lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Merge remote-tracking branch 'origin/development' into sign-conversion-part1

Browse Source 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This commit is contained in:
Dave Rodgman
2023-11-24 11:27:18 +00:00
parent e467d62042 8cd4bc4ac2
commit a3b80386d9
35 changed files with 596 additions and 164 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
library/aes.c
View File

@ -54,6 +54,16 @@
#include "mbedtls/platform.h"
/*
* This is a convenience shorthand macro to check if we need reverse S-box and
* reverse tables. It's private and only defined in this file.
*/
#if (!defined(MBEDTLS_AES_DECRYPT_ALT) || \
(!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY))) && \
!defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
#define MBEDTLS_AES_NEED_REVERSE_TABLES
#endif
#if !defined(MBEDTLS_AES_ALT)
#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE)
@ -389,7 +399,9 @@ MBEDTLS_MAYBE_UNUSED static void aes_gen_tables(void)
* generate the forward and reverse S-boxes
*/
FSb[0x00] = 0x63;
#if defined(MBEDTLS_AES_NEED_REVERSE_TABLES)
RSb[0x63] = 0x00;
#endif
for (i = 1; i < 256; i++) {
x = pow[255 - log[i]];
@ -401,7 +413,9 @@ MBEDTLS_MAYBE_UNUSED static void aes_gen_tables(void)
x ^= y ^ 0x63;
FSb[i] = x;
#if defined(MBEDTLS_AES_NEED_REVERSE_TABLES)
RSb[x] = (unsigned char) i;
#endif
}
/*
@ -423,10 +437,9 @@ MBEDTLS_MAYBE_UNUSED static void aes_gen_tables(void)
FT3[i] = ROTL8(FT2[i]);
#endif /* !MBEDTLS_AES_FEWER_TABLES */
#if defined(MBEDTLS_AES_NEED_REVERSE_TABLES)
x = RSb[i];
#if !defined(MBEDTLS_AES_DECRYPT_ALT) || \
(!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY))
RT0[i] = ((uint32_t) MUL(0x0E, x)) ^
((uint32_t) MUL(0x09, x) << 8) ^
((uint32_t) MUL(0x0D, x) << 16) ^
@ -437,8 +450,7 @@ MBEDTLS_MAYBE_UNUSED static void aes_gen_tables(void)
RT2[i] = ROTL8(RT1[i]);
RT3[i] = ROTL8(RT2[i]);
#endif /* !MBEDTLS_AES_FEWER_TABLES */
#endif \
/* !defined(MBEDTLS_AES_DECRYPT_ALT) || (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)) */
#endif /* MBEDTLS_AES_NEED_REVERSE_TABLES */
}
}
@ -670,7 +682,7 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
/*
* AES key schedule (decryption)
*/
#if !defined(MBEDTLS_AES_SETKEY_DEC_ALT)
#if !defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits)
{
@ -739,7 +751,7 @@ exit:
return ret;
}
#endif /* !MBEDTLS_AES_SETKEY_DEC_ALT */
#endif /* !MBEDTLS_AES_SETKEY_DEC_ALT && !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */
#if defined(MBEDTLS_CIPHER_MODE_XTS)
static int mbedtls_aes_xts_decode_keys(const unsigned char *key,
@ -928,7 +940,7 @@ int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx,
/*
* AES-ECB block decryption
*/
#if !defined(MBEDTLS_AES_DECRYPT_ALT)
#if !defined(MBEDTLS_AES_DECRYPT_ALT) && !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16])
@ -985,7 +997,7 @@ int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx,
return 0;
}
#endif /* !MBEDTLS_AES_DECRYPT_ALT */
#endif /* !MBEDTLS_AES_DECRYPT_ALT && !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */
/* VIA Padlock and our intrinsics-based implementation of AESNI require
* the round keys to be aligned on a 16-byte boundary. We take care of this
@ -1040,13 +1052,15 @@ int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
#endif
#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
if (mode == MBEDTLS_AES_ENCRYPT) {
return mbedtls_internal_aes_encrypt(ctx, input, output);
} else {
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
if (mode == MBEDTLS_AES_DECRYPT) {
return mbedtls_internal_aes_decrypt(ctx, input, output);
}
} else
#endif
{
return mbedtls_internal_aes_encrypt(ctx, input, output);
}
#endif /* !MBEDTLS_AES_USE_HARDWARE_ONLY */
}
#if defined(MBEDTLS_CIPHER_MODE_CBC)
@ -1472,6 +1486,7 @@ exit:
*
* http://csrc.nist.gov/archive/aes/rijndael/rijndael-vals.zip
*/
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
static const unsigned char aes_test_ecb_dec[][16] =
{
{ 0x44, 0x41, 0x6A, 0xC2, 0xD1, 0xF5, 0x3C, 0x58,
@ -1483,6 +1498,7 @@ static const unsigned char aes_test_ecb_dec[][16] =
0x1F, 0x6F, 0x56, 0x58, 0x5D, 0x8A, 0x4A, 0xDE }
#endif
};
#endif
static const unsigned char aes_test_ecb_enc[][16] =
{
@ -1864,7 +1880,7 @@ int mbedtls_aes_self_test(int verbose)
*/
{
static const int num_tests =
sizeof(aes_test_ecb_dec) / sizeof(*aes_test_ecb_dec);
sizeof(aes_test_ecb_enc) / sizeof(*aes_test_ecb_enc);
for (i = 0; i < num_tests << 1; i++) {
u = i >> 1;
@ -1875,13 +1891,24 @@ int mbedtls_aes_self_test(int verbose)
mbedtls_printf(" AES-ECB-%3u (%s): ", keybits,
(mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc");
}
#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
if (mode == MBEDTLS_AES_DECRYPT) {
if (verbose != 0) {
mbedtls_printf("skipped\n");
}
continue;
}
#endif
memset(buf, 0, 16);
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
if (mode == MBEDTLS_AES_DECRYPT) {
ret = mbedtls_aes_setkey_dec(&ctx, key, keybits);
aes_tests = aes_test_ecb_dec[u];
} else {
} else
#endif
{
ret = mbedtls_aes_setkey_enc(&ctx, key, keybits);
aes_tests = aes_test_ecb_enc[u];
}

