yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-29 11:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'public/pr/2282' into development

Browse Source
This commit is contained in:
Simon Butcher 2018-12-20 12:01:04 +00:00
commit dac513e246
4 changed files with 294 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

126
include/mbedtls/blowfish.h
View File

@ -76,40 +76,53 @@ mbedtls_blowfish_context;
#endif /* MBEDTLS_BLOWFISH_ALT */ #endif /* MBEDTLS_BLOWFISH_ALT */
/** /**
* \brief Initialize Blowfish context * \brief Initialize a Blowfish context.
* *
* \param ctx Blowfish context to be initialized * \param ctx The Blowfish context to be initialized.
* This must not be \c NULL.
*/ */
void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx ); void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx );
/** /**
* \brief Clear Blowfish context * \brief Clear a Blowfish context.
* *
* \param ctx Blowfish context to be cleared * \param ctx The Blowfish context to be cleared.
* This may be \c NULL, in which case this function
* returns immediately. If it is not \c NULL, it must
* point to an initialized Blowfish context.
*/ */
void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx ); void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx );
/** /**
* \brief Blowfish key schedule * \brief Perform a Blowfish key schedule operation.
* *
* \param ctx Blowfish context to be initialized * \param ctx The Blowfish context to perform the key schedule on.
* \param key encryption key * \param key The encryption key. This must be a readable buffer of
* \param keybits must be between 32 and 448 bits * length \p keybits Bits.
* \param keybits The length of \p key in Bits. This must be between
* \c 32 and \c 448 and a multiple of \c 8.
* *
* \return 0 if successful, or MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA * \return \c 0 if successful.
* \return A negative error code on failure.
*/ */
int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, const unsigned char *key, int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, const unsigned char *key,
unsigned int keybits ); unsigned int keybits );
/** /**
* \brief Blowfish-ECB block encryption/decryption * \brief Perform a Blowfish-ECB block encryption/decryption operation.
* *
* \param ctx Blowfish context * \param ctx The Blowfish context to use. This must be initialized
* \param mode MBEDTLS_BLOWFISH_ENCRYPT or MBEDTLS_BLOWFISH_DECRYPT * and bound to a key.
* \param input 8-byte input block * \param mode The mode of operation. Possible values are
* \param output 8-byte output block * #MBEDTLS_BLOWFISH_ENCRYPT for encryption, or
* #MBEDTLS_BLOWFISH_DECRYPT for decryption.
* \param input The input block. This must be a readable buffer
* of size \c 8 Bytes.
* \param output The output block. This must be a writable buffer
* of size \c 8 Bytes.
* *
* \return 0 if successful * \return \c 0 if successful.
* \return A negative error code on failure.
*/ */
int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx, int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx,
int mode, int mode,
@ -118,9 +131,7 @@ int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx,
#if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/** /**
* \brief Blowfish-CBC buffer encryption/decryption * \brief Perform a Blowfish-CBC buffer encryption/decryption operation.
* Length should be a multiple of the block
* size (8 bytes)
* *
* \note Upon exit, the content of the IV is updated so that you can * \note Upon exit, the content of the IV is updated so that you can
* call the function same function again on the following * call the function same function again on the following
@ -130,15 +141,22 @@ int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx,
* IV, you should either save it manually or use the cipher * IV, you should either save it manually or use the cipher
* module instead. * module instead.
* *
* \param ctx Blowfish context * \param ctx The Blowfish context to use. This must be initialized
* \param mode MBEDTLS_BLOWFISH_ENCRYPT or MBEDTLS_BLOWFISH_DECRYPT * and bound to a key.
* \param length length of the input data * \param mode The mode of operation. Possible values are
* \param iv initialization vector (updated after use) * #MBEDTLS_BLOWFISH_ENCRYPT for encryption, or
* \param input buffer holding the input data * #MBEDTLS_BLOWFISH_DECRYPT for decryption.
* \param output buffer holding the output data * \param length The length of the input data in Bytes. This must be
* multiple of \c 8.
* \param iv The initialization vector. This must be a read/write buffer
* of length \c 8 Bytes. It is updated by this function.
* \param input The input data. This must be a readable buffer of length
* \p length Bytes.
* \param output The output data. This must be a writable buffer of length
* \p length Bytes.
