From f9c9c92a4031885a5bb304cd13333ebde2a1644f Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 23 Jun 2023 16:22:26 +0100 Subject: [PATCH 01/23] Change types in mbedtls_cipher_info_t Signed-off-by: Dave Rodgman --- include/mbedtls/cipher.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 2f89040713..be8e3be808 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -284,7 +284,7 @@ typedef struct mbedtls_cipher_info_t { * default length for variable sized ciphers. * Includes parity bits for ciphers like DES. */ - unsigned int MBEDTLS_PRIVATE(key_bitlen); + uint16_t MBEDTLS_PRIVATE(key_bitlen); /** Name of the cipher. */ const char *MBEDTLS_PRIVATE(name); @@ -293,16 +293,16 @@ typedef struct mbedtls_cipher_info_t { * For ciphers that accept variable IV sizes, * this is the recommended size. */ - unsigned int MBEDTLS_PRIVATE(iv_size); + uint16_t MBEDTLS_PRIVATE(iv_size); /** Bitflag comprised of MBEDTLS_CIPHER_VARIABLE_IV_LEN and * MBEDTLS_CIPHER_VARIABLE_KEY_LEN indicating whether the * cipher supports variable IV or variable key sizes, respectively. */ - int MBEDTLS_PRIVATE(flags); + uint8_t MBEDTLS_PRIVATE(flags); /** The block size, in Bytes. */ - unsigned int MBEDTLS_PRIVATE(block_size); + uint8_t MBEDTLS_PRIVATE(block_size); /** Struct for base cipher information and functions. */ const mbedtls_cipher_base_t *MBEDTLS_PRIVATE(base); From 48d13c514387c0dbb877e3b2da41d5021779f897 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sat, 24 Jun 2023 10:53:37 +0100 Subject: [PATCH 02/23] Use bit-fields Signed-off-by: Dave Rodgman --- include/mbedtls/cipher.h | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index be8e3be808..95bdf2d02f 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -275,10 +275,10 @@ typedef struct mbedtls_cipher_info_t { /** Full cipher identifier. For example, * MBEDTLS_CIPHER_AES_256_CBC. */ - mbedtls_cipher_type_t MBEDTLS_PRIVATE(type); + mbedtls_cipher_type_t MBEDTLS_PRIVATE(type) : 7; /** The cipher mode. For example, MBEDTLS_MODE_CBC. */ - mbedtls_cipher_mode_t MBEDTLS_PRIVATE(mode); + mbedtls_cipher_mode_t MBEDTLS_PRIVATE(mode) : 4; /** The cipher key length, in bits. This is the * default length for variable sized ciphers. @@ -299,10 +299,10 @@ typedef struct mbedtls_cipher_info_t { * MBEDTLS_CIPHER_VARIABLE_KEY_LEN indicating whether the * cipher supports variable IV or variable key sizes, respectively. */ - uint8_t MBEDTLS_PRIVATE(flags); + uint8_t MBEDTLS_PRIVATE(flags) : 2; - /** The block size, in Bytes. */ - uint8_t MBEDTLS_PRIVATE(block_size); + /** The block size, in bytes. */ + uint8_t MBEDTLS_PRIVATE(block_size) : 5; /** Struct for base cipher information and functions. */ const mbedtls_cipher_base_t *MBEDTLS_PRIVATE(base); From 3319ae96798926b8f83a7cacf64d03c0db1c9531 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sat, 24 Jun 2023 10:55:04 +0100 Subject: [PATCH 03/23] Re-order mbedtls_cipher_info_t Signed-off-by: Dave Rodgman --- include/mbedtls/cipher.h | 12 +- library/cipher_wrap.c | 498 +++++++++++++++++++-------------------- 2 files changed, 255 insertions(+), 255 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 95bdf2d02f..7e73e29399 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -272,6 +272,12 @@ typedef struct mbedtls_cmac_context_t mbedtls_cmac_context_t; * mbedtls_cipher_info_from_psa(). */ typedef struct mbedtls_cipher_info_t { + /** Name of the cipher. */ + const char *MBEDTLS_PRIVATE(name); + + /** Struct for base cipher information and functions. */ + const mbedtls_cipher_base_t *MBEDTLS_PRIVATE(base); + /** Full cipher identifier. For example, * MBEDTLS_CIPHER_AES_256_CBC. */ @@ -286,9 +292,6 @@ typedef struct mbedtls_cipher_info_t { */ uint16_t MBEDTLS_PRIVATE(key_bitlen); - /** Name of the cipher. */ - const char *MBEDTLS_PRIVATE(name); - /** IV or nonce size, in Bytes. * For ciphers that accept variable IV sizes, * this is the recommended size. @@ -304,9 +307,6 @@ typedef struct mbedtls_cipher_info_t { /** The block size, in bytes. */ uint8_t MBEDTLS_PRIVATE(block_size) : 5; - /** Struct for base cipher information and functions. */ - const mbedtls_cipher_base_t *MBEDTLS_PRIVATE(base); - } mbedtls_cipher_info_t; /** diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index c99627c071..34877be8f6 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -241,175 +241,175 @@ static const mbedtls_cipher_base_t aes_info = { }; static const mbedtls_cipher_info_t aes_128_ecb_info = { + "AES-128-ECB", + &aes_info, MBEDTLS_CIPHER_AES_128_ECB, MBEDTLS_MODE_ECB, 128, - "AES-128-ECB", 0, 0, - 16, - &aes_info + 16 }; static const mbedtls_cipher_info_t aes_192_ecb_info = { + "AES-192-ECB", + &aes_info, MBEDTLS_CIPHER_AES_192_ECB, MBEDTLS_MODE_ECB, 192, - "AES-192-ECB", 0, 0, - 16, - &aes_info + 16 }; static const mbedtls_cipher_info_t aes_256_ecb_info = { + "AES-256-ECB", + &aes_info, MBEDTLS_CIPHER_AES_256_ECB, MBEDTLS_MODE_ECB, 256, - "AES-256-ECB", 0, 0, - 16, - &aes_info + 16 }; #if defined(MBEDTLS_CIPHER_MODE_CBC) static const mbedtls_cipher_info_t aes_128_cbc_info = { + "AES-128-CBC", + &aes_info, MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MODE_CBC, 128, - "AES-128-CBC", 16, 0, - 16, - &aes_info + 16 }; static const mbedtls_cipher_info_t aes_192_cbc_info = { + "AES-192-CBC", + &aes_info, MBEDTLS_CIPHER_AES_192_CBC, MBEDTLS_MODE_CBC, 192, - "AES-192-CBC", 16, 0, - 16, - &aes_info + 16 }; static const mbedtls_cipher_info_t aes_256_cbc_info = { + "AES-256-CBC", + &aes_info, MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MODE_CBC, 256, - "AES-256-CBC", 16, 0, - 16, - &aes_info + 16 }; #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) static const mbedtls_cipher_info_t aes_128_cfb128_info = { + "AES-128-CFB128", + &aes_info, MBEDTLS_CIPHER_AES_128_CFB128, MBEDTLS_MODE_CFB, 128, - "AES-128-CFB128", 16, 0, - 16, - &aes_info + 16 }; static const mbedtls_cipher_info_t aes_192_cfb128_info = { + "AES-192-CFB128", + &aes_info, MBEDTLS_CIPHER_AES_192_CFB128, MBEDTLS_MODE_CFB, 192, - "AES-192-CFB128", 16, 0, - 16, - &aes_info + 16 }; static const mbedtls_cipher_info_t aes_256_cfb128_info = { + "AES-256-CFB128", + &aes_info, MBEDTLS_CIPHER_AES_256_CFB128, MBEDTLS_MODE_CFB, 256, - "AES-256-CFB128", 16, 0, - 16, - &aes_info + 16 }; #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_OFB) static const mbedtls_cipher_info_t aes_128_ofb_info = { + "AES-128-OFB", + &aes_info, MBEDTLS_CIPHER_AES_128_OFB, MBEDTLS_MODE_OFB, 128, - "AES-128-OFB", 16, 0, - 16, - &aes_info + 16 }; static const mbedtls_cipher_info_t aes_192_ofb_info = { + "AES-192-OFB", + &aes_info, MBEDTLS_CIPHER_AES_192_OFB, MBEDTLS_MODE_OFB, 192, - "AES-192-OFB", 16, 0, - 16, - &aes_info + 16 }; static const mbedtls_cipher_info_t aes_256_ofb_info = { + "AES-256-OFB", + &aes_info, MBEDTLS_CIPHER_AES_256_OFB, MBEDTLS_MODE_OFB, 256, - "AES-256-OFB", 16, 0, - 16, - &aes_info + 16 }; #endif /* MBEDTLS_CIPHER_MODE_OFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) static const mbedtls_cipher_info_t aes_128_ctr_info = { + "AES-128-CTR", + &aes_info, MBEDTLS_CIPHER_AES_128_CTR, MBEDTLS_MODE_CTR, 128, - "AES-128-CTR", 16, 0, - 16, - &aes_info + 16 }; static const mbedtls_cipher_info_t aes_192_ctr_info = { + "AES-192-CTR", + &aes_info, MBEDTLS_CIPHER_AES_192_CTR, MBEDTLS_MODE_CTR, 192, - "AES-192-CTR", 16, 0, - 16, - &aes_info + 16 }; static const mbedtls_cipher_info_t aes_256_ctr_info = { + "AES-256-CTR", + &aes_info, MBEDTLS_CIPHER_AES_256_CTR, MBEDTLS_MODE_CTR, 256, - "AES-256-CTR", 16, 0, - 16, - &aes_info + 16 }; #endif /* MBEDTLS_CIPHER_MODE_CTR */ @@ -479,25 +479,25 @@ static const mbedtls_cipher_base_t xts_aes_info = { }; static const mbedtls_cipher_info_t aes_128_xts_info = { + "AES-128-XTS", + &xts_aes_info, MBEDTLS_CIPHER_AES_128_XTS, MBEDTLS_MODE_XTS, 256, - "AES-128-XTS", 16, 0, - 16, - &xts_aes_info + 16 }; static const mbedtls_cipher_info_t aes_256_xts_info = { + "AES-256-XTS", + &xts_aes_info, MBEDTLS_CIPHER_AES_256_XTS, MBEDTLS_MODE_XTS, 512, - "AES-256-XTS", 16, 0, - 16, - &xts_aes_info + 16 }; #endif /* MBEDTLS_CIPHER_MODE_XTS */ @@ -537,36 +537,36 @@ static const mbedtls_cipher_base_t gcm_aes_info = { }; static const mbedtls_cipher_info_t aes_128_gcm_info = { + "AES-128-GCM", + &gcm_aes_info, MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MODE_GCM, 128, - "AES-128-GCM", 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &gcm_aes_info + 16 }; static const mbedtls_cipher_info_t aes_192_gcm_info = { + "AES-192-GCM", + &gcm_aes_info, MBEDTLS_CIPHER_AES_192_GCM, MBEDTLS_MODE_GCM, 192, - "AES-192-GCM", 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &gcm_aes_info + 16 }; static const mbedtls_cipher_info_t aes_256_gcm_info = { + "AES-256-GCM", + &gcm_aes_info, MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MODE_GCM, 256, - "AES-256-GCM", 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &gcm_aes_info + 16 }; #endif /* MBEDTLS_GCM_C */ @@ -606,69 +606,69 @@ static const mbedtls_cipher_base_t ccm_aes_info = { }; static const mbedtls_cipher_info_t aes_128_ccm_info = { + "AES-128-CCM", + &ccm_aes_info, MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MODE_CCM, 128, - "AES-128-CCM", 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &ccm_aes_info + 16 }; static const mbedtls_cipher_info_t aes_192_ccm_info = { + "AES-192-CCM", + &ccm_aes_info, MBEDTLS_CIPHER_AES_192_CCM, MBEDTLS_MODE_CCM, 192, - "AES-192-CCM", 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &ccm_aes_info + 16 }; static const mbedtls_cipher_info_t aes_256_ccm_info = { + "AES-256-CCM", + &ccm_aes_info, MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MODE_CCM, 256, - "AES-256-CCM", 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &ccm_aes_info + 16 }; static const mbedtls_cipher_info_t aes_128_ccm_star_no_tag_info = { + "AES-128-CCM*-NO-TAG", + &ccm_aes_info, MBEDTLS_CIPHER_AES_128_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, 128, - "AES-128-CCM*-NO-TAG", 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &ccm_aes_info + 16 }; static const mbedtls_cipher_info_t aes_192_ccm_star_no_tag_info = { + "AES-192-CCM*-NO-TAG", + &ccm_aes_info, MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, 192, - "AES-192-CCM*-NO-TAG", 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &ccm_aes_info + 16 }; static const mbedtls_cipher_info_t aes_256_ccm_star_no_tag_info = { + "AES-256-CCM*-NO-TAG", + &ccm_aes_info, MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, 256, - "AES-256-CCM*-NO-TAG", 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &ccm_aes_info + 16 }; #endif /* MBEDTLS_CCM_C */ @@ -773,140 +773,140 @@ static const mbedtls_cipher_base_t camellia_info = { }; static const mbedtls_cipher_info_t camellia_128_ecb_info = { + "CAMELLIA-128-ECB", + &camellia_info, MBEDTLS_CIPHER_CAMELLIA_128_ECB, MBEDTLS_MODE_ECB, 128, - "CAMELLIA-128-ECB", 0, 0, - 16, - &camellia_info + 16 }; static const mbedtls_cipher_info_t camellia_192_ecb_info = { + "CAMELLIA-192-ECB", + &camellia_info, MBEDTLS_CIPHER_CAMELLIA_192_ECB, MBEDTLS_MODE_ECB, 192, - "CAMELLIA-192-ECB", 0, 0, - 16, - &camellia_info + 16 }; static const mbedtls_cipher_info_t camellia_256_ecb_info = { + "CAMELLIA-256-ECB", + &camellia_info, MBEDTLS_CIPHER_CAMELLIA_256_ECB, MBEDTLS_MODE_ECB, 256, - "CAMELLIA-256-ECB", 0, 0, - 16, - &camellia_info + 16 }; #if defined(MBEDTLS_CIPHER_MODE_CBC) static const mbedtls_cipher_info_t camellia_128_cbc_info = { + "CAMELLIA-128-CBC", + &camellia_info, MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MODE_CBC, 128, - "CAMELLIA-128-CBC", 16, 0, - 16, - &camellia_info + 16 }; static const mbedtls_cipher_info_t camellia_192_cbc_info = { + "CAMELLIA-192-CBC", + &camellia_info, MBEDTLS_CIPHER_CAMELLIA_192_CBC, MBEDTLS_MODE_CBC, 192, - "CAMELLIA-192-CBC", 16, 0, - 16, - &camellia_info + 16 }; static const mbedtls_cipher_info_t camellia_256_cbc_info = { + "CAMELLIA-256-CBC", + &camellia_info, MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MODE_CBC, 256, - "CAMELLIA-256-CBC", 16, 0, - 16, - &camellia_info + 16 }; #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) static const mbedtls_cipher_info_t camellia_128_cfb128_info = { + "CAMELLIA-128-CFB128", + &camellia_info, MBEDTLS_CIPHER_CAMELLIA_128_CFB128, MBEDTLS_MODE_CFB, 128, - "CAMELLIA-128-CFB128", 16, 0, - 16, - &camellia_info + 16 }; static const mbedtls_cipher_info_t camellia_192_cfb128_info = { + "CAMELLIA-192-CFB128", + &camellia_info, MBEDTLS_CIPHER_CAMELLIA_192_CFB128, MBEDTLS_MODE_CFB, 192, - "CAMELLIA-192-CFB128", 16, 0, - 16, - &camellia_info + 16 }; static const mbedtls_cipher_info_t camellia_256_cfb128_info = { + "CAMELLIA-256-CFB128", + &camellia_info, MBEDTLS_CIPHER_CAMELLIA_256_CFB128, MBEDTLS_MODE_CFB, 256, - "CAMELLIA-256-CFB128", 16, 0, - 16, - &camellia_info + 16 }; #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) static const mbedtls_cipher_info_t camellia_128_ctr_info = { + "CAMELLIA-128-CTR", + &camellia_info, MBEDTLS_CIPHER_CAMELLIA_128_CTR, MBEDTLS_MODE_CTR, 128, - "CAMELLIA-128-CTR", 16, 0, - 16, - &camellia_info + 16 }; static const mbedtls_cipher_info_t camellia_192_ctr_info = { + "CAMELLIA-192-CTR", + &camellia_info, MBEDTLS_CIPHER_CAMELLIA_192_CTR, MBEDTLS_MODE_CTR, 192, - "CAMELLIA-192-CTR", 16, 0, - 16, - &camellia_info + 16 }; static const mbedtls_cipher_info_t camellia_256_ctr_info = { + "CAMELLIA-256-CTR", + &camellia_info, MBEDTLS_CIPHER_CAMELLIA_256_CTR, MBEDTLS_MODE_CTR, 256, - "CAMELLIA-256-CTR", 16, 0, - 16, - &camellia_info + 16 }; #endif /* MBEDTLS_CIPHER_MODE_CTR */ @@ -946,36 +946,36 @@ static const mbedtls_cipher_base_t gcm_camellia_info = { }; static const mbedtls_cipher_info_t camellia_128_gcm_info = { + "CAMELLIA-128-GCM", + &gcm_camellia_info, MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MODE_GCM, 128, - "CAMELLIA-128-GCM", 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &gcm_camellia_info + 16 }; static const mbedtls_cipher_info_t camellia_192_gcm_info = { + "CAMELLIA-192-GCM", + &gcm_camellia_info, MBEDTLS_CIPHER_CAMELLIA_192_GCM, MBEDTLS_MODE_GCM, 192, - "CAMELLIA-192-GCM", 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &gcm_camellia_info + 16 }; static const mbedtls_cipher_info_t camellia_256_gcm_info = { + "CAMELLIA-256-GCM", + &gcm_camellia_info, MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MODE_GCM, 256, - "CAMELLIA-256-GCM", 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &gcm_camellia_info + 16 }; #endif /* MBEDTLS_GCM_C */ @@ -1015,69 +1015,69 @@ static const mbedtls_cipher_base_t ccm_camellia_info = { }; static const mbedtls_cipher_info_t camellia_128_ccm_info = { + "CAMELLIA-128-CCM", + &ccm_camellia_info, MBEDTLS_CIPHER_CAMELLIA_128_CCM, MBEDTLS_MODE_CCM, 128, - "CAMELLIA-128-CCM", 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &ccm_camellia_info + 16 }; static const mbedtls_cipher_info_t camellia_192_ccm_info = { + "CAMELLIA-192-CCM", + &ccm_camellia_info, MBEDTLS_CIPHER_CAMELLIA_192_CCM, MBEDTLS_MODE_CCM, 192, - "CAMELLIA-192-CCM", 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &ccm_camellia_info + 16 }; static const mbedtls_cipher_info_t camellia_256_ccm_info = { + "CAMELLIA-256-CCM", + &ccm_camellia_info, MBEDTLS_CIPHER_CAMELLIA_256_CCM, MBEDTLS_MODE_CCM, 256, - "CAMELLIA-256-CCM", 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &ccm_camellia_info + 16 }; static const mbedtls_cipher_info_t camellia_128_ccm_star_no_tag_info = { + "CAMELLIA-128-CCM*-NO-TAG", + &ccm_camellia_info, MBEDTLS_CIPHER_CAMELLIA_128_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, 128, - "CAMELLIA-128-CCM*-NO-TAG", 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &ccm_camellia_info + 16 }; static const mbedtls_cipher_info_t camellia_192_ccm_star_no_tag_info = { + "CAMELLIA-192-CCM*-NO-TAG", + &ccm_camellia_info, MBEDTLS_CIPHER_CAMELLIA_192_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, 192, - "CAMELLIA-192-CCM*-NO-TAG", 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &ccm_camellia_info + 16 }; static const mbedtls_cipher_info_t camellia_256_ccm_star_no_tag_info = { + "CAMELLIA-256-CCM*-NO-TAG", + &ccm_camellia_info, MBEDTLS_CIPHER_CAMELLIA_256_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, 256, - "CAMELLIA-256-CCM*-NO-TAG", 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &ccm_camellia_info + 16 }; #endif /* MBEDTLS_CCM_C */ @@ -1183,140 +1183,140 @@ static const mbedtls_cipher_base_t aria_info = { }; static const mbedtls_cipher_info_t aria_128_ecb_info = { + "ARIA-128-ECB", + &aria_info, MBEDTLS_CIPHER_ARIA_128_ECB, MBEDTLS_MODE_ECB, 128, - "ARIA-128-ECB", 0, 0, - 16, - &aria_info + 16 }; static const mbedtls_cipher_info_t aria_192_ecb_info = { + "ARIA-192-ECB", + &aria_info, MBEDTLS_CIPHER_ARIA_192_ECB, MBEDTLS_MODE_ECB, 192, - "ARIA-192-ECB", 0, 0, - 16, - &aria_info + 16 }; static const mbedtls_cipher_info_t aria_256_ecb_info = { + "ARIA-256-ECB", + &aria_info, MBEDTLS_CIPHER_ARIA_256_ECB, MBEDTLS_MODE_ECB, 256, - "ARIA-256-ECB", 0, 0, - 16, - &aria_info + 16 }; #if defined(MBEDTLS_CIPHER_MODE_CBC) static const mbedtls_cipher_info_t aria_128_cbc_info = { + "ARIA-128-CBC", + &aria_info, MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MODE_CBC, 128, - "ARIA-128-CBC", 16, 0, - 16, - &aria_info + 16 }; static const mbedtls_cipher_info_t aria_192_cbc_info = { + "ARIA-192-CBC", + &aria_info, MBEDTLS_CIPHER_ARIA_192_CBC, MBEDTLS_MODE_CBC, 192, - "ARIA-192-CBC", 16, 0, - 16, - &aria_info + 16 }; static const mbedtls_cipher_info_t aria_256_cbc_info = { + "ARIA-256-CBC", + &aria_info, MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MODE_CBC, 256, - "ARIA-256-CBC", 16, 0, - 16, - &aria_info + 16 }; #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) static const mbedtls_cipher_info_t aria_128_cfb128_info = { + "ARIA-128-CFB128", + &aria_info, MBEDTLS_CIPHER_ARIA_128_CFB128, MBEDTLS_MODE_CFB, 128, - "ARIA-128-CFB128", 16, 0, - 16, - &aria_info + 16 }; static const mbedtls_cipher_info_t aria_192_cfb128_info = { + "ARIA-192-CFB128", + &aria_info, MBEDTLS_CIPHER_ARIA_192_CFB128, MBEDTLS_MODE_CFB, 192, - "ARIA-192-CFB128", 16, 0, - 16, - &aria_info + 16 }; static const mbedtls_cipher_info_t aria_256_cfb128_info = { + "ARIA-256-CFB128", + &aria_info, MBEDTLS_CIPHER_ARIA_256_CFB128, MBEDTLS_MODE_CFB, 256, - "ARIA-256-CFB128", 16, 0, - 16, - &aria_info + 16 }; #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) static const mbedtls_cipher_info_t aria_128_ctr_info = { + "ARIA-128-CTR", + &aria_info, MBEDTLS_CIPHER_ARIA_128_CTR, MBEDTLS_MODE_CTR, 128, - "ARIA-128-CTR", 16, 0, - 16, - &aria_info + 16 }; static const mbedtls_cipher_info_t aria_192_ctr_info = { + "ARIA-192-CTR", + &aria_info, MBEDTLS_CIPHER_ARIA_192_CTR, MBEDTLS_MODE_CTR, 192, - "ARIA-192-CTR", 16, 0, - 16, - &aria_info + 16 }; static const mbedtls_cipher_info_t aria_256_ctr_info = { + "ARIA-256-CTR", + &aria_info, MBEDTLS_CIPHER_ARIA_256_CTR, MBEDTLS_MODE_CTR, 256, - "ARIA-256-CTR", 16, 0, - 16, - &aria_info + 16 }; #endif /* MBEDTLS_CIPHER_MODE_CTR */ @@ -1356,36 +1356,36 @@ static const mbedtls_cipher_base_t gcm_aria_info = { }; static const mbedtls_cipher_info_t aria_128_gcm_info = { + "ARIA-128-GCM", + &gcm_aria_info, MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MODE_GCM, 128, - "ARIA-128-GCM", 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &gcm_aria_info + 16 }; static const mbedtls_cipher_info_t aria_192_gcm_info = { + "ARIA-192-GCM", + &gcm_aria_info, MBEDTLS_CIPHER_ARIA_192_GCM, MBEDTLS_MODE_GCM, 192, - "ARIA-192-GCM", 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &gcm_aria_info + 16 }; static const mbedtls_cipher_info_t aria_256_gcm_info = { + "ARIA-256-GCM", + &gcm_aria_info, MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MODE_GCM, 256, - "ARIA-256-GCM", 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &gcm_aria_info + 16 }; #endif /* MBEDTLS_GCM_C */ @@ -1425,69 +1425,69 @@ static const mbedtls_cipher_base_t ccm_aria_info = { }; static const mbedtls_cipher_info_t aria_128_ccm_info = { + "ARIA-128-CCM", + &ccm_aria_info, MBEDTLS_CIPHER_ARIA_128_CCM, MBEDTLS_MODE_CCM, 128, - "ARIA-128-CCM", 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &ccm_aria_info + 16 }; static const mbedtls_cipher_info_t aria_192_ccm_info = { + "ARIA-192-CCM", + &ccm_aria_info, MBEDTLS_CIPHER_ARIA_192_CCM, MBEDTLS_MODE_CCM, 192, - "ARIA-192-CCM", 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &ccm_aria_info + 16 }; static const mbedtls_cipher_info_t aria_256_ccm_info = { + "ARIA-256-CCM", + &ccm_aria_info, MBEDTLS_CIPHER_ARIA_256_CCM, MBEDTLS_MODE_CCM, 256, - "ARIA-256-CCM", 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &ccm_aria_info + 16 }; static const mbedtls_cipher_info_t aria_128_ccm_star_no_tag_info = { + "ARIA-128-CCM*-NO-TAG", + &ccm_aria_info, MBEDTLS_CIPHER_ARIA_128_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, 128, - "ARIA-128-CCM*-NO-TAG", 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &ccm_aria_info + 16 }; static const mbedtls_cipher_info_t aria_192_ccm_star_no_tag_info = { + "ARIA-192-CCM*-NO-TAG", + &ccm_aria_info, MBEDTLS_CIPHER_ARIA_192_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, 192, - "ARIA-192-CCM*-NO-TAG", 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &ccm_aria_info + 16 }; static const mbedtls_cipher_info_t aria_256_ccm_star_no_tag_info = { + "ARIA-256-CCM*-NO-TAG", + &ccm_aria_info, MBEDTLS_CIPHER_ARIA_256_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, 256, - "ARIA-256-CCM*-NO-TAG", 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &ccm_aria_info + 16 }; #endif /* MBEDTLS_CCM_C */ @@ -1642,26 +1642,26 @@ static const mbedtls_cipher_base_t des_info = { }; static const mbedtls_cipher_info_t des_ecb_info = { + "DES-ECB", + &des_info, MBEDTLS_CIPHER_DES_ECB, MBEDTLS_MODE_ECB, MBEDTLS_KEY_LENGTH_DES, - "DES-ECB", 0, 0, - 8, - &des_info + 8 }; #if defined(MBEDTLS_CIPHER_MODE_CBC) static const mbedtls_cipher_info_t des_cbc_info = { + "DES-CBC", + &des_info, MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MODE_CBC, MBEDTLS_KEY_LENGTH_DES, - "DES-CBC", 8, 0, - 8, - &des_info + 8 }; #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -1693,26 +1693,26 @@ static const mbedtls_cipher_base_t des_ede_info = { }; static const mbedtls_cipher_info_t des_ede_ecb_info = { + "DES-EDE-ECB", + &des_ede_info, MBEDTLS_CIPHER_DES_EDE_ECB, MBEDTLS_MODE_ECB, MBEDTLS_KEY_LENGTH_DES_EDE, - "DES-EDE-ECB", 0, 0, - 8, - &des_ede_info + 8 }; #if defined(MBEDTLS_CIPHER_MODE_CBC) static const mbedtls_cipher_info_t des_ede_cbc_info = { + "DES-EDE-CBC", + &des_ede_info, MBEDTLS_CIPHER_DES_EDE_CBC, MBEDTLS_MODE_CBC, MBEDTLS_KEY_LENGTH_DES_EDE, - "DES-EDE-CBC", 8, 0, - 8, - &des_ede_info + 8 }; #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -1744,25 +1744,25 @@ static const mbedtls_cipher_base_t des_ede3_info = { }; static const mbedtls_cipher_info_t des_ede3_ecb_info = { + "DES-EDE3-ECB", + &des_ede3_info, MBEDTLS_CIPHER_DES_EDE3_ECB, MBEDTLS_MODE_ECB, MBEDTLS_KEY_LENGTH_DES_EDE3, - "DES-EDE3-ECB", 0, 0, - 8, - &des_ede3_info + 8 }; #if defined(MBEDTLS_CIPHER_MODE_CBC) static const mbedtls_cipher_info_t des_ede3_cbc_info = { + "DES-EDE3-CBC", + &des_ede3_info, MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MODE_CBC, MBEDTLS_KEY_LENGTH_DES_EDE3, - "DES-EDE3-CBC", 8, 0, - 8, - &des_ede3_info + 8 }; #endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_DES_C */ @@ -1844,14 +1844,14 @@ static const mbedtls_cipher_base_t chacha20_base_info = { chacha20_ctx_free }; static const mbedtls_cipher_info_t chacha20_info = { + "CHACHA20", + &chacha20_base_info, MBEDTLS_CIPHER_CHACHA20, MBEDTLS_MODE_STREAM, 256, - "CHACHA20", 12, 0, - 1, - &chacha20_base_info + 1 }; #endif /* MBEDTLS_CHACHA20_C */ @@ -1919,14 +1919,14 @@ static const mbedtls_cipher_base_t chachapoly_base_info = { chachapoly_ctx_free }; static const mbedtls_cipher_info_t chachapoly_info = { + "CHACHA20-POLY1305", + &chachapoly_base_info, MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MODE_CHACHAPOLY, 256, - "CHACHA20-POLY1305", 12, 0, - 1, - &chachapoly_base_info + 1 }; #endif /* MBEDTLS_CHACHAPOLY_C */ @@ -1988,14 +1988,14 @@ static const mbedtls_cipher_base_t null_base_info = { }; static const mbedtls_cipher_info_t null_cipher_info = { + "NULL", + &null_base_info, MBEDTLS_CIPHER_NULL, MBEDTLS_MODE_STREAM, 0, - "NULL", 0, 0, - 1, - &null_base_info + 1 }; #endif /* defined(MBEDTLS_CIPHER_NULL_CIPHER) */ @@ -2059,69 +2059,69 @@ static const mbedtls_cipher_base_t kw_aes_info = { }; static const mbedtls_cipher_info_t aes_128_nist_kw_info = { + "AES-128-KW", + &kw_aes_info, MBEDTLS_CIPHER_AES_128_KW, MBEDTLS_MODE_KW, 128, - "AES-128-KW", 0, 0, - 16, - &kw_aes_info + 16 }; static const mbedtls_cipher_info_t aes_192_nist_kw_info = { + "AES-192-KW", + &kw_aes_info, MBEDTLS_CIPHER_AES_192_KW, MBEDTLS_MODE_KW, 192, - "AES-192-KW", 0, 0, - 16, - &kw_aes_info + 16 }; static const mbedtls_cipher_info_t aes_256_nist_kw_info = { + "AES-256-KW", + &kw_aes_info, MBEDTLS_CIPHER_AES_256_KW, MBEDTLS_MODE_KW, 256, - "AES-256-KW", 0, 0, - 16, - &kw_aes_info + 16 }; static const mbedtls_cipher_info_t aes_128_nist_kwp_info = { + "AES-128-KWP", + &kw_aes_info, MBEDTLS_CIPHER_AES_128_KWP, MBEDTLS_MODE_KWP, 128, - "AES-128-KWP", 0, 0, - 16, - &kw_aes_info + 16 }; static const mbedtls_cipher_info_t aes_192_nist_kwp_info = { + "AES-192-KWP", + &kw_aes_info, MBEDTLS_CIPHER_AES_192_KWP, MBEDTLS_MODE_KWP, 192, - "AES-192-KWP", 0, 0, - 16, - &kw_aes_info + 16 }; static const mbedtls_cipher_info_t aes_256_nist_kwp_info = { + "AES-256-KWP", + &kw_aes_info, MBEDTLS_CIPHER_AES_256_KWP, MBEDTLS_MODE_KWP, 256, - "AES-256-KWP", 0, 0, - 16, - &kw_aes_info + 16 }; #endif /* MBEDTLS_NIST_KW_C */ From 9282d4f13ad1a513a2f539ff0bed0e1925a6921d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sat, 24 Jun 2023 11:03:04 +0100 Subject: [PATCH 04/23] Don't directly access key_bitlen Signed-off-by: Dave Rodgman --- library/cipher.c | 4 ++-- library/pkcs12.c | 2 +- library/pkcs5.c | 2 +- tests/src/test_helpers/ssl_helpers.c | 4 ++-- tests/suites/test_suite_cipher.function | 4 ++-- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/library/cipher.c b/library/cipher.c index 81e855d465..7dc09ee945 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -129,7 +129,7 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( for (def = mbedtls_cipher_definitions; def->info != NULL; def++) { if (def->info->base->cipher == cipher_id && - def->info->key_bitlen == (unsigned) key_bitlen && + mbedtls_cipher_info_get_key_bitlen(def->info) == (unsigned) key_bitlen && def->info->mode == mode) { return def->info; } @@ -323,7 +323,7 @@ int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, #endif /* MBEDTLS_USE_PSA_CRYPTO */ if ((ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_KEY_LEN) == 0 && - (int) ctx->cipher_info->key_bitlen != key_bitlen) { + (int) mbedtls_cipher_info_get_key_bitlen(ctx->cipher_info) != key_bitlen) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } diff --git a/library/pkcs12.c b/library/pkcs12.c index ce2dcf27ea..a0966f6481 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -151,7 +151,7 @@ int mbedtls_pkcs12_pbe(mbedtls_asn1_buf *pbe_params, int mode, return MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE; } - keylen = cipher_info->key_bitlen / 8; + keylen = mbedtls_cipher_info_get_key_bitlen(cipher_info) / 8; if ((ret = pkcs12_pbe_derive_key_iv(pbe_params, md_type, pwd, pwdlen, key, keylen, diff --git a/library/pkcs5.c b/library/pkcs5.c index 94da9813e9..6cbb5208ac 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -176,7 +176,7 @@ int mbedtls_pkcs5_pbes2(const mbedtls_asn1_buf *pbe_params, int mode, * The value of keylen from pkcs5_parse_pbkdf2_params() is ignored * since it is optional and we don't know if it was set or not */ - keylen = cipher_info->key_bitlen / 8; + keylen = mbedtls_cipher_info_get_key_bitlen(cipher_info) / 8; if (enc_scheme_params.tag != MBEDTLS_ASN1_OCTET_STRING || enc_scheme_params.len != cipher_info->iv_size) { diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c index e8bbc78d1e..6027671d62 100644 --- a/tests/src/test_helpers/ssl_helpers.c +++ b/tests/src/test_helpers/ssl_helpers.c @@ -1143,10 +1143,10 @@ int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in, cipher_info = mbedtls_cipher_info_from_type(cipher_type); CHK(cipher_info != NULL); CHK(cipher_info->iv_size <= 16); - CHK(cipher_info->key_bitlen % 8 == 0); + CHK(mbedtls_cipher_info_get_key_bitlen(cipher_info) % 8 == 0); /* Pick keys */ - keylen = cipher_info->key_bitlen / 8; + keylen = mbedtls_cipher_info_get_key_bitlen(cipher_info) / 8; /* Allocate `keylen + 1` bytes to ensure that we get * a non-NULL pointers from `mbedtls_calloc` even if * `keylen == 0` in the case of the NULL cipher. */ diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index f8420458f2..aa2849bc85 