From fb9f66149170426fa45ee6bcf72129efc0e0e88b Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Sun, 22 Apr 2018 22:57:27 +0100 Subject: [PATCH 1/7] Add OFB block mode to AES-128/192/256 Adds a new configuration of MBEDTLS_CIPHER_MODE_OFB and OFB mode to AES. --- include/mbedtls/aes.h | 40 ++++++++++++++++++++++++++++++++++++++ include/mbedtls/config.h | 7 +++++++ library/aes.c | 31 ++++++++++++++++++++++++++++- library/version_features.c | 3 +++ 4 files changed, 80 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h index 3c5b1336b..da22722b0 100644 --- a/include/mbedtls/aes.h +++ b/include/mbedtls/aes.h @@ -291,6 +291,46 @@ int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx, unsigned char *output ); #endif /*MBEDTLS_CIPHER_MODE_CFB */ +#if defined(MBEDTLS_CIPHER_MODE_OFB) +/** + * \brief This function performs an AES-OFB (Output Feedback Mode) encryption + * or decryption operation. + * + * For OFB, you must set up the context with mbedtls_aes_setkey_enc(), + * regardless of whether you are performing an encryption or decryption + * operation. This is because OFB mode uses the same key schedule for + * encryption and decryption. + * + * The OFB operation is identical for encryption or decryption, therefore + * no operation mode needs to be specified. + * + * \note Upon exit, the content of the IV is updated so that you can + * call the same function again on the next + * block(s) of data and get the same result as if it was + * encrypted in one call. This allows a "streaming" usage. + * If you need to retain the contents of the + * IV, you must either save it manually or use the cipher + * module instead. + * + * + * \param ctx The AES context to use for encryption or decryption. + * \param length The length of the input data. + * \param iv_off The offset in IV (updated after use). + * \param iv The initialization vector (updated after use). + * \param input The buffer holding the input data. + * \param output The buffer holding the output data. + * + * \return \c 0 on success. + */ +int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx, + size_t length, + size_t *iv_off, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output ); + +#endif /* MBEDTLS_CIPHER_MODE_OFB */ + #if defined(MBEDTLS_CIPHER_MODE_CTR) /** * \brief This function performs an AES-CTR encryption or decryption diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 9585e6922..1b4bee30d 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -495,6 +495,13 @@ */ #define MBEDTLS_CIPHER_MODE_CBC +/** + * \def MBEDTLS_CIPHER_MODE_OFB + * + * Enable Output Feedback mode (OFB) for symmetric ciphers. + */ +#define MBEDTLS_CIPHER_MODE_OFB + /** * \def MBEDTLS_CIPHER_MODE_CFB * diff --git a/library/aes.c b/library/aes.c index da94b1943..529f7f4ec 100644 --- a/library/aes.c +++ b/library/aes.c @@ -1065,7 +1065,36 @@ int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx, return( 0 ); } -#endif /*MBEDTLS_CIPHER_MODE_CFB */ +#endif /* MBEDTLS_CIPHER_MODE_CFB */ + +#if defined(MBEDTLS_CIPHER_MODE_OFB) +/* + * AES-OFB (Output Feedback Mode) buffer encryption/decryption + */ +int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx, + size_t length, + size_t *iv_off, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output ) +{ + size_t n = *iv_off; + + while( length-- ) + { + if( n == 0 ) + mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ); + + *output++ = *input++ ^ iv[n]; + + n = ( n + 1 ) & 0x0F; + } + + *iv_off = n; + + return( 0 ); +} +#endif /* MBEDTLS_CIPHER_MODE_OFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) /* diff --git a/library/version_features.c b/library/version_features.c index a452caf5e..218a8925c 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -246,6 +246,9 @@ static const char *features[] = { #if defined(MBEDTLS_CIPHER_MODE_CBC) "MBEDTLS_CIPHER_MODE_CBC", #endif /* MBEDTLS_CIPHER_MODE_CBC */ +#if defined(MBEDTLS_CIPHER_MODE_OFB) + "MBEDTLS_CIPHER_MODE_OFB", +#endif /* MBEDTLS_CIPHER_MODE_OFB */ #if defined(MBEDTLS_CIPHER_MODE_CFB) "MBEDTLS_CIPHER_MODE_CFB", #endif /* MBEDTLS_CIPHER_MODE_CFB */ From a11c940b6367eef51027fcb82d70216323d5844a Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Sun, 22 Apr 2018 22:57:58 +0100 Subject: [PATCH 2/7] Add test cases for AES OFB block mode Adds test cases from NIST