wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 19:24:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fixes for TI AES and SHA.

Browse Source
This commit is contained in:
David Garske
2023-11-29 17:31:39 -08:00
parent df954568be
commit b002c330c0
2 changed files with 68 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
wolfcrypt/src/port/ti/ti-aes.c
View File

@@ -67,17 +67,29 @@ int wc_AesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv, int dir)
{ {
if (!wolfSSL_TI_CCMInit()) if (!wolfSSL_TI_CCMInit())
return 1; return 1;
if ((aes == NULL) || (key == NULL) || (iv == NULL)) if ((aes == NULL) || (key == NULL))
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
if (!((dir == AES_ENCRYPTION) || (dir == AES_DECRYPTION))) if (!((dir == AES_ENCRYPTION) || (dir == AES_DECRYPTION)))
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
switch (len) { switch (len) {
case 16: aes->keylen = AES_CFG_KEY_SIZE_128BIT; break; #ifdef WOLFSSL_AES_128
case 24: aes->keylen = AES_CFG_KEY_SIZE_192BIT; break; case 16:
case 32: aes->keylen = AES_CFG_KEY_SIZE_256BIT; break; break;
default: return BAD_FUNC_ARG; #endif
#ifdef WOLFSSL_AES_192
case 24:
break;
#endif
#ifdef WOLFSSL_AES_256
case 32:
break;
#endif
default:
return BAD_FUNC_ARG;
} }
aes->keylen = len;
aes->rounds = len / 4 + 6;
XMEMCPY(aes->key, key, len); XMEMCPY(aes->key, key, len);
#ifdef WOLFSSL_AES_COUNTER #ifdef WOLFSSL_AES_COUNTER
@@ -92,10 +104,10 @@ static int AesAlign16(Aes* aes, byte* out, const byte* in, word32 sz,
/* Processed aligned chunk to HW AES */ /* Processed aligned chunk to HW AES */
wolfSSL_TI_lockCCM(); wolfSSL_TI_lockCCM();
ROM_AESReset(AES_BASE); ROM_AESReset(AES_BASE);
ROM_AESConfigSet(AES_BASE, (aes->keylen | dir | ROM_AESConfigSet(AES_BASE, (aes->keylen-8 | dir |
(mode == AES_CFG_MODE_CTR_NOCTR ? AES_CFG_MODE_CTR : mode))); (mode == AES_CFG_MODE_CTR_NOCTR ? AES_CFG_MODE_CTR : mode)));
ROM_AESIVSet(AES_BASE, (uint32_t *)aes->reg); ROM_AESIVSet(AES_BASE, (uint32_t *)aes->reg);
ROM_AESKey1Set(AES_BASE, (uint32_t *)aes->key, aes->keylen); ROM_AESKey1Set(AES_BASE, (uint32_t *)aes->key, aes->keylen-8);
if ((dir == AES_CFG_DIR_DECRYPT)&& (mode == AES_CFG_MODE_CBC)) { if ((dir == AES_CFG_DIR_DECRYPT)&& (mode == AES_CFG_MODE_CBC)) {
/* if input and output same will overwrite input iv */ /* if input and output same will overwrite input iv */
XMEMCPY(aes->tmp, in + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE); XMEMCPY(aes->tmp, in + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
@@ -104,7 +116,7 @@ static int AesAlign16(Aes* aes, byte* out, const byte* in, word32 sz,
wolfSSL_TI_unlockCCM(); wolfSSL_TI_unlockCCM();
