Split mbedtls_ccm_init() -> setkey()

This commit is contained in:
Manuel Pégourié-Gonnard 2015-04-28 18:02:54 +02:00
parent d54e617ea6
commit 6963ff0969
7 changed files with 50 additions and 17 deletions

View file

@ -13,6 +13,9 @@ API Changes
Migration helpers scripts/rename.pl and include/mbedlts/compat-1.3.h are Migration helpers scripts/rename.pl and include/mbedlts/compat-1.3.h are
provided. provided.
* Headers are now found in the 'mbedtls' directory (previously 'polarssl'). * Headers are now found in the 'mbedtls' directory (previously 'polarssl').
* The following _init() functions that could return errors have
been split into an _init() that returns void and another function:
mbedtls_ccm_init() -> mbedtls_ccm_setkey()
* In the threading layer, mbedtls_mutex_init() and mbedtls_mutex_free() now * In the threading layer, mbedtls_mutex_init() and mbedtls_mutex_free() now
return void. return void.
* ecdsa_write_signature() gained an addtional md_alg argument and * ecdsa_write_signature() gained an addtional md_alg argument and

View file

@ -41,6 +41,15 @@ typedef struct {
} }
mbedtls_ccm_context; mbedtls_ccm_context;
/**
* \brief Initialize CCM context (just makes references valid)
* Makes the context ready for mbedtls_ccm_setkey() or
* mbedtls_ccm_free().
*
* \param ctx CCM context to initialize
*/
void mbedtls_ccm_init( mbedtls_ccm_context *ctx );
/** /**
* \brief CCM initialization (encryption and decryption) * \brief CCM initialization (encryption and decryption)
* *
@ -51,8 +60,10 @@ mbedtls_ccm_context;
* *
* \return 0 if successful, or a cipher specific error code * \return 0 if successful, or a cipher specific error code
*/ */
int mbedtls_ccm_init( mbedtls_ccm_context *ctx, mbedtls_cipher_id_t cipher, int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx,
const unsigned char *key, unsigned int keysize ); mbedtls_cipher_id_t cipher,
const unsigned char *key,
unsigned int keysize );
/** /**
* \brief Free a CCM context and underlying cipher sub-context * \brief Free a CCM context and underlying cipher sub-context

View file

@ -61,8 +61,15 @@ static void mbedtls_zeroize( void *v, size_t n ) {
/* /*
* Initialize context * Initialize context
*/ */
int mbedtls_ccm_init( mbedtls_ccm_context *ctx, mbedtls_cipher_id_t cipher, void mbedtls_ccm_init( mbedtls_ccm_context *ctx )
const unsigned char *key, unsigned int keysize ) {
memset( ctx, 0, sizeof( mbedtls_ccm_context ) );
}
int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx,
mbedtls_cipher_id_t cipher,
const unsigned char *key,
unsigned int keysize )
{ {
int ret; int ret;
const mbedtls_cipher_info_t *cipher_info; const mbedtls_cipher_info_t *cipher_info;
@ -398,7 +405,9 @@ int mbedtls_ccm_self_test( int verbose )
size_t i; size_t i;
int ret; int ret;
if( mbedtls_ccm_init( &ctx, MBEDTLS_CIPHER_ID_AES, key, 8 * sizeof key ) != 0 ) mbedtls_ccm_init( &ctx );
if( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, key, 8 * sizeof key ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
mbedtls_printf( " CCM: setup failed" ); mbedtls_printf( " CCM: setup failed" );

View file

@ -395,7 +395,7 @@ static const mbedtls_cipher_info_t aes_256_gcm_info = {
static int ccm_aes_setkey_wrap( void *ctx, const unsigned char *key, static int ccm_aes_setkey_wrap( void *ctx, const unsigned char *key,
unsigned int key_length ) unsigned int key_length )
{ {
return mbedtls_ccm_init( (mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_AES, return mbedtls_ccm_setkey( (mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_AES,
key, key_length ); key, key_length );
} }
@ -752,7 +752,7 @@ static const mbedtls_cipher_info_t camellia_256_gcm_info = {
static int ccm_camellia_setkey_wrap( void *ctx, const unsigned char *key, static int ccm_camellia_setkey_wrap( void *ctx, const unsigned char *key,
unsigned int key_length ) unsigned int key_length )
{ {
return mbedtls_ccm_init( (mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA, return mbedtls_ccm_setkey( (mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA,
key, key_length ); key, key_length );
} }

