This is an automated email from the ASF dual-hosted git repository. utzig pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/mynewt-core.git
The following commit(s) were added to refs/heads/master by this push: new f5ad4b9 crypto: mbedtls_aes_alt: add API implementation, input validation, fix initialization and data types f5ad4b9 is described below commit f5ad4b9fe73eeeb2c65742507aa6a0c538a3288b Author: Naveen Kaje <naveen.k...@juul.com> AuthorDate: Fri May 22 16:48:22 2020 -0500 crypto: mbedtls_aes_alt: add API implementation, input validation, fix initialization and data types 1. add alt implementation mbedtls_aes_setkey_dec() to complete mbedtls dependency. 2. The mbedtls_cipher_update() in mbedtls invokes the ecb_func function (via function pointer) and expects 0 when encryption is successful. Returning the the length resutls in wrong interpretation of the result. Fix this. 3. The mbedtls_aes_context's keylen member should be unsigned int to be consistent with the datatype passed in, or else this results in overflow for AES_256_KEY_LEN (32). 4. Add checks to validate input. Signed-off-by: Naveen Kaje <naveen.k...@juul.com> --- hw/drivers/crypto/include/crypto/aes_alt.h | 5 ++- hw/drivers/crypto/src/mbedtls_aes_alt.c | 49 +++++++++++++++++++++++++----- 2 files changed, 44 insertions(+), 10 deletions(-) diff --git a/hw/drivers/crypto/include/crypto/aes_alt.h b/hw/drivers/crypto/include/crypto/aes_alt.h index db6cd6d..abbc4b5 100644 --- a/hw/drivers/crypto/include/crypto/aes_alt.h +++ b/hw/drivers/crypto/include/crypto/aes_alt.h @@ -30,11 +30,10 @@ extern "C" { #include <crypto/crypto.h> -typedef struct mbedtls_aes_context -{ +typedef struct mbedtls_aes_context { struct crypto_dev *crypto; uint8_t key[AES_MAX_KEY_LEN]; - uint8_t keylen; + unsigned int keylen; } mbedtls_aes_context; void mbedtls_aes_init(mbedtls_aes_context *ctx); diff --git a/hw/drivers/crypto/src/mbedtls_aes_alt.c b/hw/drivers/crypto/src/mbedtls_aes_alt.c index 9bf102f..cf46d82 100644 --- a/hw/drivers/crypto/src/mbedtls_aes_alt.c +++ b/hw/drivers/crypto/src/mbedtls_aes_alt.c @@ -23,6 +23,7 @@ #include "crypto/crypto.h" #include "crypto/aes_alt.h" +#include "mbedtls/aes.h" void mbedtls_aes_init(mbedtls_aes_context *ctx) @@ -40,9 +41,9 @@ mbedtls_aes_free(mbedtls_aes_context *ctx) memset(ctx, 0, sizeof(*ctx)); } -int -mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key, - unsigned int keybits) +static int +mbedtls_aes_setkey(mbedtls_aes_context *ctx, const unsigned char *key, + unsigned int keybits) { switch (keybits) { case AES_128_KEY_LEN * 8: @@ -53,15 +54,49 @@ mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key, return 0; } - return -1; + return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; +} + +static int +mbedtls_aes_validate_input(mbedtls_aes_context *ctx, const unsigned char *key, + unsigned int keybits) +{ + assert(ctx); + + if (key == NULL) { + return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; + } + + return 0; +} + +int +mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key, + unsigned int keybits) +{ + int ret = mbedtls_aes_validate_input(ctx, key, keybits); + + if (ret != 0) { + return ret; + } + + return mbedtls_aes_setkey(ctx, key, keybits); +} + +int +mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key, + unsigned int keybits) +{ + return mbedtls_aes_setkey_enc(ctx, key, keybits); } int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx, int mode, - const unsigned char input[16], unsigned char output[16]) + const unsigned char input[16], unsigned char output[16]) { - return crypto_encrypt_aes_ecb(ctx->crypto, ctx->key, ctx->keylen, - (const uint8_t *)input, (uint8_t *)output, AES_BLOCK_LEN); + int ret = crypto_encrypt_aes_ecb(ctx->crypto, ctx->key, ctx->keylen, + (const uint8_t *)input, (uint8_t *)output, AES_BLOCK_LEN); + return (ret == AES_BLOCK_LEN) ? 0 : -1; } #endif /* MYNEWT_VAL(MBEDTLS_AES_ALT) */