wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 19:54:40 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix for AES_XTS

Browse Source
This commit is contained in:
Eric Blankenhorn
2020-01-29 21:07:57 -06:00
parent e421d9f52c
commit 64dcf5740a
4 changed files with 29 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
src/ssl.c
View File

@@ -17768,15 +17768,18 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
ctx->flags |= WOLFSSL_EVP_CIPH_XTS_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_XTS_MODE;
ctx->keyLen = 32; ctx->keyLen = 32;
ctx->block_size = 1; ctx->block_size = 1;
ctx->ivSz = 16;
if (iv)
XMEMCPY(ctx->iv, iv, ctx->ivSz);
else
XMEMSET(ctx->iv, 0, AES_BLOCK_SIZE);
if (enc == 0 || enc == 1) if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0; ctx->enc = enc ? 1 : 0;
if (iv) {
ctx->cipher.tweak = iv;
ctx->cipher.tweakSz = 16;
}
if (key) { if (key) {
ret = wc_AesXtsSetKey(&ctx->cipher.xts, key, ctx->keyLen, ret = wc_AesXtsSetKey(&ctx->cipher.xts, key, ctx->keyLen,
AES_ENCRYPTION, NULL, 0); ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, NULL, 0);
if (ret != 0) { if (ret != 0) {
WOLFSSL_MSG("wc_AesXtsSetKey() failed"); WOLFSSL_MSG("wc_AesXtsSetKey() failed");
return ret; return ret;
@@ -17793,15 +17796,18 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
ctx->flags |= WOLFSSL_EVP_CIPH_XTS_MODE; ctx->flags |= WOLFSSL_EVP_CIPH_XTS_MODE;
ctx->keyLen = 64; ctx->keyLen = 64;
ctx->block_size = 1; ctx->block_size = 1;
ctx->ivSz = 16;
if (iv)
XMEMCPY(ctx->iv, iv, ctx->ivSz);
else
XMEMSET(ctx->iv, 0, AES_BLOCK_SIZE);
if (enc == 0 || enc == 1) if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0; ctx->enc = enc ? 1 : 0;
if (iv) {
ctx->cipher.tweak = iv;
ctx->cipher.tweakSz = 16;
}
if (key) { if (key) {
ret = wc_AesXtsSetKey(&ctx->cipher.xts, key, ctx->keyLen, ret = wc_AesXtsSetKey(&ctx->cipher.xts, key, ctx->keyLen,
AES_ENCRYPTION, NULL, 0); ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, NULL, 0);
if (ret != 0) { if (ret != 0) {
WOLFSSL_MSG("wc_AesXtsSetKey() failed"); WOLFSSL_MSG("wc_AesXtsSetKey() failed");
return ret; return ret;
@@ -18093,10 +18099,10 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
WOLFSSL_MSG("AES XTS"); WOLFSSL_MSG("AES XTS");
if (ctx->enc) if (ctx->enc)
ret = wc_AesXtsEncrypt(&ctx->cipher.xts, dst, src, len, ret = wc_AesXtsEncrypt(&ctx->cipher.xts, dst, src, len,
ctx->cipher.tweak, ctx->cipher.tweakSz); ctx->iv, ctx->ivSz);
else else
ret = wc_AesXtsDecrypt(&ctx->cipher.xts, dst, src, len, ret = wc_AesXtsDecrypt(&ctx->cipher.xts, dst, src, len,
ctx->cipher.tweak, ctx->cipher.tweakSz); ctx->iv, ctx->ivSz);
break; break;
#endif /* WOLFSSL_AES_XTS */ #endif /* WOLFSSL_AES_XTS */

4
wolfcrypt/src/evp.c
View File

@@ -390,10 +390,10 @@ static int evpCipherBlock(WOLFSSL_EVP_CIPHER_CTX *ctx,
case AES_256_XTS_TYPE: case AES_256_XTS_TYPE:
if (ctx->enc) if (ctx->enc)
ret = wc_AesXtsEncrypt(&ctx->cipher.xts, out, in, inl, ret = wc_AesXtsEncrypt(&ctx->cipher.xts, out, in, inl,
ctx->cipher.tweak, ctx->cipher.tweakSz); ctx->iv, ctx->ivSz);
else else
ret = wc_AesXtsDecrypt(&ctx->cipher.xts, out, in, inl, ret = wc_AesXtsDecrypt(&ctx->cipher.xts, out, in, inl,
ctx->cipher.tweak, ctx->cipher.tweakSz); ctx->iv, ctx->ivSz);
break; break;
#endif #endif
#endif /* !NO_AES */ #endif /* !NO_AES */

