Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added support for AES-ECB to the PSA Crypto implementation #3480

Merged
merged 5 commits into from
Sep 14, 2020
Merged

Added support for AES-ECB to the PSA Crypto implementation #3480

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
ed3c9ec
Added support for AES-ECB to the PSA Crypto implementation
stevew817 Jul 6, 2020
2a48b53
Added changelog entry for AES-ECB in PSA
stevew817 Jul 6, 2020
a6033e9
Style and language fixes
stevew817 Aug 25, 2020
ffecb7b
Implement support for multipart ECB and add tests
stevew817 Aug 25, 2020
177deba
Fix style and pull out ECB processing in separate function
stevew817 Sep 7, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions ChangeLog.d/add-aes-ecb-to-psa.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
Features
* Add support for ECB to the PSA cipher API.
2 changes: 2 additions & 0 deletions include/mbedtls/psa_util.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,8 @@ static inline psa_algorithm_t mbedtls_psa_translate_cipher_mode(
{
switch( mode )
{
case MBEDTLS_MODE_ECB:
return( PSA_ALG_ECB_NO_PADDING );
case MBEDTLS_MODE_GCM:
return( PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, taglen ) );
case MBEDTLS_MODE_CCM:
Expand Down
20 changes: 20 additions & 0 deletions include/psa/crypto_values.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -980,6 +980,26 @@
*/
#define PSA_ALG_XTS ((psa_algorithm_t)0x044000ff)

/** The Electronic Code Book (ECB) mode of a block cipher, with no padding.
*
* \warning ECB mode does not protect the confidentiality of the encrypted data
* except in extremely narrow circumstances. It is recommended that applications
* only use ECB if they need to construct an operating mode that the
* implementation does not provide. Implementations are encouraged to provide
* the modes that applications need in preference to supporting direct access
* to ECB.
*
* The underlying block cipher is determined by the key type.
*
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please include the warning against use as well.

* This symmetric cipher mode can only be used with messages whose lengths are a
* multiple of the block size of the chosen block cipher.
*
* ECB mode does not accept an initialization vector (IV). When using a
* multi-part cipher operation with this algorithm, psa_cipher_generate_iv()
* and psa_cipher_set_iv() must not be called.
*/
#define PSA_ALG_ECB_NO_PADDING ((psa_algorithm_t)0x04404400)

/** The CBC block cipher chaining mode, with no padding.
*
* The underlying block cipher is determined by the key type.
Expand Down
108 changes: 98 additions & 10 deletions library/psa_crypto.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2518,6 +2518,9 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
case PSA_ALG_OFB:
mode = MBEDTLS_MODE_OFB;
break;
case PSA_ALG_ECB_NO_PADDING:
mode = MBEDTLS_MODE_ECB;
break;
case PSA_ALG_CBC_NO_PADDING:
mode = MBEDTLS_MODE_CBC;
break;
Expand Down Expand Up @@ -3746,7 +3749,14 @@ static psa_status_t psa_cipher_init( psa_cipher_operation_t *operation,
operation->alg = alg;
operation->key_set = 0;
operation->iv_set = 0;
operation->iv_required = 1;
if( alg == PSA_ALG_ECB_NO_PADDING )
{
operation->iv_required = 0;
}
else
{
operation->iv_required = 1;
}
operation->iv_size = 0;
operation->block_size = 0;
mbedtls_cipher_init( &operation->ctx.cipher );
Expand Down Expand Up @@ -3837,7 +3847,8 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
operation->key_set = 1;
operation->block_size = ( PSA_ALG_IS_STREAM_CIPHER( alg ) ? 1 :
PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->attr.type ) );
if( alg & PSA_ALG_CIPHER_FROM_BLOCK_FLAG )
if( ( alg & PSA_ALG_CIPHER_FROM_BLOCK_FLAG ) != 0 &&
alg != PSA_ALG_ECB_NO_PADDING )
{
operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->attr.type );
}
Expand Down Expand Up @@ -3934,9 +3945,9 @@ psa_status_t psa_cipher_update( psa_cipher_operation_t *operation,
size_t output_size,
size_t *output_length )
{
psa_status_t status;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
size_t expected_output_size;
size_t internal_output_length;

