mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-07-07 22:50:39 +00:00
Merge pull request #4257 from ronald-cron-arm/psa-aead
Add PSA crypto driver delegation for AEAD single shot PSA APIs - 1
This commit is contained in:
commit
09c916afba
|
@ -63,6 +63,7 @@ set(src_crypto
|
||||||
platform_util.c
|
platform_util.c
|
||||||
poly1305.c
|
poly1305.c
|
||||||
psa_crypto.c
|
psa_crypto.c
|
||||||
|
psa_crypto_aead.c
|
||||||
psa_crypto_cipher.c
|
psa_crypto_cipher.c
|
||||||
psa_crypto_client.c
|
psa_crypto_client.c
|
||||||
psa_crypto_driver_wrappers.c
|
psa_crypto_driver_wrappers.c
|
||||||
|
|
|
@ -120,6 +120,7 @@ OBJS_CRYPTO= \
|
||||||
platform_util.o \
|
platform_util.o \
|
||||||
poly1305.o \
|
poly1305.o \
|
||||||
psa_crypto.o \
|
psa_crypto.o \
|
||||||
|
psa_crypto_aead.o \
|
||||||
psa_crypto_cipher.o \
|
psa_crypto_cipher.o \
|
||||||
psa_crypto_client.o \
|
psa_crypto_client.o \
|
||||||
psa_crypto_driver_wrappers.o \
|
psa_crypto_driver_wrappers.o \
|
||||||
|
|
|
@ -563,17 +563,6 @@ static psa_status_t validate_unstructured_key_bit_size( psa_key_type_t type,
|
||||||
return( PSA_SUCCESS );
|
return( PSA_SUCCESS );
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Return the size of the key in the given slot, in bits.
|
|
||||||
*
|
|
||||||
* \param[in] slot A key slot.
|
|
||||||
*
|
|
||||||
* \return The key size in bits, read from the metadata in the slot.
|
|
||||||
*/
|
|
||||||
static inline size_t psa_get_key_slot_bits( const psa_key_slot_t *slot )
|
|
||||||
{
|
|
||||||
return( slot->attr.bits );
|
|
||||||
}
|
|
||||||
|
|
||||||
/** Check whether a given key type is valid for use with a given MAC algorithm
|
/** Check whether a given key type is valid for use with a given MAC algorithm
|
||||||
*
|
*
|
||||||
* Upon successful return of this function, the behavior of #PSA_MAC_LENGTH
|
* Upon successful return of this function, the behavior of #PSA_MAC_LENGTH
|
||||||
|
@ -3530,158 +3519,6 @@ psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation )
|
||||||
/* AEAD */
|
/* AEAD */
|
||||||
/****************************************************************/
|
/****************************************************************/
|
||||||
|
|
||||||
typedef struct
|
|
||||||
{
|
|
||||||
psa_key_slot_t *slot;
|
|
||||||
const mbedtls_cipher_info_t *cipher_info;
|
|
||||||
union
|
|
||||||
{
|
|
||||||
unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
|
|
||||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
|
|
||||||
mbedtls_ccm_context ccm;
|
|
||||||
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
|
|
||||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
|
|
||||||
mbedtls_gcm_context gcm;
|
|
||||||
#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
|
|
||||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
|
|
||||||
mbedtls_chachapoly_context chachapoly;
|
|
||||||
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
|
|
||||||
} ctx;
|
|
||||||
psa_algorithm_t core_alg;
|
|
||||||
uint8_t full_tag_length;
|
|
||||||
uint8_t tag_length;
|
|
||||||
