mirror of
https://github.com/espressif/esp-idf.git
synced 2024-10-05 20:47:46 -04:00
ble_mesh: stack: Fix mbedtls aes ctx not initialized
This commit is contained in:
parent
c6f7abbe94
commit
5e8695d7be
@ -1868,60 +1868,33 @@ int bt_mesh_dh_key_gen(const uint8_t remote_pk[64], bt_mesh_dh_key_cb_t cb, cons
|
||||
return 0;
|
||||
}
|
||||
|
||||
#if CONFIG_MBEDTLS_HARDWARE_AES
|
||||
static void ecb_encrypt(uint8_t const *const key_le, uint8_t const *const clear_text_le,
|
||||
uint8_t *const cipher_text_le, uint8_t *const cipher_text_be)
|
||||
{
|
||||
struct bt_mesh_ecb_param ecb = {0};
|
||||
mbedtls_aes_context aes_ctx = {0};
|
||||
|
||||
aes_ctx.key_bytes = 16;
|
||||
mem_rcopy(&aes_ctx.key[0], key_le, 16);
|
||||
mem_rcopy(&ecb.clear_text[0], clear_text_le, sizeof(ecb.clear_text));
|
||||
mbedtls_aes_crypt_ecb(&aes_ctx, MBEDTLS_AES_ENCRYPT, &ecb.clear_text[0], &ecb.cipher_text[0]);
|
||||
|
||||
if (cipher_text_le) {
|
||||
mem_rcopy(cipher_text_le, &ecb.cipher_text[0],
|
||||
sizeof(ecb.cipher_text));
|
||||
}
|
||||
|
||||
if (cipher_text_be) {
|
||||
memcpy(cipher_text_be, &ecb.cipher_text[0],
|
||||
sizeof(ecb.cipher_text));
|
||||
}
|
||||
}
|
||||
|
||||
static void ecb_encrypt_be(uint8_t const *const key_be, uint8_t const *const clear_text_be,
|
||||
uint8_t *const cipher_text_be)
|
||||
{
|
||||
struct bt_mesh_ecb_param ecb = {0};
|
||||
mbedtls_aes_context aes_ctx = {0};
|
||||
|
||||
aes_ctx.key_bytes = 16;
|
||||
memcpy(&aes_ctx.key[0], key_be, 16);
|
||||
memcpy(&ecb.clear_text[0], clear_text_be, sizeof(ecb.clear_text));
|
||||
mbedtls_aes_crypt_ecb(&aes_ctx, MBEDTLS_AES_ENCRYPT, &ecb.clear_text[0], &ecb.cipher_text[0]);
|
||||
|
||||
memcpy(cipher_text_be, &ecb.cipher_text[0], sizeof(ecb.cipher_text));
|
||||
}
|
||||
#endif /* CONFIG_MBEDTLS_HARDWARE_AES */
|
||||
|
||||
int bt_mesh_encrypt_le(const uint8_t key[16], const uint8_t plaintext[16],
|
||||
uint8_t enc_data[16])
|
||||
{
|
||||
#if CONFIG_MBEDTLS_HARDWARE_AES
|
||||
BT_DBG("key %s plaintext %s", bt_hex(key, 16), bt_hex(plaintext, 16));
|
||||
|
||||
ecb_encrypt(key, plaintext, enc_data, NULL);
|
||||
|
||||
BT_DBG("enc_data %s", bt_hex(enc_data, 16));
|
||||
return 0;
|
||||
#else /* CONFIG_MBEDTLS_HARDWARE_AES */
|
||||
struct tc_aes_key_sched_struct s = {0};
|
||||
uint8_t tmp[16] = {0};
|
||||
|
||||
BT_DBG("key %s plaintext %s", bt_hex(key, 16), bt_hex(plaintext, 16));
|
||||
|
||||
#if CONFIG_MBEDTLS_HARDWARE_AES
|
||||
mbedtls_aes_context ctx = {0};
|
||||
|
||||
mbedtls_aes_init(&ctx);
|
||||