/* store iv for next call */ /* store iv for next call */
if (mode == AES_CFG_MODE_CBC){ if (mode == AES_CFG_MODE_CBC) {
if (dir == AES_CFG_DIR_ENCRYPT) if (dir == AES_CFG_DIR_ENCRYPT)
XMEMCPY(aes->reg, out + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE); XMEMCPY(aes->reg, out + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
else else
@@ -139,19 +151,19 @@ static int AesProcess(Aes* aes, byte* out, const byte* in, word32 sz,
while (sz > 0) { while (sz > 0) {
size = sz; in_p = in; out_p = out; size = sz; in_p = in; out_p = out;
if (!IS_ALIGN16(in)){ if (!IS_ALIGN16(in)) {
size = sz > TI_BUFFSIZE ? TI_BUFFSIZE : sz; size = sz > TI_BUFFSIZE ? TI_BUFFSIZE : sz;
XMEMCPY(buff, in, size); XMEMCPY(buff, in, size);
in_p = (const byte *)buff; in_p = (const byte *)buff;
} }
if (!IS_ALIGN16(out)){ if (!IS_ALIGN16(out)) {
size = sz > TI_BUFFSIZE ? TI_BUFFSIZE : sz; size = sz > TI_BUFFSIZE ? TI_BUFFSIZE : sz;
out_p = buff; out_p = buff;
} }
AesAlign16(aes, out_p, in_p, size, dir, mode); AesAlign16(aes, out_p, in_p, size, dir, mode);
if (!IS_ALIGN16(out)){ if (!IS_ALIGN16(out)) {
XMEMCPY(out, buff, size); XMEMCPY(out, buff, size);
} }
sz -= size; in += size; out += size; sz -= size; in += size; out += size;
@@ -181,13 +193,13 @@ int wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
tmp = (char *)aes->tmp; tmp = (char *)aes->tmp;
if (aes->left) { if (aes->left) {
if ((aes->left + sz) >= AES_BLOCK_SIZE){ if ((aes->left + sz) >= AES_BLOCK_SIZE) {
odd = AES_BLOCK_SIZE - aes->left; odd = AES_BLOCK_SIZE - aes->left;
} else { } else {
odd = sz; odd = sz;
} }
XMEMCPY(tmp+aes->left, in, odd); XMEMCPY(tmp+aes->left, in, odd);
if ((odd+aes->left) == AES_BLOCK_SIZE){ if ((odd+aes->left) == AES_BLOCK_SIZE) {
ret = AesProcess(aes, (byte *)out_block, (byte const *)tmp, AES_BLOCK_SIZE, ret = AesProcess(aes, (byte *)out_block, (byte const *)tmp, AES_BLOCK_SIZE,
AES_CFG_DIR_ENCRYPT, AES_CFG_MODE_CTR); AES_CFG_DIR_ENCRYPT, AES_CFG_MODE_CTR);
if (ret != 0) if (ret != 0)
@@ -267,12 +279,12 @@ static int AesAuthArgCheck(Aes* aes, byte* out, const byte* in, word32 inSz,
const byte* authIn, word32 authInSz, word32 *M, word32 *L) const byte* authIn, word32 authInSz, word32 *M, word32 *L)
{ {
(void) authInSz; (void) authInSz;
if ((aes == NULL)||(nonce == NULL)||(authTag== NULL)||(authIn == NULL)) if ((aes == NULL) || (nonce == NULL) || (authTag== NULL) || (authIn == NULL))
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
if ((inSz != 0) && ((out == NULL)||(in == NULL))) if ((inSz != 0) && ((out == NULL) || (in == NULL)))
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
switch(authTagSz){ switch (authTagSz) {
case 4: case 4:
*M = AES_CFG_CCM_M_4; break; *M = AES_CFG_CCM_M_4; break;
