mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-29 08:44:22 +01:00
aes: Remove AES-XEX
AES-XEX is a building block for other cryptographic standards and not yet a standard in and of itself. We'll just provide the standardized AES-XTS algorithm, and not AES-XEX. The AES-XTS algorithm and interface provided can be used to perform the AES-XEX algorithm when the length of the input is a multiple of the AES block size.
This commit is contained in:
parent
010c2cb456
commit
e9ecf00007
@ -213,30 +213,6 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
|
||||
unsigned char *output );
|
||||
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
||||
|
||||
#if defined(MBEDTLS_CIPHER_MODE_XEX)
|
||||
/**
|
||||
* \brief AES-XEX buffer encryption/decryption
|
||||
* Length should be a multiple of the block size (16 bytes)
|
||||
*
|
||||
* \param crypt_ctx AES context for encrypting data
|
||||
* \param tweak_ctx AES context for xor-ing with data
|
||||
* \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
|
||||
* \param length length of the input data
|
||||
* \param iv initialization vector
|
||||
* \param input buffer holding the input data
|
||||
* \param output buffer holding the output data
|
||||
*
|
||||
* \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH
|
||||
*/
|
||||
int mbedtls_aes_crypt_xex( mbedtls_aes_context *crypt_ctx,
|
||||
mbedtls_aes_context *tweak_ctx,
|
||||
int mode,
|
||||
size_t length,
|
||||
unsigned char iv[16],
|
||||
const unsigned char *input,
|
||||
unsigned char *output );
|
||||
#endif /* MBEDTLS_CIPHER_MODE_XEX */
|
||||
|
||||
#if defined(MBEDTLS_CIPHER_MODE_XTS)
|
||||
/**
|
||||
* \brief AES-XTS buffer encryption/decryption
|
||||
|
@ -501,13 +501,6 @@
|
||||
*/
|
||||
#define MBEDTLS_CIPHER_MODE_CBC
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_CIPHER_MODE_XEX
|
||||
*
|
||||
* Enable Xor-encrypt-xor mode (XEX) for symmetric ciphers.
|
||||
*/
|
||||
#define MBEDTLS_CIPHER_MODE_XEX
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_CIPHER_MODE_XTS
|
||||
*
|
||||
|
@ -983,64 +983,6 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
|
||||
}
|
||||
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
||||
|
||||
#if defined(MBEDTLS_CIPHER_MODE_XEX)
|
||||
/*
|
||||
* AES-XEX buffer encryption/decryption
|
||||
*/
|
||||
int mbedtls_aes_crypt_xex( mbedtls_aes_context *crypt_ctx,
|
||||
mbedtls_aes_context *tweak_ctx,
|
||||
int mode,
|
||||
size_t length,
|
||||
unsigned char iv[16],
|
||||
const unsigned char *input,
|
||||
unsigned char *output )
|
||||
{
|
||||
union xex_buf128 {
|
||||
uint8_t u8[16];
|
||||
uint64_t u64[2];
|
||||
};
|
||||
|
||||
union xex_buf128 scratch;
|
||||
union xex_buf128 t_buf;
|
||||
union xex_buf128 *inbuf;
|
||||
union xex_buf128 *outbuf;
|
||||
|
||||
inbuf = (union xex_buf128*)input;
|
||||
outbuf = (union xex_buf128*)output;
|
||||
|
||||
if( length % 16 )
|
||||
return( MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
|
||||
|
||||
|
||||
mbedtls_aes_crypt_ecb( tweak_ctx, MBEDTLS_AES_ENCRYPT, iv, t_buf.u8 );
|
||||
|
||||
goto first;
|
||||
|
||||
do
|
||||
{
|
||||
mbedtls_gf128mul_x_ble( t_buf.u8, t_buf.u8 );
|
||||
|
||||
first:
|
||||
/* PP <- T xor P */
|
||||
