Mohammad Azim Khan
3f7f8170d6
Check invalid nc_off
...
Uninitialized nc_off value >0xf passed by the caller can cause array out-of-bound.
2018-04-17 23:18:40 +01:00
Jaeden Amero
8645e90825
Merge remote-tracking branch 'upstream-restricted/pr/363' into development-proposed
2018-03-28 11:54:28 +01:00
Gilles Peskine
8db3efbc76
Add missing MBEDTLS_DEPRECATED_REMOVED guards
...
Add missing MBEDTLS_DEPRECATED_REMOVED guards around the definitions
of mbedtls_aes_decrypt and mbedtls_aes_encrypt.
This fixes the build under -Wmissing-prototypes -Werror.
Fixes #1388
2018-02-21 19:16:20 +01:00
Gilles Peskine
17196cd3be
Merge remote-tracking branch 'upstream-public/pr/964' into development
2018-01-02 16:24:29 +01:00
Hanno Becker
bedc2050b6
Export mbedtls_aes_(en/de)crypt to retain for API compatibility
...
The commit f5bf7189d3
made the AES
functions mbedtls_aes_encrypt and mbedtls_aes_decrypt static, changing
the library's API.
This commit reverts this.
2017-07-27 21:44:33 +01:00
Hanno Becker
ad049a973c
Replace #if(n)def by #if (!)defined
2017-06-19 16:31:54 +01:00
Andres Amaya Garcia
d3e7e7d83f
Add comment for skipped AES-192 test condition
2017-06-15 16:17:46 +01:00
Andres Amaya Garcia
58f98c23d5
Run AES-192 selftest if available only
...
This patch modifies the function mbedtls_aes_selftest() function to
ensure that AES-192 tests are only run if the key size is supported by
the available implementation. This is useful when using MBEDTLS_AES_ALT
as some hardware crypto accelerators might not support AES-192.
2017-06-14 16:19:42 +01:00
Hanno Becker
177d3cf7bb
Rename and document new configuration option for packing AES tables
...
This commit renames the new AES table packing option introduced in the
previous MBEDTLS_AES_PACK_TABLES and documents its use and memory vs.
speed tradeoff. It also enhances the documentation of the other
AES-related option MBEDTLS_AES_ROM_TABLES.
2017-06-09 16:57:44 +01:00
Jussi Kivilinna
2fd1bb8f02
Add option to use smaller AES tables (table sizes reduced by 6144 bytes)
...
This patch adds MBEDTLS_AES_SMALL_TABLES option to reduce number of AES
look-up tables and thus save 6 KiB of memory. Enabling this option
cause performance hit MBEDTLS_AES_SMALL_TABLES of ~7% on ARM and ~15%
on x86-64.
Benchmark on Cortex-A7 (armhf):
Before:
AES-CBC-128 : 14394 Kb/s, 0 cycles/byte
AES-CBC-192 : 12442 Kb/s, 0 cycles/byte
AES-CBC-256 : 10958 Kb/s, 0 cycles/byte
After:
AES-CBC-128 : 13342 Kb/s, 0 cycles/byte
AES-CBC-192 : 11469 Kb/s, 0 cycles/byte
AES-CBC-256 : 10058 Kb/s, 0 cycles/byte
Benchmark on Intel Core i5-4570 (x86_64, 3.2 Ghz, no turbo):
Before:
AES-CBC-128 : 215759 Kb/s, 14 cycles/byte
AES-CBC-192 : 190884 Kb/s, 16 cycles/byte
AES-CBC-256 : 171536 Kb/s, 18 cycles/byte
After:
AES-CBC-128 : 185108 Kb/s, 16 cycles/byte
AES-CBC-192 : 162839 Kb/s, 19 cycles/byte
AES-CBC-256 : 144700 Kb/s, 21 cycles/byte
2017-06-07 15:29:31 +01:00
Andres AG
f5bf7189d3
Change return type of AES decrypt and encrypt
...
This patch modifies the following 2 functions in the AES module to
change the return type from void to int:
* mbedtls_aes_encrypt() -> mbedtls_internal_aes_encrypt()
* mbedtls_aes_decrypt() -> mbedtls_internal_aes_decrypt()
This change is necessary to allow users of MBEDTLS_AES_ALT,
MBEDTLS_AES_DECRYPT_ALT and MBEDTLS_AES_ENCRYPT_ALT to return an error
code when replacing the default with their own implementation, e.g.
a hardware crypto accelerator.
2017-05-16 10:22:37 +01:00
Jussi Kivilinna
4b541bec0f
Fix unused variable in AES selftest when CBC and CFB disabled ( #393 )
...
This commit fixes following warning:
> CC: aes.c
> aes.c: In function 'mbedtls_aes_self_test':
> aes.c:1225:19: error: unused variable 'iv' [-Werror=unused-variable]
> unsigned char iv[16];
> ^
> cc1: all warnings being treated as errors
2016-06-22 16:48:16 +01:00
Simon Butcher
88ffc089bc
Adds casts to zeroize functions to allow building as C++
2016-05-23 14:29:32 +01:00
Manuel Pégourié-Gonnard
37ff14062e
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
Manuel Pégourié-Gonnard
6fb8187279
Update date in copyright line
2015-07-28 17:11:58 +02:00
Manuel Pégourié-Gonnard
b8186a5e54
Rename len to bitlen in function parameters
...