* *
* \return 0 if successful, or * \return \c 0 if successful.
* MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH * \return A negative error code on failure.
*/ */
int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx, int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx,
int mode, int mode,
@ -150,7 +168,7 @@ int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx,
#if defined(MBEDTLS_CIPHER_MODE_CFB) #if defined(MBEDTLS_CIPHER_MODE_CFB)
/** /**
* \brief Blowfish CFB buffer encryption/decryption. * \brief Perform a Blowfish CFB buffer encryption/decryption operation.
* *
* \note Upon exit, the content of the IV is updated so that you can * \note Upon exit, the content of the IV is updated so that you can
* call the function same function again on the following * call the function same function again on the following
@ -160,15 +178,25 @@ int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx,
* IV, you should either save it manually or use the cipher * IV, you should either save it manually or use the cipher
* module instead. * module instead.
* *
* \param ctx Blowfish context * \param ctx The Blowfish context to use. This must be initialized
* \param mode MBEDTLS_BLOWFISH_ENCRYPT or MBEDTLS_BLOWFISH_DECRYPT * and bound to a key.
* \param length length of the input data * \param mode The mode of operation. Possible values are
* \param iv_off offset in IV (updated after use) * #MBEDTLS_BLOWFISH_ENCRYPT for encryption, or
* \param iv initialization vector (updated after use) * #MBEDTLS_BLOWFISH_DECRYPT for decryption.
* \param input buffer holding the input data * \param length The length of the input data in Bytes.
* \param output buffer holding the output data * \param iv_off The offset in the initialiation vector.
* The value pointed to must be smaller than \c 8 Bytes.
* It is updated by this function to support the aforementioned
* streaming usage.
* \param iv The initialization vector. This must be a read/write buffer
* of size \c 8 Bytes. It is updated after use.
* \param input The input data. This must be a readable buffer of length
* \p length Bytes.
* \param output The output data. This must be a writable buffer of length
* \p length Bytes.
* *
* \return 0 if successful * \return \c 0 if successful.
* \return A negative error code on failure.
*/ */
int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx, int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx,
int mode, int mode,
@ -181,7 +209,7 @@ int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx,
#if defined(MBEDTLS_CIPHER_MODE_CTR) #if defined(MBEDTLS_CIPHER_MODE_CTR)
/** /**
* \brief Blowfish-CTR buffer encryption/decryption * \brief Perform a Blowfish-CTR buffer encryption/decryption operation.
* *
* \warning You must never reuse a nonce value with the same key. Doing so * \warning You must never reuse a nonce value with the same key. Doing so
* would void the encryption for the two messages encrypted with * would void the encryption for the two messages encrypted with
@ -224,18 +252,24 @@ int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx,
* content must not be written to insecure storage and should be * content must not be written to insecure storage and should be
* securely discarded as soon as it's no longer needed. * securely discarded as soon as it's no longer needed.
* *
* \param ctx Blowfish context * \param ctx The Blowfish context to use. This must be initialized
* \param length The length of the data * and bound to a key.
* \param length The length of the input data in Bytes.
* \param nc_off The offset in the current stream_block (for resuming * \param nc_off The offset in the current stream_block (for resuming
* within current cipher stream). The offset pointer to * within current cipher stream). The offset pointer
* should be 0 at the start of a stream. * should be \c 0 at the start of a stream and must be
* \param nonce_counter The 64-bit nonce and counter. * smaller than \c 8. It is updated by this function.
* \param stream_block The saved stream-block for resuming. Is overwritten * \param nonce_counter The 64-bit nonce and counter. This must point to a
* by the function. * read/write buffer of length \c 8 Bytes.
* \param input The input data stream * \param stream_block The saved stream-block for resuming. This must point to
* \param output The output data stream * a read/write buffer of length \c 8 Bytes.
* \param input The input data. This must be a readable buffer of
* length \p length Bytes.
* \param output The output data. This must be a writable buffer of
* length \p length Bytes.
* *
* \return 0 if successful * \return \c 0 if successful.
* \return A negative error code on failure.
*/ */
int mbedtls_blowfish_crypt_ctr( mbedtls_blowfish_context *ctx, int mbedtls_blowfish_crypt_ctr( mbedtls_blowfish_context *ctx,
size_t length, size_t length,

