diff --git a/wolfcrypt/benchmark/benchmark.c b/wolfcrypt/benchmark/benchmark.c index 3b22d2159..2de5c16a0 100644 --- a/wolfcrypt/benchmark/benchmark.c +++ b/wolfcrypt/benchmark/benchmark.c @@ -1343,7 +1343,7 @@ exit: #ifdef WOLFSSL_AES_XTS void bench_aesxts(void) { - Aes aes, tweak; + XtsAes aes; double start; int i, count, ret; @@ -1359,7 +1359,7 @@ void bench_aesxts(void) 0x6e, 0x4b, 0x92, 0x01, 0x3e, 0x76, 0x8a, 0xd5 }; - ret = wc_AesXtsSetKey(&tweak, &aes, k1, sizeof(k1), AES_ENCRYPTION, + ret = wc_AesXtsSetKey(&aes, k1, sizeof(k1), AES_ENCRYPTION, HEAP_HINT, devId); if (ret != 0) { printf("wc_AesXtsSetKey failed, ret = %d\n", ret); @@ -1369,7 +1369,7 @@ void bench_aesxts(void) bench_stats_start(&count, &start); do { for (i = 0; i < numBlocks; i++) { - if ((ret = wc_AesXtsEncrypt(&tweak, &aes, bench_plain, bench_cipher, + if ((ret = wc_AesXtsEncrypt(&aes, bench_plain, bench_cipher, BENCH_SIZE, i1, sizeof(i1))) != 0) { printf("wc_AesXtsEncrypt failed, ret = %d\n", ret); return; @@ -1378,11 +1378,10 @@ void bench_aesxts(void) count += i; } while (bench_stats_sym_check(start)); bench_stats_sym_finish("AES-XTS-enc", 0, count, start, ret); - wc_AesFree(&aes); - wc_AesFree(&tweak); + wc_AesXtsFree(&aes); /* decryption benchmark */ - ret = wc_AesXtsSetKey(&tweak, &aes, k1, sizeof(k1), AES_DECRYPTION, + ret = wc_AesXtsSetKey(&aes, k1, sizeof(k1), AES_DECRYPTION, HEAP_HINT, devId); if (ret != 0) { printf("wc_AesXtsSetKey failed, ret = %d\n", ret); @@ -1392,7 +1391,7 @@ void bench_aesxts(void) bench_stats_start(&count, &start); do { for (i = 0; i < numBlocks; i++) { - if ((ret = wc_AesXtsDecrypt(&tweak, &aes, bench_plain, bench_cipher, + if ((ret = wc_AesXtsDecrypt(&aes, bench_plain, bench_cipher, BENCH_SIZE, i1, sizeof(i1))) != 0) { printf("wc_AesXtsDecrypt failed, ret = %d\n", ret); return; @@ -1401,8 +1400,7 @@ void bench_aesxts(void) count += i; } while (bench_stats_sym_check(start)); bench_stats_sym_finish("AES-XTS-dec", 0, count, start, ret); - wc_AesFree(&aes); - wc_AesFree(&tweak); + wc_AesXtsFree(&aes); } #endif /* WOLFSSL_AES_XTS */ diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c index f94a1fba5..8175083bc 100755 --- a/wolfcrypt/src/aes.c +++ b/wolfcrypt/src/aes.c @@ -1794,9 +1794,6 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock) if (!((keylen == 16) || (keylen == 24) || (keylen == 32))) return BAD_FUNC_ARG; - #ifdef WOLFSSL_AES_XTS - aes->type = (byte)dir; - #endif aes->keylen = keylen; aes->rounds = keylen/4 + 6; XMEMCPY(rk, userKey, keylen); @@ -1866,9 +1863,6 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock) if (aes == NULL) return BAD_FUNC_ARG; - #ifdef WOLFSSL_AES_XTS - aes->type = (byte)dir; - #endif aes->keylen = keylen; aes->rounds = keylen/4 + 6; XMEMCPY(aes->key, userKey, keylen); @@ -1888,9 +1882,6 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock) aes->rounds = keylen/4 + 6; XMEMCPY(aes->key, userKey, keylen); - #ifdef WOLFSSL_AES_XTS - aes->type = (byte)dir; - #endif #ifdef WOLFSSL_AES_COUNTER aes->left = 0; #endif /* WOLFSSL_AES_COUNTER */ @@ -1918,9 +1909,6 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock) if (rk == NULL) return BAD_FUNC_ARG; - #ifdef WOLFSSL_AES_XTS - aes->type = (byte)dir; - #endif #ifdef WOLFSSL_AES_COUNTER aes->left = 0; #endif /* WOLFSSL_AES_COUNTER */ @@ -1961,9 +1949,6 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock) if (keylen != 16) return BAD_FUNC_ARG; - #ifdef WOLFSSL_AES_XTS - aes->type = (byte)dir; - #endif aes->keylen = keylen; aes->rounds = keylen/4 + 6; ret = nrf51_aes_set_key(userKey); @@ -1990,9 +1975,6 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock) #ifdef WOLFSSL_AESNI aes->use_aesni = 0; #endif /* WOLFSSL_AESNI */ - #ifdef WOLFSSL_AES_XTS - aes->type = (byte)dir; - #endif #ifdef WOLFSSL_AES_COUNTER aes->left = 0; #endif /* WOLFSSL_AES_COUNTER */ @@ -2155,9 +2137,6 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock) if (keylen > max_key_len) { return BAD_FUNC_ARG; } - #endif - #ifdef WOLFSSL_AES_XTS - aes->type = (byte)dir; #endif aes->keylen = keylen; aes->rounds = keylen/4 + 6; @@ -8051,28 +8030,34 @@ int wc_AesKeyUnWrap(const byte* key, word32 keySz, const byte* in, word32 inSz, * * return 0 on success */ -int wc_AesXtsSetKey(Aes* tweak, Aes* aes, const byte* key, word32 len, int dir, +int wc_AesXtsSetKey(XtsAes* aes, const byte* key, word32 len, int dir, void* heap, int devId) { word32 keySz; int ret = 0; - if (aes == NULL || tweak == NULL || key == NULL) { + if (aes == NULL || key == NULL) { return BAD_FUNC_ARG; } - if ((ret = wc_AesInit(tweak, heap, devId)) != 0) { + if ((ret = wc_AesInit(&aes->tweak, heap, devId)) != 0) { return ret; } - if ((ret = wc_AesInit(aes, heap, devId)) != 0) { + if ((ret = wc_AesInit(&aes->aes, heap, devId)) != 0) { return ret; } keySz = len/2; - if ((ret = wc_AesSetKey(aes, key, keySz, NULL, dir)) == 0) { - ret = wc_AesSetKey(tweak, key + keySz, keySz, NULL, AES_ENCRYPTION); + if (keySz != 16 && keySz != 32) { + WOLFSSL_MSG("Unsupported key size"); + return WC_KEY_SIZE_E; + } + + if ((ret = wc_AesSetKey(&aes->aes, key, keySz, NULL, dir)) == 0) { + ret = wc_AesSetKey(&aes->tweak, key + keySz, keySz, NULL, + AES_ENCRYPTION); if (ret != 0) { - wc_AesFree(aes); + wc_AesFree(&aes->aes); } } @@ -8080,12 +8065,28 @@ int wc_AesXtsSetKey(Aes* tweak, Aes* aes, const byte* key, word32 len, int dir, } +/* This is used to free up resources used by Aes structs + * + * aes AES keys to free + * + * return 0 on success + */ +int wc_AesXtsFree(XtsAes* aes) +{ + if (aes != NULL) { + wc_AesFree(&aes->aes); + wc_AesFree(&aes->tweak); + } + + return 0; +} + + /* Same process as wc_AesXtsEncrypt but uses a word64 type as the tweak value * instead of a byte array. This just converts the word64 to a byte array and * calls wc_AesXtsEncrypt. * - * tweak AES tweak key to use - * aes AES key to use for block encrypt/decrypt + * aes AES keys to use for block encrypt/decrypt * out output buffer to hold cipher text * in input plain text buffer to encrypt * sz size of both out and in buffers @@ -8093,7 +8094,7 @@ int wc_AesXtsSetKey(Aes* tweak, Aes* aes, const byte* key, word32 len, int dir, * * returns 0 on success */ -int wc_AesXtsEncryptSector(Aes* tweak, Aes* aes, byte* out, const byte* in, +int wc_AesXtsEncryptSector(XtsAes* aes, byte* out, const byte* in, word32 sz, word64 sector) { byte* pt; @@ -8106,16 +8107,14 @@ int wc_AesXtsEncryptSector(Aes* tweak, Aes* aes, byte* out, const byte* in, pt = (byte*)§or; XMEMCPY(i, pt, sizeof(word64)); - return wc_AesXtsEncrypt(tweak, aes, out, in, sz, - (const byte*)i, AES_BLOCK_SIZE); + return wc_AesXtsEncrypt(aes, out, in, sz, (const byte*)i, AES_BLOCK_SIZE); } /* Same process as wc_AesXtsDecrypt but uses a word64 type as the tweak value * instead of a byte array. This just converts the word64 to a byte array. * - * tweak AES tweak key to use - * aes AES key to use for block encrypt/decrypt + * aes AES keys to use for block encrypt/decrypt * out output buffer to hold plain text * in input cipher text buffer to encrypt * sz size of both out and in buffers @@ -8123,7 +8122,7 @@ int wc_AesXtsEncryptSector(Aes* tweak, Aes* aes, byte* out, const byte* in, * * returns 0 on success */ -int wc_AesXtsDecryptSector(Aes* tweak, Aes* aes, byte* out, const byte* in, word32 sz, +int wc_AesXtsDecryptSector(XtsAes* aes, byte* out, const