WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

add documentation for wc_AesXtsInit(), wc_AesXtsSetKeyNoInit(), wc_CmacFinalNoFree(), and wc_CmacFree(); 

rename wc_AesXtsSetKey_NoInit() to wc_AesXtsSetKeyNoInit() for morphological consistency;

refactor wc_AesXtsSetKey() to call wc_AesXtsSetKeyNoInit() and clean up on failure;

readability tweak in wolfSSL_EVP_CipherFinal().
pull/7031/head
Daniel Pouzzner 2023-12-06 19:26:46 -06:00
parent b14aba48af
commit 931ac4e568
6 changed files with 176 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

88
doc/dox_comments/header_files/aes.h
View File

@ -658,6 +658,82 @@ int wc_AesCcmDecrypt(Aes* aes, byte* out,
const byte* authTag, word32 authTagSz, const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz); const byte* authIn, word32 authInSz);
/*!
\ingroup AES
\brief This is to initialize an AES-XTS context. It is up to user to call
wc_AesXtsFree on aes key when done.
\return 0 Success
\param aes AES keys for encrypt/decrypt process
\param heap heap hint to use for memory. Can be NULL
\param devId id to use with async crypto. Can be 0
_Example_
\code
XtsAes aes;
if(wc_AesXtsInit(&aes, NULL, 0) != 0)
{
// Handle error
}
if(wc_AesXtsSetKeyNoInit(&aes, key, sizeof(key), AES_ENCRYPTION) != 0)
{
// Handle error
}
wc_AesXtsFree(&aes);
\endcode
\sa wc_AesXtsSetKey
\sa wc_AesXtsSetKeyNoInit
\sa wc_AesXtsEncrypt
\sa wc_AesXtsDecrypt
\sa wc_AesXtsFree
*/
int wc_AesXtsInit(XtsAes* aes, void* heap, int devId);
/*!
\ingroup AES
\brief This is to help with setting keys to correct encrypt or decrypt type,
after first calling wc_AesXtsInit(). It is up to user to call wc_AesXtsFree
on aes key when done.
\return 0 Success
\param aes AES keys for encrypt/decrypt process
\param key buffer holding aes key | tweak key
\param len length of key buffer in bytes. Should be twice that of
key size.
i.e. 32 for a 16 byte key.
\param dir direction, either AES_ENCRYPTION or AES_DECRYPTION
_Example_
\code
XtsAes aes;
if(wc_AesXtsInit(&aes, NULL, 0) != 0)
{
// Handle error
}
if(wc_AesXtsSetKeyNoInit(&aes, key, sizeof(key), AES_ENCRYPTION, NULL, 0)
!= 0)
{
// Handle error
}
wc_AesXtsFree(&aes);
\endcode
\sa wc_AesXtsEncrypt
\sa wc_AesXtsDecrypt
\sa wc_AesXtsFree
*/
int wc_AesXtsSetKeyNoInit(XtsAes* aes, const byte* key,
word32 len, int dir);
/*! /*!
\ingroup AES \ingroup AES
@ -686,6 +762,8 @@ int wc_AesCcmDecrypt(Aes* aes, byte* out,
wc_AesXtsFree(&aes); wc_AesXtsFree(&aes);
\endcode \endcode
\sa wc_AesXtsInit
\sa wc_AesXtsSetKeyNoInit
\sa wc_AesXtsEncrypt \sa wc_AesXtsEncrypt
\sa wc_AesXtsDecrypt \sa wc_AesXtsDecrypt
\sa wc_AesXtsFree \sa wc_AesXtsFree
@ -726,6 +804,8 @@ int wc_AesXtsSetKey(XtsAes* aes, const byte* key,
\sa wc_AesXtsEncrypt \sa wc_AesXtsEncrypt
\sa wc_AesXtsDecrypt \sa wc_AesXtsDecrypt
\sa wc_AesXtsInit
\sa wc_AesXtsSetKeyNoInit
\sa wc_AesXtsSetKey \sa wc_AesXtsSetKey
\sa wc_AesXtsFree \sa wc_AesXtsFree
*/ */
@ -765,6 +845,8 @@ int wc_AesXtsEncryptSector(XtsAes* aes, byte* out,
\sa wc_AesXtsEncrypt \sa wc_AesXtsEncrypt
\sa wc_AesXtsDecrypt \sa wc_AesXtsDecrypt
\sa wc_AesXtsInit
\sa wc_AesXtsSetKeyNoInit
\sa wc_AesXtsSetKey \sa wc_AesXtsSetKey
\sa wc_AesXtsFree \sa wc_AesXtsFree
*/ */
@ -805,6 +887,8 @@ int wc_AesXtsDecryptSector(XtsAes* aes, byte* out,
\endcode \endcode
\sa wc_AesXtsDecrypt \sa wc_AesXtsDecrypt
\sa wc_AesXtsInit
\sa wc_AesXtsSetKeyNoInit
\sa wc_AesXtsSetKey \sa wc_AesXtsSetKey
\sa wc_AesXtsFree \sa wc_AesXtsFree
*/ */
@ -844,6 +928,8 @@ int wc_AesXtsEncrypt(XtsAes* aes, byte* out,
\endcode \endcode
\sa wc_AesXtsEncrypt \sa wc_AesXtsEncrypt
\sa wc_AesXtsInit
\sa wc_AesXtsSetKeyNoInit
\sa wc_AesXtsSetKey \sa wc_AesXtsSetKey
\sa wc_AesXtsFree \sa wc_AesXtsFree
*/ */
@ -872,6 +958,8 @@ int wc_AesXtsDecrypt(XtsAes* aes, byte* out,
\sa wc_AesXtsEncrypt \sa wc_AesXtsEncrypt
\sa wc_AesXtsDecrypt \sa wc_AesXtsDecrypt
\sa wc_AesXtsInit
\sa wc_AesXtsSetKeyNoInit
\sa wc_AesXtsSetKey \sa wc_AesXtsSetKey
*/ */
int wc_AesXtsFree(XtsAes* aes); int wc_AesXtsFree(XtsAes* aes);

