Change return type of AES decrypt and encrypt

This patch modifies the following 2 functions in the AES module to
change the return type from void to int:
    * mbedtls_aes_encrypt() -> mbedtls_internal_aes_encrypt()
    * mbedtls_aes_decrypt() -> mbedtls_internal_aes_decrypt()
This change is necessary to allow users of MBEDTLS_AES_ALT,
MBEDTLS_AES_DECRYPT_ALT and MBEDTLS_AES_ENCRYPT_ALT to return an error
code when replacing the default with their own implementation, e.g.
a hardware crypto accelerator.
This commit is contained in:
Andres AG 2017-03-03 14:09:56 +00:00 committed by Simon Butcher
parent 2850cdaed9
commit f5bf7189d3
3 changed files with 82 additions and 16 deletions

View file

@ -19,6 +19,14 @@ Features
suppressing the CA list in Certificate Request messages. The default suppressing the CA list in Certificate Request messages. The default
behaviour has not changed, namely every configured CAs name is included. behaviour has not changed, namely every configured CAs name is included.
API Changes
* The following functions in the AES module have been deprecated and replaced
by the functions shown below. The new functions change the return type from
void to int to allow returning error codes when using MBEDTLS_AES_ALT,
MBEDTLS_AES_DECRYPT_ALT or MBEDTLS_AES_ENCRYPT_ALT.
mbedtls_aes_decrypt() -> mbedtls_internal_aes_decrypt()
mbedtls_aes_encrypt() -> mbedtls_internal_aes_encrypt()
Bugfix Bugfix
* Remove macros from compat-1.3.h that correspond to deleted items from most * Remove macros from compat-1.3.h that correspond to deleted items from most
recent versions of the library. Found by Kyle Keen. recent versions of the library. Found by Kyle Keen.

View file

@ -39,6 +39,11 @@
#define MBEDTLS_ERR_AES_INVALID_KEY_LENGTH -0x0020 /**< Invalid key length. */ #define MBEDTLS_ERR_AES_INVALID_KEY_LENGTH -0x0020 /**< Invalid key length. */
#define MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */ #define MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus)
#define inline __inline
#endif
#if !defined(MBEDTLS_AES_ALT) #if !defined(MBEDTLS_AES_ALT)
// Regular implementation // Regular implementation
// //
@ -253,10 +258,12 @@ int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
* \param ctx AES context * \param ctx AES context
* \param input Plaintext block * \param input Plaintext block
* \param output Output (ciphertext) block * \param output Output (ciphertext) block
*
* \return 0 if successful
*/ */
void mbedtls_aes_encrypt( mbedtls_aes_context *ctx, int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ); unsigned char output[16] );
/** /**
* \brief Internal AES block decryption function * \brief Internal AES block decryption function
@ -266,10 +273,59 @@ void mbedtls_aes_encrypt( mbedtls_aes_context *ctx,
* \param ctx AES context * \param ctx AES context
* \param input Ciphertext block * \param input Ciphertext block
* \param output Output (plaintext) block * \param output Output (plaintext) block
*
* \return 0 if successful
*/ */
void mbedtls_aes_decrypt( mbedtls_aes_context *ctx, int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ); unsigned char output[16] );
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
#define MBEDTLS_DEPRECATED __attribute__((deprecated))
#else
#define MBEDTLS_DEPRECATED
#endif
/**
* \brief Internal AES block encryption function
* (Only exposed to allow overriding it,
* see MBEDTLS_AES_ENCRYPT_ALT)
*
* \deprecated Superseded by mbedtls_aes_encrypt_ext() in 2.5.0
*
* \param ctx AES context
* \param input Plaintext block
* \param output Output (ciphertext) block
*/
MBEDTLS_DEPRECATED static inline void mbedtls_aes_encrypt(
mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16] )
{
mbedtls_internal_aes_encrypt( ctx, input, output );
}
/**
* \brief Internal AES block decryption function
* (Only exposed to allow overriding it,
* see MBEDTLS_AES_DECRYPT_ALT)
*
* \deprecated Superseded by mbedtls_aes_decrypt_ext() in 2.5.0
*
* \param ctx AES context
* \param input Ciphertext block
* \param output Output (plaintext) block
*/
MBEDTLS_DEPRECATED static inline void mbedtls_aes_decrypt(
mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16] )
{
mbedtls_internal_aes_decrypt( ctx, input, output );
}
#undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
#ifdef __cplusplus #ifdef __cplusplus
} }

View file

@ -710,9 +710,9 @@ exit:
* AES-ECB block encryption * AES-ECB block encryption
*/ */
#if !defined(MBEDTLS_AES_ENCRYPT_ALT) #if !defined(MBEDTLS_AES_ENCRYPT_ALT)
void mbedtls_aes_encrypt( mbedtls_aes_context *ctx, int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ) unsigned char output[16] )
{ {
int i; int i;
uint32_t *RK, X0, X1, X2, X3, Y0, Y1, Y2, Y3; uint32_t *RK, X0, X1, X2, X3, Y0, Y1, Y2, Y3;
@ -760,6 +760,8 @@ void mbedtls_aes_encrypt( mbedtls_aes_context *ctx,
PUT_UINT32_LE( X1, output, 4 ); PUT_UINT32_LE( X1, output, 4 );
PUT_UINT32_LE( X2, output, 8 ); PUT_UINT32_LE( X2, output, 8 );
PUT_UINT32_LE( X3, output, 12 ); PUT_UINT32_LE( X3, output, 12 );
return( 0 );
} }
#endif /* !MBEDTLS_AES_ENCRYPT_ALT */ #endif /* !MBEDTLS_AES_ENCRYPT_ALT */
@ -767,9 +769,9 @@ void mbedtls_aes_encrypt( mbedtls_aes_context *ctx,
* AES-ECB block decryption * AES-ECB block decryption
*/ */
#if !defined(MBEDTLS_AES_DECRYPT_ALT) #if !defined(MBEDTLS_AES_DECRYPT_ALT)
void mbedtls_aes_decrypt( mbedtls_aes_context *ctx, int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ) unsigned char output[16] )
{ {
int i; int i;
uint32_t *RK, X0, X1, X2, X3, Y0, Y1, Y2, Y3; uint32_t *RK, X0, X1, X2, X3, Y0, Y1, Y2, Y3;
@ -817,6 +819,8 @@ void mbedtls_aes_decrypt( mbedtls_aes_context *ctx,
PUT_UINT32_LE( X1, output, 4 ); PUT_UINT32_LE( X1, output, 4 );
PUT_UINT32_LE( X2, output, 8 ); PUT_UINT32_LE( X2, output, 8 );
PUT_UINT32_LE( X3, output, 12 ); PUT_UINT32_LE( X3, output, 12 );
return( 0 );
} }
#endif /* !MBEDTLS_AES_DECRYPT_ALT */ #endif /* !MBEDTLS_AES_DECRYPT_ALT */
@ -846,11 +850,9 @@ int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
#endif #endif
if( mode == MBEDTLS_AES_ENCRYPT ) if( mode == MBEDTLS_AES_ENCRYPT )
mbedtls_aes_encrypt( ctx, input, output ); return( mbedtls_internal_aes_encrypt( ctx, input, output ) );
else else
mbedtls_aes_decrypt( ctx, input, output ); return( mbedtls_internal_aes_decrypt( ctx, input, output ) );
return( 0 );
} }
#if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)