feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Fixes for TI AES and SHA.

Browse Source
This commit is contained in:
David Garske
2023-11-29 17:31:39 -08:00
parent df954568be
commit b002c330c0
2 changed files with 68 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
wolfcrypt/src/port/ti/ti-aes.c
View File

@@ -67,17 +67,29 @@ int wc_AesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv, int dir)
{ {
if (!wolfSSL_TI_CCMInit()) if (!wolfSSL_TI_CCMInit())
return 1; return 1;
if ((aes == NULL) || (key == NULL) || (iv == NULL)) if ((aes == NULL) || (key == NULL))
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
if (!((dir == AES_ENCRYPTION) || (dir == AES_DECRYPTION))) if (!((dir == AES_ENCRYPTION) || (dir == AES_DECRYPTION)))
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
switch (len) { switch (len) {
case 16: aes->keylen = AES_CFG_KEY_SIZE_128BIT; break; #ifdef WOLFSSL_AES_128
case 24: aes->keylen = AES_CFG_KEY_SIZE_192BIT; break; case 16:
case 32: aes->keylen = AES_CFG_KEY_SIZE_256BIT; break; break;
default: return BAD_FUNC_ARG; #endif
#ifdef WOLFSSL_AES_192
case 24:
break;
#endif
#ifdef WOLFSSL_AES_256
case 32:
break;
#endif
default:
return BAD_FUNC_ARG;
} }
aes->keylen = len;
aes->rounds = len / 4 + 6;
XMEMCPY(aes->key, key, len); XMEMCPY(aes->key, key, len);
#ifdef WOLFSSL_AES_COUNTER #ifdef WOLFSSL_AES_COUNTER
@@ -92,10 +104,10 @@ static int AesAlign16(Aes* aes, byte* out, const byte* in, word32 sz,
/* Processed aligned chunk to HW AES */ /* Processed aligned chunk to HW AES */
wolfSSL_TI_lockCCM(); wolfSSL_TI_lockCCM();
ROM_AESReset(AES_BASE); ROM_AESReset(AES_BASE);
ROM_AESConfigSet(AES_BASE, (aes->keylen | dir | ROM_AESConfigSet(AES_BASE, (aes->keylen-8 | dir |
(mode == AES_CFG_MODE_CTR_NOCTR ? AES_CFG_MODE_CTR : mode))); (mode == AES_CFG_MODE_CTR_NOCTR ? AES_CFG_MODE_CTR : mode)));
ROM_AESIVSet(AES_BASE, (uint32_t *)aes->reg); ROM_AESIVSet(AES_BASE, (uint32_t *)aes->reg);
ROM_AESKey1Set(AES_BASE, (uint32_t *)aes->key, aes->keylen); ROM_AESKey1Set(AES_BASE, (uint32_t *)aes->key, aes->keylen-8);
if ((dir == AES_CFG_DIR_DECRYPT)&& (mode == AES_CFG_MODE_CBC)) { if ((dir == AES_CFG_DIR_DECRYPT)&& (mode == AES_CFG_MODE_CBC)) {
/* if input and output same will overwrite input iv */ /* if input and output same will overwrite input iv */
XMEMCPY(aes->tmp, in + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE); XMEMCPY(aes->tmp, in + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
@@ -342,6 +354,7 @@ static void AesAuthSetIv(Aes *aes, const byte *nonce, word32 len, word32 L,
else { else {
byte *b = (byte *)aes->reg; byte *b = (byte *)aes->reg;
XMEMSET(aes->reg, 0, AES_BLOCK_SIZE); XMEMSET(aes->reg, 0, AES_BLOCK_SIZE);
if (nonce != NULL && len < AES_BLOCK_SIZE)
XMEMCPY(aes->reg, nonce, len); XMEMCPY(aes->reg, nonce, len);
b[AES_BLOCK_SIZE-4] = 0; b[AES_BLOCK_SIZE-4] = 0;
b[AES_BLOCK_SIZE-3] = 0; b[AES_BLOCK_SIZE-3] = 0;
@@ -365,7 +378,7 @@ static int AesAuthEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
