Merge remote-tracking branch 'public/pr/2276' into development

This commit is contained in:
Simon Butcher 2018-12-20 12:00:57 +00:00
commit ccafd14fee
4 changed files with 305 additions and 31 deletions

View file

@ -91,14 +91,16 @@ mbedtls_aria_context;
* It must be the first API called before using * It must be the first API called before using
* the context. * the context.
* *
* \param ctx The ARIA context to initialize. * \param ctx The ARIA context to initialize. This must not be \c NULL.
*/ */
void mbedtls_aria_init( mbedtls_aria_context *ctx ); void mbedtls_aria_init( mbedtls_aria_context *ctx );
/** /**
* \brief This function releases and clears the specified ARIA context. * \brief This function releases and clears the specified ARIA context.
* *
* \param ctx The ARIA context to clear. * \param ctx The ARIA context to clear. This may be \c NULL, in which
* case this function returns immediately. If it is not \c NULL,
* it must point to an initialized ARIA context.
*/ */
void mbedtls_aria_free( mbedtls_aria_context *ctx ); void mbedtls_aria_free( mbedtls_aria_context *ctx );
@ -106,14 +108,16 @@ void mbedtls_aria_free( mbedtls_aria_context *ctx );
* \brief This function sets the encryption key. * \brief This function sets the encryption key.
* *
* \param ctx The ARIA context to which the key should be bound. * \param ctx The ARIA context to which the key should be bound.
* \param key The encryption key. * This must be initialized.
* \param keybits The size of data passed in bits. Valid options are: * \param key The encryption key. This must be a readable buffer
* of size \p keybits Bits.
* \param keybits The size of \p key in Bits. Valid options are:
* <ul><li>128 bits</li> * <ul><li>128 bits</li>
* <li>192 bits</li> * <li>192 bits</li>
* <li>256 bits</li></ul> * <li>256 bits</li></ul>
* *
* \return \c 0 on success or #MBEDTLS_ERR_ARIA_BAD_INPUT_DATA * \return \c 0 on success.
* on failure. * \return A negative error code on failure.
*/ */
int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx, int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx,
const unsigned char *key, const unsigned char *key,
@ -123,13 +127,16 @@ int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx,
* \brief This function sets the decryption key. * \brief This function sets the decryption key.
* *
* \param ctx The ARIA context to which the key should be bound. * \param ctx The ARIA context to which the key should be bound.
* \param key The decryption key. * This must be initialized.
* \param key The decryption key. This must be a readable buffer
* of size \p keybits Bits.
* \param keybits The size of data passed. Valid options are: * \param keybits The size of data passed. Valid options are:
* <ul><li>128 bits</li> * <ul><li>128 bits</li>
* <li>192 bits</li> * <li>192 bits</li>
* <li>256 bits</li></ul> * <li>256 bits</li></ul>
* *
* \return \c 0 on success, or #MBEDTLS_ERR_ARIA_BAD_INPUT_DATA on failure. * \return \c 0 on success.
* \return A negative error code on failure.
*/ */
int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx, int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx,
const unsigned char *key, const unsigned char *key,
@ -148,10 +155,12 @@ int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx,
* call to this API with the same context. * call to this API with the same context.
* *
* \param ctx The ARIA context to use for encryption or decryption. * \param ctx The ARIA context to use for encryption or decryption.
* This must be initialized and bound to a key.
* \param input The 16-Byte buffer holding the input data. * \param input The 16-Byte buffer holding the input data.
* \param output The 16-Byte buffer holding the output data. * \param output The 16-Byte buffer holding the output data.
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure.
*/ */
int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx, int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx,
const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE], const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE],
@ -183,16 +192,21 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx,
* *
* *
* \param ctx The ARIA context to use for encryption or decryption. * \param ctx The ARIA context to use for encryption or decryption.
* \param mode The ARIA operation: #MBEDTLS_ARIA_ENCRYPT or * This must be initialized and bound to a key.
