aes: validate keys using crc before encryption/decryption CRC is calculated when the key is set. This commit also adds new tests for ecb encryption and decryption, simulating a fault injection after the key is set. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>

commit: fba59211869f562d5b27110815bf9007d4fda87a [log] [tgz]
author: Andrzej Kurek <andrzej.kurek@arm.com> Fri Aug 07 21:02:25 2020 -0400
committer: Andrzej Kurek <andrzej.kurek@arm.com> Sat Aug 08 19:06:44 2020 -0400
tree: 8a5eef1c00384d7ba5d0a6d1a7136a45e6f06139
parent: 9df2b416b908b7ce206386a04980ac9f6c66b57c [diff] [blame]
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 7239557..974bf7b 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h

@@ -986,6 +986,10 @@
 #error "MBEDTLS_HAVE_INT32/MBEDTLS_HAVE_INT64 and MBEDTLS_HAVE_ASM cannot be defined simultaneously"
 #endif /* (MBEDTLS_HAVE_INT32 || MBEDTLS_HAVE_INT64) && MBEDTLS_HAVE_ASM */
 
+#if defined(MBEDTLS_VALIDATE_AES_KEYS_INTEGRITY) && ( !defined(MBEDTLS_CRC_C) )
+#error "MBEDTLS_VALIDATE_AES_KEYS_INTEGRITY defined, but not MBEDTLS_CRC_C"
+#endif
+
 /*
  * Avoid warning from -pedantic. This is a convenient place for this
  * workaround since this is included by every single file before the
commit	fba59211869f562d5b27110815bf9007d4fda87a	[log] [tgz]
author	Andrzej Kurek <andrzej.kurek@arm.com>	Fri Aug 07 21:02:25 2020 -0400
committer	Andrzej Kurek <andrzej.kurek@arm.com>	Sat Aug 08 19:06:44 2020 -0400
tree	8a5eef1c00384d7ba5d0a6d1a7136a45e6f06139
parent	9df2b416b908b7ce206386a04980ac9f6c66b57c [diff] [blame]