feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #4083 from dgarske/stm32_aes_gcm

Browse Source 
Fix for STM32 AES GCM for HAL's that support byte sized headers
This commit is contained in:
Chris Conlon
2021-06-17 13:08:15 -06:00
committed by GitHub
parent a1517dbfe4 c802ea7ebd
commit bd6a353921
4 changed files with 38 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
IDE/STM32Cube/default_conf.ftl
View File

@ -484,7 +484,13 @@ extern ${variable.value} ${variable.name};
/* RNG */
/* ------------------------------------------------------------------------- */
#define NO_OLD_RNGNAME /* conflicts with STM RNG macro */
#define HAVE_HASHDRBG
#if !defined(WOLF_CONF_RNG) || WOLF_CONF_RNG == 1
/* default is enabled */
#define HAVE_HASHDRBG
#else /* WOLF_CONF_RNG == 0 */
#define WC_NO_HASHDRBG
#define WC_NO_RNG
#endif
/* ------------------------------------------------------------------------- */

10
IDE/STM32Cube/wolfSSL_conf.h
View File

@ -525,11 +525,19 @@
/* Allows custom "custom_time()" function to be used for benchmark */
#define WOLFSSL_USER_CURRTIME
/* ------------------------------------------------------------------------- */
/* RNG */
/* ------------------------------------------------------------------------- */
#define NO_OLD_RNGNAME /* conflicts with STM RNG macro */
#define HAVE_HASHDRBG
#if !defined(WOLF_CONF_RNG) || WOLF_CONF_RNG == 1
/* default is enabled */
#define HAVE_HASHDRBG
#else /* WOLF_CONF_RNG == 0 */
#define WC_NO_HASHDRBG
#define WC_NO_RNG
#endif
/* ------------------------------------------------------------------------- */
/* Disable Features */

8
wolfcrypt/src/aes.c
View File

@ -6991,7 +6991,7 @@ static int wc_AesGcmEncrypt_STM32(Aes* aes, byte* out, const byte* in, word32 sz
/* or harware that does not support partial block */
|| sz == 0 || partial != 0
#endif
#ifndef STM32_AESGCM_PARTIAL
#if !defined(CRYP_HEADERWIDTHUNIT_BYTE) && !defined(STM32_AESGCM_PARTIAL)
/* or authIn is not a multiple of 4 */
|| authPadSz != authInSz
#endif
@ -7014,7 +7014,7 @@ static int wc_AesGcmEncrypt_STM32(Aes* aes, byte* out, const byte* in, word32 sz
hcryp.Init.Algorithm = CRYP_AES_GCM;
#ifdef CRYP_HEADERWIDTHUNIT_BYTE
/* V2 with CRYP_HEADERWIDTHUNIT_BYTE uses byte size for header */
hcryp.Init.HeaderSize = authPadSz;
hcryp.Init.HeaderSize = authInSz;
#else
hcryp.Init.HeaderSize = authPadSz/sizeof(word32);
#endif
@ -7481,7 +7481,7 @@ static int wc_AesGcmDecrypt_STM32(Aes* aes, byte* out,
/* or harware that does not support partial block */
|| sz == 0 || partial != 0
#endif
#ifndef STM32_AESGCM_PARTIAL
#if !defined(CRYP_HEADERWIDTHUNIT_BYTE) && !defined(STM32_AESGCM_PARTIAL)
/* or authIn is not a multiple of 4 */
|| authPadSz != authInSz
#endif
@ -7527,7 +7527,7 @@ static int wc_AesGcmDecrypt_STM32(Aes* aes, byte* out,
hcryp.Init.Algorithm = CRYP_AES_GCM;
#ifdef CRYP_HEADERWIDTHUNIT_BYTE
/* V2 with CRYP_HEADERWIDTHUNIT_BYTE uses byte size for header */
hcryp.Init.HeaderSize = authPadSz;
hcryp.Init.HeaderSize = authInSz;
#else
hcryp.Init.HeaderSize = authPadSz/sizeof(word32);
#endif