15
library/aesce.c
View File

@ -187,6 +187,7 @@ rounds_10:
/* Two rounds of AESCE decryption */
#define AESCE_DECRYPT_ROUND_X2 AESCE_DECRYPT_ROUND; AESCE_DECRYPT_ROUND
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
static uint8x16_t aesce_decrypt_block(uint8x16_t block,
unsigned char *keys,
int rounds)
@ -218,6 +219,7 @@ rounds_10:
return block;
}
#endif
/*
* AES-ECB block en(de)cryption
@ -230,10 +232,15 @@ int mbedtls_aesce_crypt_ecb(mbedtls_aes_context *ctx,
uint8x16_t block = vld1q_u8(&input[0]);
unsigned char *keys = (unsigned char *) (ctx->buf + ctx->rk_offset);
if (mode == MBEDTLS_AES_ENCRYPT) {
block = aesce_encrypt_block(block, keys, ctx->nr);
} else {
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
if (mode == MBEDTLS_AES_DECRYPT) {
block = aesce_decrypt_block(block, keys, ctx->nr);
} else
#else
(void) mode;
#endif
{
block = aesce_encrypt_block(block, keys, ctx->nr);
}
vst1q_u8(&output[0], block);
@ -243,6 +250,7 @@ int mbedtls_aesce_crypt_ecb(mbedtls_aes_context *ctx,
/*
* Compute decryption round keys from encryption round keys
*/
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
void mbedtls_aesce_inverse_key(unsigned char *invkey,
const unsigned char *fwdkey,
int nr)
@ -257,6 +265,7 @@ void mbedtls_aesce_inverse_key(unsigned char *invkey,
vst1q_u8(invkey + i * 16, vld1q_u8(fwdkey + j * 16));
}
#endif
static inline uint32_t aes_rot_word(uint32_t word)
{