57
doc/dox_comments/header_files/cmac.h
View File

@ -23,6 +23,8 @@
\sa wc_InitCmac_ex \sa wc_InitCmac_ex
\sa wc_CmacUpdate \sa wc_CmacUpdate
\sa wc_CmacFinal \sa wc_CmacFinal
\sa wc_CmacFinalNoFree
\sa wc_CmacFree
*/ */
int wc_InitCmac(Cmac* cmac, int wc_InitCmac(Cmac* cmac,
const byte* key, word32 keySz, const byte* key, word32 keySz,
@ -55,6 +57,8 @@ int wc_InitCmac(Cmac* cmac,
\sa wc_InitCmac_ex \sa wc_InitCmac_ex
\sa wc_CmacUpdate \sa wc_CmacUpdate
\sa wc_CmacFinal \sa wc_CmacFinal
\sa wc_CmacFinalNoFree
\sa wc_CmacFree
*/ */
int wc_InitCmac_ex(Cmac* cmac, int wc_InitCmac_ex(Cmac* cmac,
const byte* key, word32 keySz, const byte* key, word32 keySz,
@ -75,13 +79,38 @@ int wc_InitCmac_ex(Cmac* cmac,
\sa wc_InitCmac \sa wc_InitCmac
\sa wc_CmacFinal \sa wc_CmacFinal
\sa wc_CmacFinalNoFree
\sa wc_CmacFree
*/ */
int wc_CmacUpdate(Cmac* cmac, int wc_CmacUpdate(Cmac* cmac,
const byte* in, word32 inSz); const byte* in, word32 inSz);
/*! /*!
\ingroup CMAC \ingroup CMAC
\brief Generate the final result using Cipher-based Message Authentication Code \brief Generate the final result using Cipher-based Message Authentication Code, deferring context cleanup.
\return 0 on success
\param cmac pointer to the Cmac structure
\param out pointer to return the result
\param outSz pointer size of output (in/out)
_Example_
\code
ret = wc_CmacFinalNoFree(cmac, out, &outSz);
(void)wc_CmacFree(cmac);
\endcode
\sa wc_InitCmac
\sa wc_CmacFinal
\sa wc_CmacFinalNoFree
\sa wc_CmacFree
*/
int wc_CmacFinalNoFree(Cmac* cmac,
byte* out, word32* outSz);
/*!
\ingroup CMAC
\brief Generate the final result using Cipher-based Message Authentication Code, and clean up the context with wc_CmacFree().
\return 0 on success \return 0 on success
\param cmac pointer to the Cmac structure \param cmac pointer to the Cmac structure
\param out pointer to return the result \param out pointer to return the result
@ -93,10 +122,30 @@ int wc_CmacUpdate(Cmac* cmac,
\endcode \endcode
\sa wc_InitCmac \sa wc_InitCmac
\sa wc_CmacFinal \sa wc_CmacFinalNoFree
\sa wc_CmacFinalNoFree
\sa wc_CmacFree
*/ */
int wc_CmacFinal(Cmac* cmac, int wc_CmacFinalNoFree(Cmac* cmac);
byte* out, word32* outSz);
/*!
\ingroup CMAC
\brief Clean up allocations in a CMAC context.
\return 0 on success
\param cmac pointer to the Cmac structure
_Example_
\code
ret = wc_CmacFinalNoFree(cmac, out, &outSz);
(void)wc_CmacFree(cmac);
\endcode
\sa wc_InitCmac
\sa wc_CmacFinalNoFree
\sa wc_CmacFinal
\sa wc_CmacFree
*/
int wc_CmacFree(Cmac* cmac);
/*! /*!
\ingroup CMAC \ingroup CMAC