byte* in, word32 sz, word64 sector) { byte* pt; @@ -8136,15 +8135,13 @@ int wc_AesXtsDecryptSector(Aes* tweak, Aes* aes, byte* out, const byte* in, word pt = (byte*)§or; XMEMCPY(i, pt, sizeof(word64)); - return wc_AesXtsDecrypt(tweak, aes, out, in, sz, - (const byte*)i, AES_BLOCK_SIZE); + return wc_AesXtsDecrypt(aes, out, in, sz, (const byte*)i, AES_BLOCK_SIZE); } /* AES with XTS mode. (XTS) XEX encryption with Tweak and cipher text Stealing. * - * tweak AES tweak key to use - * aes AES key to use for block encrypt/decrypt + * xaes AES keys to use for block encrypt/decrypt * out output buffer to hold cipher text * in input plain text buffer to encrypt * sz size of both out and in buffers @@ -8154,20 +8151,19 @@ int wc_AesXtsDecryptSector(Aes* tweak, Aes* aes, byte* out, const byte* in, word * * returns 0 on success */ -int wc_AesXtsEncrypt(Aes* tweak, Aes* aes, byte* out, const byte* in, word32 sz, +int wc_AesXtsEncrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz, const byte* i, word32 iSz) { int ret = 0; word32 blocks = (sz / AES_BLOCK_SIZE); + Aes *aes, *tweak; - if (aes == NULL || tweak == NULL) { + if (xaes == NULL || out == NULL) { return BAD_FUNC_ARG; } - if (aes->type != AES_ENCRYPTION || tweak->type != AES_ENCRYPTION) { - WOLFSSL_MSG("Both aes and tweak type should be AES_ENCRYPTION"); - return BAD_FUNC_ARG; - } + aes = &xaes->aes; + tweak = &xaes->tweak; if (iSz < AES_BLOCK_SIZE) { return BAD_FUNC_ARG; @@ -8238,8 +8234,7 @@ int wc_AesXtsEncrypt(Aes* tweak, Aes* aes, byte* out, const byte* in, word32 sz, /* Same process as encryption but Aes key is AES_DECRYPTION type. * - * tweak AES tweak key to use - * aes AES key to use for block encrypt/decrypt + * xaes AES keys to use for block encrypt/decrypt * out output buffer to hold plain text * in input cipher text buffer to decrypt * sz size of both out and in buffers @@ -8249,20 +8244,19 @@ int wc_AesXtsEncrypt(Aes* tweak, Aes* aes, byte* out, const byte* in, word32 sz, * * returns 0 on success */ -int wc_AesXtsDecrypt(Aes* tweak, Aes* aes, byte* out, const byte* in, word32 sz, +int wc_AesXtsDecrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz, const byte* i, word32 iSz) { int ret = 0; word32 blocks = (sz / AES_BLOCK_SIZE); + Aes *aes, *tweak; - if (aes == NULL || tweak == NULL) { + if (xaes == NULL || out == NULL) { return BAD_FUNC_ARG; } - if (aes->type != AES_DECRYPTION || tweak->type != AES_ENCRYPTION) { - WOLFSSL_MSG("aes param should be decryption type and tweak encryption"); - return BAD_FUNC_ARG; - } + aes = &xaes->aes; + tweak = &xaes->tweak; if (iSz < AES_BLOCK_SIZE) { return BAD_FUNC_ARG; diff --git a/wolfcrypt/src/port/arm/armv8-aes.c b/wolfcrypt/src/port/arm/armv8-aes.c index 112aba5ef..535239647 100644 --- a/wolfcrypt/src/port/arm/armv8-aes.c +++ b/wolfcrypt/src/port/arm/armv8-aes.c @@ -172,9 +172,6 @@ int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen, } #endif - #ifdef WOLFSSL_AES_XTS - aes->type = dir; - #endif #ifdef WOLFSSL_AES_COUNTER aes->left = 0; #endif /* WOLFSSL_AES_COUNTER */ diff --git a/wolfcrypt/src/port/ti/ti-aes.c b/wolfcrypt/src/port/ti/ti-aes.c index 7673ee96a..cd8d2eed9 100644 --- a/wolfcrypt/src/port/ti/ti-aes.c +++ b/wolfcrypt/src/port/ti/ti-aes.c @@ -75,9 +75,6 @@ WOLFSSL_API int wc_AesSetKey(Aes* aes, const byte* key, word32 len, const byte* } XMEMCPY(aes->key, key, len) ; - #ifdef WOLFSSL_AES_XTS - aes->type = dir; - #endif #ifdef WOLFSSL_AES_COUNTER aes->left = 0; #endif /* WOLFSSL_AES_COUNTER */ diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 416c017bf..ffc552928 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -4206,8 +4206,7 @@ static int aes_key_size_test(void) /* test