2
library/aesce.h
View File

@ -87,6 +87,7 @@ void mbedtls_aesce_gcm_mult(unsigned char c[16],
const unsigned char b[16]);
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
/**
* \brief Internal round key inversion. This function computes
* decryption round keys from the encryption round keys.
@ -98,6 +99,7 @@ void mbedtls_aesce_gcm_mult(unsigned char c[16],
void mbedtls_aesce_inverse_key(unsigned char *invkey,
const unsigned char *fwdkey,
int nr);
#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */
/**
* \brief Internal key expansion for encryption

15
library/aesni.c
View File

@ -94,14 +94,19 @@ int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx,
++rk;
--nr;
if (mode == 0) {
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
if (mode == MBEDTLS_AES_DECRYPT) {
while (nr != 0) {
state = _mm_aesdec_si128(state, *rk);
++rk;
--nr;
}
state = _mm_aesdeclast_si128(state, *rk);
} else {
} else
#else
(void) mode;
#endif
{
while (nr != 0) {
state = _mm_aesenc_si128(state, *rk);
++rk;
@ -218,6 +223,7 @@ void mbedtls_aesni_gcm_mult(unsigned char c[16],
/*
* Compute decryption round keys from encryption round keys
*/
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
void mbedtls_aesni_inverse_key(unsigned char *invkey,
const unsigned char *fwdkey, int nr)
{
@ -230,6 +236,7 @@ void mbedtls_aesni_inverse_key(unsigned char *invkey,
}
*ik = *fk;
}
#endif
/*
* Key expansion, 128-bit case
@ -465,6 +472,7 @@ int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx,
"jnz 1b \n\t"
"movdqu (%1), %%xmm1 \n\t" // load round key
AESENCLAST(xmm1_xmm0) // last round
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
"jmp 3f \n\t"
"2: \n\t" // decryption loop
@ -475,6 +483,7 @@ int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx,
"jnz 2b \n\t"
"movdqu (%1), %%xmm1 \n\t" // load round key
AESDECLAST(xmm1_xmm0) // last round
#endif
"3: \n\t"
"movdqu %%xmm0, (%4) \n\t" // export output
@ -601,6 +610,7 @@ void mbedtls_aesni_gcm_mult(unsigned char c[16],
/*
* Compute decryption round keys from encryption round keys
*/
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
void mbedtls_aesni_inverse_key(unsigned char *invkey,
const unsigned char *fwdkey, int nr)
{
@ -620,6 +630,7 @@ void mbedtls_aesni_inverse_key(unsigned char *invkey,
memcpy(ik, fk, 16);
}
#endif
/*
* Key expansion, 128-bit case

4
library/aesni.h
View File

@ -119,6 +119,7 @@ void mbedtls_aesni_gcm_mult(unsigned char c[16],
const unsigned char a[16],
const unsigned char b[16]);
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
/**
* \brief Internal round key inversion. This function computes
* decryption round keys from the encryption round keys.
@ -133,6 +134,7 @@ void mbedtls_aesni_gcm_mult(unsigned char c[16],
void mbedtls_aesni_inverse_key(unsigned char *invkey,
const unsigned char *fwdkey,
int nr);
#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */
/**
* \brief Internal key expansion for encryption
@ -155,6 +157,6 @@ int mbedtls_aesni_setkey_enc(unsigned char *rk,
#endif
#endif /* MBEDTLS_AESNI_HAVE_CODE */
#endif /* MBEDTLS_AESNI_C */
#endif /* MBEDTLS_AESNI_C && (MBEDTLS_ARCH_IS_X64 || MBEDTLS_ARCH_IS_X86) */
#endif /* MBEDTLS_AESNI_H */