scratch.u64[0] = (uint64_t)( inbuf->u64[0] ^ t_buf.u64[0] );
|
||||
scratch.u64[1] = (uint64_t)( inbuf->u64[1] ^ t_buf.u64[1] );
|
||||
|
||||
/* CC <- E(Key2,PP) */
|
||||
mbedtls_aes_crypt_ecb( crypt_ctx, mode, scratch.u8, outbuf->u8 );
|
||||
|
||||
/* C <- T xor CC */
|
||||
outbuf->u64[0] = (uint64_t)( outbuf->u64[0] ^ t_buf.u64[0] );
|
||||
outbuf->u64[1] = (uint64_t)( outbuf->u64[1] ^ t_buf.u64[1] );
|
||||
|
||||
inbuf += 1;
|
||||
outbuf += 1;
|
||||
length -= 16;
|
||||
} while( length > 0 );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* MBEDTLS_CIPHER_MODE_XEX */
|
||||
|
||||
#if defined(MBEDTLS_CIPHER_MODE_XTS)
|
||||
|
||||
/* Endianess with 64 bits values */
|
||||
|
@ -249,9 +249,6 @@ static const char *features[] = {
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
||||
"MBEDTLS_CIPHER_MODE_CBC",
|
||||
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
||||
#if defined(MBEDTLS_CIPHER_MODE_XEX)
|
||||
"MBEDTLS_CIPHER_MODE_XEX",
|
||||
#endif /* MBEDTLS_CIPHER_MODE_XEX */
|
||||
#if defined(MBEDTLS_CIPHER_MODE_XTS)
|
||||
"MBEDTLS_CIPHER_MODE_XTS",
|
||||
#endif /* MBEDTLS_CIPHER_MODE_XTS */
|
||||
|
@ -99,7 +99,7 @@ int main( void )
|
||||
#define OPTIONS \
|
||||
"md4, md5, ripemd160, sha1, sha256, sha512,\n" \
|
||||
"arc4, des3, des, camellia, blowfish,\n" \
|
||||
"aes_cbc, aes_gcm, aes_ccm, aes_cmac, aes_xex, aes_xts,\n" \
|
||||
"aes_cbc, aes_gcm, aes_ccm, aes_cmac, aes_xts,\n" \
|
||||
"des3_cmac, havege, ctr_drbg, hmac_drbg\n" \
|
||||
"rsa, dhm, ecdsa, ecdh.\n"
|
||||
|
||||
@ -233,7 +233,7 @@ unsigned char buf[BUFSIZE];
|
||||
typedef struct {
|
||||
char md4, md5, ripemd160, sha1, sha256, sha512,
|
||||
arc4, des3, des,
|
||||
aes_cbc, aes_gcm, aes_ccm, aes_cmac, aes_xex, aes_xts,
|
||||
aes_cbc, aes_gcm, aes_ccm, aes_cmac, aes_xts,
|
||||
des3_cmac, aria, camellia, blowfish,
|
||||
havege, ctr_drbg, hmac_drbg,
|
||||
rsa, dhm, ecdsa, ecdh;
|
||||
@ -279,8 +279,6 @@ int main( int argc, char *argv[] )
|
||||
todo.des = 1;
|
||||
else if( strcmp( argv[i], "aes_cbc" ) == 0 )
|
||||
todo.aes_cbc = 1;
|
||||
else if( strcmp( argv[i], "aes_xex" ) == 0 )
|
||||
todo.aes_xex = 1;
|
||||
else if( strcmp( argv[i], "aes_xts" ) == 0 )
|
||||
todo.aes_xts = 1;
|
||||
else if( strcmp( argv[i], "aes_gcm" ) == 0 )
|
||||
@ -430,29 +428,6 @@ int main( int argc, char *argv[] )
|
||||
mbedtls_aes_free( &aes );
|
||||
}
|
||||
#endif
|
||||
#if defined(MBEDTLS_CIPHER_MODE_XEX)
|
||||
if( todo.aes_xex )
|
||||
{
|
||||
int keysize;
|
||||
mbedtls_aes_context crypt_ctx, tweak_ctx;
|
||||
mbedtls_aes_init( &crypt_ctx );
|
||||
mbedtls_aes_init( &tweak_ctx );
|
||||
for( keysize = 128; keysize <= 256; keysize += 64 )
|
||||
{
|
||||
mbedtls_snprintf( title, sizeof( title ), "AES-XEX-%d", keysize );
|
||||
|
||||
memset( buf, 0, sizeof( buf ) );
|
||||
memset( tmp, 0, sizeof( tmp ) );
|
||||
mbedtls_aes_setkey_enc( &crypt_ctx, tmp, keysize );
|
||||
mbedtls_aes_setkey_enc( &tweak_ctx, tmp, keysize );
|
||||
|
||||
TIME_AND_TSC( title,
|
||||
mbedtls_aes_crypt_xex( &crypt_ctx, &tweak_ctx, MBEDTLS_AES_ENCRYPT, BUFSIZE, tmp, buf, buf ) );
|
||||
}
|
||||
mbedtls_aes_free( &crypt_ctx );
|
||||
mbedtls_aes_free( &tweak_ctx );
|
||||
}
|
||||
#endif
|
||||
#if defined(MBEDTLS_CIPHER_MODE_XTS)
|
||||
if( todo.aes_xts )
