TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 77b9cfcea92934dc2f48e9747c0a3b60f7d703bf^! / . / library / aes.c
commit77b9cfcea92934dc2f48e9747c0a3b60f7d703bf[log] [tgz]
authorArto Kinnunen <arto.kinnunen@arm.com>Fri Aug 30 11:43:21 2019 +0300
committerArto Kinnunen <arto.kinnunen@arm.com>Thu Oct 24 09:49:23 2019 +0300
tree128eaf203909671a3482ebbe1970d0019b96f231
parente2bf54d3d11b6282179eb4f082f16a63ca2da3e2 [diff] [blame]
AES: add config option for 128-bit keys

Add configuration options to support only 128-bit key lengths in AES
calculation.

diff --git a/library/aes.c b/library/aes.c
index 247bbde..2672cdf 100644
--- a/library/aes.c
+++ b/library/aes.c

@@ -565,8 +565,10 @@
     switch( keybits )
     {
         case 128: ctx->nr = 10; break;
+#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH)
         case 192: ctx->nr = 12; break;
         case 256: ctx->nr = 14; break;
+#endif /* !MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */
         default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH );
     }
 
@@ -615,7 +617,7 @@
                 RK[7]  = RK[3] ^ RK[6];
             }
             break;
-
+#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH)
         case 12:
 
             for( i = 0; i < 8; i++, RK += 6 )
@@ -659,6 +661,7 @@
                 RK[15] = RK[7] ^ RK[14];
             }
             break;
+#endif /* !MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */
     }
 
     return( 0 );
@@ -1825,6 +1828,14 @@
             mbedtls_printf( "  AES-ECB-%3d (%s): ", keybits,
                             ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
 
+#if defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH)
+        if( keybits > 128 )
+        {
+            mbedtls_printf( "skipped\n" );
+            continue;
+        }
+#endif
+
         mbedtls_platform_memset( buf, 0, 16 );
 
         if( mode == MBEDTLS_AES_DECRYPT )
@@ -1887,6 +1898,14 @@
             mbedtls_printf( "  AES-CBC-%3d (%s): ", keybits,
                             ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
 
+#if defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH)
+        if( keybits > 128 )
+        {
+            mbedtls_printf( "skipped\n" );
+            continue;
+        }
+#endif
+
         mbedtls_platform_memset( iv , 0, 16 );
         mbedtls_platform_memset( prv, 0, 16 );
         mbedtls_platform_memset( buf, 0, 16 );
@@ -1962,6 +1981,14 @@
             mbedtls_printf( "  AES-CFB128-%3d (%s): ", keybits,
                             ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
 
+#if defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH)
+        if( keybits > 128 )
+        {
+            mbedtls_printf( "skipped\n" );
+            continue;
+        }
+#endif
+
         memcpy( iv,  aes_test_cfb128_iv, 16 );
         memcpy( key, aes_test_cfb128_key[u], keybits / 8 );
 
@@ -2025,6 +2052,13 @@
             mbedtls_printf( "  AES-OFB-%3d (%s): ", keybits,
                             ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
 
+#if defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH)
+        if( keybits > 128 )
+        {
+            mbedtls_printf( "skipped\n" );
+            continue;
+        }
+#endif
         memcpy( iv,  aes_test_ofb_iv, 16 );
         memcpy( key, aes_test_ofb_key[u], keybits / 8 );
 
@@ -2087,6 +2121,14 @@
             mbedtls_printf( "  AES-CTR-128 (%s): ",
                             ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
 
+#if defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH)
+        if( keybits > 128 )
+        {
+            mbedtls_printf( "skipped\n" );
+            continue;
+        }
+#endif
+
         memcpy( nonce_counter, aes_test_ctr_nonce_counter[u], 16 );
         memcpy( key, aes_test_ctr_key[u], 16 );