View file

@ -433,13 +433,15 @@ int main( int argc, char *argv[] )
{ {
int keysize; int keysize;
mbedtls_ccm_context ccm; mbedtls_ccm_context ccm;
mbedtls_ccm_init( &ccm );
for( keysize = 128; keysize <= 256; keysize += 64 ) for( keysize = 128; keysize <= 256; keysize += 64 )
{ {
mbedtls_snprintf( title, sizeof( title ), "AES-CCM-%d", keysize ); mbedtls_snprintf( title, sizeof( title ), "AES-CCM-%d", keysize );
memset( buf, 0, sizeof( buf ) ); memset( buf, 0, sizeof( buf ) );
memset( tmp, 0, sizeof( tmp ) ); memset( tmp, 0, sizeof( tmp ) );
mbedtls_ccm_init( &ccm, MBEDTLS_CIPHER_ID_AES, tmp, keysize ); mbedtls_ccm_setkey( &ccm, MBEDTLS_CIPHER_ID_AES, tmp, keysize );
TIME_AND_TSC( title, TIME_AND_TSC( title,
mbedtls_ccm_encrypt_and_tag( &ccm, BUFSIZE, tmp, mbedtls_ccm_encrypt_and_tag( &ccm, BUFSIZE, tmp,

View file

@ -3,19 +3,19 @@ mbedtls_ccm_self_test:
CCM init #1 AES-128: OK CCM init #1 AES-128: OK
depends_on:MBEDTLS_AES_C depends_on:MBEDTLS_AES_C
mbedtls_ccm_init:MBEDTLS_CIPHER_ID_AES:128:0 mbedtls_ccm_setkey:MBEDTLS_CIPHER_ID_AES:128:0
CCM init #2 CAMELLIA-256: OK CCM init #2 CAMELLIA-256: OK
depends_on:MBEDTLS_CAMELLIA_C depends_on:MBEDTLS_CAMELLIA_C
mbedtls_ccm_init:MBEDTLS_CIPHER_ID_CAMELLIA:256:0 mbedtls_ccm_setkey:MBEDTLS_CIPHER_ID_CAMELLIA:256:0
CCM init #3 AES-224: bad key size CCM init #3 AES-224: bad key size
depends_on:MBEDTLS_AES_C depends_on:MBEDTLS_AES_C
mbedtls_ccm_init:MBEDTLS_CIPHER_ID_AES:224:MBEDTLS_ERR_CCM_BAD_INPUT mbedtls_ccm_setkey:MBEDTLS_CIPHER_ID_AES:224:MBEDTLS_ERR_CCM_BAD_INPUT
CCM init #4 BLOWFISH-128: bad block size CCM init #4 BLOWFISH-128: bad block size
depends_on:MBEDTLS_BLOWFISH_C depends_on:MBEDTLS_BLOWFISH_C
mbedtls_ccm_init:MBEDTLS_CIPHER_ID_BLOWFISH:128:MBEDTLS_ERR_CCM_BAD_INPUT mbedtls_ccm_setkey:MBEDTLS_CIPHER_ID_BLOWFISH:128:MBEDTLS_ERR_CCM_BAD_INPUT
CCM lengths #1 all OK CCM lengths #1 all OK
ccm_lengths:5:10:5:8:0 ccm_lengths:5:10:5:8:0