8
library/aria.c
View File

@ -413,6 +413,7 @@ int mbedtls_aria_setkey_enc(mbedtls_aria_context *ctx,
/*
* Set decryption key
*/
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
int mbedtls_aria_setkey_dec(mbedtls_aria_context *ctx,
const unsigned char *key, unsigned int keybits)
{
@ -442,6 +443,7 @@ int mbedtls_aria_setkey_dec(mbedtls_aria_context *ctx,
return 0;
}
#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */
/*
* Encrypt a block
@ -872,12 +874,18 @@ int mbedtls_aria_self_test(int verbose)
/* test ECB decryption */
if (verbose) {
mbedtls_printf(" ARIA-ECB-%d (dec): ", 128 + 64 * i);
#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
mbedtls_printf("skipped\n");
#endif
}
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
mbedtls_aria_setkey_dec(&ctx, aria_test1_ecb_key, 128 + 64 * i);
mbedtls_aria_crypt_ecb(&ctx, aria_test1_ecb_ct[i], blk);
ARIA_SELF_TEST_ASSERT(
memcmp(blk, aria_test1_ecb_pt, MBEDTLS_ARIA_BLOCKSIZE)
!= 0);
#endif
}
if (verbose) {
mbedtls_printf("\n");

16
library/camellia.c
View File

@ -399,6 +399,7 @@ int mbedtls_camellia_setkey_enc(mbedtls_camellia_context *ctx,
/*
* Camellia key schedule (decryption)
*/
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
int mbedtls_camellia_setkey_dec(mbedtls_camellia_context *ctx,
const unsigned char *key,
unsigned int keybits)
@ -444,6 +445,7 @@ exit:
return ret;
}
#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */
/*
* Camellia-ECB block encryption/decryption
@ -888,14 +890,26 @@ int mbedtls_camellia_self_test(int verbose)
(v == MBEDTLS_CAMELLIA_DECRYPT) ? "dec" : "enc");
}
#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
if (v == MBEDTLS_CAMELLIA_DECRYPT) {
if (verbose != 0) {
mbedtls_printf("skipped\n");
}
continue;
}
#endif
for (i = 0; i < CAMELLIA_TESTS_ECB; i++) {
memcpy(key, camellia_test_ecb_key[u][i], 16 + 8 * u);
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
if (v == MBEDTLS_CAMELLIA_DECRYPT) {
mbedtls_camellia_setkey_dec(&ctx, key, 128 + u * 64);
memcpy(src, camellia_test_ecb_cipher[u][i], 16);
memcpy(dst, camellia_test_ecb_plain[i], 16);
} else { /* MBEDTLS_CAMELLIA_ENCRYPT */
} else
#endif
{ /* MBEDTLS_CAMELLIA_ENCRYPT */
mbedtls_camellia_setkey_enc(&ctx, key, 128 + u * 64);
memcpy(src, camellia_test_ecb_plain[i], 16);
memcpy(dst, camellia_test_ecb_cipher[u][i], 16);

13
library/cipher.c
View File

@ -310,6 +310,12 @@ int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx,
if (ctx->cipher_info == NULL) {
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
}
#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
if (MBEDTLS_MODE_ECB == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) &&
MBEDTLS_DECRYPT == operation) {
return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
}
#endif
#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED)
if (ctx->psa_enabled == 1) {
@ -377,6 +383,7 @@ int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx,
ctx->key_bitlen = key_bitlen;
ctx->operation = operation;
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
/*
* For OFB, CFB and CTR mode always use the encryption key schedule
*/
@ -392,6 +399,12 @@ int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx,
return mbedtls_cipher_get_base(ctx->cipher_info)->setkey_dec_func(ctx->cipher_ctx, key,
ctx->key_bitlen);
}
#else
if (operation == MBEDTLS_ENCRYPT || operation == MBEDTLS_DECRYPT) {
return mbedtls_cipher_get_base(ctx->cipher_info)->setkey_enc_func(ctx->cipher_ctx, key,
ctx->key_bitlen);
}
#endif
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
}

