aes: xts: Rename iv to data_unit

XTS doesn't have an IV, it has a "Data Unit". Rename iv for parity with the
XTS standard.
This commit is contained in:
Jaeden Amero 2018-05-30 15:23:24 +01:00
parent d82cd860b2
commit cd9fc5e541
3 changed files with 14 additions and 13 deletions

View File

@ -290,7 +290,7 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
* *
* AES-XTS encrypts or decrypts blocks based on their location as * AES-XTS encrypts or decrypts blocks based on their location as
* defined by a data unit number. The data unit number must be * defined by a data unit number. The data unit number must be
* provided by \p iv. * provided by \p data_unit.
* *
* NIST SP 800-38E limits the maximum size of a data unit to 2^20 * NIST SP 800-38E limits the maximum size of a data unit to 2^20
* AES blocks. If the data unit is larger than this, this function * AES blocks. If the data unit is larger than this, this function
@ -302,7 +302,7 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
* \param length The length of a data unit in bytes. This can be any * \param length The length of a data unit in bytes. This can be any
* length between 16 bytes and 2^24 bytes inclusive * length between 16 bytes and 2^24 bytes inclusive
* (between 1 and 2^20 block cipher blocks). * (between 1 and 2^20 block cipher blocks).
* \param iv The address of the data unit encoded as an array of 16 * \param data_unit The address of the data unit encoded as an array of 16
* bytes in little-endian format. For disk encryption, this * bytes in little-endian format. For disk encryption, this
* is typically the index of the block device sector that * is typically the index of the block device sector that
* contains the data. * contains the data.
@ -321,7 +321,7 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx, int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
int mode, int mode,
size_t length, size_t length,
const unsigned char iv[16], const unsigned char data_unit[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
#endif /* MBEDTLS_CIPHER_MODE_XTS */ #endif /* MBEDTLS_CIPHER_MODE_XTS */

View File

@ -1131,7 +1131,7 @@ static void mbedtls_gf128mul_x_ble( unsigned char r[16],
int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx, int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
int mode, int mode,
size_t length, size_t length,
const unsigned char iv[16], const unsigned char data_unit[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output )
{ {
@ -1151,7 +1151,8 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH; return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
/* Compute the tweak. */ /* Compute the tweak. */
ret = mbedtls_aes_crypt_ecb( &ctx->tweak, MBEDTLS_AES_ENCRYPT, iv, tweak ); ret = mbedtls_aes_crypt_ecb( &ctx->tweak, MBEDTLS_AES_ENCRYPT,
data_unit, tweak );
if( ret != 0 ) if( ret != 0 )
return( ret ); return( ret );

View File

@ -152,12 +152,12 @@ exit:
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */
void aes_encrypt_xts( char *hex_key_string, char *hex_iv_string, void aes_encrypt_xts( char *hex_key_string, char *hex_data_unit_string,
char *hex_src_string, char *hex_dst_string, char *hex_src_string, char *hex_dst_string,
int data_unit_len, int xts_result ) int data_unit_len, int xts_result )
{ {
unsigned char key_str[100] = { 0, }; unsigned char key_str[100] = { 0, };
unsigned char iv_str[100] = { 0, }; unsigned char data_unit_str[100] = { 0, };
unsigned char src_str[100] = { 0, }; unsigned char src_str[100] = { 0, };
unsigned char dst_str[100] = { 0, }; unsigned char dst_str[100] = { 0, };
unsigned char output[100] = { 0, }; unsigned char output[100] = { 0, };
@ -167,13 +167,13 @@ void aes_encrypt_xts( char *hex_key_string, char *hex_iv_string,
mbedtls_aes_xts_init( &ctx ); mbedtls_aes_xts_init( &ctx );
key_len = unhexify( key_str, hex_key_string ); key_len = unhexify( key_str, hex_key_string );
unhexify( iv_str, hex_iv_string ); unhexify( data_unit_str, hex_data_unit_string );
data_len = unhexify( src_str, hex_src_string ); data_len = unhexify( src_str, hex_src_string );
TEST_ASSERT( data_len == data_unit_len / 8 ); TEST_ASSERT( data_len == data_unit_len / 8 );
mbedtls_aes_xts_setkey_enc( &ctx, key_str, key_len * 8 ); mbedtls_aes_xts_setkey_enc( &ctx, key_str, key_len * 8 );
TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, data_len, iv_str, src_str, output ) == xts_result ); TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, data_len, data_unit_str, src_str, output ) == xts_result );
if( xts_result == 0 ) if( xts_result == 0 )
{ {
hexify( dst_str, output, data_len ); hexify( dst_str, output, data_len );
@ -187,12 +187,12 @@ exit:
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */
void aes_decrypt_xts( char *hex_key_string, char *hex_iv_string, void aes_decrypt_xts( char *hex_key_string, char *hex_data_unit_string,
char *hex_src_string, char *hex_dst_string, char *hex_src_string, char *hex_dst_string,
int data_unit_len, int xts_result ) int data_unit_len, int xts_result )
{ {
unsigned char key_str[100] = { 0, }; unsigned char key_str[100] = { 0, };
unsigned char iv_str[100] = { 0, }; unsigned char data_unit_str[100] = { 0, };
unsigned char src_str[100] = { 0, }; unsigned char src_str[100] = { 0, };
unsigned char dst_str[100] = { 0, }; unsigned char dst_str[100] = { 0, };
unsigned char output[100] = { 0, }; unsigned char output[100] = { 0, };
@ -202,13 +202,13 @@ void aes_decrypt_xts( char *hex_key_string, char *hex_iv_string,
mbedtls_aes_xts_init( &ctx ); mbedtls_aes_xts_init( &ctx );
key_len = unhexify( key_str, hex_key_string ); key_len = unhexify( key_str, hex_key_string );
unhexify( iv_str, hex_iv_string ); unhexify( data_unit_str, hex_data_unit_string );
data_len = unhexify( src_str, hex_src_string ); data_len = unhexify( src_str, hex_src_string );
TEST_ASSERT( data_len == data_unit_len / 8 ); TEST_ASSERT( data_len == data_unit_len / 8 );
mbedtls_aes_xts_setkey_dec( &ctx, key_str, key_len * 8 ); mbedtls_aes_xts_setkey_dec( &ctx, key_str, key_len * 8 );
TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_DECRYPT, data_len, iv_str, src_str, output ) == xts_result ); TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_DECRYPT, data_len, data_unit_str, src_str, output ) == xts_result );
if( xts_result == 0 ) if( xts_result == 0 )
{ {
hexify( dst_str, output, data_len ); hexify( dst_str, output, data_len );