aes: xts: Rename iv to data_unit

XTS doesn't have an IV, it has a "Data Unit". Rename iv for parity with the XTS standard.
2025-11-03 20:22:59 -05:00 · 2018-05-30 15:23:24 +01:00 · 2018-05-30 15:23:24 +01:00 · cd9fc5e541
commit cd9fc5e541
parent d82cd860b2
3 changed files with 14 additions and 13 deletions
--- a/include/mbedtls/aes.h
+++ b/include/mbedtls/aes.h
@ -290,7 +290,7 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
 *
 *             AES-XTS encrypts or decrypts blocks based on their location as
 *             defined by a data unit number. The data unit number must be
- *             provided by \p iv.
+ *             provided by \p data_unit.
 *
 *             NIST SP 800-38E limits the maximum size of a data unit to 2^20
 *             AES blocks. If the data unit is larger than this, this function
@ -302,7 +302,7 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
 * \param length       The length of a data unit in bytes. This can be any
 *                     length between 16 bytes and 2^24 bytes inclusive
 *                     (between 1 and 2^20 block cipher blocks).
- * \param iv           The address of the data unit encoded as an array of 16
+ * \param data_unit    The address of the data unit encoded as an array of 16
 *                     bytes in little-endian format. For disk encryption, this
 *                     is typically the index of the block device sector that
 *                     contains the data.
@ -321,7 +321,7 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
 int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
                           int mode,
                           size_t length,
-                           const unsigned char iv[16],
+                           const unsigned char data_unit[16],
                           const unsigned char *input,
                           unsigned char *output );
 #endif /* MBEDTLS_CIPHER_MODE_XTS */
--- a/library/aes.c
+++ b/library/aes.c
@ -1131,7 +1131,7 @@ static void mbedtls_gf128mul_x_ble( unsigned char r[16],
 int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
                           int mode,
                           size_t length,
-                           const unsigned char iv[16],
+                           const unsigned char data_unit[16],
                           const unsigned char *input,
                           unsigned char *output )
 {
@ -1151,7 +1151,8 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
        return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;

    /* Compute the tweak. */
-    ret = mbedtls_aes_crypt_ecb( &ctx->tweak, MBEDTLS_AES_ENCRYPT, iv, tweak );
+    ret = mbedtls_aes_crypt_ecb( &ctx->tweak, MBEDTLS_AES_ENCRYPT,
+                                 data_unit, tweak );
    if( ret != 0 )
        return( ret );

--- a/tests/suites/test_suite_aes.function
+++ b/tests/suites/test_suite_aes.function
@ -152,12 +152,12 @@ exit:
 /* END_CASE */

 /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */
-void aes_encrypt_xts( char *hex_key_string, char *hex_iv_string,
+void aes_encrypt_xts( char *hex_key_string, char *hex_data_unit_string,
                      char *hex_src_string, char *hex_dst_string,
                      int data_unit_len, int xts_result )
 {
    unsigned char key_str[100] = { 0, };
-    unsigned char iv_str[100]  = { 0, };
+    unsigned char data_unit_str[100] = { 0, };
    unsigned char src_str[100] = { 0, };
    unsigned char dst_str[100] = { 0, };
    unsigned char output[100]  = { 0, };
@ -167,13 +167,13 @@ void aes_encrypt_xts( char *hex_key_string, char *hex_iv_string,
    mbedtls_aes_xts_init( &ctx );

    key_len = unhexify( key_str, hex_key_string );
-    unhexify( iv_str, hex_iv_string );
+    unhexify( data_unit_str, hex_data_unit_string );
    data_len = unhexify( src_str, hex_src_string );
    TEST_ASSERT( data_len == data_unit_len / 8 );

    mbedtls_aes_xts_setkey_enc( &ctx, key_str, key_len * 8 );

-    TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, data_len, iv_str, src_str, output ) == xts_result );
+    TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, data_len, data_unit_str, src_str, output ) == xts_result );
    if( xts_result == 0 )
    {
        hexify( dst_str, output, data_len );
@ -187,12 +187,12 @@ exit:
 /* END_CASE */

 /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */
-void aes_decrypt_xts( char *hex_key_string, char *hex_iv_string,
+void aes_decrypt_xts( char *hex_key_string, char *hex_data_unit_string,
                      char *hex_src_string, char *hex_dst_string,
                      int data_unit_len, int xts_result )
 {
    unsigned char key_str[100] = { 0, };
-    unsigned char iv_str[100]  = { 0, };
+    unsigned char data_unit_str[100] = { 0, };
    unsigned char src_str[100] = { 0, };
    unsigned char dst_str[100] = { 0, };
    unsigned char output[100]  = { 0, };
@ -202,13 +202,13 @@ void aes_decrypt_xts( char *hex_key_string, char *hex_iv_string,
    mbedtls_aes_xts_init( &ctx );

    key_len = unhexify( key_str, hex_key_string );
-    unhexify( iv_str, hex_iv_string );
+    unhexify( data_unit_str, hex_data_unit_string );
    data_len = unhexify( src_str, hex_src_string );
    TEST_ASSERT( data_len == data_unit_len / 8 );

    mbedtls_aes_xts_setkey_dec( &ctx, key_str, key_len * 8 );

-    TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_DECRYPT, data_len, iv_str, src_str, output ) == xts_result );
+    TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_DECRYPT, data_len, data_unit_str, src_str, output ) == xts_result );
    if( xts_result == 0 )
    {
        hexify( dst_str, output, data_len );