* #MBEDTLS_ARIA_DECRYPT. * \param mode The mode of operation. This must be either
* #MBEDTLS_ARIA_ENCRYPT for encryption, or
* #MBEDTLS_ARIA_DECRYPT for decryption.
* \param length The length of the input data in Bytes. This must be a * \param length The length of the input data in Bytes. This must be a
* multiple of the block size (16 Bytes). * multiple of the block size (16 Bytes).
* \param iv Initialization vector (updated after use). * \param iv Initialization vector (updated after use).
* \param input The buffer holding the input data. * This must be a readable buffer of size 16 Bytes.
* \param output The buffer holding the output data. * \param input The buffer holding the input data. This must
* be a readable buffer of length \p length Bytes.
* \param output The buffer holding the output data. This must
* be a writable buffer of length \p length Bytes.
* *
* \return \c 0 on success, or #MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH * \return \c 0 on success.
* on failure. * \return A negative error code on failure.
*/ */
int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx, int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx,
int mode, int mode,
@ -227,15 +241,22 @@ int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx,
* *
* *
* \param ctx The ARIA context to use for encryption or decryption. * \param ctx The ARIA context to use for encryption or decryption.
* \param mode The ARIA operation: #MBEDTLS_ARIA_ENCRYPT or * This must be initialized and bound to a key.
* #MBEDTLS_ARIA_DECRYPT. * \param mode The mode of operation. This must be either
* \param length The length of the input data. * #MBEDTLS_ARIA_ENCRYPT for encryption, or
* #MBEDTLS_ARIA_DECRYPT for decryption.
* \param length The length of the input data \p input in Bytes.
* \param iv_off The offset in IV (updated after use). * \param iv_off The offset in IV (updated after use).
* This must not be larger than 15.
* \param iv The initialization vector (updated after use). * \param iv The initialization vector (updated after use).
* \param input The buffer holding the input data. * This must be a readable buffer of size 16 Bytes.
* \param output The buffer holding the output data. * \param input The buffer holding the input data. This must
* be a readable buffer of length \p length Bytes.
* \param output The buffer holding the output data. This must
* be a writable buffer of length \p length Bytes.
* *
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure.
*/ */
int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx, int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx,
int mode, int mode,
@ -305,17 +326,24 @@ int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx,
* securely discarded as soon as it's no longer needed. * securely discarded as soon as it's no longer needed.
* *
* \param ctx The ARIA context to use for encryption or decryption. * \param ctx The ARIA context to use for encryption or decryption.
* \param length The length of the input data. * This must be initialized and bound to a key.
* \param nc_off The offset in the current \p stream_block, for * \param length The length of the input data \p input in Bytes.
* resuming within the current cipher stream. The * \param nc_off The offset in Bytes in the current \p stream_block,
* offset pointer should be 0 at the start of a stream. * for resuming within the current cipher stream. The
* \param nonce_counter The 128-bit nonce and counter. * offset pointer should be \c 0 at the start of a
* \param stream_block The saved stream block for resuming. This is * stream. This must not be larger than \c 15 Bytes.
* overwritten by the function. * \param nonce_counter The 128-bit nonce and counter. This must point to
* \param input The buffer holding the input data. * a read/write buffer of length \c 16 bytes.
* \param output The buffer holding the output data. * \param stream_block The saved stream block for resuming. This must
* point to a read/write buffer of length \c 16 bytes.
* This is overwritten by the function.
* \param input The buffer holding the input data. This must
* be a readable buffer of length \p length Bytes.
* \param output The buffer holding the output data. This must
* be a writable buffer of length \p length Bytes.
* *
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure.
*/ */
int mbedtls_aria_crypt_ctr( mbedtls_aria_context *ctx, int mbedtls_aria_crypt_ctr( mbedtls_aria_context *ctx,
size_t length, size_t length,

