forked from wolfSSL/wolfssl
use of device key with AES-GCM and add way to avoid malloc for tag
This commit is contained in:
JacobBarthelmeh
@ -135,7 +135,9 @@ int wc_AesGcmSetKey_ex(Aes* aes, const byte* key, word32 len, word32 kup)
|
|||||||
aes->xKeySize =
|
aes->xKeySize =
|
||||||
len == AES_128_KEY_SIZE ? XSECURE_AES_KEY_SIZE_128 :
|
len == AES_128_KEY_SIZE ? XSECURE_AES_KEY_SIZE_128 :
|
||||||
XSECURE_AES_KEY_SIZE_256;
|
XSECURE_AES_KEY_SIZE_256;
|
||||||
XMEMCPY(aes->keyInit, key, len);
|
if (key != NULL) {
|
||||||
|
XMEMCPY(aes->keyInit, key, len);
|
||||||
|
}
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -478,7 +480,12 @@ int wc_AesGcmSetKey_ex(Aes* aes, const byte* key, word32 len, word32 kup)
|
|||||||
{
|
{
|
||||||
XCsuDma_Config* con;
|
XCsuDma_Config* con;
|
||||||
|
|
||||||
if (aes == NULL || key == NULL) {
|
if (aes == NULL) {
|
||||||
|
return BAD_FUNC_ARG;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (kup == XSECURE_CSU_AES_KEY_SRC_KUP && key == NULL) {
|
||||||
|
WOLFSSL_MSG("Expecting key buffer passed in if using KUP");
|
||||||
return BAD_FUNC_ARG;
|
return BAD_FUNC_ARG;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -501,7 +508,9 @@ int wc_AesGcmSetKey_ex(Aes* aes, const byte* key, word32 len, word32 kup)
|
|||||||
|
|
||||||
aes->keylen = len;
|
aes->keylen = len;
|
||||||
aes->kup = kup;
|
aes->kup = kup;
|
||||||
XMEMCPY((byte*)(aes->keyInit), key, len);
|
if (key != NULL) {
|
||||||
|
XMEMCPY((byte*)(aes->keyInit), key, len);
|
||||||
|
}
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -538,18 +547,26 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out,
|
|||||||
return BAD_FUNC_ARG;
|
return BAD_FUNC_ARG;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#ifndef NO_WOLFSSL_XILINX_TAG_MALLOC
|
||||||
tmp = (byte*)XMALLOC(sz + AES_GCM_AUTH_SZ, aes->heap,
|
tmp = (byte*)XMALLOC(sz + AES_GCM_AUTH_SZ, aes->heap,
|
||||||
DYNAMIC_TYPE_TMP_BUFFER);
|
DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
if (tmp == NULL) {
|
if (tmp == NULL) {
|
||||||
return MEMORY_E;
|
return MEMORY_E;
|
||||||
}
|
}
|
||||||
|
#else
|
||||||
|
/* if NO_WOLFSSL_XILINX_TAG_MALLOC is defined than it is assumed that
|
||||||
|
* out buffer is large enough to hold both the cipher out and tag */
|
||||||
|
tmp = out;
|
||||||
|
#endif
|
||||||
|
|
||||||
XSecure_AesInitialize(&(aes->xilAes), &(aes->dma), aes->kup, (word32*)iv,
|
XSecure_AesInitialize(&(aes->xilAes), &(aes->dma), aes->kup, (word32*)iv,
|
||||||
aes->keyInit);
|
aes->keyInit);
|
||||||
XSecure_AesEncryptData(&(aes->xilAes), tmp, in, sz);
|
XSecure_AesEncryptData(&(aes->xilAes), tmp, in, sz);
|
||||||
XMEMCPY(out, tmp, sz);
|
|
||||||
XMEMCPY(authTag, tmp + sz, authTagSz);
|
XMEMCPY(authTag, tmp + sz, authTagSz);
|
||||||
|
#ifndef NO_WOLFSSL_XILINX_TAG_MALLOC
|
||||||
|
XMEMCPY(out, tmp, sz);
|
||||||
XFREE(tmp, aes->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
XFREE(tmp, aes->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
/* handle completing tag with any additional data */
|
/* handle completing tag with any additional data */
|
||||||
|
|||||||
@ -85,10 +85,14 @@ WOLFSSL_LOCAL void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
|
|||||||
#ifdef WOLFSSL_XILINX_CRYPT_VERSAL
|
#ifdef WOLFSSL_XILINX_CRYPT_VERSAL
|
||||||
#include <wolfssl/wolfcrypt/port/xilinx/xil-versal-glue.h>
|
#include <wolfssl/wolfcrypt/port/xilinx/xil-versal-glue.h>
|
||||||
#include <xsecure_aesclient.h>
|
#include <xsecure_aesclient.h>
|
||||||
#define WOLFSSL_XILINX_AES_KEY_SRC XSECURE_AES_USER_KEY_0
|
#if !defined(WOLFSSL_XILINX_AES_KEY_SRC)
|
||||||
|
#define WOLFSSL_XILINX_AES_KEY_SRC XSECURE_AES_USER_KEY_0
|
||||||
|
#endif
|
||||||
#else /* versal */
|
#else /* versal */
|
||||||
#include <xsecure_aes.h>
|
#include <xsecure_aes.h>
|
||||||
#define WOLFSSL_XILINX_AES_KEY_SRC XSECURE_CSU_AES_KEY_SRC_KUP
|
#if !defined(WOLFSSL_XILINX_AES_KEY_SRC)
|
||||||
|
#define WOLFSSL_XILINX_AES_KEY_SRC XSECURE_CSU_AES_KEY_SRC_KUP
|
||||||
|
#endif
|
||||||
#endif /* !versal */
|
#endif /* !versal */
|
||||||
#endif /* WOLFSSL_XILINX_CRYPT */
|
#endif /* WOLFSSL_XILINX_CRYPT */
|
||||||
|
|
||||||
|
|||||||
@ -1844,7 +1844,10 @@ extern void uITRON4_free(void *p) ;
|
|||||||
#if !defined(WOLFSSL_XILINX_CRYPT_VERSAL)
|
#if !defined(WOLFSSL_XILINX_CRYPT_VERSAL)
|
||||||
#define NO_DEV_RANDOM
|
#define NO_DEV_RANDOM
|
||||||
#endif
|
#endif
|
||||||
|
#undef NO_WOLFSSL_DIR
|
||||||
#define NO_WOLFSSL_DIR
|
#define NO_WOLFSSL_DIR
|
||||||
|
|
||||||
|
#undef HAVE_AESGCM
|
||||||
#define HAVE_AESGCM
|
#define HAVE_AESGCM
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user