28
wolfcrypt/src/aes.c
View File

@ -12283,7 +12283,7 @@ int wc_AesXtsInit(XtsAes* aes, void* heap, int devId)
* *
* return 0 on success * return 0 on success
*/ */
int wc_AesXtsSetKey_NoInit(XtsAes* aes, const byte* key, word32 len, int dir) int wc_AesXtsSetKeyNoInit(XtsAes* aes, const byte* key, word32 len, int dir)
{ {
word32 keySz; word32 keySz;
int ret = 0; int ret = 0;
@ -12317,7 +12317,7 @@ int wc_AesXtsSetKey_NoInit(XtsAes* aes, const byte* key, word32 len, int dir)
return ret; return ret;
} }
/* Combined call to wc_AesXtsInit() and wc_AesXtsSetKey_NoInit(). /* Combined call to wc_AesXtsInit() and wc_AesXtsSetKeyNoInit().
* *
* Note: is up to user to call wc_AesXtsFree when done. * Note: is up to user to call wc_AesXtsFree when done.
* *
@ -12326,7 +12326,6 @@ int wc_AesXtsSetKey_NoInit(XtsAes* aes, const byte* key, word32 len, int dir)
int wc_AesXtsSetKey(XtsAes* aes, const byte* key, word32 len, int dir, int wc_AesXtsSetKey(XtsAes* aes, const byte* key, word32 len, int dir,
void* heap, int devId) void* heap, int devId)
{ {
word32 keySz;
int ret = 0; int ret = 0;
if (aes == NULL || key == NULL) { if (aes == NULL || key == NULL) {
@ -12337,27 +12336,10 @@ int wc_AesXtsSetKey(XtsAes* aes, const byte* key, word32 len, int dir,
if (ret != 0) if (ret != 0)
return ret; return ret;
keySz = len/2; ret = wc_AesXtsSetKeyNoInit(aes, key, len, dir);
if (keySz != 16 && keySz != 32) {
WOLFSSL_MSG("Unsupported key size");
return WC_KEY_SIZE_E;
}
if ((ret = wc_AesSetKey(&aes->aes, key, keySz, NULL, dir)) == 0) { if (ret != 0)
ret = wc_AesSetKey(&aes->tweak, key + keySz, keySz, NULL, wc_AesXtsFree(aes);
AES_ENCRYPTION);
if (ret != 0) {
wc_AesFree(&aes->aes);
}
#ifdef WOLFSSL_AESNI
if (aes->aes.use_aesni != aes->tweak.use_aesni) {
if (aes->aes.use_aesni)
aes->aes.use_aesni = 0;
else
aes->tweak.use_aesni = 0;
}
#endif
}
return ret; return ret;
} }