30
library/cipher_wrap.c
View File

@ -226,11 +226,13 @@ static int aes_crypt_xts_wrap(void *ctx, mbedtls_operation_t operation,
}
#endif /* MBEDTLS_CIPHER_MODE_XTS */
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
static int aes_setkey_dec_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen)
{
return mbedtls_aes_setkey_dec((mbedtls_aes_context *) ctx, key, key_bitlen);
}
#endif
static int aes_setkey_enc_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen)
@ -279,7 +281,9 @@ static const mbedtls_cipher_base_t aes_info = {
NULL,
#endif
aes_setkey_enc_wrap,
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
aes_setkey_dec_wrap,
#endif
aes_ctx_alloc,
aes_ctx_free
};
@ -591,7 +595,9 @@ static const mbedtls_cipher_base_t gcm_aes_info = {
#endif
#if defined(MBEDTLS_GCM_C)
gcm_aes_setkey_wrap,
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
gcm_aes_setkey_wrap,
#endif
gcm_ctx_alloc,
gcm_ctx_free,
#else
@ -673,7 +679,9 @@ static const mbedtls_cipher_base_t ccm_aes_info = {
#endif
#if defined(MBEDTLS_CCM_C)
ccm_aes_setkey_wrap,
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
ccm_aes_setkey_wrap,
#endif
ccm_ctx_alloc,
ccm_ctx_free,
#else
@ -799,11 +807,13 @@ static int camellia_crypt_ctr_wrap(void *ctx, size_t length, size_t *nc_off,
}
#endif /* MBEDTLS_CIPHER_MODE_CTR */
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
static int camellia_setkey_dec_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen)
{
return mbedtls_camellia_setkey_dec((mbedtls_camellia_context *) ctx, key, key_bitlen);
}
#endif
static int camellia_setkey_enc_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen)
@ -853,7 +863,9 @@ static const mbedtls_cipher_base_t camellia_info = {
NULL,
#endif
camellia_setkey_enc_wrap,
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
camellia_setkey_dec_wrap,
#endif
camellia_ctx_alloc,
camellia_ctx_free
};
@ -1026,7 +1038,9 @@ static const mbedtls_cipher_base_t gcm_camellia_info = {
NULL,
#endif
gcm_camellia_setkey_wrap,
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
gcm_camellia_setkey_wrap,
#endif
gcm_ctx_alloc,
gcm_ctx_free,
};
@ -1095,7 +1109,9 @@ static const mbedtls_cipher_base_t ccm_camellia_info = {
NULL,
#endif
ccm_camellia_setkey_wrap,
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
ccm_camellia_setkey_wrap,
#endif
ccm_ctx_alloc,
ccm_ctx_free,
};
@ -1209,11 +1225,13 @@ static int aria_crypt_ctr_wrap(void *ctx, size_t length, size_t *nc_off,
}
#endif /* MBEDTLS_CIPHER_MODE_CTR */
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
static int aria_setkey_dec_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen)
{
return mbedtls_aria_setkey_dec((mbedtls_aria_context *) ctx, key, key_bitlen);
}
#endif
static int aria_setkey_enc_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen)
@ -1263,7 +1281,9 @@ static const mbedtls_cipher_base_t aria_info = {
NULL,
#endif
aria_setkey_enc_wrap,
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
aria_setkey_dec_wrap,
#endif
aria_ctx_alloc,
aria_ctx_free
};
@ -1436,7 +1456,9 @@ static const mbedtls_cipher_base_t gcm_aria_info = {
NULL,
#endif
gcm_aria_setkey_wrap,
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
gcm_aria_setkey_wrap,
#endif
gcm_ctx_alloc,
gcm_ctx_free,
};
@ -1505,7 +1527,9 @@ static const mbedtls_cipher_base_t ccm_aria_info = {
NULL,
#endif
ccm_aria_setkey_wrap,
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
ccm_aria_setkey_wrap,
#endif
ccm_ctx_alloc,
ccm_ctx_free,
};
@ -1925,7 +1949,9 @@ static const mbedtls_cipher_base_t chacha20_base_info = {
chacha20_stream_wrap,
#endif
chacha20_setkey_wrap,
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
chacha20_setkey_wrap,
#endif
chacha20_ctx_alloc,
chacha20_ctx_free
};
@ -2000,7 +2026,9 @@ static const mbedtls_cipher_base_t chachapoly_base_info = {
NULL,
#endif
chachapoly_setkey_wrap,
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
chachapoly_setkey_wrap,
#endif
chachapoly_ctx_alloc,
chachapoly_ctx_free
};
@ -2068,7 +2096,9 @@ static const mbedtls_cipher_base_t null_base_info = {
null_crypt_stream,
#endif
null_setkey,
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
null_setkey,
#endif
null_ctx_alloc,
null_ctx_free
};