|
||||
sys_memcpy_swap(tmp, key, 16);
|
||||
|
||||
if (mbedtls_aes_setkey_enc(&ctx, tmp, 128) != 0) {
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
sys_memcpy_swap(tmp, plaintext, 16);
|
||||
|
||||
if (mbedtls_aes_crypt_ecb(&ctx, MBEDTLS_AES_ENCRYPT,
|
||||
tmp, enc_data) != 0) {
|
||||
return -EINVAL;
|
||||
}
|
||||
#else /* CONFIG_MBEDTLS_HARDWARE_AES */
|
||||
struct tc_aes_key_sched_struct s = {0};
|
||||
|
||||
sys_memcpy_swap(tmp, key, 16);
|
||||
|
||||
if (tc_aes128_set_encrypt_key(&s, tmp) == TC_CRYPTO_FAIL) {
|
||||
@ -1933,31 +1906,36 @@ int bt_mesh_encrypt_le(const uint8_t key[16], const uint8_t plaintext[16],
|
||||
if (tc_aes_encrypt(enc_data, tmp, &s) == TC_CRYPTO_FAIL) {
|
||||
return -EINVAL;
|
||||
}
|
||||
#endif /* CONFIG_MBEDTLS_HARDWARE_AES */
|
||||
|
||||
sys_mem_swap(enc_data, 16);
|
||||
|
||||
BT_DBG("enc_data %s", bt_hex(enc_data, 16));
|
||||
|
||||
return 0;
|
||||
#endif /* CONFIG_MBEDTLS_HARDWARE_AES */
|
||||
}
|
||||
|
||||
int bt_mesh_encrypt_be(const uint8_t key[16], const uint8_t plaintext[16],
|
||||
uint8_t enc_data[16])
|
||||
{
|
||||
#if CONFIG_MBEDTLS_HARDWARE_AES
|
||||
BT_DBG("key %s plaintext %s", bt_hex(key, 16), bt_hex(plaintext, 16));
|
||||
|
||||
ecb_encrypt_be(key, plaintext, enc_data);
|
||||
#if CONFIG_MBEDTLS_HARDWARE_AES
|
||||
mbedtls_aes_context ctx = {0};
|
||||
|
||||
BT_DBG("enc_data %s", bt_hex(enc_data, 16));
|
||||
mbedtls_aes_init(&ctx);
|
||||
|
||||
return 0;
|
||||
if (mbedtls_aes_setkey_enc(&ctx, key, 128) != 0) {
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
if (mbedtls_aes_crypt_ecb(&ctx, MBEDTLS_AES_ENCRYPT,
|
||||
plaintext, enc_data) != 0) {
|
||||
return -EINVAL;
|
||||
}
|
||||
#else /* CONFIG_MBEDTLS_HARDWARE_AES */
|
||||
struct tc_aes_key_sched_struct s = {0};
|
||||
|
||||
BT_DBG("key %s plaintext %s", bt_hex(key, 16), bt_hex(plaintext, 16));
|
||||
|
||||
if (tc_aes128_set_encrypt_key(&s, key) == TC_CRYPTO_FAIL) {
|
||||
return -EINVAL;
|
||||
}
|
||||
@ -1965,11 +1943,11 @@ int bt_mesh_encrypt_be(const uint8_t key[16], const uint8_t plaintext[16],
|
||||
if (tc_aes_encrypt(enc_data, plaintext, &s) == TC_CRYPTO_FAIL) {
|
||||
return -EINVAL;
|
||||
}
|
||||
#endif /* CONFIG_MBEDTLS_HARDWARE_AES */
|
||||
|
||||
BT_DBG("enc_data %s", bt_hex(enc_data, 16));
|
||||
|
||||
return 0;
|
||||
#endif /* CONFIG_MBEDTLS_HARDWARE_AES */
|
||||
}
|
||||
|
||||
#if defined(CONFIG_BLE_MESH_USE_DUPLICATE_SCAN)
|
||||
|
@ -325,12 +325,6 @@ struct bt_mesh_gatt_service {
|
||||
sys_snode_t node;
