diff --git a/linuxkm/lkcapi_glue.c b/linuxkm/lkcapi_glue.c index 3c9d58c4f..b9711560d 100644 --- a/linuxkm/lkcapi_glue.c +++ b/linuxkm/lkcapi_glue.c @@ -909,7 +909,6 @@ static int km_AesXtsEncrypt(struct skcipher_request *req) } else { int tail = req->cryptlen % AES_BLOCK_SIZE; struct skcipher_request subreq; - byte tweak_block[AES_BLOCK_SIZE]; if (tail > 0) { int blocks = DIV_ROUND_UP(req->cryptlen, AES_BLOCK_SIZE) - 2; @@ -931,8 +930,7 @@ static int km_AesXtsEncrypt(struct skcipher_request *req) tail = 0; } - err = wc_AesXtsEncryptStart(ctx->aesXts, walk.iv, walk.ivsize, - tweak_block); + err = wc_AesXtsEncryptStart(ctx->aesXts, walk.iv, walk.ivsize); if (unlikely(err)) { pr_err("%s: wc_AesXtsEncryptStart failed: %d\n", @@ -946,7 +944,7 @@ static int km_AesXtsEncrypt(struct skcipher_request *req) err = wc_AesXtsEncryptUpdate(ctx->aesXts, walk.dst.virt.addr, walk.src.virt.addr, nbytes, - tweak_block); + walk.iv); if (unlikely(err)) { pr_err("%s: wc_AesXtsEncryptUpdate failed: %d\n", @@ -980,7 +978,7 @@ static int km_AesXtsEncrypt(struct skcipher_request *req) err = wc_AesXtsEncryptUpdate(ctx->aesXts, walk.dst.virt.addr, walk.src.virt.addr, walk.nbytes, - tweak_block); + walk.iv); if (unlikely(err)) { pr_err("%s: wc_AesXtsEncryptUpdate failed: %d\n", @@ -1034,7 +1032,6 @@ static int km_AesXtsDecrypt(struct skcipher_request *req) } else { int tail = req->cryptlen % AES_BLOCK_SIZE; struct skcipher_request subreq; - byte tweak_block[AES_BLOCK_SIZE]; if (unlikely(tail > 0)) { int blocks = DIV_ROUND_UP(req->cryptlen, AES_BLOCK_SIZE) - 2; @@ -1056,8 +1053,7 @@ static int km_AesXtsDecrypt(struct skcipher_request *req) tail = 0; } - err = wc_AesXtsDecryptStart(ctx->aesXts, walk.iv, walk.ivsize, - tweak_block); + err = wc_AesXtsDecryptStart(ctx->aesXts, walk.iv, walk.ivsize); if (unlikely(err)) { pr_err("%s: wc_AesXtsDecryptStart failed: %d\n", @@ -1071,7 +1067,7 @@ static int km_AesXtsDecrypt(struct skcipher_request *req) err = wc_AesXtsDecryptUpdate(ctx->aesXts, walk.dst.virt.addr, walk.src.virt.addr, nbytes, - tweak_block); + walk.iv); if (unlikely(err)) { pr_err("%s: wc_AesXtsDecryptUpdate failed: %d\n", @@ -1105,7 +1101,7 @@ static int km_AesXtsDecrypt(struct skcipher_request *req) err = wc_AesXtsDecryptUpdate(ctx->aesXts, walk.dst.virt.addr, walk.src.virt.addr, walk.nbytes, - tweak_block); + walk.iv); if (unlikely(err)) { pr_err("%s: wc_AesXtsDecryptUpdate failed: %d\n", diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c index 3c912ce25..cce13b1a8 100644 --- a/wolfcrypt/src/aes.c +++ b/wolfcrypt/src/aes.c @@ -12530,25 +12530,25 @@ void AES_XTS_encrypt_aesni(const unsigned char *in, unsigned char *out, word32 s const unsigned char* key2, int nr) XASM_LINK("AES_XTS_encrypt_aesni"); #ifdef WOLFSSL_AESXTS_STREAM -void AES_XTS_encrypt_start_aesni(const unsigned char* i, const unsigned char* tweak_key, - unsigned char *tweak_block, int tweak_nr) +void AES_XTS_encrypt_start_aesni(unsigned char* i, const unsigned char* tweak_key, + int tweak_nr) XASM_LINK("AES_XTS_encrypt_start_aesni"); void AES_XTS_encrypt_update_aesni(const unsigned char *in, unsigned char *out, word32 sz, - const unsigned char* key, unsigned char *tweak_block, int nr) + const unsigned char* key, unsigned char *i, int nr) XASM_LINK("AES_XTS_encrypt_update_aesni"); #endif #ifdef HAVE_INTEL_AVX1 void AES_XTS_encrypt_avx1(const unsigned char *in, unsigned char *out, - word32 sz, const unsigned char* i, - const unsigned char* key, const unsigned char* key2, - int nr) - XASM_LINK("AES_XTS_encrypt_avx1"); + word32 sz, const unsigned char* i, + const unsigned char* key, const unsigned char* key2, + int nr) + XASM_LINK("AES_XTS_encrypt_avx1"); #ifdef WOLFSSL_AESXTS_STREAM -void AES_XTS_encrypt_start_avx1(const unsigned char* i, const unsigned char* tweak_key, - unsigned char *tweak_block, int tweak_nr) +void AES_XTS_encrypt_start_avx1(unsigned char* i, const unsigned char* tweak_key, + int tweak_nr) XASM_LINK("AES_XTS_encrypt_start_avx1"); void AES_XTS_encrypt_update_avx1(const unsigned char *in, unsigned char *out, word32 sz, - const unsigned char* key, unsigned char *tweak_block, int nr) + const unsigned char* key, unsigned char *i, int nr) XASM_LINK("AES_XTS_encrypt_update_avx1"); #endif #endif /* HAVE_INTEL_AVX1 */ @@ -12559,25 +12559,25 @@ void AES_XTS_decrypt_aesni(const unsigned char *in, unsigned char *out, word32 s const unsigned char* key2, int nr) XASM_LINK("AES_XTS_decrypt_aesni"); #ifdef WOLFSSL_AESXTS_STREAM -void AES_XTS_decrypt_start_aesni(const unsigned char* i, const unsigned char* tweak_key, - unsigned char *tweak_block, int tweak_nr) +void AES_XTS_decrypt_start_aesni(unsigned char* i, const unsigned char* tweak_key, + int tweak_nr) XASM_LINK("AES_XTS_decrypt_start_aesni"); void AES_XTS_decrypt_update_aesni(const unsigned char *in, unsigned char *out, word32 sz, - const unsigned char* key, unsigned char *tweak_block, int nr) + const unsigned char* key, unsigned char *i, int nr) XASM_LINK("AES_XTS_decrypt_update_aesni"); #endif #ifdef HAVE_INTEL_AVX1 void AES_XTS_decrypt_avx1(const unsigned char *in, unsigned char *out, - word32 sz, const unsigned char* i, - const unsigned char* key, const unsigned char* key2, - int nr) - XASM_LINK("AES_XTS_decrypt_avx1"); + word32 sz, const unsigned char* i, + const unsigned char* key, const unsigned char* key2, + int nr) + XASM_LINK("AES_XTS_decrypt_avx1"); #ifdef WOLFSSL_AESXTS_STREAM -void AES_XTS_decrypt_start_avx1(const unsigned char* i, const unsigned char* tweak_key, - unsigned char *tweak_block, int tweak_nr) +void AES_XTS_decrypt_start_avx1(unsigned char* i, const unsigned char* tweak_key, + int tweak_nr) XASM_LINK("AES_XTS_decrypt_start_avx1"); void AES_XTS_decrypt_update_avx1(const unsigned char *in, unsigned char *out, word32 sz, - const unsigned char* key, unsigned char *tweak_block, int nr) + const unsigned char* key, unsigned char *i, int nr) XASM_LINK("AES_XTS_decrypt_update_avx1"); #endif #endif /* HAVE_INTEL_AVX1 */ @@ -12725,18 +12725,21 @@ static int AesXtsEncrypt_sw(XtsAes* xaes, byte* out, const byte* in, word32 sz, #ifdef WOLFSSL_AESXTS_STREAM -/* streaming AES-XTS. (XTS) XEX encryption with Tweak and cipher text Stealing. +/* Block-streaming