2
library/cipher_wrap.h
View File

@ -125,9 +125,11 @@ struct mbedtls_cipher_base_t {
int (*setkey_enc_func)(void *ctx, const unsigned char *key,
unsigned int key_bitlen);
#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
/** Set key for decryption purposes */
int (*setkey_dec_func)(void *ctx, const unsigned char *key,
unsigned int key_bitlen);
#endif
/** Allocate a new context */
void * (*ctx_alloc_func)(void);

2
library/padlock.c
View File

@ -96,6 +96,7 @@ int mbedtls_padlock_xcryptecb(mbedtls_aes_context *ctx,
return 0;
}
#if defined(MBEDTLS_CIPHER_MODE_CBC)
/*
* PadLock AES-CBC buffer en(de)cryption
*/
@ -149,6 +150,7 @@ int mbedtls_padlock_xcryptcbc(mbedtls_aes_context *ctx,
return 0;
}
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#endif /* MBEDTLS_VIA_PADLOCK_HAVE_CODE */

10
library/ssl_client.c
View File

@ -691,11 +691,6 @@ static int ssl_write_client_hello_body(mbedtls_ssl_context *ssl,
p_extensions_len, extensions_len);
}
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
MBEDTLS_SSL_PRINT_EXTS(
3, MBEDTLS_SSL_HS_CLIENT_HELLO, handshake->sent_extensions);
#endif
*out_len = (size_t) (p - buf);
return 0;
}
@ -1006,6 +1001,11 @@ int mbedtls_ssl_write_client_hello(mbedtls_ssl_context *ssl)
#endif
}
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
MBEDTLS_SSL_PRINT_EXTS(
3, MBEDTLS_SSL_HS_CLIENT_HELLO, ssl->handshake->sent_extensions);
#endif
cleanup:
MBEDTLS_SSL_DEBUG_MSG(2, ("<= write client hello"));