View file

@ -15,16 +15,18 @@ void mbedtls_ccm_self_test( )
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE */ /* BEGIN_CASE */
void mbedtls_ccm_init( int cipher_id, int key_size, int result ) void mbedtls_ccm_setkey( int cipher_id, int key_size, int result )
{ {
mbedtls_ccm_context ctx; mbedtls_ccm_context ctx;
unsigned char key[32]; unsigned char key[32];
int ret; int ret;
mbedtls_ccm_init( &ctx );
memset( key, 0x2A, sizeof( key ) ); memset( key, 0x2A, sizeof( key ) );
TEST_ASSERT( (unsigned) key_size <= 8 * sizeof( key ) ); TEST_ASSERT( (unsigned) key_size <= 8 * sizeof( key ) );
ret = mbedtls_ccm_init( &ctx, cipher_id, key, key_size ); ret = mbedtls_ccm_setkey( &ctx, cipher_id, key, key_size );
TEST_ASSERT( ret == result ); TEST_ASSERT( ret == result );
exit: exit:
@ -44,6 +46,8 @@ void ccm_lengths( int msg_len, int iv_len, int add_len, int tag_len, int res )
unsigned char tag[18]; unsigned char tag[18];
int decrypt_ret; int decrypt_ret;
mbedtls_ccm_init( &ctx );
memset( key, 0, sizeof( key ) ); memset( key, 0, sizeof( key ) );
memset( msg, 0, sizeof( msg ) ); memset( msg, 0, sizeof( msg ) );
memset( iv, 0, sizeof( iv ) ); memset( iv, 0, sizeof( iv ) );
@ -51,7 +55,7 @@ void ccm_lengths( int msg_len, int iv_len, int add_len, int tag_len, int res )
memset( out, 0, sizeof( out ) ); memset( out, 0, sizeof( out ) );
memset( tag, 0, sizeof( tag ) ); memset( tag, 0, sizeof( tag ) );
TEST_ASSERT( mbedtls_ccm_init( &ctx, MBEDTLS_CIPHER_ID_AES, TEST_ASSERT( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES,
key, 8 * sizeof( key ) ) == 0 ); key, 8 * sizeof( key ) ) == 0 );
TEST_ASSERT( mbedtls_ccm_encrypt_and_tag( &ctx, msg_len, iv, iv_len, add, add_len, TEST_ASSERT( mbedtls_ccm_encrypt_and_tag( &ctx, msg_len, iv, iv_len, add, add_len,
@ -84,6 +88,8 @@ void mbedtls_ccm_encrypt_and_tag( int cipher_id,
mbedtls_ccm_context ctx; mbedtls_ccm_context ctx;
size_t key_len, msg_len, iv_len, add_len, tag_len, result_len; size_t key_len, msg_len, iv_len, add_len, tag_len, result_len;
mbedtls_ccm_init( &ctx );
memset( key, 0x00, sizeof( key ) ); memset( key, 0x00, sizeof( key ) );
memset( msg, 0x00, sizeof( msg ) ); memset( msg, 0x00, sizeof( msg ) );
memset( iv, 0x00, sizeof( iv ) ); memset( iv, 0x00, sizeof( iv ) );
@ -97,7 +103,7 @@ void mbedtls_ccm_encrypt_and_tag( int cipher_id,
result_len = unhexify( result, result_hex ); result_len = unhexify( result, result_hex );
tag_len = result_len - msg_len; tag_len = result_len - msg_len;
TEST_ASSERT( mbedtls_ccm_init( &ctx, cipher_id, key, key_len * 8 ) == 0 ); TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key, key_len * 8 ) == 0 );
/* Test with input == output */ /* Test with input == output */
TEST_ASSERT( mbedtls_ccm_encrypt_and_tag( &ctx, msg_len, iv, iv_len, add, add_len, TEST_ASSERT( mbedtls_ccm_encrypt_and_tag( &ctx, msg_len, iv, iv_len, add, add_len,
@ -129,6 +135,8 @@ void mbedtls_ccm_auth_decrypt( int cipher_id,
size_t key_len, msg_len, iv_len, add_len, result_len; size_t key_len, msg_len, iv_len, add_len, result_len;
int ret; int ret;
mbedtls_ccm_init( &ctx );
memset( key, 0x00, sizeof( key ) ); memset( key, 0x00, sizeof( key ) );
memset( msg, 0x00, sizeof( msg ) ); memset( msg, 0x00, sizeof( msg ) );
memset( iv, 0x00, sizeof( iv ) ); memset( iv, 0x00, sizeof( iv ) );
@ -154,7 +162,7 @@ void mbedtls_ccm_auth_decrypt( int cipher_id,
result_len = unhexify( result, result_hex ); result_len = unhexify( result, result_hex );
} }
TEST_ASSERT( mbedtls_ccm_init( &ctx, cipher_id, key, key_len * 8 ) == 0 ); TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key, key_len * 8 ) == 0 );
/* Test with input == output */ /* Test with input == output */
TEST_ASSERT( mbedtls_ccm_auth_decrypt( &ctx, msg_len, iv, iv_len, add, add_len, TEST_ASSERT( mbedtls_ccm_auth_decrypt( &ctx, msg_len, iv, iv_len, add, add_len,