aes_xts_128_test(void)
return -4015;
if (XMEMCMP(p2, buf, sizeof(p2)))
return -4016;
wc_AesFree(&aes);
wc_AesFree(&tweak);
wc_AesXtsFree(&aes);
return ret;
}
@ -4363,8 +4360,7 @@ static int aes_xts_128_test(void)
static int aes_xts_256_test(void)
{
Aes aes;
Aes tweak;
XtsAes aes;
int ret = 0;
unsigned char buf[AES_BLOCK_SIZE * 3];
unsigned char cipher[AES_BLOCK_SIZE * 3];
@ -4442,10 +4438,10 @@ static int aes_xts_256_test(void)
};
XMEMSET(buf, 0, sizeof(buf));
if (wc_AesXtsSetKey(&tweak, &aes, k2, sizeof(k2), AES_ENCRYPTION,
if (wc_AesXtsSetKey(&aes, k2, sizeof(k2), AES_ENCRYPTION,
HEAP_HINT, devId) != 0)
return -4017;
ret = wc_AesXtsEncrypt(&tweak, &aes, buf, p2, sizeof(p2), i2, sizeof(i2));
ret = wc_AesXtsEncrypt(&aes, buf, p2, sizeof(p2), i2, sizeof(i2));
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
@ -4455,10 +4451,10 @@ static int aes_xts_256_test(void)
return -4019;
XMEMSET(buf, 0, sizeof(buf));
if (wc_AesXtsSetKey(&tweak, &aes, k1, sizeof(k1), AES_ENCRYPTION,
if (wc_AesXtsSetKey(&aes, k1, sizeof(k1), AES_ENCRYPTION,
HEAP_HINT, devId) != 0)
return -4020;
ret = wc_AesXtsEncrypt(&tweak, &aes, buf, p1, sizeof(p1), i1, sizeof(i1));
ret = wc_AesXtsEncrypt(&aes, buf, p1, sizeof(p1), i1, sizeof(i1));
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
@ -4469,21 +4465,20 @@ static int aes_xts_256_test(void)
/* partial block encryption test */
XMEMSET(cipher, 0, sizeof(cipher));
ret = wc_AesXtsEncrypt(&tweak, &aes, cipher, pp, sizeof(pp), i1, sizeof(i1));
ret = wc_AesXtsEncrypt(&aes, cipher, pp, sizeof(pp), i1, sizeof(i1));
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0)
return -4023;
wc_AesFree(&aes);
wc_AesFree(&tweak);
wc_AesXtsFree(&aes);
/* partial block decrypt test */
XMEMSET(buf, 0, sizeof(buf));
if (wc_AesXtsSetKey(&tweak, &aes, k1, sizeof(k1), AES_DECRYPTION,
if (wc_AesXtsSetKey(&aes, k1, sizeof(k1), AES_DECRYPTION,
HEAP_HINT, devId) != 0)
return -4024;
ret = wc_AesXtsDecrypt(&tweak, &aes, buf, cipher, sizeof(pp), i1, sizeof(i1));
ret = wc_AesXtsDecrypt(&aes, buf, cipher, sizeof(pp), i1, sizeof(i1));
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
@ -4494,7 +4489,7 @@ static int aes_xts_256_test(void)
/* NIST decrypt test vector */
XMEMSET(buf, 0, sizeof(buf));
ret = wc_AesXtsDecrypt(&tweak, &aes, buf, c1, sizeof(c1), i1, sizeof(i1));
ret = wc_AesXtsDecrypt(&aes, buf, c1, sizeof(c1), i1, sizeof(i1));
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
@ -4504,10 +4499,10 @@ static int aes_xts_256_test(void)
return -4028;
XMEMSET(buf, 0, sizeof(buf));
if (wc_AesXtsSetKey(&tweak, &aes, k2, sizeof(k2), AES_DECRYPTION,
if (wc_AesXtsSetKey(&aes, k2, sizeof(k2), AES_DECRYPTION,
HEAP_HINT, devId) != 0)
return -4029;
ret = wc_AesXtsDecrypt(&tweak, &aes, buf, c2, sizeof(c2), i2, sizeof(i2));
ret = wc_AesXtsDecrypt(&aes, buf, c2, sizeof(c2), i2, sizeof(i2));
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
@ -4515,8 +4510,7 @@ static int aes_xts_256_test(void)
