AES: add config option for 128-bit keys
Add configuration options to support only 128-bit key lengths in AES
calculation.
diff --git a/configs/baremetal.h b/configs/baremetal.h
index 64d9e04..8e735c6 100644
--- a/configs/baremetal.h
+++ b/configs/baremetal.h
@@ -39,6 +39,7 @@
#define MBEDTLS_AES_C
#define MBEDTLS_AES_ROM_TABLES
#define MBEDTLS_AES_FEWER_TABLES
+#define MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
#define MBEDTLS_CCM_C
/* Asymmetric crypto: Single-curve ECC only. */
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 1a057a4..a2f1875 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -3863,6 +3863,25 @@
/* \} SECTION: Compile-time SSL configuration */
+/**
+ * \def MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+ *
+ * Use only 128-bit keys in AES operations.
+ *
+ * Uncommenting this macro removes support for AES operations that are using 192
+ * or 256-bit keys.
+ *
+ * Tradeoff: Uncommenting this macro reduces ROM footprint by ~200 bytes.
+ *
+ * If uncommented, uncomment also MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
+ *
+ * Module: library/aes.c
+ *
+ * Requires: MBEDTLS_AES_C
+ *
+ */
+//#define MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+
/* Target and application specific configurations
*
* Allow user to override any previous default.
diff --git a/library/aes.c b/library/aes.c
index 247bbde..2672cdf 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -565,8 +565,10 @@
switch( keybits )
{
case 128: ctx->nr = 10; break;
+#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH)
case 192: ctx->nr = 12; break;
case 256: ctx->nr = 14; break;
+#endif /* !MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */
default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH );
}
@@ -615,7 +617,7 @@
RK[7] = RK[3] ^ RK[6];
}
break;
-
+#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH)
case 12:
for( i = 0; i < 8; i++, RK += 6 )
@@ -659,6 +661,7 @@
RK[15] = RK[7] ^ RK[14];
}
break;
+#endif /* !MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */
}
return( 0 );
@@ -1825,6 +1828,14 @@
mbedtls_printf( " AES-ECB-%3d (%s): ", keybits,
( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
+#if defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH)
+ if( keybits > 128 )
+ {
+ mbedtls_printf( "skipped\n" );
+ continue;
+ }
+#endif
+
mbedtls_platform_memset( buf, 0, 16 );
if( mode == MBEDTLS_AES_DECRYPT )
@@ -1887,6 +1898,14 @@
mbedtls_printf( " AES-CBC-%3d (%s): ", keybits,
( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
+#if defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH)
+ if( keybits > 128 )
+ {
+ mbedtls_printf( "skipped\n" );
+ continue;
+ }
+#endif
+
mbedtls_platform_memset( iv , 0, 16 );
mbedtls_platform_memset( prv, 0, 16 );
mbedtls_platform_memset( buf, 0, 16 );
@@ -1962,6 +1981,14 @@
mbedtls_printf( " AES-CFB128-%3d (%s): ", keybits,
( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
+#if defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH)
+ if( keybits > 128 )
+ {
+ mbedtls_printf( "skipped\n" );
+ continue;
+ }
+#endif
+
memcpy( iv, aes_test_cfb128_iv, 16 );
memcpy( key, aes_test_cfb128_key[u], keybits / 8 );
@@ -2025,6 +2052,13 @@
mbedtls_printf( " AES-OFB-%3d (%s): ", keybits,
( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
+#if defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH)
+ if( keybits > 128 )
+ {
+ mbedtls_printf( "skipped\n" );
+ continue;
+ }
+#endif
memcpy( iv, aes_test_ofb_iv, 16 );
memcpy( key, aes_test_ofb_key[u], keybits / 8 );
@@ -2087,6 +2121,14 @@
mbedtls_printf( " AES-CTR-128 (%s): ",
( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
+#if defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH)
+ if( keybits > 128 )
+ {
+ mbedtls_printf( "skipped\n" );
+ continue;
+ }
+#endif
+
memcpy( nonce_counter, aes_test_ctr_nonce_counter[u], 16 );
memcpy( key, aes_test_ctr_key[u], 16 );
diff --git a/library/aesni.c b/library/aesni.c
index 062708b..c5873fc 100644
--- a/library/aesni.c
+++ b/library/aesni.c
@@ -327,6 +327,7 @@
/*
* Key expansion, 192-bit case
*/
+#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH)
static void aesni_setkey_enc_192( unsigned char *rk,
const unsigned char *key )
{
@@ -380,10 +381,12 @@
: "r" (rk), "r" (key)
: "memory", "cc", "0" );
}
+#endif /* !MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */
/*
* Key expansion, 256-bit case
*/
+#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH)
static void aesni_setkey_enc_256( unsigned char *rk,
const unsigned char *key )
{
@@ -446,6 +449,7 @@
: "r" (rk), "r" (key)
: "memory", "cc", "0" );
}
+#endif /* !MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */
/*
* Key expansion, wrapper
@@ -457,8 +461,10 @@
switch( bits )
{
case 128: aesni_setkey_enc_128( rk, key ); break;
+#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH)
case 192: aesni_setkey_enc_192( rk, key ); break;
case 256: aesni_setkey_enc_256( rk, key ); break;
+#endif /* !MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */
default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH );
}
diff --git a/library/gcm.c b/library/gcm.c
index c3a44c2..f30e3df 100644
--- a/library/gcm.c
+++ b/library/gcm.c
@@ -797,6 +797,14 @@
mbedtls_printf( " AES-GCM-%3d #%d (%s): ",
key_len, i, "enc" );
+#if defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH)
+ if( key_len > 128 )
+ {
+ mbedtls_printf( "skipped\n" );
+ continue;
+ }
+#endif /* MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */
+
ret = mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]],
key_len );
/*
diff --git a/programs/ssl/query_config.c b/programs/ssl/query_config.c
index 0c26921..379e016 100644
--- a/programs/ssl/query_config.c
+++ b/programs/ssl/query_config.c
@@ -2930,6 +2930,14 @@
}
#endif /* MBEDTLS_PK_SINGLE_TYPE */
+#if defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH)
+ if( strcmp( "MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH );
+ return( 0 );
+ }
+#endif /* MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */
+
/* If the symbol is not found, return an error */
return( 1 );
}