diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c index 341b1c053..516884670 100644 --- a/wolfcrypt/src/aes.c +++ b/wolfcrypt/src/aes.c @@ -392,7 +392,7 @@ return ret; #ifdef STM32_CRYPTO_AES_ONLY - hcryp.Init.OperatingMode = CRYP_ALGOMODE_DECRYPT; + hcryp.Init.OperatingMode = CRYP_ALGOMODE_KEYDERIVATION_DECRYPT; hcryp.Init.ChainingMode = CRYP_CHAINMODE_AES_ECB; hcryp.Init.KeyWriteFlag = CRYP_KEY_WRITE_ENABLE; #elif defined(STM32_HAL_V2) @@ -5927,11 +5927,15 @@ static int wc_AesGcmEncrypt_STM32(Aes* aes, byte* out, const byte* in, word32 sz word32 keyCopy[AES_256_KEY_SIZE/sizeof(word32)]; #endif word32 keySize; +#ifdef WOLFSSL_STM32_CUBEMX int status = HAL_OK; word32 blocks = sz / AES_BLOCK_SIZE; + word32 partialBlock[AES_BLOCK_SIZE/sizeof(word32)]; +#else + int status = SUCCESS; +#endif word32 partial = sz % AES_BLOCK_SIZE; word32 tag[AES_BLOCK_SIZE/sizeof(word32)]; - word32 partialBlock[AES_BLOCK_SIZE/sizeof(word32)]; word32 ctr[AES_BLOCK_SIZE/sizeof(word32)]; byte* authInPadded = NULL; int authPadSz; @@ -5983,10 +5987,10 @@ static int wc_AesGcmEncrypt_STM32(Aes* aes, byte* out, const byte* in, word32 sz #ifdef WOLFSSL_STM32_CUBEMX hcryp.Init.pInitVect = (STM_CRYPT_TYPE*)ctr; hcryp.Init.Header = (STM_CRYPT_TYPE*)authInPadded; - hcryp.Init.HeaderSize = authPadSz/sizeof(word32); #ifdef STM32_CRYPTO_AES_ONLY /* Set the CRYP parameters */ + hcryp.Init.HeaderSize = authPadSz; hcryp.Init.ChainingMode = CRYP_CHAINMODE_AES_GCM_GMAC; hcryp.Init.OperatingMode = CRYP_ALGOMODE_ENCRYPT; hcryp.Init.GCMCMACPhase = CRYP_INIT_PHASE; @@ -6007,21 +6011,22 @@ static int wc_AesGcmEncrypt_STM32(Aes* aes, byte* out, const byte* in, word32 sz (blocks * AES_BLOCK_SIZE), out, STM32_HAL_TIMEOUT); } } - if (status == HAL_OK && (partial != 0 || blocks == 0)) { + if (status == HAL_OK && (partial != 0 || (sz > 0 && blocks == 0))) { /* GCM payload phase - partial remainder */ XMEMSET(partialBlock, 0, sizeof(partialBlock)); XMEMCPY(partialBlock, in + (blocks * AES_BLOCK_SIZE), partial); - status = HAL_CRYPEx_AES_Auth(&hcryp, partialBlock, partial, - partialBlock, STM32_HAL_TIMEOUT); + status = HAL_CRYPEx_AES_Auth(&hcryp, (uint8_t*)partialBlock, partial, + (uint8_t*)partialBlock, STM32_HAL_TIMEOUT); XMEMCPY(out + (blocks * AES_BLOCK_SIZE), partialBlock, partial); } if (status == HAL_OK) { /* GCM final phase */ hcryp.Init.GCMCMACPhase = CRYP_FINAL_PHASE; - status = HAL_CRYPEx_AES_Auth(&hcryp, NULL, sz, tag, STM32_HAL_TIMEOUT); + status = HAL_CRYPEx_AES_Auth(&hcryp, NULL, sz, (uint8_t*)tag, STM32_HAL_TIMEOUT); } #elif defined(STM32_HAL_V2) hcryp.Init.Algorithm = CRYP_AES_GCM; + hcryp.Init.HeaderSize = authPadSz/sizeof(word32); ByteReverseWords(partialBlock, ctr, AES_BLOCK_SIZE); hcryp.Init.pInitVect = (STM_CRYPT_TYPE*)partialBlock; HAL_CRYP_Init(&hcryp); @@ -6035,6 +6040,7 @@ static int wc_AesGcmEncrypt_STM32(Aes* aes, byte* out, const byte* in, word32 sz STM32_HAL_TIMEOUT); } #else + hcryp.Init.HeaderSize = authPadSz; HAL_CRYP_Init(&hcryp); if (blocks) { /* GCM payload phase - blocks */ @@ -6045,13 +6051,13 @@ static int wc_AesGcmEncrypt_STM32(Aes* aes, byte* out, const byte* in, word32 sz /* GCM payload phase - partial remainder */ XMEMSET(partialBlock, 0, sizeof(partialBlock)); XMEMCPY(partialBlock, in + (blocks * AES_BLOCK_SIZE), partial); - status = HAL_CRYPEx_AESGCM_Encrypt(&hcryp, partialBlock, partial, - partialBlock, STM32_HAL_TIMEOUT); + status = HAL_CRYPEx_AESGCM_Encrypt(&hcryp, (uint8_t*)partialBlock, partial, + (uint8_t*)partialBlock, STM32_HAL_TIMEOUT); XMEMCPY(out + (blocks * AES_BLOCK_SIZE), partialBlock, partial); } if (status == HAL_OK) { /* Compute the authTag */ - status = HAL_CRYPEx_AESGCM_Finish(&hcryp, sz, tag, STM32_HAL_TIMEOUT); + status = HAL_CRYPEx_AESGCM_Finish(&hcryp, sz, (uint8_t*)tag, STM32_HAL_TIMEOUT); } #endif @@ -6065,7 +6071,7 @@ static int wc_AesGcmEncrypt_STM32(Aes* aes, byte* out, const byte* in, word32 sz (uint8_t*)keyCopy, keySize * 8, (uint8_t*)in, sz, (uint8_t*)authInPadded, authInSz, - (uint8_t*)out, tag); + (uint8_t*)out, (uint8_t*)tag); if (status != SUCCESS) ret = AES_GCM_AUTH_E; #endif /* WOLFSSL_STM32_CUBEMX */ @@ -6360,13 +6366,14 @@ static int wc_AesGcmDecrypt_STM32(Aes* aes, byte* out, { int ret; #ifdef WOLFSSL_STM32_CUBEMX + int status = HAL_OK; CRYP_HandleTypeDef hcryp; + word32 blocks = sz / AES_BLOCK_SIZE; #else + int status = SUCCESS; word32 keyCopy[AES_256_KEY_SIZE/sizeof(word32)]; #endif word32 keySize; - int status = HAL_OK; - word32 blocks = sz / AES_BLOCK_SIZE; word32 partial = sz % AES_BLOCK_SIZE; word32 tag[AES_BLOCK_SIZE/sizeof(word32)]; word32 partialBlock[AES_BLOCK_SIZE/sizeof(word32)]; @@ -6421,10 +6428,10 @@ static int wc_AesGcmDecrypt_STM32(Aes* aes, byte* out, #ifdef WOLFSSL_STM32_CUBEMX hcryp.Init.pInitVect = (STM_CRYPT_TYPE*)ctr; hcryp.Init.Header = (STM_CRYPT_TYPE*)authInPadded; - hcryp.Init.HeaderSize = authPadSz/sizeof(word32); #ifdef STM32_CRYPTO_AES_ONLY /* Set the CRYP parameters */ + hcryp.Init.HeaderSize = authPadSz; hcryp.Init.ChainingMode = CRYP_CHAINMODE_AES_GCM_GMAC; hcryp.Init.OperatingMode = CRYP_ALGOMODE_DECRYPT; hcryp.Init.GCMCMACPhase = CRYP_INIT_PHASE; @@ -6445,7 +6452,7 @@ static int wc_AesGcmDecrypt_STM32(Aes* aes, byte* out, (blocks * AES_BLOCK_SIZE), out, STM32_HAL_TIMEOUT); } } - if (status == HAL_OK && (partial != 0 || blocks == 0)) { + if (status == HAL_OK && (partial != 0 || (sz > 0 && blocks == 0))) { /* GCM payload phase - partial remainder */ XMEMSET(partialBlock, 0, sizeof(partialBlock)); XMEMCPY(partialBlock, in + (blocks * AES_BLOCK_SIZE), partial); @@ -6459,6 +6466,7 @@ static int wc_AesGcmDecrypt_STM32(Aes* aes, byte* out, status = HAL_CRYPEx_AES_Auth(&hcryp, NULL, sz, (byte*)tag, STM32_HAL_TIMEOUT); } #elif defined(STM32_HAL_V2) + hcryp.Init.HeaderSize = authPadSz/sizeof(word32); hcryp.Init.Algorithm = CRYP_AES_GCM; ByteReverseWords(partialBlock, ctr, AES_BLOCK_SIZE); hcryp.Init.pInitVect = (STM_CRYPT_TYPE*)partialBlock; @@ -6473,6 +6481,7 @@ static int wc_AesGcmDecrypt_STM32(Aes* aes, byte* out, STM32_HAL_TIMEOUT); } #else + hcryp.Init.HeaderSize = authPadSz; HAL_CRYP_Init(&hcryp); if (blocks) { /* GCM payload phase - blocks */ @@ -6508,7 +6517,7 @@ static int wc_AesGcmDecrypt_STM32(Aes* aes, byte* out, (uint8_t*)keyCopy, keySize * 8, (uint8_t*)in, sz, (uint8_t*)authInPadded, authInSz, - (uint8_t*)out, tag); + (uint8_t*)out, (uint8_t*)tag); if (status != SUCCESS) ret = AES_GCM_AUTH_E; #endif /* WOLFSSL_STM32_CUBEMX */ diff --git a/wolfcrypt/src/des3.c b/wolfcrypt/src/des3.c index b4b0187cd..9daa195eb 100644 --- a/wolfcrypt/src/des3.c +++ b/wolfcrypt/src/des3.c @@ -345,7 +345,7 @@ return 0; } - static void Des3Crypt(Des3* des, byte* out, const byte* in, word32 sz, + static int Des3Crypt(Des3* des, byte* out, const byte* in, word32 sz, int dir) { if (des == NULL || out == NULL || in == NULL) @@ -460,18 +460,17 @@ CRYP_Cmd(DISABLE); } #endif /* WOLFSSL_STM32_CUBEMX */ + return 0; } int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz) { - Des3Crypt(des, out, in, sz, DES_ENCRYPTION); - return 0; + return Des3Crypt(des, out, in, sz, DES_ENCRYPTION); } int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz) { - Des3Crypt(des, out, in, sz, DES_DECRYPTION); - return 0; + return Des3Crypt(des, out, in, sz, DES_DECRYPTION); } #elif defined(HAVE_COLDFIRE_SEC) diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 99dd77809..598733980 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -987,7 +987,7 @@ const ecc_set_type ecc_sets[] = { "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551", /* order */ "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296", /* Gx */ "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5", /* Gy */ - ecc_oid_secp256r1, /* oid/oidSz */ + ecc_oid_secp256r1, /* oid/oidSz */ ecc_oid_secp256r1_sz, ECC_SECP256R1_OID, /* oid sum */ 1, /* cofactor */