16
wolfcrypt/test/test.c
View File

@@ -6763,13 +6763,7 @@ static int aes_xts_128_test(void)
0xff, 0x8d, 0xbc, 0x1d, 0x9f, 0x7f, 0xc8, 0x22 0xff, 0x8d, 0xbc, 0x1d, 0x9f, 0x7f, 0xc8, 0x22
}; };
XMEMSET(buf, 0, sizeof(buf)); #ifdef OPENSSL_EXTRA
if (wc_AesXtsSetKey(&aes, k2, sizeof(k2), AES_ENCRYPTION,
HEAP_HINT, devId) != 0)
return -4900;
#if 0 /* Enable after passes */
//#ifdef OPENSSL_EXTRA
ret = EVP_test(EVP_aes_128_xts(), k2, i2, p2, sizeof(p2), c2, sizeof(c2)); ret = EVP_test(EVP_aes_128_xts(), k2, i2, p2, sizeof(p2), c2, sizeof(c2));
if (ret != 0) { if (ret != 0) {
printf("EVP_aes_128_xts failed!\n"); printf("EVP_aes_128_xts failed!\n");
@@ -6777,6 +6771,11 @@ static int aes_xts_128_test(void)
} }
#endif #endif
XMEMSET(buf, 0, sizeof(buf));
if (wc_AesXtsSetKey(&aes, k2, sizeof(k2), AES_ENCRYPTION,
HEAP_HINT, devId) != 0)
return -4900;
ret = wc_AesXtsEncrypt(&aes, buf, p2, sizeof(p2), i2, sizeof(i2)); ret = wc_AesXtsEncrypt(&aes, buf, p2, sizeof(p2), i2, sizeof(i2));
#if defined(WOLFSSL_ASYNC_CRYPT) #if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &aes.aes.asyncDev, WC_ASYNC_FLAG_NONE); ret = wc_AsyncWait(ret, &aes.aes.asyncDev, WC_ASYNC_FLAG_NONE);
@@ -6945,8 +6944,7 @@ static int aes_xts_256_test(void)
0xc3, 0xea, 0xd8, 0x10, 0xe9, 0xc0, 0xaf, 0x92 0xc3, 0xea, 0xd8, 0x10, 0xe9, 0xc0, 0xaf, 0x92
}; };
#if 0 /* Enable after passes */ #ifdef OPENSSL_EXTRA
//#ifdef OPENSSL_EXTRA
ret = EVP_test(EVP_aes_256_xts(), k2, i2, p2, sizeof(p2), c2, sizeof(c2)); ret = EVP_test(EVP_aes_256_xts(), k2, i2, p2, sizeof(p2), c2, sizeof(c2));
if (ret != 0) { if (ret != 0) {
printf("EVP_aes_256_xts failed\n"); printf("EVP_aes_256_xts failed\n");

5
wolfssl/openssl/evp.h
View File

@@ -178,8 +178,6 @@ typedef union {
Aes aes; Aes aes;
#ifdef WOLFSSL_AES_XTS #ifdef WOLFSSL_AES_XTS
XtsAes xts; XtsAes xts;
const byte* tweak;
word32 tweakSz;
#endif #endif
#endif #endif
#ifndef NO_DES3 #ifndef NO_DES3
@@ -321,7 +319,8 @@ struct WOLFSSL_EVP_CIPHER_CTX {
int bufUsed; int bufUsed;
ALIGN16 byte lastBlock[WOLFSSL_EVP_BUF_SIZE]; ALIGN16 byte lastBlock[WOLFSSL_EVP_BUF_SIZE];
int lastUsed; int lastUsed;
#if !defined(NO_AES) || !defined(NO_DES3) || defined(HAVE_IDEA) #if !defined(NO_AES) || !defined(NO_DES3) || defined(HAVE_IDEA) || \
defined(HAVE_AESGCM) || defined (WOLFSSL_AES_XTS)
#define HAVE_WOLFSSL_EVP_CIPHER_CTX_IV #define HAVE_WOLFSSL_EVP_CIPHER_CTX_IV
int ivSz; int ivSz;
ALIGN16 unsigned char authTag[AES_BLOCK_SIZE]; ALIGN16 unsigned char authTag[AES_BLOCK_SIZE];