53
library/ssl_tls.c
View File

@ -2715,132 +2715,185 @@ psa_status_t mbedtls_ssl_cipher_to_psa(mbedtls_cipher_type_t mbedtls_cipher_type
psa_key_type_t *key_type,
size_t *key_size)
{
#if !defined(MBEDTLS_SSL_HAVE_CCM)
(void) taglen;
#endif
switch (mbedtls_cipher_type) {
#if defined(MBEDTLS_SSL_HAVE_AES) && defined(MBEDTLS_SSL_HAVE_CBC)
case MBEDTLS_CIPHER_AES_128_CBC:
*alg = PSA_ALG_CBC_NO_PADDING;
*key_type = PSA_KEY_TYPE_AES;
*key_size = 128;
break;
#endif
#if defined(MBEDTLS_SSL_HAVE_AES) && defined(MBEDTLS_SSL_HAVE_CCM)
case MBEDTLS_CIPHER_AES_128_CCM:
*alg = taglen ? PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, taglen) : PSA_ALG_CCM;
*key_type = PSA_KEY_TYPE_AES;
*key_size = 128;
break;
#endif
#if defined(MBEDTLS_SSL_HAVE_AES) && defined(MBEDTLS_SSL_HAVE_GCM)
case MBEDTLS_CIPHER_AES_128_GCM:
*alg = PSA_ALG_GCM;
*key_type = PSA_KEY_TYPE_AES;
*key_size = 128;
break;
#endif
#if defined(MBEDTLS_SSL_HAVE_AES) && defined(MBEDTLS_SSL_HAVE_CCM)
case MBEDTLS_CIPHER_AES_192_CCM:
*alg = taglen ? PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, taglen) : PSA_ALG_CCM;
*key_type = PSA_KEY_TYPE_AES;
*key_size = 192;
break;
#endif
#if defined(MBEDTLS_SSL_HAVE_AES) && defined(MBEDTLS_SSL_HAVE_GCM)
case MBEDTLS_CIPHER_AES_192_GCM:
*alg = PSA_ALG_GCM;
*key_type = PSA_KEY_TYPE_AES;
*key_size = 192;
break;
#endif
#if defined(MBEDTLS_SSL_HAVE_AES) && defined(MBEDTLS_SSL_HAVE_CBC)
case MBEDTLS_CIPHER_AES_256_CBC:
*alg = PSA_ALG_CBC_NO_PADDING;
*key_type = PSA_KEY_TYPE_AES;
*key_size = 256;
break;
#endif
#if defined(MBEDTLS_SSL_HAVE_AES) && defined(MBEDTLS_SSL_HAVE_CCM)
case MBEDTLS_CIPHER_AES_256_CCM:
*alg = taglen ? PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, taglen) : PSA_ALG_CCM;
*key_type = PSA_KEY_TYPE_AES;
*key_size = 256;
break;
#endif
#if defined(MBEDTLS_SSL_HAVE_AES) && defined(MBEDTLS_SSL_HAVE_GCM)
case MBEDTLS_CIPHER_AES_256_GCM:
*alg = PSA_ALG_GCM;
*key_type = PSA_KEY_TYPE_AES;
*key_size = 256;
break;
#endif
#if defined(MBEDTLS_SSL_HAVE_ARIA) && defined(MBEDTLS_SSL_HAVE_CBC)
case MBEDTLS_CIPHER_ARIA_128_CBC:
*alg = PSA_ALG_CBC_NO_PADDING;
*key_type = PSA_KEY_TYPE_ARIA;
*key_size = 128;
break;
#endif
#if defined(MBEDTLS_SSL_HAVE_ARIA) && defined(MBEDTLS_SSL_HAVE_CCM)
case MBEDTLS_CIPHER_ARIA_128_CCM:
*alg = taglen ? PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, taglen) : PSA_ALG_CCM;
*key_type = PSA_KEY_TYPE_ARIA;
*key_size = 128;
break;
#endif
#if defined(MBEDTLS_SSL_HAVE_ARIA) && defined(MBEDTLS_SSL_HAVE_GCM)
case MBEDTLS_CIPHER_ARIA_128_GCM:
*alg = PSA_ALG_GCM;
*key_type = PSA_KEY_TYPE_ARIA;
*key_size = 128;
break;
#endif
#if defined(MBEDTLS_SSL_HAVE_ARIA) && defined(MBEDTLS_SSL_HAVE_CCM)
case MBEDTLS_CIPHER_ARIA_192_CCM:
*alg = taglen ? PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, taglen) : PSA_ALG_CCM;
*key_type = PSA_KEY_TYPE_ARIA;
*key_size = 192;
break;
#endif
#if defined(MBEDTLS_SSL_HAVE_ARIA) && defined(MBEDTLS_SSL_HAVE_GCM)