return -4030;
if (XMEMCMP(p2, buf, sizeof(p2)))
return -4031;
wc_AesFree(&aes);
wc_AesFree(&tweak);
wc_AesXtsFree(&aes);
return ret;
}
@ -4525,8 +4519,7 @@ static int aes_xts_256_test(void)
/* both 128 and 256 bit key test */
static int aes_xts_sector_test(void)
{
Aes aes;
Aes tweak;
XtsAes aes;
int ret = 0;
unsigned char buf[AES_BLOCK_SIZE * 2];
@ -4577,10 +4570,10 @@ static int aes_xts_sector_test(void)
word64 s2 = 187;
XMEMSET(buf, 0, sizeof(buf));
if (wc_AesXtsSetKey(&tweak, &aes, k1, sizeof(k1), AES_ENCRYPTION,
if (wc_AesXtsSetKey(&aes, k1, sizeof(k1), AES_ENCRYPTION,
HEAP_HINT, devId) != 0)
return -4032;
ret = wc_AesXtsEncryptSector(&tweak, &aes, buf, p1, sizeof(p1), s1);
ret = wc_AesXtsEncryptSector(&aes, buf, p1, sizeof(p1), s1);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
@ -4591,10 +4584,10 @@ static int aes_xts_sector_test(void)
/* decrypt test */
XMEMSET(buf, 0, sizeof(buf));
if (wc_AesXtsSetKey(&tweak, &aes, k1, sizeof(k1), AES_DECRYPTION,
if (wc_AesXtsSetKey(&aes, k1, sizeof(k1), AES_DECRYPTION,
HEAP_HINT, devId) != 0)
return -4035;
ret = wc_AesXtsDecryptSector(&tweak, &aes, buf, c1, sizeof(c1), s1);
ret = wc_AesXtsDecryptSector(&aes, buf, c1, sizeof(c1), s1);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
@ -4602,15 +4595,14 @@ static int aes_xts_sector_test(void)
return -4036;
if (XMEMCMP(p1, buf, AES_BLOCK_SIZE))
return -4037;
wc_AesFree(&aes);
wc_AesFree(&tweak);
wc_AesXtsFree(&aes);
/* 256 bit key tests */
XMEMSET(buf, 0, sizeof(buf));
if (wc_AesXtsSetKey(&tweak, &aes, k2, sizeof(k2), AES_ENCRYPTION,
if (wc_AesXtsSetKey(&aes, k2, sizeof(k2), AES_ENCRYPTION,
HEAP_HINT, devId) != 0)
return -4038;
ret = wc_AesXtsEncryptSector(&tweak, &aes, buf, p2, sizeof(p2), s2);
ret = wc_AesXtsEncryptSector(&aes, buf, p2, sizeof(p2), s2);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
@ -4621,10 +4613,10 @@ static int aes_xts_sector_test(void)
/* decrypt test */
XMEMSET(buf, 0, sizeof(buf));
if (wc_AesXtsSetKey(&tweak, &aes, k2, sizeof(k2), AES_DECRYPTION,
if (wc_AesXtsSetKey(&aes, k2, sizeof(k2), AES_DECRYPTION,
HEAP_HINT, devId) != 0)
return -4041;
ret = wc_AesXtsDecryptSector(&tweak, &aes, buf, c2, sizeof(c2), s2);
ret = wc_AesXtsDecryptSector(&aes, buf, c2, sizeof(c2), s2);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
@ -4632,8 +4624,7 @@ static int aes_xts_sector_test(void)
return -4042;
if (XMEMCMP(p2, buf, sizeof(p2)))
return -4043;
wc_AesFree(&aes);
wc_AesFree(&tweak);
wc_AesXtsFree(&aes);
return ret;
}
@ -4642,8 +4633,7 @@ static int aes_xts_sector_test(void)
/* testing of bad arguments */
static int aes_xts_args_test(void)
{
Aes aes;
Aes tweak;
XtsAes aes;
int ret = 0;
unsigned char buf[AES_BLOCK_SIZE * 2];
@ -4666,52 +4656,50 @@ static int aes_xts_args_test(void)
};
word64 s1 = 141;
if (wc_AesXtsSetKey(NULL, &aes, k1, sizeof(k1), AES_ENCRYPTION,
if (wc_AesXtsSetKey(NULL, k1, sizeof(k1), AES_ENCRYPTION,
HEAP_HINT, devId) == 0)
return -4044;
