lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-01-06 11:41:12 +03:00
Code Activity

Return an error if asking for decrypt under BLOCK_CIPHER_NO_DECRYPT

Browse Source 
If MBEDTLS_BLOCK_CIPHER_NO_DECRYPT is enabled, but decryption is
still requested in some incompatible modes, we return an error of
FEATURE_UNAVAILABLE as additional indication.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
This commit is contained in:
Yanray Wang
2023-11-02 11:54:39 +08:00
parent 956aa00202
commit 0d76b6ef76
6 changed files with 37 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
library/aesce.c
View File

@@ -244,16 +244,15 @@ int mbedtls_aesce_crypt_ecb(mbedtls_aes_context *ctx,
uint8x16_t block = vld1q_u8(&input[0]);
unsigned char *keys = (unsigned char *) (ctx->buf + ctx->rk_offset);
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
if (mode == MBEDTLS_AES_ENCRYPT) {
block = aesce_encrypt_block(block, keys, ctx->nr);
} else {
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
block = aesce_decrypt_block(block, keys, ctx->nr);
}
#else
(void) mode;
block = aesce_encrypt_block(block, keys, ctx->nr);
#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */
return MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE;
#endif
}
vst1q_u8(&output[0], block);
return 0;