if( operation->alg == 0 )
{
Expand Down Expand Up @@ -3964,9 +3975,83 @@ psa_status_t psa_cipher_update( psa_cipher_operation_t *operation,
goto exit;
}

ret = mbedtls_cipher_update( &operation->ctx.cipher, input,
input_length, output, output_length );
status = mbedtls_to_psa_error( ret );
if( operation->alg == PSA_ALG_ECB_NO_PADDING )
{
gilles-peskine-arm marked this conversation as resolved.
Show resolved Hide resolved
/* mbedtls_cipher_update has an API inconsistency: it will only
* process a single block at a time in ECB mode. Abstract away that
* inconsistency here to match the PSA API behaviour. */
*output_length = 0;

if( input_length == 0 )
{
status = PSA_SUCCESS;
goto exit;
}

if( expected_output_size > 0 )
{
size_t ctx_bytes = operation->ctx.cipher.unprocessed_len;
if( ctx_bytes > 0 )
{
/* Fill up to block size and run the block */
size_t bytes_to_copy = operation->block_size - ctx_bytes;
memcpy( &( operation->ctx.cipher.unprocessed_data[ctx_bytes] ),
input, bytes_to_copy );
input_length -= bytes_to_copy;
input += bytes_to_copy;
operation->ctx.cipher.unprocessed_len = 0;

status = mbedtls_to_psa_error(
mbedtls_cipher_update( &operation->ctx.cipher,
operation->ctx.cipher.unprocessed_data,
operation->block_size,
output, &internal_output_length ) );

if( status != PSA_SUCCESS )
goto exit;

output += internal_output_length;
output_size -= internal_output_length;
*output_length += internal_output_length;
}

size_t blocks = input_length / operation->block_size;
for( ; blocks > 0; blocks-- )
gilles-peskine-arm marked this conversation as resolved.
Show resolved Hide resolved
{
/* Run all full blocks we have, one by one */
status = mbedtls_to_psa_error(
mbedtls_cipher_update( &operation->ctx.cipher, input,
operation->block_size,
output, &internal_output_length ) );

if( status != PSA_SUCCESS )
goto exit;

input_length -= operation->block_size;
input += operation->block_size;

output += internal_output_length;
output_size -= internal_output_length;
*output_length += internal_output_length;
}
}

if( input_length > 0 )
{
/* Save unprocessed bytes for later processing */
memcpy( &( operation->ctx.cipher.unprocessed_data[operation->ctx.cipher.unprocessed_len] ),
input, input_length );
operation->ctx.cipher.unprocessed_len += input_length;
}

status = PSA_SUCCESS;
}
else
{
status = mbedtls_to_psa_error(
mbedtls_cipher_update( &operation->ctx.cipher, input,
input_length, output, output_length ) );
}
exit:
if( status != PSA_SUCCESS )
psa_cipher_abort( operation );
Expand All @@ -3991,12 +4076,15 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation,
return( PSA_ERROR_BAD_STATE );
}

if( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT &&
operation->alg == PSA_ALG_CBC_NO_PADDING &&
operation->ctx.cipher.unprocessed_len != 0 )
if( operation->ctx.cipher.unprocessed_len != 0 )
{
if( operation->alg == PSA_ALG_ECB_NO_PADDING ||
( operation->alg == PSA_ALG_CBC_NO_PADDING &&
operation->ctx.cipher.operation == MBEDTLS_ENCRYPT ) )
{
status = PSA_ERROR_INVALID_ARGUMENT;
goto error;
}
}

cipher_ret = mbedtls_cipher_finish( &operation->ctx.cipher,
Expand Down
90 changes: 85 additions & 5 deletions tests/suites/test_suite_psa_crypto.data
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -346,7 +346,11 @@ PSA import RSA public key: maximum size exceeded
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:0:PSA_ERROR_NOT_SUPPORTED