54
library/blowfish.c
View File

@ -40,6 +40,12 @@
#if !defined(MBEDTLS_BLOWFISH_ALT) #if !defined(MBEDTLS_BLOWFISH_ALT)
/* Parameter validation macros */
#define BLOWFISH_VALIDATE_RET( cond ) \
MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA )
#define BLOWFISH_VALIDATE( cond ) \
MBEDTLS_INTERNAL_VALIDATE( cond )
/* /*
* 32-bit integer manipulation macros (big endian) * 32-bit integer manipulation macros (big endian)
*/ */
@ -153,6 +159,7 @@ static void blowfish_dec( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t
void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx ) void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx )
{ {
BLOWFISH_VALIDATE( ctx != NULL );
memset( ctx, 0, sizeof( mbedtls_blowfish_context ) ); memset( ctx, 0, sizeof( mbedtls_blowfish_context ) );
} }
@ -167,14 +174,18 @@ void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx )
/* /*
* Blowfish key schedule * Blowfish key schedule
*/ */
int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, const unsigned char *key, int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx,
const unsigned char *key,
unsigned int keybits ) unsigned int keybits )
{ {
unsigned int i, j, k; unsigned int i, j, k;
uint32_t data, datal, datar; uint32_t data, datal, datar;
BLOWFISH_VALIDATE_RET( ctx != NULL );
BLOWFISH_VALIDATE_RET( key != NULL );
if( keybits < MBEDTLS_BLOWFISH_MIN_KEY_BITS || keybits > MBEDTLS_BLOWFISH_MAX_KEY_BITS || if( keybits < MBEDTLS_BLOWFISH_MIN_KEY_BITS ||
( keybits % 8 ) ) keybits > MBEDTLS_BLOWFISH_MAX_KEY_BITS ||
keybits % 8 != 0 )
{ {
return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA ); return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA );
} }
@ -231,6 +242,11 @@ int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx,
unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE] ) unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE] )
{ {
uint32_t X0, X1; uint32_t X0, X1;
BLOWFISH_VALIDATE_RET( ctx != NULL );
BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT ||
mode == MBEDTLS_BLOWFISH_DECRYPT );
BLOWFISH_VALIDATE_RET( input != NULL );
BLOWFISH_VALIDATE_RET( output != NULL );
GET_UINT32_BE( X0, input, 0 ); GET_UINT32_BE( X0, input, 0 );
GET_UINT32_BE( X1, input, 4 ); GET_UINT32_BE( X1, input, 4 );
@ -263,6 +279,12 @@ int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx,
{ {
int i; int i;
unsigned char temp[MBEDTLS_BLOWFISH_BLOCKSIZE]; unsigned char temp[MBEDTLS_BLOWFISH_BLOCKSIZE];
BLOWFISH_VALIDATE_RET( ctx != NULL );
BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT ||
mode == MBEDTLS_BLOWFISH_DECRYPT );
BLOWFISH_VALIDATE_RET( iv != NULL );
BLOWFISH_VALIDATE_RET( length == 0 || input != NULL );
BLOWFISH_VALIDATE_RET( length == 0 || output != NULL );
if( length % MBEDTLS_BLOWFISH_BLOCKSIZE ) if( length % MBEDTLS_BLOWFISH_BLOCKSIZE )
return( MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH ); return( MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH );
@ -317,7 +339,19 @@ int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx,
unsigned char *output ) unsigned char *output )
{ {
int c; int c;
size_t n = *iv_off; size_t n;
BLOWFISH_VALIDATE_RET( ctx != NULL );
BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT ||
mode == MBEDTLS_BLOWFISH_DECRYPT );
BLOWFISH_VALIDATE_RET( iv != NULL );
BLOWFISH_VALIDATE_RET( iv_off != NULL );
BLOWFISH_VALIDATE_RET( length == 0 || input != NULL );
BLOWFISH_VALIDATE_RET( length == 0 || output != NULL );
n = *iv_off;
if( n >= 8 )
return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA );
if( mode == MBEDTLS_BLOWFISH_DECRYPT ) if( mode == MBEDTLS_BLOWFISH_DECRYPT )
{ {
@ -365,7 +399,17 @@ int mbedtls_blowfish_crypt_ctr( mbedtls_blowfish_context *ctx,
unsigned char *output ) unsigned char *output )
{ {
int c, i; int c, i;
size_t n = *nc_off; size_t n;
BLOWFISH_VALIDATE_RET( ctx != NULL );
BLOWFISH_VALIDATE_RET( nonce_counter != NULL );
BLOWFISH_VALIDATE_RET( stream_block != NULL );
BLOWFISH_VALIDATE_RET( nc_off != NULL );
BLOWFISH_VALIDATE_RET( length == 0 || input != NULL );
BLOWFISH_VALIDATE_RET( length == 0 || output != NULL );
n = *nc_off;
if( n >= 8 )
return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA );
while( length-- ) while( length-- )
{ {

6
tests/suites/test_suite_blowfish.data
View File

@ -1,3 +1,9 @@
BLOWFISH - Valid parameters
blowfish_valid_param:
BLOWFISH - Invalid parameters
blowfish_invalid_param:
BLOWFISH-ECB Encrypt SSLeay reference #1 BLOWFISH-ECB Encrypt SSLeay reference #1
blowfish_encrypt_ecb:"0000000000000000":"0000000000000000":"4ef997456198dd78":0 blowfish_encrypt_ecb:"0000000000000000":"0000000000000000":"4ef997456198dd78":0