case MBEDTLS_CIPHER_ARIA_192_GCM:
*alg = PSA_ALG_GCM;
*key_type = PSA_KEY_TYPE_ARIA;
*key_size = 192;
break;
#endif
#if defined(MBEDTLS_SSL_HAVE_ARIA) && defined(MBEDTLS_SSL_HAVE_CBC)
case MBEDTLS_CIPHER_ARIA_256_CBC:
*alg = PSA_ALG_CBC_NO_PADDING;
*key_type = PSA_KEY_TYPE_ARIA;
*key_size = 256;
break;
#endif
#if defined(MBEDTLS_SSL_HAVE_ARIA) && defined(MBEDTLS_SSL_HAVE_CCM)
case MBEDTLS_CIPHER_ARIA_256_CCM:
*alg = taglen ? PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, taglen) : PSA_ALG_CCM;
*key_type = PSA_KEY_TYPE_ARIA;
*key_size = 256;
break;
#endif
#if defined(MBEDTLS_SSL_HAVE_ARIA) && defined(MBEDTLS_SSL_HAVE_GCM)
case MBEDTLS_CIPHER_ARIA_256_GCM:
*alg = PSA_ALG_GCM;
*key_type = PSA_KEY_TYPE_ARIA;
*key_size = 256;
break;
#endif
#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) && defined(MBEDTLS_SSL_HAVE_CBC)
case MBEDTLS_CIPHER_CAMELLIA_128_CBC:
*alg = PSA_ALG_CBC_NO_PADDING;
*key_type = PSA_KEY_TYPE_CAMELLIA;
*key_size = 128;
break;
#endif
#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) && defined(MBEDTLS_SSL_HAVE_CCM)
case MBEDTLS_CIPHER_CAMELLIA_128_CCM:
*alg = taglen ? PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, taglen) : PSA_ALG_CCM;
*key_type = PSA_KEY_TYPE_CAMELLIA;
*key_size = 128;
break;
#endif
#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) && defined(MBEDTLS_SSL_HAVE_GCM)
case MBEDTLS_CIPHER_CAMELLIA_128_GCM:
*alg = PSA_ALG_GCM;
*key_type = PSA_KEY_TYPE_CAMELLIA;
*key_size = 128;
break;
#endif
#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) && defined(MBEDTLS_SSL_HAVE_CCM)
case MBEDTLS_CIPHER_CAMELLIA_192_CCM:
*alg = taglen ? PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, taglen) : PSA_ALG_CCM;
*key_type = PSA_KEY_TYPE_CAMELLIA;
*key_size = 192;
break;
#endif
#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) && defined(MBEDTLS_SSL_HAVE_GCM)
case MBEDTLS_CIPHER_CAMELLIA_192_GCM:
*alg = PSA_ALG_GCM;
*key_type = PSA_KEY_TYPE_CAMELLIA;
*key_size = 192;
break;
#endif
#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) && defined(MBEDTLS_SSL_HAVE_CBC)
case MBEDTLS_CIPHER_CAMELLIA_256_CBC:
*alg = PSA_ALG_CBC_NO_PADDING;
*key_type = PSA_KEY_TYPE_CAMELLIA;
*key_size = 256;
break;
#endif
#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) && defined(MBEDTLS_SSL_HAVE_CCM)
case MBEDTLS_CIPHER_CAMELLIA_256_CCM:
*alg = taglen ? PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, taglen) : PSA_ALG_CCM;
*key_type = PSA_KEY_TYPE_CAMELLIA;
*key_size = 256;
break;
#endif
#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) && defined(MBEDTLS_SSL_HAVE_GCM)
case MBEDTLS_CIPHER_CAMELLIA_256_GCM:
*alg = PSA_ALG_GCM;
*key_type = PSA_KEY_TYPE_CAMELLIA;
*key_size = 256;
break;
#endif
#if defined(MBEDTLS_SSL_HAVE_CHACHAPOLY)
case MBEDTLS_CIPHER_CHACHA20_POLY1305:
*alg = PSA_ALG_CHACHA20_POLY1305;
*key_type = PSA_KEY_TYPE_CHACHA20;
*key_size = 256;
break;
#endif
case MBEDTLS_CIPHER_NULL:
*alg = MBEDTLS_SSL_NULL_CIPHER;
*key_type = 0;