} aead_operation_t;
|
|
||||||
|
|
||||||
#define AEAD_OPERATION_INIT {0, 0, {0}, 0, 0, 0}
|
|
||||||
|
|
||||||
static void psa_aead_abort_internal( aead_operation_t *operation )
|
|
||||||
{
|
|
||||||
switch( operation->core_alg )
|
|
||||||
{
|
|
||||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
|
|
||||||
case PSA_ALG_CCM:
|
|
||||||
mbedtls_ccm_free( &operation->ctx.ccm );
|
|
||||||
break;
|
|
||||||
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
|
|
||||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
|
|
||||||
case PSA_ALG_GCM:
|
|
||||||
mbedtls_gcm_free( &operation->ctx.gcm );
|
|
||||||
break;
|
|
||||||
#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
|
|
||||||
}
|
|
||||||
|
|
||||||
psa_unlock_key_slot( operation->slot );
|
|
||||||
}
|
|
||||||
|
|
||||||
static psa_status_t psa_aead_setup( aead_operation_t *operation,
|
|
||||||
mbedtls_svc_key_id_t key,
|
|
||||||
psa_key_usage_t usage,
|
|
||||||
psa_algorithm_t alg )
|
|
||||||
{
|
|
||||||
psa_status_t status;
|
|
||||||
size_t key_bits;
|
|
||||||
mbedtls_cipher_id_t cipher_id;
|
|
||||||
|
|
||||||
status = psa_get_and_lock_transparent_key_slot_with_policy(
|
|
||||||
key, &operation->slot, usage, alg );
|
|
||||||
if( status != PSA_SUCCESS )
|
|
||||||
return( status );
|
|
||||||
|
|
||||||
key_bits = psa_get_key_slot_bits( operation->slot );
|
|
||||||
|
|
||||||
operation->cipher_info =
|
|
||||||
mbedtls_cipher_info_from_psa( alg, operation->slot->attr.type, key_bits,
|
|
||||||
&cipher_id );
|
|
||||||
if( operation->cipher_info == NULL )
|
|
||||||
{
|
|
||||||
status = PSA_ERROR_NOT_SUPPORTED;
|
|
||||||
goto cleanup;
|
|
||||||
}
|
|
||||||
|
|
||||||
switch( PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, 0 ) )
|
|
||||||
{
|
|
||||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
|
|
||||||
case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 0 ):
|
|
||||||
operation->core_alg = PSA_ALG_CCM;
|
|
||||||
operation->full_tag_length = 16;
|
|
||||||
/* CCM allows the following tag lengths: 4, 6, 8, 10, 12, 14, 16.
|
|
||||||
* The call to mbedtls_ccm_encrypt_and_tag or
|
|
||||||
* mbedtls_ccm_auth_decrypt will validate the tag length. */
|
|
||||||
if( PSA_BLOCK_CIPHER_BLOCK_LENGTH( operation->slot->attr.type ) != 16 )
|
|
||||||
{
|
|
||||||
status = PSA_ERROR_INVALID_ARGUMENT;
|
|
||||||
goto cleanup;
|
|
||||||
}
|
|
||||||
mbedtls_ccm_init( &operation->ctx.ccm );
|
|
||||||
status = mbedtls_to_psa_error(
|
|
||||||
mbedtls_ccm_setkey( &operation->ctx.ccm, cipher_id,
|
|
||||||
operation->slot->key.data,
|
|
||||||
(unsigned int) key_bits ) );
|
|
||||||
if( status != 0 )
|
|
||||||
goto cleanup;
|
|
||||||
break;
|
|
||||||
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
|
|
||||||
|
|
||||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
|
|
||||||
case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 0 ):
|
|
||||||
operation->core_alg = PSA_ALG_GCM;
|
|
||||||
operation->full_tag_length = 16;
|
|
||||||
/* GCM allows the following tag lengths: 4, 8, 12, 13, 14, 15, 16.