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -586,12 +586,12 @@ void dec_empty_buf(int cipher, ASSERT_ALLOC(iv, iv_len); memset(iv, 0, iv_len); - TEST_ASSERT(sizeof(key) * 8 >= cipher_info->key_bitlen); + TEST_ASSERT(sizeof(key) * 8 >= mbedtls_cipher_info_get_key_bitlen(cipher_info)); TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx_dec, cipher_info)); TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx_dec, - key, cipher_info->key_bitlen, + key, mbedtls_cipher_info_get_key_bitlen(cipher_info), MBEDTLS_DECRYPT)); TEST_ASSERT(0 == mbedtls_cipher_set_iv(&ctx_dec, iv, iv_len)); From 6c6c84212ef94072b47f6ed47a06d9659569f8af Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sat, 24 Jun 2023 11:14:34 +0100 Subject: [PATCH 05/23] Use fewer bits for key_bitlen Signed-off-by: Dave Rodgman --- include/mbedtls/cipher.h | 9 ++- library/cipher_wrap.c | 166 +++++++++++++++++++-------------------- 2 files changed, 89 insertions(+), 86 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 7e73e29399..1a0f3ffcce 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -290,7 +290,7 @@ typedef struct mbedtls_cipher_info_t { * default length for variable sized ciphers. * Includes parity bits for ciphers like DES. */ - uint16_t MBEDTLS_PRIVATE(key_bitlen); + uint8_t MBEDTLS_PRIVATE(key_bitlen) : 4; /** IV or nonce size, in Bytes. * For ciphers that accept variable IV sizes, @@ -309,6 +309,9 @@ typedef struct mbedtls_cipher_info_t { } mbedtls_cipher_info_t; +/* This is used to more compactly represent the key_bitlen field above. It is for internal use only. */ +#define MBEDTLS_KEY_BITLEN_SHIFT 6 + /** * Generic cipher context. */ @@ -479,7 +482,7 @@ static inline size_t mbedtls_cipher_info_get_key_bitlen( if (info == NULL) { return 0; } else { - return info->MBEDTLS_PRIVATE(key_bitlen); + return info->MBEDTLS_PRIVATE(key_bitlen) << MBEDTLS_KEY_BITLEN_SHIFT; } } @@ -788,7 +791,7 @@ static inline int mbedtls_cipher_get_key_bitlen( return MBEDTLS_KEY_LENGTH_NONE; } - return (int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(key_bitlen); + return (int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(key_bitlen) << MBEDTLS_KEY_BITLEN_SHIFT; } /** diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index 34877be8f6..54ff9957c9 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -245,7 +245,7 @@ static const mbedtls_cipher_info_t aes_128_ecb_info = { &aes_info, MBEDTLS_CIPHER_AES_128_ECB, MBEDTLS_MODE_ECB, - 128, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 0, 0, 16 @@ -256,7 +256,7 @@ static const mbedtls_cipher_info_t aes_192_ecb_info = { &aes_info, MBEDTLS_CIPHER_AES_192_ECB, MBEDTLS_MODE_ECB, - 192, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 0, 0, 16 @@ -267,7 +267,7 @@ static const mbedtls_cipher_info_t aes_256_ecb_info = { &aes_info, MBEDTLS_CIPHER_AES_256_ECB, MBEDTLS_MODE_ECB, - 256, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 0, 0, 16 @@ -279,7 +279,7 @@ static const mbedtls_cipher_info_t aes_128_cbc_info = { &aes_info, MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MODE_CBC, - 128, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -290,7 +290,7 @@ static const mbedtls_cipher_info_t aes_192_cbc_info = { &aes_info, MBEDTLS_CIPHER_AES_192_CBC, MBEDTLS_MODE_CBC, - 192, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -301,7 +301,7 @@ static const mbedtls_cipher_info_t aes_256_cbc_info = { &aes_info, MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MODE_CBC, - 256, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -314,7 +314,7 @@ static const mbedtls_cipher_info_t aes_128_cfb128_info = { &aes_info, MBEDTLS_CIPHER_AES_128_CFB128, MBEDTLS_MODE_CFB, - 128, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -325,7 +325,7 @@ static const mbedtls_cipher_info_t aes_192_cfb128_info = { &aes_info, MBEDTLS_CIPHER_AES_192_CFB128, MBEDTLS_MODE_CFB, - 192, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -336,7 +336,7 @@ static const mbedtls_cipher_info_t aes_256_cfb128_info = { &aes_info, MBEDTLS_CIPHER_AES_256_CFB128, MBEDTLS_MODE_CFB, - 256, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -349,7 +349,7 @@ static const mbedtls_cipher_info_t aes_128_ofb_info = { &aes_info, MBEDTLS_CIPHER_AES_128_OFB, MBEDTLS_MODE_OFB, - 128, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -360,7 +360,7 @@ static const mbedtls_cipher_info_t aes_192_ofb_info = { &aes_info, MBEDTLS_CIPHER_AES_192_OFB, MBEDTLS_MODE_OFB, - 192, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -371,7 +371,7 @@ static const mbedtls_cipher_info_t aes_256_ofb_info = { &aes_info, MBEDTLS_CIPHER_AES_256_OFB, MBEDTLS_MODE_OFB, - 256, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -384,7 +384,7 @@ static const mbedtls_cipher_info_t aes_128_ctr_info = { &aes_info, MBEDTLS_CIPHER_AES_128_CTR, MBEDTLS_MODE_CTR, - 128, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -395,7 +395,7 @@ static const mbedtls_cipher_info_t aes_192_ctr_info = { &aes_info, MBEDTLS_CIPHER_AES_192_CTR, MBEDTLS_MODE_CTR, - 192, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -406,7 +406,7 @@ static const mbedtls_cipher_info_t aes_256_ctr_info = { &aes_info, MBEDTLS_CIPHER_AES_256_CTR, MBEDTLS_MODE_CTR, - 256, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -483,7 +483,7 @@ static const mbedtls_cipher_info_t aes_128_xts_info = { &xts_aes_info, MBEDTLS_CIPHER_AES_128_XTS, MBEDTLS_MODE_XTS, - 256, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -494,7 +494,7 @@ static const mbedtls_cipher_info_t aes_256_xts_info = { &xts_aes_info, MBEDTLS_CIPHER_AES_256_XTS, MBEDTLS_MODE_XTS, - 512, + 512 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -541,7 +541,7 @@ static const mbedtls_cipher_info_t aes_128_gcm_info = { &gcm_aes_info, MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MODE_GCM, - 128, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 @@ -552,7 +552,7 @@ static const mbedtls_cipher_info_t aes_192_gcm_info = { &gcm_aes_info, MBEDTLS_CIPHER_AES_192_GCM, MBEDTLS_MODE_GCM, - 192, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 @@ -563,7 +563,7 @@ static const mbedtls_cipher_info_t aes_256_gcm_info = { &gcm_aes_info, MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MODE_GCM, - 256, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 @@ -610,7 +610,7 @@ static const mbedtls_cipher_info_t aes_128_ccm_info = { &ccm_aes_info, MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MODE_CCM, - 128, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 @@ -621,7 +621,7 @@ static const mbedtls_cipher_info_t aes_192_ccm_info = { &ccm_aes_info, MBEDTLS_CIPHER_AES_192_CCM, MBEDTLS_MODE_CCM, - 192, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 @@ -632,7 +632,7 @@ static const mbedtls_cipher_info_t aes_256_ccm_info = { &ccm_aes_info, MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MODE_CCM, - 256, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 @@ -643,7 +643,7 @@ static const mbedtls_cipher_info_t aes_128_ccm_star_no_tag_info = { &ccm_aes_info, MBEDTLS_CIPHER_AES_128_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, - 128, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 @@ -654,7 +654,7 @@ static const mbedtls_cipher_info_t aes_192_ccm_star_no_tag_info = { &ccm_aes_info, MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, - 192, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 @@ -665,7 +665,7 @@ static const mbedtls_cipher_info_t aes_256_ccm_star_no_tag_info = { &ccm_aes_info, MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, - 256, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 @@ -777,7 +777,7 @@ static const mbedtls_cipher_info_t camellia_128_ecb_info = { &camellia_info, MBEDTLS_CIPHER_CAMELLIA_128_ECB, MBEDTLS_MODE_ECB, - 128, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 0, 0, 16 @@ -788,7 +788,7 @@ static const mbedtls_cipher_info_t camellia_192_ecb_info = { &camellia_info, MBEDTLS_CIPHER_CAMELLIA_192_ECB, MBEDTLS_MODE_ECB, - 192, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 0, 0, 16 @@ -799,7 +799,7 @@ static const mbedtls_cipher_info_t camellia_256_ecb_info = { &camellia_info, MBEDTLS_CIPHER_CAMELLIA_256_ECB, MBEDTLS_MODE_ECB, - 256, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 0, 0, 16 @@ -811,7 +811,7 @@ static const mbedtls_cipher_info_t camellia_128_cbc_info = { &camellia_info, MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MODE_CBC, - 128, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -822,7 +822,7 @@ static const mbedtls_cipher_info_t camellia_192_cbc_info = { &camellia_info, MBEDTLS_CIPHER_CAMELLIA_192_CBC, MBEDTLS_MODE_CBC, - 192, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -833,7 +833,7 @@ static const mbedtls_cipher_info_t camellia_256_cbc_info = { &camellia_info, MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MODE_CBC, - 256, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -846,7 +846,7 @@ static const mbedtls_cipher_info_t camellia_128_cfb128_info = { &camellia_info, MBEDTLS_CIPHER_CAMELLIA_128_CFB128, MBEDTLS_MODE_CFB, - 128, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -857,7 +857,7 @@ static const mbedtls_cipher_info_t camellia_192_cfb128_info = { &camellia_info, MBEDTLS_CIPHER_CAMELLIA_192_CFB128, MBEDTLS_MODE_CFB, - 192, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -868,7 +868,7 @@ static const mbedtls_cipher_info_t camellia_256_cfb128_info = { &camellia_info, MBEDTLS_CIPHER_CAMELLIA_256_CFB128, MBEDTLS_MODE_CFB, - 256, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -881,7 +881,7 @@ static const mbedtls_cipher_info_t camellia_128_ctr_info = { &camellia_info, MBEDTLS_CIPHER_CAMELLIA_128_CTR, MBEDTLS_MODE_CTR, - 128, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -892,7 +892,7 @@ static const mbedtls_cipher_info_t camellia_192_ctr_info = { &camellia_info, MBEDTLS_CIPHER_CAMELLIA_192_CTR, MBEDTLS_MODE_CTR, - 192, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -903,7 +903,7 @@ static const mbedtls_cipher_info_t camellia_256_ctr_info = { &camellia_info, MBEDTLS_CIPHER_CAMELLIA_256_CTR, MBEDTLS_MODE_CTR, - 256, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -950,7 +950,7 @@ static const mbedtls_cipher_info_t camellia_128_gcm_info = { &gcm_camellia_info, MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MODE_GCM, - 128, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 @@ -961,7 +961,7 @@ static const mbedtls_cipher_info_t camellia_192_gcm_info = { &gcm_camellia_info, MBEDTLS_CIPHER_CAMELLIA_192_GCM, MBEDTLS_MODE_GCM, - 192, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 @@ -972,7 +972,7 @@ static const mbedtls_cipher_info_t camellia_256_gcm_info = { &gcm_camellia_info, MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MODE_GCM, - 256, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 @@ -1019,7 +1019,7 @@ static const mbedtls_cipher_info_t camellia_128_ccm_info = { &ccm_camellia_info, MBEDTLS_CIPHER_CAMELLIA_128_CCM, MBEDTLS_MODE_CCM, - 128, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 @@ -1030,7 +1030,7 @@ static const mbedtls_cipher_info_t camellia_192_ccm_info = { &ccm_camellia_info, MBEDTLS_CIPHER_CAMELLIA_192_CCM, MBEDTLS_MODE_CCM, - 192, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 @@ -1041,7 +1041,7 @@ static const mbedtls_cipher_info_t camellia_256_ccm_info = { &ccm_camellia_info, MBEDTLS_CIPHER_CAMELLIA_256_CCM, MBEDTLS_MODE_CCM, - 256, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 @@ -1052,7 +1052,7 @@ static const mbedtls_cipher_info_t camellia_128_ccm_star_no_tag_info = { &ccm_camellia_info, MBEDTLS_CIPHER_CAMELLIA_128_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, - 128, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 @@ -1063,7 +1063,7 @@ static const mbedtls_cipher_info_t camellia_192_ccm_star_no_tag_info = { &ccm_camellia_info, MBEDTLS_CIPHER_CAMELLIA_192_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, - 192, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 @@ -1074,7 +1074,7 @@ static const mbedtls_cipher_info_t camellia_256_ccm_star_no_tag_info = { &ccm_camellia_info, MBEDTLS_CIPHER_CAMELLIA_256_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, - 256, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 @@ -1187,7 +1187,7 @@ static const mbedtls_cipher_info_t aria_128_ecb_info = { &aria_info, MBEDTLS_CIPHER_ARIA_128_ECB, MBEDTLS_MODE_ECB, - 128, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 0, 0, 16 @@ -1198,7 +1198,7 @@ static const mbedtls_cipher_info_t aria_192_ecb_info = { &aria_info, MBEDTLS_CIPHER_ARIA_192_ECB, MBEDTLS_MODE_ECB, - 192, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 0, 0, 16 @@ -1209,7 +1209,7 @@ static const mbedtls_cipher_info_t aria_256_ecb_info = { &aria_info, MBEDTLS_CIPHER_ARIA_256_ECB, MBEDTLS_MODE_ECB, - 256, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 0, 0, 16 @@ -1221,7 +1221,7 @@ static const mbedtls_cipher_info_t aria_128_cbc_info = { &aria_info, MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MODE_CBC, - 128, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -1232,7 +1232,7 @@ static const mbedtls_cipher_info_t aria_192_cbc_info = { &aria_info, MBEDTLS_CIPHER_ARIA_192_CBC, MBEDTLS_MODE_CBC, - 192, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -1243,7 +1243,7 @@ static const mbedtls_cipher_info_t aria_256_cbc_info = { &aria_info, MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MODE_CBC, - 256, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -1256,7 +1256,7 @@ static const mbedtls_cipher_info_t aria_128_cfb128_info = { &aria_info, MBEDTLS_CIPHER_ARIA_128_CFB128, MBEDTLS_MODE_CFB, - 128, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -1267,7 +1267,7 @@ static const mbedtls_cipher_info_t aria_192_cfb128_info = { &aria_info, MBEDTLS_CIPHER_ARIA_192_CFB128, MBEDTLS_MODE_CFB, - 192, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -1278,7 +1278,7 @@ static const mbedtls_cipher_info_t aria_256_cfb128_info = { &aria_info, MBEDTLS_CIPHER_ARIA_256_CFB128, MBEDTLS_MODE_CFB, - 256, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -1291,7 +1291,7 @@ static const mbedtls_cipher_info_t aria_128_ctr_info = { &aria_info, MBEDTLS_CIPHER_ARIA_128_CTR, MBEDTLS_MODE_CTR, - 128, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -1302,7 +1302,7 @@ static const mbedtls_cipher_info_t aria_192_ctr_info = { &aria_info, MBEDTLS_CIPHER_ARIA_192_CTR, MBEDTLS_MODE_CTR, - 192, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -1313,7 +1313,7 @@ static const mbedtls_cipher_info_t aria_256_ctr_info = { &aria_info, MBEDTLS_CIPHER_ARIA_256_CTR, MBEDTLS_MODE_CTR, - 256, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 16, 0, 16 @@ -1360,7 +1360,7 @@ static const mbedtls_cipher_info_t aria_128_gcm_info = { &gcm_aria_info, MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MODE_GCM, - 128, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 @@ -1371,7 +1371,7 @@ static const mbedtls_cipher_info_t aria_192_gcm_info = { &gcm_aria_info, MBEDTLS_CIPHER_ARIA_192_GCM, MBEDTLS_MODE_GCM, - 192, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 @@ -1382,7 +1382,7 @@ static const mbedtls_cipher_info_t aria_256_gcm_info = { &gcm_aria_info, MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MODE_GCM, - 256, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 @@ -1429,7 +1429,7 @@ static const mbedtls_cipher_info_t aria_128_ccm_info = { &ccm_aria_info, MBEDTLS_CIPHER_ARIA_128_CCM, MBEDTLS_MODE_CCM, - 128, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 @@ -1440,7 +1440,7 @@ static const mbedtls_cipher_info_t aria_192_ccm_info = { &ccm_aria_info, MBEDTLS_CIPHER_ARIA_192_CCM, MBEDTLS_MODE_CCM, - 192, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 @@ -1451,7 +1451,7 @@ static const mbedtls_cipher_info_t aria_256_ccm_info = { &ccm_aria_info, MBEDTLS_CIPHER_ARIA_256_CCM, MBEDTLS_MODE_CCM, - 256, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 @@ -1462,7 +1462,7 @@ static const mbedtls_cipher_info_t aria_128_ccm_star_no_tag_info = { &ccm_aria_info, MBEDTLS_CIPHER_ARIA_128_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, - 128, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 @@ -1473,7 +1473,7 @@ static const mbedtls_cipher_info_t aria_192_ccm_star_no_tag_info = { &ccm_aria_info, MBEDTLS_CIPHER_ARIA_192_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, - 192, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 @@ -1484,7 +1484,7 @@ static const mbedtls_cipher_info_t aria_256_ccm_star_no_tag_info = { &ccm_aria_info, MBEDTLS_CIPHER_ARIA_256_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, - 256, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 12, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 @@ -1646,7 +1646,7 @@ static const mbedtls_cipher_info_t des_ecb_info = { &des_info, MBEDTLS_CIPHER_DES_ECB, MBEDTLS_MODE_ECB, - MBEDTLS_KEY_LENGTH_DES, + MBEDTLS_KEY_LENGTH_DES >> MBEDTLS_KEY_BITLEN_SHIFT, 0, 0, 8 @@ -1658,7 +1658,7 @@ static const mbedtls_cipher_info_t des_cbc_info = { &des_info, MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MODE_CBC, - MBEDTLS_KEY_LENGTH_DES, + MBEDTLS_KEY_LENGTH_DES >> MBEDTLS_KEY_BITLEN_SHIFT, 8, 0, 8 @@ -1697,7 +1697,7 @@ static const mbedtls_cipher_info_t des_ede_ecb_info = { &des_ede_info, MBEDTLS_CIPHER_DES_EDE_ECB, MBEDTLS_MODE_ECB, - MBEDTLS_KEY_LENGTH_DES_EDE, + MBEDTLS_KEY_LENGTH_DES_EDE >> MBEDTLS_KEY_BITLEN_SHIFT, 0, 0, 8 @@ -1709,7 +1709,7 @@ static const mbedtls_cipher_info_t des_ede_cbc_info = { &des_ede_info, MBEDTLS_CIPHER_DES_EDE_CBC, MBEDTLS_MODE_CBC, - MBEDTLS_KEY_LENGTH_DES_EDE, + MBEDTLS_KEY_LENGTH_DES_EDE >> MBEDTLS_KEY_BITLEN_SHIFT, 8, 0, 8 @@ -1748,7 +1748,7 @@ static const mbedtls_cipher_info_t des_ede3_ecb_info = { &des_ede3_info, MBEDTLS_CIPHER_DES_EDE3_ECB, MBEDTLS_MODE_ECB, - MBEDTLS_KEY_LENGTH_DES_EDE3, + MBEDTLS_KEY_LENGTH_DES_EDE3 >> MBEDTLS_KEY_BITLEN_SHIFT, 0, 0, 8 @@ -1759,7 +1759,7 @@ static const mbedtls_cipher_info_t des_ede3_cbc_info = { &des_ede3_info, MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MODE_CBC, - MBEDTLS_KEY_LENGTH_DES_EDE3, + MBEDTLS_KEY_LENGTH_DES_EDE3 >> MBEDTLS_KEY_BITLEN_SHIFT, 8, 0, 8 @@ -1848,7 +1848,7 @@ static const mbedtls_cipher_info_t chacha20_info = { &chacha20_base_info, MBEDTLS_CIPHER_CHACHA20, MBEDTLS_MODE_STREAM, - 256, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 12, 0, 1 @@ -1923,7 +1923,7 @@ static const mbedtls_cipher_info_t chachapoly_info = { &chachapoly_base_info, MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MODE_CHACHAPOLY, - 256, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 12, 0, 1 @@ -1992,7 +1992,7 @@ static const mbedtls_cipher_info_t null_cipher_info = { &null_base_info, MBEDTLS_CIPHER_NULL, MBEDTLS_MODE_STREAM, - 0, + 0 >> MBEDTLS_KEY_BITLEN_SHIFT, 0, 0, 1 @@ -2063,7 +2063,7 @@ static const mbedtls_cipher_info_t aes_128_nist_kw_info = { &kw_aes_info, MBEDTLS_CIPHER_AES_128_KW, MBEDTLS_MODE_KW, - 128, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 0, 0, 16 @@ -2074,7 +2074,7 @@ static const mbedtls_cipher_info_t aes_192_nist_kw_info = { &kw_aes_info, MBEDTLS_CIPHER_AES_192_KW, MBEDTLS_MODE_KW, - 192, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 0, 0, 16 @@ -2085,7 +2085,7 @@ static const mbedtls_cipher_info_t aes_256_nist_kw_info = { &kw_aes_info, MBEDTLS_CIPHER_AES_256_KW, MBEDTLS_MODE_KW, - 256, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 0, 0, 16 @@ -2096,7 +2096,7 @@ static const mbedtls_cipher_info_t aes_128_nist_kwp_info = { &kw_aes_info, MBEDTLS_CIPHER_AES_128_KWP, MBEDTLS_MODE_KWP, - 128, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 0, 0, 16 @@ -2107,7 +2107,7 @@ static const mbedtls_cipher_info_t aes_192_nist_kwp_info = { &kw_aes_info, MBEDTLS_CIPHER_AES_192_KWP, MBEDTLS_MODE_KWP, - 192, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 0, 0, 16 @@ -2118,7 +2118,7 @@ static const mbedtls_cipher_info_t aes_256_nist_kwp_info = { &kw_aes_info, MBEDTLS_CIPHER_AES_256_KWP, MBEDTLS_MODE_KWP, - 256, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 0, 0, 16 From bb521fdbc936f5cc29632158dfdc5a7efbd25ba1 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sat, 24 Jun 2023 11:21:25 +0100 Subject: [PATCH 06/23] Don't directly access iv_size Signed-off-by: Dave Rodgman --- library/cipher.c | 6 +++--- library/pkcs12.c | 4 ++-- library/pkcs5.c | 2 +- library/ssl_tls.c | 2 +- tests/src/test_helpers/ssl_helpers.c | 4 ++-- 5 files changed, 9 insertions(+), 9 deletions(-) diff --git a/library/cipher.c b/library/cipher.c index 7dc09ee945..dfbbbfd2d3 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -375,7 +375,7 @@ int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx, if ((ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_IV_LEN) != 0) { actual_iv_size = iv_len; } else { - actual_iv_size = ctx->cipher_info->iv_size; + actual_iv_size = mbedtls_cipher_info_get_iv_size(ctx->cipher_info); /* avoid reading past the end of input buffer */ if (actual_iv_size > iv_len) { @@ -1363,7 +1363,7 @@ static int mbedtls_cipher_aead_encrypt(mbedtls_cipher_context_t *ctx, #if defined(MBEDTLS_CHACHAPOLY_C) if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) { /* ChachaPoly has fixed length nonce and MAC (tag) */ - if ((iv_len != ctx->cipher_info->iv_size) || + if ((iv_len != mbedtls_cipher_info_get_iv_size(ctx->cipher_info)) || (tag_len != 16U)) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } @@ -1459,7 +1459,7 @@ static int mbedtls_cipher_aead_decrypt(mbedtls_cipher_context_t *ctx, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* ChachaPoly has fixed length nonce and MAC (tag) */ - if ((iv_len != ctx->cipher_info->iv_size) || + if ((iv_len != mbedtls_cipher_info_get_iv_size(ctx->cipher_info)) || (tag_len != 16U)) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } diff --git a/library/pkcs12.c b/library/pkcs12.c index a0966f6481..8540de22da 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -155,7 +155,7 @@ int mbedtls_pkcs12_pbe(mbedtls_asn1_buf *pbe_params, int mode, if ((ret = pkcs12_pbe_derive_key_iv(pbe_params, md_type, pwd, pwdlen, key, keylen, - iv, cipher_info->iv_size)) != 0) { + iv, mbedtls_cipher_info_get_iv_size(cipher_info))) != 0) { return ret; } @@ -171,7 +171,7 @@ int mbedtls_pkcs12_pbe(mbedtls_asn1_buf *pbe_params, int mode, goto exit; } - if ((ret = mbedtls_cipher_set_iv(&cipher_ctx, iv, cipher_info->iv_size)) != 0) { + if ((ret = mbedtls_cipher_set_iv(&cipher_ctx, iv, mbedtls_cipher_info_get_iv_size(cipher_info))) != 0) { goto exit; } diff --git a/library/pkcs5.c b/library/pkcs5.c index 6cbb5208ac..8d39eab18d 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -179,7 +179,7 @@ int mbedtls_pkcs5_pbes2(const mbedtls_asn1_buf *pbe_params, int mode, keylen = mbedtls_cipher_info_get_key_bitlen(cipher_info) / 8; if (enc_scheme_params.tag != MBEDTLS_ASN1_OCTET_STRING || - enc_scheme_params.len != cipher_info->iv_size) { + enc_scheme_params.len != mbedtls_cipher_info_get_iv_size(cipher_info)) { return MBEDTLS_ERR_PKCS5_INVALID_FORMAT; } diff --git a/library/ssl_tls.c b/library/ssl_tls.c index f0067f4b2d..36c96f26dd 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -8420,7 +8420,7 @@ static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform, #if defined(MBEDTLS_USE_PSA_CRYPTO) transform->ivlen = PSA_CIPHER_IV_LENGTH(key_type, alg); #else - transform->ivlen = cipher_info->iv_size; + transform->ivlen = mbedtls_cipher_info_get_iv_size(cipher_info); #endif /* MBEDTLS_USE_PSA_CRYPTO */ /* Minimum length */ diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c index 6027671d62..8e67352662 100644 --- a/tests/src/test_helpers/ssl_helpers.c +++ b/tests/src/test_helpers/ssl_helpers.c @@ -1142,7 +1142,7 @@ int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in, /* Pick cipher */ cipher_info = mbedtls_cipher_info_from_type(cipher_type); CHK(cipher_info != NULL); - CHK(cipher_info->iv_size <= 16); + CHK(mbedtls_cipher_info_get_iv_size(cipher_info) <= 16); CHK(mbedtls_cipher_info_get_key_bitlen(cipher_info) % 8 == 0); /* Pick keys */ @@ -1273,7 +1273,7 @@ int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in, /* Pick IV's (regardless of whether they * are being used by the transform). */ - ivlen = cipher_info->iv_size; + ivlen = mbedtls_cipher_info_get_iv_size(cipher_info); memset(iv_enc, 0x3, sizeof(iv_enc)); memset(iv_dec, 0x4, sizeof(iv_dec)); From 0ffb68ee3fd4fa65b60186c1d4a3fd36f1087a12 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sat, 24 Jun 2023 11:30:45 +0100 Subject: [PATCH 07/23] Use fewer bits for iv_size Signed-off-by: Dave Rodgman --- include/mbedtls/cipher.h | 10 ++- library/cipher_wrap.c | 166 +++++++++++++++++++-------------------- 2 files changed, 89 insertions(+), 87 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 1a0f3ffcce..a133ed9104 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -296,7 +296,7 @@ typedef struct mbedtls_cipher_info_t { * For ciphers that accept variable IV sizes, * this is the recommended size. */ - uint16_t MBEDTLS_PRIVATE(iv_size); + uint8_t MBEDTLS_PRIVATE(iv_size) : 3; /** Bitflag comprised of MBEDTLS_CIPHER_VARIABLE_IV_LEN and * MBEDTLS_CIPHER_VARIABLE_KEY_LEN indicating whether the @@ -309,8 +309,10 @@ typedef struct mbedtls_cipher_info_t { } mbedtls_cipher_info_t; -/* This is used to more compactly represent the key_bitlen field above. It is for internal use only. */ +/* For internal use only. + * These are used to more compactly represent the key_bitlen and iv_size fields above. */ #define MBEDTLS_KEY_BITLEN_SHIFT 6 +#define MBEDTLS_IV_SIZE_SHIFT 2 /** * Generic cipher context. @@ -524,7 +526,7 @@ static inline size_t mbedtls_cipher_info_get_iv_size( return 0; } - return (size_t) info->MBEDTLS_PRIVATE(iv_size); + return ((size_t) info->MBEDTLS_PRIVATE(iv_size)) << MBEDTLS_IV_SIZE_SHIFT; } /** @@ -730,7 +732,7 @@ static inline int mbedtls_cipher_get_iv_size( return (int) ctx->MBEDTLS_PRIVATE(iv_size); } - return (int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(iv_size); + return (int) (((int)ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(iv_size)) << MBEDTLS_IV_SIZE_SHIFT); } /** diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index 54ff9957c9..b4f1619dd3 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -246,7 +246,7 @@ static const mbedtls_cipher_info_t aes_128_ecb_info = { MBEDTLS_CIPHER_AES_128_ECB, MBEDTLS_MODE_ECB, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0, + 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -257,7 +257,7 @@ static const mbedtls_cipher_info_t aes_192_ecb_info = { MBEDTLS_CIPHER_AES_192_ECB, MBEDTLS_MODE_ECB, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0, + 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -268,7 +268,7 @@ static const mbedtls_cipher_info_t aes_256_ecb_info = { MBEDTLS_CIPHER_AES_256_ECB, MBEDTLS_MODE_ECB, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0, + 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -280,7 +280,7 @@ static const mbedtls_cipher_info_t aes_128_cbc_info = { MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MODE_CBC, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -291,7 +291,7 @@ static const mbedtls_cipher_info_t aes_192_cbc_info = { MBEDTLS_CIPHER_AES_192_CBC, MBEDTLS_MODE_CBC, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -302,7 +302,7 @@ static const mbedtls_cipher_info_t aes_256_cbc_info = { MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MODE_CBC, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -315,7 +315,7 @@ static const mbedtls_cipher_info_t aes_128_cfb128_info = { MBEDTLS_CIPHER_AES_128_CFB128, MBEDTLS_MODE_CFB, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -326,7 +326,7 @@ static const mbedtls_cipher_info_t aes_192_cfb128_info = { MBEDTLS_CIPHER_AES_192_CFB128, MBEDTLS_MODE_CFB, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -337,7 +337,7 @@ static const mbedtls_cipher_info_t aes_256_cfb128_info = { MBEDTLS_CIPHER_AES_256_CFB128, MBEDTLS_MODE_CFB, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -350,7 +350,7 @@ static const mbedtls_cipher_info_t aes_128_ofb_info = { MBEDTLS_CIPHER_AES_128_OFB, MBEDTLS_MODE_OFB, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -361,7 +361,7 @@ static const mbedtls_cipher_info_t aes_192_ofb_info = { MBEDTLS_CIPHER_AES_192_OFB, MBEDTLS_MODE_OFB, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -372,7 +372,7 @@ static const mbedtls_cipher_info_t aes_256_ofb_info = { MBEDTLS_CIPHER_AES_256_OFB, MBEDTLS_MODE_OFB, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -385,7 +385,7 @@ static const mbedtls_cipher_info_t aes_128_ctr_info = { MBEDTLS_CIPHER_AES_128_CTR, MBEDTLS_MODE_CTR, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -396,7 +396,7 @@ static const mbedtls_cipher_info_t aes_192_ctr_info = { MBEDTLS_CIPHER_AES_192_CTR, MBEDTLS_MODE_CTR, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -407,7 +407,7 @@ static const mbedtls_cipher_info_t aes_256_ctr_info = { MBEDTLS_CIPHER_AES_256_CTR, MBEDTLS_MODE_CTR, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -484,7 +484,7 @@ static const mbedtls_cipher_info_t aes_128_xts_info = { MBEDTLS_CIPHER_AES_128_XTS, MBEDTLS_MODE_XTS, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -495,7 +495,7 @@ static const mbedtls_cipher_info_t aes_256_xts_info = { MBEDTLS_CIPHER_AES_256_XTS, MBEDTLS_MODE_XTS, 512 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -542,7 +542,7 @@ static const mbedtls_cipher_info_t aes_128_gcm_info = { MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MODE_GCM, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 }; @@ -553,7 +553,7 @@ static const mbedtls_cipher_info_t aes_192_gcm_info = { MBEDTLS_CIPHER_AES_192_GCM, MBEDTLS_MODE_GCM, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 }; @@ -564,7 +564,7 @@ static const mbedtls_cipher_info_t aes_256_gcm_info = { MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MODE_GCM, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 }; @@ -611,7 +611,7 @@ static const mbedtls_cipher_info_t aes_128_ccm_info = { MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MODE_CCM, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 }; @@ -622,7 +622,7 @@ static const mbedtls_cipher_info_t aes_192_ccm_info = { MBEDTLS_CIPHER_AES_192_CCM, MBEDTLS_MODE_CCM, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 }; @@ -633,7 +633,7 @@ static const mbedtls_cipher_info_t aes_256_ccm_info = { MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MODE_CCM, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 }; @@ -644,7 +644,7 @@ static const mbedtls_cipher_info_t aes_128_ccm_star_no_tag_info = { MBEDTLS_CIPHER_AES_128_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 }; @@ -655,7 +655,7 @@ static const mbedtls_cipher_info_t aes_192_ccm_star_no_tag_info = { MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 }; @@ -666,7 +666,7 @@ static const mbedtls_cipher_info_t aes_256_ccm_star_no_tag_info = { MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 }; @@ -778,7 +778,7 @@ static const mbedtls_cipher_info_t camellia_128_ecb_info = { MBEDTLS_CIPHER_CAMELLIA_128_ECB, MBEDTLS_MODE_ECB, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0, + 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -789,7 +789,7 @@ static const mbedtls_cipher_info_t camellia_192_ecb_info = { MBEDTLS_CIPHER_CAMELLIA_192_ECB, MBEDTLS_MODE_ECB, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0, + 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -800,7 +800,7 @@ static const mbedtls_cipher_info_t camellia_256_ecb_info = { MBEDTLS_CIPHER_CAMELLIA_256_ECB, MBEDTLS_MODE_ECB, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0, + 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -812,7 +812,7 @@ static const mbedtls_cipher_info_t camellia_128_cbc_info = { MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MODE_CBC, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -823,7 +823,7 @@ static const mbedtls_cipher_info_t camellia_192_cbc_info = { MBEDTLS_CIPHER_CAMELLIA_192_CBC, MBEDTLS_MODE_CBC, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -834,7 +834,7 @@ static const mbedtls_cipher_info_t camellia_256_cbc_info = { MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MODE_CBC, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -847,7 +847,7 @@ static const mbedtls_cipher_info_t camellia_128_cfb128_info = { MBEDTLS_CIPHER_CAMELLIA_128_CFB128, MBEDTLS_MODE_CFB, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -858,7 +858,7 @@ static const mbedtls_cipher_info_t camellia_192_cfb128_info = { MBEDTLS_CIPHER_CAMELLIA_192_CFB128, MBEDTLS_MODE_CFB, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -869,7 +869,7 @@ static const mbedtls_cipher_info_t camellia_256_cfb128_info = { MBEDTLS_CIPHER_CAMELLIA_256_CFB128, MBEDTLS_MODE_CFB, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -882,7 +882,7 @@ static const mbedtls_cipher_info_t camellia_128_ctr_info = { MBEDTLS_CIPHER_CAMELLIA_128_CTR, MBEDTLS_MODE_CTR, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -893,7 +893,7 @@ static const mbedtls_cipher_info_t camellia_192_ctr_info = { MBEDTLS_CIPHER_CAMELLIA_192_CTR, MBEDTLS_MODE_CTR, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -904,7 +904,7 @@ static const mbedtls_cipher_info_t camellia_256_ctr_info = { MBEDTLS_CIPHER_CAMELLIA_256_CTR, MBEDTLS_MODE_CTR, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -951,7 +951,7 @@ static const mbedtls_cipher_info_t camellia_128_gcm_info = { MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MODE_GCM, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 }; @@ -962,7 +962,7 @@ static const mbedtls_cipher_info_t camellia_192_gcm_info = { MBEDTLS_CIPHER_CAMELLIA_192_GCM, MBEDTLS_MODE_GCM, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 }; @@ -973,7 +973,7 @@ static const mbedtls_cipher_info_t camellia_256_gcm_info = { MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MODE_GCM, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 }; @@ -1020,7 +1020,7 @@ static const mbedtls_cipher_info_t camellia_128_ccm_info = { MBEDTLS_CIPHER_CAMELLIA_128_CCM, MBEDTLS_MODE_CCM, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 }; @@ -1031,7 +1031,7 @@ static const mbedtls_cipher_info_t camellia_192_ccm_info = { MBEDTLS_CIPHER_CAMELLIA_192_CCM, MBEDTLS_MODE_CCM, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 }; @@ -1042,7 +1042,7 @@ static const mbedtls_cipher_info_t camellia_256_ccm_info = { MBEDTLS_CIPHER_CAMELLIA_256_CCM, MBEDTLS_MODE_CCM, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 }; @@ -1053,7 +1053,7 @@ static const mbedtls_cipher_info_t camellia_128_ccm_star_no_tag_info = { MBEDTLS_CIPHER_CAMELLIA_128_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 }; @@ -1064,7 +1064,7 @@ static const mbedtls_cipher_info_t camellia_192_ccm_star_no_tag_info = { MBEDTLS_CIPHER_CAMELLIA_192_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 }; @@ -1075,7 +1075,7 @@ static const mbedtls_cipher_info_t camellia_256_ccm_star_no_tag_info = { MBEDTLS_CIPHER_CAMELLIA_256_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 }; @@ -1188,7 +1188,7 @@ static const mbedtls_cipher_info_t aria_128_ecb_info = { MBEDTLS_CIPHER_ARIA_128_ECB, MBEDTLS_MODE_ECB, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0, + 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -1199,7 +1199,7 @@ static const mbedtls_cipher_info_t aria_192_ecb_info = { MBEDTLS_CIPHER_ARIA_192_ECB, MBEDTLS_MODE_ECB, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0, + 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -1210,7 +1210,7 @@ static const mbedtls_cipher_info_t aria_256_ecb_info = { MBEDTLS_CIPHER_ARIA_256_ECB, MBEDTLS_MODE_ECB, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0, + 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -1222,7 +1222,7 @@ static const mbedtls_cipher_info_t aria_128_cbc_info = { MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MODE_CBC, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -1233,7 +1233,7 @@ static const mbedtls_cipher_info_t aria_192_cbc_info = { MBEDTLS_CIPHER_ARIA_192_CBC, MBEDTLS_MODE_CBC, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -1244,7 +1244,7 @@ static const mbedtls_cipher_info_t aria_256_cbc_info = { MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MODE_CBC, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -1257,7 +1257,7 @@ static const mbedtls_cipher_info_t aria_128_cfb128_info = { MBEDTLS_CIPHER_ARIA_128_CFB128, MBEDTLS_MODE_CFB, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -1268,7 +1268,7 @@ static const mbedtls_cipher_info_t aria_192_cfb128_info = { MBEDTLS_CIPHER_ARIA_192_CFB128, MBEDTLS_MODE_CFB, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -1279,7 +1279,7 @@ static const mbedtls_cipher_info_t aria_256_cfb128_info = { MBEDTLS_CIPHER_ARIA_256_CFB128, MBEDTLS_MODE_CFB, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -1292,7 +1292,7 @@ static const mbedtls_cipher_info_t aria_128_ctr_info = { MBEDTLS_CIPHER_ARIA_128_CTR, MBEDTLS_MODE_CTR, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -1303,7 +1303,7 @@ static const mbedtls_cipher_info_t aria_192_ctr_info = { MBEDTLS_CIPHER_ARIA_192_CTR, MBEDTLS_MODE_CTR, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -1314,7 +1314,7 @@ static const mbedtls_cipher_info_t aria_256_ctr_info = { MBEDTLS_CIPHER_ARIA_256_CTR, MBEDTLS_MODE_CTR, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -1361,7 +1361,7 @@ static const mbedtls_cipher_info_t aria_128_gcm_info = { MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MODE_GCM, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 }; @@ -1372,7 +1372,7 @@ static const mbedtls_cipher_info_t aria_192_gcm_info = { MBEDTLS_CIPHER_ARIA_192_GCM, MBEDTLS_MODE_GCM, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 }; @@ -1383,7 +1383,7 @@ static const mbedtls_cipher_info_t aria_256_gcm_info = { MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MODE_GCM, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 }; @@ -1430,7 +1430,7 @@ static const mbedtls_cipher_info_t aria_128_ccm_info = { MBEDTLS_CIPHER_ARIA_128_CCM, MBEDTLS_MODE_CCM, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 }; @@ -1441,7 +1441,7 @@ static const mbedtls_cipher_info_t aria_192_ccm_info = { MBEDTLS_CIPHER_ARIA_192_CCM, MBEDTLS_MODE_CCM, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 }; @@ -1452,7 +1452,7 @@ static const mbedtls_cipher_info_t aria_256_ccm_info = { MBEDTLS_CIPHER_ARIA_256_CCM, MBEDTLS_MODE_CCM, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 }; @@ -1463,7 +1463,7 @@ static const mbedtls_cipher_info_t aria_128_ccm_star_no_tag_info = { MBEDTLS_CIPHER_ARIA_128_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 }; @@ -1474,7 +1474,7 @@ static const mbedtls_cipher_info_t aria_192_ccm_star_no_tag_info = { MBEDTLS_CIPHER_ARIA_192_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 }; @@ -1485,7 +1485,7 @@ static const mbedtls_cipher_info_t aria_256_ccm_star_no_tag_info = { MBEDTLS_CIPHER_ARIA_256_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16 }; @@ -1647,7 +1647,7 @@ static const mbedtls_cipher_info_t des_ecb_info = { MBEDTLS_CIPHER_DES_ECB, MBEDTLS_MODE_ECB, MBEDTLS_KEY_LENGTH_DES >> MBEDTLS_KEY_BITLEN_SHIFT, - 0, + 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, 8 }; @@ -1659,7 +1659,7 @@ static const mbedtls_cipher_info_t des_cbc_info = { MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MODE_CBC, MBEDTLS_KEY_LENGTH_DES >> MBEDTLS_KEY_BITLEN_SHIFT, - 8, + 8 >> MBEDTLS_IV_SIZE_SHIFT, 0, 8 }; @@ -1698,7 +1698,7 @@ static const mbedtls_cipher_info_t des_ede_ecb_info = { MBEDTLS_CIPHER_DES_EDE_ECB, MBEDTLS_MODE_ECB, MBEDTLS_KEY_LENGTH_DES_EDE >> MBEDTLS_KEY_BITLEN_SHIFT, - 0, + 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, 8 }; @@ -1710,7 +1710,7 @@ static const mbedtls_cipher_info_t des_ede_cbc_info = { MBEDTLS_CIPHER_DES_EDE_CBC, MBEDTLS_MODE_CBC, MBEDTLS_KEY_LENGTH_DES_EDE >> MBEDTLS_KEY_BITLEN_SHIFT, - 8, + 8 >> MBEDTLS_IV_SIZE_SHIFT, 0, 8 }; @@ -1749,7 +1749,7 @@ static const mbedtls_cipher_info_t des_ede3_ecb_info = { MBEDTLS_CIPHER_DES_EDE3_ECB, MBEDTLS_MODE_ECB, MBEDTLS_KEY_LENGTH_DES_EDE3 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0, + 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, 8 }; @@ -1760,7 +1760,7 @@ static const mbedtls_cipher_info_t des_ede3_cbc_info = { MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MODE_CBC, MBEDTLS_KEY_LENGTH_DES_EDE3 >> MBEDTLS_KEY_BITLEN_SHIFT, - 8, + 8 >> MBEDTLS_IV_SIZE_SHIFT, 0, 8 }; @@ -1849,7 +1849,7 @@ static const mbedtls_cipher_info_t chacha20_info = { MBEDTLS_CIPHER_CHACHA20, MBEDTLS_MODE_STREAM, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12, + 12 >> MBEDTLS_IV_SIZE_SHIFT, 0, 1 }; @@ -1924,7 +1924,7 @@ static const mbedtls_cipher_info_t chachapoly_info = { MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MODE_CHACHAPOLY, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12, + 12 >> MBEDTLS_IV_SIZE_SHIFT, 0, 1 }; @@ -1993,7 +1993,7 @@ static const mbedtls_cipher_info_t null_cipher_info = { MBEDTLS_CIPHER_NULL, MBEDTLS_MODE_STREAM, 0 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0, + 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, 1 }; @@ -2064,7 +2064,7 @@ static const mbedtls_cipher_info_t aes_128_nist_kw_info = { MBEDTLS_CIPHER_AES_128_KW, MBEDTLS_MODE_KW, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0, + 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -2075,7 +2075,7 @@ static const mbedtls_cipher_info_t aes_192_nist_kw_info = { MBEDTLS_CIPHER_AES_192_KW, MBEDTLS_MODE_KW, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0, + 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -2086,7 +2086,7 @@ static const mbedtls_cipher_info_t aes_256_nist_kw_info = { MBEDTLS_CIPHER_AES_256_KW, MBEDTLS_MODE_KW, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0, + 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -2097,7 +2097,7 @@ static const mbedtls_cipher_info_t aes_128_nist_kwp_info = { MBEDTLS_CIPHER_AES_128_KWP, MBEDTLS_MODE_KWP, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0, + 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -2108,7 +2108,7 @@ static const mbedtls_cipher_info_t aes_192_nist_kwp_info = { MBEDTLS_CIPHER_AES_192_KWP, MBEDTLS_MODE_KWP, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0, + 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; @@ -2119,7 +2119,7 @@ static const mbedtls_cipher_info_t aes_256_nist_kwp_info = { MBEDTLS_CIPHER_AES_256_KWP, MBEDTLS_MODE_KWP, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0, + 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, 16 }; From de3de773e6949dd97f9c45f43e7a4667addb9f89 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sat, 24 Jun 2023 12:51:06 +0100 Subject: [PATCH 08/23] Use look-up table for base Signed-off-by: Dave Rodgman --- include/mbedtls/cipher.h | 4 +- library/cipher.c | 32 +++-- library/cipher_wrap.c | 272 +++++++++++++++++++++++++++------------ library/cipher_wrap.h | 2 + 4 files changed, 211 insertions(+), 99 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index a133ed9104..0455efe67a 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -275,8 +275,8 @@ typedef struct mbedtls_cipher_info_t { /** Name of the cipher. */ const char *MBEDTLS_PRIVATE(name); - /** Struct for base cipher information and functions. */ - const mbedtls_cipher_base_t *MBEDTLS_PRIVATE(base); + /** Index to LUT for base cipher information and functions. */ + uint8_t MBEDTLS_PRIVATE(base_idx) : 5; /** Full cipher identifier. For example, * MBEDTLS_CIPHER_AES_256_CBC. diff --git a/library/cipher.c b/library/cipher.c index dfbbbfd2d3..3ed9aefa39 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -67,6 +67,10 @@ static int supported_init = 0; +static inline const mbedtls_cipher_base_t* mbedtls_cipher_get_base(const mbedtls_cipher_info_t *info) { + return mbedtls_cipher_base_lookup_table[info->base_idx]; +} + const int *mbedtls_cipher_list(void) { const mbedtls_cipher_definition_t *def; @@ -128,7 +132,7 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_definition_t *def; for (def = mbedtls_cipher_definitions; def->info != NULL; def++) { - if (def->info->base->cipher == cipher_id && + if (mbedtls_cipher_get_base(def->info)->cipher == cipher_id && mbedtls_cipher_info_get_key_bitlen(def->info) == (unsigned) key_bitlen && def->info->mode == mode) { return def->info; @@ -178,7 +182,7 @@ void mbedtls_cipher_free(mbedtls_cipher_context_t *ctx) #endif if (ctx->cipher_ctx) { - ctx->cipher_info->base->ctx_free_func(ctx->cipher_ctx); + mbedtls_cipher_get_base(ctx->cipher_info)->ctx_free_func(ctx->cipher_ctx); } mbedtls_platform_zeroize(ctx, sizeof(mbedtls_cipher_context_t)); @@ -193,7 +197,7 @@ int mbedtls_cipher_setup(mbedtls_cipher_context_t *ctx, memset(ctx, 0, sizeof(mbedtls_cipher_context_t)); - if (NULL == (ctx->cipher_ctx = cipher_info->base->ctx_alloc_func())) { + if (NULL == (ctx->cipher_ctx = mbedtls_cipher_get_base(cipher_info)->ctx_alloc_func())) { return MBEDTLS_ERR_CIPHER_ALLOC_FAILED; } @@ -337,12 +341,12 @@ int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, MBEDTLS_MODE_CFB == ctx->cipher_info->mode || MBEDTLS_MODE_OFB == ctx->cipher_info->mode || MBEDTLS_MODE_CTR == ctx->cipher_info->mode) { - return ctx->cipher_info->base->setkey_enc_func(ctx->cipher_ctx, key, + return mbedtls_cipher_get_base(ctx->cipher_info)->setkey_enc_func(ctx->cipher_ctx, key, ctx->key_bitlen); } if (MBEDTLS_DECRYPT == operation) { - return ctx->cipher_info->base->setkey_dec_func(ctx->cipher_ctx, key, + return mbedtls_cipher_get_base(ctx->cipher_info)->setkey_dec_func(ctx->cipher_ctx, key, ctx->key_bitlen); } @@ -548,7 +552,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in *olen = ilen; - if (0 != (ret = ctx->cipher_info->base->ecb_func(ctx->cipher_ctx, + if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->ecb_func(ctx->cipher_ctx, ctx->operation, input, output))) { return ret; } @@ -614,7 +618,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in memcpy(&(ctx->unprocessed_data[ctx->unprocessed_len]), input, copy_len); - if (0 != (ret = ctx->cipher_info->base->cbc_func(ctx->cipher_ctx, + if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->cbc_func(ctx->cipher_ctx, ctx->operation, block_size, ctx->iv, ctx->unprocessed_data, output))) { return ret; @@ -654,7 +658,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in * Process remaining full blocks */ if (ilen) { - if (0 != (ret = ctx->cipher_info->base->cbc_func(ctx->cipher_ctx, + if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->cbc_func(ctx->cipher_ctx, ctx->operation, ilen, ctx->iv, input, output))) { return ret; @@ -669,7 +673,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in #if defined(MBEDTLS_CIPHER_MODE_CFB) if (ctx->cipher_info->mode == MBEDTLS_MODE_CFB) { - if (0 != (ret = ctx->cipher_info->base->cfb_func(ctx->cipher_ctx, + if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->cfb_func(ctx->cipher_ctx, ctx->operation, ilen, &ctx->unprocessed_len, ctx->iv, input, output))) { @@ -684,7 +688,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in #if defined(MBEDTLS_CIPHER_MODE_OFB) if (ctx->cipher_info->mode == MBEDTLS_MODE_OFB) { - if (0 != (ret = ctx->cipher_info->base->ofb_func(ctx->cipher_ctx, + if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->ofb_func(ctx->cipher_ctx, ilen, &ctx->unprocessed_len, ctx->iv, input, output))) { return ret; @@ -698,7 +702,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in #if defined(MBEDTLS_CIPHER_MODE_CTR) if (ctx->cipher_info->mode == MBEDTLS_MODE_CTR) { - if (0 != (ret = ctx->cipher_info->base->ctr_func(ctx->cipher_ctx, + if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->ctr_func(ctx->cipher_ctx, ilen, &ctx->unprocessed_len, ctx->iv, ctx->unprocessed_data, input, output))) { return ret; @@ -717,7 +721,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } - ret = ctx->cipher_info->base->xts_func(ctx->cipher_ctx, + ret = mbedtls_cipher_get_base(ctx->cipher_info)->xts_func(ctx->cipher_ctx, ctx->operation, ilen, ctx->iv, input, output); if (ret != 0) { return ret; @@ -731,7 +735,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in #if defined(MBEDTLS_CIPHER_MODE_STREAM) if (ctx->cipher_info->mode == MBEDTLS_MODE_STREAM) { - if (0 != (ret = ctx->cipher_info->base->stream_func(ctx->cipher_ctx, + if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->stream_func(ctx->cipher_ctx, ilen, input, output))) { return ret; } @@ -996,7 +1000,7 @@ int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx, } /* cipher block */ - if (0 != (ret = ctx->cipher_info->base->cbc_func(ctx->cipher_ctx, + if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->cbc_func(ctx->cipher_ctx, ctx->operation, mbedtls_cipher_get_block_size(ctx), ctx->iv, diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index b4f1619dd3..0bb9c02b10 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -70,6 +70,24 @@ #include "mbedtls/platform.h" +#define MBEDTLS_CIPHER_BASE_INDEX_AES 0 +#define MBEDTLS_CIPHER_BASE_INDEX_ARIA 1 +#define MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA 2 +#define MBEDTLS_CIPHER_BASE_INDEX_CCM_AES 3 +#define MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA 4 +#define MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA 5 +#define MBEDTLS_CIPHER_BASE_INDEX_CHACHA20_BASE 6 +#define MBEDTLS_CIPHER_BASE_INDEX_CHACHAPOLY_BASE 7 +#define MBEDTLS_CIPHER_BASE_INDEX_DES_EDE3 8 +#define MBEDTLS_CIPHER_BASE_INDEX_DES_EDE 9 +#define MBEDTLS_CIPHER_BASE_INDEX_DES 10 +#define MBEDTLS_CIPHER_BASE_INDEX_GCM_AES 11 +#define MBEDTLS_CIPHER_BASE_INDEX_GCM_ARIA 12 +#define MBEDTLS_CIPHER_BASE_INDEX_GCM_CAMELLIA 13 +#define MBEDTLS_CIPHER_BASE_INDEX_KW_AES 14 +#define MBEDTLS_CIPHER_BASE_INDEX_NULL_BASE 15 +#define MBEDTLS_CIPHER_BASE_INDEX_XTS_AES 16 + #if defined(MBEDTLS_GCM_C) /* shared by all GCM ciphers */ static void *gcm_ctx_alloc(void) @@ -242,7 +260,7 @@ static const mbedtls_cipher_base_t aes_info = { static const mbedtls_cipher_info_t aes_128_ecb_info = { "AES-128-ECB", - &aes_info, + MBEDTLS_CIPHER_BASE_INDEX_AES, MBEDTLS_CIPHER_AES_128_ECB, MBEDTLS_MODE_ECB, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -253,7 +271,7 @@ static const mbedtls_cipher_info_t aes_128_ecb_info = { static const mbedtls_cipher_info_t aes_192_ecb_info = { "AES-192-ECB", - &aes_info, + MBEDTLS_CIPHER_BASE_INDEX_AES, MBEDTLS_CIPHER_AES_192_ECB, MBEDTLS_MODE_ECB, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -264,7 +282,7 @@ static const mbedtls_cipher_info_t aes_192_ecb_info = { static const mbedtls_cipher_info_t aes_256_ecb_info = { "AES-256-ECB", - &aes_info, + MBEDTLS_CIPHER_BASE_INDEX_AES, MBEDTLS_CIPHER_AES_256_ECB, MBEDTLS_MODE_ECB, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -276,7 +294,7 @@ static const mbedtls_cipher_info_t aes_256_ecb_info = { #if defined(MBEDTLS_CIPHER_MODE_CBC) static const mbedtls_cipher_info_t aes_128_cbc_info = { "AES-128-CBC", - &aes_info, + MBEDTLS_CIPHER_BASE_INDEX_AES, MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MODE_CBC, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -287,7 +305,7 @@ static const mbedtls_cipher_info_t aes_128_cbc_info = { static const mbedtls_cipher_info_t aes_192_cbc_info = { "AES-192-CBC", - &aes_info, + MBEDTLS_CIPHER_BASE_INDEX_AES, MBEDTLS_CIPHER_AES_192_CBC, MBEDTLS_MODE_CBC, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -298,7 +316,7 @@ static const mbedtls_cipher_info_t aes_192_cbc_info = { static const mbedtls_cipher_info_t aes_256_cbc_info = { "AES-256-CBC", - &aes_info, + MBEDTLS_CIPHER_BASE_INDEX_AES, MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MODE_CBC, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -311,7 +329,7 @@ static const mbedtls_cipher_info_t aes_256_cbc_info = { #if defined(MBEDTLS_CIPHER_MODE_CFB) static const mbedtls_cipher_info_t aes_128_cfb128_info = { "AES-128-CFB128", - &aes_info, + MBEDTLS_CIPHER_BASE_INDEX_AES, MBEDTLS_CIPHER_AES_128_CFB128, MBEDTLS_MODE_CFB, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -322,7 +340,7 @@ static const mbedtls_cipher_info_t aes_128_cfb128_info = { static const mbedtls_cipher_info_t aes_192_cfb128_info = { "AES-192-CFB128", - &aes_info, + MBEDTLS_CIPHER_BASE_INDEX_AES, MBEDTLS_CIPHER_AES_192_CFB128, MBEDTLS_MODE_CFB, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -333,7 +351,7 @@ static const mbedtls_cipher_info_t aes_192_cfb128_info = { static const mbedtls_cipher_info_t aes_256_cfb128_info = { "AES-256-CFB128", - &aes_info, + MBEDTLS_CIPHER_BASE_INDEX_AES, MBEDTLS_CIPHER_AES_256_CFB128, MBEDTLS_MODE_CFB, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -346,7 +364,7 @@ static const mbedtls_cipher_info_t aes_256_cfb128_info = { #if defined(MBEDTLS_CIPHER_MODE_OFB) static const mbedtls_cipher_info_t aes_128_ofb_info = { "AES-128-OFB", - &aes_info, + MBEDTLS_CIPHER_BASE_INDEX_AES, MBEDTLS_CIPHER_AES_128_OFB, MBEDTLS_MODE_OFB, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -357,7 +375,7 @@ static const mbedtls_cipher_info_t aes_128_ofb_info = { static const mbedtls_cipher_info_t aes_192_ofb_info = { "AES-192-OFB", - &aes_info, + MBEDTLS_CIPHER_BASE_INDEX_AES, MBEDTLS_CIPHER_AES_192_OFB, MBEDTLS_MODE_OFB, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -368,7 +386,7 @@ static const mbedtls_cipher_info_t aes_192_ofb_info = { static const mbedtls_cipher_info_t aes_256_ofb_info = { "AES-256-OFB", - &aes_info, + MBEDTLS_CIPHER_BASE_INDEX_AES, MBEDTLS_CIPHER_AES_256_OFB, MBEDTLS_MODE_OFB, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -381,7 +399,7 @@ static const mbedtls_cipher_info_t aes_256_ofb_info = { #if defined(MBEDTLS_CIPHER_MODE_CTR) static const mbedtls_cipher_info_t aes_128_ctr_info = { "AES-128-CTR", - &aes_info, + MBEDTLS_CIPHER_BASE_INDEX_AES, MBEDTLS_CIPHER_AES_128_CTR, MBEDTLS_MODE_CTR, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -392,7 +410,7 @@ static const mbedtls_cipher_info_t aes_128_ctr_info = { static const mbedtls_cipher_info_t aes_192_ctr_info = { "AES-192-CTR", - &aes_info, + MBEDTLS_CIPHER_BASE_INDEX_AES, MBEDTLS_CIPHER_AES_192_CTR, MBEDTLS_MODE_CTR, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -403,7 +421,7 @@ static const mbedtls_cipher_info_t aes_192_ctr_info = { static const mbedtls_cipher_info_t aes_256_ctr_info = { "AES-256-CTR", - &aes_info, + MBEDTLS_CIPHER_BASE_INDEX_AES, MBEDTLS_CIPHER_AES_256_CTR, MBEDTLS_MODE_CTR, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -480,7 +498,7 @@ static const mbedtls_cipher_base_t xts_aes_info = { static const mbedtls_cipher_info_t aes_128_xts_info = { "AES-128-XTS", - &xts_aes_info, + MBEDTLS_CIPHER_BASE_INDEX_XTS_AES, MBEDTLS_CIPHER_AES_128_XTS, MBEDTLS_MODE_XTS, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -491,7 +509,7 @@ static const mbedtls_cipher_info_t aes_128_xts_info = { static const mbedtls_cipher_info_t aes_256_xts_info = { "AES-256-XTS", - &xts_aes_info, + MBEDTLS_CIPHER_BASE_INDEX_XTS_AES, MBEDTLS_CIPHER_AES_256_XTS, MBEDTLS_MODE_XTS, 512 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -538,7 +556,7 @@ static const mbedtls_cipher_base_t gcm_aes_info = { static const mbedtls_cipher_info_t aes_128_gcm_info = { "AES-128-GCM", - &gcm_aes_info, + MBEDTLS_CIPHER_BASE_INDEX_GCM_AES, MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MODE_GCM, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -549,7 +567,7 @@ static const mbedtls_cipher_info_t aes_128_gcm_info = { static const mbedtls_cipher_info_t aes_192_gcm_info = { "AES-192-GCM", - &gcm_aes_info, + MBEDTLS_CIPHER_BASE_INDEX_GCM_AES, MBEDTLS_CIPHER_AES_192_GCM, MBEDTLS_MODE_GCM, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -560,7 +578,7 @@ static const mbedtls_cipher_info_t aes_192_gcm_info = { static const mbedtls_cipher_info_t aes_256_gcm_info = { "AES-256-GCM", - &gcm_aes_info, + MBEDTLS_CIPHER_BASE_INDEX_GCM_AES, MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MODE_GCM, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -607,7 +625,7 @@ static const mbedtls_cipher_base_t ccm_aes_info = { static const mbedtls_cipher_info_t aes_128_ccm_info = { "AES-128-CCM", - &ccm_aes_info, + MBEDTLS_CIPHER_BASE_INDEX_CCM_AES, MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MODE_CCM, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -618,7 +636,7 @@ static const mbedtls_cipher_info_t aes_128_ccm_info = { static const mbedtls_cipher_info_t aes_192_ccm_info = { "AES-192-CCM", - &ccm_aes_info, + MBEDTLS_CIPHER_BASE_INDEX_CCM_AES, MBEDTLS_CIPHER_AES_192_CCM, MBEDTLS_MODE_CCM, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -629,7 +647,7 @@ static const mbedtls_cipher_info_t aes_192_ccm_info = { static const mbedtls_cipher_info_t aes_256_ccm_info = { "AES-256-CCM", - &ccm_aes_info, + MBEDTLS_CIPHER_BASE_INDEX_CCM_AES, MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MODE_CCM, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -640,7 +658,7 @@ static const mbedtls_cipher_info_t aes_256_ccm_info = { static const mbedtls_cipher_info_t aes_128_ccm_star_no_tag_info = { "AES-128-CCM*-NO-TAG", - &ccm_aes_info, + MBEDTLS_CIPHER_BASE_INDEX_CCM_AES, MBEDTLS_CIPHER_AES_128_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -651,7 +669,7 @@ static const mbedtls_cipher_info_t aes_128_ccm_star_no_tag_info = { static const mbedtls_cipher_info_t aes_192_ccm_star_no_tag_info = { "AES-192-CCM*-NO-TAG", - &ccm_aes_info, + MBEDTLS_CIPHER_BASE_INDEX_CCM_AES, MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -662,7 +680,7 @@ static const mbedtls_cipher_info_t aes_192_ccm_star_no_tag_info = { static const mbedtls_cipher_info_t aes_256_ccm_star_no_tag_info = { "AES-256-CCM*-NO-TAG", - &ccm_aes_info, + MBEDTLS_CIPHER_BASE_INDEX_CCM_AES, MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -774,7 +792,7 @@ static const mbedtls_cipher_base_t camellia_info = { static const mbedtls_cipher_info_t camellia_128_ecb_info = { "CAMELLIA-128-ECB", - &camellia_info, + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, MBEDTLS_CIPHER_CAMELLIA_128_ECB, MBEDTLS_MODE_ECB, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -785,7 +803,7 @@ static const mbedtls_cipher_info_t camellia_128_ecb_info = { static const mbedtls_cipher_info_t camellia_192_ecb_info = { "CAMELLIA-192-ECB", - &camellia_info, + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, MBEDTLS_CIPHER_CAMELLIA_192_ECB, MBEDTLS_MODE_ECB, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -796,7 +814,7 @@ static const mbedtls_cipher_info_t camellia_192_ecb_info = { static const mbedtls_cipher_info_t camellia_256_ecb_info = { "CAMELLIA-256-ECB", - &camellia_info, + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, MBEDTLS_CIPHER_CAMELLIA_256_ECB, MBEDTLS_MODE_ECB, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -808,7 +826,7 @@ static const mbedtls_cipher_info_t camellia_256_ecb_info = { #if defined(MBEDTLS_CIPHER_MODE_CBC) static const mbedtls_cipher_info_t camellia_128_cbc_info = { "CAMELLIA-128-CBC", - &camellia_info, + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MODE_CBC, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -819,7 +837,7 @@ static const mbedtls_cipher_info_t camellia_128_cbc_info = { static const mbedtls_cipher_info_t camellia_192_cbc_info = { "CAMELLIA-192-CBC", - &camellia_info, + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, MBEDTLS_CIPHER_CAMELLIA_192_CBC, MBEDTLS_MODE_CBC, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -830,7 +848,7 @@ static const mbedtls_cipher_info_t camellia_192_cbc_info = { static const mbedtls_cipher_info_t camellia_256_cbc_info = { "CAMELLIA-256-CBC", - &camellia_info, + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MODE_CBC, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -843,7 +861,7 @@ static const mbedtls_cipher_info_t camellia_256_cbc_info = { #if defined(MBEDTLS_CIPHER_MODE_CFB) static const mbedtls_cipher_info_t camellia_128_cfb128_info = { "CAMELLIA-128-CFB128", - &camellia_info, + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, MBEDTLS_CIPHER_CAMELLIA_128_CFB128, MBEDTLS_MODE_CFB, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -854,7 +872,7 @@ static const mbedtls_cipher_info_t camellia_128_cfb128_info = { static const mbedtls_cipher_info_t camellia_192_cfb128_info = { "CAMELLIA-192-CFB128", - &camellia_info, + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, MBEDTLS_CIPHER_CAMELLIA_192_CFB128, MBEDTLS_MODE_CFB, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -865,7 +883,7 @@ static const mbedtls_cipher_info_t camellia_192_cfb128_info = { static const mbedtls_cipher_info_t camellia_256_cfb128_info = { "CAMELLIA-256-CFB128", - &camellia_info, + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, MBEDTLS_CIPHER_CAMELLIA_256_CFB128, MBEDTLS_MODE_CFB, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -878,7 +896,7 @@ static const mbedtls_cipher_info_t camellia_256_cfb128_info = { #if defined(MBEDTLS_CIPHER_MODE_CTR) static const mbedtls_cipher_info_t camellia_128_ctr_info = { "CAMELLIA-128-CTR", - &camellia_info, + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, MBEDTLS_CIPHER_CAMELLIA_128_CTR, MBEDTLS_MODE_CTR, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -889,7 +907,7 @@ static const mbedtls_cipher_info_t camellia_128_ctr_info = { static const mbedtls_cipher_info_t camellia_192_ctr_info = { "CAMELLIA-192-CTR", - &camellia_info, + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, MBEDTLS_CIPHER_CAMELLIA_192_CTR, MBEDTLS_MODE_CTR, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -900,7 +918,7 @@ static const mbedtls_cipher_info_t camellia_192_ctr_info = { static const mbedtls_cipher_info_t camellia_256_ctr_info = { "CAMELLIA-256-CTR", - &camellia_info, + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, MBEDTLS_CIPHER_CAMELLIA_256_CTR, MBEDTLS_MODE_CTR, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -947,7 +965,7 @@ static const mbedtls_cipher_base_t gcm_camellia_info = { static const mbedtls_cipher_info_t camellia_128_gcm_info = { "CAMELLIA-128-GCM", - &gcm_camellia_info, + MBEDTLS_CIPHER_BASE_INDEX_GCM_CAMELLIA, MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MODE_GCM, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -958,7 +976,7 @@ static const mbedtls_cipher_info_t camellia_128_gcm_info = { static const mbedtls_cipher_info_t camellia_192_gcm_info = { "CAMELLIA-192-GCM", - &gcm_camellia_info, + MBEDTLS_CIPHER_BASE_INDEX_GCM_CAMELLIA, MBEDTLS_CIPHER_CAMELLIA_192_GCM, MBEDTLS_MODE_GCM, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -969,7 +987,7 @@ static const mbedtls_cipher_info_t camellia_192_gcm_info = { static const mbedtls_cipher_info_t camellia_256_gcm_info = { "CAMELLIA-256-GCM", - &gcm_camellia_info, + MBEDTLS_CIPHER_BASE_INDEX_GCM_CAMELLIA, MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MODE_GCM, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1016,7 +1034,7 @@ static const mbedtls_cipher_base_t ccm_camellia_info = { static const mbedtls_cipher_info_t camellia_128_ccm_info = { "CAMELLIA-128-CCM", - &ccm_camellia_info, + MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA, MBEDTLS_CIPHER_CAMELLIA_128_CCM, MBEDTLS_MODE_CCM, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1027,7 +1045,7 @@ static const mbedtls_cipher_info_t camellia_128_ccm_info = { static const mbedtls_cipher_info_t camellia_192_ccm_info = { "CAMELLIA-192-CCM", - &ccm_camellia_info, + MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA, MBEDTLS_CIPHER_CAMELLIA_192_CCM, MBEDTLS_MODE_CCM, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1038,7 +1056,7 @@ static const mbedtls_cipher_info_t camellia_192_ccm_info = { static const mbedtls_cipher_info_t camellia_256_ccm_info = { "CAMELLIA-256-CCM", - &ccm_camellia_info, + MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA, MBEDTLS_CIPHER_CAMELLIA_256_CCM, MBEDTLS_MODE_CCM, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1049,7 +1067,7 @@ static const mbedtls_cipher_info_t camellia_256_ccm_info = { static const mbedtls_cipher_info_t camellia_128_ccm_star_no_tag_info = { "CAMELLIA-128-CCM*-NO-TAG", - &ccm_camellia_info, + MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA, MBEDTLS_CIPHER_CAMELLIA_128_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1060,7 +1078,7 @@ static const mbedtls_cipher_info_t camellia_128_ccm_star_no_tag_info = { static const mbedtls_cipher_info_t camellia_192_ccm_star_no_tag_info = { "CAMELLIA-192-CCM*-NO-TAG", - &ccm_camellia_info, + MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA, MBEDTLS_CIPHER_CAMELLIA_192_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1071,7 +1089,7 @@ static const mbedtls_cipher_info_t camellia_192_ccm_star_no_tag_info = { static const mbedtls_cipher_info_t camellia_256_ccm_star_no_tag_info = { "CAMELLIA-256-CCM*-NO-TAG", - &ccm_camellia_info, + MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA, MBEDTLS_CIPHER_CAMELLIA_256_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1184,7 +1202,7 @@ static const mbedtls_cipher_base_t aria_info = { static const mbedtls_cipher_info_t aria_128_ecb_info = { "ARIA-128-ECB", - &aria_info, + MBEDTLS_CIPHER_BASE_INDEX_ARIA, MBEDTLS_CIPHER_ARIA_128_ECB, MBEDTLS_MODE_ECB, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1195,7 +1213,7 @@ static const mbedtls_cipher_info_t aria_128_ecb_info = { static const mbedtls_cipher_info_t aria_192_ecb_info = { "ARIA-192-ECB", - &aria_info, + MBEDTLS_CIPHER_BASE_INDEX_ARIA, MBEDTLS_CIPHER_ARIA_192_ECB, MBEDTLS_MODE_ECB, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1206,7 +1224,7 @@ static const mbedtls_cipher_info_t aria_192_ecb_info = { static const mbedtls_cipher_info_t aria_256_ecb_info = { "ARIA-256-ECB", - &aria_info, + MBEDTLS_CIPHER_BASE_INDEX_ARIA, MBEDTLS_CIPHER_ARIA_256_ECB, MBEDTLS_MODE_ECB, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1218,7 +1236,7 @@ static const mbedtls_cipher_info_t aria_256_ecb_info = { #if defined(MBEDTLS_CIPHER_MODE_CBC) static const mbedtls_cipher_info_t aria_128_cbc_info = { "ARIA-128-CBC", - &aria_info, + MBEDTLS_CIPHER_BASE_INDEX_ARIA, MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MODE_CBC, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1229,7 +1247,7 @@ static const mbedtls_cipher_info_t aria_128_cbc_info = { static const mbedtls_cipher_info_t aria_192_cbc_info = { "ARIA-192-CBC", - &aria_info, + MBEDTLS_CIPHER_BASE_INDEX_ARIA, MBEDTLS_CIPHER_ARIA_192_CBC, MBEDTLS_MODE_CBC, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1240,7 +1258,7 @@ static const mbedtls_cipher_info_t aria_192_cbc_info = { static const mbedtls_cipher_info_t aria_256_cbc_info = { "ARIA-256-CBC", - &aria_info, + MBEDTLS_CIPHER_BASE_INDEX_ARIA, MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MODE_CBC, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1253,7 +1271,7 @@ static const mbedtls_cipher_info_t aria_256_cbc_info = { #if defined(MBEDTLS_CIPHER_MODE_CFB) static const mbedtls_cipher_info_t aria_128_cfb128_info = { "ARIA-128-CFB128", - &aria_info, + MBEDTLS_CIPHER_BASE_INDEX_ARIA, MBEDTLS_CIPHER_ARIA_128_CFB128, MBEDTLS_MODE_CFB, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1264,7 +1282,7 @@ static const mbedtls_cipher_info_t aria_128_cfb128_info = { static const mbedtls_cipher_info_t aria_192_cfb128_info = { "ARIA-192-CFB128", - &aria_info, + MBEDTLS_CIPHER_BASE_INDEX_ARIA, MBEDTLS_CIPHER_ARIA_192_CFB128, MBEDTLS_MODE_CFB, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1275,7 +1293,7 @@ static const mbedtls_cipher_info_t aria_192_cfb128_info = { static const mbedtls_cipher_info_t aria_256_cfb128_info = { "ARIA-256-CFB128", - &aria_info, + MBEDTLS_CIPHER_BASE_INDEX_ARIA, MBEDTLS_CIPHER_ARIA_256_CFB128, MBEDTLS_MODE_CFB, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1288,7 +1306,7 @@ static const mbedtls_cipher_info_t aria_256_cfb128_info = { #if defined(MBEDTLS_CIPHER_MODE_CTR) static const mbedtls_cipher_info_t aria_128_ctr_info = { "ARIA-128-CTR", - &aria_info, + MBEDTLS_CIPHER_BASE_INDEX_ARIA, MBEDTLS_CIPHER_ARIA_128_CTR, MBEDTLS_MODE_CTR, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1299,7 +1317,7 @@ static const mbedtls_cipher_info_t aria_128_ctr_info = { static const mbedtls_cipher_info_t aria_192_ctr_info = { "ARIA-192-CTR", - &aria_info, + MBEDTLS_CIPHER_BASE_INDEX_ARIA, MBEDTLS_CIPHER_ARIA_192_CTR, MBEDTLS_MODE_CTR, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1310,7 +1328,7 @@ static const mbedtls_cipher_info_t aria_192_ctr_info = { static const mbedtls_cipher_info_t aria_256_ctr_info = { "ARIA-256-CTR", - &aria_info, + MBEDTLS_CIPHER_BASE_INDEX_ARIA, MBEDTLS_CIPHER_ARIA_256_CTR, MBEDTLS_MODE_CTR, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1357,7 +1375,7 @@ static const mbedtls_cipher_base_t gcm_aria_info = { static const mbedtls_cipher_info_t aria_128_gcm_info = { "ARIA-128-GCM", - &gcm_aria_info, + MBEDTLS_CIPHER_BASE_INDEX_GCM_ARIA, MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MODE_GCM, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1368,7 +1386,7 @@ static const mbedtls_cipher_info_t aria_128_gcm_info = { static const mbedtls_cipher_info_t aria_192_gcm_info = { "ARIA-192-GCM", - &gcm_aria_info, + MBEDTLS_CIPHER_BASE_INDEX_GCM_ARIA, MBEDTLS_CIPHER_ARIA_192_GCM, MBEDTLS_MODE_GCM, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1379,7 +1397,7 @@ static const mbedtls_cipher_info_t aria_192_gcm_info = { static const mbedtls_cipher_info_t aria_256_gcm_info = { "ARIA-256-GCM", - &gcm_aria_info, + MBEDTLS_CIPHER_BASE_INDEX_GCM_ARIA, MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MODE_GCM, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1426,7 +1444,7 @@ static const mbedtls_cipher_base_t ccm_aria_info = { static const mbedtls_cipher_info_t aria_128_ccm_info = { "ARIA-128-CCM", - &ccm_aria_info, + MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA, MBEDTLS_CIPHER_ARIA_128_CCM, MBEDTLS_MODE_CCM, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1437,7 +1455,7 @@ static const mbedtls_cipher_info_t aria_128_ccm_info = { static const mbedtls_cipher_info_t aria_192_ccm_info = { "ARIA-192-CCM", - &ccm_aria_info, + MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA, MBEDTLS_CIPHER_ARIA_192_CCM, MBEDTLS_MODE_CCM, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1448,7 +1466,7 @@ static const mbedtls_cipher_info_t aria_192_ccm_info = { static const mbedtls_cipher_info_t aria_256_ccm_info = { "ARIA-256-CCM", - &ccm_aria_info, + MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA, MBEDTLS_CIPHER_ARIA_256_CCM, MBEDTLS_MODE_CCM, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1459,7 +1477,7 @@ static const mbedtls_cipher_info_t aria_256_ccm_info = { static const mbedtls_cipher_info_t aria_128_ccm_star_no_tag_info = { "ARIA-128-CCM*-NO-TAG", - &ccm_aria_info, + MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA, MBEDTLS_CIPHER_ARIA_128_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1470,7 +1488,7 @@ static const mbedtls_cipher_info_t aria_128_ccm_star_no_tag_info = { static const mbedtls_cipher_info_t aria_192_ccm_star_no_tag_info = { "ARIA-192-CCM*-NO-TAG", - &ccm_aria_info, + MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA, MBEDTLS_CIPHER_ARIA_192_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1481,7 +1499,7 @@ static const mbedtls_cipher_info_t aria_192_ccm_star_no_tag_info = { static const mbedtls_cipher_info_t aria_256_ccm_star_no_tag_info = { "ARIA-256-CCM*-NO-TAG", - &ccm_aria_info, + MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA, MBEDTLS_CIPHER_ARIA_256_CCM_STAR_NO_TAG, MBEDTLS_MODE_CCM_STAR_NO_TAG, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1643,7 +1661,7 @@ static const mbedtls_cipher_base_t des_info = { static const mbedtls_cipher_info_t des_ecb_info = { "DES-ECB", - &des_info, + MBEDTLS_CIPHER_BASE_INDEX_DES, MBEDTLS_CIPHER_DES_ECB, MBEDTLS_MODE_ECB, MBEDTLS_KEY_LENGTH_DES >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1655,7 +1673,7 @@ static const mbedtls_cipher_info_t des_ecb_info = { #if defined(MBEDTLS_CIPHER_MODE_CBC) static const mbedtls_cipher_info_t des_cbc_info = { "DES-CBC", - &des_info, + MBEDTLS_CIPHER_BASE_INDEX_DES, MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MODE_CBC, MBEDTLS_KEY_LENGTH_DES >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1694,7 +1712,7 @@ static const mbedtls_cipher_base_t des_ede_info = { static const mbedtls_cipher_info_t des_ede_ecb_info = { "DES-EDE-ECB", - &des_ede_info, + MBEDTLS_CIPHER_BASE_INDEX_DES_EDE, MBEDTLS_CIPHER_DES_EDE_ECB, MBEDTLS_MODE_ECB, MBEDTLS_KEY_LENGTH_DES_EDE >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1706,7 +1724,7 @@ static const mbedtls_cipher_info_t des_ede_ecb_info = { #if defined(MBEDTLS_CIPHER_MODE_CBC) static const mbedtls_cipher_info_t des_ede_cbc_info = { "DES-EDE-CBC", - &des_ede_info, + MBEDTLS_CIPHER_BASE_INDEX_DES_EDE, MBEDTLS_CIPHER_DES_EDE_CBC, MBEDTLS_MODE_CBC, MBEDTLS_KEY_LENGTH_DES_EDE >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1745,7 +1763,7 @@ static const mbedtls_cipher_base_t des_ede3_info = { static const mbedtls_cipher_info_t des_ede3_ecb_info = { "DES-EDE3-ECB", - &des_ede3_info, + MBEDTLS_CIPHER_BASE_INDEX_DES_EDE3, MBEDTLS_CIPHER_DES_EDE3_ECB, MBEDTLS_MODE_ECB, MBEDTLS_KEY_LENGTH_DES_EDE3 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1756,7 +1774,7 @@ static const mbedtls_cipher_info_t des_ede3_ecb_info = { #if defined(MBEDTLS_CIPHER_MODE_CBC) static const mbedtls_cipher_info_t des_ede3_cbc_info = { "DES-EDE3-CBC", - &des_ede3_info, + MBEDTLS_CIPHER_BASE_INDEX_DES_EDE3, MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MODE_CBC, MBEDTLS_KEY_LENGTH_DES_EDE3 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1845,7 +1863,7 @@ static const mbedtls_cipher_base_t chacha20_base_info = { }; static const mbedtls_cipher_info_t chacha20_info = { "CHACHA20", - &chacha20_base_info, + MBEDTLS_CIPHER_BASE_INDEX_CHACHA20_BASE, MBEDTLS_CIPHER_CHACHA20, MBEDTLS_MODE_STREAM, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1920,7 +1938,7 @@ static const mbedtls_cipher_base_t chachapoly_base_info = { }; static const mbedtls_cipher_info_t chachapoly_info = { "CHACHA20-POLY1305", - &chachapoly_base_info, + MBEDTLS_CIPHER_BASE_INDEX_CHACHAPOLY_BASE, MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MODE_CHACHAPOLY, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -1989,7 +2007,7 @@ static const mbedtls_cipher_base_t null_base_info = { static const mbedtls_cipher_info_t null_cipher_info = { "NULL", - &null_base_info, + MBEDTLS_CIPHER_BASE_INDEX_NULL_BASE, MBEDTLS_CIPHER_NULL, MBEDTLS_MODE_STREAM, 0 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -2060,7 +2078,7 @@ static const mbedtls_cipher_base_t kw_aes_info = { static const mbedtls_cipher_info_t aes_128_nist_kw_info = { "AES-128-KW", - &kw_aes_info, + MBEDTLS_CIPHER_BASE_INDEX_KW_AES, MBEDTLS_CIPHER_AES_128_KW, MBEDTLS_MODE_KW, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -2071,7 +2089,7 @@ static const mbedtls_cipher_info_t aes_128_nist_kw_info = { static const mbedtls_cipher_info_t aes_192_nist_kw_info = { "AES-192-KW", - &kw_aes_info, + MBEDTLS_CIPHER_BASE_INDEX_KW_AES, MBEDTLS_CIPHER_AES_192_KW, MBEDTLS_MODE_KW, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -2082,7 +2100,7 @@ static const mbedtls_cipher_info_t aes_192_nist_kw_info = { static const mbedtls_cipher_info_t aes_256_nist_kw_info = { "AES-256-KW", - &kw_aes_info, + MBEDTLS_CIPHER_BASE_INDEX_KW_AES, MBEDTLS_CIPHER_AES_256_KW, MBEDTLS_MODE_KW, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -2093,7 +2111,7 @@ static const mbedtls_cipher_info_t aes_256_nist_kw_info = { static const mbedtls_cipher_info_t aes_128_nist_kwp_info = { "AES-128-KWP", - &kw_aes_info, + MBEDTLS_CIPHER_BASE_INDEX_KW_AES, MBEDTLS_CIPHER_AES_128_KWP, MBEDTLS_MODE_KWP, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -2104,7 +2122,7 @@ static const mbedtls_cipher_info_t aes_128_nist_kwp_info = { static const mbedtls_cipher_info_t aes_192_nist_kwp_info = { "AES-192-KWP", - &kw_aes_info, + MBEDTLS_CIPHER_BASE_INDEX_KW_AES, MBEDTLS_CIPHER_AES_192_KWP, MBEDTLS_MODE_KWP, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -2115,7 +2133,7 @@ static const mbedtls_cipher_info_t aes_192_nist_kwp_info = { static const mbedtls_cipher_info_t aes_256_nist_kwp_info = { "AES-256-KWP", - &kw_aes_info, + MBEDTLS_CIPHER_BASE_INDEX_KW_AES, MBEDTLS_CIPHER_AES_256_KWP, MBEDTLS_MODE_KWP, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, @@ -2277,4 +2295,92 @@ const mbedtls_cipher_definition_t mbedtls_cipher_definitions[] = sizeof(mbedtls_cipher_definitions[0])) int mbedtls_cipher_supported[NUM_CIPHERS]; +const mbedtls_cipher_base_t* mbedtls_cipher_base_lookup_table[] = { +#if defined(MBEDTLS_AES_C) + &aes_info, +#else + NULL, +#endif +#if defined(MBEDTLS_ARIA_C) + &aria_info, +#else + NULL, +#endif +#if defined(MBEDTLS_CAMELLIA_C) + &camellia_info, +#else + NULL, +#endif +#if defined(MBEDTLS_CCM_C) + &ccm_aes_info, +#else + NULL, +#endif +#if defined(MBEDTLS_CCM_C) + &ccm_aria_info, +#else + NULL, +#endif +#if defined(MBEDTLS_CCM_C) + &ccm_camellia_info, +#else + NULL, +#endif +#if defined(MBEDTLS_CHACHA20_C) + &chacha20_base_info, +#else + NULL, +#endif +#if defined(MBEDTLS_CHACHAPOLY_C) + &chachapoly_base_info, +#else + NULL, +#endif +#if defined(MBEDTLS_DES_C) + &des_ede3_info, +#else + NULL, +#endif +#if defined(MBEDTLS_DES_C) + &des_ede_info, +#else + NULL, +#endif +#if defined(MBEDTLS_DES_C) + &des_info, +#else + NULL, +#endif +#if defined(MBEDTLS_GCM_C) + &gcm_aes_info, +#else + NULL, +#endif +#if defined(MBEDTLS_GCM_C) + &gcm_aria_info, +#else + NULL, +#endif +#if defined(MBEDTLS_GCM_C) + &gcm_camellia_info, +#else + NULL, +#endif +#if defined(MBEDTLS_NIST_KW_C) + &kw_aes_info, +#else + NULL, +#endif +#if defined(MBEDTLS_CIPHER_NULL_CIPHER) + &null_base_info, +#else + NULL, +#endif +#if defined(MBEDTLS_CIPHER_MODE_XTS) + &xts_aes_info, +#else + NULL, +#endif +}; + #endif /* MBEDTLS_CIPHER_C */ diff --git a/library/cipher_wrap.h b/library/cipher_wrap.h index 052cddbe15..06c8108d23 100644 --- a/library/cipher_wrap.h +++ b/library/cipher_wrap.h @@ -135,6 +135,8 @@ extern const mbedtls_cipher_definition_t mbedtls_cipher_definitions[]; extern int mbedtls_cipher_supported[]; +extern const mbedtls_cipher_base_t * mbedtls_cipher_base_lookup_table[]; + #ifdef __cplusplus } #endif From 3b46b77cf16415f8d377ca1819581fea21f8fde3 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sat, 24 Jun 2023 13:25:06 +0100 Subject: [PATCH 09/23] code style Signed-off-by: Dave Rodgman --- include/mbedtls/cipher.h | 6 ++-- library/cipher.c | 63 ++++++++++++++++++++++++++-------------- library/cipher_wrap.c | 2 +- library/cipher_wrap.h | 2 +- library/pkcs12.c | 4 ++- 5 files changed, 51 insertions(+), 26 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 0455efe67a..0eb0803f75 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -732,7 +732,8 @@ static inline int mbedtls_cipher_get_iv_size( return (int) ctx->MBEDTLS_PRIVATE(iv_size); } - return (int) (((int)ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(iv_size)) << MBEDTLS_IV_SIZE_SHIFT); + return (int) (((int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(iv_size)) << + MBEDTLS_IV_SIZE_SHIFT); } /** @@ -793,7 +794,8 @@ static inline int mbedtls_cipher_get_key_bitlen( return MBEDTLS_KEY_LENGTH_NONE; } - return (int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(key_bitlen) << MBEDTLS_KEY_BITLEN_SHIFT; + return (int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(key_bitlen) << + MBEDTLS_KEY_BITLEN_SHIFT; } /** diff --git a/library/cipher.c b/library/cipher.c index 3ed9aefa39..f6d0fcef08 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -67,7 +67,9 @@ static int supported_init = 0; -static inline const mbedtls_cipher_base_t* mbedtls_cipher_get_base(const mbedtls_cipher_info_t *info) { +static inline const mbedtls_cipher_base_t *mbedtls_cipher_get_base( + const mbedtls_cipher_info_t *info) +{ return mbedtls_cipher_base_lookup_table[info->base_idx]; } @@ -342,12 +344,12 @@ int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, MBEDTLS_MODE_OFB == ctx->cipher_info->mode || MBEDTLS_MODE_CTR == ctx->cipher_info->mode) { return mbedtls_cipher_get_base(ctx->cipher_info)->setkey_enc_func(ctx->cipher_ctx, key, - ctx->key_bitlen); + ctx->key_bitlen); } if (MBEDTLS_DECRYPT == operation) { return mbedtls_cipher_get_base(ctx->cipher_info)->setkey_dec_func(ctx->cipher_ctx, key, - ctx->key_bitlen); + ctx->key_bitlen); } return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; @@ -553,7 +555,8 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in *olen = ilen; if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->ecb_func(ctx->cipher_ctx, - ctx->operation, input, output))) { + ctx->operation, input, + output))) { return ret; } @@ -619,8 +622,11 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in copy_len); if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->cbc_func(ctx->cipher_ctx, - ctx->operation, block_size, ctx->iv, - ctx->unprocessed_data, output))) { + ctx->operation, + block_size, ctx->iv, + ctx-> + unprocessed_data, + output))) { return ret; } @@ -659,8 +665,10 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in */ if (ilen) { if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->cbc_func(ctx->cipher_ctx, - ctx->operation, ilen, ctx->iv, input, - output))) { + ctx->operation, + ilen, ctx->iv, + input, + output))) { return ret; } @@ -674,9 +682,10 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in #if defined(MBEDTLS_CIPHER_MODE_CFB) if (ctx->cipher_info->mode == MBEDTLS_MODE_CFB) { if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->cfb_func(ctx->cipher_ctx, - ctx->operation, ilen, - &ctx->unprocessed_len, ctx->iv, - input, output))) { + ctx->operation, ilen, + &ctx->unprocessed_len, + ctx->iv, + input, output))) { return ret; } @@ -689,8 +698,10 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in #if defined(MBEDTLS_CIPHER_MODE_OFB) if (ctx->cipher_info->mode == MBEDTLS_MODE_OFB) { if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->ofb_func(ctx->cipher_ctx, - ilen, &ctx->unprocessed_len, ctx->iv, - input, output))) { + ilen, + &ctx->unprocessed_len, + ctx->iv, + input, output))) { return ret; } @@ -703,8 +714,11 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in #if defined(MBEDTLS_CIPHER_MODE_CTR) if (ctx->cipher_info->mode == MBEDTLS_MODE_CTR) { if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->ctr_func(ctx->cipher_ctx, - ilen, &ctx->unprocessed_len, ctx->iv, - ctx->unprocessed_data, input, output))) { + ilen, + &ctx->unprocessed_len, + ctx->iv, + ctx->unprocessed_data, + input, output))) { return ret; } @@ -722,7 +736,11 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in } ret = mbedtls_cipher_get_base(ctx->cipher_info)->xts_func(ctx->cipher_ctx, - ctx->operation, ilen, ctx->iv, input, output); + ctx->operation, + ilen, + ctx->iv, + input, + output); if (ret != 0) { return ret; } @@ -736,7 +754,8 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in #if defined(MBEDTLS_CIPHER_MODE_STREAM) if (ctx->cipher_info->mode == MBEDTLS_MODE_STREAM) { if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->stream_func(ctx->cipher_ctx, - ilen, input, output))) { + ilen, input, + output))) { return ret; } @@ -1001,10 +1020,12 @@ int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx, /* cipher block */ if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->cbc_func(ctx->cipher_ctx, - ctx->operation, - mbedtls_cipher_get_block_size(ctx), - ctx->iv, - ctx->unprocessed_data, output))) { + ctx->operation, + mbedtls_cipher_get_block_size( + ctx), + ctx->iv, + ctx->unprocessed_data, + output))) { return ret; } diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index 0bb9c02b10..7c6c9d3d02 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -2295,7 +2295,7 @@ const mbedtls_cipher_definition_t mbedtls_cipher_definitions[] = sizeof(mbedtls_cipher_definitions[0])) int mbedtls_cipher_supported[NUM_CIPHERS]; -const mbedtls_cipher_base_t* mbedtls_cipher_base_lookup_table[] = { +const mbedtls_cipher_base_t *mbedtls_cipher_base_lookup_table[] = { #if defined(MBEDTLS_AES_C) &aes_info, #else diff --git a/library/cipher_wrap.h b/library/cipher_wrap.h index 06c8108d23..c85a4efa8d 100644 --- a/library/cipher_wrap.h +++ b/library/cipher_wrap.h @@ -135,7 +135,7 @@ extern const mbedtls_cipher_definition_t mbedtls_cipher_definitions[]; extern int mbedtls_cipher_supported[]; -extern const mbedtls_cipher_base_t * mbedtls_cipher_base_lookup_table[]; +extern const mbedtls_cipher_base_t *mbedtls_cipher_base_lookup_table[]; #ifdef __cplusplus } diff --git a/library/pkcs12.c b/library/pkcs12.c index 8540de22da..1dbdb0244e 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -171,7 +171,9 @@ int mbedtls_pkcs12_pbe(mbedtls_asn1_buf *pbe_params, int mode, goto exit; } - if ((ret = mbedtls_cipher_set_iv(&cipher_ctx, iv, mbedtls_cipher_info_get_iv_size(cipher_info))) != 0) { + if ((ret = + mbedtls_cipher_set_iv(&cipher_ctx, iv, + mbedtls_cipher_info_get_iv_size(cipher_info))) != 0) { goto exit; } From 85a88133aa6ed3ac3af5b406eb2e5491f6177fef Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sat, 24 Jun 2023 11:41:50 +0100 Subject: [PATCH 10/23] Use fewer bits for block_size Signed-off-by: Dave Rodgman --- include/mbedtls/cipher.h | 16 ++-- library/ccm.c | 2 +- library/cipher_wrap.c | 168 ++++++++++++++++++------------------ library/cmac.c | 6 +- library/gcm.c | 2 +- library/nist_kw.c | 2 +- library/psa_crypto_cipher.c | 2 +- library/ssl_tls.c | 2 +- 8 files changed, 102 insertions(+), 98 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 0eb0803f75..02bca32f29 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -305,15 +305,15 @@ typedef struct mbedtls_cipher_info_t { uint8_t MBEDTLS_PRIVATE(flags) : 2; /** The block size, in bytes. */ - uint8_t MBEDTLS_PRIVATE(block_size) : 5; + uint8_t MBEDTLS_PRIVATE(block_size2) : 2; } mbedtls_cipher_info_t; /* For internal use only. - * These are used to more compactly represent the key_bitlen and iv_size fields above. */ -#define MBEDTLS_KEY_BITLEN_SHIFT 6 -#define MBEDTLS_IV_SIZE_SHIFT 2 - + * These are used to more compactly represent the fields above. */ +#define MBEDTLS_KEY_BITLEN_SHIFT 6 +#define MBEDTLS_IV_SIZE_SHIFT 2 +#define MBEDTLS_CIPHER_BLOCK_SIZE_UNPACK(n) (n == 0 ? 1 : (n == 1 ? 