vectors from http://csrc.nist.gov/groups/STM/cavp/block-cipher-modes.html */ static int aes_xts_128_test(void) { - Aes aes; - Aes tweak; + XtsAes aes; int ret = 0; unsigned char buf[AES_BLOCK_SIZE * 2]; unsigned char cipher[AES_BLOCK_SIZE * 2]; @@ -4269,10 +4268,10 @@ static int aes_xts_128_test(void) }; XMEMSET(buf, 0, sizeof(buf)); - if (wc_AesXtsSetKey(&tweak, &aes, k2, sizeof(k2), AES_ENCRYPTION, + if (wc_AesXtsSetKey(&aes, k2, sizeof(k2), AES_ENCRYPTION, HEAP_HINT, devId) != 0) return -4000; - ret = wc_AesXtsEncrypt(&tweak, &aes, buf, p2, sizeof(p2), i2, sizeof(i2)); + ret = wc_AesXtsEncrypt(&aes, buf, p2, sizeof(p2), i2, sizeof(i2)); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE); #endif @@ -4282,10 +4281,10 @@ static int aes_xts_128_test(void) return -4002; XMEMSET(buf, 0, sizeof(buf)); - if (wc_AesXtsSetKey(&tweak, &aes, k1, sizeof(k1), AES_ENCRYPTION, + if (wc_AesXtsSetKey(&aes, k1, sizeof(k1), AES_ENCRYPTION, HEAP_HINT, devId) != 0) return -4003; - ret = wc_AesXtsEncrypt(&tweak, &aes, buf, p1, sizeof(p1), i1, sizeof(i1)); + ret = wc_AesXtsEncrypt(&aes, buf, p1, sizeof(p1), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE); #endif @@ -4296,21 +4295,20 @@ static int aes_xts_128_test(void) /* partial block encryption test */ XMEMSET(cipher, 0, sizeof(cipher)); - ret = wc_AesXtsEncrypt(&tweak, &aes, cipher, pp, sizeof(pp), i1, sizeof(i1)); + ret = wc_AesXtsEncrypt(&aes, cipher, pp, sizeof(pp), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) return -4006; - wc_AesFree(&aes); - wc_AesFree(&tweak); + wc_AesXtsFree(&aes); /* partial block decrypt test */ XMEMSET(buf, 0, sizeof(buf)); - if (wc_AesXtsSetKey(&tweak, &aes, k1, sizeof(k1), AES_DECRYPTION, + if (wc_AesXtsSetKey(&aes, k1, sizeof(k1), AES_DECRYPTION, HEAP_HINT, devId) != 0) return -4007; - ret = wc_AesXtsDecrypt(&tweak, &aes, buf, cipher, sizeof(pp), i1, sizeof(i1)); + ret = wc_AesXtsDecrypt(&aes, buf, cipher, sizeof(pp), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE); #endif @@ -4321,7 +4319,7 @@ static int aes_xts_128_test(void) /* NIST decrypt test vector */ XMEMSET(buf, 0, sizeof(buf)); - ret = wc_AesXtsDecrypt(&tweak, &aes, buf, c1, sizeof(c1), i1, sizeof(i1)); + ret = wc_AesXtsDecrypt(&aes, buf, c1, sizeof(c1), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE); #endif @@ -4332,7 +4330,7 @@ static int aes_xts_128_test(void) /* fail case with decrypting using wrong key */ XMEMSET(buf, 0, sizeof(buf)); - ret = wc_AesXtsDecrypt(&tweak, &aes, buf, c2, sizeof(c2), i2, sizeof(i2)); + ret = wc_AesXtsDecrypt(&aes, buf, c2, sizeof(c2), i2, sizeof(i2)); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE); #endif @@ -4343,10 +4341,10 @@ static int aes_xts_128_test(void) /* set correct key and retest */ XMEMSET(buf, 0, sizeof(buf)); - if (wc_AesXtsSetKey(&tweak, &aes, k2, sizeof(k2), AES_DECRYPTION, + if (wc_AesXtsSetKey(&aes, k2, sizeof(k2), AES_DECRYPTION, HEAP_HINT, devId) != 0) return -4014; - ret = wc_AesXtsDecrypt(&tweak, &aes, buf, c2, sizeof(c2), i2, sizeof(i2)); + ret = wc_AesXtsDecrypt(&aes, buf, c2, sizeof(c2), i2, sizeof(i2)); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE); #endif @@ -4354,8 +4352,7 @@ static int aes_xts_128_test(void) return -4015; if (XMEMCMP(p2, buf, sizeof(p2))) return -4016; - wc_AesFree(&aes); - wc_AesFree(&tweak); + wc_AesXtsFree(&aes); return ret; } @@ -4363,8 +4360,7 @@ static int aes_xts_128_test(void) static int aes_xts_256_test(void) { - Aes aes; - Aes tweak; + XtsAes aes; int ret = 0; unsigned char buf[AES_BLOCK_SIZE * 3]; unsigned char cipher[AES_BLOCK_SIZE * 3]; @@ -4442,10 +4438,10 @@ static int aes_xts_256_test(void) }; XMEMSET(buf, 