Skip to content

Commit eacb233

Browse files
Jongydpgeorge
Jongy
authored and
dpgeorge
committed
extmod/moducryptolib: Add an mbedTLS implementation for this module.
1 parent e328b45 commit eacb233

1 file changed

Lines changed: 54 additions & 0 deletions

File tree

extmod/moducryptolib.c

Lines changed: 54 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -54,6 +54,24 @@ enum {
5454
#define AES_CTX_IMPL AES_CTX
5555
#endif
5656

57+
#if MICROPY_SSL_MBEDTLS
58+
#include <mbedtls/aes.h>
59+
60+
// we can't run mbedtls AES key schedule until we know whether we're used for encrypt or decrypt.
61+
// therefore, we store the key & keysize and on the first call to encrypt/decrypt we override them
62+
// with the mbedtls_aes_context, as they are not longer required. (this is done to save space)
63+
struct mbedtls_aes_ctx_with_key {
64+
union {
65+
mbedtls_aes_context mbedtls_ctx;
66+
struct {
67+
uint8_t key[32];
68+
uint8_t keysize;
69+
} init_data;
70+
} u;
71+
unsigned char iv[16];
72+
};
73+
#define AES_CTX_IMPL struct mbedtls_aes_ctx_with_key
74+
#endif
5775

5876
typedef struct _mp_obj_aes_t {
5977
mp_obj_base_t base;
@@ -104,6 +122,42 @@ STATIC void aes_process_cbc_impl(AES_CTX_IMPL *ctx, const uint8_t *in, uint8_t *
104122
}
105123
#endif
106124

125+
#if MICROPY_SSL_MBEDTLS
126+
STATIC void aes_initial_set_key_impl(AES_CTX_IMPL *ctx, const uint8_t *key, size_t keysize, const uint8_t iv[16]) {
127+
ctx->u.init_data.keysize = keysize;
128+
memcpy(ctx->u.init_data.key, key, keysize);
129+
130+
if (NULL != iv) {
131+
memcpy(ctx->iv, iv, sizeof(ctx->iv));
132+
}
133+
}
134+
135+
STATIC void aes_final_set_key_impl(AES_CTX_IMPL *ctx, bool encrypt) {
136+
// first, copy key aside
137+
uint8_t key[32];
138+
uint8_t keysize = ctx->u.init_data.keysize;
139+
memcpy(key, ctx->u.init_data.key, keysize);
140+
// now, override key with the mbedtls context object
141+
mbedtls_aes_init(&ctx->u.mbedtls_ctx);
142+
143+
// setkey call will succeed, we've already checked the keysize earlier.
144+
assert(16 == keysize || 32 == keysize);
145+
if (encrypt) {
146+
mbedtls_aes_setkey_enc(&ctx->u.mbedtls_ctx, key, keysize * 8);
147+
} else {
148+
mbedtls_aes_setkey_dec(&ctx->u.mbedtls_ctx, key, keysize * 8);
149+
}
150+
}
151+
152+
STATIC void aes_process_ecb_impl(AES_CTX_IMPL *ctx, const uint8_t in[16], uint8_t out[16], bool encrypt) {
153+
mbedtls_aes_crypt_ecb(&ctx->u.mbedtls_ctx, encrypt ? MBEDTLS_AES_ENCRYPT : MBEDTLS_AES_DECRYPT, in, out);
154+
}
155+
156+
STATIC void aes_process_cbc_impl(AES_CTX_IMPL *ctx, const uint8_t *in, uint8_t *out, size_t in_len, bool encrypt) {
157+
mbedtls_aes_crypt_cbc(&ctx->u.mbedtls_ctx, encrypt ? MBEDTLS_AES_ENCRYPT : MBEDTLS_AES_DECRYPT, in_len, ctx->iv, in, out);
158+
}
159+
#endif
160+
107161
STATIC mp_obj_t aes_make_new(const mp_obj_type_t *type, size_t n_args, size_t n_kw, const mp_obj_t *args) {
108162
mp_arg_check_num(n_args, n_kw, 2, 3, false);
109163
mp_obj_aes_t *o = m_new_obj(mp_obj_aes_t);

0 commit comments

Comments
 (0)