8 : 16)) /** * Generic cipher context. */ @@ -546,7 +546,8 @@ static inline size_t mbedtls_cipher_info_get_block_size( return 0; } - return (size_t) info->MBEDTLS_PRIVATE(block_size); + int packed = info->MBEDTLS_PRIVATE(block_size2); + return (size_t) (MBEDTLS_CIPHER_BLOCK_SIZE_UNPACK(packed)); } /** @@ -687,7 +688,8 @@ static inline unsigned int mbedtls_cipher_get_block_size( return 0; } - return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(block_size); + int packed = ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(block_size2); + return (unsigned int) MBEDTLS_CIPHER_BLOCK_SIZE_UNPACK(packed); } /** diff --git a/library/ccm.c b/library/ccm.c index 36c999e7d7..cd689c806a 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -70,7 +70,7 @@ int mbedtls_ccm_setkey(mbedtls_ccm_context *ctx, return MBEDTLS_ERR_CCM_BAD_INPUT; } - if (cipher_info->block_size != 16) { + if (mbedtls_cipher_info_get_block_size(cipher_info) != 16) { return MBEDTLS_ERR_CCM_BAD_INPUT; } diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index 7c6c9d3d02..a7b1f90c66 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -70,6 +70,8 @@ #include "mbedtls/platform.h" +#define MBEDTLS_CIPHER_BLOCK_SIZE_PACK(n) (n == 1 ? 0 : (n == 8 ? 1 : 2)) + #define MBEDTLS_CIPHER_BASE_INDEX_AES 0 #define MBEDTLS_CIPHER_BASE_INDEX_ARIA 1 #define MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA 2 @@ -266,7 +268,7 @@ static const mbedtls_cipher_info_t aes_128_ecb_info = { 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aes_192_ecb_info = { @@ -277,7 +279,7 @@ static const mbedtls_cipher_info_t aes_192_ecb_info = { 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aes_256_ecb_info = { @@ -288,7 +290,7 @@ static const mbedtls_cipher_info_t aes_256_ecb_info = { 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -300,7 +302,7 @@ static const mbedtls_cipher_info_t aes_128_cbc_info = { 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aes_192_cbc_info = { @@ -311,7 +313,7 @@ static const mbedtls_cipher_info_t aes_192_cbc_info = { 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aes_256_cbc_info = { @@ -322,7 +324,7 @@ static const mbedtls_cipher_info_t aes_256_cbc_info = { 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -335,7 +337,7 @@ static const mbedtls_cipher_info_t aes_128_cfb128_info = { 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aes_192_cfb128_info = { @@ -346,7 +348,7 @@ static const mbedtls_cipher_info_t aes_192_cfb128_info = { 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aes_256_cfb128_info = { @@ -357,7 +359,7 @@ static const mbedtls_cipher_info_t aes_256_cfb128_info = { 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; #endif /* MBEDTLS_CIPHER_MODE_CFB */ @@ -370,7 +372,7 @@ static const mbedtls_cipher_info_t aes_128_ofb_info = { 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aes_192_ofb_info = { @@ -381,7 +383,7 @@ static const mbedtls_cipher_info_t aes_192_ofb_info = { 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aes_256_ofb_info = { @@ -392,7 +394,7 @@ static const mbedtls_cipher_info_t aes_256_ofb_info = { 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; #endif /* MBEDTLS_CIPHER_MODE_OFB */ @@ -405,7 +407,7 @@ static const mbedtls_cipher_info_t aes_128_ctr_info = { 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aes_192_ctr_info = { @@ -416,7 +418,7 @@ static const mbedtls_cipher_info_t aes_192_ctr_info = { 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aes_256_ctr_info = { @@ -427,7 +429,7 @@ static const mbedtls_cipher_info_t aes_256_ctr_info = { 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; #endif /* MBEDTLS_CIPHER_MODE_CTR */ @@ -504,7 +506,7 @@ static const mbedtls_cipher_info_t aes_128_xts_info = { 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aes_256_xts_info = { @@ -515,7 +517,7 @@ static const mbedtls_cipher_info_t aes_256_xts_info = { 512 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; #endif /* MBEDTLS_CIPHER_MODE_XTS */ @@ -562,7 +564,7 @@ static const mbedtls_cipher_info_t aes_128_gcm_info = { 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aes_192_gcm_info = { @@ -573,7 +575,7 @@ static const mbedtls_cipher_info_t aes_192_gcm_info = { 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aes_256_gcm_info = { @@ -584,7 +586,7 @@ static const mbedtls_cipher_info_t aes_256_gcm_info = { 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; #endif /* MBEDTLS_GCM_C */ @@ -631,7 +633,7 @@ static const mbedtls_cipher_info_t aes_128_ccm_info = { 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aes_192_ccm_info = { @@ -642,7 +644,7 @@ static const mbedtls_cipher_info_t aes_192_ccm_info = { 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aes_256_ccm_info = { @@ -653,7 +655,7 @@ static const mbedtls_cipher_info_t aes_256_ccm_info = { 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aes_128_ccm_star_no_tag_info = { @@ -664,7 +666,7 @@ static const mbedtls_cipher_info_t aes_128_ccm_star_no_tag_info = { 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aes_192_ccm_star_no_tag_info = { @@ -675,7 +677,7 @@ static const mbedtls_cipher_info_t aes_192_ccm_star_no_tag_info = { 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aes_256_ccm_star_no_tag_info = { @@ -686,7 +688,7 @@ static const mbedtls_cipher_info_t aes_256_ccm_star_no_tag_info = { 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; #endif /* MBEDTLS_CCM_C */ @@ -798,7 +800,7 @@ static const mbedtls_cipher_info_t camellia_128_ecb_info = { 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t camellia_192_ecb_info = { @@ -809,7 +811,7 @@ static const mbedtls_cipher_info_t camellia_192_ecb_info = { 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t camellia_256_ecb_info = { @@ -820,7 +822,7 @@ static const mbedtls_cipher_info_t camellia_256_ecb_info = { 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -832,7 +834,7 @@ static const mbedtls_cipher_info_t camellia_128_cbc_info = { 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t camellia_192_cbc_info = { @@ -843,7 +845,7 @@ static const mbedtls_cipher_info_t camellia_192_cbc_info = { 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t camellia_256_cbc_info = { @@ -854,7 +856,7 @@ static const mbedtls_cipher_info_t camellia_256_cbc_info = { 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -867,7 +869,7 @@ static const mbedtls_cipher_info_t camellia_128_cfb128_info = { 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t camellia_192_cfb128_info = { @@ -878,7 +880,7 @@ static const mbedtls_cipher_info_t camellia_192_cfb128_info = { 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t camellia_256_cfb128_info = { @@ -889,7 +891,7 @@ static const mbedtls_cipher_info_t camellia_256_cfb128_info = { 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; #endif /* MBEDTLS_CIPHER_MODE_CFB */ @@ -902,7 +904,7 @@ static const mbedtls_cipher_info_t camellia_128_ctr_info = { 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t camellia_192_ctr_info = { @@ -913,7 +915,7 @@ static const mbedtls_cipher_info_t camellia_192_ctr_info = { 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t camellia_256_ctr_info = { @@ -924,7 +926,7 @@ static const mbedtls_cipher_info_t camellia_256_ctr_info = { 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; #endif /* MBEDTLS_CIPHER_MODE_CTR */ @@ -971,7 +973,7 @@ static const mbedtls_cipher_info_t camellia_128_gcm_info = { 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t camellia_192_gcm_info = { @@ -982,7 +984,7 @@ static const mbedtls_cipher_info_t camellia_192_gcm_info = { 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t camellia_256_gcm_info = { @@ -993,7 +995,7 @@ static const mbedtls_cipher_info_t camellia_256_gcm_info = { 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; #endif /* MBEDTLS_GCM_C */ @@ -1040,7 +1042,7 @@ static const mbedtls_cipher_info_t camellia_128_ccm_info = { 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t camellia_192_ccm_info = { @@ -1051,7 +1053,7 @@ static const mbedtls_cipher_info_t camellia_192_ccm_info = { 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t camellia_256_ccm_info = { @@ -1062,7 +1064,7 @@ static const mbedtls_cipher_info_t camellia_256_ccm_info = { 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t camellia_128_ccm_star_no_tag_info = { @@ -1073,7 +1075,7 @@ static const mbedtls_cipher_info_t camellia_128_ccm_star_no_tag_info = { 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t camellia_192_ccm_star_no_tag_info = { @@ -1084,7 +1086,7 @@ static const mbedtls_cipher_info_t camellia_192_ccm_star_no_tag_info = { 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t camellia_256_ccm_star_no_tag_info = { @@ -1095,7 +1097,7 @@ static const mbedtls_cipher_info_t camellia_256_ccm_star_no_tag_info = { 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; #endif /* MBEDTLS_CCM_C */ @@ -1208,7 +1210,7 @@ static const mbedtls_cipher_info_t aria_128_ecb_info = { 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aria_192_ecb_info = { @@ -1219,7 +1221,7 @@ static const mbedtls_cipher_info_t aria_192_ecb_info = { 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aria_256_ecb_info = { @@ -1230,7 +1232,7 @@ static const mbedtls_cipher_info_t aria_256_ecb_info = { 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -1242,7 +1244,7 @@ static const mbedtls_cipher_info_t aria_128_cbc_info = { 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aria_192_cbc_info = { @@ -1253,7 +1255,7 @@ static const mbedtls_cipher_info_t aria_192_cbc_info = { 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aria_256_cbc_info = { @@ -1264,7 +1266,7 @@ static const mbedtls_cipher_info_t aria_256_cbc_info = { 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -1277,7 +1279,7 @@ static const mbedtls_cipher_info_t aria_128_cfb128_info = { 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aria_192_cfb128_info = { @@ -1288,7 +1290,7 @@ static const mbedtls_cipher_info_t aria_192_cfb128_info = { 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aria_256_cfb128_info = { @@ -1299,7 +1301,7 @@ static const mbedtls_cipher_info_t aria_256_cfb128_info = { 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; #endif /* MBEDTLS_CIPHER_MODE_CFB */ @@ -1312,7 +1314,7 @@ static const mbedtls_cipher_info_t aria_128_ctr_info = { 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aria_192_ctr_info = { @@ -1323,7 +1325,7 @@ static const mbedtls_cipher_info_t aria_192_ctr_info = { 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aria_256_ctr_info = { @@ -1334,7 +1336,7 @@ static const mbedtls_cipher_info_t aria_256_ctr_info = { 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 16 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; #endif /* MBEDTLS_CIPHER_MODE_CTR */ @@ -1381,7 +1383,7 @@ static const mbedtls_cipher_info_t aria_128_gcm_info = { 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aria_192_gcm_info = { @@ -1392,7 +1394,7 @@ static const mbedtls_cipher_info_t aria_192_gcm_info = { 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aria_256_gcm_info = { @@ -1403,7 +1405,7 @@ static const mbedtls_cipher_info_t aria_256_gcm_info = { 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; #endif /* MBEDTLS_GCM_C */ @@ -1450,7 +1452,7 @@ static const mbedtls_cipher_info_t aria_128_ccm_info = { 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aria_192_ccm_info = { @@ -1461,7 +1463,7 @@ static const mbedtls_cipher_info_t aria_192_ccm_info = { 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aria_256_ccm_info = { @@ -1472,7 +1474,7 @@ static const mbedtls_cipher_info_t aria_256_ccm_info = { 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aria_128_ccm_star_no_tag_info = { @@ -1483,7 +1485,7 @@ static const mbedtls_cipher_info_t aria_128_ccm_star_no_tag_info = { 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aria_192_ccm_star_no_tag_info = { @@ -1494,7 +1496,7 @@ static const mbedtls_cipher_info_t aria_192_ccm_star_no_tag_info = { 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aria_256_ccm_star_no_tag_info = { @@ -1505,7 +1507,7 @@ static const mbedtls_cipher_info_t aria_256_ccm_star_no_tag_info = { 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; #endif /* MBEDTLS_CCM_C */ @@ -1667,7 +1669,7 @@ static const mbedtls_cipher_info_t des_ecb_info = { MBEDTLS_KEY_LENGTH_DES >> MBEDTLS_KEY_BITLEN_SHIFT, 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 8 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(8) }; #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -1679,7 +1681,7 @@ static const mbedtls_cipher_info_t des_cbc_info = { MBEDTLS_KEY_LENGTH_DES >> MBEDTLS_KEY_BITLEN_SHIFT, 8 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 8 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(8) }; #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -1718,7 +1720,7 @@ static const mbedtls_cipher_info_t des_ede_ecb_info = { MBEDTLS_KEY_LENGTH_DES_EDE >> MBEDTLS_KEY_BITLEN_SHIFT, 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 8 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(8) }; #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -1730,7 +1732,7 @@ static const mbedtls_cipher_info_t des_ede_cbc_info = { MBEDTLS_KEY_LENGTH_DES_EDE >> MBEDTLS_KEY_BITLEN_SHIFT, 8 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 8 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(8) }; #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -1769,7 +1771,7 @@ static const mbedtls_cipher_info_t des_ede3_ecb_info = { MBEDTLS_KEY_LENGTH_DES_EDE3 >> MBEDTLS_KEY_BITLEN_SHIFT, 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 8 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(8) }; #if defined(MBEDTLS_CIPHER_MODE_CBC) static const mbedtls_cipher_info_t des_ede3_cbc_info = { @@ -1780,7 +1782,7 @@ static const mbedtls_cipher_info_t des_ede3_cbc_info = { MBEDTLS_KEY_LENGTH_DES_EDE3 >> MBEDTLS_KEY_BITLEN_SHIFT, 8 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 8 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(8) }; #endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_DES_C */ @@ -1869,7 +1871,7 @@ static const mbedtls_cipher_info_t chacha20_info = { 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 12 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 1 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(1) }; #endif /* MBEDTLS_CHACHA20_C */ @@ -1944,7 +1946,7 @@ static const mbedtls_cipher_info_t chachapoly_info = { 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 12 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 1 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(1) }; #endif /* MBEDTLS_CHACHAPOLY_C */ @@ -2013,7 +2015,7 @@ static const mbedtls_cipher_info_t null_cipher_info = { 0 >> MBEDTLS_KEY_BITLEN_SHIFT, 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 1 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(1) }; #endif /* defined(MBEDTLS_CIPHER_NULL_CIPHER) */ @@ -2084,7 +2086,7 @@ static const mbedtls_cipher_info_t aes_128_nist_kw_info = { 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aes_192_nist_kw_info = { @@ -2095,7 +2097,7 @@ static const mbedtls_cipher_info_t aes_192_nist_kw_info = { 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aes_256_nist_kw_info = { @@ -2106,7 +2108,7 @@ static const mbedtls_cipher_info_t aes_256_nist_kw_info = { 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aes_128_nist_kwp_info = { @@ -2117,7 +2119,7 @@ static const mbedtls_cipher_info_t aes_128_nist_kwp_info = { 128 >> MBEDTLS_KEY_BITLEN_SHIFT, 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aes_192_nist_kwp_info = { @@ -2128,7 +2130,7 @@ static const mbedtls_cipher_info_t aes_192_nist_kwp_info = { 192 >> MBEDTLS_KEY_BITLEN_SHIFT, 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; static const mbedtls_cipher_info_t aes_256_nist_kwp_info = { @@ -2139,7 +2141,7 @@ static const mbedtls_cipher_info_t aes_256_nist_kwp_info = { 256 >> MBEDTLS_KEY_BITLEN_SHIFT, 0 >> MBEDTLS_IV_SIZE_SHIFT, 0, - 16 + MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) }; #endif /* MBEDTLS_NIST_KW_C */ diff --git a/library/cmac.c b/library/cmac.c index 48f51df41d..2e9c1a1bdb 100644 --- a/library/cmac.c +++ b/library/cmac.c @@ -119,7 +119,7 @@ static int cmac_generate_subkeys(mbedtls_cipher_context_t *ctx, mbedtls_platform_zeroize(L, sizeof(L)); - block_size = ctx->cipher_info->block_size; + block_size = mbedtls_cipher_info_get_block_size(ctx->cipher_info); /* Calculate Ek(0) */ if ((ret = mbedtls_cipher_update(ctx, L, block_size, L, &olen)) != 0) { @@ -226,7 +226,7 @@ int mbedtls_cipher_cmac_update(mbedtls_cipher_context_t *ctx, } cmac_ctx = ctx->cmac_ctx; - block_size = ctx->cipher_info->block_size; + block_size = mbedtls_cipher_info_get_block_size(ctx->cipher_info); state = ctx->cmac_ctx->state; /* Is there data still to process from the last call, that's greater in @@ -295,7 +295,7 @@ int mbedtls_cipher_cmac_finish(mbedtls_cipher_context_t *ctx, } cmac_ctx = ctx->cmac_ctx; - block_size = ctx->cipher_info->block_size; + block_size = mbedtls_cipher_info_get_block_size(ctx->cipher_info); state = cmac_ctx->state; mbedtls_platform_zeroize(K1, sizeof(K1)); diff --git a/library/gcm.c b/library/gcm.c index 35823e3d71..782120417d 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -147,7 +147,7 @@ int mbedtls_gcm_setkey(mbedtls_gcm_context *ctx, return MBEDTLS_ERR_GCM_BAD_INPUT; } - if (cipher_info->block_size != 16) { + if (mbedtls_cipher_info_get_block_size(cipher_info) != 16) { return MBEDTLS_ERR_GCM_BAD_INPUT; } diff --git a/library/nist_kw.c b/library/nist_kw.c index d15c5c4afe..fbd7221a46 100644 --- a/library/nist_kw.c +++ b/library/nist_kw.c @@ -75,7 +75,7 @@ int mbedtls_nist_kw_setkey(mbedtls_nist_kw_context *ctx, return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } - if (cipher_info->block_size != 16) { + if (mbedtls_cipher_info_get_block_size(cipher_info) != 16) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index c501144e3f..b997a07cf1 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -306,7 +306,7 @@ static psa_status_t psa_cipher_update_ecb( size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - size_t block_size = ctx->cipher_info->block_size; + size_t block_size = mbedtls_cipher_info_get_block_size(ctx->cipher_info); size_t internal_output_length = 0; *output_length = 0; diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 36c96f26dd..a4d9880b83 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -8397,7 +8397,7 @@ static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform, #if defined(MBEDTLS_USE_PSA_CRYPTO) size_t block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type); #else - size_t block_size = cipher_info->block_size; + size_t block_size = mbedtls_cipher_info_get_block_size(cipher_info); #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_USE_PSA_CRYPTO) From eb65fec0235687b358a0d404b3b8abd038e65b0b Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sat, 24 Jun 2023 14:29:25 +0100 Subject: [PATCH 11/23] Fix use of enum in a bitfield Signed-off-by: Dave Rodgman --- include/mbedtls/cipher.h | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 02bca32f29..39579d5473 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -278,13 +278,15 @@ typedef struct mbedtls_cipher_info_t { /** Index to LUT for base cipher information and functions. */ uint8_t MBEDTLS_PRIVATE(base_idx) : 5; - /** Full cipher identifier. For example, - * MBEDTLS_CIPHER_AES_256_CBC. + /** Full cipher identifier (as per mbedtls_cipher_type_t). + * For example, MBEDTLS_CIPHER_AES_256_CBC. */ - mbedtls_cipher_type_t MBEDTLS_PRIVATE(type) : 7; + uint8_t MBEDTLS_PRIVATE(type) : 7; - /** The cipher mode. For example, MBEDTLS_MODE_CBC. */ - mbedtls_cipher_mode_t MBEDTLS_PRIVATE(mode) : 4; + /** The cipher mode (as per mbedtls_cipher_mode_t). + * For example, MBEDTLS_MODE_CBC. + */ + uint8_t MBEDTLS_PRIVATE(mode) : 4; /** The cipher key length, in bits. This is the * default length for variable sized ciphers. From 77049b8b6cb60cb5afe2e6e190cdc9173e4b6108 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sat, 24 Jun 2023 14:39:47 +0100 Subject: [PATCH 12/23] Dependency fixes Signed-off-by: Dave Rodgman --- library/cipher_wrap.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index a7b1f90c66..404e205b48 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -2313,17 +2313,17 @@ const mbedtls_cipher_base_t *mbedtls_cipher_base_lookup_table[] = { #else NULL, #endif -#if defined(MBEDTLS_CCM_C) +#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C) &ccm_aes_info, #else NULL, #endif -#if defined(MBEDTLS_CCM_C) +#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_ARIA_C) &ccm_aria_info, #else NULL, #endif -#if defined(MBEDTLS_CCM_C) +#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_CAMELLIA_C) &ccm_camellia_info, #else NULL, @@ -2353,17 +2353,17 @@ const mbedtls_cipher_base_t *mbedtls_cipher_base_lookup_table[] = { #else NULL, #endif -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C) &gcm_aes_info, #else NULL, #endif -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_ARIA_C) &gcm_aria_info, #else NULL, #endif -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_CAMELLIA_C) &gcm_camellia_info, #else NULL, @@ -2378,7 +2378,7 @@ const mbedtls_cipher_base_t *mbedtls_cipher_base_lookup_table[] = { #else NULL, #endif -#if defined(MBEDTLS_CIPHER_MODE_XTS) +#if defined(MBEDTLS_CIPHER_MODE_XTS) && defined(MBEDTLS_AES_C) &xts_aes_info, #else NULL, From a2e2fce60d19a659f9519b1cf5aa95024e0dbcf2 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sat, 24 Jun 2023 14:44:27 +0100 Subject: [PATCH 13/23] Fix accidental mis-named field Signed-off-by: Dave Rodgman --- include/mbedtls/cipher.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 39579d5473..1e89aff275 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -307,7 +307,7 @@ typedef struct mbedtls_cipher_info_t { uint8_t MBEDTLS_PRIVATE(flags) : 2; /** The block size, in bytes. */ - uint8_t MBEDTLS_PRIVATE(block_size2) : 2; + uint8_t MBEDTLS_PRIVATE(block_size) : 2; } mbedtls_cipher_info_t; @@ -548,7 +548,7 @@ static inline size_t mbedtls_cipher_info_get_block_size( return 0; } - int packed = info->MBEDTLS_PRIVATE(block_size2); + int packed = info->MBEDTLS_PRIVATE(block_size); return (size_t) (MBEDTLS_CIPHER_BLOCK_SIZE_UNPACK(packed)); } @@ -690,7 +690,7 @@ static inline unsigned int mbedtls_cipher_get_block_size( return 0; } - int packed = ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(block_size2); + int packed = ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(block_size); return (unsigned int) MBEDTLS_CIPHER_BLOCK_SIZE_UNPACK(packed); } From e59b9d44b169883fc98ca481a5099201a0913c2f Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sat, 24 Jun 2023 16:53:13 +0100 Subject: [PATCH 14/23] Fix some compiler type warnings Signed-off-by: Dave Rodgman --- include/mbedtls/cipher.h | 22 +++++++++++----------- library/pkcs12.c | 2 +- library/pkcs5.c | 2 +- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 1e89aff275..61dfc0c220 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -276,38 +276,38 @@ typedef struct mbedtls_cipher_info_t { const char *MBEDTLS_PRIVATE(name); /** Index to LUT for base cipher information and functions. */ - uint8_t MBEDTLS_PRIVATE(base_idx) : 5; + unsigned int MBEDTLS_PRIVATE(base_idx) : 5; /** Full cipher identifier (as per mbedtls_cipher_type_t). * For example, MBEDTLS_CIPHER_AES_256_CBC. */ - uint8_t MBEDTLS_PRIVATE(type) : 7; + unsigned int MBEDTLS_PRIVATE(type) : 7; /** The cipher mode (as per mbedtls_cipher_mode_t). * For example, MBEDTLS_MODE_CBC. */ - uint8_t MBEDTLS_PRIVATE(mode) : 4; + unsigned int MBEDTLS_PRIVATE(mode) : 4; /** The cipher key length, in bits. This is the * default length for variable sized ciphers. * Includes parity bits for ciphers like DES. */ - uint8_t MBEDTLS_PRIVATE(key_bitlen) : 4; + unsigned int MBEDTLS_PRIVATE(key_bitlen) : 4; /** IV or nonce size, in Bytes. * For ciphers that accept variable IV sizes, * this is the recommended size. */ - uint8_t MBEDTLS_PRIVATE(iv_size) : 3; + unsigned int MBEDTLS_PRIVATE(iv_size) : 3; /** Bitflag comprised of MBEDTLS_CIPHER_VARIABLE_IV_LEN and * MBEDTLS_CIPHER_VARIABLE_KEY_LEN indicating whether the * cipher supports variable IV or variable key sizes, respectively. */ - uint8_t MBEDTLS_PRIVATE(flags) : 2; + unsigned int MBEDTLS_PRIVATE(flags) : 2; /** The block size, in bytes. */ - uint8_t MBEDTLS_PRIVATE(block_size) : 2; + unsigned int MBEDTLS_PRIVATE(block_size) : 2; } mbedtls_cipher_info_t; @@ -446,7 +446,7 @@ static inline mbedtls_cipher_type_t mbedtls_cipher_info_get_type( if (info == NULL) { return MBEDTLS_CIPHER_NONE; } else { - return info->MBEDTLS_PRIVATE(type); + return (mbedtls_cipher_type_t) info->MBEDTLS_PRIVATE(type); } } @@ -465,7 +465,7 @@ static inline mbedtls_cipher_mode_t mbedtls_cipher_info_get_mode( if (info == NULL) { return MBEDTLS_MODE_NONE; } else { - return info->MBEDTLS_PRIVATE(mode); + return (mbedtls_cipher_mode_t) info->MBEDTLS_PRIVATE(mode); } } @@ -711,7 +711,7 @@ static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( return MBEDTLS_MODE_NONE; } - return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(mode); + return (mbedtls_cipher_mode_t) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(mode); } /** @@ -757,7 +757,7 @@ static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( return MBEDTLS_CIPHER_NONE; } - return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(type); + return (mbedtls_cipher_type_t) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(type); } /** diff --git a/library/pkcs12.c b/library/pkcs12.c index 1dbdb0244e..2f1495a1a0 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -151,7 +151,7 @@ int mbedtls_pkcs12_pbe(mbedtls_asn1_buf *pbe_params, int mode, return MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE; } - keylen = mbedtls_cipher_info_get_key_bitlen(cipher_info) / 8; + keylen = (int) mbedtls_cipher_info_get_key_bitlen(cipher_info) / 8; if ((ret = pkcs12_pbe_derive_key_iv(pbe_params, md_type, pwd, pwdlen, key, keylen, diff --git a/library/pkcs5.c b/library/pkcs5.c index 8d39eab18d..d620dc1ceb 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -176,7 +176,7 @@ int mbedtls_pkcs5_pbes2(const mbedtls_asn1_buf *pbe_params, int mode, * The value of keylen from pkcs5_parse_pbkdf2_params() is ignored * since it is optional and we don't know if it was set or not */ - keylen = mbedtls_cipher_info_get_key_bitlen(cipher_info) / 8; + keylen = (int) mbedtls_cipher_info_get_key_bitlen(cipher_info) / 8; if (enc_scheme_params.tag != MBEDTLS_ASN1_OCTET_STRING || enc_scheme_params.len != mbedtls_cipher_info_get_iv_size(cipher_info)) { From ef2f3697ec6607ec16d2b9e843930035077c18b8 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sat, 24 Jun 2023 17:31:08 +0100 Subject: [PATCH 15/23] Fix direct reference to cipher_info->key_bitlen Signed-off-by: Dave Rodgman --- library/ssl_tls13_keys.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index 540f854a84..9d2cc2cfed 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -1013,14 +1013,14 @@ int mbedtls_ssl_tls13_populate_transform( #if !defined(MBEDTLS_USE_PSA_CRYPTO) if ((ret = mbedtls_cipher_setkey(&transform->cipher_ctx_enc, - key_enc, cipher_info->key_bitlen, + key_enc, mbedtls_cipher_info_get_key_bitlen(cipher_info), MBEDTLS_ENCRYPT)) != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setkey", ret); return ret; } if ((ret = mbedtls_cipher_setkey(&transform->cipher_ctx_dec, - key_dec, cipher_info->key_bitlen, + key_dec, mbedtls_cipher_info_get_key_bitlen(cipher_info), MBEDTLS_DECRYPT)) != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setkey", ret); return ret; From 2e8f6aabc22f42f045859c8027054acdab87c5eb Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sat, 24 Jun 2023 17:32:18 +0100 Subject: [PATCH 16/23] Fix direct use of cipher_info->type Signed-off-by: Dave Rodgman --- library/cmac.