PSA key policy: AES
PSA key policy: AES ECB
depends_on:MBEDTLS_AES_C
check_key_policy:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_ECB_NO_PADDING

PSA key policy: AES CBC
depends_on:MBEDTLS_AES_C
check_key_policy:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_NO_PADDING

Expand Down Expand Up @@ -1122,6 +1126,18 @@ PSA cipher: bad order function calls
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
cipher_bad_order:

PSA symmetric encrypt: AES-ECB, 0 bytes, good
depends_on:MBEDTLS_AES_C
cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":"":PSA_SUCCESS

PSA symmetric encrypt: AES-ECB, 16 bytes, good
depends_on:MBEDTLS_AES_C
cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a":"3ad77bb40d7a3660a89ecaf32466ef97":PSA_SUCCESS

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please add a few more test cases (for both encrypt and decrypt): 0 bytes, 32 bytes, a non-multiple of 16.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please add at least a 1-block 3DES test case.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

3DES isn't in scope for this PR?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This PR makes Mbed TLS recognize PSA_ALG_ECB_NO_PADDING, so it should test the algorithm with at least a selection of block ciphers. 3DES and other block ciphers should either work correctly or return NOT_SUPPORTED. I requested a test for 3DES and not for e.g. CAMELLIA because CAMELLIA is very likely to work if AES does, whereas DES and 3DES could be incorrect due to a misuse of a hard-coded 16 instead of the block size somewhere.

PSA symmetric encrypt: AES-ECB, 32 bytes, good
depends_on:MBEDTLS_AES_C
cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":PSA_SUCCESS

PSA symmetric encrypt: AES-CBC-nopad, 16 bytes, good
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
Expand All @@ -1134,6 +1150,10 @@ PSA symmetric encrypt: AES-CBC-PKCS#7, 15 bytes, good
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
cipher_encrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS

PSA symmetric encrypt: AES-ECB, input too short (15 bytes)
depends_on:MBEDTLS_AES_C
cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e11739317":"3ad77bb40d7a3660a89ecaf32466ef":PSA_ERROR_INVALID_ARGUMENT
gilles-peskine-arm marked this conversation as resolved.
Show resolved Hide resolved

PSA symmetric encrypt: AES-CBC-nopad, input too short
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
Expand All @@ -1158,6 +1178,26 @@ PSA symmetric encrypt: 3-key 3DES-CBC-nopad, 8 bytes, good
depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":"817ca7d69b80d86a":PSA_SUCCESS

PSA symmetric encrypt: 2-key 3DES-ECB, 8 bytes, good
depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"c78e2b38139610e3":"5d0652429c5b0ac7":PSA_SUCCESS

PSA symmetric encrypt: 3-key 3DES-ECB, 8 bytes, good
depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"c78e2b38139610e3":"817ca7d69b80d86a":PSA_SUCCESS

PSA symmetric decrypt: AES-ECB, 0 bytes, good
depends_on:MBEDTLS_AES_C
cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":"":PSA_SUCCESS

PSA symmetric decrypt: AES-ECB, 16 bytes, good
depends_on:MBEDTLS_AES_C
cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654aa":"63cecc46a382414d5fa7d2b79387437f":PSA_SUCCESS

PSA symmetric decrypt: AES-ECB, 32 bytes, good
depends_on:MBEDTLS_AES_C
cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":PSA_SUCCESS

PSA symmetric decrypt: AES-CBC-nopad, 16 bytes, good
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS
Expand All @@ -1178,6 +1218,10 @@ PSA symmetric decrypt: AES-CTR, 16 bytes, good
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS

PSA symmetric decrypt: AES-ECB, input too short (15 bytes)
depends_on:MBEDTLS_AES_C
cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654":"63cecc46a382414d5fa7d2b7938743":PSA_ERROR_INVALID_ARGUMENT