|
|
||||||
* The call to mbedtls_gcm_crypt_and_tag or
|
|
||||||
* mbedtls_gcm_auth_decrypt will validate the tag length. */
|
|
||||||
if( PSA_BLOCK_CIPHER_BLOCK_LENGTH( operation->slot->attr.type ) != 16 )
|
|
||||||
{
|
|
||||||
status = PSA_ERROR_INVALID_ARGUMENT;
|
|
||||||
goto cleanup;
|
|
||||||
}
|
|
||||||
mbedtls_gcm_init( &operation->ctx.gcm );
|
|
||||||
status = mbedtls_to_psa_error(
|
|
||||||
mbedtls_gcm_setkey( &operation->ctx.gcm, cipher_id,
|
|
||||||
operation->slot->key.data,
|
|
||||||
(unsigned int) key_bits ) );
|
|
||||||
if( status != 0 )
|
|
||||||
goto cleanup;
|
|
||||||
break;
|
|
||||||
#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
|
|
||||||
|
|
||||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
|
|
||||||
case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CHACHA20_POLY1305, 0 ):
|
|
||||||
operation->core_alg = PSA_ALG_CHACHA20_POLY1305;
|
|
||||||
operation->full_tag_length = 16;
|
|
||||||
/* We only support the default tag length. */
|
|
||||||
if( alg != PSA_ALG_CHACHA20_POLY1305 )
|
|
||||||
{
|
|
||||||
status = PSA_ERROR_NOT_SUPPORTED;
|
|
||||||
goto cleanup;
|
|
||||||
}
|
|
||||||
mbedtls_chachapoly_init( &operation->ctx.chachapoly );
|
|
||||||
status = mbedtls_to_psa_error(
|
|
||||||
mbedtls_chachapoly_setkey( &operation->ctx.chachapoly,
|
|
||||||
operation->slot->key.data ) );
|
|
||||||
if( status != 0 )
|
|
||||||
goto cleanup;
|
|
||||||
break;
|
|
||||||
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
|
|
||||||
|
|
||||||
default:
|
|
||||||
status = PSA_ERROR_NOT_SUPPORTED;
|
|
||||||
goto cleanup;
|
|
||||||
}
|
|
||||||
|
|
||||||
if( PSA_AEAD_TAG_LENGTH( alg ) > operation->full_tag_length )
|
|
||||||
{
|
|
||||||
status = PSA_ERROR_INVALID_ARGUMENT;
|
|
||||||
goto cleanup;
|
|
||||||
}
|
|
||||||
operation->tag_length = PSA_AEAD_TAG_LENGTH( alg );
|
|
||||||
|
|
||||||
return( PSA_SUCCESS );
|
|
||||||
|
|
||||||
cleanup:
|
|
||||||
psa_aead_abort_internal( operation );
|
|
||||||
return( status );
|
|
||||||
}
|
|
||||||
|
|
||||||
psa_status_t psa_aead_encrypt( mbedtls_svc_key_id_t key,
|
psa_status_t psa_aead_encrypt( mbedtls_svc_key_id_t key,
|
||||||
psa_algorithm_t alg,
|
psa_algorithm_t alg,
|
||||||
const uint8_t *nonce,
|
const uint8_t *nonce,
|
||||||
|
@ -3694,107 +3531,37 @@ psa_status_t psa_aead_encrypt( mbedtls_svc_key_id_t key,
|
||||||
size_t ciphertext_size,
|
size_t ciphertext_size,
|
||||||
size_t *ciphertext_length )
|
size_t *ciphertext_length )
|
||||||
{
|
{
|
||||||
psa_status_t status;
|
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||||
aead_operation_t operation = AEAD_OPERATION_INIT;
|
psa_key_slot_t *slot;
|
||||||
uint8_t *tag;
|
|
||||||
|
|
||||||
*ciphertext_length = 0;
|
*ciphertext_length = 0;
|
||||||
|
|
||||||
status = psa_aead_setup( &operation, key, PSA_KEY_USAGE_ENCRYPT, alg );
|
if( !PSA_ALG_IS_AEAD( alg ) || PSA_ALG_IS_WILDCARD( alg ) )
|
||||||
|
return( PSA_ERROR_NOT_SUPPORTED );
|
||||||
