aes: Remove AES-XEX

AES-XEX is a building block for other cryptographic standards and not yet a
standard in and of itself. We'll just provide the standardized AES-XTS
algorithm, and not AES-XEX. The AES-XTS algorithm and interface provided
can be used to perform the AES-XEX algorithm when the length of the input
is a multiple of the AES block size.
This commit is contained in:
Jaeden Amero 2018-05-17 16:42:08 +01:00
parent 010c2cb456
commit e9ecf00007
8 changed files with 2 additions and 3794 deletions

View File

@ -213,30 +213,6 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
unsigned char *output );
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_XEX)
/**
* \brief AES-XEX buffer encryption/decryption
* Length should be a multiple of the block size (16 bytes)
*
* \param crypt_ctx AES context for encrypting data
* \param tweak_ctx AES context for xor-ing with data
* \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
* \param length length of the input data
* \param iv initialization vector
* \param input buffer holding the input data
* \param output buffer holding the output data
*
* \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH
*/
int mbedtls_aes_crypt_xex( mbedtls_aes_context *crypt_ctx,
mbedtls_aes_context *tweak_ctx,
int mode,
size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output );
#endif /* MBEDTLS_CIPHER_MODE_XEX */
#if defined(MBEDTLS_CIPHER_MODE_XTS)
/**
* \brief AES-XTS buffer encryption/decryption

View File

@ -501,13 +501,6 @@
*/
#define MBEDTLS_CIPHER_MODE_CBC
/**
* \def MBEDTLS_CIPHER_MODE_XEX
*
* Enable Xor-encrypt-xor mode (XEX) for symmetric ciphers.
*/
#define MBEDTLS_CIPHER_MODE_XEX
/**
* \def MBEDTLS_CIPHER_MODE_XTS
*

View File

@ -983,64 +983,6 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
}
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_XEX)
/*
* AES-XEX buffer encryption/decryption
*/
int mbedtls_aes_crypt_xex( mbedtls_aes_context *crypt_ctx,
mbedtls_aes_context *tweak_ctx,
int mode,
size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output )
{
union xex_buf128 {
uint8_t u8[16];
uint64_t u64[2];
};
union xex_buf128 scratch;
union xex_buf128 t_buf;
union xex_buf128 *inbuf;
union xex_buf128 *outbuf;
inbuf = (union xex_buf128*)input;
outbuf = (union xex_buf128*)output;
if( length % 16 )
return( MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
mbedtls_aes_crypt_ecb( tweak_ctx, MBEDTLS_AES_ENCRYPT, iv, t_buf.u8 );
goto first;
do
{
mbedtls_gf128mul_x_ble( t_buf.u8, t_buf.u8 );
first:
/* PP <- T xor P */
scratch.u64[0] = (uint64_t)( inbuf->u64[0] ^ t_buf.u64[0] );
scratch.u64[1] = (uint64_t)( inbuf->u64[1] ^ t_buf.u64[1] );
/* CC <- E(Key2,PP) */
mbedtls_aes_crypt_ecb( crypt_ctx, mode, scratch.u8, outbuf->u8 );
/* C <- T xor CC */
outbuf->u64[0] = (uint64_t)( outbuf->u64[0] ^ t_buf.u64[0] );
outbuf->u64[1] = (uint64_t)( outbuf->u64[1] ^ t_buf.u64[1] );
inbuf += 1;
outbuf += 1;
length -= 16;
} while( length > 0 );
return( 0 );
}
#endif /* MBEDTLS_CIPHER_MODE_XEX */
#if defined(MBEDTLS_CIPHER_MODE_XTS)
/* Endianess with 64 bits values */

View File

@ -249,9 +249,6 @@ static const char *features[] = {
#if defined(MBEDTLS_CIPHER_MODE_CBC)
"MBEDTLS_CIPHER_MODE_CBC",
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_XEX)
"MBEDTLS_CIPHER_MODE_XEX",
#endif /* MBEDTLS_CIPHER_MODE_XEX */
#if defined(MBEDTLS_CIPHER_MODE_XTS)
"MBEDTLS_CIPHER_MODE_XTS",
#endif /* MBEDTLS_CIPHER_MODE_XTS */

