diff --git a/esp-hal/CHANGELOG.md b/esp-hal/CHANGELOG.md index 18fb077da86..9cf4967ab00 100644 --- a/esp-hal/CHANGELOG.md +++ b/esp-hal/CHANGELOG.md @@ -35,6 +35,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Fixed writes to SPI not flushing before attempting to write, causing corrupted writes (#1381) - fix AdcConfig::adc_calibrate for xtensa targets (#1379) - Fixed a divide by zero panic when setting the LEDC duty cycle to 0 with `SetDutyCycle::set_duty_cycle` (#1403) +- Support 192 and 256-bit keys for AES (#1316) ### Changed diff --git a/esp-hal/src/aes/mod.rs b/esp-hal/src/aes/mod.rs index b6d3a4a2999..50cb4c5e8a8 100644 --- a/esp-hal/src/aes/mod.rs +++ b/esp-hal/src/aes/mod.rs @@ -154,7 +154,13 @@ impl<'d> Aes<'d> { } /// Encrypts/Decrypts the given buffer based on `mode` parameter - pub fn process(&mut self, block: &mut [u8; 16], mode: Mode, key: &[u8; 16]) { + pub fn process(&mut self, block: &mut [u8; 16], mode: Mode, key: &[u8]) { + assert!( + key.len() == 16 + || (cfg!(any(feature = "esp32", feature = "esp32s2")) && key.len() == 24) + || key.len() == 32, + "Invalid key size" + ); self.write_key(key); self.set_mode(mode as u8); self.set_block(block); @@ -396,7 +402,7 @@ pub mod dma { read_buffer: &'t mut RXBUF, mode: Mode, cipher_mode: CipherMode, - key: [u8; 16], + key: &[u8], ) -> Result, crate::dma::DmaError> where TXBUF: ReadBuffer, @@ -427,7 +433,7 @@ pub mod dma { read_buffer_len: usize, mode: Mode, cipher_mode: CipherMode, - key: [u8; 16], + key: &[u8], ) -> Result<(), crate::dma::DmaError> { // AES has to be restarted after each calculation self.reset_aes(); @@ -457,7 +463,7 @@ pub mod dma { self.enable_interrupt(); self.set_mode(mode); self.set_cipher_mode(cipher_mode); - self.write_key(&key); + self.write_key(key); // TODO: verify 16? self.set_num_block(16); diff --git a/examples/src/bin/aes.rs b/examples/src/bin/aes.rs index ae513f5b354..3f3f3824927 100644 --- a/examples/src/bin/aes.rs +++ b/examples/src/bin/aes.rs @@ -73,14 +73,10 @@ fn main() -> ! { ); let sw_decrypted = block; - assert!(eq(&sw_encrypted.into(), &hw_encrypted)); - assert!(eq(&sw_decrypted.into(), &hw_decrypted)); + assert!(&sw_encrypted as &[u8] == &hw_encrypted); + assert!(&sw_decrypted as &[u8] == &hw_decrypted); println!("done"); loop {} } - -fn eq(slice1: &[u8; 16], slice2: &[u8; 16]) -> bool { - slice1.iter().zip(slice2.iter()).all(|(a, b)| a == b) -} diff --git a/examples/src/bin/aes_dma.rs b/examples/src/bin/aes_dma.rs index da6aa4a0539..6e9c8e2387c 100644 --- a/examples/src/bin/aes_dma.rs +++ b/examples/src/bin/aes_dma.rs @@ -50,7 +50,7 @@ fn main() -> ! { &mut output, Mode::Encryption128, CipherMode::Ecb, - keytext, + &keytext, ) .unwrap(); transfer.wait().unwrap(); @@ -72,7 +72,7 @@ fn main() -> ! { &mut output, Mode::Decryption128, CipherMode::Ecb, - keytext, + &keytext, ) .unwrap(); transfer.wait().unwrap(); @@ -109,13 +109,9 @@ fn main() -> ! { ); let sw_decrypted = block.clone(); - assert!(eq(&sw_encrypted.into(), &hw_encrypted)); - assert!(eq(&sw_decrypted.into(), &hw_decrypted)); + assert!(&sw_encrypted as &[u8] == &hw_encrypted); + assert!(&sw_decrypted as &[u8] == &hw_decrypted); println!("done"); loop {} } - -fn eq(slice1: &[u8; 16], slice2: &[u8; 16]) -> bool { - slice1.iter().zip(slice2.iter()).all(|(a, b)| a == b) -}