Merge pull request #6860 from douzzer/20231012-aes-xts-fixes

JacobBarthelmeh · web-flow · commit 883fcfc11e73 · 2023-10-12T14:41:17.000-06:00
20231012-aes-xts-fixes
diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c
@@ -11461,9 +11461,9 @@ int wc_AesXtsEncryptConsecutiveSectors(XtsAes* aes, byte* out, const byte* in,
         word32 sz, word64 sector, word32 sectorSz)
 {
     int ret  = 0;
-    int iter = 0;
-    int sectorCount  = sz / sectorSz;
-    int remainder = sz % sectorSz;
+    word32 iter = 0;
+    word32 sectorCount;
+    word32 remainder;
 
     if (aes == NULL || out == NULL || in == NULL || sectorSz == 0) {
         return BAD_FUNC_ARG;
@@ -11474,6 +11474,9 @@ int wc_AesXtsEncryptConsecutiveSectors(XtsAes* aes, byte* out, const byte* in,
         return BAD_FUNC_ARG;
     }
 
+    sectorCount  = sz / sectorSz;
+    remainder = sz % sectorSz;
+
     while (sectorCount) {
         ret = wc_AesXtsEncryptSector(aes, out + (iter * sectorSz),
                 in + (iter * sectorSz), sectorSz, sector);
@@ -11507,9 +11510,9 @@ int wc_AesXtsDecryptConsecutiveSectors(XtsAes* aes, byte* out, const byte* in,
         word32 sz, word64 sector, word32 sectorSz)
 {
     int ret  = 0;
-    int iter = 0;
-    int sectorCount  = sz / sectorSz;
-    int remainder = sz % sectorSz;
+    word32 iter = 0;
+    word32 sectorCount;
+    word32 remainder;
 
     if (aes == NULL || out == NULL || in == NULL || sectorSz == 0) {
         return BAD_FUNC_ARG;
@@ -11520,6 +11523,9 @@ int wc_AesXtsDecryptConsecutiveSectors(XtsAes* aes, byte* out, const byte* in,
         return BAD_FUNC_ARG;
     }
 
+    sectorCount  = sz / sectorSz;
+    remainder = sz % sectorSz;
+
     while (sectorCount) {
         ret = wc_AesXtsDecryptSector(aes, out + (iter * sectorSz),
                 in + (iter * sectorSz), sectorSz, sector);
diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c
@@ -9820,10 +9820,6 @@ static wc_test_ret_t aes_xts_sector_test(void)
     int aes_inited = 0;
     wc_test_ret_t ret = 0;
     unsigned char buf[AES_BLOCK_SIZE * 2];
-#ifndef BENCH_EMBEDDED
-    /* Sector size for encrypt/decrypt consecutive sectors testcase */
-    word32 sectorSz = 512;
-#endif
 
     /* 128 key tests */
     WOLFSSL_SMALL_STACK_STATIC unsigned char k1[] = {
@@ -9871,7 +9867,11 @@ static wc_test_ret_t aes_xts_sector_test(void)
     };
     word64 s2 = 187;
 
-#ifndef BENCH_EMBEDDED
+#if !defined(BENCH_EMBEDDED) && \
+    (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
+    /* Sector size for encrypt/decrypt consecutive sectors testcase */
+    word32 sectorSz = 512;
+
     unsigned char data[550];
 
     WOLFSSL_SMALL_STACK_STATIC unsigned char k3[] = {
@@ -10055,7 +10055,8 @@ static wc_test_ret_t aes_xts_sector_test(void)
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
     wc_AesXtsFree(aes);
 
-#ifndef BENCH_EMBEDDED
+#if !defined(BENCH_EMBEDDED) && \
+    (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
     /* encrypt consecutive sectors test */
     XMEMSET(data, 0, sizeof(buf));
     ret = wc_AesXtsSetKey(aes, k3, sizeof(k3), AES_ENCRYPTION,
@@ -10090,7 +10091,7 @@ static wc_test_ret_t aes_xts_sector_test(void)
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
     wc_AesXtsFree(aes);
 
-#endif
+#endif /* !BENCH_EMBEDDED && (!HAVE_FIPS || FIPS_VERSION_GE(5, 3)) */
 
 out:
 