View File

@ -99,7 +99,7 @@ int main( void )
#define OPTIONS \
"md4, md5, ripemd160, sha1, sha256, sha512,\n" \
"arc4, des3, des, camellia, blowfish,\n" \
"aes_cbc, aes_gcm, aes_ccm, aes_cmac, aes_xex, aes_xts,\n" \
"aes_cbc, aes_gcm, aes_ccm, aes_cmac, aes_xts,\n" \
"des3_cmac, havege, ctr_drbg, hmac_drbg\n" \
"rsa, dhm, ecdsa, ecdh.\n"
@ -233,7 +233,7 @@ unsigned char buf[BUFSIZE];
typedef struct {
char md4, md5, ripemd160, sha1, sha256, sha512,
arc4, des3, des,
aes_cbc, aes_gcm, aes_ccm, aes_cmac, aes_xex, aes_xts,
aes_cbc, aes_gcm, aes_ccm, aes_cmac, aes_xts,
des3_cmac, aria, camellia, blowfish,
havege, ctr_drbg, hmac_drbg,
rsa, dhm, ecdsa, ecdh;
@ -279,8 +279,6 @@ int main( int argc, char *argv[] )
todo.des = 1;
else if( strcmp( argv[i], "aes_cbc" ) == 0 )
todo.aes_cbc = 1;
else if( strcmp( argv[i], "aes_xex" ) == 0 )
todo.aes_xex = 1;
else if( strcmp( argv[i], "aes_xts" ) == 0 )
todo.aes_xts = 1;
else if( strcmp( argv[i], "aes_gcm" ) == 0 )
@ -430,29 +428,6 @@ int main( int argc, char *argv[] )
mbedtls_aes_free( &aes );
}
#endif
#if defined(MBEDTLS_CIPHER_MODE_XEX)
if( todo.aes_xex )
{
int keysize;
mbedtls_aes_context crypt_ctx, tweak_ctx;
mbedtls_aes_init( &crypt_ctx );
mbedtls_aes_init( &tweak_ctx );
for( keysize = 128; keysize <= 256; keysize += 64 )
{
mbedtls_snprintf( title, sizeof( title ), "AES-XEX-%d", keysize );
memset( buf, 0, sizeof( buf ) );
memset( tmp, 0, sizeof( tmp ) );
mbedtls_aes_setkey_enc( &crypt_ctx, tmp, keysize );
mbedtls_aes_setkey_enc( &tweak_ctx, tmp, keysize );
TIME_AND_TSC( title,
mbedtls_aes_crypt_xex( &crypt_ctx, &tweak_ctx, MBEDTLS_AES_ENCRYPT, BUFSIZE, tmp, buf, buf ) );
}
mbedtls_aes_free( &crypt_ctx );
mbedtls_aes_free( &tweak_ctx );
}
#endif
#if defined(MBEDTLS_CIPHER_MODE_XTS)
if( todo.aes_xts )
{

View File

@ -48,7 +48,6 @@ add_test_suite(aes aes.ecb)
add_test_suite(aes aes.cbc)
add_test_suite(aes aes.cfb)
add_test_suite(aes aes.rest)
add_test_suite(aes aes.xex)
add_test_suite(aes aes.xts)
add_test_suite(arc4)
add_test_suite(aria)

View File

@ -151,80 +151,6 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XEX */
void aes_encrypt_xex( char *hex_key_string, char *hex_iv_string,
char *hex_src_string, char *hex_dst_string,
int xex_result )
{
unsigned char key_str[100] = { 0, };
unsigned char iv_str[100] = { 0, };
unsigned char src_str[100] = { 0, };
unsigned char dst_str[100] = { 0, };
unsigned char output[100] = { 0, };
mbedtls_aes_context crypt_ctx, tweak_ctx;
int key_len, data_len;
mbedtls_aes_init( &crypt_ctx );
mbedtls_aes_init( &tweak_ctx );
key_len = unhexify( key_str, hex_key_string );
unhexify( iv_str, hex_iv_string );
data_len = unhexify( src_str, hex_src_string );
mbedtls_aes_setkey_enc( &crypt_ctx, key_str, ( key_len * 8 ) / 2 );
mbedtls_aes_setkey_enc( &tweak_ctx, key_str + key_len / 2, ( key_len * 8 ) / 2 );
TEST_ASSERT( mbedtls_aes_crypt_xex( &crypt_ctx, &tweak_ctx, MBEDTLS_AES_ENCRYPT, data_len, iv_str, src_str, output ) == xex_result );
if( xex_result == 0 )
{
hexify( dst_str, output, data_len );
TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
}
exit:
mbedtls_aes_free( &crypt_ctx );
mbedtls_aes_free( &tweak_ctx );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XEX */
void aes_decrypt_xex( char *hex_key_string, char *hex_iv_string,
char *hex_src_string, char *hex_dst_string,
int xex_result )
{
unsigned char key_str[100] = { 0, };
unsigned char iv_str[100] = { 0, };
unsigned char src_str[100] = { 0, };
unsigned char dst_str[100] = { 0, };
unsigned char output[100] = { 0, };
mbedtls_aes_context crypt_ctx, tweak_ctx;
int key_len, data_len;
mbedtls_aes_init( &crypt_ctx );
mbedtls_aes_init( &tweak_ctx );
key_len = unhexify( key_str, hex_key_string );
unhexify( iv_str, hex_iv_string );
data_len = unhexify( src_str, hex_src_string );
mbedtls_aes_setkey_dec( &crypt_ctx, key_str, ( key_len * 8 ) / 2 );
mbedtls_aes_setkey_enc( &tweak_ctx, key_str + key_len / 2, ( key_len * 8 ) / 2 );
TEST_ASSERT( mbedtls_aes_crypt_xex( &crypt_ctx, &tweak_ctx, MBEDTLS_AES_DECRYPT, data_len, iv_str, src_str, output ) == xex_result );
if( xex_result == 0 )
{
hexify( dst_str, output, data_len );
TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
}
exit:
mbedtls_aes_free( &crypt_ctx );
mbedtls_aes_free( &tweak_ctx );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */
void aes_encrypt_xts( char *hex_key_string, char *hex_iv_string,
char *hex_src_string, char *hex_dst_string,

File diff suppressed because it is too large Load Diff