|
||||
};
|
||||
|
||||
struct bt_mesh_ecb_param {
|
||||
uint8_t key[16];
|
||||
uint8_t clear_text[16];
|
||||
uint8_t cipher_text[16];
|
||||
} __packed;
|
||||
|
||||
typedef struct {
|
||||
uint8_t type;
|
||||
uint8_t val[6];
|
||||
|
@ -1849,59 +1849,32 @@ int bt_mesh_dh_key_gen(const uint8_t remote_pk[64], bt_mesh_dh_key_cb_t cb, cons
|
||||
return 0;
|
||||
}
|
||||
|
||||
#if CONFIG_MBEDTLS_HARDWARE_AES
|
||||
static void ecb_encrypt(uint8_t const *const key_le, uint8_t const *const clear_text_le,
|
||||
uint8_t *const cipher_text_le, uint8_t *const cipher_text_be)
|
||||
{
|
||||
struct bt_mesh_ecb_param ecb;
|
||||
mbedtls_aes_context aes_ctx = {0};
|
||||
|
||||
aes_ctx.key_bytes = 16;
|
||||
mem_rcopy(&aes_ctx.key[0], key_le, 16);
|
||||
mem_rcopy(&ecb.clear_text[0], clear_text_le, sizeof(ecb.clear_text));
|
||||
mbedtls_aes_crypt_ecb(&aes_ctx, MBEDTLS_AES_ENCRYPT, &ecb.clear_text[0], &ecb.cipher_text[0]);
|
||||
|
||||
if (cipher_text_le) {
|
||||
mem_rcopy(cipher_text_le, &ecb.cipher_text[0],
|
||||
sizeof(ecb.cipher_text));
|
||||
}
|
||||
|
||||
if (cipher_text_be) {
|
||||
memcpy(cipher_text_be, &ecb.cipher_text[0],
|
||||
sizeof(ecb.cipher_text));
|
||||
}
|
||||
}
|
||||
|
||||
static void ecb_encrypt_be(uint8_t const *const key_be, uint8_t const *const clear_text_be,
|
||||
uint8_t *const cipher_text_be)
|
||||
{
|
||||
struct bt_mesh_ecb_param ecb;
|
||||
mbedtls_aes_context aes_ctx = {0};
|
||||
|
||||
aes_ctx.key_bytes = 16;
|
||||
memcpy(&aes_ctx.key[0], key_be, 16);
|
||||
memcpy(&ecb.clear_text[0], clear_text_be, sizeof(ecb.clear_text));
|
||||
mbedtls_aes_crypt_ecb(&aes_ctx, MBEDTLS_AES_ENCRYPT, &ecb.clear_text[0], &ecb.cipher_text[0]);
|
||||
|
||||
memcpy(cipher_text_be, &ecb.cipher_text[0], sizeof(ecb.cipher_text));
|
||||
}
|
||||
#endif /* CONFIG_MBEDTLS_HARDWARE_AES */
|
||||
|
||||
int bt_mesh_encrypt_le(const uint8_t key[16], const uint8_t plaintext[16],
|
||||
uint8_t enc_data[16])
|
||||
{
|
||||
uint8_t tmp[16] = {0};
|
||||
|
||||
BT_DBG("key %s plaintext %s", bt_hex(key, 16), bt_hex(plaintext, 16));
|
||||
|
||||
#if CONFIG_MBEDTLS_HARDWARE_AES
|
||||
BT_DBG("key %s plaintext %s", bt_hex(key, 16), bt_hex(plaintext, 16));
|
||||
mbedtls_aes_context ctx = {0};
|
||||
|
||||
ecb_encrypt(key, plaintext, enc_data, NULL);
|
||||
mbedtls_aes_init(&ctx);
|
||||
|
||||
BT_DBG("enc_data %s", bt_hex(enc_data, 16));
|
||||
return 0;
|
||||
sys_memcpy_swap(tmp, key, 16);
|
||||
|
||||
if (mbedtls_aes_setkey_enc(&ctx, tmp, 128) != 0) {