AES-XTS tweak setup. * * xaes AES keys to use for block encrypt/decrypt - * i value to use for tweak + * i readwrite value to use for tweak * * returns 0 on success */ -static int AesXtsEncryptStart_sw(XtsAes* xaes, const byte* i, byte *tweak_block) { - return wc_AesEncryptDirect(&xaes->tweak, tweak_block, i); +static int AesXtsEncryptStart_sw(XtsAes* xaes, byte* i) { + return wc_AesEncryptDirect(&xaes->tweak, i, i); } -/* streaming AES-XTS. (XTS) XEX encryption with Tweak and cipher text Stealing. +/* Block-streaming AES-XTS. + * + * Supply block-aligned input data with successive calls. Final call need not + * be block aligned. * * xaes AES keys to use for block encrypt/decrypt * out output buffer to hold cipher text @@ -12746,22 +12749,22 @@ static int AesXtsEncryptStart_sw(XtsAes* xaes, const byte* i, byte *tweak_block) * returns 0 on success */ /* Software AES - XTS Encrypt */ -static int AesXtsEncryptUpdate_sw(XtsAes* xaes, byte* out, const byte* in, word32 sz, - byte *tweak_block) +static int AesXtsEncryptUpdate_sw(XtsAes* xaes, byte* out, const byte* in, + word32 sz, + byte *i) { int ret = 0; word32 blocks = (sz / AES_BLOCK_SIZE); Aes *aes = &xaes->aes; -#if 0 -#ifdef HAVE_AES_ECB +#if 0 && defined(HAVE_AES_ECB) /* encrypt all of buffer at once when possible */ - if (in != out) { /* can not handle inline */ - XMEMCPY(out, tweak_block, AES_BLOCK_SIZE); + if ((in != out) && ((sz & (AES_BLOCK_SIZE - 1)) == 0)) { /* can not handle inline */ + XMEMCPY(out, i, AES_BLOCK_SIZE); if ((ret = _AesXtsHelper(aes, out, in, sz, AES_ENCRYPTION)) != 0) return ret; + XMEMCPY(i, out + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE); } -#endif #endif while (blocks > 0) { @@ -12769,29 +12772,29 @@ static int AesXtsEncryptUpdate_sw(XtsAes* xaes, byte* out, const byte* in, word3 byte carry = 0; #if 0 && defined(HAVE_AES_ECB) - if (in == out) + if ((in == out) || ((sz & (AES_BLOCK_SIZE - 1)) != 0)) #endif { /* check for if inline */ byte buf[AES_BLOCK_SIZE]; XMEMCPY(buf, in, AES_BLOCK_SIZE); - xorbuf(buf, tweak_block, AES_BLOCK_SIZE); + xorbuf(buf, i, AES_BLOCK_SIZE); ret = wc_AesEncryptDirect(aes, out, buf); if (ret != 0) return ret; } - xorbuf(out, tweak_block, AES_BLOCK_SIZE); + xorbuf(out, i, AES_BLOCK_SIZE); /* multiply by shift left and propagate carry */ for (j = 0; j < AES_BLOCK_SIZE; j++) { byte tmpC; - tmpC = (tweak_block[j] >> 7) & 0x01; - tweak_block[j] = (byte)((tweak_block[j] << 1) + carry); + tmpC = (i[j] >> 7) & 0x01; + i[j] = (byte)((i[j] << 1) + carry); carry = tmpC; } if (carry) { - tweak_block[0] ^= GF_XTS; + i[0] ^= GF_XTS; } in += AES_BLOCK_SIZE; @@ -12820,10 +12823,10 @@ static int AesXtsEncryptUpdate_sw(XtsAes* xaes, byte* out, const byte* in, word3 XMEMCPY(out, buf2, sz); } - xorbuf(buf, tweak_block, AES_BLOCK_SIZE); + xorbuf(buf, i, AES_BLOCK_SIZE); ret = wc_AesEncryptDirect(aes, out - AES_BLOCK_SIZE, buf); if (ret == 0) - xorbuf(out - AES_BLOCK_SIZE, tweak_block, AES_BLOCK_SIZE); + xorbuf(out - AES_BLOCK_SIZE, i, AES_BLOCK_SIZE); } return ret; @@ -12913,14 +12916,13 @@ int wc_AesXtsEncrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz, #ifdef