This is an automated email from the ASF dual-hosted git repository.
utzig pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mynewt-core.git
The following commit(s) were added to refs/heads/master by this push:
new f5ad4b9 crypto: mbedtls_aes_alt: add API implementation, input
validation, fix initialization and data types
f5ad4b9 is described below
commit f5ad4b9fe73eeeb2c65742507aa6a0c538a3288b
Author: Naveen Kaje <naveen.k...@juul.com>
AuthorDate: Fri May 22 16:48:22 2020 -0500
crypto: mbedtls_aes_alt: add API implementation, input validation, fix
initialization and data types
1. add alt implementation mbedtls_aes_setkey_dec() to complete mbedtls
dependency.
2. The mbedtls_cipher_update() in mbedtls invokes the ecb_func
function (via function pointer) and expects 0 when encryption
is successful. Returning the the length resutls in wrong interpretation
of the result. Fix this.
3. The mbedtls_aes_context's keylen member should be unsigned int
to be consistent with the datatype passed in, or else this results
in overflow for AES_256_KEY_LEN (32).
4. Add checks to validate input.
Signed-off-by: Naveen Kaje <naveen.k...@juul.com>
---
hw/drivers/crypto/include/crypto/aes_alt.h | 5 ++-
hw/drivers/crypto/src/mbedtls_aes_alt.c | 49 +++++++++++++++++++++++++-----
2 files changed, 44 insertions(+), 10 deletions(-)
diff --git a/hw/drivers/crypto/include/crypto/aes_alt.h
b/hw/drivers/crypto/include/crypto/aes_alt.h
index db6cd6d..abbc4b5 100644
--- a/hw/drivers/crypto/include/crypto/aes_alt.h
+++ b/hw/drivers/crypto/include/crypto/aes_alt.h
@@ -30,11 +30,10 @@ extern "C" {
#include <crypto/crypto.h>
-typedef struct mbedtls_aes_context
-{
+typedef struct mbedtls_aes_context {
struct crypto_dev *crypto;
uint8_t key[AES_MAX_KEY_LEN];
- uint8_t keylen;
+ unsigned int keylen;
} mbedtls_aes_context;
void mbedtls_aes_init(mbedtls_aes_context *ctx);
diff --git a/hw/drivers/crypto/src/mbedtls_aes_alt.c
b/hw/drivers/crypto/src/mbedtls_aes_alt.c
index 9bf102f..cf46d82 100644
--- a/hw/drivers/crypto/src/mbedtls_aes_alt.c
+++ b/hw/drivers/crypto/src/mbedtls_aes_alt.c
@@ -23,6 +23,7 @@
#include "crypto/crypto.h"
#include "crypto/aes_alt.h"
+#include "mbedtls/aes.h"
void
mbedtls_aes_init(mbedtls_aes_context *ctx)
@@ -40,9 +41,9 @@ mbedtls_aes_free(mbedtls_aes_context *ctx)
memset(ctx, 0, sizeof(*ctx));
}
-int
-mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
- unsigned int keybits)
+static int
+mbedtls_aes_setkey(mbedtls_aes_context *ctx, const unsigned char *key,
+ unsigned int keybits)
{
switch (keybits) {
case AES_128_KEY_LEN * 8:
@@ -53,15 +54,49 @@ mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const
unsigned char *key,
return 0;
}
- return -1;
+ return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH;
+}
+
+static int
+mbedtls_aes_validate_input(mbedtls_aes_context *ctx, const unsigned char *key,
+ unsigned int keybits)
+{
+ assert(ctx);
+
+ if (key == NULL) {
+ return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH;
+ }
+
+ return 0;
+}
+
+int
+mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
+ unsigned int keybits)
+{
+ int ret = mbedtls_aes_validate_input(ctx, key, keybits);
+
+ if (ret != 0) {
+ return ret;
+ }
+
+ return mbedtls_aes_setkey(ctx, key, keybits);
+}
+
+int
+mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
+ unsigned int keybits)
+{
+ return mbedtls_aes_setkey_enc(ctx, key, keybits);
}
int
mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx, int mode,
- const unsigned char input[16], unsigned char output[16])
+ const unsigned char input[16], unsigned char output[16])
{
- return crypto_encrypt_aes_ecb(ctx->crypto, ctx->key, ctx->keylen,
- (const uint8_t *)input, (uint8_t *)output, AES_BLOCK_LEN);
+ int ret = crypto_encrypt_aes_ecb(ctx->crypto, ctx->key, ctx->keylen,
+ (const uint8_t *)input, (uint8_t
*)output, AES_BLOCK_LEN);
+ return (ret == AES_BLOCK_LEN) ? 0 : -1;
}
#endif /* MYNEWT_VAL(MBEDTLS_AES_ALT) */
