hostlib/hostLib/tstUtil/tstHostCrypto_mbedtls_aes.c - a71ch-crypto-support - Git at Google

 /**
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Hardware crypto support Copyright 2017 Espressif Systems (Shanghai) PTE LTD
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */


 /*******************************************************************
 * project specific include files
 *******************************************************************/

 #ifndef MBEDTLS
 #   define MBEDTLS
 #endif

 #include "tst_sm_util.h"
 #include "string.h"
 #include "mbedtls/ctr_drbg.h"


 /**
  * fast_aes_wrap - Wrap keys with AES Key Wrap Algorithm (128-bit KEK) (RFC3394)
  * @kek: 16-octet Key encryption key (KEK)
  * @n: Length of the plaintext key in 64-bit units; e.g., 2 = 128-bit = 16
  * bytes
  * @plain: Plaintext key to be wrapped, n * 64 bits
  * @cipher: Wrapped key, (n + 1) * 64 bits
  * Returns: 0 on success, -1 on failure
  */
 int fast_aes_wrap(const uint8_t *kek, int n, const uint8_t *plain, uint8_t *cipher)
 {
     uint8_t *a, *r, b[16];
     int32_t i, j;
     int32_t ret = 0;
     mbedtls_aes_context ctx;

     a = cipher;
     r = cipher + 8;

     /* 1) Initialize variables. */
     memset(a, 0xa6, 8);
     memcpy(r, plain, 8 * n);

     mbedtls_aes_init(&ctx);
     ret = mbedtls_aes_setkey_enc(&ctx, kek, 128);
     /*TODO check return code */
     if (ret != 0) {
         mbedtls_aes_free(&ctx);
         return ret;
     }

     /* 2) Calculate intermediate values.
      * For j = 0 to 5
      *     For i=1 to n
      *         B = AES(K, A | R[i])
      *         A = MSB(64, B) ^ t where t = (n*j)+i
      *         R[i] = LSB(64, B)
      */
     for (j = 0; j <= 5; j++) {
     r = cipher + 8;
     for (i = 1; i <= n; i++) {
             memcpy(b, a, 8);
             memcpy(b + 8, r, 8);
             mbedtls_aes_encrypt(&ctx, b, b);
             memcpy(a, b, 8);
             a[7] ^= n * j + i;
             memcpy(r, b + 8, 8);
             r += 8;
     }
     }
     mbedtls_aes_free(&ctx);

     /* 3) Output the results.
      *
      * These are already in @cipher due to the location of temporary
      * variables.
      */

     return SW_OK;
 }
	/**
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Hardware crypto support Copyright 2017 Espressif Systems (Shanghai) PTE LTD
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/


	/*******************************************************************
	* project specific include files
	*******************************************************************/

	#ifndef MBEDTLS
	# define MBEDTLS
	#endif

	#include "tst_sm_util.h"
	#include "string.h"
	#include "mbedtls/ctr_drbg.h"


	/**
	* fast_aes_wrap - Wrap keys with AES Key Wrap Algorithm (128-bit KEK) (RFC3394)
	* @kek: 16-octet Key encryption key (KEK)
	* @n: Length of the plaintext key in 64-bit units; e.g., 2 = 128-bit = 16
	* bytes
	* @plain: Plaintext key to be wrapped, n * 64 bits
	* @cipher: Wrapped key, (n + 1) * 64 bits
	* Returns: 0 on success, -1 on failure
	*/
	int fast_aes_wrap(const uint8_t kek, int n, const uint8_t plain, uint8_t *cipher)
	{
	uint8_t a, r, b[16];
	int32_t i, j;
	int32_t ret = 0;
	mbedtls_aes_context ctx;

	a = cipher;
	r = cipher + 8;

	/* 1) Initialize variables. */
	memset(a, 0xa6, 8);
	memcpy(r, plain, 8 * n);

	mbedtls_aes_init(&ctx);
	ret = mbedtls_aes_setkey_enc(&ctx, kek, 128);
	/TODO check return code /
	if (ret != 0) {
	mbedtls_aes_free(&ctx);
	return ret;
	}

	/* 2) Calculate intermediate values.
	* For j = 0 to 5
	* For i=1 to n
	* B = AES(K, A \| R[i])
	* A = MSB(64, B) ^ t where t = (n*j)+i
	* R[i] = LSB(64, B)
	*/
	for (j = 0; j <= 5; j++) {
	r = cipher + 8;
	for (i = 1; i <= n; i++) {
	memcpy(b, a, 8);
	memcpy(b + 8, r, 8);
	mbedtls_aes_encrypt(&ctx, b, b);
	memcpy(a, b, 8);
	a[7] ^= n * j + i;
	memcpy(r, b + 8, 8);
	r += 8;
	}
	}
	mbedtls_aes_free(&ctx);

	/* 3) Output the results.
	*
	* These are already in @cipher due to the location of temporary
	* variables.
	*/

	return SW_OK;
	}