0, sizeof(buf)); - if (wc_AesXtsSetKey(&tweak, &aes, k2, sizeof(k2), AES_ENCRYPTION, + if (wc_AesXtsSetKey(&aes, k2, sizeof(k2), AES_ENCRYPTION, HEAP_HINT, devId) != 0) return -4017; - ret = wc_AesXtsEncrypt(&tweak, &aes, buf, p2, sizeof(p2), i2, sizeof(i2)); + ret = wc_AesXtsEncrypt(&aes, buf, p2, sizeof(p2), i2, sizeof(i2)); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE); #endif @@ -4455,10 +4451,10 @@ static int aes_xts_256_test(void) return -4019; XMEMSET(buf, 0, sizeof(buf)); - if (wc_AesXtsSetKey(&tweak, &aes, k1, sizeof(k1), AES_ENCRYPTION, + if (wc_AesXtsSetKey(&aes, k1, sizeof(k1), AES_ENCRYPTION, HEAP_HINT, devId) != 0) return -4020; - ret = wc_AesXtsEncrypt(&tweak, &aes, buf, p1, sizeof(p1), i1, sizeof(i1)); + ret = wc_AesXtsEncrypt(&aes, buf, p1, sizeof(p1), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE); #endif @@ -4469,21 +4465,20 @@ static int aes_xts_256_test(void) /* partial block encryption test */ XMEMSET(cipher, 0, sizeof(cipher)); - ret = wc_AesXtsEncrypt(&tweak, &aes, cipher, pp, sizeof(pp), i1, sizeof(i1)); + ret = wc_AesXtsEncrypt(&aes, cipher, pp, sizeof(pp), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) return -4023; - wc_AesFree(&aes); - wc_AesFree(&tweak); + wc_AesXtsFree(&aes); /* partial block decrypt test */ XMEMSET(buf, 0, sizeof(buf)); - if (wc_AesXtsSetKey(&tweak, &aes, k1, sizeof(k1), AES_DECRYPTION, + if (wc_AesXtsSetKey(&aes, k1, sizeof(k1), AES_DECRYPTION, HEAP_HINT, devId) != 0) return -4024; - ret = wc_AesXtsDecrypt(&tweak, &aes, buf, cipher, sizeof(pp), i1, sizeof(i1)); + ret = wc_AesXtsDecrypt(&aes, buf, cipher, sizeof(pp), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE); #endif @@ -4494,7 +4489,7 @@ static int aes_xts_256_test(void) /* NIST decrypt test vector */ XMEMSET(buf, 0, sizeof(buf)); - ret = wc_AesXtsDecrypt(&tweak, &aes, buf, c1, sizeof(c1), i1, sizeof(i1)); + ret = wc_AesXtsDecrypt(&aes, buf, c1, sizeof(c1), i1, sizeof(i1)); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE); #endif @@ -4504,10 +4499,10 @@ static int aes_xts_256_test(void) return -4028; XMEMSET(buf, 0, sizeof(buf)); - if (wc_AesXtsSetKey(&tweak, &aes, k2, sizeof(k2), AES_DECRYPTION, + if (wc_AesXtsSetKey(&aes, k2, sizeof(k2), AES_DECRYPTION, HEAP_HINT, devId) != 0) return -4029; - ret = wc_AesXtsDecrypt(&tweak, &aes, buf, c2, sizeof(c2), i2, sizeof(i2)); + ret = wc_AesXtsDecrypt(&aes, buf, c2, sizeof(c2), i2, sizeof(i2)); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE); #endif @@ -4515,8 +4510,7 @@ static int aes_xts_256_test(void) return -4030; if (XMEMCMP(p2, buf, sizeof(p2))) return -4031; - wc_AesFree(&aes); - wc_AesFree(&tweak); + wc_AesXtsFree(&aes); return ret; } @@ -4525,8 +4519,7 @@ static int aes_xts_256_test(void) /* both 128 and 256 bit key test */ static int aes_xts_sector_test(void) { - Aes aes; - Aes tweak; + XtsAes aes; int ret = 0; unsigned char buf[AES_BLOCK_SIZE * 2]; @@ -4577,10 +4570,10 @@ static int aes_xts_sector_test(void) word64 s2 = 187; XMEMSET(buf, 0, sizeof(buf)); - if (wc_AesXtsSetKey(&tweak, &aes, k1, sizeof(k1), AES_ENCRYPTION, + if (wc_AesXtsSetKey(&aes, k1, sizeof(k1), AES_ENCRYPTION, HEAP_HINT, devId) != 0) return -4032; - ret = wc_AesXtsEncryptSector(&tweak, &aes, buf, p1, sizeof(p1), s1); + ret = wc_AesXtsEncryptSector(&aes, buf, p1, sizeof(p1), s1); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE); #endif @@ -4591,10 +4584,10 @@ static int aes_xts_sector_test(void) /* decrypt test */ XMEMSET(buf, 0, sizeof(buf)); - if (wc_AesXtsSetKey(&tweak, &aes, k1, sizeof(k1), AES_DECRYPTION, + if (wc_AesXtsSetKey(&aes, k1, sizeof(k1), AES_DECRYPTION, HEAP_HINT, devId) != 0) return -4035; - ret = wc_AesXtsDecryptSector(&tweak, &aes, buf, c1, sizeof(c1), s1); + ret = wc_AesXtsDecryptSector(&aes, buf, c1, sizeof(c1), s1); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE); #endif @@ -4602,15 +4595,14 @@ static int aes_xts_sector_test(void) return -4036; if (XMEMCMP(p1, buf, AES_BLOCK_SIZE)) return -4037; - wc_AesFree(&aes); - wc_AesFree(&tweak); + wc_AesXtsFree(&aes); /* 256 bit key tests */ XMEMSET(buf, 0, sizeof(buf)); - if (wc_AesXtsSetKey(&tweak, &aes, k2, sizeof(k2), AES_ENCRYPTION, + if (wc_AesXtsSetKey(&aes, k2, sizeof(k2), AES_ENCRYPTION, HEAP_HINT, devId) != 0) return -4038; - ret = wc_AesXtsEncryptSector(&tweak, &aes, buf, p2, sizeof(p2), s2); + ret = wc_AesXtsEncryptSector(&aes, buf, p2, sizeof(p2), s2); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE); #endif @@ -4621,10 +4613,10 @@ static int aes_xts_sector_test(void) /* decrypt test */ XMEMSET(buf, 0, sizeof(buf)); - if (wc_AesXtsSetKey(&tweak, &aes, k2, sizeof(k2), AES_DECRYPTION, + if (wc_AesXtsSetKey(&aes, k2, sizeof(k2), AES_DECRYPTION, HEAP_HINT, devId) != 0) return -4041; - ret = wc_AesXtsDecryptSector(&tweak, &aes, buf, c2, sizeof(c2), s2); + ret = wc_AesXtsDecryptSector(&aes, buf, c2, sizeof(c2), s2); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE); #endif @@ -4632,8 +4624,7 @@ static int aes_xts_sector_test(void) return -4042; if (XMEMCMP(p2, buf, sizeof(p2))) return -4043; - wc_AesFree(&aes); - wc_AesFree(&tweak); + wc_AesXtsFree(&aes); return ret; } @@ -4642,8 +4633,7 @@ static int aes_xts_sector_test(void) /* testing of bad arguments */ static int aes_xts_args_test(void) { - Aes aes; - Aes tweak; + XtsAes aes; int ret = 0; unsigned char buf[AES_BLOCK_SIZE * 2]; @@ -4666,52 +4656,50 @@ static int aes_xts_args_test(void) }; word64 s1 = 141; - if (wc_AesXtsSetKey(NULL, &aes, k1, sizeof(k1), AES_ENCRYPTION, + if (wc_AesXtsSetKey(NULL, k1, sizeof(k1), AES_ENCRYPTION, HEAP_HINT, devId) == 0) return -4044; - if (wc_AesXtsSetKey(&tweak, NULL, k1, sizeof(k1), AES_ENCRYPTION, + if (wc_AesXtsSetKey(&aes, NULL, sizeof(k1), AES_ENCRYPTION, HEAP_HINT, devId) == 0) return -4045; - if (wc_AesXtsSetKey(&tweak, &aes, NULL, sizeof(k1), AES_ENCRYPTION, - HEAP_HINT, devId) == 0) - return -4046; - /* set up wrong encrypt / decrypt types for key */ - wc_AesSetKey(&aes, k1, sizeof(k1)/2, NULL, AES_DECRYPTION); - wc_AesSetKey(&tweak, k1 + sizeof(k1)/2, sizeof(k1)/2, NULL, AES_ENCRYPTION); - ret = wc_AesXtsEncryptSector(&tweak, &aes, buf, p1, sizeof(p1), s1); + /* encryption operations */ + if (wc_AesXtsSetKey(&aes, k1, sizeof(k1), AES_ENCRYPTION, + HEAP_HINT, devId) != 0) + return -4046; + ret = wc_AesXtsEncryptSector(NULL, buf, p1, sizeof(p1), s1); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret == 0) return -4047; - wc_AesFree(&aes); - wc_AesFree(&tweak); - /* tweak must be encryption type. Test with wrong decryption type used */ - wc_AesSetKey(&aes, k1, sizeof(k1)/2, NULL, AES_ENCRYPTION); - wc_AesSetKey(&tweak, k1 + sizeof(k1)/2, sizeof(k1)/2, NULL, AES_DECRYPTION); - ret = wc_AesXtsEncryptSector(&tweak, &aes, buf, p1, sizeof(p1), s1); + ret = wc_AesXtsEncryptSector(&aes, NULL, p1, sizeof(p1), s1); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret == 0) return -4048; - wc_AesFree(&aes); - wc_AesFree(&tweak); + wc_AesXtsFree(&aes); - /* Test for fail with encryption key used for decryption */ - if (wc_AesXtsSetKey(&tweak, &aes, k1, sizeof(k1), AES_ENCRYPTION, + /* decryption operations */ + if (wc_AesXtsSetKey(&aes, k1, sizeof(k1), AES_DECRYPTION, HEAP_HINT, devId) != 0) + return -4046; + ret = wc_AesXtsDecryptSector(NULL, buf, c1, sizeof(c1), s1); +#if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE); +#endif + if (ret == 0) return -4049; - ret = wc_AesXtsDecryptSector(&tweak, &aes, buf, c1, sizeof(c1), s1); + + ret = wc_AesXtsDecryptSector(&aes, NULL, c1, sizeof(c1), s1); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret == 0) return -4050; - wc_AesFree(&aes); - wc_AesFree(&tweak); + wc_AesXtsFree(&aes); return 0; } diff --git a/wolfssl/wolfcrypt/aes.h b/wolfssl/wolfcrypt/aes.h index 7ba85f0a2..587432341 100755 --- a/wolfssl/wolfcrypt/aes.h +++ b/wolfssl/wolfcrypt/aes.h @@ -111,12 +111,14 @@ typedef struct Aes { word32 kup; #endif void* heap; /* memory hint to use */ -#ifdef WOLFSSL_AES_XTS - byte type; /* adds the ability to do a sanity check on key for - * encrypt/decrypt */ -#endif } Aes; +#ifdef WOLFSSL_AES_XTS +typedef struct XtsAes { + Aes aes; + Aes tweak; +} XtsAes; +#endif #ifdef HAVE_AESGCM typedef struct Gmac { @@ -220,12 +222,11 @@ WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out, \brief This is to help with setting keys to correct encrypt or decrypt type. - \note Is up to user to call wc_AesFree on tweak and aes key when done. + \note Is up to user to call wc_AesXtsFree on aes key when done. \return 0 Success - \param tweak AES key for tweak in XTS - \param aes AES key for encrypt/decrypt process + \param aes AES keys for encrypt/decrypt process \param key buffer holding aes key | tweak key \param len length of key buffer in bytes. Should be twice that of key size. i.e. 32 for a 16 byte key. @@ -235,22 +236,20 @@ WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out, _Example_ \code - Aes aes; - Aes tweak; + XtsAes aes; - if(wc_AesXtsSetKey(&tweak, &aes, key, sizeof(key), AES_ENCRYPTION, NULL, 0) != 0) + if(wc_AesXtsSetKey(&aes, key, sizeof(key), AES_ENCRYPTION, NULL, 0) != 0) { // Handle error } - wc_AesFree(&aes); - wc_AesFree(&tweak); + wc_AesXtsFree(&aes); \endcode \sa wc_AesXtsEncrypt \sa wc_AesXtsDecrypt - \sa wc_AesFree + \sa wc_AesXtsFree */ -WOLFSSL_API int wc_AesXtsSetKey(Aes* tweak, Aes* aes, const byte* key, +WOLFSSL_API int wc_AesXtsSetKey(XtsAes* aes, const byte* key, word32 len, int dir, void* heap, int devId); @@ -263,8 +262,7 @@ WOLFSSL_API int wc_AesXtsSetKey(Aes* tweak, Aes* aes, const byte* key, \return 0 Success - \param tweak tweak AES tweak key to use - \param aes AES key to use for block encrypt/decrypt + \param aes AES keys to use for block encrypt/decrypt \param out output buffer to hold cipher text \param in input plain text buffer to encrypt \param sz size of both out and in buffers @@ -272,28 +270,26 @@ WOLFSSL_API int wc_AesXtsSetKey(Aes* tweak, Aes* aes, const byte* key, _Example_ \code - Aes aes; - Aes tweak; + XtsAes aes; unsigned char plain[SIZE]; unsigned char cipher[SIZE]; word64 s = VALUE; //set up keys with AES_ENCRYPTION as dir - if(wc_AesXtsEncryptSector(&tweak, &aes, cipher, plain, SIZE, s) != 0) + if(wc_AesXtsEncryptSector(&aes, cipher, plain, SIZE, s) != 0) { // Handle error } - wc_AesFree(&aes); - wc_AesFree(&tweak); + wc_AesXtsFree(&aes); \endcode \sa wc_AesXtsEncrypt \sa wc_AesXtsDecrypt \sa wc_AesXtsSetKey - \sa wc_AesFree + \sa wc_AesXtsFree */ -WOLFSSL_API int wc_AesXtsEncryptSector(Aes* tweak, Aes* aes, byte* out, +WOLFSSL_API int wc_AesXtsEncryptSector(XtsAes* aes, byte* out, const byte* in, word32 sz, word64 sector); @@ -306,8 +302,7 @@ WOLFSSL_API int wc_AesXtsEncryptSector(Aes* tweak, Aes* aes, byte* out, \return 0 Success - \param tweak AES tweak key to use - \param aes AES key to use for block encrypt/decrypt + \param aes AES keys to use for block encrypt/decrypt \param out output buffer to hold plain text \param in input cipher text buffer to decrypt \param sz size of both out and in buffers @@ -315,28 +310,26 @@ WOLFSSL_API int wc_AesXtsEncryptSector(Aes* tweak, Aes* aes, byte* out, _Example_ \code - Aes aes; - Aes tweak; + XtsAes aes; unsigned char plain[SIZE]; unsigned char cipher[SIZE]; word64 s = VALUE; //set up aes key with AES_DECRYPTION as dir and tweak with AES_ENCRYPTION - if(wc_AesXtsDecryptSector(&tweak, &aes, plain, cipher, SIZE, s) != 0) + if(wc_AesXtsDecryptSector(&aes, plain, cipher, SIZE, s) != 0) { // Handle error } - wc_AesFree(&aes); - wc_AesFree(&tweak); + wc_AesXtsFree(&aes); \endcode \sa wc_AesXtsEncrypt \sa wc_AesXtsDecrypt \sa wc_AesXtsSetKey - \sa wc_AesFree + \sa wc_AesXtsFree */ -WOLFSSL_API int wc_AesXtsDecryptSector(Aes* tweak, Aes* aes, byte* out, +WOLFSSL_API int wc_AesXtsDecryptSector(XtsAes* aes, byte* out, const byte* in, word32 sz, word64 sector); @@ -348,8 +341,7 @@ WOLFSSL_API int wc_AesXtsDecryptSector(Aes* tweak, Aes* aes, byte* out, \return 0 Success - \param tweak AES tweak key to use - \param aes AES key to use for block encrypt/decrypt + \param aes AES keys to use for block encrypt/decrypt \param out output buffer to hold cipher text \param in input plain text buffer to encrypt \param sz size of both out and in buffers @@ -360,27 +352,25 @@ WOLFSSL_API int wc_AesXtsDecryptSector(Aes* tweak, Aes* aes, byte* out, _Example_ \code - Aes aes; - Aes tweak; + XtsAes aes; unsigned char plain[SIZE]; unsigned char cipher[SIZE]; unsigned char i[AES_BLOCK_SIZE]; //set up key with AES_ENCRYPTION as dir - if(wc_AesXtsEncrypt(&tweak, &aes, cipher, plain, SIZE, i, sizeof(i)) != 0) + if(wc_AesXtsEncrypt(&aes, cipher, plain, SIZE, i, sizeof(i)) != 0) { // Handle error } - wc_AesFree(&aes); - wc_AesFree(&tweak); + wc_AesXtsFree(&aes); \endcode \sa wc_AesXtsDecrypt \sa wc_AesXtsSetKey - \sa wc_AesFree + \sa wc_AesXtsFree */ -WOLFSSL_API int wc_AesXtsEncrypt(Aes* tweak, Aes* aes, byte* out, +WOLFSSL_API int wc_AesXtsEncrypt(XtsAes* aes, byte* out, const byte* in, word32 sz, const byte* i, word32 iSz); @@ -391,8 +381,7 @@ WOLFSSL_API int wc_AesXtsEncrypt(Aes* tweak, Aes* aes, byte* out, \return 0 Success - \param tweak AES tweak key to use - \param aes AES key to use for block encrypt/decrypt + \param aes AES keys to use for block encrypt/decrypt \param out output buffer to hold plain text \param in input cipher text buffer to decrypt \param sz size of both out and in buffers @@ -402,28 +391,53 @@ WOLFSSL_API int wc_AesXtsEncrypt(Aes* tweak, Aes* aes, byte* out, function. _Example_ \code - Aes aes; - Aes tweak; + XtsAes aes; unsigned char plain[SIZE]; unsigned char cipher[SIZE]; unsigned char i[AES_BLOCK_SIZE]; //set up key with AES_DECRYPTION as dir and tweak with AES_ENCRYPTION - if(wc_AesXtsDecrypt(&tweak, &aes, plain, cipher, SIZE, i, sizeof(i)) != 0) + if(wc_AesXtsDecrypt(&aes, plain, cipher, SIZE, i, sizeof(i)) != 0) { // Handle error } - wc_AesFree(&aes); - wc_AesFree(&tweak); + wc_AesXtsFree(&aes); \endcode \sa wc_AesXtsEncrypt \sa wc_AesXtsSetKey - \sa wc_AesFree + \sa wc_AesXtsFree */ -WOLFSSL_API int wc_AesXtsDecrypt(Aes* tweak, Aes* aes, byte* out, +WOLFSSL_API int wc_AesXtsDecrypt(XtsAes* aes, byte* out, const byte* in, word32 sz, const byte* i, word32 iSz); + + +/*! + \ingroup AES + + \brief This is to free up any resources used by the XtsAes structure + + \return 0 Success + + \param aes AES keys to free + + _Example_ + \code + XtsAes aes; + + if(wc_AesXtsSetKey(&aes, key, sizeof(key), AES_ENCRYPTION, NULL, 0) != 0) + { + // Handle error + } + wc_AesXtsFree(&aes); + \endcode + + \sa wc_AesXtsEncrypt + \sa wc_AesXtsDecrypt + \sa wc_AesXtsSetKey +*/ +WOLFSSL_API int wc_AesXtsFree(XtsAes* aes); #endif WOLFSSL_API int wc_AesGetKeySize(Aes* aes, word32* keySize);