aes: Use length instead of bits_length in XTS

mbedtls_aes_crypt_xts() currently takes a `bits_length` parameter, unlike
the other block modes. Change the parameter to accept a bytes length
instead, as the `bits_length` parameter is not actually ever used in the
current implementation.

include/mbedtls/aes.h

@@ -295,7 +295,7 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
  * \param ctx          The AES XTS context to use for AES XTS operations.
  * \param mode         The AES operation: #MBEDTLS_AES_ENCRYPT or
  *                     #MBEDTLS_AES_DECRYPT.
- * \param bits_length  The length of a data unit in bits.
+ * \param length       The length of a data unit in bytes.
  * \param iv           The address of the data unit encoded as an array of 16
  *                     bytes in little-endian format. For disk encryption, this
  *                     is typically the index of the block device sector that
@@ -313,7 +313,7 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
  */
 int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
                            int mode,
-                           size_t bits_length,
+                           size_t length,
                            const unsigned char iv[16],
                            const unsigned char *input,
                            unsigned char *output );

library/aes.c

@@ -1130,7 +1130,7 @@ static void mbedtls_gf128mul_x_ble( unsigned char r[16],
  */
 int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
                            int mode,
-                           size_t bits_length,
+                           size_t length,
                            const unsigned char iv[16],
                            const unsigned char *input,
                            unsigned char *output )
@@ -1147,7 +1147,6 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
     union xts_buf128 *inbuf;
     union xts_buf128 *outbuf;
 
-    size_t length = bits_length / 8;
     size_t nblk   = length / 16;
     size_t remn   = length % 16;
 

tests/suites/test_suite_aes.function

@@ -169,10 +169,11 @@ void aes_encrypt_xts( char *hex_key_string, char *hex_iv_string,
     key_len = unhexify( key_str, hex_key_string );
     unhexify( iv_str, hex_iv_string );
     data_len = unhexify( src_str, hex_src_string );
+    TEST_ASSERT( data_len == data_unit_len / 8 );
 
     mbedtls_aes_xts_setkey_enc( &ctx, key_str, key_len * 8 );
 
-    TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, data_unit_len, iv_str, src_str, output ) == xts_result );
+    TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, data_len, iv_str, src_str, output ) == xts_result );
     if( xts_result == 0 )
     {
         hexify( dst_str, output, data_len );
@@ -203,10 +204,11 @@ void aes_decrypt_xts( char *hex_key_string, char *hex_iv_string,
     key_len = unhexify( key_str, hex_key_string );
     unhexify( iv_str, hex_iv_string );
     data_len = unhexify( src_str, hex_src_string );
+    TEST_ASSERT( data_len == data_unit_len / 8 );
 
     mbedtls_aes_xts_setkey_dec( &ctx, key_str, key_len * 8 );
 
-    TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_DECRYPT, data_unit_len, iv_str, src_str, output ) == xts_result );
+    TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_DECRYPT, data_len, iv_str, src_str, output ) == xts_result );
     if( xts_result == 0 )
     {
         hexify( dst_str, output, data_len );