158
tests/suites/test_suite_blowfish.function
View File

@ -7,6 +7,164 @@
* END_DEPENDENCIES * END_DEPENDENCIES
*/ */
/* BEGIN_CASE */
void blowfish_valid_param( )
{
TEST_VALID_PARAM( mbedtls_blowfish_free( NULL ) );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
void blowfish_invalid_param( )
{
mbedtls_blowfish_context ctx;
unsigned char buf[16] = { 0 };
size_t const valid_keylength = sizeof( buf ) * 8;
size_t valid_mode = MBEDTLS_BLOWFISH_ENCRYPT;
size_t invalid_mode = 42;
size_t off;
((void) off);
TEST_INVALID_PARAM( mbedtls_blowfish_init( NULL ) );
TEST_VALID_PARAM( mbedtls_blowfish_free( NULL ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
mbedtls_blowfish_setkey( NULL,
buf,
valid_keylength ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
mbedtls_blowfish_setkey( &ctx,
NULL,
valid_keylength ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
mbedtls_blowfish_crypt_ecb( NULL,
valid_mode,
buf, buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
mbedtls_blowfish_crypt_ecb( &ctx,
invalid_mode,
buf, buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
mbedtls_blowfish_crypt_ecb( &ctx,
valid_mode,
NULL, buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
mbedtls_blowfish_crypt_ecb( &ctx,
valid_mode,
buf, NULL ) );
#if defined(MBEDTLS_CIPHER_MODE_CBC)
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
mbedtls_blowfish_crypt_cbc( NULL,
valid_mode,
sizeof( buf ),
buf, buf, buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
mbedtls_blowfish_crypt_cbc( &ctx,
invalid_mode,
sizeof( buf ),
buf, buf, buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
mbedtls_blowfish_crypt_cbc( &ctx,
valid_mode,
sizeof( buf ),
NULL, buf, buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
mbedtls_blowfish_crypt_cbc( &ctx,
valid_mode,
sizeof( buf ),
buf, NULL, buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
mbedtls_blowfish_crypt_cbc( &ctx,
valid_mode,
sizeof( buf ),
buf, buf, NULL ) );
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_CFB)
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
mbedtls_blowfish_crypt_cfb64( NULL,
valid_mode,
sizeof( buf ),
&off, buf,
buf, buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
mbedtls_blowfish_crypt_cfb64( &ctx,
invalid_mode,
sizeof( buf ),
&off, buf,
buf, buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
mbedtls_blowfish_crypt_cfb64( &ctx,
valid_mode,
sizeof( buf ),
NULL, buf,
buf, buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
mbedtls_blowfish_crypt_cfb64( &ctx,
valid_mode,
sizeof( buf ),
&off, NULL,
buf, buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
mbedtls_blowfish_crypt_cfb64( &ctx,
valid_mode,
sizeof( buf ),
&off, buf,
NULL, buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
mbedtls_blowfish_crypt_cfb64( &ctx,
valid_mode,
sizeof( buf ),
&off, buf,
buf, NULL ) );
#endif /* MBEDTLS_CIPHER_MODE_CFB */
#if defined(MBEDTLS_CIPHER_MODE_CTR)
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
mbedtls_blowfish_crypt_ctr( NULL,
sizeof( buf ),
&off,
buf, buf,
buf, buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
mbedtls_blowfish_crypt_ctr( &ctx,
sizeof( buf ),
NULL,
buf, buf,
buf, buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
mbedtls_blowfish_crypt_ctr( &ctx,
sizeof( buf ),
&off,
NULL, buf,
buf, buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
mbedtls_blowfish_crypt_ctr( &ctx,
sizeof( buf ),
&off,
buf, NULL,
buf, buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
mbedtls_blowfish_crypt_ctr( &ctx,
sizeof( buf ),
&off,
buf, buf,
NULL, buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
mbedtls_blowfish_crypt_ctr( &ctx,
sizeof( buf ),
&off,
buf, buf,
buf, NULL ) );
#endif /* MBEDTLS_CIPHER_MODE_CTR */
exit:
return;
}
/* END_CASE */
/* BEGIN_CASE */ /* BEGIN_CASE */
void blowfish_encrypt_ecb( data_t * key_str, data_t * src_str, void blowfish_encrypt_ecb( data_t * key_str, data_t * src_str,
data_t * hex_dst_string, int setkey_result ) data_t * hex_dst_string, int setkey_result )