case 6: case 6:
@@ -291,7 +303,7 @@ static int AesAuthArgCheck(Aes* aes, byte* out, const byte* in, word32 inSz,
return 1; return 1;
} }
switch(nonceSz){ switch (nonceSz) {
case 7: case 7:
*L = AES_CFG_CCM_L_8; break; *L = AES_CFG_CCM_L_8; break;
case 8: case 8:
@@ -317,7 +329,7 @@ static int AesAuthArgCheck(Aes* aes, byte* out, const byte* in, word32 inSz,
static void AesAuthSetIv(Aes *aes, const byte *nonce, word32 len, word32 L, static void AesAuthSetIv(Aes *aes, const byte *nonce, word32 len, word32 L,
int mode) int mode)
{ {
if (mode == AES_CFG_MODE_CCM){ if (mode == AES_CFG_MODE_CCM) {
XMEMSET(aes->reg, 0, 16); XMEMSET(aes->reg, 0, 16);
switch (L) { switch (L) {
case AES_CFG_CCM_L_8: case AES_CFG_CCM_L_8:
@@ -342,7 +354,8 @@ static void AesAuthSetIv(Aes *aes, const byte *nonce, word32 len, word32 L,
else { else {
byte *b = (byte *)aes->reg; byte *b = (byte *)aes->reg;
XMEMSET(aes->reg, 0, AES_BLOCK_SIZE); XMEMSET(aes->reg, 0, AES_BLOCK_SIZE);
XMEMCPY(aes->reg, nonce, len); if (nonce != NULL && len < AES_BLOCK_SIZE)
XMEMCPY(aes->reg, nonce, len);
b[AES_BLOCK_SIZE-4] = 0; b[AES_BLOCK_SIZE-4] = 0;
b[AES_BLOCK_SIZE-3] = 0; b[AES_BLOCK_SIZE-3] = 0;
b[AES_BLOCK_SIZE-2] = 0; b[AES_BLOCK_SIZE-2] = 0;
@@ -365,7 +378,7 @@ static int AesAuthEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
ret = AesAuthArgCheck(aes, out, in, inSz, nonce, nonceSz, authTag, ret = AesAuthArgCheck(aes, out, in, inSz, nonce, nonceSz, authTag,
authTagSz, authIn, authInSz, &M, &L); authTagSz, authIn, authInSz, &M, &L);
if (ret != 0) { if (ret == BAD_FUNC_ARG) {
return ret; return ret;
} }
@@ -415,11 +428,11 @@ static int AesAuthEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
/* do aes-ccm */ /* do aes-ccm */
AesAuthSetIv(aes, nonce, nonceSz, L, mode); AesAuthSetIv(aes, nonce, nonceSz, L, mode);
ROM_AESReset(AES_BASE); ROM_AESReset(AES_BASE);
ROM_AESConfigSet(AES_BASE, (aes->keylen | AES_CFG_DIR_ENCRYPT | ROM_AESConfigSet(AES_BASE, (aes->keylen-8 | AES_CFG_DIR_ENCRYPT |
AES_CFG_CTR_WIDTH_128 | AES_CFG_CTR_WIDTH_128 |
mode | ((mode== AES_CFG_MODE_CCM) ? (L | M) : 0 ))); mode | ((mode== AES_CFG_MODE_CCM) ? (L | M) : 0 )));
ROM_AESIVSet(AES_BASE, aes->reg); ROM_AESIVSet(AES_BASE, aes->reg);
ROM_AESKey1Set(AES_BASE, aes->key, aes->keylen); ROM_AESKey1Set(AES_BASE, aes->key, aes->keylen-8);
ret = ROM_AESDataProcessAuth(AES_BASE, (unsigned int*)in_a, (unsigned int *)out_a, inSz, ret = ROM_AESDataProcessAuth(AES_BASE, (unsigned int*)in_a, (unsigned int *)out_a, inSz,
(unsigned int*)authIn_a, authInSz, (unsigned int *)tmpTag); (unsigned int*)authIn_a, authInSz, (unsigned int *)tmpTag);
if (ret == false) { if (ret == false) {