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/cmac.c b/library/cmac.c index 2e9c1a1bdb..1963ba0439 100644 --- a/library/cmac.c +++ b/library/cmac.c @@ -186,7 +186,7 @@ int mbedtls_cipher_cmac_starts(mbedtls_cipher_context_t *ctx, return retval; } - type = ctx->cipher_info->type; + type = mbedtls_cipher_info_get_type(ctx->cipher_info); switch (type) { case MBEDTLS_CIPHER_AES_128_ECB: From 1b8a3b16c407699dc90a722d4c2b5b18e2dcf189 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sat, 24 Jun 2023 17:32:43 +0100 Subject: [PATCH 17/23] Add casts for enums in cipher.c Signed-off-by: Dave Rodgman --- library/cipher.c | 109 ++++++++++++++++++++++++----------------------- 1 file changed, 56 insertions(+), 53 deletions(-) diff --git a/library/cipher.c b/library/cipher.c index f6d0fcef08..015e25d799 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -234,11 +234,11 @@ int mbedtls_cipher_setup_psa(mbedtls_cipher_context_t *ctx, /* Check that the underlying cipher mode and cipher type are * supported by the underlying PSA Crypto implementation. */ - alg = mbedtls_psa_translate_cipher_mode(cipher_info->mode, taglen); + alg = mbedtls_psa_translate_cipher_mode(((mbedtls_cipher_mode_t) cipher_info->mode), taglen); if (alg == 0) { return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } - if (mbedtls_psa_translate_cipher_type(cipher_info->type) == 0) { + if (mbedtls_psa_translate_cipher_type(((mbedtls_cipher_type_t) cipher_info->type)) == 0) { return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } @@ -291,7 +291,7 @@ int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, } key_type = mbedtls_psa_translate_cipher_type( - ctx->cipher_info->type); + ((mbedtls_cipher_type_t) ctx->cipher_info->type)); if (key_type == 0) { return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } @@ -340,9 +340,9 @@ int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, * For OFB, CFB and CTR mode always use the encryption key schedule */ if (MBEDTLS_ENCRYPT == operation || - MBEDTLS_MODE_CFB == ctx->cipher_info->mode || - MBEDTLS_MODE_OFB == ctx->cipher_info->mode || - MBEDTLS_MODE_CTR == ctx->cipher_info->mode) { + MBEDTLS_MODE_CFB == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) || + MBEDTLS_MODE_OFB == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) || + MBEDTLS_MODE_CTR == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { return mbedtls_cipher_get_base(ctx->cipher_info)->setkey_enc_func(ctx->cipher_ctx, key, ctx->key_bitlen); } @@ -390,7 +390,7 @@ int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx, } #if defined(MBEDTLS_CHACHA20_C) - if (ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20) { + if (((mbedtls_cipher_type_t) ctx->cipher_info->type) == MBEDTLS_CIPHER_CHACHA20) { /* Even though the actual_iv_size is overwritten with a correct value * of 12 from the cipher info, return an error to indicate that * the input iv_len is wrong. */ @@ -405,7 +405,7 @@ int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx, } } #if defined(MBEDTLS_CHACHAPOLY_C) - if (ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305 && + if (((mbedtls_cipher_type_t) ctx->cipher_info->type) == MBEDTLS_CIPHER_CHACHA20_POLY1305 && iv_len != 12) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } @@ -413,7 +413,7 @@ int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx, #endif #if defined(MBEDTLS_GCM_C) - if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) { + if (MBEDTLS_MODE_GCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { return mbedtls_gcm_starts((mbedtls_gcm_context *) ctx->cipher_ctx, ctx->operation, iv, iv_len); @@ -421,7 +421,7 @@ int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx, #endif #if defined(MBEDTLS_CCM_C) - if (MBEDTLS_MODE_CCM_STAR_NO_TAG == ctx->cipher_info->mode) { + if (MBEDTLS_MODE_CCM_STAR_NO_TAG == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { int set_lengths_result; int ccm_star_mode; @@ -491,14 +491,14 @@ int mbedtls_cipher_update_ad(mbedtls_cipher_context_t *ctx, #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_GCM_C) - if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) { + if (MBEDTLS_MODE_GCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { return mbedtls_gcm_update_ad((mbedtls_gcm_context *) ctx->cipher_ctx, ad, ad_len); } #endif #if defined(MBEDTLS_CHACHAPOLY_C) - if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) { + if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ((mbedtls_cipher_type_t) ctx->cipher_info->type)) { int result; mbedtls_chachapoly_mode_t mode; @@ -547,7 +547,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT; } - if (ctx->cipher_info->mode == MBEDTLS_MODE_ECB) { + if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) == MBEDTLS_MODE_ECB) { if (ilen != block_size) { return MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED; } @@ -564,7 +564,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in } #if defined(MBEDTLS_GCM_C) - if (ctx->cipher_info->mode == MBEDTLS_MODE_GCM) { + if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) == MBEDTLS_MODE_GCM) { return mbedtls_gcm_update((mbedtls_gcm_context *) ctx->cipher_ctx, input, ilen, output, ilen, olen); @@ -572,7 +572,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in #endif #if defined(MBEDTLS_CCM_C) - if (ctx->cipher_info->mode == MBEDTLS_MODE_CCM_STAR_NO_TAG) { + if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) == MBEDTLS_MODE_CCM_STAR_NO_TAG) { return mbedtls_ccm_update((mbedtls_ccm_context *) ctx->cipher_ctx, input, ilen, output, ilen, olen); @@ -580,7 +580,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in #endif #if defined(MBEDTLS_CHACHAPOLY_C) - if (ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305) { + if (((mbedtls_cipher_type_t) ctx->cipher_info->type) == MBEDTLS_CIPHER_CHACHA20_POLY1305) { *olen = ilen; return mbedtls_chachapoly_update((mbedtls_chachapoly_context *) ctx->cipher_ctx, ilen, input, output); @@ -593,7 +593,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in } #if defined(MBEDTLS_CIPHER_MODE_CBC) - if (ctx->cipher_info->mode == MBEDTLS_MODE_CBC) { + if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) == MBEDTLS_MODE_CBC) { size_t copy_len = 0; /* @@ -680,7 +680,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) - if (ctx->cipher_info->mode == MBEDTLS_MODE_CFB) { + if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) == MBEDTLS_MODE_CFB) { if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->cfb_func(ctx->cipher_ctx, ctx->operation, ilen, &ctx->unprocessed_len, @@ -696,7 +696,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_OFB) - if (ctx->cipher_info->mode == MBEDTLS_MODE_OFB) { + if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) == MBEDTLS_MODE_OFB) { if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->ofb_func(ctx->cipher_ctx, ilen, &ctx->unprocessed_len, @@ -712,7 +712,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in #endif /* MBEDTLS_CIPHER_MODE_OFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) - if (ctx->cipher_info->mode == MBEDTLS_MODE_CTR) { + if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) == MBEDTLS_MODE_CTR) { if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->ctr_func(ctx->cipher_ctx, ilen, &ctx->unprocessed_len, @@ -729,7 +729,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in #endif /* MBEDTLS_CIPHER_MODE_CTR */ #if defined(MBEDTLS_CIPHER_MODE_XTS) - if (ctx->cipher_info->mode == MBEDTLS_MODE_XTS) { + if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) == MBEDTLS_MODE_XTS) { if (ctx->unprocessed_len > 0) { /* We can only process an entire data unit at a time. */ return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; @@ -752,7 +752,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in #endif /* MBEDTLS_CIPHER_MODE_XTS */ #if defined(MBEDTLS_CIPHER_MODE_STREAM) - if (ctx->cipher_info->mode == MBEDTLS_MODE_STREAM) { + if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) == MBEDTLS_MODE_STREAM) { if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->stream_func(ctx->cipher_ctx, ilen, input, output))) { @@ -967,22 +967,22 @@ int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx, *olen = 0; - if (MBEDTLS_MODE_CFB == ctx->cipher_info->mode || - MBEDTLS_MODE_OFB == ctx->cipher_info->mode || - MBEDTLS_MODE_CTR == ctx->cipher_info->mode || - MBEDTLS_MODE_GCM == ctx->cipher_info->mode || - MBEDTLS_MODE_CCM_STAR_NO_TAG == ctx->cipher_info->mode || - MBEDTLS_MODE_XTS == ctx->cipher_info->mode || - MBEDTLS_MODE_STREAM == ctx->cipher_info->mode) { + if (MBEDTLS_MODE_CFB == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) || + MBEDTLS_MODE_OFB == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) || + MBEDTLS_MODE_CTR == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) || + MBEDTLS_MODE_GCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) || + MBEDTLS_MODE_CCM_STAR_NO_TAG == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) || + MBEDTLS_MODE_XTS == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) || + MBEDTLS_MODE_STREAM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { return 0; } - if ((MBEDTLS_CIPHER_CHACHA20 == ctx->cipher_info->type) || - (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type)) { + if ((MBEDTLS_CIPHER_CHACHA20 == ((mbedtls_cipher_type_t) ctx->cipher_info->type)) || + (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ((mbedtls_cipher_type_t) ctx->cipher_info->type))) { return 0; } - if (MBEDTLS_MODE_ECB == ctx->cipher_info->mode) { + if (MBEDTLS_MODE_ECB == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { if (ctx->unprocessed_len != 0) { return MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED; } @@ -991,7 +991,7 @@ int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx, } #if defined(MBEDTLS_CIPHER_MODE_CBC) - if (MBEDTLS_MODE_CBC == ctx->cipher_info->mode) { + if (MBEDTLS_MODE_CBC == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { int ret = 0; if (MBEDTLS_ENCRYPT == ctx->operation) { @@ -1050,7 +1050,8 @@ int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx, int mbedtls_cipher_set_padding_mode(mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode) { - if (NULL == ctx->cipher_info || MBEDTLS_MODE_CBC != ctx->cipher_info->mode) { + if (NULL == ctx->cipher_info || + MBEDTLS_MODE_CBC != ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } @@ -1127,7 +1128,7 @@ int mbedtls_cipher_write_tag(mbedtls_cipher_context_t *ctx, #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_GCM_C) - if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) { + if (MBEDTLS_MODE_GCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { size_t output_length; /* The code here doesn't yet support alternative implementations * that can delay up to a block of output. */ @@ -1138,7 +1139,7 @@ int mbedtls_cipher_write_tag(mbedtls_cipher_context_t *ctx, #endif #if defined(MBEDTLS_CHACHAPOLY_C) - if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) { + if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ((mbedtls_cipher_type_t) ctx->cipher_info->type)) { /* Don't allow truncated MAC for Poly1305 */ if (tag_len != 16U) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; @@ -1179,7 +1180,7 @@ int mbedtls_cipher_check_tag(mbedtls_cipher_context_t *ctx, ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; #if defined(MBEDTLS_GCM_C) - if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) { + if (MBEDTLS_MODE_GCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { size_t output_length; /* The code here doesn't yet support alternative implementations * that can delay up to a block of output. */ @@ -1204,7 +1205,7 @@ int mbedtls_cipher_check_tag(mbedtls_cipher_context_t *ctx, #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_CHACHAPOLY_C) - if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) { + if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ((mbedtls_cipher_type_t) ctx->cipher_info->type)) { /* Don't allow truncated MAC for Poly1305 */ if (tag_len != sizeof(check_tag)) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; @@ -1275,7 +1276,7 @@ int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED; } - if (ctx->cipher_info->mode != MBEDTLS_MODE_ECB) { + if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) != MBEDTLS_MODE_ECB) { status = psa_cipher_set_iv(&cipher_op, iv, iv_len); if (status != PSA_SUCCESS) { return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED; @@ -1370,7 +1371,7 @@ static int mbedtls_cipher_aead_encrypt(mbedtls_cipher_context_t *ctx, #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_GCM_C) - if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) { + if (MBEDTLS_MODE_GCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { *olen = ilen; return mbedtls_gcm_crypt_and_tag(ctx->cipher_ctx, MBEDTLS_GCM_ENCRYPT, ilen, iv, iv_len, ad, ad_len, @@ -1378,7 +1379,7 @@ static int mbedtls_cipher_aead_encrypt(mbedtls_cipher_context_t *ctx, } #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_CCM_C) - if (MBEDTLS_MODE_CCM == ctx->cipher_info->mode) { + if (MBEDTLS_MODE_CCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { *olen = ilen; return mbedtls_ccm_encrypt_and_tag(ctx->cipher_ctx, ilen, iv, iv_len, ad, ad_len, input, output, @@ -1386,7 +1387,7 @@ static int mbedtls_cipher_aead_encrypt(mbedtls_cipher_context_t *ctx, } #endif /* MBEDTLS_CCM_C */ #if defined(MBEDTLS_CHACHAPOLY_C) - if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) { + if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ((mbedtls_cipher_type_t) ctx->cipher_info->type)) { /* ChachaPoly has fixed length nonce and MAC (tag) */ if ((iv_len != mbedtls_cipher_info_get_iv_size(ctx->cipher_info)) || (tag_len != 16U)) { @@ -1448,7 +1449,7 @@ static int mbedtls_cipher_aead_decrypt(mbedtls_cipher_context_t *ctx, #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_GCM_C) - if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) { + if (MBEDTLS_MODE_GCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; *olen = ilen; @@ -1464,7 +1465,7 @@ static int mbedtls_cipher_aead_decrypt(mbedtls_cipher_context_t *ctx, } #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_CCM_C) - if (MBEDTLS_MODE_CCM == ctx->cipher_info->mode) { + if (MBEDTLS_MODE_CCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; *olen = ilen; @@ -1480,7 +1481,7 @@ static int mbedtls_cipher_aead_decrypt(mbedtls_cipher_context_t *ctx, } #endif /* MBEDTLS_CCM_C */ #if defined(MBEDTLS_CHACHAPOLY_C) - if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) { + if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ((mbedtls_cipher_type_t) ctx->cipher_info->type)) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* ChachaPoly has fixed length nonce and MAC (tag) */ @@ -1521,10 +1522,11 @@ int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx, #if defined(MBEDTLS_USE_PSA_CRYPTO) ctx->psa_enabled == 0 && #endif - (MBEDTLS_MODE_KW == ctx->cipher_info->mode || - MBEDTLS_MODE_KWP == ctx->cipher_info->mode)) { - mbedtls_nist_kw_mode_t mode = (MBEDTLS_MODE_KW == ctx->cipher_info->mode) ? - MBEDTLS_KW_MODE_KW : MBEDTLS_KW_MODE_KWP; + (MBEDTLS_MODE_KW == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) || + MBEDTLS_MODE_KWP == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode))) { + mbedtls_nist_kw_mode_t mode = + (MBEDTLS_MODE_KW == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) ? + MBEDTLS_KW_MODE_KW : MBEDTLS_KW_MODE_KWP; /* There is no iv, tag or ad associated with KW and KWP, * so these length should be 0 as documented. */ @@ -1571,10 +1573,11 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, #if defined(MBEDTLS_USE_PSA_CRYPTO) ctx->psa_enabled == 0 && #endif - (MBEDTLS_MODE_KW == ctx->cipher_info->mode || - MBEDTLS_MODE_KWP == ctx->cipher_info->mode)) { - mbedtls_nist_kw_mode_t mode = (MBEDTLS_MODE_KW == ctx->cipher_info->mode) ? - MBEDTLS_KW_MODE_KW : MBEDTLS_KW_MODE_KWP; + (MBEDTLS_MODE_KW == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) || + MBEDTLS_MODE_KWP == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode))) { + mbedtls_nist_kw_mode_t mode = + (MBEDTLS_MODE_KW == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) ? + MBEDTLS_KW_MODE_KW : MBEDTLS_KW_MODE_KWP; /* There is no iv, tag or ad associated with KW and KWP, * so these length should be 0 as documented. */ From 92cf6e52d37e90eb037f357e2e0d47855f96bc64 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sat, 24 Jun 2023 18:06:45 +0100 Subject: [PATCH 18/23] Adjust stuct order for better packing / smaller accessor code size Signed-off-by: Dave Rodgman --- include/mbedtls/cipher.h | 29 +- library/cipher_wrap.c | 666 +++++++++++++++++++-------------------- 2 files changed, 345 insertions(+), 350 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 61dfc0c220..9ba32eeb6f 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -275,13 +275,14 @@ typedef struct mbedtls_cipher_info_t { /** Name of the cipher. */ const char *MBEDTLS_PRIVATE(name); - /** Index to LUT for base cipher information and functions. */ - unsigned int MBEDTLS_PRIVATE(base_idx) : 5; + /** The block size, in bytes. */ + unsigned int MBEDTLS_PRIVATE(block_size) : 5; - /** Full cipher identifier (as per mbedtls_cipher_type_t). - * For example, MBEDTLS_CIPHER_AES_256_CBC. + /** IV or nonce size, in Bytes. + * For ciphers that accept variable IV sizes, + * this is the recommended size. */ - unsigned int MBEDTLS_PRIVATE(type) : 7; + unsigned int MBEDTLS_PRIVATE(iv_size) : 3; /** The cipher mode (as per mbedtls_cipher_mode_t). * For example, MBEDTLS_MODE_CBC. @@ -294,11 +295,10 @@ typedef struct mbedtls_cipher_info_t { */ unsigned int MBEDTLS_PRIVATE(key_bitlen) : 4; - /** IV or nonce size, in Bytes. - * For ciphers that accept variable IV sizes, - * this is the recommended size. + /** Full cipher identifier (as per mbedtls_cipher_type_t). + * For example, MBEDTLS_CIPHER_AES_256_CBC. */ - unsigned int MBEDTLS_PRIVATE(iv_size) : 3; + unsigned int MBEDTLS_PRIVATE(type) : 8; // only need 7 bits, but it retains byte alignment /** Bitflag comprised of MBEDTLS_CIPHER_VARIABLE_IV_LEN and * MBEDTLS_CIPHER_VARIABLE_KEY_LEN indicating whether the @@ -306,8 +306,8 @@ typedef struct mbedtls_cipher_info_t { */ unsigned int MBEDTLS_PRIVATE(flags) : 2; - /** The block size, in bytes. */ - unsigned int MBEDTLS_PRIVATE(block_size) : 2; + /** Index to LUT for base cipher information and functions. */ + unsigned int MBEDTLS_PRIVATE(base_idx) : 5; } mbedtls_cipher_info_t; @@ -315,7 +315,6 @@ typedef struct mbedtls_cipher_info_t { * These are used to more compactly represent the fields above. */ #define MBEDTLS_KEY_BITLEN_SHIFT 6 #define MBEDTLS_IV_SIZE_SHIFT 2 -#define MBEDTLS_CIPHER_BLOCK_SIZE_UNPACK(n) (n == 0 ? 1 : (n == 1 ? 8 : 16)) /** * Generic cipher context. */ @@ -548,8 +547,7 @@ static inline size_t mbedtls_cipher_info_get_block_size( return 0; } - int packed = info->MBEDTLS_PRIVATE(block_size); - return (size_t) (MBEDTLS_CIPHER_BLOCK_SIZE_UNPACK(packed)); + return (size_t) (info->MBEDTLS_PRIVATE(block_size)); } /** @@ -690,8 +688,7 @@ static inline unsigned int mbedtls_cipher_get_block_size( return 0; } - int packed = ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(block_size); - return (unsigned int) MBEDTLS_CIPHER_BLOCK_SIZE_UNPACK(packed); + return (unsigned int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(block_size); } /** diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index 404e205b48..60985ee6d4 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -70,8 +70,6 @@ #include "mbedtls/platform.h" -#define MBEDTLS_CIPHER_BLOCK_SIZE_PACK(n) (n == 1 ? 0 : (n == 8 ? 1 : 2)) - #define MBEDTLS_CIPHER_BASE_INDEX_AES 0 #define MBEDTLS_CIPHER_BASE_INDEX_ARIA 1 #define MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA 2 @@ -262,174 +260,174 @@ static const mbedtls_cipher_base_t aes_info = { static const mbedtls_cipher_info_t aes_128_ecb_info = { "AES-128-ECB", - MBEDTLS_CIPHER_BASE_INDEX_AES, - MBEDTLS_CIPHER_AES_128_ECB, + 16, + 0 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_ECB, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_128_ECB, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_AES }; static const mbedtls_cipher_info_t aes_192_ecb_info = { "AES-192-ECB", - MBEDTLS_CIPHER_BASE_INDEX_AES, - MBEDTLS_CIPHER_AES_192_ECB, + 16, + 0 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_ECB, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_192_ECB, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_AES }; static const mbedtls_cipher_info_t aes_256_ecb_info = { "AES-256-ECB", - MBEDTLS_CIPHER_BASE_INDEX_AES, - MBEDTLS_CIPHER_AES_256_ECB, + 16, + 0 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_ECB, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_256_ECB, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_AES }; #if defined(MBEDTLS_CIPHER_MODE_CBC) static const mbedtls_cipher_info_t aes_128_cbc_info = { "AES-128-CBC", - MBEDTLS_CIPHER_BASE_INDEX_AES, - MBEDTLS_CIPHER_AES_128_CBC, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CBC, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_128_CBC, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_AES }; static const mbedtls_cipher_info_t aes_192_cbc_info = { "AES-192-CBC", - MBEDTLS_CIPHER_BASE_INDEX_AES, - MBEDTLS_CIPHER_AES_192_CBC, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CBC, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_192_CBC, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_AES }; static const mbedtls_cipher_info_t aes_256_cbc_info = { "AES-256-CBC", - MBEDTLS_CIPHER_BASE_INDEX_AES, - MBEDTLS_CIPHER_AES_256_CBC, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CBC, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_256_CBC, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_AES }; #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) static const mbedtls_cipher_info_t aes_128_cfb128_info = { "AES-128-CFB128", - MBEDTLS_CIPHER_BASE_INDEX_AES, - MBEDTLS_CIPHER_AES_128_CFB128, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CFB, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_128_CFB128, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_AES }; static const mbedtls_cipher_info_t aes_192_cfb128_info = { "AES-192-CFB128", - MBEDTLS_CIPHER_BASE_INDEX_AES, - MBEDTLS_CIPHER_AES_192_CFB128, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CFB, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_192_CFB128, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_AES }; static const mbedtls_cipher_info_t aes_256_cfb128_info = { "AES-256-CFB128", - MBEDTLS_CIPHER_BASE_INDEX_AES, - MBEDTLS_CIPHER_AES_256_CFB128, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CFB, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_256_CFB128, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_AES }; #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_OFB) static const mbedtls_cipher_info_t aes_128_ofb_info = { "AES-128-OFB", - MBEDTLS_CIPHER_BASE_INDEX_AES, - MBEDTLS_CIPHER_AES_128_OFB, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_OFB, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_128_OFB, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_AES }; static const mbedtls_cipher_info_t aes_192_ofb_info = { "AES-192-OFB", - MBEDTLS_CIPHER_BASE_INDEX_AES, - MBEDTLS_CIPHER_AES_192_OFB, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_OFB, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_192_OFB, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_AES }; static const mbedtls_cipher_info_t aes_256_ofb_info = { "AES-256-OFB", - MBEDTLS_CIPHER_BASE_INDEX_AES, - MBEDTLS_CIPHER_AES_256_OFB, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_OFB, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_256_OFB, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_AES }; #endif /* MBEDTLS_CIPHER_MODE_OFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) static const mbedtls_cipher_info_t aes_128_ctr_info = { "AES-128-CTR", - MBEDTLS_CIPHER_BASE_INDEX_AES, - MBEDTLS_CIPHER_AES_128_CTR, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CTR, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_128_CTR, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_AES }; static const mbedtls_cipher_info_t aes_192_ctr_info = { "AES-192-CTR", - MBEDTLS_CIPHER_BASE_INDEX_AES, - MBEDTLS_CIPHER_AES_192_CTR, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CTR, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_192_CTR, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_AES }; static const mbedtls_cipher_info_t aes_256_ctr_info = { "AES-256-CTR", - MBEDTLS_CIPHER_BASE_INDEX_AES, - MBEDTLS_CIPHER_AES_256_CTR, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CTR, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_256_CTR, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_AES }; #endif /* MBEDTLS_CIPHER_MODE_CTR */ @@ -500,24 +498,24 @@ static const mbedtls_cipher_base_t xts_aes_info = { static const mbedtls_cipher_info_t aes_128_xts_info = { "AES-128-XTS", - MBEDTLS_CIPHER_BASE_INDEX_XTS_AES, - MBEDTLS_CIPHER_AES_128_XTS, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_XTS, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_128_XTS, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_XTS_AES }; static const mbedtls_cipher_info_t aes_256_xts_info = { "AES-256-XTS", - MBEDTLS_CIPHER_BASE_INDEX_XTS_AES, - MBEDTLS_CIPHER_AES_256_XTS, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_XTS, 512 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_256_XTS, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_XTS_AES }; #endif /* MBEDTLS_CIPHER_MODE_XTS */ @@ -558,35 +556,35 @@ static const mbedtls_cipher_base_t gcm_aes_info = { static const mbedtls_cipher_info_t aes_128_gcm_info = { "AES-128-GCM", - MBEDTLS_CIPHER_BASE_INDEX_GCM_AES, - MBEDTLS_CIPHER_AES_128_GCM, + 16, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_GCM, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_GCM_AES }; static const mbedtls_cipher_info_t aes_192_gcm_info = { "AES-192-GCM", - MBEDTLS_CIPHER_BASE_INDEX_GCM_AES, - MBEDTLS_CIPHER_AES_192_GCM, + 16, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_GCM, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_192_GCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_GCM_AES }; static const mbedtls_cipher_info_t aes_256_gcm_info = { "AES-256-GCM", - MBEDTLS_CIPHER_BASE_INDEX_GCM_AES, - MBEDTLS_CIPHER_AES_256_GCM, + 16, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_GCM, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_GCM_AES }; #endif /* MBEDTLS_GCM_C */ @@ -627,68 +625,68 @@ static const mbedtls_cipher_base_t ccm_aes_info = { static const mbedtls_cipher_info_t aes_128_ccm_info = { "AES-128-CCM", - MBEDTLS_CIPHER_BASE_INDEX_CCM_AES, - MBEDTLS_CIPHER_AES_128_CCM, + 16, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CCM, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CCM_AES }; static const mbedtls_cipher_info_t aes_192_ccm_info = { "AES-192-CCM", - MBEDTLS_CIPHER_BASE_INDEX_CCM_AES, - MBEDTLS_CIPHER_AES_192_CCM, + 16, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CCM, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_192_CCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CCM_AES }; static const mbedtls_cipher_info_t aes_256_ccm_info = { "AES-256-CCM", - MBEDTLS_CIPHER_BASE_INDEX_CCM_AES, - MBEDTLS_CIPHER_AES_256_CCM, + 16, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CCM, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CCM_AES }; static const mbedtls_cipher_info_t aes_128_ccm_star_no_tag_info = { "AES-128-CCM*-NO-TAG", - MBEDTLS_CIPHER_BASE_INDEX_CCM_AES, - MBEDTLS_CIPHER_AES_128_CCM_STAR_NO_TAG, + 16, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CCM_STAR_NO_TAG, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_128_CCM_STAR_NO_TAG, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CCM_AES }; static const mbedtls_cipher_info_t aes_192_ccm_star_no_tag_info = { "AES-192-CCM*-NO-TAG", - MBEDTLS_CIPHER_BASE_INDEX_CCM_AES, - MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG, + 16, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CCM_STAR_NO_TAG, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CCM_AES }; static const mbedtls_cipher_info_t aes_256_ccm_star_no_tag_info = { "AES-256-CCM*-NO-TAG", - MBEDTLS_CIPHER_BASE_INDEX_CCM_AES, - MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG, + 16, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CCM_STAR_NO_TAG, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CCM_AES }; #endif /* MBEDTLS_CCM_C */ @@ -794,139 +792,139 @@ static const mbedtls_cipher_base_t camellia_info = { static const mbedtls_cipher_info_t camellia_128_ecb_info = { "CAMELLIA-128-ECB", - MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, - MBEDTLS_CIPHER_CAMELLIA_128_ECB, + 16, + 0 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_ECB, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_CAMELLIA_128_ECB, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA }; static const mbedtls_cipher_info_t camellia_192_ecb_info = { "CAMELLIA-192-ECB", - MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, - MBEDTLS_CIPHER_CAMELLIA_192_ECB, + 16, + 0 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_ECB, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_CAMELLIA_192_ECB, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA }; static const mbedtls_cipher_info_t camellia_256_ecb_info = { "CAMELLIA-256-ECB", - MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, - MBEDTLS_CIPHER_CAMELLIA_256_ECB, + 16, + 0 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_ECB, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_CAMELLIA_256_ECB, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA }; #if