30
wolfcrypt/test/test.c
View File

@ -20136,51 +20136,56 @@ WOLFSSL_TEST_SUBROUTINE int pwdbased_test(void)
#endif /* NO_PWDBASED */
#if defined(HAVE_HKDF) && (!defined(NO_SHA) || !defined(NO_SHA256))
#if defined(HAVE_HKDF) && !defined(NO_HMAC)
/* WOLFSSL_TEST_SUBROUTINE */ static int hkdf_test(void)
{
int ret;
int ret = 0;
#if !defined(NO_SHA) || !defined(NO_SHA256)
int L = 42;
byte okm1[42];
byte ikm1[22] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b };
#ifndef HAVE_FIPS
byte salt1[13] ={ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c };
byte info1[10] ={ 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
0xf8, 0xf9 };
#endif
#ifndef NO_SHA
byte res1[42] = { 0x0a, 0xc1, 0xaf, 0x70, 0x02, 0xb3, 0xd7, 0x61,
0xd1, 0xe5, 0x52, 0x98, 0xda, 0x9d, 0x05, 0x06,
0xb9, 0xae, 0x52, 0x05, 0x72, 0x20, 0xa3, 0x06,
0xe0, 0x7b, 0x6b, 0x87, 0xe8, 0xdf, 0x21, 0xd0,
0xea, 0x00, 0x03, 0x3d, 0xe0, 0x39, 0x84, 0xd3,
0x49, 0x18 };
#ifndef HAVE_FIPS
byte res2[42] = { 0x08, 0x5a, 0x01, 0xea, 0x1b, 0x10, 0xf3, 0x69,
0x33, 0x06, 0x8b, 0x56, 0xef, 0xa5, 0xad, 0x81,
0xa4, 0xf1, 0x4b, 0x82, 0x2f, 0x5b, 0x09, 0x15,
0x68, 0xa9, 0xcd, 0xd4, 0xf1, 0x55, 0xfd, 0xa2,
0xc2, 0x2e, 0x42, 0x24, 0x78, 0xd3, 0x05, 0xf3,
0xf8, 0x96 };
#endif
#endif /* !NO_SHA */
#ifndef NO_SHA256
byte res3[42] = { 0x8d, 0xa4, 0xe7, 0x75, 0xa5, 0x63, 0xc1, 0x8f,
0x71, 0x5f, 0x80, 0x2a, 0x06, 0x3c, 0x5a, 0x31,
0xb8, 0xa1, 0x1f, 0x5c, 0x5e, 0xe1, 0x87, 0x9e,
0xc3, 0x45, 0x4e, 0x5f, 0x3c, 0x73, 0x8d, 0x2d,
0x9d, 0x20, 0x13, 0x95, 0xfa, 0xa4, 0xb6, 0x1a,
0x96, 0xc8 };
#ifndef HAVE_FIPS
byte res4[42] = { 0x3c, 0xb2, 0x5f, 0x25, 0xfa, 0xac, 0xd5, 0x7a,
0x90, 0x43, 0x4f, 0x64, 0xd0, 0x36, 0x2f, 0x2a,
0x2d, 0x2d, 0x0a, 0x90, 0xcf, 0x1a, 0x5a, 0x4c,
0x5d, 0xb0, 0x2d, 0x56, 0xec, 0xc4, 0xc5, 0xbf,
0x34, 0x00, 0x72, 0x08, 0xd5, 0xb8, 0x87, 0x18,
0x58, 0x65 };
(void)res1;
(void)res2;
(void)res3;
(void)res4;
(void)salt1;
(void)info1;
#endif
#endif /* !NO_SHA256 */
#ifndef NO_SHA
ret = wc_HKDF(WC_SHA, ikm1, 22, NULL, 0, NULL, 0, okm1, L);
@ -20199,7 +20204,7 @@ WOLFSSL_TEST_SUBROUTINE int pwdbased_test(void)
if (XMEMCMP(okm1, res2, L) != 0)
return -9703;
#endif /* HAVE_FIPS */
#endif /* NO_SHA */
#endif /* !NO_SHA */
#ifndef NO_SHA256
ret = wc_HKDF(WC_SHA256, ikm1, 22, NULL, 0, NULL, 0, okm1, L);
@ -20218,9 +20223,10 @@ WOLFSSL_TEST_SUBROUTINE int pwdbased_test(void)
if (XMEMCMP(okm1, res4, L) != 0)
return -9707;
#endif /* HAVE_FIPS */
#endif /* NO_SHA256 */
#endif /* !NO_SHA256 */
#endif /* !NO_SHA || !NO_SHA256 */
return 0;
return ret;
}
#endif /* HAVE_HKDF */