@@ -451,10 +464,9 @@ static int AesAuthDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
byte *nonce_a, *nonce_save = NULL; byte *nonce_a, *nonce_save = NULL;
word32 tmpTag[4]; word32 tmpTag[4];
ret = AesAuthArgCheck(aes, out, in, inSz, nonce, nonceSz, authTag, ret = AesAuthArgCheck(aes, out, in, inSz, nonce, nonceSz, authTag,
authTagSz, authIn, authInSz, &M, &L); authTagSz, authIn, authInSz, &M, &L);
if (ret != 0) { if (ret == BAD_FUNC_ARG) {
return ret; return ret;
} }
@@ -503,14 +515,14 @@ static int AesAuthDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
/* do aes-ccm */ /* do aes-ccm */
AesAuthSetIv(aes, nonce, nonceSz, L, mode); AesAuthSetIv(aes, nonce, nonceSz, L, mode);
ROM_AESReset(AES_BASE); ROM_AESReset(AES_BASE);
ROM_AESConfigSet(AES_BASE, (aes->keylen | AES_CFG_DIR_DECRYPT | ROM_AESConfigSet(AES_BASE, (aes->keylen-8 | AES_CFG_DIR_DECRYPT |
AES_CFG_CTR_WIDTH_128 | AES_CFG_CTR_WIDTH_128 |
mode | ((mode== AES_CFG_MODE_CCM) ? (L | M) : 0 ))); mode | ((mode== AES_CFG_MODE_CCM) ? (L | M) : 0 )));
ROM_AESIVSet(AES_BASE, aes->reg); ROM_AESIVSet(AES_BASE, aes->reg);
ROM_AESKey1Set(AES_BASE, aes->key, aes->keylen); ROM_AESKey1Set(AES_BASE, aes->key, aes->keylen-8);
ret = ROM_AESDataProcessAuth(AES_BASE, (unsigned int*)in_a, (unsigned int *)out_a, inSz, ret = ROM_AESDataProcessAuth(AES_BASE, (unsigned int*)in_a, (unsigned int *)out_a, inSz,
(unsigned int*)authIn_a, authInSz, (unsigned int *)tmpTag); (unsigned int*)authIn_a, authInSz, (unsigned int *)tmpTag);
if ((ret == false) || (XMEMCMP(authTag, tmpTag, authTagSz) != 0)){ if ((ret == false) || (XMEMCMP(authTag, tmpTag, authTagSz) != 0)) {
XMEMSET(out, 0, inSz); XMEMSET(out, 0, inSz);
ret = false; ret = false;
} else { } else {

39
wolfcrypt/src/port/ti/ti-hash.c
View File

@@ -62,8 +62,10 @@
#define SHAMD5_ALGO_SHA224 4 #define SHAMD5_ALGO_SHA224 4
#endif #endif
static int hashInit(wolfssl_TI_Hash *hash) { static int hashInit(wolfssl_TI_Hash *hash)
if (!wolfSSL_TI_CCMInit())return 1; {
if (!wolfSSL_TI_CCMInit())
return 1;
hash->used = 0; hash->used = 0;
hash->msg = 0; hash->msg = 0;
hash->len = 0; hash->len = 0;
@@ -115,8 +117,13 @@ static int hashGetHash(wolfssl_TI_Hash *hash, byte* result, word32 algo, word32
return 0; return 0;
} }
static int hashCopy(wolfssl_TI_Hash *src, wolfssl_TI_Hash *dst) { static int hashCopy(wolfssl_TI_Hash *src, wolfssl_TI_Hash *dst)
XMEMCPY(dst, src, sizeof(wolfssl_TI_Hash)); {
/* only copy hash, zero the rest of the struct to avoid double-free */
dst->msg = NULL;
dst->used = 0;
dst->len = 0;
XMEMCPY(dst->hash, src->hash, sizeof(dst->hash));
return 0; return 0;
} }
@@ -194,11 +201,12 @@ WOLFSSL_API int wc_Md5GetHash(Md5* md5, byte* hash)
