Skip to content
Draft
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion wolfcrypt/src/port/Renesas/renesas_fspsm_aes.c
Original file line number Diff line number Diff line change
Expand Up @@ -586,7 +586,7 @@ int wc_fspsm_AesGcmDecrypt(struct Aes* aes, byte* out,
}

if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
WOLFSSL_MSG("GcmEncrypt authTagSz too small error");
WOLFSSL_MSG("GcmDecrypt authTagSz too small error");
return BAD_FUNC_ARG;
}

Expand Down
43 changes: 28 additions & 15 deletions wolfcrypt/src/port/Renesas/renesas_fspsm_util.c
Original file line number Diff line number Diff line change
Expand Up @@ -759,6 +759,7 @@ int wc_fspsm_generateSessionKey(WOLFSSL *ssl,
key_server_aes = (FSPSM_AES_PWKEY)XMALLOC(sizeof(FSPSM_AES_WKEY),
ssl->heap, DYNAMIC_TYPE_AES);
if (key_client_aes == NULL || key_server_aes == NULL) {
wc_fspsm_hw_unlock();
return MEMORY_E;
}
Comment on lines 761 to 764

Expand Down Expand Up @@ -790,15 +791,19 @@ int wc_fspsm_generateSessionKey(WOLFSSL *ssl,
if (enc->aes == NULL) {
enc->aes = (Aes*)XMALLOC(sizeof(Aes), ssl->heap,
DYNAMIC_TYPE_CIPHER);
if (enc->aes == NULL)
if (enc->aes == NULL) {
wc_fspsm_hw_unlock();
return MEMORY_E;
}
}
XMEMSET(enc->aes, 0, sizeof(Aes));
enc->aes->ctx.wrapped_key = (FSPSM_AES_PWKEY)XMALLOC
(sizeof(FSPSM_AES_WKEY),
ssl->heap, DYNAMIC_TYPE_AES);
if (enc->aes->ctx.wrapped_key == NULL)
if (enc->aes->ctx.wrapped_key == NULL) {
wc_fspsm_hw_unlock();
return MEMORY_E;
}
}
if (dec) {
if (dec->aes == NULL) {
Expand All @@ -808,29 +813,37 @@ int wc_fspsm_generateSessionKey(WOLFSSL *ssl,
if (enc) {
XFREE(enc->aes, NULL, DYNAMIC_TYPE_CIPHER);
}
wc_fspsm_hw_unlock();
return MEMORY_E;
Comment on lines 813 to 817
}
XMEMSET(dec->aes, 0, sizeof(Aes));

dec->aes->ctx.wrapped_key = (FSPSM_AES_PWKEY)XMALLOC
(sizeof(FSPSM_AES_WKEY),
ssl->heap, DYNAMIC_TYPE_AES);
if (dec->aes->ctx.wrapped_key == NULL)
if (dec->aes->ctx.wrapped_key == NULL) {
wc_fspsm_hw_unlock();
return MEMORY_E;
}
}
}
/* copy key index into aes */
if (ssl->options.side == PROVISION_CLIENT) {
XMEMCPY(enc->aes->ctx.wrapped_key, key_client_aes,
sizeof(FSPSM_AES_WKEY));
XMEMCPY(dec->aes->ctx.wrapped_key, key_server_aes,
sizeof(FSPSM_AES_WKEY));
}
else {
XMEMCPY(enc->aes->ctx.wrapped_key, key_server_aes,
sizeof(FSPSM_AES_WKEY));
XMEMCPY(dec->aes->ctx.wrapped_key, key_client_aes,
sizeof(FSPSM_AES_WKEY));
/* copy key index into aes. Skipped when AES-GCM session-key
* generation was deferred above -- key_client_aes/key_server_aes
* are NULL in that case, and the real per-record key is
* generated later inside wc_fspsm_AesGcmEncrypt/Decrypt. */
if (key_client_aes != NULL && key_server_aes != NULL) {
if (ssl->options.side == PROVISION_CLIENT) {
XMEMCPY(enc->aes->ctx.wrapped_key, key_client_aes,
sizeof(FSPSM_AES_WKEY));
XMEMCPY(dec->aes->ctx.wrapped_key, key_server_aes,
Comment on lines +834 to +838
sizeof(FSPSM_AES_WKEY));
}
else {
XMEMCPY(enc->aes->ctx.wrapped_key, key_server_aes,
sizeof(FSPSM_AES_WKEY));
XMEMCPY(dec->aes->ctx.wrapped_key, key_client_aes,
sizeof(FSPSM_AES_WKEY));
}
}
/* copy mac key index into keys */
ssl->keys.fspsm_client_write_MAC_secret = key_client_mac;
Expand Down