if (wc_AesXtsSetKey(&tweak, NULL, k1, sizeof(k1), AES_ENCRYPTION,
if (wc_AesXtsSetKey(&aes, NULL, sizeof(k1), AES_ENCRYPTION,
HEAP_HINT, devId) == 0)
return -4045;
if (wc_AesXtsSetKey(&tweak, &aes, NULL, sizeof(k1), AES_ENCRYPTION,
HEAP_HINT, devId) == 0)
return -4046;
/* set up wrong encrypt / decrypt types for key */
wc_AesSetKey(&aes, k1, sizeof(k1)/2, NULL, AES_DECRYPTION);
wc_AesSetKey(&tweak, k1 + sizeof(k1)/2, sizeof(k1)/2, NULL, AES_ENCRYPTION);
ret = wc_AesXtsEncryptSector(&tweak, &aes, buf, p1, sizeof(p1), s1);
/* encryption operations */
if (wc_AesXtsSetKey(&aes, k1, sizeof(k1), AES_ENCRYPTION,
HEAP_HINT, devId) != 0)
return -4046;
ret = wc_AesXtsEncryptSector(NULL, buf, p1, sizeof(p1), s1);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret == 0)
return -4047;
wc_AesFree(&aes);
wc_AesFree(&tweak);
/* tweak must be encryption type. Test with wrong decryption type used */
wc_AesSetKey(&aes, k1, sizeof(k1)/2, NULL, AES_ENCRYPTION);
wc_AesSetKey(&tweak, k1 + sizeof(k1)/2, sizeof(k1)/2, NULL, AES_DECRYPTION);
ret = wc_AesXtsEncryptSector(&tweak, &aes, buf, p1, sizeof(p1), s1);
ret = wc_AesXtsEncryptSector(&aes, NULL, p1, sizeof(p1), s1);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret == 0)
return -4048;
wc_AesFree(&aes);
wc_AesFree(&tweak);
wc_AesXtsFree(&aes);
/* Test for fail with encryption key used for decryption */
if (wc_AesXtsSetKey(&tweak, &aes, k1, sizeof(k1), AES_ENCRYPTION,
/* decryption operations */
if (wc_AesXtsSetKey(&aes, k1, sizeof(k1), AES_DECRYPTION,
HEAP_HINT, devId) != 0)
return -4046;
ret = wc_AesXtsDecryptSector(NULL, buf, c1, sizeof(c1), s1);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret == 0)
return -4049;
ret = wc_AesXtsDecryptSector(&tweak, &aes, buf, c1, sizeof(c1), s1);
ret = wc_AesXtsDecryptSector(&aes, NULL, c1, sizeof(c1), s1);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret == 0)
return -4050;
wc_AesFree(&aes);
wc_AesFree(&tweak);
wc_AesXtsFree(&aes);
return 0;
}

114
wolfssl/wolfcrypt/aes.h
View File

@ -111,12 +111,14 @@ typedef struct Aes {
word32 kup;
#endif
void* heap; /* memory hint to use */
#ifdef WOLFSSL_AES_XTS
byte type; /* adds the ability to do a sanity check on key for
* encrypt/decrypt */
#endif
} Aes;
#ifdef WOLFSSL_AES_XTS
typedef struct XtsAes {
Aes aes;
Aes tweak;
} XtsAes;
#endif
#ifdef HAVE_AESGCM
typedef struct Gmac {
@ -220,12 +222,11 @@ WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out,
\brief This is to help with setting keys to correct encrypt or decrypt type.
\note Is up to user to call wc_AesFree on tweak and aes key when done.
\note Is up to user to call wc_AesXtsFree on aes key when done.
\return 0 Success
\param tweak AES key for tweak in XTS
\param aes AES key for encrypt/decrypt process
\param aes AES keys for encrypt/decrypt process
\param key buffer holding aes key | tweak key
\param len length of key buffer in bytes. Should be twice that of key size.
i.e. 32 for a 16 byte key.
