bootutil: Remove BOOTUTIL_CRYPTO_AES_CTR_KEY_SIZE

#include "bootutil/bootutil_log.h"

#include "bootutil/bootutil_public.h"

#include "bootutil/fault_injection_hardening.h"

#include "bootutil/enc_key.h"

#include "mcuboot_config/mcuboot_config.h"

    #error "One crypto backend must be defined: either MBED_TLS or TINYCRYPT or PSA"

#endif

#include "bootutil/enc_key_public.h"

#if defined(MCUBOOT_USE_MBED_TLS)

    #include <mbedtls/aes.h>

    #include "bootutil/enc_key_public.h"

    #define BOOTUTIL_CRYPTO_AES_CTR_KEY_SIZE BOOT_ENC_KEY_SIZE

    #define BOOTUTIL_CRYPTO_AES_CTR_BLOCK_SIZE (16)

    #define BOOT_ENC_BLOCK_SIZE (16)

#endif /* MCUBOOT_USE_MBED_TLS */

#if defined(MCUBOOT_USE_TINYCRYPT)

    #if defined(MCUBOOT_AES_256)

        #error "Cannot use AES-256 for encryption with Tinycrypt library."

    #endif

    #include <string.h>

    #include <tinycrypt/aes.h>

    #include <tinycrypt/ctr_mode.h>

    #include <tinycrypt/constants.h>

    #define BOOTUTIL_CRYPTO_AES_CTR_KEY_SIZE TC_AES_KEY_SIZE

    #define BOOTUTIL_CRYPTO_AES_CTR_BLOCK_SIZE TC_AES_BLOCK_SIZE

    #if defined(MCUBOOT_AES_256) || (BOOT_ENC_KEY_SIZE != TC_AES_KEY_SIZE)

        #error "Cannot use AES-256 for encryption with Tinycrypt library."

    #endif

    #define BOOT_ENC_BLOCK_SIZE TC_AES_BLOCK_SIZE

#endif /* MCUBOOT_USE_TINYCRYPT */

#if defined(MCUBOOT_USE_PSA_CRYPTO)

    #include <psa/crypto.h>

    #include "bootutil/enc_key_public.h"

    #define BOOTUTIL_CRYPTO_AES_CTR_KEY_SIZE BOOT_ENC_KEY_SIZE

    #define BOOTUTIL_CRYPTO_AES_CTR_BLOCK_SIZE (16)

    #define BOOT_ENC_BLOCK_SIZE (16)

#endif

#include <stdint.h>

static inline int bootutil_aes_ctr_set_key(bootutil_aes_ctr_context *ctx, const uint8_t *k)

{

    return mbedtls_aes_setkey_enc(ctx, k, BOOTUTIL_CRYPTO_AES_CTR_KEY_SIZE * 8);

    return mbedtls_aes_setkey_enc(ctx, k, BOOT_ENC_KEY_SIZE * 8);

}

static inline int bootutil_aes_ctr_encrypt(bootutil_aes_ctr_context *ctx, uint8_t *counter, const uint8_t *m, uint32_t mlen, size_t blk_off, uint8_t *c)

{

    uint8_t stream_block[BOOTUTIL_CRYPTO_AES_CTR_BLOCK_SIZE];

    uint8_t stream_block[BOOT_ENC_BLOCK_SIZE];

    return mbedtls_aes_crypt_ctr(ctx, mlen, &blk_off, counter, stream_block, m, c);

}

static inline int bootutil_aes_ctr_decrypt(bootutil_aes_ctr_context *ctx, uint8_t *counter, const uint8_t *c, uint32_t clen, size_t blk_off, uint8_t *m)

{

    uint8_t stream_block[BOOTUTIL_CRYPTO_AES_CTR_BLOCK_SIZE];

    uint8_t stream_block[BOOT_ENC_BLOCK_SIZE];

    return mbedtls_aes_crypt_ctr(ctx, clen, &blk_off, counter, stream_block, c, m);

}

#endif /* MCUBOOT_USE_MBED_TLS */

    bootutil_aes_ctr_context aes_ctr;

    uint8_t tag[BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE];

    uint8_t shared[SHARED_KEY_LEN];

    uint8_t derived_key[BOOTUTIL_CRYPTO_AES_CTR_KEY_SIZE + BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE];

    uint8_t derived_key[BOOT_ENC_KEY_SIZE + BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE];

    uint8_t *cp;

    uint8_t *cpend;

    uint8_t private_key[PRIV_KEY_LEN];

    uint8_t counter[BOOTUTIL_CRYPTO_AES_CTR_BLOCK_SIZE];

    uint8_t counter[BOOT_ENC_BLOCK_SIZE];

    uint16_t len;

#endif

    struct bootutil_key *bootutil_enc_key = NULL;

     * Expand shared secret to create keys for AES-128-CTR + HMAC-SHA256

     */

    len = BOOTUTIL_CRYPTO_AES_CTR_KEY_SIZE + BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE;

    len = BOOT_ENC_KEY_SIZE + BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE;

    rc = hkdf(shared, SHARED_KEY_LEN, (uint8_t *)"MCUBoot_ECIES_v1", 16,

            derived_key, &len);

    if (rc != 0 || len != (BOOTUTIL_CRYPTO_AES_CTR_KEY_SIZE + BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE)) {

    if (rc != 0 || len != (BOOT_ENC_KEY_SIZE + BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE)) {

        return -1;

