aes: validate keys using crc before encryption/decryption CRC is calculated when the key is set. This commit also adds new tests for ecb encryption and decryption, simulating a fault injection after the key is set. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>

commit: fba59211869f562d5b27110815bf9007d4fda87a [log] [tgz]
author: Andrzej Kurek <andrzej.kurek@arm.com> Fri Aug 07 21:02:25 2020 -0400
committer: Andrzej Kurek <andrzej.kurek@arm.com> Sat Aug 08 19:06:44 2020 -0400
tree: 8a5eef1c00384d7ba5d0a6d1a7136a45e6f06139
parent: 9df2b416b908b7ce206386a04980ac9f6c66b57c [diff] [blame]
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 98df7c5..db38e81 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h

@@ -2735,11 +2735,23 @@
  *
  * Module:  library/crc.c
  *
- * This module enables mbedtls_crc_update.
+ * This module enables mbedtls_crc_update().
  */
 //#define MBEDTLS_CRC_C
 
 /**
+ * \def MBEDTLS_VALIDATE_AES_KEYS_INTEGRITY
+ *
+ * Enable validation of AES keys by checking their CRC
+ * during every encryption/decryption.
+ *
+ * Module:  library/aes.c
+ *
+ * Requires: MBEDTLS_CRC_C
+ */
+//#define MBEDTLS_VALIDATE_AES_KEYS_INTEGRITY
+
+/**
  * \def MBEDTLS_GCM_C
  *
  * Enable the Galois/Counter Mode (GCM) for AES.
commit	fba59211869f562d5b27110815bf9007d4fda87a	[log] [tgz]
author	Andrzej Kurek <andrzej.kurek@arm.com>	Fri Aug 07 21:02:25 2020 -0400
committer	Andrzej Kurek <andrzej.kurek@arm.com>	Sat Aug 08 19:06:44 2020 -0400
tree	8a5eef1c00384d7ba5d0a6d1a7136a45e6f06139
parent	9df2b416b908b7ce206386a04980ac9f6c66b57c [diff] [blame]