Clarify a few comments too.
2015-06-18 14:58:58 +02:00
Manuel Pégourié-Gonnard
c730ed3f2d
Rename boolean functions to be clearer
2015-06-02 10:38:50 +01:00
Manuel Pégourié-Gonnard
31993f271d
Add per-function override for AES
2015-05-12 15:41:08 +02:00
Manuel Pégourié-Gonnard
2cf5a7c98e
The Great Renaming
...
A simple execution of tmp/invoke-rename.pl
2015-04-08 13:25:31 +02:00
Manuel Pégourié-Gonnard
7f8099773e
Rename include directory to mbedtls
2015-03-10 11:23:56 +00:00
Manuel Pégourié-Gonnard
fe44643b0e
Rename website and repository
2015-03-06 13:17:10 +00:00
Rich Evans
00ab47026b
cleanup library and some basic tests. Includes, add guards to includes
2015-02-10 11:28:46 +00:00
Manuel Pégourié-Gonnard
860b51642d
Fix url again
2015-01-28 17:12:07 +00:00
Manuel Pégourié-Gonnard
ceedb8292e
Fix possible portability issue
...
The & 0xFF should not be necessary on platforms with 8-bit chars, but one user
reported having problems with his compiler on such a platform.
2015-01-28 15:28:30 +01:00
Manuel Pégourié-Gonnard
085ab040aa
Fix website url to use https.
2015-01-23 11:06:27 +00:00
Manuel Pégourié-Gonnard
9698f5852c
Remove maintainer line.
2015-01-23 10:59:00 +00:00
Manuel Pégourié-Gonnard
19f6b5dfaa
Remove redundant "all rights reserved"
2015-01-23 10:54:00 +00:00
Manuel Pégourié-Gonnard
a658a4051b
Update copyright
2015-01-23 09:55:24 +00:00
Manuel Pégourié-Gonnard
967a2a5f8c
Change name to mbed TLS in the copyright notice
2015-01-22 14:28:16 +00:00
Paul Bakker
c7ea99af4f
Add _init() and _free() for cipher modules
2014-07-09 10:19:22 +02:00
Paul Bakker
66d5d076f7
Fix formatting in various code to match spacing from coding style
2014-06-17 17:06:47 +02:00
Paul Bakker
3461772559
Introduce polarssl_zeroize() instead of memset() for zeroization
2014-06-14 16:46:03 +02:00
Manuel Pégourié-Gonnard
afd5a08e33
Minor tune-up in aes code
...
un-duplicate a check, and remove useless default case, mainly so that these
lines don't appear as uncovered
2014-06-12 21:15:55 +02:00
Paul Bakker
b9e4e2c97a
Fix formatting: fix some 'easy' > 80 length lines
2014-05-01 14:18:25 +02:00
Paul Bakker
9af723cee7
Fix formatting: remove trailing spaces, #endif with comments (> 10 lines)
2014-05-01 13:03:14 +02:00
Manuel Pégourié-Gonnard
cef4ad2509
Adapt sources to configurable config.h name
2014-04-30 16:40:20 +02:00
Manuel Pégourié-Gonnard
1ec220b002
Add missing #ifdefs in aes.h
2014-03-13 19:25:06 +01:00
Paul Bakker
7dc4c44267
Library files moved to use platform layer
2014-02-06 13:20:16 +01:00
Paul Bakker
556efba51c
Added AES CFB8 mode
2014-01-24 15:38:12 +01:00
Paul Bakker
0d0de92156
Only specify done label in aes.c when AES-NI is possible
2013-12-30 15:29:04 +01:00
Manuel Pégourié-Gonnard
bfa3c9a85f
Remove temporary code
2013-12-30 13:53:58 +01:00
Manuel Pégourié-Gonnard
47a3536a31
Add AES-NI key expansion for 128 bits
2013-12-29 13:28:59 +01:00
Manuel Pégourié-Gonnard
01e31bbffb
Add support for key inversion using AES-NI
2013-12-28 16:22:08 +01:00
Manuel Pégourié-Gonnard
8eaf20b18d
Allow detection of CLMUL
2013-12-26 15:51:13 +01:00
Manuel Pégourié-Gonnard
5b685653ef
Add aesni_crypt_ecb() and use it
2013-12-25 13:03:26 +01:00
Manuel Pégourié-Gonnard
92cb1d3a91
Make CBC an option, step 3: individual ciphers
2013-09-13 17:25:43 +02:00
Paul Bakker
90995b5ce3
Added mechanism to provide alternative cipher / hash implementations
...
All symmetric cipher algorithms and hash algorithms now include support
for a POLARSSL_XXX_ALT flag that prevents the definition of the
algorithm context structure and all 'core' functions.
(cherry picked from commit 4087c47043cb7b8b51e69f1de47ab6a2bccead3d)
2013-06-25 15:06:51 +02:00
Paul Bakker
5c2364c2ba
- Moved from unsigned long to uint32_t throughout code
2012-10-01 14:41:15 +00:00
Paul Bakker
0e19e9ff1c
- Minor define change to prevent warning
2012-10-01 11:02:48 +00:00
Paul Bakker
67820bd38e
- Only include padlock header when POLARSSL_PADLOCK_C is defined
2012-06-04 12:47:23 +00:00