ret = AesAuthArgCheck(aes, out, in, inSz, nonce, nonceSz, authTag, ret = AesAuthArgCheck(aes, out, in, inSz, nonce, nonceSz, authTag,
authTagSz, authIn, authInSz, &M, &L); authTagSz, authIn, authInSz, &M, &L);
if (ret != 0) { if (ret == BAD_FUNC_ARG) {
return ret; return ret;
} }
@@ -415,11 +428,11 @@ static int AesAuthEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
/* do aes-ccm */ /* do aes-ccm */
AesAuthSetIv(aes, nonce, nonceSz, L, mode); AesAuthSetIv(aes, nonce, nonceSz, L, mode);
ROM_AESReset(AES_BASE); ROM_AESReset(AES_BASE);
ROM_AESConfigSet(AES_BASE, (aes->keylen | AES_CFG_DIR_ENCRYPT | ROM_AESConfigSet(AES_BASE, (aes->keylen-8 | AES_CFG_DIR_ENCRYPT |
AES_CFG_CTR_WIDTH_128 | AES_CFG_CTR_WIDTH_128 |
mode | ((mode== AES_CFG_MODE_CCM) ? (L | M) : 0 ))); mode | ((mode== AES_CFG_MODE_CCM) ? (L | M) : 0 )));
ROM_AESIVSet(AES_BASE, aes->reg); ROM_AESIVSet(AES_BASE, aes->reg);
ROM_AESKey1Set(AES_BASE, aes->key, aes->keylen); ROM_AESKey1Set(AES_BASE, aes->key, aes->keylen-8);
ret = ROM_AESDataProcessAuth(AES_BASE, (unsigned int*)in_a, (unsigned int *)out_a, inSz, ret = ROM_AESDataProcessAuth(AES_BASE, (unsigned int*)in_a, (unsigned int *)out_a, inSz,
(unsigned int*)authIn_a, authInSz, (unsigned int *)tmpTag); (unsigned int*)authIn_a, authInSz, (unsigned int *)tmpTag);
if (ret == false) { if (ret == false) {
@@ -451,10 +464,9 @@ static int AesAuthDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
byte *nonce_a, *nonce_save = NULL; byte *nonce_a, *nonce_save = NULL;
word32 tmpTag[4]; word32 tmpTag[4];
ret = AesAuthArgCheck(aes, out, in, inSz, nonce, nonceSz, authTag, ret = AesAuthArgCheck(aes, out, in, inSz, nonce, nonceSz, authTag,
authTagSz, authIn, authInSz, &M, &L); authTagSz, authIn, authInSz, &M, &L);
if (ret != 0) { if (ret == BAD_FUNC_ARG) {
return ret; return ret;
} }
@@ -503,11 +515,11 @@ static int AesAuthDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
/* do aes-ccm */ /* do aes-ccm */
AesAuthSetIv(aes, nonce, nonceSz, L, mode); AesAuthSetIv(aes, nonce, nonceSz, L, mode);
ROM_AESReset(AES_BASE); ROM_AESReset(AES_BASE);
ROM_AESConfigSet(AES_BASE, (aes->keylen | AES_CFG_DIR_DECRYPT | ROM_AESConfigSet(AES_BASE, (aes->keylen-8 | AES_CFG_DIR_DECRYPT |
AES_CFG_CTR_WIDTH_128 | AES_CFG_CTR_WIDTH_128 |
mode | ((mode== AES_CFG_MODE_CCM) ? (L | M) : 0 ))); mode | ((mode== AES_CFG_MODE_CCM) ? (L | M) : 0 )));
ROM_AESIVSet(AES_BASE, aes->reg); ROM_AESIVSet(AES_BASE, aes->reg);
ROM_AESKey1Set(AES_BASE, aes->key, aes->keylen); ROM_AESKey1Set(AES_BASE, aes->key, aes->keylen-8);
ret = ROM_AESDataProcessAuth(AES_BASE, (unsigned int*)in_a, (unsigned int *)out_a, inSz, ret = ROM_AESDataProcessAuth(AES_BASE, (unsigned int*)in_a, (unsigned int *)out_a, inSz,
(unsigned int*)authIn_a, authInSz, (unsigned int *)tmpTag); (unsigned int*)authIn_a, authInSz, (unsigned int *)tmpTag);
if ((ret == false) || (XMEMCMP(authTag, tmpTag, authTagSz) != 0)) { if ((ret == false) || (XMEMCMP(authTag, tmpTag, authTagSz) != 0)) {

31
wolfcrypt/src/port/ti/ti-hash.c
View File

@@ -62,8 +62,10 @@