WOLFSSL_AESXTS_STREAM -int wc_AesXtsEncryptStart(XtsAes* xaes, const byte* i, word32 iSz, - byte *tweak_block) +int wc_AesXtsEncryptStart(XtsAes* xaes, byte* i, word32 iSz) { int ret; Aes *aes; - if ((xaes == NULL) || (tweak_block == NULL)) { + if ((xaes == NULL) || (i == NULL)) { return BAD_FUNC_ARG; } @@ -12947,7 +12949,6 @@ int wc_AesXtsEncryptStart(XtsAes* xaes, const byte* i, word32 iSz, if (IS_INTEL_AVX1(intel_flags)) { AES_XTS_encrypt_start_avx1(i, (const byte*)xaes->tweak.key, - tweak_block, (int)xaes->tweak.rounds); ret = 0; } @@ -12956,7 +12957,6 @@ int wc_AesXtsEncryptStart(XtsAes* xaes, const byte* i, word32 iSz, { AES_XTS_encrypt_start_aesni(i, (const byte*)xaes->tweak.key, - tweak_block, (int)xaes->tweak.rounds); ret = 0; } @@ -12965,7 +12965,7 @@ int wc_AesXtsEncryptStart(XtsAes* xaes, const byte* i, word32 iSz, else #endif /* 0 && defined(WOLFSSL_AESNI) */ { - ret = AesXtsEncryptStart_sw(xaes, i, tweak_block); + ret = AesXtsEncryptStart_sw(xaes, i); } } @@ -12985,7 +12985,7 @@ int wc_AesXtsEncryptStart(XtsAes* xaes, const byte* i, word32 iSz, * returns 0 on success */ int wc_AesXtsEncryptUpdate(XtsAes* xaes, byte* out, const byte* in, word32 sz, - byte *tweak_block) + byte *i) { int ret; @@ -12993,7 +12993,7 @@ int wc_AesXtsEncryptUpdate(XtsAes* xaes, byte* out, const byte* in, word32 sz, Aes *aes; #endif - if (xaes == NULL || out == NULL || in == NULL || tweak_block == NULL) { + if (xaes == NULL || out == NULL || in == NULL || i == NULL) { return BAD_FUNC_ARG; } @@ -13014,7 +13014,7 @@ int wc_AesXtsEncryptUpdate(XtsAes* xaes, byte* out, const byte* in, word32 sz, if (IS_INTEL_AVX1(intel_flags)) { AES_XTS_encrypt_update_avx1(in, out, sz, (const byte*)aes->key, - tweak_block, + i, (int)aes->rounds); ret = 0; } @@ -13023,7 +13023,7 @@ int wc_AesXtsEncryptUpdate(XtsAes* xaes, byte* out, const byte* in, word32 sz, { AES_XTS_encrypt_update_aesni(in, out, sz, (const byte*)aes->key, - tweak_block, + i, (int)aes->rounds); ret = 0; } @@ -13032,7 +13032,7 @@ int wc_AesXtsEncryptUpdate(XtsAes* xaes, byte* out, const byte* in, word32 sz, else #endif /* 0 && defined(WOLFSSL_AESNI) */ { - ret = AesXtsEncryptUpdate_sw(xaes, out, in, sz, tweak_block); + ret = AesXtsEncryptUpdate_sw(xaes, out, in, sz, i); } } @@ -13171,13 +13171,17 @@ static int AesXtsDecrypt_sw(XtsAes* xaes, byte* out, const byte* in, word32 sz, #ifdef WOLFSSL_AESXTS_STREAM -static int AesXtsDecryptStart_sw(XtsAes* xaes, const byte* i, - byte *tweak_block) +static int AesXtsDecryptStart_sw(XtsAes* xaes, byte* i) { - return wc_AesEncryptDirect(&xaes->tweak, tweak_block, i); + return wc_AesEncryptDirect(&xaes->tweak, i, i); } -/* Same process as encryption but use aes_decrypt key. +/* Block-streaming AES-XTS. + * + * Same process as encryption but use decrypt key. + * + * Supply block-aligned input data with successive calls. Final call need not + * be block aligned. * * xaes AES keys to use for block encrypt/decrypt * out output buffer to hold plain text @@ -13189,7 +13193,7 @@ static int AesXtsDecryptStart_sw(XtsAes* xaes, const byte* i, */ /* Software AES - XTS Decrypt */ static int AesXtsDecryptUpdate_sw(XtsAes* xaes, byte* out, const byte* in, - word32 sz, byte *tweak_block) + word32 sz, byte *i) { int ret = 0; word32 blocks = (sz / AES_BLOCK_SIZE); @@ -13208,42 +13212,41 @@ static int AesXtsDecryptUpdate_sw(XtsAes* xaes, byte* out, const byte* in, blocks--; } -#if 0 -#ifdef HAVE_AES_ECB +#if 0 && defined(HAVE_AES_ECB) /* decrypt all of buffer at once when possible */ - if (in != out) { /* can not handle inline */ - XMEMCPY(out, tweak_block, AES_BLOCK_SIZE); + if ((in != out) && ((sz & (AES_BLOCK_SIZE - 1)) == 0)) { /* can not handle inline */ + XMEMCPY(out, i, AES_BLOCK_SIZE); if ((ret = _AesXtsHelper(aes, out, in, sz, AES_DECRYPTION)) != 0) return ret; + XMEMCPY(i, out + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE); } #endif -#endif /* 0 */ while (blocks > 0) { #if 0 && defined(HAVE_AES_ECB) - if (in == out) + if ((in == out) || ((sz & (AES_BLOCK_SIZE - 1)) != 0)) #endif { /* check for if inline */ byte buf[AES_BLOCK_SIZE]; XMEMCPY(buf, in, AES_BLOCK_SIZE); - xorbuf(buf, tweak_block, AES_BLOCK_SIZE); + xorbuf(buf, i, AES_BLOCK_SIZE); ret = wc_AesDecryptDirect(aes, out, buf); if (ret != 0) return ret; } - xorbuf(out, tweak_block, AES_BLOCK_SIZE); + xorbuf(out, i, AES_BLOCK_SIZE); /* multiply by shift left and propagate carry */ for (j = 0; j < AES_BLOCK_SIZE; j++) { byte tmpC; - tmpC = (tweak_block[j] >> 7) & 0x01; - tweak_block[j] = (byte)((tweak_block[j] << 1) + carry); + tmpC = (i[j] >> 7) & 0x01; + i[j] = (byte)((i[j] << 1) + carry); carry = tmpC; } if (carry) { - tweak_block[0] ^= GF_XTS; + i[0] ^= GF_XTS; } carry = 0; @@ -13262,8 +13265,8 @@ static int AesXtsDecryptUpdate_sw(XtsAes* xaes, byte* out, const byte* in, for (j = 0; j < AES_BLOCK_SIZE; j++) { byte tmpC; - tmpC = (tweak_block[j] >> 7) & 0x01; - tmp2[j] = (byte)((tweak_block[j] << 1) + carry); + tmpC = (i[j] >> 7) & 0x01; + tmp2[j] = (byte)((i[j] << 1) + carry); carry = tmpC; } if (carry) { @@ -13291,11 +13294,11 @@ static int AesXtsDecryptUpdate_sw(XtsAes* xaes, byte* out, const byte* in, XMEMCPY(buf, in, sz); XMEMCPY(out, tmp2, sz); - xorbuf(buf, tweak_block, AES_BLOCK_SIZE); + xorbuf(buf, i, AES_BLOCK_SIZE); ret = wc_AesDecryptDirect(aes, tmp2, buf); if (ret != 0) return ret; - xorbuf(tmp2, tweak_block, AES_BLOCK_SIZE); + xorbuf(tmp2, i, AES_BLOCK_SIZE); XMEMCPY(out - AES_BLOCK_SIZE, tmp2, AES_BLOCK_SIZE); } @@ -13392,17 +13395,14 @@ int wc_AesXtsDecrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz, /* Same process as encryption but Aes key is AES_DECRYPTION type. * * xaes AES keys to use for block encrypt/decrypt - * out output buffer to hold plain text - * in input cipher text buffer to decrypt - * sz size of both out and in buffers - * i value to use for tweak + * i readwrite value to use for tweak * iSz size of i buffer, should always be AES_BLOCK_SIZE but having this input * adds a sanity check on how the user calls the function. + * tweak_block buffer of size AES_BLOCK_SIZE to use for tweak state * * returns 0 on success */ -int wc_AesXtsDecryptStart(XtsAes* xaes, const byte* i, word32 