View file

@ -55,6 +55,12 @@
#define inline __inline #define inline __inline
#endif #endif
/* Parameter validation macros */
#define ARIA_VALIDATE_RET( cond ) \
MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ARIA_BAD_INPUT_DATA )
#define ARIA_VALIDATE( cond ) \
MBEDTLS_INTERNAL_VALIDATE( cond )
/* /*
* 32-bit integer manipulation macros (little endian) * 32-bit integer manipulation macros (little endian)
*/ */
@ -449,6 +455,8 @@ int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx,
int i; int i;
uint32_t w[4][4], *w2; uint32_t w[4][4], *w2;
ARIA_VALIDATE_RET( ctx != NULL );
ARIA_VALIDATE_RET( key != NULL );
if( keybits != 128 && keybits != 192 && keybits != 256 ) if( keybits != 128 && keybits != 192 && keybits != 256 )
return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA ); return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA );
@ -503,6 +511,8 @@ int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx,
const unsigned char *key, unsigned int keybits ) const unsigned char *key, unsigned int keybits )
{ {
int i, j, k, ret; int i, j, k, ret;
ARIA_VALIDATE_RET( ctx != NULL );
ARIA_VALIDATE_RET( key != NULL );
ret = mbedtls_aria_setkey_enc( ctx, key, keybits ); ret = mbedtls_aria_setkey_enc( ctx, key, keybits );
if( ret != 0 ) if( ret != 0 )
@ -539,6 +549,9 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx,
int i; int i;
uint32_t a, b, c, d; uint32_t a, b, c, d;
ARIA_VALIDATE_RET( ctx != NULL );
ARIA_VALIDATE_RET( input != NULL );
ARIA_VALIDATE_RET( output != NULL );
GET_UINT32_LE( a, input, 0 ); GET_UINT32_LE( a, input, 0 );
GET_UINT32_LE( b, input, 4 ); GET_UINT32_LE( b, input, 4 );
@ -586,6 +599,7 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx,
/* Initialize context */ /* Initialize context */
void mbedtls_aria_init( mbedtls_aria_context *ctx ) void mbedtls_aria_init( mbedtls_aria_context *ctx )
{ {
ARIA_VALIDATE( ctx != NULL );
memset( ctx, 0, sizeof( mbedtls_aria_context ) ); memset( ctx, 0, sizeof( mbedtls_aria_context ) );
} }
@ -612,6 +626,13 @@ int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx,
int i; int i;
unsigned char temp[MBEDTLS_ARIA_BLOCKSIZE]; unsigned char temp[MBEDTLS_ARIA_BLOCKSIZE];
ARIA_VALIDATE_RET( ctx != NULL );
ARIA_VALIDATE_RET( mode == MBEDTLS_ARIA_ENCRYPT ||
mode == MBEDTLS_ARIA_DECRYPT );
ARIA_VALIDATE_RET( length == 0 || input != NULL );
ARIA_VALIDATE_RET( length == 0 || output != NULL );
ARIA_VALIDATE_RET( iv != NULL );
if( length % MBEDTLS_ARIA_BLOCKSIZE ) if( length % MBEDTLS_ARIA_BLOCKSIZE )
return( MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH ); return( MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH );
@ -665,7 +686,23 @@ int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx,
unsigned char *output ) unsigned char *output )
{ {
unsigned char c; unsigned char c;
size_t n = *iv_off; size_t n;
ARIA_VALIDATE_RET( ctx != NULL );
ARIA_VALIDATE_RET( mode == MBEDTLS_ARIA_ENCRYPT ||
mode == MBEDTLS_ARIA_DECRYPT );
ARIA_VALIDATE_RET( length == 0 || input != NULL );
ARIA_VALIDATE_RET( length == 0 || output != NULL );
ARIA_VALIDATE_RET( iv != NULL );
ARIA_VALIDATE_RET( iv_off != NULL );
n = *iv_off;
/* An overly large value of n can lead to an unlimited
* buffer overflow. Therefore, guard against this
* outside of parameter validation. */
if( n >= MBEDTLS_ARIA_BLOCKSIZE )
return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA );
if( mode == MBEDTLS_ARIA_DECRYPT ) if( mode == MBEDTLS_ARIA_DECRYPT )
{ {
@ -713,7 +750,21 @@ int mbedtls_aria_crypt_ctr( mbedtls_aria_context *ctx,
unsigned char *output ) unsigned char *output )
{ {
int c, i; int c, i;
size_t n = *nc_off; size_t n;
ARIA_VALIDATE_RET( ctx != NULL );
ARIA_VALIDATE_RET( length == 0 || input != NULL );
ARIA_VALIDATE_RET( length == 0 || output != NULL );
ARIA_VALIDATE_RET( nonce_counter != NULL );
ARIA_VALIDATE_RET( stream_block != NULL );
ARIA_VALIDATE_RET( nc_off != NULL );
n = *nc_off;
/* An overly large value of n can lead to an unlimited
* buffer overflow. Therefore, guard against this
* outside of parameter validation. */
if( n >= MBEDTLS_ARIA_BLOCKSIZE )
return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA );
while( length-- ) while( length-- )
{ {

View file

@ -1,3 +1,9 @@
ARIA - Valid parameters
aria_valid_param:
ARIA - Invalid parameters
aria_invalid_param:
ARIA-128-ECB Encrypt - RFC 5794 ARIA-128-ECB Encrypt - RFC 5794
aria_encrypt_ecb:"000102030405060708090a0b0c0d0e0f":"00112233445566778899aabbccddeeff":"d718fbd6ab644c739da95f3be6451778":0 aria_encrypt_ecb:"000102030405060708090a0b0c0d0e0f":"00112233445566778899aabbccddeeff":"d718fbd6ab644c739da95f3be6451778":0