15
wolfcrypt/src/evp.c
View File

@ -1226,6 +1226,11 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out,
} }
} }
if (ret == 0)
ret = WOLFSSL_SUCCESS;
else
ret = WOLFSSL_FAILURE;
/* Reinitialize for subsequent wolfSSL_EVP_Cipher calls. */ /* Reinitialize for subsequent wolfSSL_EVP_Cipher calls. */
if (wc_AesGcmInit(&ctx->cipher.aes, NULL, 0, if (wc_AesGcmInit(&ctx->cipher.aes, NULL, 0,
(byte*)ctx->cipher.aes.reg, (byte*)ctx->cipher.aes.reg,
@ -1234,12 +1239,6 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out,
WOLFSSL_MSG("wc_AesGcmInit failed"); WOLFSSL_MSG("wc_AesGcmInit failed");
ret = WOLFSSL_FAILURE; ret = WOLFSSL_FAILURE;
} }
else {
if (ret == 0)
ret = WOLFSSL_SUCCESS;
else
ret = WOLFSSL_FAILURE;
}
#endif /* WOLFSSL_AESGCM_STREAM */ #endif /* WOLFSSL_AESGCM_STREAM */
if (ret == WOLFSSL_SUCCESS) { if (ret == WOLFSSL_SUCCESS) {
if (ctx->authIncIv) { if (ctx->authIncIv) {
@ -7498,7 +7497,7 @@ void wolfSSL_EVP_init(void)
} }
if (key) { if (key) {
ret = wc_AesXtsSetKey_NoInit(&ctx->cipher.xts, key, ret = wc_AesXtsSetKeyNoInit(&ctx->cipher.xts, key,
(word32)ctx->keyLen, (word32)ctx->keyLen,
ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION); ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION);
if (ret != 0) { if (ret != 0) {
@ -7539,7 +7538,7 @@ void wolfSSL_EVP_init(void)
} }
if (key) { if (key) {
ret = wc_AesXtsSetKey_NoInit(&ctx->cipher.xts, key, ret = wc_AesXtsSetKeyNoInit(&ctx->cipher.xts, key,
(word32)ctx->keyLen, (word32)ctx->keyLen,
ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION); ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION);
if (ret != 0) { if (ret != 0) {