@ -235,22 +236,20 @@ WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out,
_Example_
\code
Aes aes;
Aes tweak;
XtsAes aes;
if(wc_AesXtsSetKey(&tweak, &aes, key, sizeof(key), AES_ENCRYPTION, NULL, 0) != 0)
if(wc_AesXtsSetKey(&aes, key, sizeof(key), AES_ENCRYPTION, NULL, 0) != 0)
{
// Handle error
}
wc_AesFree(&aes);
wc_AesFree(&tweak);
wc_AesXtsFree(&aes);
\endcode
\sa wc_AesXtsEncrypt
\sa wc_AesXtsDecrypt
\sa wc_AesFree
\sa wc_AesXtsFree
*/
WOLFSSL_API int wc_AesXtsSetKey(Aes* tweak, Aes* aes, const byte* key,
WOLFSSL_API int wc_AesXtsSetKey(XtsAes* aes, const byte* key,
word32 len, int dir, void* heap, int devId);
@ -263,8 +262,7 @@ WOLFSSL_API int wc_AesXtsSetKey(Aes* tweak, Aes* aes, const byte* key,
\return 0 Success
\param tweak tweak AES tweak key to use
\param aes AES key to use for block encrypt/decrypt
\param aes AES keys to use for block encrypt/decrypt
\param out output buffer to hold cipher text
\param in input plain text buffer to encrypt
\param sz size of both out and in buffers
@ -272,28 +270,26 @@ WOLFSSL_API int wc_AesXtsSetKey(Aes* tweak, Aes* aes, const byte* key,
_Example_
\code
Aes aes;
Aes tweak;
XtsAes aes;
unsigned char plain[SIZE];
unsigned char cipher[SIZE];
word64 s = VALUE;
//set up keys with AES_ENCRYPTION as dir
if(wc_AesXtsEncryptSector(&tweak, &aes, cipher, plain, SIZE, s) != 0)
if(wc_AesXtsEncryptSector(&aes, cipher, plain, SIZE, s) != 0)
{
// Handle error
}
wc_AesFree(&aes);
wc_AesFree(&tweak);
wc_AesXtsFree(&aes);
\endcode
\sa wc_AesXtsEncrypt
\sa wc_AesXtsDecrypt
\sa wc_AesXtsSetKey
\sa wc_AesFree
\sa wc_AesXtsFree
*/
WOLFSSL_API int wc_AesXtsEncryptSector(Aes* tweak, Aes* aes, byte* out,
WOLFSSL_API int wc_AesXtsEncryptSector(XtsAes* aes, byte* out,
const byte* in, word32 sz, word64 sector);
@ -306,8 +302,7 @@ WOLFSSL_API int wc_AesXtsEncryptSector(Aes* tweak, Aes* aes, byte* out,
\return 0 Success
\param tweak AES tweak key to use
\param aes AES key to use for block encrypt/decrypt
\param aes AES keys to use for block encrypt/decrypt
\param out output buffer to hold plain text
\param in input cipher text buffer to decrypt
\param sz size of both out and in buffers
@ -315,28 +310,26 @@ WOLFSSL_API int wc_AesXtsEncryptSector(Aes* tweak, Aes* aes, byte* out,
_Example_
\code
Aes aes;
Aes tweak;
XtsAes aes;
unsigned char plain[SIZE];
unsigned char cipher[SIZE];
word64 s = VALUE;
//set up aes key with AES_DECRYPTION as dir and tweak with AES_ENCRYPTION
if(wc_AesXtsDecryptSector(&tweak, &aes, plain, cipher, SIZE, s) != 0)
if(wc_AesXtsDecryptSector(&aes, plain, cipher, SIZE, s) != 0)
{
// Handle error
}
wc_AesFree(&aes);
wc_AesFree(&tweak);
wc_AesXtsFree(&aes);
\endcode
\sa wc_AesXtsEncrypt
\sa wc_AesXtsDecrypt
\sa wc_AesXtsSetKey
\sa wc_AesFree
\sa wc_AesXtsFree
*/
WOLFSSL_API int wc_AesXtsDecryptSector(Aes* tweak, Aes* aes, byte* out,
