Split mbedtls_gcm_init() -> gcm_setkey()

This commit is contained in:
Manuel Pégourié-Gonnard 2015-04-28 21:42:17 +02:00
parent 6963ff0969
commit c34e8dd265
6 changed files with 43 additions and 13 deletions

View File

@ -16,6 +16,7 @@ API Changes
* The following _init() functions that could return errors have
been split into an _init() that returns void and another function:
mbedtls_ccm_init() -> mbedtls_ccm_setkey()
mbedtls_gcm_init() -> mbedtls_gcm_setkey()
* In the threading layer, mbedtls_mutex_init() and mbedtls_mutex_free() now
return void.
* ecdsa_write_signature() gained an addtional md_alg argument and

View File

@ -54,6 +54,15 @@ typedef struct {
}
mbedtls_gcm_context;
/**
* \brief Initialize GCM context (just makes references valid)
* Makes the context ready for mbedtls_gcm_setkey() or
* mbedtls_gcm_free().
*
* \param ctx GCM context to initialize
*/
void mbedtls_gcm_init( mbedtls_gcm_context *ctx );
/**
* \brief GCM initialization (encryption)
*
@ -64,7 +73,9 @@ mbedtls_gcm_context;
*
* \return 0 if successful, or a cipher specific error code
*/
int mbedtls_gcm_init( mbedtls_gcm_context *ctx, mbedtls_cipher_id_t cipher, const unsigned char *key,
int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx,
mbedtls_cipher_id_t cipher,
const unsigned char *key,
unsigned int keysize );
/**

View File

@ -332,7 +332,7 @@ static const mbedtls_cipher_info_t aes_256_ctr_info = {
static int gcm_aes_setkey_wrap( void *ctx, const unsigned char *key,
unsigned int key_length )
{
return mbedtls_gcm_init( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_AES,
return mbedtls_gcm_setkey( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_AES,
key, key_length );
}
@ -689,7 +689,7 @@ static const mbedtls_cipher_info_t camellia_256_ctr_info = {
static int gcm_camellia_setkey_wrap( void *ctx, const unsigned char *key,
unsigned int key_length )
{
return mbedtls_gcm_init( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA,
return mbedtls_gcm_setkey( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA,
key, key_length );
}

View File

@ -83,6 +83,14 @@ static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
/*
* Initialize a context
*/
void mbedtls_gcm_init( mbedtls_gcm_context *ctx )
{
memset( ctx, 0, sizeof( mbedtls_gcm_context ) );
}
/*
* Precompute small multiples of H, that is set
* HH[i] || HL[i] = H times i,
@ -151,7 +159,9 @@ static int gcm_gen_table( mbedtls_gcm_context *ctx )
return( 0 );
}
int mbedtls_gcm_init( mbedtls_gcm_context *ctx, mbedtls_cipher_id_t cipher, const unsigned char *key,
int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx,
mbedtls_cipher_id_t cipher,
const unsigned char *key,
unsigned int keysize )
{
int ret;
@ -736,6 +746,8 @@ int mbedtls_gcm_self_test( int verbose )
int i, j, ret;
mbedtls_cipher_id_t cipher = MBEDTLS_CIPHER_ID_AES;
mbedtls_gcm_init( &ctx );
for( j = 0; j < 3; j++ )
{
int key_len = 128 + 64 * j;
@ -746,7 +758,7 @@ int mbedtls_gcm_self_test( int verbose )
mbedtls_printf( " AES-GCM-%3d #%d (%s): ",
key_len, i, "enc" );
mbedtls_gcm_init( &ctx, cipher, key[key_index[i]], key_len );
mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]], key_len );
ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_ENCRYPT,
pt_len[i],
@ -773,7 +785,7 @@ int mbedtls_gcm_self_test( int verbose )
mbedtls_printf( " AES-GCM-%3d #%d (%s): ",
key_len, i, "dec" );
mbedtls_gcm_init( &ctx, cipher, key[key_index[i]], key_len );
mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]], key_len );
ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_DECRYPT,
pt_len[i],
@ -800,7 +812,7 @@ int mbedtls_gcm_self_test( int verbose )
mbedtls_printf( " AES-GCM-%3d #%d split (%s): ",
key_len, i, "enc" );
mbedtls_gcm_init( &ctx, cipher, key[key_index[i]], key_len );
mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]], key_len );
ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_ENCRYPT,
iv[iv_index[i]], iv_len[i],
@ -867,7 +879,7 @@ int mbedtls_gcm_self_test( int verbose )
mbedtls_printf( " AES-GCM-%3d #%d split (%s): ",
key_len, i, "dec" );
mbedtls_gcm_init( &ctx, cipher, key[key_index[i]], key_len );
mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]], key_len );
ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_DECRYPT,
iv[iv_index[i]], iv_len[i],

View File

@ -412,13 +412,15 @@ int main( int argc, char *argv[] )
{
int keysize;
mbedtls_gcm_context gcm;
mbedtls_gcm_init( &gcm );
for( keysize = 128; keysize <= 256; keysize += 64 )
{
mbedtls_snprintf( title, sizeof( title ), "AES-GCM-%d", keysize );
memset( buf, 0, sizeof( buf ) );
memset( tmp, 0, sizeof( tmp ) );
mbedtls_gcm_init( &gcm, MBEDTLS_CIPHER_ID_AES, tmp, keysize );
mbedtls_gcm_setkey( &gcm, MBEDTLS_CIPHER_ID_AES, tmp, keysize );
TIME_AND_TSC( title,
mbedtls_gcm_crypt_and_tag( &gcm, MBEDTLS_GCM_ENCRYPT, BUFSIZE, tmp,

View File

@ -26,6 +26,8 @@ void gcm_encrypt_and_tag( int cipher_id,
unsigned int key_len;
size_t pt_len, iv_len, add_len, tag_len = tag_len_bits / 8;
mbedtls_gcm_init( &ctx );
memset(key_str, 0x00, 128);
memset(src_str, 0x00, 128);
memset(dst_str, 0x00, 257);
@ -40,7 +42,7 @@ void gcm_encrypt_and_tag( int cipher_id,
iv_len = unhexify( iv_str, hex_iv_string );
add_len = unhexify( add_str, hex_add_string );
TEST_ASSERT( mbedtls_gcm_init( &ctx, cipher_id, key_str, key_len * 8 ) == init_result );
TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str, key_len * 8 ) == init_result );
if( init_result == 0 )
{
TEST_ASSERT( mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_ENCRYPT, pt_len, iv_str, iv_len, add_str, add_len, src_str, output, tag_len, tag_output ) == 0 );
@ -75,6 +77,8 @@ void gcm_decrypt_and_verify( int cipher_id,
size_t pt_len, iv_len, add_len, tag_len = tag_len_bits / 8;
int ret;
mbedtls_gcm_init( &ctx );
memset(key_str, 0x00, 128);
memset(src_str, 0x00, 128);
memset(dst_str, 0x00, 257);
@ -89,7 +93,7 @@ void gcm_decrypt_and_verify( int cipher_id,
add_len = unhexify( add_str, hex_add_string );
unhexify( tag_str, hex_tag_string );
TEST_ASSERT( mbedtls_gcm_init( &ctx, cipher_id, key_str, key_len * 8 ) == init_result );
TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str, key_len * 8 ) == init_result );
if( init_result == 0 )
{
ret = mbedtls_gcm_auth_decrypt( &ctx, pt_len, iv_str, iv_len, add_str, add_len, tag_str, tag_len, src_str, output );