View file

@ -16,6 +16,195 @@
* END_DEPENDENCIES * END_DEPENDENCIES
*/ */
/* BEGIN_CASE */
void aria_valid_param( )
{
TEST_VALID_PARAM( mbedtls_aria_free( NULL ) );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
void aria_invalid_param( )
{
mbedtls_aria_context ctx;
unsigned char key[128 / 8] = { 0 };
unsigned char input[MBEDTLS_ARIA_BLOCKSIZE] = { 0 };
unsigned char output[MBEDTLS_ARIA_BLOCKSIZE] = { 0 };
unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE] = { 0 };
size_t iv_off = 0;
((void) iv_off);
((void) iv);
TEST_INVALID_PARAM( mbedtls_aria_init( NULL ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
mbedtls_aria_setkey_enc( NULL, key,
sizeof( key ) ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
mbedtls_aria_setkey_enc( &ctx, NULL,
sizeof( key ) ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
mbedtls_aria_setkey_dec( NULL, key,
sizeof( key ) ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
mbedtls_aria_setkey_dec( &ctx, NULL,
sizeof( key ) ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
mbedtls_aria_crypt_ecb( NULL, input, output ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
mbedtls_aria_crypt_ecb( &ctx, NULL, output ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
mbedtls_aria_crypt_ecb( &ctx, input, NULL ) );
#if defined(MBEDTLS_CIPHER_MODE_CBC)
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
mbedtls_aria_crypt_cbc( NULL,
MBEDTLS_ARIA_ENCRYPT,
sizeof( input ),
iv,
input,
output ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
mbedtls_aria_crypt_cbc( &ctx,
42 /* invalid mode */,
sizeof( input ),
iv,
input,
output ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
mbedtls_aria_crypt_cbc( &ctx,
MBEDTLS_ARIA_ENCRYPT,
sizeof( input ),
NULL,
input,
output ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
mbedtls_aria_crypt_cbc( &ctx,
MBEDTLS_ARIA_ENCRYPT,
sizeof( input ),
iv,
NULL,
output ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
mbedtls_aria_crypt_cbc( &ctx,
MBEDTLS_ARIA_ENCRYPT,
sizeof( input ),
iv,
input,
NULL ) );
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_CFB)
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
mbedtls_aria_crypt_cfb128( NULL,
MBEDTLS_ARIA_ENCRYPT,
sizeof( input ),
&iv_off,
iv,
input,
output ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
mbedtls_aria_crypt_cfb128( &ctx,
42, /* invalid mode */
sizeof( input ),
&iv_off,
iv,
input,
output ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
mbedtls_aria_crypt_cfb128( &ctx,
MBEDTLS_ARIA_ENCRYPT,
sizeof( input ),
NULL,
iv,
input,
output ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
mbedtls_aria_crypt_cfb128( &ctx,
MBEDTLS_ARIA_ENCRYPT,
sizeof( input ),
&iv_off,
NULL,
input,
output ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
mbedtls_aria_crypt_cfb128( &ctx,
MBEDTLS_ARIA_ENCRYPT,
sizeof( input ),
&iv_off,
iv,
NULL,
output ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
mbedtls_aria_crypt_cfb128( &ctx,
MBEDTLS_ARIA_ENCRYPT,
sizeof( input ),
&iv_off,
iv,
input,
NULL ) );
#endif /* MBEDTLS_CIPHER_MODE_CFB */
#if defined(MBEDTLS_CIPHER_MODE_CTR)
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
mbedtls_aria_crypt_ctr( NULL,
sizeof( input ),
&iv_off,
iv,
iv,
input,
output ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
mbedtls_aria_crypt_ctr( &ctx,
sizeof( input ),
NULL,
iv,
iv,
input,
output ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
mbedtls_aria_crypt_ctr( &ctx,
sizeof( input ),
&iv_off,
NULL,
iv,
input,
output ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
mbedtls_aria_crypt_ctr( &ctx,
sizeof( input ),
&iv_off,
iv,
NULL,
input,
output ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
mbedtls_aria_crypt_ctr( &ctx,
sizeof( input ),
&iv_off,
iv,
iv,
NULL,
output ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
mbedtls_aria_crypt_ctr( &ctx,
sizeof( input ),
&iv_off,
iv,
iv,
input,
NULL ) );
#endif /* MBEDTLS_CIPHER_MODE_CTR */
exit:
return;
}
/* END_CASE */
/* BEGIN_CASE */ /* BEGIN_CASE */
void aria_encrypt_ecb( char *hex_key_string, char *hex_src_string, void aria_encrypt_ecb( char *hex_key_string, char *hex_src_string,
char *hex_dst_string, int setkey_result ) char *hex_dst_string, int setkey_result )