WOLFSSL_API int wc_AesXtsDecryptSector(XtsAes* aes, byte* out,
const byte* in, word32 sz, word64 sector);
@ -348,8 +341,7 @@ WOLFSSL_API int wc_AesXtsDecryptSector(Aes* tweak, Aes* aes, byte* out,
\return 0 Success
\param tweak AES tweak key to use
\param aes AES key to use for block encrypt/decrypt
\param aes AES keys to use for block encrypt/decrypt
\param out output buffer to hold cipher text
\param in input plain text buffer to encrypt
\param sz size of both out and in buffers
@ -360,27 +352,25 @@ WOLFSSL_API int wc_AesXtsDecryptSector(Aes* tweak, Aes* aes, byte* out,
_Example_
\code
Aes aes;
Aes tweak;
XtsAes aes;
unsigned char plain[SIZE];
unsigned char cipher[SIZE];
unsigned char i[AES_BLOCK_SIZE];
//set up key with AES_ENCRYPTION as dir
if(wc_AesXtsEncrypt(&tweak, &aes, cipher, plain, SIZE, i, sizeof(i)) != 0)
if(wc_AesXtsEncrypt(&aes, cipher, plain, SIZE, i, sizeof(i)) != 0)
{
// Handle error
}
wc_AesFree(&aes);
wc_AesFree(&tweak);
wc_AesXtsFree(&aes);
\endcode
\sa wc_AesXtsDecrypt
\sa wc_AesXtsSetKey
\sa wc_AesFree
\sa wc_AesXtsFree
*/
WOLFSSL_API int wc_AesXtsEncrypt(Aes* tweak, Aes* aes, byte* out,
WOLFSSL_API int wc_AesXtsEncrypt(XtsAes* aes, byte* out,
const byte* in, word32 sz, const byte* i, word32 iSz);
@ -391,8 +381,7 @@ WOLFSSL_API int wc_AesXtsEncrypt(Aes* tweak, Aes* aes, byte* out,
\return 0 Success
\param tweak AES tweak key to use
\param aes AES key to use for block encrypt/decrypt
\param aes AES keys to use for block encrypt/decrypt
\param out output buffer to hold plain text
\param in input cipher text buffer to decrypt
\param sz size of both out and in buffers
@ -402,28 +391,53 @@ WOLFSSL_API int wc_AesXtsEncrypt(Aes* tweak, Aes* aes, byte* out,
function.
_Example_
\code
Aes aes;
Aes tweak;
XtsAes aes;
unsigned char plain[SIZE];
unsigned char cipher[SIZE];
unsigned char i[AES_BLOCK_SIZE];
//set up key with AES_DECRYPTION as dir and tweak with AES_ENCRYPTION
if(wc_AesXtsDecrypt(&tweak, &aes, plain, cipher, SIZE, i, sizeof(i)) != 0)
if(wc_AesXtsDecrypt(&aes, plain, cipher, SIZE, i, sizeof(i)) != 0)
{
// Handle error
}
wc_AesFree(&aes);
wc_AesFree(&tweak);
wc_AesXtsFree(&aes);
\endcode
\sa wc_AesXtsEncrypt
\sa wc_AesXtsSetKey
\sa wc_AesFree
\sa wc_AesXtsFree
*/
WOLFSSL_API int wc_AesXtsDecrypt(Aes* tweak, Aes* aes, byte* out,
WOLFSSL_API int wc_AesXtsDecrypt(XtsAes* aes, byte* out,
const byte* in, word32 sz, const byte* i, word32 iSz);
/*!
\ingroup AES
\brief This is to free up any resources used by the XtsAes structure
\return 0 Success
\param aes AES keys to free
_Example_
\code
XtsAes aes;
if(wc_AesXtsSetKey(&aes, key, sizeof(key), AES_ENCRYPTION, NULL, 0) != 0)
{
// Handle error
}
wc_AesXtsFree(&aes);
\endcode
\sa wc_AesXtsEncrypt
\sa wc_AesXtsDecrypt
\sa wc_AesXtsSetKey
*/
WOLFSSL_API int wc_AesXtsFree(XtsAes* aes);
#endif
WOLFSSL_API int wc_AesGetKeySize(Aes* aes, word32* keySize);