Merge #177

bors[bot] · kedars · web-flow · commit c5b103ff9fa2 · 2022-02-07T16:17:54.000Z
177: Create in-place variants for encrypt_auth/decrypt_auth r=jethrogb a=kedars

This is invaluable for embedded systems

Co-authored-by: Kedar Sovani &lt;kedars@gmail.com&gt;
diff --git a/mbedtls/src/cipher/mod.rs b/mbedtls/src/cipher/mod.rs
@@ -286,6 +286,19 @@ impl Cipher<Encryption, Authenticated, AdditionalData> {
             self.change_state(),
         ))
     }
+
+    pub fn encrypt_auth_inplace(
+        mut self,
+        ad: &[u8],
+        data: &mut [u8],
+        tag: &mut [u8],
+    ) -> Result<(usize, Cipher<Encryption, Authenticated, Finished>)> {
+        Ok((
+            self.raw_cipher
+                .encrypt_auth_inplace(ad, data, tag)?,
+            self.change_state(),
+        ))
+    }
 }
 
 impl Cipher<Decryption, Authenticated, AdditionalData> {
@@ -302,6 +315,19 @@ impl Cipher<Decryption, Authenticated, AdditionalData> {
             self.change_state(),
         ))
     }
+
+    pub fn decrypt_auth_inplace(
+        mut self,
+        ad: &[u8],
+        data: &mut [u8],
+        tag: &[u8],
+    ) -> Result<(usize, Cipher<Decryption, Authenticated, Finished>)> {
+        Ok((
+            self.raw_cipher
+                .decrypt_auth_inplace(ad, data, tag)?,
+            self.change_state(),
+        ))
+    }
 }
 
 impl<O: Operation, T: Type> Cipher<O, T, CipherData> {
@@ -401,6 +427,44 @@ fn ccm() {
     assert_eq!(p, p_out);
 }
 
+#[test]
+fn ccm_inplace() {
+    // Example vector C.1
+    let k = [
+        0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e,
+        0x4f,
+    ];
+    let iv = [0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16];
+    let ad = [0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07];
+    let mut c = [0x20, 0x21, 0x22, 0x23, 0x0, 0x0, 0x0, 0x0];
+    let validate_cipher = [0x71, 0x62, 0x01, 0x5b, 0x4d, 0xac, 0x25, 0x5d];
+    let validate_plain = [0x20, 0x21, 0x22, 0x23];
+
+    let cipher = Cipher::<_, Authenticated, _>::new(
+        raw::CipherId::Aes,
+        raw::CipherMode::CCM,
+        (k.len() * 8) as _,
+    )
+    .unwrap();
+    let cipher = cipher.set_key_iv(&k, &iv).unwrap();
+    let (data, tag) = c.split_at_mut(4);
+    cipher
+        .encrypt_auth_inplace(&ad, data, tag)
+        .unwrap();
+    assert_eq!(c, validate_cipher);
+
+    let cipher = Cipher::<_, Authenticated, _>::new(
+        raw::CipherId::Aes,
+        raw::CipherMode::CCM,
+        (k.len() * 8) as _,
+    )
+    .unwrap();
+    let cipher = cipher.set_key_iv(&k, &iv).unwrap();
+    let (data, tag) = c.split_at_mut(4);
+    cipher.decrypt_auth_inplace(&ad, data, tag).unwrap();
+    assert_eq!(validate_plain, data);
+}
+
 #[test]
 fn aes_kw() {
 	let k = [0x75, 0x75, 0xda, 0x3a, 0x93, 0x60, 0x7c, 0xc2, 0xbf, 0xd8, 0xce, 0xc7, 0xaa, 0xdf, 0xd9, 0xa6];
diff --git a/mbedtls/src/cipher/raw/mod.rs b/mbedtls/src/cipher/raw/mod.rs
@@ -387,6 +387,66 @@ impl Cipher {
         Ok(plain_len)
     }
 
+    pub fn encrypt_auth_inplace(
+        &mut self,
+        ad: &[u8],
+        data: &mut [u8],
+        tag: &mut [u8],
+    ) -> Result<usize> {
+
+        let iv = self.inner.iv;
+        let iv_len = self.inner.iv_size;
+        let mut olen = data.len();
+        unsafe {
+            cipher_auth_encrypt(
+                &mut self.inner,
+                iv.as_ptr(),
+                iv_len,
+                ad.as_ptr(),
+                ad.len(),
+                data.as_ptr(),
+                data.len(),
+                data.as_mut_ptr(),
+                &mut olen,
+                tag.as_mut_ptr(),
+                tag.len(),
+            )
+            .into_result()?
+        };
+
+        Ok(olen)
+    }
+
+    pub fn decrypt_auth_inplace(
+        &mut self,
+        ad: &[u8],
+        data: &mut [u8],
+        tag: &[u8],
+    ) -> Result<usize> {
+
+        let iv = self.inner.iv;
+        let iv_len = self.inner.iv_size;
+        let mut plain_len = data.len();
+        unsafe {
+            cipher_auth_decrypt(
+                &mut self.inner,
+                iv.as_ptr(),
+                iv_len,
+                ad.as_ptr(),
+                ad.len(),
+                data.as_ptr(),
+                data.len(),
+                data.as_mut_ptr(),
+                &mut plain_len,
+                tag.as_ptr(),
+                tag.len(),
+            )
+            .into_result()?
+        };
+
+        Ok(plain_len)
+    }
+
     fn do_crypto(&mut self, indata: &[u8], outdata: &mut [u8]) -> Result<usize> {
         self.reset()?;
 