|
|
||||||
|
status = psa_get_and_lock_key_slot_with_policy(
|
||||||
|
key, &slot, PSA_KEY_USAGE_ENCRYPT, alg );
|
||||||
if( status != PSA_SUCCESS )
|
if( status != PSA_SUCCESS )
|
||||||
return( status );
|
return( status );
|
||||||
|
|
||||||
/* For all currently supported modes, the tag is at the end of the
|
psa_key_attributes_t attributes = {
|
||||||
* ciphertext. */
|
.core = slot->attr
|
||||||
if( ciphertext_size < ( plaintext_length + operation.tag_length ) )
|
};
|
||||||
{
|
|
||||||
status = PSA_ERROR_BUFFER_TOO_SMALL;
|
|
||||||
goto exit;
|
|
||||||
}
|
|
||||||
tag = ciphertext + plaintext_length;
|
|
||||||
|
|
||||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
|
status = psa_driver_wrapper_aead_encrypt(
|
||||||
if( operation.core_alg == PSA_ALG_GCM )
|
&attributes, slot->key.data, slot->key.bytes,
|
||||||
{
|
alg,
|
||||||
status = mbedtls_to_psa_error(
|
nonce, nonce_length,
|
||||||
mbedtls_gcm_crypt_and_tag( &operation.ctx.gcm,
|
additional_data, additional_data_length,
|
||||||
MBEDTLS_GCM_ENCRYPT,
|
plaintext, plaintext_length,
|
||||||
plaintext_length,
|
ciphertext, ciphertext_size, ciphertext_length );
|
||||||
nonce, nonce_length,
|
|
||||||
additional_data, additional_data_length,
|
|
||||||
plaintext, ciphertext,
|
|
||||||
operation.tag_length, tag ) );
|
|
||||||
}
|
|
||||||
else
|
|
||||||
#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
|
|
||||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
|
|
||||||
if( operation.core_alg == PSA_ALG_CCM )
|
|
||||||
{
|
|
||||||
status = mbedtls_to_psa_error(
|
|
||||||
mbedtls_ccm_encrypt_and_tag( &operation.ctx.ccm,
|
|
||||||
plaintext_length,
|
|
||||||
nonce, nonce_length,
|
|
||||||
additional_data,
|
|
||||||
additional_data_length,
|
|
||||||
plaintext, ciphertext,
|
|
||||||
tag, operation.tag_length ) );
|
|
||||||
}
|
|
||||||
else
|
|
||||||
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
|
|
||||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
|
|
||||||
if( operation.core_alg == PSA_ALG_CHACHA20_POLY1305 )
|
|
||||||
{
|
|
||||||
if( nonce_length != 12 || operation.tag_length != 16 )
|
|
||||||
{
|
|
||||||
status = PSA_ERROR_NOT_SUPPORTED;
|
|
||||||
goto exit;
|
|
||||||
}
|
|
||||||
status = mbedtls_to_psa_error(
|
|
||||||
mbedtls_chachapoly_encrypt_and_tag( &operation.ctx.chachapoly,
|
|
||||||
plaintext_length,
|
|
||||||
nonce,
|
|
||||||
additional_data,
|
|
||||||
additional_data_length,
|
|
||||||
plaintext,
|
|
||||||
ciphertext,
|
|
||||||
tag ) );
|
|
||||||
}
|
|
||||||
else
|
|
||||||
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
|
|
||||||
{
|
|
||||||
(void) tag;
|
|
||||||
return( PSA_ERROR_NOT_SUPPORTED );
|
|
||||||
}
|
|
||||||
|
|
||||||
if( status != PSA_SUCCESS && ciphertext_size != 0 )
|
if( status != PSA_SUCCESS && ciphertext_size != 0 )
|
||||||
memset( ciphertext, 0, ciphertext_size );
|
memset( ciphertext, 0, ciphertext_size );
|
||||||
|
|
||||||
exit:
|