44
wolfcrypt/test/test.c
View File

@ -9485,7 +9485,7 @@ static wc_test_ret_t aes_xts_128_test(void)
else else
aes_inited = 1; aes_inited = 1;
ret = wc_AesXtsSetKey_NoInit(aes, k2, sizeof(k2), AES_ENCRYPTION); ret = wc_AesXtsSetKeyNoInit(aes, k2, sizeof(k2), AES_ENCRYPTION);
if (ret != 0) if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
@ -9513,7 +9513,7 @@ static wc_test_ret_t aes_xts_128_test(void)
XMEMSET(buf, 0, sizeof(buf)); XMEMSET(buf, 0, sizeof(buf));
ret = wc_AesXtsSetKey_NoInit(aes, k1, sizeof(k1), AES_ENCRYPTION); ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_ENCRYPTION);
if (ret != 0) if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsEncrypt(aes, buf, p1, sizeof(p1), i1, sizeof(i1)); ret = wc_AesXtsEncrypt(aes, buf, p1, sizeof(p1), i1, sizeof(i1));
@ -9565,7 +9565,7 @@ static wc_test_ret_t aes_xts_128_test(void)
/* partial block decrypt test */ /* partial block decrypt test */
XMEMSET(buf, 0, sizeof(buf)); XMEMSET(buf, 0, sizeof(buf));
ret = wc_AesXtsSetKey_NoInit(aes, k1, sizeof(k1), AES_DECRYPTION); ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_DECRYPTION);
if (ret != 0) if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsDecrypt(aes, buf, cipher, sizeof(pp), i1, sizeof(i1)); ret = wc_AesXtsDecrypt(aes, buf, cipher, sizeof(pp), i1, sizeof(i1));
@ -9629,7 +9629,7 @@ static wc_test_ret_t aes_xts_128_test(void)
/* set correct key and retest */ /* set correct key and retest */
XMEMSET(buf, 0, sizeof(buf)); XMEMSET(buf, 0, sizeof(buf));
ret = wc_AesXtsSetKey_NoInit(aes, k2, sizeof(k2), AES_DECRYPTION); ret = wc_AesXtsSetKeyNoInit(aes, k2, sizeof(k2), AES_DECRYPTION);
if (ret != 0) if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsDecrypt(aes, buf, c2, sizeof(c2), i2, sizeof(i2)); ret = wc_AesXtsDecrypt(aes, buf, c2, sizeof(c2), i2, sizeof(i2));
@ -9645,7 +9645,7 @@ static wc_test_ret_t aes_xts_128_test(void)
/* Test ciphertext stealing in-place. */ /* Test ciphertext stealing in-place. */
XMEMCPY(buf, p3, sizeof(p3)); XMEMCPY(buf, p3, sizeof(p3));
ret = wc_AesXtsSetKey_NoInit(aes, k3, sizeof(k3), AES_ENCRYPTION); ret = wc_AesXtsSetKeyNoInit(aes, k3, sizeof(k3), AES_ENCRYPTION);
if (ret != 0) if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
@ -9658,7 +9658,7 @@ static wc_test_ret_t aes_xts_128_test(void)
if (XMEMCMP(c3, buf, sizeof(c3))) if (XMEMCMP(c3, buf, sizeof(c3)))
ERROR_OUT(WC_TEST_RET_ENC_NC, out); ERROR_OUT(WC_TEST_RET_ENC_NC, out);
ret = wc_AesXtsSetKey_NoInit(aes, k3, sizeof(k3), AES_DECRYPTION); ret = wc_AesXtsSetKeyNoInit(aes, k3, sizeof(k3), AES_DECRYPTION);
if (ret != 0) if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsDecrypt(aes, buf, buf, sizeof(c3), i3, sizeof(i3)); ret = wc_AesXtsDecrypt(aes, buf, buf, sizeof(c3), i3, sizeof(i3));
@ -9694,7 +9694,7 @@ static wc_test_ret_t aes_xts_128_test(void)
large_input[i] = (byte)i; large_input[i] = (byte)i;
for (j = 16; j < (int)LARGE_XTS_SZ; j++) { for (j = 16; j < (int)LARGE_XTS_SZ; j++) {
ret = wc_AesXtsSetKey_NoInit(aes, k1, sizeof(k1), AES_ENCRYPTION); ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_ENCRYPTION);
if (ret != 0) if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsEncrypt(aes, large_input, large_input, j, i1, ret = wc_AesXtsEncrypt(aes, large_input, large_input, j, i1,
@ -9705,7 +9705,7 @@ static wc_test_ret_t aes_xts_128_test(void)
if (ret != 0) if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsSetKey_NoInit(aes, k1, sizeof(k1), AES_DECRYPTION); ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_DECRYPTION);
