feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Fix for AES_XTS

Browse Source
This commit is contained in:
Eric Blankenhorn
2020-01-29 21:07:57 -06:00
parent e421d9f52c
commit 64dcf5740a
4 changed files with 29 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
src/ssl.c
View File

@ -17768,15 +17768,18 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
ctx->flags |= WOLFSSL_EVP_CIPH_XTS_MODE;
ctx->keyLen = 32;
ctx->block_size = 1;
ctx->ivSz = 16;
if (iv)
XMEMCPY(ctx->iv, iv, ctx->ivSz);
else
XMEMSET(ctx->iv, 0, AES_BLOCK_SIZE);
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
if (iv) {
ctx->cipher.tweak = iv;
ctx->cipher.tweakSz = 16;
}
if (key) {
ret = wc_AesXtsSetKey(&ctx->cipher.xts, key, ctx->keyLen,
AES_ENCRYPTION, NULL, 0);
ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, NULL, 0);
if (ret != 0) {
WOLFSSL_MSG("wc_AesXtsSetKey() failed");
return ret;
@ -17793,15 +17796,18 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
ctx->flags |= WOLFSSL_EVP_CIPH_XTS_MODE;
ctx->keyLen = 64;
ctx->block_size = 1;
ctx->ivSz = 16;
if (iv)
XMEMCPY(ctx->iv, iv, ctx->ivSz);
else
XMEMSET(ctx->iv, 0, AES_BLOCK_SIZE);
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
if (iv) {
ctx->cipher.tweak = iv;
ctx->cipher.tweakSz = 16;
}
if (key) {
ret = wc_AesXtsSetKey(&ctx->cipher.xts, key, ctx->keyLen,
AES_ENCRYPTION, NULL, 0);
ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, NULL, 0);
if (ret != 0) {
WOLFSSL_MSG("wc_AesXtsSetKey() failed");
return ret;
@ -18093,10 +18099,10 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
WOLFSSL_MSG("AES XTS");
if (ctx->enc)
ret = wc_AesXtsEncrypt(&ctx->cipher.xts, dst, src, len,
ctx->cipher.tweak, ctx->cipher.tweakSz);
ctx->iv, ctx->ivSz);
else
ret = wc_AesXtsDecrypt(&ctx->cipher.xts, dst, src, len,
ctx->cipher.tweak, ctx->cipher.tweakSz);
ctx->iv, ctx->ivSz);
break;
#endif /* WOLFSSL_AES_XTS */

4
wolfcrypt/src/evp.c
View File

@ -390,10 +390,10 @@ static int evpCipherBlock(WOLFSSL_EVP_CIPHER_CTX *ctx,
case AES_256_XTS_TYPE:
if (ctx->enc)
ret = wc_AesXtsEncrypt(&ctx->cipher.xts, out, in, inl,
ctx->cipher.tweak, ctx->cipher.tweakSz);
ctx->iv, ctx->ivSz);
else
ret = wc_AesXtsDecrypt(&ctx->cipher.xts, out, in, inl,
ctx->cipher.tweak, ctx->cipher.tweakSz);
ctx->iv, ctx->ivSz);
break;
#endif
#endif /* !NO_AES */

16
wolfcrypt/test/test.c
View File

@ -6763,13 +6763,7 @@ static int aes_xts_128_test(void)
0xff, 0x8d, 0xbc, 0x1d, 0x9f, 0x7f, 0xc8, 0x22
};
XMEMSET(buf, 0, sizeof(buf));
if (wc_AesXtsSetKey(&aes, k2, sizeof(k2), AES_ENCRYPTION,
HEAP_HINT, devId) != 0)
return -4900;
#if 0 /* Enable after passes */
//#ifdef OPENSSL_EXTRA
#ifdef OPENSSL_EXTRA
ret = EVP_test(EVP_aes_128_xts(), k2, i2, p2, sizeof(p2), c2, sizeof(c2));
if (ret != 0) {
printf("EVP_aes_128_xts failed!\n");
@ -6777,6 +6771,11 @@ static int aes_xts_128_test(void)
}
#endif
XMEMSET(buf, 0, sizeof(buf));
if (wc_AesXtsSetKey(&aes, k2, sizeof(k2), AES_ENCRYPTION,
HEAP_HINT, devId) != 0)
return -4900;
ret = wc_AesXtsEncrypt(&aes, buf, p2, sizeof(p2), i2, sizeof(i2));
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &aes.aes.asyncDev, WC_ASYNC_FLAG_NONE);
@ -6945,8 +6944,7 @@ static int aes_xts_256_test(void)
0xc3, 0xea, 0xd8, 0x10, 0xe9, 0xc0, 0xaf, 0x92
};
#if 0 /* Enable after passes */
//#ifdef OPENSSL_EXTRA
#ifdef OPENSSL_EXTRA
ret = EVP_test(EVP_aes_256_xts(), k2, i2, p2, sizeof(p2), c2, sizeof(c2));
if (ret != 0) {
printf("EVP_aes_256_xts failed\n");

5
wolfssl/openssl/evp.h
View File

@ -178,8 +178,6 @@ typedef union {
Aes aes;
#ifdef WOLFSSL_AES_XTS
XtsAes xts;
const byte* tweak;
word32 tweakSz;
#endif
#endif
#ifndef NO_DES3
@ -321,7 +319,8 @@ struct WOLFSSL_EVP_CIPHER_CTX {
int bufUsed;
ALIGN16 byte lastBlock[WOLFSSL_EVP_BUF_SIZE];
int lastUsed;
#if !defined(NO_AES) || !defined(NO_DES3) || defined(HAVE_IDEA)
#if !defined(NO_AES) || !defined(NO_DES3) || defined(HAVE_IDEA) || \
defined(HAVE_AESGCM) || defined (WOLFSSL_AES_XTS)
#define HAVE_WOLFSSL_EVP_CIPHER_CTX_IV
int ivSz;
ALIGN16 unsigned char authTag[AES_BLOCK_SIZE];