SP800-38A for OFB block mode to AES-128/192/256, for the configuration of MBEDTLS_CIPHER_MODE_OFB. --- tests/Makefile | 11 +++++- tests/suites/test_suite_aes.function | 52 ++++++++++++++++++++++++++++ tests/suites/test_suite_aes.ofb.data | 35 +++++++++++++++++++ 3 files changed, 97 insertions(+), 1 deletion(-) create mode 100644 tests/suites/test_suite_aes.ofb.data diff --git a/tests/Makefile b/tests/Makefile index d85617fdc..e15d94576 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -46,7 +46,8 @@ LOCAL_LDFLAGS += -lz endif APPS = test_suite_aes.ecb$(EXEXT) test_suite_aes.cbc$(EXEXT) \ - test_suite_aes.cfb$(EXEXT) test_suite_aes.rest$(EXEXT) \ + test_suite_aes.cfb$(EXEXT) test_suite_aes.ofb$(EXEXT) \ + test_suite_aes.rest$(EXEXT) \ test_suite_arc4$(EXEXT) test_suite_asn1write$(EXEXT) \ test_suite_base64$(EXEXT) test_suite_blowfish$(EXEXT) \ test_suite_camellia$(EXEXT) test_suite_ccm$(EXEXT) \ @@ -109,6 +110,10 @@ test_suite_aes.cfb.c : suites/test_suite_aes.function suites/test_suite_aes.cfb. echo " Gen $@" perl scripts/generate_code.pl suites test_suite_aes test_suite_aes.cfb +test_suite_aes.ofb.c : suites/test_suite_aes.function suites/test_suite_aes.ofb.data scripts/generate_code.pl suites/helpers.function suites/main_test.function + echo " Gen $@" + perl scripts/generate_code.pl suites test_suite_aes test_suite_aes.ofb + test_suite_aes.rest.c : suites/test_suite_aes.function suites/test_suite_aes.rest.data scripts/generate_code.pl suites/helpers.function suites/main_test.function echo " Gen $@" perl scripts/generate_code.pl suites test_suite_aes test_suite_aes.rest @@ -209,6 +214,10 @@ test_suite_aes.cfb$(EXEXT): test_suite_aes.cfb.c $(DEP) echo " CC $<" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ +test_suite_aes.ofb$(EXEXT): test_suite_aes.ofb.c $(DEP) + echo " CC $<" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + test_suite_aes.rest$(EXEXT): test_suite_aes.rest.c $(DEP) echo " CC $<" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function index c5f0eaac9..e1792dd5a 100644 --- a/tests/suites/test_suite_aes.function +++ b/tests/suites/test_suite_aes.function @@ -289,6 +289,58 @@ exit: } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_OFB */ +void aes_encrypt_ofb( int fragment_size, char *hex_key_string, + char *hex_iv_string, char *hex_src_string, + char *hex_dst_string ) +{ + unsigned char key_str[100]; + unsigned char iv_str[100]; + unsigned char src_str[200]; + unsigned char dst_str[200]; + unsigned char output[200]; + mbedtls_aes_context ctx; + size_t iv_offset = 0; + int in_buffer_len; + unsigned char* src_str_next; + int key_len, iv_len; + + memset(key_str, 0x00, 100); + memset(iv_str, 0x00, 100); + memset(src_str, 0x00, 200); + memset(dst_str, 0x00, 200); + memset(output, 0x00, 200); + mbedtls_aes_init( &ctx ); + + key_len = unhexify( key_str, hex_key_string ); + iv_len = unhexify( iv_str, hex_iv_string ); + in_buffer_len = unhexify( src_str, hex_src_string ); + + mbedtls_aes_setkey_enc( &ctx, key_str, key_len * 8 ); + src_str_next = src_str; + + while( in_buffer_len > 0 ) + { + TEST_ASSERT( mbedtls_aes_crypt_ofb( &ctx, fragment_size, &iv_offset, + iv_str, src_str_next, output ) == 0 ); + + hexify( dst_str, output, fragment_size ); + TEST_ASSERT( strncmp( (char *) dst_str, hex_dst_string, + ( 2 * fragment_size) ) == 0 ); + + in_buffer_len -= fragment_size; + hex_dst_string += ( fragment_size * 2 ); + src_str_next += fragment_size; + + if( in_buffer_len < fragment_size ) + fragment_size = in_buffer_len; + } + +exit: + mbedtls_aes_free( &ctx ); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ void aes_selftest() { diff --git a/tests/suites/test_suite_aes.ofb.data b/tests/suites/test_suite_aes.ofb.data new file mode 100644 index 000000000..4b9d80e8d --- /dev/null +++ b/tests/suites/test_suite_aes.ofb.data @@ -0,0 +1,35 @@ +# NIST Special Publication 800-38A +# Recommendation for Block Cipher Modes of Operation +# Test Vectors - Appendix F, Section F.4 +OFB-AES128.Encrypt - Single block +depends_on:MBEDTLS_CIPHER_MODE_OFB +aes_encrypt_ofb:16:"2b7e151628aed2a6abf7158809cf4f3c":"000102030405060708090a0b0c0d0e0f":"6bc1bee22e409f96e93d7e117393172a":"3b3fd92eb72dad20333449f8e83cfb4a" + +OFB-AES128.Encrypt - Partial blocks - 7 bytes +depends_on:MBEDTLS_CIPHER_MODE_OFB +aes_encrypt_ofb:5:"2b7e151628aed2a6abf7158809cf4f3c":"000102030405060708090a0b0c0d0e0f":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":"3b3fd92eb72dad20333449f8e83cfb4a7789508d16918f03f53c52dac54ed8259740051e9c5fecf64344f7a82260edcc304c6528f659c77866a510d9c1d6ae5e" + +OFB-AES128.Encrypt - Test NIST SP800-38A - F.4.1 +depends_on:MBEDTLS_CIPHER_MODE_OFB +aes_encrypt_ofb:16:"2b7e151628aed2a6abf7158809cf4f3c":"000102030405060708090a0b0c0d0e0f":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":"3b3fd92eb72dad20333449f8e83cfb4a7789508d16918f03f53c52dac54ed8259740051e9c5fecf64344f7a82260edcc304c6528f659c77866a510d9c1d6ae5e" + +OFB-AES128.Decrypt - Test NIST SP800-38A - F.4.2 +depends_on:MBEDTLS_CIPHER_MODE_OFB +aes_encrypt_ofb:16:"2b7e151628aed2a6abf7158809cf4f3c":"000102030405060708090a0b0c0d0e0f":"3b3fd92eb72dad20333449f8e83cfb4a7789508d16918f03f53c52dac54ed8259740051e9c5fecf64344f7a82260edcc304c6528f659c77866a510d9c1d6ae5e":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710" + +OFB-AES192.Encrypt - Test NIST SP800-38A - F.4.3 +depends_on:MBEDTLS_CIPHER_MODE_OFB +aes_encrypt_ofb:16:"8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b":"000102030405060708090a0b0c0d0e0f":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":"cdc80d6fddf18cab34c25909c99a4174fcc28b8d4c63837c09e81700c11004018d9a9aeac0f6596f559c6d4daf59a5f26d9f200857ca6c3e9cac524bd9acc92a" + +OFB-AES192.Decrypt - Test NIST SP800-38A - F.4.4 +depends_on:MBEDTLS_CIPHER_MODE_OFB +aes_encrypt_ofb:16:"8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b":"000102030405060708090a0b0c0d0e0f":"cdc80d6fddf18cab34c25909c99a4174fcc28b8d4c63837c09e81700c11004018d9a9aeac0f6596f559c6d4daf59a5f26d9f200857ca6c3e9cac524bd9acc92a":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710" + +OFB-AES256.Encrypt - Test NIST SP800-38A - F.4.5 +depends_on:MBEDTLS_CIPHER_MODE_OFB +aes_encrypt_ofb:16:"603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4":"000102030405060708090a0b0c0d0e0f":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":"dc7e84bfda79164b7ecd8486985d38604febdc6740d20b3ac88f6ad82a4fb08d71ab47a086e86eedf39d1c5bba97c4080126141d67f37be8538f5a8be740e484" + +OFB-AES256.Decrypt - Test NIST SP800-38A - F.4.6 +depends_on:MBEDTLS_CIPHER_MODE_OFB +aes_encrypt_ofb:16:"603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4":"000102030405060708090a0b0c0d0e0f":"dc7e84bfda79164b7ecd8486985d38604febdc6740d20b3ac88f6ad82a4fb08d71ab47a086e86eedf39d1c5bba97c4080126141d67f37be8538f5a8be740e484":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710" + From 91e254cdaa7c340736eb5f7e4a11e0cc4efad146 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Sun, 22 Apr 2018 22:58:07 +0100 Subject: [PATCH 3/7] Add cipher abstraction and test cases for OFB block mode Adds OFB as additional block mode in the cipher abstraction, and additional test cases for that block mode. --- ChangeLog | 2 + include/mbedtls/cipher.h | 3 + include/mbedtls/cipher_internal.h | 9 ++ library/cipher.c | 19 ++++- library/cipher_wrap.c | 82 +++++++++++++++++++ tests/suites/test_suite_cipher.aes.data | 104 ++++++++++++++++++++++++ 6 files changed, 218 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 7c23ffc9f..aff915e0b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -18,6 +18,8 @@ Features ECDH primitive functions (mbedtls_ecdh_gen_public(), mbedtls_ecdh_compute_shared()) are supported for now. Contributed by Nicholas Wilson (#348). + * Add additional block mode, OFB (Output Feedback), to the AES module and + cipher abstraction module. API Changes * Add function mbedtls_net_poll to public API allowing to wait for a diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 3ee2ab7db..62b925eec 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -145,6 +145,9 @@ typedef enum { MBEDTLS_CIPHER_CAMELLIA_128_CCM, /**< Camellia cipher with 128-bit CCM mode. */ MBEDTLS_CIPHER_CAMELLIA_192_CCM, /**< Camellia cipher with 192-bit CCM mode. */ MBEDTLS_CIPHER_CAMELLIA_256_CCM, /**< Camellia cipher with 256-bit CCM mode. */ + MBEDTLS_CIPHER_AES_128_OFB, + MBEDTLS_CIPHER_AES_192_OFB, + MBEDTLS_CIPHER_AES_256_OFB } mbedtls_cipher_type_t; /** Supported cipher modes. */ diff --git a/include/mbedtls/cipher_internal.h b/include/mbedtls/cipher_internal.h index 969ff9ccb..e761a9ea2 100644 --- a/include/mbedtls/cipher_internal.h +++ b/include/mbedtls/cipher_internal.h @@ -59,11 +59,20 @@ struct mbedtls_cipher_base_t #if defined(MBEDTLS_CIPHER_MODE_CFB) /** Encrypt using CFB (Full length) */ + int (*cfb_func)( void *ctx, mbedtls_operation_t mode, size_t length, size_t *iv_off, unsigned char *iv, const unsigned char *input, unsigned char *output ); #endif +#if defined(MBEDTLS_CIPHER_MODE_OFB) + /** Encrypt using OFB (Full length) */ + int (*ofb_func)( void *ctx, size_t length, size_t *iv_off, + unsigned char *iv, + const unsigned char *input, + unsigned char *output ); +#endif + #if defined(MBEDTLS_CIPHER_MODE_CTR) /** Encrypt using CTR */ int (*ctr_func)( void *ctx, size_t length, size_t *nc_off, diff --git a/library/cipher.c b/library/cipher.c index 7369f4823..0713fee5e 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -194,10 +194,11 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *k ctx->operation = operation; /* - * For CFB and CTR mode always use the encryption key schedule + * For OFB, CFB and CTR mode always use the encryption key schedule */ if( MBEDTLS_ENCRYPT == operation || MBEDTLS_MODE_CFB == ctx->cipher_info->mode || + MBEDTLS_MODE_OFB == ctx->cipher_info->mode || MBEDTLS_MODE_CTR == ctx->cipher_info->mode ) { return ctx->cipher_info->base->setkey_enc_func( ctx->cipher_ctx, key, @@ -427,6 +428,21 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i } #endif /* MBEDTLS_CIPHER_MODE_CFB */ +#if defined(MBEDTLS_CIPHER_MODE_OFB) + if( ctx->cipher_info->mode == MBEDTLS_MODE_OFB ) + { + if( 0 != ( ret = ctx->cipher_info->base->ofb_func( ctx->cipher_ctx, + ilen, &ctx->unprocessed_len, ctx->iv, input, output ) ) ) + { + return( ret ); + } + + *olen = ilen; + + return( 0 ); + } +#endif /* MBEDTLS_CIPHER_MODE_OFB */ + #if defined(MBEDTLS_CIPHER_MODE_CTR) if( ctx->cipher_info->mode == MBEDTLS_MODE_CTR ) { @@ -642,6 +658,7 @@ int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx, *olen = 0; if( MBEDTLS_MODE_CFB == ctx->cipher_info->mode || + MBEDTLS_MODE_OFB == ctx->cipher_info->mode || MBEDTLS_MODE_CTR == ctx->cipher_info->mode || MBEDTLS_MODE_GCM == ctx->cipher_info->mode || MBEDTLS_MODE_STREAM == ctx->cipher_info->mode ) diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index dc76af8ff..f7d57375d 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -138,6 +138,15 @@ static int aes_crypt_cfb128_wrap( void *ctx, mbedtls_operation_t operation, } #endif /* MBEDTLS_CIPHER_MODE_CFB */ +#if defined(MBEDTLS_CIPHER_MODE_OFB) +static int aes_crypt_ofb_wrap( void *ctx, size_t length, size_t *iv_off, + unsigned char *iv, const unsigned char *input, unsigned char *output ) +{ + return mbedtls_aes_crypt_ofb( (mbedtls_aes_context *) ctx, length, iv_off, + iv, input, output ); +} +#endif /* MBEDTLS_CIPHER_MODE_OFB */ + #if defined(MBEDTLS_CIPHER_MODE_CTR) static int aes_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off, unsigned char *nonce_counter, unsigned char *stream_block, @@ -187,6 +196,9 @@ static const mbedtls_cipher_base_t aes_info = { #if defined(MBEDTLS_CIPHER_MODE_CFB) aes_crypt_cfb128_wrap, #endif +#if defined(MBEDTLS_CIPHER_MODE_OFB) + aes_crypt_ofb_wrap, +#endif #if defined(MBEDTLS_CIPHER_MODE_CTR) aes_crypt_ctr_wrap, #endif @@ -302,6 +314,41 @@ static const mbedtls_cipher_info_t aes_256_cfb128_info = { }; #endif /* MBEDTLS_CIPHER_MODE_CFB */ +#if defined(MBEDTLS_CIPHER_MODE_OFB) +static const mbedtls_cipher_info_t aes_128_ofb_info = { + MBEDTLS_CIPHER_AES_128_OFB, + MBEDTLS_MODE_OFB, + 128, + "AES-128-OFB", + 16, + 0, + 16, + &aes_info +}; + +static const mbedtls_cipher_info_t aes_192_ofb_info = { + MBEDTLS_CIPHER_AES_192_OFB, + MBEDTLS_MODE_OFB, + 192, + "AES-192-OFB", + 16, + 0, + 16, + &aes_info +}; + +static const mbedtls_cipher_info_t aes_256_ofb_info = { + MBEDTLS_CIPHER_AES_256_OFB, + MBEDTLS_MODE_OFB, + 256, + "AES-256-OFB", + 16, + 0, + 16, + &aes_info +}; +#endif /* MBEDTLS_CIPHER_MODE_OFB */ + #if defined(MBEDTLS_CIPHER_MODE_CTR) static const mbedtls_cipher_info_t aes_128_ctr_info = { MBEDTLS_CIPHER_AES_128_CTR, @@ -354,6 +401,9 @@ static const mbedtls_cipher_base_t gcm_aes_info = { #if defined(MBEDTLS_CIPHER_MODE_CFB) NULL, #endif +#if defined(MBEDTLS_CIPHER_MODE_OFB) + NULL, +#endif #if defined(MBEDTLS_CIPHER_MODE_CTR) NULL, #endif @@ -417,6 +467,9 @@ static const mbedtls_cipher_base_t ccm_aes_info = { #if defined(MBEDTLS_CIPHER_MODE_CFB) NULL, #endif +#if defined(MBEDTLS_CIPHER_MODE_OFB) + NULL, +#endif #if defined(MBEDTLS_CIPHER_MODE_CTR) NULL, #endif @@ -544,6 +597,9 @@ static const mbedtls_cipher_base_t camellia_info = { #if defined(MBEDTLS_CIPHER_MODE_CFB) camellia_crypt_cfb128_wrap, #endif +#if defined(MBEDTLS_CIPHER_MODE_OFB) + NULL, +#endif #if defined(MBEDTLS_CIPHER_MODE_CTR) camellia_crypt_ctr_wrap, #endif @@ -711,6 +767,9 @@ static const mbedtls_cipher_base_t gcm_camellia_info = { #if defined(MBEDTLS_CIPHER_MODE_CFB) NULL, #endif +#if defined(MBEDTLS_CIPHER_MODE_OFB) + NULL, +#endif #if defined(MBEDTLS_CIPHER_MODE_CTR) NULL, #endif @@ -774,6 +833,9 @@ static const mbedtls_cipher_base_t ccm_camellia_info = { #if defined(MBEDTLS_CIPHER_MODE_CFB) NULL, #endif +#if defined(MBEDTLS_CIPHER_MODE_OFB) + NULL, +#endif #if defined(MBEDTLS_CIPHER_MODE_CTR) NULL, #endif @@ -950,6 +1012,9 @@ static const mbedtls_cipher_base_t des_info = { #if defined(MBEDTLS_CIPHER_MODE_CFB) NULL, #endif +#if defined(MBEDTLS_CIPHER_MODE_OFB) + NULL, +#endif #if defined(MBEDTLS_CIPHER_MODE_CTR) NULL, #endif @@ -995,6 +1060,9 @@ static const mbedtls_cipher_base_t des_ede_info = { #if defined(MBEDTLS_CIPHER_MODE_CFB) NULL, #endif +#if defined(MBEDTLS_CIPHER_MODE_OFB) + NULL, +#endif #if defined(MBEDTLS_CIPHER_MODE_CTR) NULL, #endif @@ -1040,6 +1108,9 @@ static const mbedtls_cipher_base_t des_ede3_info = { #if defined(MBEDTLS_CIPHER_MODE_CFB) NULL, #endif +#if defined(MBEDTLS_CIPHER_MODE_OFB) + NULL, +#endif #if defined(MBEDTLS_CIPHER_MODE_CTR) NULL, #endif @@ -1149,6 +1220,9 @@ static const mbedtls_cipher_base_t blowfish_info = { #if defined(MBEDTLS_CIPHER_MODE_CFB) blowfish_crypt_cfb64_wrap, #endif +#if defined(MBEDTLS_CIPHER_MODE_OFB) + NULL, +#endif #if defined(MBEDTLS_CIPHER_MODE_CTR) blowfish_crypt_ctr_wrap, #endif @@ -1259,6 +1333,9 @@ static const mbedtls_cipher_base_t arc4_base_info = { #if defined(MBEDTLS_CIPHER_MODE_CFB) NULL, #endif +#if defined(MBEDTLS_CIPHER_MODE_OFB) + NULL, +#endif #if defined(MBEDTLS_CIPHER_MODE_CTR) NULL, #endif @@ -1362,6 +1439,11 @@ const mbedtls_cipher_definition_t mbedtls_cipher_definitions[] = { MBEDTLS_CIPHER_AES_192_CFB128, &aes_192_cfb128_info }, { MBEDTLS_CIPHER_AES_256_CFB128, &aes_256_cfb128_info }, #endif +#if defined(MBEDTLS_CIPHER_MODE_OFB) + { MBEDTLS_CIPHER_AES_128_OFB, &aes_128_ofb_info }, + { MBEDTLS_CIPHER_AES_192_OFB, &aes_192_ofb_info }, + { MBEDTLS_CIPHER_AES_256_OFB, &aes_256_ofb_info }, +#endif #if defined(MBEDTLS_CIPHER_MODE_CTR) { MBEDTLS_CIPHER_AES_128_CTR, &aes_128_ctr_info }, { MBEDTLS_CIPHER_AES_192_CTR, &aes_192_ctr_info }, diff --git a/tests/suites/test_suite_cipher.aes.data b/tests/suites/test_suite_cipher.aes.data index e8e9a155c..e34b70dc9 100644 --- a/tests/suites/test_suite_cipher.aes.data +++ b/tests/suites/test_suite_cipher.aes.data @@ -474,6 +474,110 @@ AES-128 CFB - Encrypt and decrypt 32 bytes in multiple parts 1 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CFB enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_128_CFB128:128:16:16:-1:16:16:16:16 +AES-128 OFB - Encrypt and decrypt 0 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +enc_dec_buf:MBEDTLS_CIPHER_AES_128_OFB:"AES-128-OFB":128:0:-1 + +AES-128 OFB - Encrypt and decrypt 1 byte +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +enc_dec_buf:MBEDTLS_CIPHER_AES_128_OFB:"AES-128-OFB":128:1:-1 + +AES-128 OFB - Encrypt and decrypt 2 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +enc_dec_buf:MBEDTLS_CIPHER_AES_128_OFB:"AES-128-OFB":128:2:-1 + +AES-128 OFB - Encrypt and decrypt 7 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +enc_dec_buf:MBEDTLS_CIPHER_AES_128_OFB:"AES-128-OFB":128:7:-1 + +AES-128 OFB - Encrypt and decrypt 8 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +enc_dec_buf:MBEDTLS_CIPHER_AES_128_OFB:"AES-128-OFB":128:8:-1 + +AES-128 OFB - Encrypt and decrypt 9 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +enc_dec_buf:MBEDTLS_CIPHER_AES_128_OFB:"AES-128-OFB":128:9:-1 + +AES-128 OFB - Encrypt and decrypt 15 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +enc_dec_buf:MBEDTLS_CIPHER_AES_128_OFB:"AES-128-OFB":128:15:-1 + +AES-128 OFB - Encrypt and decrypt 16 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +enc_dec_buf:MBEDTLS_CIPHER_AES_128_OFB:"AES-128-OFB":128:16:-1 + +AES-128 OFB - Encrypt and decrypt 17 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +enc_dec_buf:MBEDTLS_CIPHER_AES_128_OFB:"AES-128-OFB":128:17:-1 + +AES-128 OFB - Encrypt and decrypt 31 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +enc_dec_buf:MBEDTLS_CIPHER_AES_128_OFB:"AES-128-OFB":128:31:-1 + +AES-128 OFB - Encrypt and decrypt 32 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +enc_dec_buf:MBEDTLS_CIPHER_AES_128_OFB:"AES-128-OFB":128:32:-1 + +AES-128 OFB - Encrypt and decrypt 32 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +enc_dec_buf:MBEDTLS_CIPHER_AES_128_OFB:"AES-128-OFB":128:33:-1 + +AES-128 OFB - Encrypt and decrypt 47 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +enc_dec_buf:MBEDTLS_CIPHER_AES_128_OFB:"AES-128-OFB":128:47:-1 + +AES-128 OFB - Encrypt and decrypt 48 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +enc_dec_buf:MBEDTLS_CIPHER_AES_128_OFB:"AES-128-OFB":128:48:-1 + +AES-128 OFB - Encrypt and decrypt 49 bytes +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +enc_dec_buf:MBEDTLS_CIPHER_AES_128_OFB:"AES-128-OFB":128:49:-1 + +AES-128 OFB - Encrypt and decrypt 0 bytes in multiple parts +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_128_OFB:128:0:0:-1:0:0:0:0 + +AES-128 OFB - Encrypt and decrypt 1 bytes in multiple parts 1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_128_OFB:128:1:0:-1:1:0:1:0 + +AES-128 OFB - Encrypt and decrypt 1 bytes in multiple parts 2 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_128_OFB:128:0:1:-1:0:1:0:1 + +AES-128 OFB - Encrypt and decrypt 16 bytes in multiple parts 1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_128_OFB:128:16:0:-1:16:0:16:0 + +AES-128 OFB - Encrypt and decrypt 16 bytes in multiple parts 2 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_128_OFB:128:0:16:-1:0:16:0:16 + +AES-128 OFB - Encrypt and decrypt 16 bytes in multiple parts 3 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_128_OFB:128:1:15:-1:1:15:1:15 + +AES-128 OFB - Encrypt and decrypt 16 bytes in multiple parts 4 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_128_OFB:128:15:1:-1:15:1:15:1 + +AES-128 OFB - Encrypt and decrypt 22 bytes in multiple parts 1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_128_OFB:128:15:7:-1:15:7:15:7 + +AES-128 OFB - Encrypt and decrypt 22 bytes in multiple parts 2 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_128_OFB:128:16:6:-1:16:6:16:6 + +AES-128 OFB - Encrypt and decrypt 23 bytes in multiple parts 1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_128_OFB:128:17:6:-1:17:6:17:6 + +AES-128 OFB - Encrypt and decrypt 32 bytes in multiple parts 1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_128_OFB:128:16:16:-1:16:16:16:16 + AES-128 CTR - Encrypt and decrypt 0 bytes depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf:MBEDTLS_CIPHER_AES_128_CTR:"AES-128-CTR":128:0:-1 From a3f3f16d2e2a6a5e9ae0c063315760b4226a7899 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Sun, 29 Apr 2018 00:24:51 +0100 Subject: [PATCH 4/7] Add missing OFB entry to null ciphersuite The OFB entry has been omitted from the the null cipher suite definition, null_base_info. --- library/cipher_wrap.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index f7d57375d..901a2ca6d 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -1399,6 +1399,9 @@ static const mbedtls_cipher_base_t null_base_info = { #if defined(MBEDTLS_CIPHER_MODE_CFB) NULL, #endif +#if defined(MBEDTLS_CIPHER_MODE_OFB) + NULL, +#endif #if defined(MBEDTLS_CIPHER_MODE_CTR) NULL, #endif From 7ac93f430c6e117c83610e7e2141cf390ca06797 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Sun, 29 Apr 2018 00:43:47 +0100 Subject: [PATCH 5/7] Fix AES-OFB support for errors, tests and self-test Adds error handling into mbedtls_aes_crypt_ofb for AES errors, a self-test for the OFB mode using NIST SP 800-38A test vectors and adds a check to potential return errors in setting the AES encryption key in the OFB test suite. --- library/aes.c | 140 ++++++++++++++++++++++++++- tests/Makefile | 2 +- tests/suites/test_suite_aes.function | 2 +- 3 files changed, 139 insertions(+), 5 deletions(-) diff --git a/library/aes.c b/library/aes.c index 529f7f4ec..46d546325 100644 --- a/library/aes.c +++ b/library/aes.c @@ -1078,13 +1078,17 @@ int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx, const unsigned char *input, unsigned char *output ) { + int ret = 0; size_t n = *iv_off; while( length-- ) { if( n == 0 ) - mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ); - + { + ret = mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ); + if( ret != 0 ) + goto exit; + } *output++ = *input++ ^ iv[n]; n = ( n + 1 ) & 0x0F; @@ -1092,7 +1096,8 @@ int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx, *iv_off = n; - return( 0 ); +exit: + return( ret ); } #endif /* MBEDTLS_CIPHER_MODE_OFB */ @@ -1248,6 +1253,72 @@ static const unsigned char aes_test_cfb128_ct[3][64] = }; #endif /* MBEDTLS_CIPHER_MODE_CFB */ +#if defined(MBEDTLS_CIPHER_MODE_OFB) +/* + * AES-OFB test vectors from: + * + * http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf + */ +static const unsigned char aes_test_ofb_key[3][32] = +{ + { 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6, + 0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C }, + { 0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52, + 0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5, + 0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B }, + { 0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE, + 0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81, + 0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7, + 0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 } +}; + +static const unsigned char aes_test_ofb_iv[16] = +{ + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F +}; + +static const unsigned char aes_test_ofb_pt[64] = +{ + 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96, + 0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A, + 0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C, + 0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51, + 0x30, 0xC8, 0x1C, 0x46, 0xA3, 0x5C, 0xE4, 0x11, + 0xE5, 0xFB, 0xC1, 0x19, 0x1A, 0x0A, 0x52, 0xEF, + 0xF6, 0x9F, 0x24, 0x45, 0xDF, 0x4F, 0x9B, 0x17, + 0xAD, 0x2B, 0x41, 0x7B, 0xE6, 0x6C, 0x37, 0x10 +}; + +static const unsigned char aes_test_ofb_ct[3][64] = +{ + { 0x3B, 0x3F, 0xD9, 0x2E, 0xB7, 0x2D, 0xAD, 0x20, + 0x33, 0x34, 0x49, 0xF8, 0xE8, 0x3C, 0xFB, 0x4A, + 0x77, 0x89, 0x50, 0x8d, 0x16, 0x91, 0x8f, 0x03, + 0xf5, 0x3c, 0x52, 0xda, 0xc5, 0x4e, 0xd8, 0x25, + 0x97, 0x40, 0x05, 0x1e, 0x9c, 0x5f, 0xec, 0xf6, + 0x43, 0x44, 0xf7, 0xa8, 0x22, 0x60, 0xed, 0xcc, + 0x30, 0x4c, 0x65, 0x28, 0xf6, 0x59, 0xc7, 0x78, + 0x66, 0xa5, 0x10, 0xd9, 0xc1, 0xd6, 0xae, 0x5e }, + { 0xCD, 0xC8, 0x0D, 0x6F, 0xDD, 0xF1, 0x8C, 0xAB, + 0x34, 0xC2, 0x59, 0x09, 0xC9, 0x9A, 0x41, 0x74, + 0xfc, 0xc2, 0x8b, 0x8d, 0x4c, 0x63, 0x83, 0x7c, + 0x09, 0xe8, 0x17, 0x00, 0xc1, 0x10, 0x04, 0x01, + 0x8d, 0x9a, 0x9a, 0xea, 0xc0, 0xf6, 0x59, 0x6f, + 0x55, 0x9c, 0x6d, 0x4d, 0xaf, 0x59, 0xa5, 0xf2, + 0x6d, 0x9f, 0x20, 0x08, 0x57, 0xca, 0x6c, 0x3e, + 0x9c, 0xac, 0x52, 0x4b, 0xd9, 0xac, 0xc9, 0x2a }, + { 0xDC, 0x7E, 0x84, 0xBF, 0xDA, 0x79, 0x16, 0x4B, + 0x7E, 0xCD, 0x84, 0x86, 0x98, 0x5D, 0x38, 0x60, + 0x4f, 0xeb, 0xdc, 0x67, 0x40, 0xd2, 0x0b, 0x3a, + 0xc8, 0x8f, 0x6a, 0xd8, 0x2a, 0x4f, 0xb0, 0x8d, + 0x71, 0xab, 0x47, 0xa0, 0x86, 0xe8, 0x6e, 0xed, + 0xf3, 0x9d, 0x1c, 0x5b, 0xba, 0x97, 0xc4, 0x08, + 0x01, 0x26, 0x14, 0x1d, 0x67, 0xf3, 0x7b, 0xe8, + 0x53, 0x8f, 0x5a, 0x8b, 0xe7, 0x40, 0xe4, 0x84 } +}; +#endif /* MBEDTLS_CIPHER_MODE_OFB */ + #if defined(MBEDTLS_CIPHER_MODE_CTR) /* * AES-CTR test vectors from: @@ -1539,6 +1610,69 @@ int mbedtls_aes_self_test( int verbose ) mbedtls_printf( "\n" ); #endif /* MBEDTLS_CIPHER_MODE_CFB */ +#if defined(MBEDTLS_CIPHER_MODE_OFB) + /* + * OFB mode + */ + for( i = 0; i < 6; i++ ) + { + u = i >> 1; + keybits = 128 + u * 64; + mode = i & 1; + + if( verbose != 0 ) + mbedtls_printf( " AES-OFB-%3d (%s): ", keybits, + ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); + + memcpy( iv, aes_test_ofb_iv, 16 ); + memcpy( key, aes_test_ofb_key[u], keybits / 8 ); + + offset = 0; + ret = mbedtls_aes_setkey_enc( &ctx, key, keybits ); + /* + * AES-192 is an optional feature that may be unavailable when + * there is an alternative underlying implementation i.e. when + * MBEDTLS_AES_ALT is defined. + */ + if( ret == MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE && keybits == 192 ) + { + mbedtls_printf( "skipped\n" ); + continue; + } + else if( ret != 0 ) + { + goto exit; + } + + if( mode == MBEDTLS_AES_DECRYPT ) + { + memcpy( buf, aes_test_ofb_ct[u], 64 ); + aes_tests = aes_test_ofb_pt; + } + else + { + memcpy( buf, aes_test_ofb_pt, 64 ); + aes_tests = aes_test_ofb_ct[u]; + } + + ret = mbedtls_aes_crypt_ofb( &ctx, 64, &offset, iv, buf, buf ); + if( ret != 0 ) + goto exit; + + if( memcmp( buf, aes_tests, 64 ) != 0 ) + { + ret = 1; + goto exit; + } + + if( verbose != 0 ) + mbedtls_printf( "passed\n" ); + } + + if( verbose != 0 ) + mbedtls_printf( "\n" ); +#endif /* MBEDTLS_CIPHER_MODE_OFB */ + #if defined(MBEDTLS_CIPHER_MODE_CTR) /* * CTR mode diff --git a/tests/Makefile b/tests/Makefile index e15d94576..23baef328 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -46,7 +46,7 @@ LOCAL_LDFLAGS += -lz endif APPS = test_suite_aes.ecb$(EXEXT) test_suite_aes.cbc$(EXEXT) \ - test_suite_aes.cfb$(EXEXT) test_suite_aes.ofb$(EXEXT) \ + test_suite_aes.cfb$(EXEXT) test_suite_aes.ofb$(EXEXT) \ test_suite_aes.rest$(EXEXT) \ test_suite_arc4$(EXEXT) test_suite_asn1write$(EXEXT) \ test_suite_base64$(EXEXT) test_suite_blowfish$(EXEXT) \ diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function index e1792dd5a..fc2cbacc3 100644 --- a/tests/suites/test_suite_aes.function +++ b/tests/suites/test_suite_aes.function @@ -316,7 +316,7 @@ void aes_encrypt_ofb( int fragment_size, char *hex_key_string, iv_len = unhexify( iv_str, hex_iv_string ); in_buffer_len = unhexify( src_str, hex_src_string ); - mbedtls_aes_setkey_enc( &ctx, key_str, key_len * 8 ); + TEST_ASSERT( mbedtls_aes_setkey_enc( &ctx, key_str, key_len * 8 ) == 0 ); src_str_next = src_str; while( in_buffer_len > 0 ) From f684c0e2e0d1ff6886a978a3d59d78b392c4daf5 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Sun, 29 Apr 2018 13:03:20 +0100 Subject: [PATCH 6/7] Update cipher.h for OFB block mode documentation Raises the doxygen comments for OFB to the same level as other block modes. --- include/mbedtls/cipher.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 62b925eec..bef5f65e9 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -145,9 +145,9 @@ typedef enum { MBEDTLS_CIPHER_CAMELLIA_128_CCM, /**< Camellia cipher with 128-bit CCM mode. */ MBEDTLS_CIPHER_CAMELLIA_192_CCM, /**< Camellia cipher with 192-bit CCM mode. */ MBEDTLS_CIPHER_CAMELLIA_256_CCM, /**< Camellia cipher with 256-bit CCM mode. */ - MBEDTLS_CIPHER_AES_128_OFB, - MBEDTLS_CIPHER_AES_192_OFB, - MBEDTLS_CIPHER_AES_256_OFB + MBEDTLS_CIPHER_AES_128_OFB, /**< AES 128-bit cipher in OFB mode. */ + MBEDTLS_CIPHER_AES_192_OFB, /**< AES 192-bit cipher in OFB mode. */ + MBEDTLS_CIPHER_AES_256_OFB, /**< AES 256-bit cipher in OFB mode. */ } mbedtls_cipher_type_t; /** Supported cipher modes. */ @@ -156,7 +156,7 @@ typedef enum { MBEDTLS_MODE_ECB, /**< The ECB cipher mode. */ MBEDTLS_MODE_CBC, /**< The CBC cipher mode. */ MBEDTLS_MODE_CFB, /**< The CFB cipher mode. */ - MBEDTLS_MODE_OFB, /**< The OFB cipher mode - unsupported. */ + MBEDTLS_MODE_OFB, /**< The OFB cipher mode. */ MBEDTLS_MODE_CTR, /**< The CTR cipher mode. */ MBEDTLS_MODE_GCM, /**< The GCM cipher mode. */ MBEDTLS_MODE_STREAM, /**< The stream cipher mode. */ From df67d3a57505efdee480b8762cc56b35f516cfd9 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Sun, 29 Apr 2018 14:51:35 +0100 Subject: [PATCH 7/7] Remove unused variable in AES OFB test suite Remove iv_len, an unused variable, in AES OFB test suite function, to fix gcc compiler warning. --- tests/suites/test_suite_aes.function | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function index fc2cbacc3..c45a9ed6f 100644 --- a/tests/suites/test_suite_aes.function +++ b/tests/suites/test_suite_aes.function @@ -303,7 +303,7 @@ void aes_encrypt_ofb( int fragment_size, char *hex_key_string, size_t iv_offset = 0; int in_buffer_len; unsigned char* src_str_next; - int key_len, iv_len; + int key_len; memset(key_str, 0x00, 100); memset(iv_str, 0x00, 100); @@ -313,7 +313,7 @@ void aes_encrypt_ofb( int fragment_size, char *hex_key_string, mbedtls_aes_init( &ctx ); key_len = unhexify( key_str, hex_key_string ); - iv_len = unhexify( iv_str, hex_iv_string ); + unhexify( iv_str, hex_iv_string ); in_buffer_len = unhexify( src_str, hex_src_string ); TEST_ASSERT( mbedtls_aes_setkey_enc( &ctx, key_str, key_len * 8 ) == 0 );