aes: Use length instead of bits_length in XTS

mbedtls_aes_crypt_xts() currently takes a `bits_length` parameter, unlike the other block modes. Change the parameter to accept a bytes length instead, as the `bits_length` parameter is not actually ever used in the current implementation.
2024-11-22 11:05:40 +01:00 · 2018-05-29 12:55:24 +01:00 · 2018-05-29 12:55:24 +01:00 · 5162b932a2
commit 5162b932a2
parent 9366feb504
3 changed files with 7 additions and 6 deletions
--- a/include/mbedtls/aes.h
+++ b/include/mbedtls/aes.h
@ -295,7 +295,7 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
 * \param ctx          The AES XTS context to use for AES XTS operations.
 * \param mode         The AES operation: #MBEDTLS_AES_ENCRYPT or
 *                     #MBEDTLS_AES_DECRYPT.
- * \param bits_length  The length of a data unit in bits.
+ * \param length       The length of a data unit in bytes.
 * \param iv           The address of the data unit encoded as an array of 16
 *                     bytes in little-endian format. For disk encryption, this
 *                     is typically the index of the block device sector that
@ -313,7 +313,7 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
 */
 int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
                           int mode,
-                           size_t bits_length,
+                           size_t length,
                           const unsigned char iv[16],
                           const unsigned char *input,
                           unsigned char *output );
--- a/library/aes.c
+++ b/library/aes.c
@ -1130,7 +1130,7 @@ static void mbedtls_gf128mul_x_ble( unsigned char r[16],
 */
 int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
                           int mode,
-                           size_t bits_length,
+                           size_t length,
                           const unsigned char iv[16],
                           const unsigned char *input,
                           unsigned char *output )
@ -1147,7 +1147,6 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
    union xts_buf128 *inbuf;
    union xts_buf128 *outbuf;

-    size_t length = bits_length / 8;
    size_t nblk   = length / 16;
    size_t remn   = length % 16;

--- a/tests/suites/test_suite_aes.function
+++ b/tests/suites/test_suite_aes.function
@ -169,10 +169,11 @@ void aes_encrypt_xts( char *hex_key_string, char *hex_iv_string,
    key_len = unhexify( key_str, hex_key_string );
    unhexify( iv_str, hex_iv_string );
    data_len = unhexify( src_str, hex_src_string );
+    TEST_ASSERT( data_len == data_unit_len / 8 );

    mbedtls_aes_xts_setkey_enc( &ctx, key_str, key_len * 8 );

-    TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, data_unit_len, iv_str, src_str, output ) == xts_result );
+    TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, data_len, iv_str, src_str, output ) == xts_result );
    if( xts_result == 0 )
    {
        hexify( dst_str, output, data_len );
@ -203,10 +204,11 @@ void aes_decrypt_xts( char *hex_key_string, char *hex_iv_string,
    key_len = unhexify( key_str, hex_key_string );
    unhexify( iv_str, hex_iv_string );
    data_len = unhexify( src_str, hex_src_string );
+    TEST_ASSERT( data_len == data_unit_len / 8 );

    mbedtls_aes_xts_setkey_dec( &ctx, key_str, key_len * 8 );

-    TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_DECRYPT, data_unit_len, iv_str, src_str, output ) == xts_result );
+    TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_DECRYPT, data_len, iv_str, src_str, output ) == xts_result );
    if( xts_result == 0 )
    {
        hexify( dst_str, output, data_len );