    }

        return -1;

    }

    memset(counter, 0, BOOTUTIL_CRYPTO_AES_CTR_BLOCK_SIZE);

    rc = bootutil_aes_ctr_decrypt(&aes_ctr, counter, &buf[EC_CIPHERKEY_INDEX], BOOTUTIL_CRYPTO_AES_CTR_KEY_SIZE, 0, enckey);

    memset(counter, 0, BOOT_ENC_BLOCK_SIZE);

    rc = bootutil_aes_ctr_decrypt(&aes_ctr, counter, &buf[EC_CIPHERKEY_INDEX], BOOT_ENC_KEY_SIZE, 0, enckey);

    if (rc != 0) {

        bootutil_aes_ctr_drop(&aes_ctr);

        return -1;

int

boot_decrypt_key(const uint8_t *buf, uint8_t *enckey)

{

    uint8_t derived_key[BOOTUTIL_CRYPTO_AES_CTR_KEY_SIZE + BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE];

    uint8_t derived_key[BOOT_ENC_KEY_SIZE + BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE];

    uint8_t *cp;

    uint8_t *cpend;

    uint8_t private_key[PRIV_KEY_LEN];

     * the beginning of the input buffer.

     */

    uint8_t iv_and_key[PSA_CIPHER_IV_LENGTH(PSA_KEY_TYPE_AES, PSA_ALG_CTR) +

                       BOOTUTIL_CRYPTO_AES_CTR_KEY_SIZE];

                       BOOT_ENC_KEY_SIZE];

    psa_ret = psa_crypto_init();

    if (psa_ret != PSA_SUCCESS) {

        return -1;

    }

    len = BOOTUTIL_CRYPTO_AES_CTR_KEY_SIZE + BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE;

    len = BOOT_ENC_KEY_SIZE + BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE;

    psa_ret = psa_key_derivation_output_bytes(&key_do, derived_key, len);

    psa_cleanup_ret = psa_key_derivation_abort(&key_do);

    if (psa_cleanup_ret != PSA_SUCCESS) {

        return -1;

    }

    /* The derived key consists of BOOTUTIL_CRYPTO_AES_CTR_KEY_SIZE bytes

    /* The derived key consists of BOOT_ENC_KEY_SIZE bytes

     * followed by BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE bytes. Both parts will

     * be imported at the point where needed and discarded immediately after.

     */

    psa_set_key_algorithm(&kattr, PSA_ALG_HMAC(PSA_ALG_SHA_256));

    /* Import the MAC tag key part of derived key, that is the part that starts

     * after BOOTUTIL_CRYPTO_AES_CTR_KEY_SIZE and has length of

     * after BOOT_ENC_KEY_SIZE and has length of

     * BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE bytes.

     */

    psa_ret = psa_import_key(&kattr,

                             &derived_key[BOOTUTIL_CRYPTO_AES_CTR_KEY_SIZE],

                             &derived_key[BOOT_ENC_KEY_SIZE],

                             BOOTUTIL_CRYPTO_SHA256_DIGEST_SIZE, &kid);

    psa_reset_key_attributes(&kattr);

    if (psa_ret != PSA_SUCCESS) {

    psa_set_key_algorithm(&kattr, PSA_ALG_CTR);

    /* Import the AES partition of derived key, the first 16 bytes */

    psa_ret = psa_import_key(&kattr, &derived_key[0],

                             BOOTUTIL_CRYPTO_AES_CTR_KEY_SIZE, &kid);

    psa_ret = psa_import_key(&kattr, &derived_key[0], BOOT_ENC_KEY_SIZE, &kid);

    memset(derived_key, 0, sizeof(derived_key));

    if (psa_ret != PSA_SUCCESS) {

        BOOT_LOG_ERR("AES key import failed %d", psa_ret);

    len = 0;

    psa_ret = psa_cipher_decrypt(kid, PSA_ALG_CTR, iv_and_key, sizeof(iv_and_key),

                                 enckey, BOOTUTIL_CRYPTO_AES_CTR_KEY_SIZE, &len);

                                 enckey, BOOT_ENC_KEY_SIZE, &len);

    memset(iv_and_key, 0, sizeof(iv_and_key));

    psa_cleanup_ret = psa_destroy_key(kid);

    if (psa_cleanup_ret != PSA_SUCCESS) {

	BOOT_LOG_WRN("AES key destruction failed %d", psa_cleanup_ret);

    }

    if (psa_ret != PSA_SUCCESS || len != BOOTUTIL_CRYPTO_AES_CTR_KEY_SIZE) {

        memset(enckey, 0, BOOTUTIL_CRYPTO_AES_CTR_KEY_SIZE);

    if (psa_ret != PSA_SUCCESS || len != BOOT_ENC_KEY_SIZE) {

        memset(enckey, 0, BOOT_ENC_KEY_SIZE);

        BOOT_LOG_ERR("Random key decryption failed %d", psa_ret);

        return -1;

    }