iSz, - byte *tweak_block) +int wc_AesXtsDecryptStart(XtsAes* xaes, byte* i, word32 iSz) { int ret; Aes *aes; @@ -13434,7 +13434,6 @@ int wc_AesXtsDecryptStart(XtsAes* xaes, const byte* i, word32 iSz, if (IS_INTEL_AVX1(intel_flags)) { AES_XTS_decrypt_start_avx1(i, (const byte*)xaes->tweak.key, - tweak_block, (int)xaes->tweak.rounds); ret = 0; } @@ -13443,7 +13442,6 @@ int wc_AesXtsDecryptStart(XtsAes* xaes, const byte* i, word32 iSz, { AES_XTS_decrypt_start_aesni(i, (const byte*)xaes->tweak.key, - tweak_block, (int)xaes->tweak.rounds); ret = 0; } @@ -13452,7 +13450,7 @@ int wc_AesXtsDecryptStart(XtsAes* xaes, const byte* i, word32 iSz, else #endif /* 0 && defined(WOLFSSL_AESNI) */ { - ret = AesXtsDecryptStart_sw(xaes, i, tweak_block); + ret = AesXtsDecryptStart_sw(xaes, i); } } @@ -13466,14 +13464,12 @@ int wc_AesXtsDecryptStart(XtsAes* xaes, const byte* i, word32 iSz, * out output buffer to hold plain text * in input cipher text buffer to decrypt * sz size of both out and in buffers - * i value to use for tweak - * iSz size of i buffer, should always be AES_BLOCK_SIZE but having this input - * adds a sanity check on how the user calls the function. + * i tweak buffer of size AES_BLOCK_SIZE. * * returns 0 on success */ int wc_AesXtsDecryptUpdate(XtsAes* xaes, byte* out, const byte* in, word32 sz, - byte *tweak_block) + byte *i) { int ret; #if 0 && defined(WOLFSSL_AESNI) @@ -13505,7 +13501,7 @@ int wc_AesXtsDecryptUpdate(XtsAes* xaes, byte* out, const byte* in, word32 sz, if (IS_INTEL_AVX1(intel_flags)) { AES_XTS_decrypt_update_avx1(in, out, sz, (const byte*)aes->key, - tweak_block, + i, (int)aes->rounds); ret = 0; } @@ -13514,7 +13510,7 @@ int wc_AesXtsDecryptUpdate(XtsAes* xaes, byte* out, const byte* in, word32 sz, { AES_XTS_decrypt_update_aesni(in, out, sz, (const byte*)aes->key, - tweak_block, + i, (int)aes->rounds); ret = 0; } @@ -13523,7 +13519,7 @@ int wc_AesXtsDecryptUpdate(XtsAes* xaes, byte* out, const byte* in, word32 sz, else #endif /* 0 && defined(WOLFSSL_AESNI) */ { - ret = AesXtsDecryptUpdate_sw(xaes, out, in, sz, tweak_block); + ret = AesXtsDecryptUpdate_sw(xaes, out, in, sz, i); } } diff --git a/wolfssl/wolfcrypt/aes.h b/wolfssl/wolfcrypt/aes.h index a7efaa581..df0636dfe 100644 --- a/wolfssl/wolfcrypt/aes.h +++ b/wolfssl/wolfcrypt/aes.h @@ -671,17 +671,15 @@ WOLFSSL_API int wc_AesXtsDecryptConsecutiveSectors(XtsAes* aes, #ifdef WOLFSSL_AESXTS_STREAM -WOLFSSL_API int wc_AesXtsEncryptStart(XtsAes* aes, const byte* i, word32 iSz, - byte *tweak_block); +WOLFSSL_API int wc_AesXtsEncryptStart(XtsAes* aes, byte* i, word32 iSz); -WOLFSSL_API int wc_AesXtsDecryptStart(XtsAes* aes, const byte* i, word32 iSz, - byte *tweak_block); +WOLFSSL_API int wc_AesXtsDecryptStart(XtsAes* aes, byte* i, word32 iSz); WOLFSSL_API int wc_AesXtsEncryptUpdate(XtsAes* aes, byte* out, - const byte* in, word32 sz, byte *tweak_block); + const byte* in, word32 sz, byte *i); WOLFSSL_API int wc_AesXtsDecryptUpdate(XtsAes* aes, byte* out, - const byte* in, word32 sz, byte *tweak_block); + const byte* in, word32 sz, byte *i); #endif /* WOLFSSL_AESXTS_STREAM */