Merge branch 'master' into feature/esp32s2beta_update

2025-08-08 12:10:59 +00:00 · 2019-08-08 13:44:24 +10:00
parent 1877a9fcd8 16b300bd7a
commit 24d26fccde
2414 changed files with 160787 additions and 45783 deletions
--- a/components/mbedtls/port/esp32/aes.c
+++ b/components/mbedtls/port/esp32/aes.c
@@ -408,6 +408,50 @@ int esp_aes_crypt_ctr( esp_aes_context *ctx,
    return 0;
 }

+/*
+ * AES-OFB (Output Feedback Mode) buffer encryption/decryption
+ */
+int esp_aes_crypt_ofb( esp_aes_context *ctx,
+                           size_t length,
+                           size_t *iv_off,
+                           unsigned char iv[16],
+                           const unsigned char *input,
+                           unsigned char *output )
+{
+    int ret = 0;
+    size_t n;
+
+    if ( ctx == NULL || iv_off == NULL || iv == NULL ||
+        input == NULL || output == NULL ) {
+            return MBEDTLS_ERR_AES_BAD_INPUT_DATA;
+    }
+
+    n = *iv_off;
+
+    if( n > 15 ) {
+        return( MBEDTLS_ERR_AES_BAD_INPUT_DATA );
+    }
+
+    esp_aes_acquire_hardware();
+
+    esp_aes_setkey_hardware(ctx, ESP_AES_ENCRYPT);
+
+    while( length-- ) {
+        if( n == 0 ) {
+            esp_aes_block( iv, iv );
+        }
+        *output++ =  *input++ ^ iv[n];
+
+        n = ( n + 1 ) & 0x0F;
+    }
+
+    *iv_off = n;
+
+    esp_aes_release_hardware();
+
+    return( ret );
+}
+
 /* Below XTS implementation is copied aes.c of mbedtls library. 
 * When MBEDTLS_AES_ALT is defined mbedtls expects alternate
 * definition of XTS functions to be available. Even if this 
--- a/components/mbedtls/port/esp32/esp_bignum.c
+++ b/components/mbedtls/port/esp32/esp_bignum.c
@@ -359,6 +359,18 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi* Z, const mbedtls_mpi* X, const mbedtls_mpi
    mbedtls_mpi *Rinv;    /* points to _Rinv (if not NULL) othwerwise &RR_new */
    mbedtls_mpi_uint Mprime;

+    if (mbedtls_mpi_cmp_int(M, 0) <= 0 || (M->p[0] & 1) == 0) {
+        return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+    }
+
+    if (mbedtls_mpi_cmp_int(Y, 0) < 0) {
+        return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+    }
+
+    if (mbedtls_mpi_cmp_int(Y, 0) == 0) {
+        return mbedtls_mpi_lset(Z, 1);
+    }
+
    if (hw_words * 32 > 4096) {
        return MBEDTLS_ERR_MPI_NOT_ACCEPTABLE;
    }
@@ -392,13 +404,24 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi* Z, const mbedtls_mpi* X, const mbedtls_mpi
    start_op(RSA_START_MODEXP_REG);

    /* X ^ Y may actually be shorter than M, but unlikely when used for crypto */
-    MBEDTLS_MPI_CHK( mbedtls_mpi_grow(Z, m_words) );
+    if ((ret = mbedtls_mpi_grow(Z, m_words)) != 0) {
+        esp_mpi_release_hardware();
+        goto cleanup;
+    }

    wait_op_complete(RSA_START_MODEXP_REG);

    mem_block_to_mpi(Z, RSA_MEM_Z_BLOCK_BASE, m_words);
    esp_mpi_release_hardware();

+    // Compensate for negative X
+    if (X->s == -1 && (Y->p[0] & 1) != 0) {
+        Z->s = -1;
+        MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(Z, M, Z));
+    } else {
+        Z->s = 1;
+    }
+
 cleanup:
    if (_Rinv == NULL) {
        mbedtls_mpi_free(&Rinv_new);