if (ret != 0) if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsDecrypt(aes, large_input, large_input, j, i1, ret = wc_AesXtsDecrypt(aes, large_input, large_input, j, i1,
@ -9851,7 +9851,7 @@ static wc_test_ret_t aes_xts_256_test(void)
aes_inited = 1; aes_inited = 1;
XMEMSET(buf, 0, sizeof(buf)); XMEMSET(buf, 0, sizeof(buf));
ret = wc_AesXtsSetKey_NoInit(aes, k2, sizeof(k2), AES_ENCRYPTION); ret = wc_AesXtsSetKeyNoInit(aes, k2, sizeof(k2), AES_ENCRYPTION);
if (ret != 0) if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
@ -9865,7 +9865,7 @@ static wc_test_ret_t aes_xts_256_test(void)
ERROR_OUT(WC_TEST_RET_ENC_NC, out); ERROR_OUT(WC_TEST_RET_ENC_NC, out);
XMEMSET(buf, 0, sizeof(buf)); XMEMSET(buf, 0, sizeof(buf));
ret = wc_AesXtsSetKey_NoInit(aes, k1, sizeof(k1), AES_ENCRYPTION); ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_ENCRYPTION);
if (ret != 0) if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsEncrypt(aes, buf, p1, sizeof(p1), i1, sizeof(i1)); ret = wc_AesXtsEncrypt(aes, buf, p1, sizeof(p1), i1, sizeof(i1));
@ -9888,7 +9888,7 @@ static wc_test_ret_t aes_xts_256_test(void)
/* partial block decrypt test */ /* partial block decrypt test */
XMEMSET(buf, 0, sizeof(buf)); XMEMSET(buf, 0, sizeof(buf));
ret = wc_AesXtsSetKey_NoInit(aes, k1, sizeof(k1), AES_DECRYPTION); ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_DECRYPTION);
if (ret != 0) if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsDecrypt(aes, buf, cipher, sizeof(pp), i1, sizeof(i1)); ret = wc_AesXtsDecrypt(aes, buf, cipher, sizeof(pp), i1, sizeof(i1));
@ -9912,7 +9912,7 @@ static wc_test_ret_t aes_xts_256_test(void)
ERROR_OUT(WC_TEST_RET_ENC_NC, out); ERROR_OUT(WC_TEST_RET_ENC_NC, out);
XMEMSET(buf, 0, sizeof(buf)); XMEMSET(buf, 0, sizeof(buf));
ret = wc_AesXtsSetKey_NoInit(aes, k2, sizeof(k2), AES_DECRYPTION); ret = wc_AesXtsSetKeyNoInit(aes, k2, sizeof(k2), AES_DECRYPTION);
if (ret != 0) if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsDecrypt(aes, buf, c2, sizeof(c2), i2, sizeof(i2)); ret = wc_AesXtsDecrypt(aes, buf, c2, sizeof(c2), i2, sizeof(i2));
@ -10128,7 +10128,7 @@ static wc_test_ret_t aes_xts_sector_test(void)
aes_inited = 1; aes_inited = 1;
XMEMSET(buf, 0, sizeof(buf)); XMEMSET(buf, 0, sizeof(buf));
ret = wc_AesXtsSetKey_NoInit(aes, k1, sizeof(k1), AES_ENCRYPTION); ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_ENCRYPTION);
if (ret != 0) if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
@ -10143,7 +10143,7 @@ static wc_test_ret_t aes_xts_sector_test(void)
/* decrypt test */ /* decrypt test */
XMEMSET(buf, 0, sizeof(buf)); XMEMSET(buf, 0, sizeof(buf));
ret = wc_AesXtsSetKey_NoInit(aes, k1, sizeof(k1), AES_DECRYPTION); ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_DECRYPTION);
if (ret != 0) if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsDecryptSector(aes, buf, c1, sizeof(c1), s1); ret = wc_AesXtsDecryptSector(aes, buf, c1, sizeof(c1), s1);
@ -10157,7 +10157,7 @@ static wc_test_ret_t aes_xts_sector_test(void)
/* 256 bit key tests */ /* 256 bit key tests */
XMEMSET(buf, 0, sizeof(buf)); XMEMSET(buf, 0, sizeof(buf));
ret = wc_AesXtsSetKey_NoInit(aes, k2, sizeof(k2), AES_ENCRYPTION); ret = wc_AesXtsSetKeyNoInit(aes, k2, sizeof(k2), AES_ENCRYPTION);
if (ret != 0) if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsEncryptSector(aes, buf, p2, sizeof(p2), s2); ret = wc_AesXtsEncryptSector(aes, buf, p2, sizeof(p2), s2);