return hashGetHash((wolfssl_TI_Hash *)md5, hash, SHAMD5_ALGO_MD5, MD5_DIGEST_SIZE); return hashGetHash((wolfssl_TI_Hash *)md5, hash, SHAMD5_ALGO_MD5, MD5_DIGEST_SIZE);
} }
WOLFSSL_API int wc_Md5Copy(Md5* src, Md5* dst) { WOLFSSL_API int wc_Md5Copy(Md5* src, Md5* dst)
{
return hashCopy((wolfssl_TI_Hash *)src, (wolfssl_TI_Hash *)dst); return hashCopy((wolfssl_TI_Hash *)src, (wolfssl_TI_Hash *)dst);
} }
WOLFSSL_API int wc_Md5Hash(const byte*data, word32 len, byte*hash) WOLFSSL_API int wc_Md5Hash(const byte*data, word32 len, byte* hash)
{ {
return hashHash(data, len, hash, SHAMD5_ALGO_MD5, MD5_DIGEST_SIZE); return hashHash(data, len, hash, SHAMD5_ALGO_MD5, MD5_DIGEST_SIZE);
} }
@@ -239,11 +247,12 @@ WOLFSSL_API int wc_ShaGetHash(Sha* sha, byte* hash)
return hashGetHash(sha, hash, SHAMD5_ALGO_SHA1, SHA_DIGEST_SIZE); return hashGetHash(sha, hash, SHAMD5_ALGO_SHA1, SHA_DIGEST_SIZE);
} }
WOLFSSL_API int wc_ShaCopy(Sha* src, Sha* dst) { WOLFSSL_API int wc_ShaCopy(Sha* src, Sha* dst)
{
return hashCopy((wolfssl_TI_Hash *)src, (wolfssl_TI_Hash *)dst); return hashCopy((wolfssl_TI_Hash *)src, (wolfssl_TI_Hash *)dst);
} }
WOLFSSL_API int wc_ShaHash(const byte*data, word32 len, byte*hash) WOLFSSL_API int wc_ShaHash(const byte*data, word32 len, byte* hash)
{ {
return hashHash(data, len, hash, SHAMD5_ALGO_SHA1, SHA_DIGEST_SIZE); return hashHash(data, len, hash, SHAMD5_ALGO_SHA1, SHA_DIGEST_SIZE);
} }
@@ -284,7 +293,12 @@ WOLFSSL_API int wc_Sha224GetHash(Sha224* sha224, byte* hash)
return hashGetHash(sha224, hash, SHAMD5_ALGO_SHA224, SHA224_DIGEST_SIZE); return hashGetHash(sha224, hash, SHAMD5_ALGO_SHA224, SHA224_DIGEST_SIZE);
} }
WOLFSSL_API int wc_Sha224Hash(const byte* data, word32 len, byte*hash) WOLFSSL_API int wc_Sha224Copy(Sha224* src, Sha224* dst)
{
return hashCopy((wolfssl_TI_Hash *)src, (wolfssl_TI_Hash *)dst);
}
WOLFSSL_API int wc_Sha224Hash(const byte* data, word32 len, byte* hash)
{ {
return hashHash(data, len, hash, SHAMD5_ALGO_SHA224, SHA224_DIGEST_SIZE); return hashHash(data, len, hash, SHAMD5_ALGO_SHA224, SHA224_DIGEST_SIZE);
} }
@@ -326,7 +340,12 @@ WOLFSSL_API int wc_Sha256GetHash(Sha256* sha256, byte* hash)
return hashGetHash(sha256, hash, SHAMD5_ALGO_SHA256, SHA256_DIGEST_SIZE); return hashGetHash(sha256, hash, SHAMD5_ALGO_SHA256, SHA256_DIGEST_SIZE);
} }
WOLFSSL_API int wc_Sha256Hash(const byte* data, word32 len, byte*hash) WOLFSSL_API int wc_Sha256Copy(Sha256* src, Sha256* dst)
{
return hashCopy((wolfssl_TI_Hash *)src, (wolfssl_TI_Hash *)dst);
}
WOLFSSL_API int wc_Sha256Hash(const byte* data, word32 len, byte* hash)
{ {
return hashHash(data, len, hash, SHAMD5_ALGO_SHA256, SHA256_DIGEST_SIZE); return hashHash(data, len, hash, SHAMD5_ALGO_SHA256, SHA256_DIGEST_SIZE);
} }