#define SHAMD5_ALGO_SHA224 4 #define SHAMD5_ALGO_SHA224 4
#endif #endif
static int hashInit(wolfssl_TI_Hash *hash) { static int hashInit(wolfssl_TI_Hash *hash)
if (!wolfSSL_TI_CCMInit())return 1; {
if (!wolfSSL_TI_CCMInit())
return 1;
hash->used = 0; hash->used = 0;
hash->msg = 0; hash->msg = 0;
hash->len = 0; hash->len = 0;
@@ -115,8 +117,13 @@ static int hashGetHash(wolfssl_TI_Hash *hash, byte* result, word32 algo, word32
return 0; return 0;
} }
static int hashCopy(wolfssl_TI_Hash *src, wolfssl_TI_Hash *dst) { static int hashCopy(wolfssl_TI_Hash *src, wolfssl_TI_Hash *dst)
XMEMCPY(dst, src, sizeof(wolfssl_TI_Hash)); {
/* only copy hash, zero the rest of the struct to avoid double-free */
dst->msg = NULL;
dst->used = 0;
dst->len = 0;
XMEMCPY(dst->hash, src->hash, sizeof(dst->hash));
return 0; return 0;
} }
@@ -194,7 +201,8 @@ WOLFSSL_API int wc_Md5GetHash(Md5* md5, byte* hash)
return hashGetHash((wolfssl_TI_Hash *)md5, hash, SHAMD5_ALGO_MD5, MD5_DIGEST_SIZE); return hashGetHash((wolfssl_TI_Hash *)md5, hash, SHAMD5_ALGO_MD5, MD5_DIGEST_SIZE);
} }
WOLFSSL_API int wc_Md5Copy(Md5* src, Md5* dst) { WOLFSSL_API int wc_Md5Copy(Md5* src, Md5* dst)
{
return hashCopy((wolfssl_TI_Hash *)src, (wolfssl_TI_Hash *)dst); return hashCopy((wolfssl_TI_Hash *)src, (wolfssl_TI_Hash *)dst);
} }
@@ -239,7 +247,8 @@ WOLFSSL_API int wc_ShaGetHash(Sha* sha, byte* hash)
return hashGetHash(sha, hash, SHAMD5_ALGO_SHA1, SHA_DIGEST_SIZE); return hashGetHash(sha, hash, SHAMD5_ALGO_SHA1, SHA_DIGEST_SIZE);
} }
WOLFSSL_API int wc_ShaCopy(Sha* src, Sha* dst) { WOLFSSL_API int wc_ShaCopy(Sha* src, Sha* dst)
{
return hashCopy((wolfssl_TI_Hash *)src, (wolfssl_TI_Hash *)dst); return hashCopy((wolfssl_TI_Hash *)src, (wolfssl_TI_Hash *)dst);
} }
@@ -284,6 +293,11 @@ WOLFSSL_API int wc_Sha224GetHash(Sha224* sha224, byte* hash)
return hashGetHash(sha224, hash, SHAMD5_ALGO_SHA224, SHA224_DIGEST_SIZE); return hashGetHash(sha224, hash, SHAMD5_ALGO_SHA224, SHA224_DIGEST_SIZE);
} }
WOLFSSL_API int wc_Sha224Copy(Sha224* src, Sha224* dst)
{
return hashCopy((wolfssl_TI_Hash *)src, (wolfssl_TI_Hash *)dst);
}
WOLFSSL_API int wc_Sha224Hash(const byte* data, word32 len, byte* hash) WOLFSSL_API int wc_Sha224Hash(const byte* data, word32 len, byte* hash)
{ {
return hashHash(data, len, hash, SHAMD5_ALGO_SHA224, SHA224_DIGEST_SIZE); return hashHash(data, len, hash, SHAMD5_ALGO_SHA224, SHA224_DIGEST_SIZE);
@@ -326,6 +340,11 @@ WOLFSSL_API int wc_Sha256GetHash(Sha256* sha256, byte* hash)
return hashGetHash(sha256, hash, SHAMD5_ALGO_SHA256, SHA256_DIGEST_SIZE); return hashGetHash(sha256, hash, SHAMD5_ALGO_SHA256, SHA256_DIGEST_SIZE);
} }
WOLFSSL_API int wc_Sha256Copy(Sha256* src, Sha256* dst)
{
return hashCopy((wolfssl_TI_Hash *)src, (wolfssl_TI_Hash *)dst);
}
WOLFSSL_API int wc_Sha256Hash(const byte* data, word32 len, byte* hash) WOLFSSL_API int wc_Sha256Hash(const byte* data, word32 len, byte* hash)
{ {
return hashHash(data, len, hash, SHAMD5_ALGO_SHA256, SHA256_DIGEST_SIZE); return hashHash(data, len, hash, SHAMD5_ALGO_SHA256, SHA256_DIGEST_SIZE);