defined(MBEDTLS_CIPHER_MODE_CBC) static const mbedtls_cipher_info_t camellia_128_cbc_info = { "CAMELLIA-128-CBC", - MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, - MBEDTLS_CIPHER_CAMELLIA_128_CBC, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CBC, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_CAMELLIA_128_CBC, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA }; static const mbedtls_cipher_info_t camellia_192_cbc_info = { "CAMELLIA-192-CBC", - MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, - MBEDTLS_CIPHER_CAMELLIA_192_CBC, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CBC, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_CAMELLIA_192_CBC, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA }; static const mbedtls_cipher_info_t camellia_256_cbc_info = { "CAMELLIA-256-CBC", - MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, - MBEDTLS_CIPHER_CAMELLIA_256_CBC, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CBC, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_CAMELLIA_256_CBC, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA }; #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) static const mbedtls_cipher_info_t camellia_128_cfb128_info = { "CAMELLIA-128-CFB128", - MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, - MBEDTLS_CIPHER_CAMELLIA_128_CFB128, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CFB, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_CAMELLIA_128_CFB128, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA }; static const mbedtls_cipher_info_t camellia_192_cfb128_info = { "CAMELLIA-192-CFB128", - MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, - MBEDTLS_CIPHER_CAMELLIA_192_CFB128, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CFB, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_CAMELLIA_192_CFB128, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA }; static const mbedtls_cipher_info_t camellia_256_cfb128_info = { "CAMELLIA-256-CFB128", - MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, - MBEDTLS_CIPHER_CAMELLIA_256_CFB128, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CFB, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_CAMELLIA_256_CFB128, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA }; #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) static const mbedtls_cipher_info_t camellia_128_ctr_info = { "CAMELLIA-128-CTR", - MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, - MBEDTLS_CIPHER_CAMELLIA_128_CTR, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CTR, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_CAMELLIA_128_CTR, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA }; static const mbedtls_cipher_info_t camellia_192_ctr_info = { "CAMELLIA-192-CTR", - MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, - MBEDTLS_CIPHER_CAMELLIA_192_CTR, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CTR, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_CAMELLIA_192_CTR, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA }; static const mbedtls_cipher_info_t camellia_256_ctr_info = { "CAMELLIA-256-CTR", - MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, - MBEDTLS_CIPHER_CAMELLIA_256_CTR, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CTR, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_CAMELLIA_256_CTR, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA }; #endif /* MBEDTLS_CIPHER_MODE_CTR */ @@ -967,35 +965,35 @@ static const mbedtls_cipher_base_t gcm_camellia_info = { static const mbedtls_cipher_info_t camellia_128_gcm_info = { "CAMELLIA-128-GCM", - MBEDTLS_CIPHER_BASE_INDEX_GCM_CAMELLIA, - MBEDTLS_CIPHER_CAMELLIA_128_GCM, + 16, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_GCM, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_GCM_CAMELLIA }; static const mbedtls_cipher_info_t camellia_192_gcm_info = { "CAMELLIA-192-GCM", - MBEDTLS_CIPHER_BASE_INDEX_GCM_CAMELLIA, - MBEDTLS_CIPHER_CAMELLIA_192_GCM, + 16, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_GCM, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_CAMELLIA_192_GCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_GCM_CAMELLIA }; static const mbedtls_cipher_info_t camellia_256_gcm_info = { "CAMELLIA-256-GCM", - MBEDTLS_CIPHER_BASE_INDEX_GCM_CAMELLIA, - MBEDTLS_CIPHER_CAMELLIA_256_GCM, + 16, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_GCM, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_GCM_CAMELLIA }; #endif /* MBEDTLS_GCM_C */ @@ -1036,68 +1034,68 @@ static const mbedtls_cipher_base_t ccm_camellia_info = { static const mbedtls_cipher_info_t camellia_128_ccm_info = { "CAMELLIA-128-CCM", - MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA, - MBEDTLS_CIPHER_CAMELLIA_128_CCM, + 16, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CCM, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_CAMELLIA_128_CCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA }; static const mbedtls_cipher_info_t camellia_192_ccm_info = { "CAMELLIA-192-CCM", - MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA, - MBEDTLS_CIPHER_CAMELLIA_192_CCM, + 16, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CCM, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_CAMELLIA_192_CCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA }; static const mbedtls_cipher_info_t camellia_256_ccm_info = { "CAMELLIA-256-CCM", - MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA, - MBEDTLS_CIPHER_CAMELLIA_256_CCM, + 16, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CCM, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_CAMELLIA_256_CCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA }; static const mbedtls_cipher_info_t camellia_128_ccm_star_no_tag_info = { "CAMELLIA-128-CCM*-NO-TAG", - MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA, - MBEDTLS_CIPHER_CAMELLIA_128_CCM_STAR_NO_TAG, + 16, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CCM_STAR_NO_TAG, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_CAMELLIA_128_CCM_STAR_NO_TAG, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA }; static const mbedtls_cipher_info_t camellia_192_ccm_star_no_tag_info = { "CAMELLIA-192-CCM*-NO-TAG", - MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA, - MBEDTLS_CIPHER_CAMELLIA_192_CCM_STAR_NO_TAG, + 16, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CCM_STAR_NO_TAG, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_CAMELLIA_192_CCM_STAR_NO_TAG, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA }; static const mbedtls_cipher_info_t camellia_256_ccm_star_no_tag_info = { "CAMELLIA-256-CCM*-NO-TAG", - MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA, - MBEDTLS_CIPHER_CAMELLIA_256_CCM_STAR_NO_TAG, + 16, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CCM_STAR_NO_TAG, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_CAMELLIA_256_CCM_STAR_NO_TAG, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA }; #endif /* MBEDTLS_CCM_C */ @@ -1204,139 +1202,139 @@ static const mbedtls_cipher_base_t aria_info = { static const mbedtls_cipher_info_t aria_128_ecb_info = { "ARIA-128-ECB", - MBEDTLS_CIPHER_BASE_INDEX_ARIA, - MBEDTLS_CIPHER_ARIA_128_ECB, + 16, + 0 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_ECB, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_ARIA_128_ECB, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_ARIA }; static const mbedtls_cipher_info_t aria_192_ecb_info = { "ARIA-192-ECB", - MBEDTLS_CIPHER_BASE_INDEX_ARIA, - MBEDTLS_CIPHER_ARIA_192_ECB, + 16, + 0 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_ECB, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_ARIA_192_ECB, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_ARIA }; static const mbedtls_cipher_info_t aria_256_ecb_info = { "ARIA-256-ECB", - MBEDTLS_CIPHER_BASE_INDEX_ARIA, - MBEDTLS_CIPHER_ARIA_256_ECB, + 16, + 0 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_ECB, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_ARIA_256_ECB, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_ARIA }; #if defined(MBEDTLS_CIPHER_MODE_CBC) static const mbedtls_cipher_info_t aria_128_cbc_info = { "ARIA-128-CBC", - MBEDTLS_CIPHER_BASE_INDEX_ARIA, - MBEDTLS_CIPHER_ARIA_128_CBC, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CBC, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_ARIA_128_CBC, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_ARIA }; static const mbedtls_cipher_info_t aria_192_cbc_info = { "ARIA-192-CBC", - MBEDTLS_CIPHER_BASE_INDEX_ARIA, - MBEDTLS_CIPHER_ARIA_192_CBC, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CBC, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_ARIA_192_CBC, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_ARIA }; static const mbedtls_cipher_info_t aria_256_cbc_info = { "ARIA-256-CBC", - MBEDTLS_CIPHER_BASE_INDEX_ARIA, - MBEDTLS_CIPHER_ARIA_256_CBC, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CBC, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_ARIA_256_CBC, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_ARIA }; #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) static const mbedtls_cipher_info_t aria_128_cfb128_info = { "ARIA-128-CFB128", - MBEDTLS_CIPHER_BASE_INDEX_ARIA, - MBEDTLS_CIPHER_ARIA_128_CFB128, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CFB, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_ARIA_128_CFB128, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_ARIA }; static const mbedtls_cipher_info_t aria_192_cfb128_info = { "ARIA-192-CFB128", - MBEDTLS_CIPHER_BASE_INDEX_ARIA, - MBEDTLS_CIPHER_ARIA_192_CFB128, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CFB, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_ARIA_192_CFB128, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_ARIA }; static const mbedtls_cipher_info_t aria_256_cfb128_info = { "ARIA-256-CFB128", - MBEDTLS_CIPHER_BASE_INDEX_ARIA, - MBEDTLS_CIPHER_ARIA_256_CFB128, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CFB, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_ARIA_256_CFB128, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_ARIA }; #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) static const mbedtls_cipher_info_t aria_128_ctr_info = { "ARIA-128-CTR", - MBEDTLS_CIPHER_BASE_INDEX_ARIA, - MBEDTLS_CIPHER_ARIA_128_CTR, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CTR, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_ARIA_128_CTR, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_ARIA }; static const mbedtls_cipher_info_t aria_192_ctr_info = { "ARIA-192-CTR", - MBEDTLS_CIPHER_BASE_INDEX_ARIA, - MBEDTLS_CIPHER_ARIA_192_CTR, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CTR, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_ARIA_192_CTR, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_ARIA }; static const mbedtls_cipher_info_t aria_256_ctr_info = { "ARIA-256-CTR", - MBEDTLS_CIPHER_BASE_INDEX_ARIA, - MBEDTLS_CIPHER_ARIA_256_CTR, + 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CTR, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 16 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_ARIA_256_CTR, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_ARIA }; #endif /* MBEDTLS_CIPHER_MODE_CTR */ @@ -1377,35 +1375,35 @@ static const mbedtls_cipher_base_t gcm_aria_info = { static const mbedtls_cipher_info_t aria_128_gcm_info = { "ARIA-128-GCM", - MBEDTLS_CIPHER_BASE_INDEX_GCM_ARIA, - MBEDTLS_CIPHER_ARIA_128_GCM, + 16, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_GCM, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_GCM_ARIA }; static const mbedtls_cipher_info_t aria_192_gcm_info = { "ARIA-192-GCM", - MBEDTLS_CIPHER_BASE_INDEX_GCM_ARIA, - MBEDTLS_CIPHER_ARIA_192_GCM, + 16, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_GCM, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_ARIA_192_GCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_GCM_ARIA }; static const mbedtls_cipher_info_t aria_256_gcm_info = { "ARIA-256-GCM", - MBEDTLS_CIPHER_BASE_INDEX_GCM_ARIA, - MBEDTLS_CIPHER_ARIA_256_GCM, + 16, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_GCM, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_GCM_ARIA }; #endif /* MBEDTLS_GCM_C */ @@ -1446,68 +1444,68 @@ static const mbedtls_cipher_base_t ccm_aria_info = { static const mbedtls_cipher_info_t aria_128_ccm_info = { "ARIA-128-CCM", - MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA, - MBEDTLS_CIPHER_ARIA_128_CCM, + 16, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CCM, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_ARIA_128_CCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA }; static const mbedtls_cipher_info_t aria_192_ccm_info = { "ARIA-192-CCM", - MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA, - MBEDTLS_CIPHER_ARIA_192_CCM, + 16, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CCM, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_ARIA_192_CCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA }; static const mbedtls_cipher_info_t aria_256_ccm_info = { "ARIA-256-CCM", - MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA, - MBEDTLS_CIPHER_ARIA_256_CCM, + 16, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CCM, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_ARIA_256_CCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA }; static const mbedtls_cipher_info_t aria_128_ccm_star_no_tag_info = { "ARIA-128-CCM*-NO-TAG", - MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA, - MBEDTLS_CIPHER_ARIA_128_CCM_STAR_NO_TAG, + 16, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CCM_STAR_NO_TAG, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_ARIA_128_CCM_STAR_NO_TAG, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA }; static const mbedtls_cipher_info_t aria_192_ccm_star_no_tag_info = { "ARIA-192-CCM*-NO-TAG", - MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA, - MBEDTLS_CIPHER_ARIA_192_CCM_STAR_NO_TAG, + 16, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CCM_STAR_NO_TAG, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_ARIA_192_CCM_STAR_NO_TAG, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA }; static const mbedtls_cipher_info_t aria_256_ccm_star_no_tag_info = { "ARIA-256-CCM*-NO-TAG", - MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA, - MBEDTLS_CIPHER_ARIA_256_CCM_STAR_NO_TAG, + 16, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CCM_STAR_NO_TAG, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_ARIA_256_CCM_STAR_NO_TAG, MBEDTLS_CIPHER_VARIABLE_IV_LEN, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA }; #endif /* MBEDTLS_CCM_C */ @@ -1663,25 +1661,25 @@ static const mbedtls_cipher_base_t des_info = { static const mbedtls_cipher_info_t des_ecb_info = { "DES-ECB", - MBEDTLS_CIPHER_BASE_INDEX_DES, - MBEDTLS_CIPHER_DES_ECB, + 8, + 0 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_ECB, MBEDTLS_KEY_LENGTH_DES >> MBEDTLS_KEY_BITLEN_SHIFT, - 0 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_DES_ECB, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(8) + MBEDTLS_CIPHER_BASE_INDEX_DES }; #if defined(MBEDTLS_CIPHER_MODE_CBC) static const mbedtls_cipher_info_t des_cbc_info = { "DES-CBC", - MBEDTLS_CIPHER_BASE_INDEX_DES, - MBEDTLS_CIPHER_DES_CBC, + 8, + 8 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CBC, MBEDTLS_KEY_LENGTH_DES >> MBEDTLS_KEY_BITLEN_SHIFT, - 8 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_DES_CBC, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(8) + MBEDTLS_CIPHER_BASE_INDEX_DES }; #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -1714,25 +1712,25 @@ static const mbedtls_cipher_base_t des_ede_info = { static const mbedtls_cipher_info_t des_ede_ecb_info = { "DES-EDE-ECB", - MBEDTLS_CIPHER_BASE_INDEX_DES_EDE, - MBEDTLS_CIPHER_DES_EDE_ECB, + 8, + 0 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_ECB, MBEDTLS_KEY_LENGTH_DES_EDE >> MBEDTLS_KEY_BITLEN_SHIFT, - 0 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_DES_EDE_ECB, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(8) + MBEDTLS_CIPHER_BASE_INDEX_DES_EDE }; #if defined(MBEDTLS_CIPHER_MODE_CBC) static const mbedtls_cipher_info_t des_ede_cbc_info = { "DES-EDE-CBC", - MBEDTLS_CIPHER_BASE_INDEX_DES_EDE, - MBEDTLS_CIPHER_DES_EDE_CBC, + 8, + 8 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CBC, MBEDTLS_KEY_LENGTH_DES_EDE >> MBEDTLS_KEY_BITLEN_SHIFT, - 8 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_DES_EDE_CBC, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(8) + MBEDTLS_CIPHER_BASE_INDEX_DES_EDE }; #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -1765,24 +1763,24 @@ static const mbedtls_cipher_base_t des_ede3_info = { static const mbedtls_cipher_info_t des_ede3_ecb_info = { "DES-EDE3-ECB", - MBEDTLS_CIPHER_BASE_INDEX_DES_EDE3, - MBEDTLS_CIPHER_DES_EDE3_ECB, + 8, + 0 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_ECB, MBEDTLS_KEY_LENGTH_DES_EDE3 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_DES_EDE3_ECB, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(8) + MBEDTLS_CIPHER_BASE_INDEX_DES_EDE3 }; #if defined(MBEDTLS_CIPHER_MODE_CBC) static const mbedtls_cipher_info_t des_ede3_cbc_info = { "DES-EDE3-CBC", - MBEDTLS_CIPHER_BASE_INDEX_DES_EDE3, - MBEDTLS_CIPHER_DES_EDE3_CBC, + 8, + 8 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CBC, MBEDTLS_KEY_LENGTH_DES_EDE3 >> MBEDTLS_KEY_BITLEN_SHIFT, - 8 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_DES_EDE3_CBC, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(8) + MBEDTLS_CIPHER_BASE_INDEX_DES_EDE3 }; #endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_DES_C */ @@ -1865,13 +1863,13 @@ static const mbedtls_cipher_base_t chacha20_base_info = { }; static const mbedtls_cipher_info_t chacha20_info = { "CHACHA20", - MBEDTLS_CIPHER_BASE_INDEX_CHACHA20_BASE, - MBEDTLS_CIPHER_CHACHA20, + 1, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_STREAM, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_CHACHA20, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(1) + MBEDTLS_CIPHER_BASE_INDEX_CHACHA20_BASE }; #endif /* MBEDTLS_CHACHA20_C */ @@ -1940,13 +1938,13 @@ static const mbedtls_cipher_base_t chachapoly_base_info = { }; static const mbedtls_cipher_info_t chachapoly_info = { "CHACHA20-POLY1305", - MBEDTLS_CIPHER_BASE_INDEX_CHACHAPOLY_BASE, - MBEDTLS_CIPHER_CHACHA20_POLY1305, + 1, + 12 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_CHACHAPOLY, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 12 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_CHACHA20_POLY1305, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(1) + MBEDTLS_CIPHER_BASE_INDEX_CHACHAPOLY_BASE }; #endif /* MBEDTLS_CHACHAPOLY_C */ @@ -2009,13 +2007,13 @@ static const mbedtls_cipher_base_t null_base_info = { static const mbedtls_cipher_info_t null_cipher_info = { "NULL", - MBEDTLS_CIPHER_BASE_INDEX_NULL_BASE, - MBEDTLS_CIPHER_NULL, + 1, + 0 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_STREAM, 0 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_NULL, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(1) + MBEDTLS_CIPHER_BASE_INDEX_NULL_BASE }; #endif /* defined(MBEDTLS_CIPHER_NULL_CIPHER) */ @@ -2080,68 +2078,68 @@ static const mbedtls_cipher_base_t kw_aes_info = { static const mbedtls_cipher_info_t aes_128_nist_kw_info = { "AES-128-KW", - MBEDTLS_CIPHER_BASE_INDEX_KW_AES, - MBEDTLS_CIPHER_AES_128_KW, + 16, + 0 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_KW, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_128_KW, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_KW_AES }; static const mbedtls_cipher_info_t aes_192_nist_kw_info = { "AES-192-KW", - MBEDTLS_CIPHER_BASE_INDEX_KW_AES, - MBEDTLS_CIPHER_AES_192_KW, + 16, + 0 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_KW, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_192_KW, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_KW_AES }; static const mbedtls_cipher_info_t aes_256_nist_kw_info = { "AES-256-KW", - MBEDTLS_CIPHER_BASE_INDEX_KW_AES, - MBEDTLS_CIPHER_AES_256_KW, + 16, + 0 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_KW, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_256_KW, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_KW_AES }; static const mbedtls_cipher_info_t aes_128_nist_kwp_info = { "AES-128-KWP", - MBEDTLS_CIPHER_BASE_INDEX_KW_AES, - MBEDTLS_CIPHER_AES_128_KWP, + 16, + 0 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_KWP, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_128_KWP, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_KW_AES }; static const mbedtls_cipher_info_t aes_192_nist_kwp_info = { "AES-192-KWP", - MBEDTLS_CIPHER_BASE_INDEX_KW_AES, - MBEDTLS_CIPHER_AES_192_KWP, + 16, + 0 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_KWP, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_192_KWP, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_KW_AES }; static const mbedtls_cipher_info_t aes_256_nist_kwp_info = { "AES-256-KWP", - MBEDTLS_CIPHER_BASE_INDEX_KW_AES, - MBEDTLS_CIPHER_AES_256_KWP, + 16, + 0 >> MBEDTLS_IV_SIZE_SHIFT, MBEDTLS_MODE_KWP, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, - 0 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_CIPHER_AES_256_KWP, 0, - MBEDTLS_CIPHER_BLOCK_SIZE_PACK(16) + MBEDTLS_CIPHER_BASE_INDEX_KW_AES }; #endif /* MBEDTLS_NIST_KW_C */ From d30eed4d55940a7af33b2e6da6179a3480e8f792 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sat, 24 Jun 2023 18:35:42 +0100 Subject: [PATCH 19/23] More struct re-ordering Signed-off-by: Dave Rodgman --- include/mbedtls/cipher.h | 10 +-- library/cipher_wrap.c | 166 +++++++++++++++++++-------------------- 2 files changed, 88 insertions(+), 88 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 9ba32eeb6f..c1d7111ce6 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -284,17 +284,17 @@ typedef struct mbedtls_cipher_info_t { */ unsigned int MBEDTLS_PRIVATE(iv_size) : 3; - /** The cipher mode (as per mbedtls_cipher_mode_t). - * For example, MBEDTLS_MODE_CBC. - */ - unsigned int MBEDTLS_PRIVATE(mode) : 4; - /** The cipher key length, in bits. This is the * default length for variable sized ciphers. * Includes parity bits for ciphers like DES. */ unsigned int MBEDTLS_PRIVATE(key_bitlen) : 4; + /** The cipher mode (as per mbedtls_cipher_mode_t). + * For example, MBEDTLS_MODE_CBC. + */ + unsigned int MBEDTLS_PRIVATE(mode) : 4; + /** Full cipher identifier (as per mbedtls_cipher_type_t). * For example, MBEDTLS_CIPHER_AES_256_CBC. */ diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index 60985ee6d4..7987518655 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -262,8 +262,8 @@ static const mbedtls_cipher_info_t aes_128_ecb_info = { "AES-128-ECB", 16, 0 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_ECB, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_ECB, MBEDTLS_CIPHER_AES_128_ECB, 0, MBEDTLS_CIPHER_BASE_INDEX_AES @@ -273,8 +273,8 @@ static const mbedtls_cipher_info_t aes_192_ecb_info = { "AES-192-ECB", 16, 0 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_ECB, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_ECB, MBEDTLS_CIPHER_AES_192_ECB, 0, MBEDTLS_CIPHER_BASE_INDEX_AES @@ -284,8 +284,8 @@ static const mbedtls_cipher_info_t aes_256_ecb_info = { "AES-256-ECB", 16, 0 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_ECB, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_ECB, MBEDTLS_CIPHER_AES_256_ECB, 0, MBEDTLS_CIPHER_BASE_INDEX_AES @@ -296,8 +296,8 @@ static const mbedtls_cipher_info_t aes_128_cbc_info = { "AES-128-CBC", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CBC, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CBC, MBEDTLS_CIPHER_AES_128_CBC, 0, MBEDTLS_CIPHER_BASE_INDEX_AES @@ -307,8 +307,8 @@ static const mbedtls_cipher_info_t aes_192_cbc_info = { "AES-192-CBC", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CBC, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CBC, MBEDTLS_CIPHER_AES_192_CBC, 0, MBEDTLS_CIPHER_BASE_INDEX_AES @@ -318,8 +318,8 @@ static const mbedtls_cipher_info_t aes_256_cbc_info = { "AES-256-CBC", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CBC, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CBC, MBEDTLS_CIPHER_AES_256_CBC, 0, MBEDTLS_CIPHER_BASE_INDEX_AES @@ -331,8 +331,8 @@ static const mbedtls_cipher_info_t aes_128_cfb128_info = { "AES-128-CFB128", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CFB, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CFB, MBEDTLS_CIPHER_AES_128_CFB128, 0, MBEDTLS_CIPHER_BASE_INDEX_AES @@ -342,8 +342,8 @@ static const mbedtls_cipher_info_t aes_192_cfb128_info = { "AES-192-CFB128", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CFB, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CFB, MBEDTLS_CIPHER_AES_192_CFB128, 0, MBEDTLS_CIPHER_BASE_INDEX_AES @@ -353,8 +353,8 @@ static const mbedtls_cipher_info_t aes_256_cfb128_info = { "AES-256-CFB128", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CFB, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CFB, MBEDTLS_CIPHER_AES_256_CFB128, 0, MBEDTLS_CIPHER_BASE_INDEX_AES @@ -366,8 +366,8 @@ static const mbedtls_cipher_info_t aes_128_ofb_info = { "AES-128-OFB", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_OFB, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_OFB, MBEDTLS_CIPHER_AES_128_OFB, 0, MBEDTLS_CIPHER_BASE_INDEX_AES @@ -377,8 +377,8 @@ static const mbedtls_cipher_info_t aes_192_ofb_info = { "AES-192-OFB", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_OFB, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_OFB, MBEDTLS_CIPHER_AES_192_OFB, 0, MBEDTLS_CIPHER_BASE_INDEX_AES @@ -388,8 +388,8 @@ static const mbedtls_cipher_info_t aes_256_ofb_info = { "AES-256-OFB", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_OFB, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_OFB, MBEDTLS_CIPHER_AES_256_OFB, 0, MBEDTLS_CIPHER_BASE_INDEX_AES @@ -401,8 +401,8 @@ static const mbedtls_cipher_info_t aes_128_ctr_info = { "AES-128-CTR", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CTR, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CTR, MBEDTLS_CIPHER_AES_128_CTR, 0, MBEDTLS_CIPHER_BASE_INDEX_AES @@ -412,8 +412,8 @@ static const mbedtls_cipher_info_t aes_192_ctr_info = { "AES-192-CTR", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CTR, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CTR, MBEDTLS_CIPHER_AES_192_CTR, 0, MBEDTLS_CIPHER_BASE_INDEX_AES @@ -423,8 +423,8 @@ static const mbedtls_cipher_info_t aes_256_ctr_info = { "AES-256-CTR", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CTR, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CTR, MBEDTLS_CIPHER_AES_256_CTR, 0, MBEDTLS_CIPHER_BASE_INDEX_AES @@ -500,8 +500,8 @@ static const mbedtls_cipher_info_t aes_128_xts_info = { "AES-128-XTS", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_XTS, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_XTS, MBEDTLS_CIPHER_AES_128_XTS, 0, MBEDTLS_CIPHER_BASE_INDEX_XTS_AES @@ -511,8 +511,8 @@ static const mbedtls_cipher_info_t aes_256_xts_info = { "AES-256-XTS", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_XTS, 512 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_XTS, MBEDTLS_CIPHER_AES_256_XTS, 0, MBEDTLS_CIPHER_BASE_INDEX_XTS_AES @@ -558,8 +558,8 @@ static const mbedtls_cipher_info_t aes_128_gcm_info = { "AES-128-GCM", 16, 12 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_GCM, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_GCM, MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, MBEDTLS_CIPHER_BASE_INDEX_GCM_AES @@ -569,8 +569,8 @@ static const mbedtls_cipher_info_t aes_192_gcm_info = { "AES-192-GCM", 16, 12 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_GCM, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_GCM, MBEDTLS_CIPHER_AES_192_GCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, MBEDTLS_CIPHER_BASE_INDEX_GCM_AES @@ -580,8 +580,8 @@ static const mbedtls_cipher_info_t aes_256_gcm_info = { "AES-256-GCM", 16, 12 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_GCM, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_GCM, MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, MBEDTLS_CIPHER_BASE_INDEX_GCM_AES @@ -627,8 +627,8 @@ static const mbedtls_cipher_info_t aes_128_ccm_info = { "AES-128-CCM", 16, 12 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CCM, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM, MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, MBEDTLS_CIPHER_BASE_INDEX_CCM_AES @@ -638,8 +638,8 @@ static const mbedtls_cipher_info_t aes_192_ccm_info = { "AES-192-CCM", 16, 12 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CCM, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM, MBEDTLS_CIPHER_AES_192_CCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, MBEDTLS_CIPHER_BASE_INDEX_CCM_AES @@ -649,8 +649,8 @@ static const mbedtls_cipher_info_t aes_256_ccm_info = { "AES-256-CCM", 16, 12 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CCM, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM, MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, MBEDTLS_CIPHER_BASE_INDEX_CCM_AES @@ -660,8 +660,8 @@ static const mbedtls_cipher_info_t aes_128_ccm_star_no_tag_info = { "AES-128-CCM*-NO-TAG", 16, 12 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CCM_STAR_NO_TAG, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM_STAR_NO_TAG, MBEDTLS_CIPHER_AES_128_CCM_STAR_NO_TAG, MBEDTLS_CIPHER_VARIABLE_IV_LEN, MBEDTLS_CIPHER_BASE_INDEX_CCM_AES @@ -671,8 +671,8 @@ static const mbedtls_cipher_info_t aes_192_ccm_star_no_tag_info = { "AES-192-CCM*-NO-TAG", 16, 12 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CCM_STAR_NO_TAG, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM_STAR_NO_TAG, MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG, MBEDTLS_CIPHER_VARIABLE_IV_LEN, MBEDTLS_CIPHER_BASE_INDEX_CCM_AES @@ -682,8 +682,8 @@ static const mbedtls_cipher_info_t aes_256_ccm_star_no_tag_info = { "AES-256-CCM*-NO-TAG", 16, 12 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CCM_STAR_NO_TAG, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM_STAR_NO_TAG, MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG, MBEDTLS_CIPHER_VARIABLE_IV_LEN, MBEDTLS_CIPHER_BASE_INDEX_CCM_AES @@ -794,8 +794,8 @@ static const mbedtls_cipher_info_t camellia_128_ecb_info = { "CAMELLIA-128-ECB", 16, 0 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_ECB, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_ECB, MBEDTLS_CIPHER_CAMELLIA_128_ECB, 0, MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA @@ -805,8 +805,8 @@ static const mbedtls_cipher_info_t camellia_192_ecb_info = { "CAMELLIA-192-ECB", 16, 0 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_ECB, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_ECB, MBEDTLS_CIPHER_CAMELLIA_192_ECB, 0, MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA @@ -816,8 +816,8 @@ static const mbedtls_cipher_info_t camellia_256_ecb_info = { "CAMELLIA-256-ECB", 16, 0 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_ECB, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_ECB, MBEDTLS_CIPHER_CAMELLIA_256_ECB, 0, MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA @@ -828,8 +828,8 @@ static const mbedtls_cipher_info_t camellia_128_cbc_info = { "CAMELLIA-128-CBC", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CBC, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CBC, MBEDTLS_CIPHER_CAMELLIA_128_CBC, 0, MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA @@ -839,8 +839,8 @@ static const mbedtls_cipher_info_t camellia_192_cbc_info = { "CAMELLIA-192-CBC", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CBC, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CBC, MBEDTLS_CIPHER_CAMELLIA_192_CBC, 0, MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA @@ -850,8 +850,8 @@ static const mbedtls_cipher_info_t camellia_256_cbc_info = { "CAMELLIA-256-CBC", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CBC, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CBC, MBEDTLS_CIPHER_CAMELLIA_256_CBC, 0, MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA @@ -863,8 +863,8 @@ static const mbedtls_cipher_info_t camellia_128_cfb128_info = { "CAMELLIA-128-CFB128", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CFB, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CFB, MBEDTLS_CIPHER_CAMELLIA_128_CFB128, 0, MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA @@ -874,8 +874,8 @@ static const mbedtls_cipher_info_t camellia_192_cfb128_info = { "CAMELLIA-192-CFB128", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CFB, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CFB, MBEDTLS_CIPHER_CAMELLIA_192_CFB128, 0, MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA @@ -885,8 +885,8 @@ static const mbedtls_cipher_info_t camellia_256_cfb128_info = { "CAMELLIA-256-CFB128", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CFB, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CFB, MBEDTLS_CIPHER_CAMELLIA_256_CFB128, 0, MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA @@ -898,8 +898,8 @@ static const mbedtls_cipher_info_t camellia_128_ctr_info = { "CAMELLIA-128-CTR", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CTR, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CTR, MBEDTLS_CIPHER_CAMELLIA_128_CTR, 0, MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA @@ -909,8 +909,8 @@ static const mbedtls_cipher_info_t camellia_192_ctr_info = { "CAMELLIA-192-CTR", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CTR, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CTR, MBEDTLS_CIPHER_CAMELLIA_192_CTR, 0, MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA @@ -920,8 +920,8 @@ static const mbedtls_cipher_info_t camellia_256_ctr_info = { "CAMELLIA-256-CTR", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CTR, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CTR, MBEDTLS_CIPHER_CAMELLIA_256_CTR, 0, MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA @@ -967,8 +967,8 @@ static const mbedtls_cipher_info_t camellia_128_gcm_info = { "CAMELLIA-128-GCM", 16, 12 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_GCM, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_GCM, MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, MBEDTLS_CIPHER_BASE_INDEX_GCM_CAMELLIA @@ -978,8 +978,8 @@ static const mbedtls_cipher_info_t camellia_192_gcm_info = { "CAMELLIA-192-GCM", 16, 12 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_GCM, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_GCM, MBEDTLS_CIPHER_CAMELLIA_192_GCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, MBEDTLS_CIPHER_BASE_INDEX_GCM_CAMELLIA @@ -989,8 +989,8 @@ static const mbedtls_cipher_info_t camellia_256_gcm_info = { "CAMELLIA-256-GCM", 16, 12 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_GCM, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_GCM, MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, MBEDTLS_CIPHER_BASE_INDEX_GCM_CAMELLIA @@ -1036,8 +1036,8 @@ static const mbedtls_cipher_info_t camellia_128_ccm_info = { "CAMELLIA-128-CCM", 16, 12 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CCM, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM, MBEDTLS_CIPHER_CAMELLIA_128_CCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA @@ -1047,8 +1047,8 @@ static const mbedtls_cipher_info_t camellia_192_ccm_info = { "CAMELLIA-192-CCM", 16, 12 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CCM, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM, MBEDTLS_CIPHER_CAMELLIA_192_CCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA @@ -1058,8 +1058,8 @@ static const mbedtls_cipher_info_t camellia_256_ccm_info = { "CAMELLIA-256-CCM", 16, 12 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CCM, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM, MBEDTLS_CIPHER_CAMELLIA_256_CCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA @@ -1069,8 +1069,8 @@ static const mbedtls_cipher_info_t camellia_128_ccm_star_no_tag_info = { "CAMELLIA-128-CCM*-NO-TAG", 16, 12 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CCM_STAR_NO_TAG, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM_STAR_NO_TAG, MBEDTLS_CIPHER_CAMELLIA_128_CCM_STAR_NO_TAG, MBEDTLS_CIPHER_VARIABLE_IV_LEN, MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA @@ -1080,8 +1080,8 @@ static const mbedtls_cipher_info_t camellia_192_ccm_star_no_tag_info = { "CAMELLIA-192-CCM*-NO-TAG", 16, 12 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CCM_STAR_NO_TAG, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM_STAR_NO_TAG, MBEDTLS_CIPHER_CAMELLIA_192_CCM_STAR_NO_TAG, MBEDTLS_CIPHER_VARIABLE_IV_LEN, MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA @@ -1091,8 +1091,8 @@ static const mbedtls_cipher_info_t camellia_256_ccm_star_no_tag_info = { "CAMELLIA-256-CCM*-NO-TAG", 16, 12 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CCM_STAR_NO_TAG, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM_STAR_NO_TAG, MBEDTLS_CIPHER_CAMELLIA_256_CCM_STAR_NO_TAG, MBEDTLS_CIPHER_VARIABLE_IV_LEN, MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA @@ -1204,8 +1204,8 @@ static const mbedtls_cipher_info_t aria_128_ecb_info = { "ARIA-128-ECB", 16, 0 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_ECB, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_ECB, MBEDTLS_CIPHER_ARIA_128_ECB, 0, MBEDTLS_CIPHER_BASE_INDEX_ARIA @@ -1215,8 +1215,8 @@ static const mbedtls_cipher_info_t aria_192_ecb_info = { "ARIA-192-ECB", 16, 0 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_ECB, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_ECB, MBEDTLS_CIPHER_ARIA_192_ECB, 0, MBEDTLS_CIPHER_BASE_INDEX_ARIA @@ -1226,8 +1226,8 @@ static const mbedtls_cipher_info_t aria_256_ecb_info = { "ARIA-256-ECB", 16, 0 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_ECB, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_ECB, MBEDTLS_CIPHER_ARIA_256_ECB, 0, MBEDTLS_CIPHER_BASE_INDEX_ARIA @@ -1238,8 +1238,8 @@ static const mbedtls_cipher_info_t aria_128_cbc_info = { "ARIA-128-CBC", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CBC, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CBC, MBEDTLS_CIPHER_ARIA_128_CBC, 0, MBEDTLS_CIPHER_BASE_INDEX_ARIA @@ -1249,8 +1249,8 @@ static const mbedtls_cipher_info_t aria_192_cbc_info = { "ARIA-192-CBC", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CBC, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CBC, MBEDTLS_CIPHER_ARIA_192_CBC, 0, MBEDTLS_CIPHER_BASE_INDEX_ARIA @@ -1260,8 +1260,8 @@ static const mbedtls_cipher_info_t aria_256_cbc_info = { "ARIA-256-CBC", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CBC, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CBC, MBEDTLS_CIPHER_ARIA_256_CBC, 0, MBEDTLS_CIPHER_BASE_INDEX_ARIA @@ -1273,8 +1273,8 @@ static const mbedtls_cipher_info_t aria_128_cfb128_info = { "ARIA-128-CFB128", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CFB, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CFB, MBEDTLS_CIPHER_ARIA_128_CFB128, 0, MBEDTLS_CIPHER_BASE_INDEX_ARIA @@ -1284,8 +1284,8 @@ static const mbedtls_cipher_info_t aria_192_cfb128_info = { "ARIA-192-CFB128", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CFB, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CFB, MBEDTLS_CIPHER_ARIA_192_CFB128, 0, MBEDTLS_CIPHER_BASE_INDEX_ARIA @@ -1295,8 +1295,8 @@ static const mbedtls_cipher_info_t aria_256_cfb128_info = { "ARIA-256-CFB128", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CFB, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CFB, MBEDTLS_CIPHER_ARIA_256_CFB128, 0, MBEDTLS_CIPHER_BASE_INDEX_ARIA @@ -1308,8 +1308,8 @@ static const mbedtls_cipher_info_t aria_128_ctr_info = { "ARIA-128-CTR", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CTR, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CTR, MBEDTLS_CIPHER_ARIA_128_CTR, 0, MBEDTLS_CIPHER_BASE_INDEX_ARIA @@ -1319,8 +1319,8 @@ static const mbedtls_cipher_info_t aria_192_ctr_info = { "ARIA-192-CTR", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CTR, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CTR, MBEDTLS_CIPHER_ARIA_192_CTR, 0, MBEDTLS_CIPHER_BASE_INDEX_ARIA @@ -1330,8 +1330,8 @@ static const mbedtls_cipher_info_t aria_256_ctr_info = { "ARIA-256-CTR", 16, 16 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CTR, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CTR, MBEDTLS_CIPHER_ARIA_256_CTR, 0, MBEDTLS_CIPHER_BASE_INDEX_ARIA @@ -1377,8 +1377,8 @@ static const mbedtls_cipher_info_t aria_128_gcm_info = { "ARIA-128-GCM", 16, 12 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_GCM, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_GCM, MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, MBEDTLS_CIPHER_BASE_INDEX_GCM_ARIA @@ -1388,8 +1388,8 @@ static const mbedtls_cipher_info_t aria_192_gcm_info = { "ARIA-192-GCM", 16, 12 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_GCM, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_GCM, MBEDTLS_CIPHER_ARIA_192_GCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, MBEDTLS_CIPHER_BASE_INDEX_GCM_ARIA @@ -1399,8 +1399,8 @@ static const mbedtls_cipher_info_t aria_256_gcm_info = { "ARIA-256-GCM", 16, 12 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_GCM, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_GCM, MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, MBEDTLS_CIPHER_BASE_INDEX_GCM_ARIA @@ -1446,8 +1446,8 @@ static const mbedtls_cipher_info_t aria_128_ccm_info = { "ARIA-128-CCM", 16, 12 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CCM, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM, MBEDTLS_CIPHER_ARIA_128_CCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA @@ -1457,8 +1457,8 @@ static const mbedtls_cipher_info_t aria_192_ccm_info = { "ARIA-192-CCM", 16, 12 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CCM, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM, MBEDTLS_CIPHER_ARIA_192_CCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA @@ -1468,8 +1468,8 @@ static const mbedtls_cipher_info_t aria_256_ccm_info = { "ARIA-256-CCM", 16, 12 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CCM, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM, MBEDTLS_CIPHER_ARIA_256_CCM, MBEDTLS_CIPHER_VARIABLE_IV_LEN, MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA @@ -1479,8 +1479,8 @@ static const mbedtls_cipher_info_t aria_128_ccm_star_no_tag_info = { "ARIA-128-CCM*-NO-TAG", 16, 12 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CCM_STAR_NO_TAG, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM_STAR_NO_TAG, MBEDTLS_CIPHER_ARIA_128_CCM_STAR_NO_TAG, MBEDTLS_CIPHER_VARIABLE_IV_LEN, MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA @@ -1490,8 +1490,8 @@ static const mbedtls_cipher_info_t aria_192_ccm_star_no_tag_info = { "ARIA-192-CCM*-NO-TAG", 16, 12 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CCM_STAR_NO_TAG, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM_STAR_NO_TAG, MBEDTLS_CIPHER_ARIA_192_CCM_STAR_NO_TAG, MBEDTLS_CIPHER_VARIABLE_IV_LEN, MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA @@ -1501,8 +1501,8 @@ static const mbedtls_cipher_info_t aria_256_ccm_star_no_tag_info = { "ARIA-256-CCM*-NO-TAG", 16, 12 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CCM_STAR_NO_TAG, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM_STAR_NO_TAG, MBEDTLS_CIPHER_ARIA_256_CCM_STAR_NO_TAG, MBEDTLS_CIPHER_VARIABLE_IV_LEN, MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA @@ -1663,8 +1663,8 @@ static const mbedtls_cipher_info_t des_ecb_info = { "DES-ECB", 8, 0 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_ECB, MBEDTLS_KEY_LENGTH_DES >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_ECB, MBEDTLS_CIPHER_DES_ECB, 0, MBEDTLS_CIPHER_BASE_INDEX_DES @@ -1675,8 +1675,8 @@ static const mbedtls_cipher_info_t des_cbc_info = { "DES-CBC", 8, 8 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CBC, MBEDTLS_KEY_LENGTH_DES >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CBC, MBEDTLS_CIPHER_DES_CBC, 0, MBEDTLS_CIPHER_BASE_INDEX_DES @@ -1714,8 +1714,8 @@ static const mbedtls_cipher_info_t des_ede_ecb_info = { "DES-EDE-ECB", 8, 0 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_ECB, MBEDTLS_KEY_LENGTH_DES_EDE >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_ECB, MBEDTLS_CIPHER_DES_EDE_ECB, 0, MBEDTLS_CIPHER_BASE_INDEX_DES_EDE @@ -1726,8 +1726,8 @@ static const mbedtls_cipher_info_t des_ede_cbc_info = { "DES-EDE-CBC", 8, 8 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CBC, MBEDTLS_KEY_LENGTH_DES_EDE >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CBC, MBEDTLS_CIPHER_DES_EDE_CBC, 0, MBEDTLS_CIPHER_BASE_INDEX_DES_EDE @@ -1765,8 +1765,8 @@ static const mbedtls_cipher_info_t des_ede3_ecb_info = { "DES-EDE3-ECB", 8, 0 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_ECB, MBEDTLS_KEY_LENGTH_DES_EDE3 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_ECB, MBEDTLS_CIPHER_DES_EDE3_ECB, 0, MBEDTLS_CIPHER_BASE_INDEX_DES_EDE3 @@ -1776,8 +1776,8 @@ static const mbedtls_cipher_info_t des_ede3_cbc_info = { "DES-EDE3-CBC", 8, 8 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CBC, MBEDTLS_KEY_LENGTH_DES_EDE3 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CBC, MBEDTLS_CIPHER_DES_EDE3_CBC, 0, MBEDTLS_CIPHER_BASE_INDEX_DES_EDE3 @@ -1865,8 +1865,8 @@ static const mbedtls_cipher_info_t chacha20_info = { "CHACHA20", 1, 12 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_STREAM, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_STREAM, MBEDTLS_CIPHER_CHACHA20, 0, MBEDTLS_CIPHER_BASE_INDEX_CHACHA20_BASE @@ -1940,8 +1940,8 @@ static const mbedtls_cipher_info_t chachapoly_info = { "CHACHA20-POLY1305", 1, 12 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_CHACHAPOLY, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CHACHAPOLY, MBEDTLS_CIPHER_CHACHA20_POLY1305, 0, MBEDTLS_CIPHER_BASE_INDEX_CHACHAPOLY_BASE @@ -2009,8 +2009,8 @@ static const mbedtls_cipher_info_t null_cipher_info = { "NULL", 1, 0 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_STREAM, 0 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_STREAM, MBEDTLS_CIPHER_NULL, 0, MBEDTLS_CIPHER_BASE_INDEX_NULL_BASE @@ -2080,8 +2080,8 @@ static const mbedtls_cipher_info_t aes_128_nist_kw_info = { "AES-128-KW", 16, 0 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_KW, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_KW, MBEDTLS_CIPHER_AES_128_KW, 0, MBEDTLS_CIPHER_BASE_INDEX_KW_AES @@ -2091,8 +2091,8 @@ static const mbedtls_cipher_info_t aes_192_nist_kw_info = { "AES-192-KW", 16, 0 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_KW, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_KW, MBEDTLS_CIPHER_AES_192_KW, 0, MBEDTLS_CIPHER_BASE_INDEX_KW_AES @@ -2102,8 +2102,8 @@ static const mbedtls_cipher_info_t aes_256_nist_kw_info = { "AES-256-KW", 16, 0 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_KW, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_KW, MBEDTLS_CIPHER_AES_256_KW, 0, MBEDTLS_CIPHER_BASE_INDEX_KW_AES @@ -2113,8 +2113,8 @@ static const mbedtls_cipher_info_t aes_128_nist_kwp_info = { "AES-128-KWP", 16, 0 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_KWP, 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_KWP, MBEDTLS_CIPHER_AES_128_KWP, 0, MBEDTLS_CIPHER_BASE_INDEX_KW_AES @@ -2124,8 +2124,8 @@ static const mbedtls_cipher_info_t aes_192_nist_kwp_info = { "AES-192-KWP", 16, 0 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_KWP, 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_KWP, MBEDTLS_CIPHER_AES_192_KWP, 0, MBEDTLS_CIPHER_BASE_INDEX_KW_AES @@ -2135,8 +2135,8 @@ static const mbedtls_cipher_info_t aes_256_nist_kwp_info = { "AES-256-KWP", 16, 0 >> MBEDTLS_IV_SIZE_SHIFT, - MBEDTLS_MODE_KWP, 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_KWP, MBEDTLS_CIPHER_AES_256_KWP, 0, MBEDTLS_CIPHER_BASE_INDEX_KW_AES From 4f8d2efec971d16a09db63c533fd451e82dc336e Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sat, 24 Jun 2023 18:40:29 +0100 Subject: [PATCH 20/23] Improve docs Signed-off-by: Dave Rodgman --- include/mbedtls/cipher.h | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index c1d7111ce6..a742b1a0f5 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -270,6 +270,10 @@ typedef struct mbedtls_cmac_context_t mbedtls_cmac_context_t; * mbedtls_cipher_info_from_type(), * mbedtls_cipher_info_from_values(), * mbedtls_cipher_info_from_psa(). + * + * \note Some fields store a value that has been right-shifted to save + * code-size, so should not be used directly. The accessor + * functions adjust for this and return the "natural" value. */ typedef struct mbedtls_cipher_info_t { /** Name of the cipher. */ @@ -278,14 +282,14 @@ typedef struct mbedtls_cipher_info_t { /** The block size, in bytes. */ unsigned int MBEDTLS_PRIVATE(block_size) : 5; - /** IV or nonce size, in Bytes. + /** IV or nonce size, in bytes (right shifted by 2). * For ciphers that accept variable IV sizes, * this is the recommended size. */ unsigned int MBEDTLS_PRIVATE(iv_size) : 3; - /** The cipher key length, in bits. This is the - * default length for variable sized ciphers. + /** The cipher key length, in bits (right shifted by 6). + * This is the default length for variable sized ciphers. * Includes parity bits for ciphers like DES. */ unsigned int MBEDTLS_PRIVATE(key_bitlen) : 4; @@ -297,8 +301,11 @@ typedef struct mbedtls_cipher_info_t { /** Full cipher identifier (as per mbedtls_cipher_type_t). * For example, MBEDTLS_CIPHER_AES_256_CBC. + * + * This could be 7 bits, but 8 bits retains byte alignment for the + * next field, which reduces code size to access that field. */ - unsigned int MBEDTLS_PRIVATE(type) : 8; // only need 7 bits, but it retains byte alignment + unsigned int MBEDTLS_PRIVATE(type) : 8; /** Bitflag comprised of MBEDTLS_CIPHER_VARIABLE_IV_LEN and * MBEDTLS_CIPHER_VARIABLE_KEY_LEN indicating whether the From 25d77cb9a7f4b3a414826bceb22bc82fd8245cd5 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sat, 24 Jun 2023 22:58:51 +0100 Subject: [PATCH 21/23] Drop not-used items from the base look-up table Signed-off-by: Dave Rodgman --- library/cipher_wrap.c | 138 +++++++++++++++++++++--------------------- 1 file changed, 70 insertions(+), 68 deletions(-) diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index 7987518655..da4e739c87 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -70,23 +70,59 @@ #include "mbedtls/platform.h" -#define MBEDTLS_CIPHER_BASE_INDEX_AES 0 -#define MBEDTLS_CIPHER_BASE_INDEX_ARIA 1 -#define MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA 2 -#define MBEDTLS_CIPHER_BASE_INDEX_CCM_AES 3 -#define MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA 4 -#define MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA 5 -#define MBEDTLS_CIPHER_BASE_INDEX_CHACHA20_BASE 6 -#define MBEDTLS_CIPHER_BASE_INDEX_CHACHAPOLY_BASE 7 -#define MBEDTLS_CIPHER_BASE_INDEX_DES_EDE3 8 -#define MBEDTLS_CIPHER_BASE_INDEX_DES_EDE 9 -#define MBEDTLS_CIPHER_BASE_INDEX_DES 10 -#define MBEDTLS_CIPHER_BASE_INDEX_GCM_AES 11 -#define MBEDTLS_CIPHER_BASE_INDEX_GCM_ARIA 12 -#define MBEDTLS_CIPHER_BASE_INDEX_GCM_CAMELLIA 13 -#define MBEDTLS_CIPHER_BASE_INDEX_KW_AES 14 -#define MBEDTLS_CIPHER_BASE_INDEX_NULL_BASE 15 -#define MBEDTLS_CIPHER_BASE_INDEX_XTS_AES 16 +enum mbedtls_cipher_base_index { +#if defined(MBEDTLS_AES_C) + MBEDTLS_CIPHER_BASE_INDEX_AES, +#endif +#if defined(MBEDTLS_ARIA_C) + MBEDTLS_CIPHER_BASE_INDEX_ARIA, +#endif +#if defined(MBEDTLS_CAMELLIA_C) + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, +#endif +#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C) + MBEDTLS_CIPHER_BASE_INDEX_CCM_AES, +#endif +#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_ARIA_C) + MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA, +#endif +#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_CAMELLIA_C) + MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA, +#endif +#if defined(MBEDTLS_CHACHA20_C) + MBEDTLS_CIPHER_BASE_INDEX_CHACHA20_BASE, +#endif +#if defined(MBEDTLS_CHACHAPOLY_C) + MBEDTLS_CIPHER_BASE_INDEX_CHACHAPOLY_BASE, +#endif +#if defined(MBEDTLS_DES_C) + MBEDTLS_CIPHER_BASE_INDEX_DES_EDE3, +#endif +#if defined(MBEDTLS_DES_C) + MBEDTLS_CIPHER_BASE_INDEX_DES_EDE, +#endif +#if defined(MBEDTLS_DES_C) + MBEDTLS_CIPHER_BASE_INDEX_DES, +#endif +#if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C) + MBEDTLS_CIPHER_BASE_INDEX_GCM_AES, +#endif +#if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_ARIA_C) + MBEDTLS_CIPHER_BASE_INDEX_GCM_ARIA, +#endif +#if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_CAMELLIA_C) + MBEDTLS_CIPHER_BASE_INDEX_GCM_CAMELLIA, +#endif +#if defined(MBEDTLS_NIST_KW_C) + MBEDTLS_CIPHER_BASE_INDEX_KW_AES, +#endif +#if defined(MBEDTLS_CIPHER_NULL_CIPHER) + MBEDTLS_CIPHER_BASE_INDEX_NULL_BASE, +#endif +#if defined(MBEDTLS_CIPHER_MODE_XTS) && defined(MBEDTLS_AES_C) + MBEDTLS_CIPHER_BASE_INDEX_XTS_AES +#endif +}; #if defined(MBEDTLS_GCM_C) /* shared by all GCM ciphers */ @@ -2297,89 +2333,55 @@ int mbedtls_cipher_supported[NUM_CIPHERS]; const mbedtls_cipher_base_t *mbedtls_cipher_base_lookup_table[] = { #if defined(MBEDTLS_AES_C) - &aes_info, -#else - NULL, + [MBEDTLS_CIPHER_BASE_INDEX_AES] = &aes_info, #endif #if defined(MBEDTLS_ARIA_C) - &aria_info, -#else - NULL, + [MBEDTLS_CIPHER_BASE_INDEX_ARIA] = &aria_info, #endif #if defined(MBEDTLS_CAMELLIA_C) - &camellia_info, -#else - NULL, + [MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA] = &camellia_info, #endif #if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C) - &ccm_aes_info, -#else - NULL, + [MBEDTLS_CIPHER_BASE_INDEX_CCM_AES] = &ccm_aes_info, #endif #if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_ARIA_C) - &ccm_aria_info, -#else - NULL, + [MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA] = &ccm_aria_info, #endif #if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_CAMELLIA_C) - &ccm_camellia_info, -#else - NULL, + [MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA] = &ccm_camellia_info, #endif #if defined(MBEDTLS_CHACHA20_C) - &chacha20_base_info, -#else - NULL, + [MBEDTLS_CIPHER_BASE_INDEX_CHACHA20_BASE] = &chacha20_base_info, #endif #if defined(MBEDTLS_CHACHAPOLY_C) - &chachapoly_base_info, -#else - NULL, + [MBEDTLS_CIPHER_BASE_INDEX_CHACHAPOLY_BASE] = &chachapoly_base_info, #endif #if defined(MBEDTLS_DES_C) - &des_ede3_info, -#else - NULL, + [MBEDTLS_CIPHER_BASE_INDEX_DES_EDE3] = &des_ede3_info, #endif #if defined(MBEDTLS_DES_C) - &des_ede_info, -#else - NULL, + [MBEDTLS_CIPHER_BASE_INDEX_DES_EDE] = &des_ede_info, #endif #if defined(MBEDTLS_DES_C) - &des_info, -#else - NULL, + [MBEDTLS_CIPHER_BASE_INDEX_DES] = &des_info, #endif #if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C) - &gcm_aes_info, -#else - NULL, + [MBEDTLS_CIPHER_BASE_INDEX_GCM_AES] = &gcm_aes_info, #endif #if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_ARIA_C) - &gcm_aria_info, -#else - NULL, + [MBEDTLS_CIPHER_BASE_INDEX_GCM_ARIA] = &gcm_aria_info, #endif #if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_CAMELLIA_C) - &gcm_camellia_info, -#else - NULL, + [MBEDTLS_CIPHER_BASE_INDEX_GCM_CAMELLIA] = &gcm_camellia_info, #endif #if defined(MBEDTLS_NIST_KW_C) - &kw_aes_info, -#else - NULL, + [MBEDTLS_CIPHER_BASE_INDEX_KW_AES] = &kw_aes_info, #endif #if defined(MBEDTLS_CIPHER_NULL_CIPHER) - &null_base_info, -#else - NULL, + [MBEDTLS_CIPHER_BASE_INDEX_NULL_BASE] = &null_base_info, #endif #if defined(MBEDTLS_CIPHER_MODE_XTS) && defined(MBEDTLS_AES_C) - &xts_aes_info, -#else - NULL, + [MBEDTLS_CIPHER_BASE_INDEX_XTS_AES] = &xts_aes_info #endif }; From ff4c2db489413657e6334b4d175f3f2342f950b2 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 5 Jul 2023 12:10:48 +0100 Subject: [PATCH 22/23] Improve comments Signed-off-by: Dave Rodgman --- include/mbedtls/cipher.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index a742b1a0f5..006b0b1e33 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -282,13 +282,13 @@ typedef struct mbedtls_cipher_info_t { /** The block size, in bytes. */ unsigned int MBEDTLS_PRIVATE(block_size) : 5; - /** IV or nonce size, in bytes (right shifted by 2). + /** IV or nonce size, in bytes (right shifted by MBEDTLS_IV_SIZE_SHIFT). * For ciphers that accept variable IV sizes, * this is the recommended size. */ unsigned int MBEDTLS_PRIVATE(iv_size) : 3; - /** The cipher key length, in bits (right shifted by 6). + /** The cipher key length, in bits (right shifted by MBEDTLS_KEY_BITLEN_SHIFT). * This is the default length for variable sized ciphers. * Includes parity bits for ciphers like DES. */ From 761d0dcfbfa3045797b570e505e36bedee965285 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 5 Jul 2023 12:33:53 +0100 Subject: [PATCH 23/23] Improve doxygen formatting Signed-off-by: Dave Rodgman --- include/mbedtls/cipher.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 006b0b1e33..de3de8a798 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -282,13 +282,13 @@ typedef struct mbedtls_cipher_info_t { /** The block size, in bytes. */ unsigned int MBEDTLS_PRIVATE(block_size) : 5; - /** IV or nonce size, in bytes (right shifted by MBEDTLS_IV_SIZE_SHIFT). + /** IV or nonce size, in bytes (right shifted by #MBEDTLS_IV_SIZE_SHIFT). * For ciphers that accept variable IV sizes, * this is the recommended size. */ unsigned int MBEDTLS_PRIVATE(iv_size) : 3; - /** The cipher key length, in bits (right shifted by MBEDTLS_KEY_BITLEN_SHIFT). + /** The cipher key length, in bits (right shifted by #MBEDTLS_KEY_BITLEN_SHIFT). * This is the default length for variable sized ciphers. * Includes parity bits for ciphers like DES. */