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
sys_memcpy_swap(tmp, plaintext, 16);
|
||||
|
||||
if (mbedtls_aes_crypt_ecb(&ctx, MBEDTLS_AES_ENCRYPT,
|
||||
tmp, enc_data) != 0) {
|
||||
return -EINVAL;
|
||||
}
|
||||
#else /* CONFIG_MBEDTLS_HARDWARE_AES */
|
||||
struct tc_aes_key_sched_struct s;
|
||||
uint8_t tmp[16];
|
||||
|
||||
BT_DBG("key %s plaintext %s", bt_hex(key, 16), bt_hex(plaintext, 16));
|
||||
struct tc_aes_key_sched_struct s = {0};
|
||||
|
||||
sys_memcpy_swap(tmp, key, 16);
|
||||
|
||||
@ -1914,30 +1887,35 @@ int bt_mesh_encrypt_le(const uint8_t key[16], const uint8_t plaintext[16],
|
||||
if (tc_aes_encrypt(enc_data, tmp, &s) == TC_CRYPTO_FAIL) {
|
||||
return -EINVAL;
|
||||
}
|
||||
#endif /* CONFIG_MBEDTLS_HARDWARE_AES */
|
||||
|
||||
sys_mem_swap(enc_data, 16);
|
||||
|
||||
BT_DBG("enc_data %s", bt_hex(enc_data, 16));
|
||||
|
||||
return 0;
|
||||
#endif /* CONFIG_MBEDTLS_HARDWARE_AES */
|
||||
}
|
||||
|
||||
int bt_mesh_encrypt_be(const uint8_t key[16], const uint8_t plaintext[16],
|
||||
uint8_t enc_data[16])
|
||||
{
|
||||
BT_DBG("key %s plaintext %s", bt_hex(key, 16), bt_hex(plaintext, 16));
|
||||
|
||||
#if CONFIG_MBEDTLS_HARDWARE_AES
|
||||
BT_DBG("key %s plaintext %s", bt_hex(key, 16), bt_hex(plaintext, 16));
|
||||
mbedtls_aes_context ctx = {0};
|
||||
|
||||
ecb_encrypt_be(key, plaintext, enc_data);
|
||||
mbedtls_aes_init(&ctx);
|
||||
|
||||
BT_DBG("enc_data %s", bt_hex(enc_data, 16));
|
||||
if (mbedtls_aes_setkey_enc(&ctx, key, 128) != 0) {
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
return 0;
|
||||
if (mbedtls_aes_crypt_ecb(&ctx, MBEDTLS_AES_ENCRYPT,
|
||||
plaintext, enc_data) != 0) {
|
||||
return -EINVAL;
|
||||
}
|
||||
#else /* CONFIG_MBEDTLS_HARDWARE_AES */
|
||||
struct tc_aes_key_sched_struct s;
|
||||
|
||||
BT_DBG("key %s plaintext %s", bt_hex(key, 16), bt_hex(plaintext, 16));
|
||||
struct tc_aes_key_sched_struct s = {0};
|
||||
|
||||
if (tc_aes128_set_encrypt_key(&s, key) == TC_CRYPTO_FAIL) {
|
||||
return -EINVAL;
|
||||
@ -1946,11 +1924,11 @@ int bt_mesh_encrypt_be(const uint8_t key[16], const uint8_t plaintext[16],
|
||||
if (tc_aes_encrypt(enc_data, plaintext, &s) == TC_CRYPTO_FAIL) {
|
||||
return -EINVAL;
|
||||
}
|
||||
#endif /* CONFIG_MBEDTLS_HARDWARE_AES */
|
||||
|
||||
BT_DBG("enc_data %s", bt_hex(enc_data, 16));
|
||||
|
||||
return 0;
|
||||
#endif /* CONFIG_MBEDTLS_HARDWARE_AES */
|
||||
}
|
||||
|
||||
#if defined(CONFIG_BLE_MESH_USE_DUPLICATE_SCAN)
|
||||
|
Loading…
Reference in New Issue
Block a user