|
||||
{
|
||||
|
@ -48,7 +48,6 @@ add_test_suite(aes aes.ecb)
|
||||
add_test_suite(aes aes.cbc)
|
||||
add_test_suite(aes aes.cfb)
|
||||
add_test_suite(aes aes.rest)
|
||||
add_test_suite(aes aes.xex)
|
||||
add_test_suite(aes aes.xts)
|
||||
add_test_suite(arc4)
|
||||
add_test_suite(aria)
|
||||
|
@ -151,80 +151,6 @@ exit:
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XEX */
|
||||
void aes_encrypt_xex( char *hex_key_string, char *hex_iv_string,
|
||||
char *hex_src_string, char *hex_dst_string,
|
||||
int xex_result )
|
||||
{
|
||||
unsigned char key_str[100] = { 0, };
|
||||
unsigned char iv_str[100] = { 0, };
|
||||
unsigned char src_str[100] = { 0, };
|
||||
unsigned char dst_str[100] = { 0, };
|
||||
unsigned char output[100] = { 0, };
|
||||
mbedtls_aes_context crypt_ctx, tweak_ctx;
|
||||
int key_len, data_len;
|
||||
|
||||
mbedtls_aes_init( &crypt_ctx );
|
||||
mbedtls_aes_init( &tweak_ctx );
|
||||
|
||||
key_len = unhexify( key_str, hex_key_string );
|
||||
unhexify( iv_str, hex_iv_string );
|
||||
data_len = unhexify( src_str, hex_src_string );
|
||||
|
||||
mbedtls_aes_setkey_enc( &crypt_ctx, key_str, ( key_len * 8 ) / 2 );
|
||||
mbedtls_aes_setkey_enc( &tweak_ctx, key_str + key_len / 2, ( key_len * 8 ) / 2 );
|
||||
|
||||
TEST_ASSERT( mbedtls_aes_crypt_xex( &crypt_ctx, &tweak_ctx, MBEDTLS_AES_ENCRYPT, data_len, iv_str, src_str, output ) == xex_result );
|
||||
if( xex_result == 0 )
|
||||
{
|
||||
hexify( dst_str, output, data_len );
|
||||
|
||||
TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
|
||||
}
|
||||
|
||||
exit:
|
||||
mbedtls_aes_free( &crypt_ctx );
|
||||
mbedtls_aes_free( &tweak_ctx );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XEX */
|
||||
void aes_decrypt_xex( char *hex_key_string, char *hex_iv_string,
|
||||
char *hex_src_string, char *hex_dst_string,
|
||||
int xex_result )
|
||||
{
|
||||
unsigned char key_str[100] = { 0, };
|
||||
unsigned char iv_str[100] = { 0, };
|
||||
unsigned char src_str[100] = { 0, };
|
||||
unsigned char dst_str[100] = { 0, };
|
||||
unsigned char output[100] = { 0, };
|
||||
mbedtls_aes_context crypt_ctx, tweak_ctx;
|
||||
int key_len, data_len;
|
||||
|
||||
mbedtls_aes_init( &crypt_ctx );
|
||||
mbedtls_aes_init( &tweak_ctx );
|
||||
|
||||
key_len = unhexify( key_str, hex_key_string );
|
||||
unhexify( iv_str, hex_iv_string );
|
||||
data_len = unhexify( src_str, hex_src_string );
|
||||
|
||||
mbedtls_aes_setkey_dec( &crypt_ctx, key_str, ( key_len * 8 ) / 2 );
|
||||
mbedtls_aes_setkey_enc( &tweak_ctx, key_str + key_len / 2, ( key_len * 8 ) / 2 );
|
||||
|
||||
TEST_ASSERT( mbedtls_aes_crypt_xex( &crypt_ctx, &tweak_ctx, MBEDTLS_AES_DECRYPT, data_len, iv_str, src_str, output ) == xex_result );
|
||||
if( xex_result == 0 )
|
||||
{
|
||||
hexify( dst_str, output, data_len );
|
||||
|
||||
TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 );
|
||||
}
|
||||
|
||||
exit:
|
||||
mbedtls_aes_free( &crypt_ctx );
|
||||
mbedtls_aes_free( &tweak_ctx );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */
|
||||
void aes_encrypt_xts( char *hex_key_string, char *hex_iv_string,
|
||||
char *hex_src_string, char *hex_dst_string,
|
||||
|
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue
Block a user