@ -10171,7 +10171,7 @@ static wc_test_ret_t aes_xts_sector_test(void)
/* decrypt test */ /* decrypt test */
XMEMSET(buf, 0, sizeof(buf)); XMEMSET(buf, 0, sizeof(buf));
ret = wc_AesXtsSetKey_NoInit(aes, k2, sizeof(k2), AES_DECRYPTION); ret = wc_AesXtsSetKeyNoInit(aes, k2, sizeof(k2), AES_DECRYPTION);
if (ret != 0) if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsDecryptSector(aes, buf, c2, sizeof(c2), s2); ret = wc_AesXtsDecryptSector(aes, buf, c2, sizeof(c2), s2);
@ -10187,7 +10187,7 @@ static wc_test_ret_t aes_xts_sector_test(void)
(!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST) (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
/* encrypt consecutive sectors test */ /* encrypt consecutive sectors test */
XMEMSET(data, 0, sizeof(buf)); XMEMSET(data, 0, sizeof(buf));
ret = wc_AesXtsSetKey_NoInit(aes, k3, sizeof(k3), AES_ENCRYPTION); ret = wc_AesXtsSetKeyNoInit(aes, k3, sizeof(k3), AES_ENCRYPTION);
if (ret != 0) if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsEncryptConsecutiveSectors(aes, data, p3, ret = wc_AesXtsEncryptConsecutiveSectors(aes, data, p3,
@ -10202,7 +10202,7 @@ static wc_test_ret_t aes_xts_sector_test(void)
/* decrypt consecutive sectors test */ /* decrypt consecutive sectors test */
XMEMSET(data, 0, sizeof(buf)); XMEMSET(data, 0, sizeof(buf));
ret = wc_AesXtsSetKey_NoInit(aes, k3, sizeof(k3), AES_DECRYPTION); ret = wc_AesXtsSetKeyNoInit(aes, k3, sizeof(k3), AES_DECRYPTION);
if (ret != 0) if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsDecryptConsecutiveSectors(aes, data, c3, ret = wc_AesXtsDecryptConsecutiveSectors(aes, data, c3,
@ -10275,13 +10275,13 @@ static wc_test_ret_t aes_xts_args_test(void)
else else
aes_inited = 1; aes_inited = 1;
if (wc_AesXtsSetKey_NoInit(NULL, k1, sizeof(k1), AES_ENCRYPTION) == 0) if (wc_AesXtsSetKeyNoInit(NULL, k1, sizeof(k1), AES_ENCRYPTION) == 0)
ERROR_OUT(WC_TEST_RET_ENC_NC, out); ERROR_OUT(WC_TEST_RET_ENC_NC, out);
if (wc_AesXtsSetKey_NoInit(aes, NULL, sizeof(k1), AES_ENCRYPTION) == 0) if (wc_AesXtsSetKeyNoInit(aes, NULL, sizeof(k1), AES_ENCRYPTION) == 0)
ERROR_OUT(WC_TEST_RET_ENC_NC, out); ERROR_OUT(WC_TEST_RET_ENC_NC, out);
/* encryption operations */ /* encryption operations */
ret = wc_AesXtsSetKey_NoInit(aes, k1, sizeof(k1), AES_ENCRYPTION); ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_ENCRYPTION);
if (ret != 0) if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
@ -10300,7 +10300,7 @@ static wc_test_ret_t aes_xts_args_test(void)
ERROR_OUT(WC_TEST_RET_ENC_NC, out); ERROR_OUT(WC_TEST_RET_ENC_NC, out);
/* decryption operations */ /* decryption operations */
ret = wc_AesXtsSetKey_NoInit(aes, k1, sizeof(k1), AES_DECRYPTION); ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_DECRYPTION);
if (ret != 0) if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsDecryptSector(NULL, buf, c1, sizeof(c1), s1); ret = wc_AesXtsDecryptSector(NULL, buf, c1, sizeof(c1), s1);

2
wolfssl/wolfcrypt/aes.h
View File

@ -623,7 +623,7 @@ WOLFSSL_API int wc_AesGcmDecryptFinal(Aes* aes, const byte* authTag,
WOLFSSL_API int wc_AesXtsInit(XtsAes* aes, void* heap, int devId); WOLFSSL_API int wc_AesXtsInit(XtsAes* aes, void* heap, int devId);
WOLFSSL_API int wc_AesXtsSetKey_NoInit(XtsAes* aes, const byte* key, WOLFSSL_API int wc_AesXtsSetKeyNoInit(XtsAes* aes, const byte* key,
word32 len, int dir); word32 len, int dir);
WOLFSSL_API int wc_AesXtsSetKey(XtsAes* aes, const byte* key, WOLFSSL_API int wc_AesXtsSetKey(XtsAes* aes, const byte* key,