PSA symmetric decrypt: AES-CBC-nopad, input too short (5 bytes)
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":"6bc1bee223":PSA_ERROR_BAD_STATE
Expand All @@ -1194,6 +1238,18 @@ PSA symmetric decrypt: 3-key 3DES-CBC-nopad, 8 bytes, good
depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"817ca7d69b80d86a":"eda4011239bc3ac9":PSA_SUCCESS

PSA symmetric decrypt: 2-key 3DES-ECB, 8 bytes, good
depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"5d0652429c5b0ac7":"c78e2b38139610e3":PSA_SUCCESS

PSA symmetric decrypt: 3-key 3DES-ECB, 8 bytes, good
depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"817ca7d69b80d86a":"c78e2b38139610e3":PSA_SUCCESS

PSA symmetric encrypt/decrypt: AES-ECB, 16 bytes, good
depends_on:MBEDTLS_AES_C
cipher_verify_output:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"

PSA symmetric encrypt/decrypt: AES-CBC-nopad, 16 bytes, good
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
cipher_verify_output:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
Expand All @@ -1210,6 +1266,18 @@ PSA symmetric encrypt/decrypt: AES-CTR
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
cipher_verify_output:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"

PSA symmetric encryption multipart: AES-ECB, 16+16 bytes
depends_on:MBEDTLS_AES_C
cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c"

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please add a test case where the input isn't split on a block boundary (e.g. 1+15). And please add a bad test case where the total input isn't a whole number of blocks. All for both encrypt and decrypt.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There weren't any negative test cases being done with _multipart tests. Is it really up to me to introduce that here?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A prior test gap is not a justification for expanding the test gap in general. But ok, let's defer negative testing for multipart operations since it's a preexisting lack of test code. Do please add test with input that isn't split on a block boundary, which was already done for CBC.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure (push incoming for the non-block-multiple operations).

PSA symmetric encryption multipart: AES-ECB, 13+19 bytes
depends_on:MBEDTLS_AES_C
cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":13:0:32:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c"

PSA symmetric encryption multipart: AES-ECB, 24+12 bytes
depends_on:MBEDTLS_AES_C
cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":24:16:16:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c"

PSA symmetric encryption multipart: AES-CBC-nopad, 7+9 bytes
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":7:0:16:"a076ec9dfbe47d52afc357336f20743b"
Expand Down Expand Up @@ -1274,6 +1342,18 @@ PSA symmetric encryption multipart: AES-CTR, 16+0 bytes
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32"

PSA symmetric decryption multipart: AES-ECB, 16+16 bytes
depends_on:MBEDTLS_AES_C
cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":16:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef"

PSA symmetric decryption multipart: AES-ECB, 11+21 bytes
depends_on:MBEDTLS_AES_C
cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":11:0:32:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef"

PSA symmetric decryption multipart: AES-ECB, 28+4 bytes
depends_on:MBEDTLS_AES_C
cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":28:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef"

PSA symmetric decryption multipart: AES-CBC-nopad, 7+9 bytes
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":7:0:16:"6bc1bee22e409f96e93d7e117393172a"
Expand Down Expand Up @@ -1302,19 +1382,19 @@ PSA symmetric encryption multipart: AES-CTR, 11+5 bytes [#2]
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32"

PSA symmetric encryption multipart: AES-CTR, 16+16 bytes [#2]
PSA symmetric decryption multipart: AES-CTR, 16+16 bytes [#2]
gilles-peskine-arm marked this conversation as resolved.
Show resolved Hide resolved
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"

PSA symmetric encryption multipart: AES-CTR, 12+20 bytes [#2]
PSA symmetric decryption multipart: AES-CTR, 12+20 bytes [#2]
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"

PSA symmetric encryption multipart: AES-CTR, 20+12 bytes [#2]
PSA symmetric decryption multipart: AES-CTR, 20+12 bytes [#2]
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"

PSA symmetric encryption multipart: AES-CTR, 12+10 bytes [#2]
PSA symmetric decryption multipart: AES-CTR, 12+10 bytes [#2]
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b"

Expand Down
Loading