psa_unlock_key_slot( slot );
|
||||||
psa_aead_abort_internal( &operation );
|
|
||||||
if( status == PSA_SUCCESS )
|
|
||||||
*ciphertext_length = plaintext_length + operation.tag_length;
|
|
||||||
return( status );
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Locate the tag in a ciphertext buffer containing the encrypted data
|
return( status );
|
||||||
* followed by the tag. Return the length of the part preceding the tag in
|
|
||||||
* *plaintext_length. This is the size of the plaintext in modes where
|
|
||||||
* the encrypted data has the same size as the plaintext, such as
|
|
||||||
* CCM and GCM. */
|
|
||||||
static psa_status_t psa_aead_unpadded_locate_tag( size_t tag_length,
|
|
||||||
const uint8_t *ciphertext,
|
|
||||||
size_t ciphertext_length,
|
|
||||||
size_t plaintext_size,
|
|
||||||
const uint8_t **p_tag )
|
|
||||||
{
|
|
||||||
size_t payload_length;
|
|
||||||
if( tag_length > ciphertext_length )
|
|
||||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
|
||||||
payload_length = ciphertext_length - tag_length;
|
|
||||||
if( payload_length > plaintext_size )
|
|
||||||
return( PSA_ERROR_BUFFER_TOO_SMALL );
|
|
||||||
*p_tag = ciphertext + payload_length;
|
|
||||||
return( PSA_SUCCESS );
|
|
||||||
}
|
}
|
||||||
|
|
||||||
psa_status_t psa_aead_decrypt( mbedtls_svc_key_id_t key,
|
psa_status_t psa_aead_decrypt( mbedtls_svc_key_id_t key,
|
||||||
|
@ -3809,86 +3576,39 @@ psa_status_t psa_aead_decrypt( mbedtls_svc_key_id_t key,
|
||||||
size_t plaintext_size,
|
size_t plaintext_size,
|
||||||
size_t *plaintext_length )
|
size_t *plaintext_length )
|
||||||
{
|
{
|
||||||
psa_status_t status;
|
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||||
aead_operation_t operation = AEAD_OPERATION_INIT;
|
psa_key_slot_t *slot;
|
||||||
const uint8_t *tag = NULL;
|
|
||||||
|
|
||||||
*plaintext_length = 0;
|
*plaintext_length = 0;
|
||||||
|
|
||||||
status = psa_aead_setup( &operation, key, PSA_KEY_USAGE_DECRYPT, alg );
|
if( !PSA_ALG_IS_AEAD( alg ) || PSA_ALG_IS_WILDCARD( alg ) )
|
||||||
|
return( PSA_ERROR_NOT_SUPPORTED );
|
||||||
|
|
||||||
|
status = psa_get_and_lock_key_slot_with_policy(
|
||||||
|
key, &slot, PSA_KEY_USAGE_DECRYPT, alg );
|
||||||
if( status != PSA_SUCCESS )
|
if( status != PSA_SUCCESS )
|
||||||
return( status );
|
return( status );
|
||||||
|
|
||||||
status = psa_aead_unpadded_locate_tag( operation.tag_length,
|
psa_key_attributes_t attributes = {
|
||||||
ciphertext, ciphertext_length,
|
.core = slot->attr
|
||||||
plaintext_size, &tag );
|
};
|
||||||
if( status != PSA_SUCCESS )
|
|
||||||
goto exit;
|
|
||||||
|
|
||||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
|
status = psa_driver_wrapper_aead_decrypt(
|
||||||
if( operation.core_alg == PSA_ALG_GCM )
|
&attributes, slot->key.data, slot->key.bytes,
|
||||||
{
|
alg,
|
||||||
status = mbedtls_to_psa_error(
|
nonce, nonce_length,
|
||||||
mbedtls_gcm_auth_decrypt( &operation.ctx.gcm,
|
additional_data, additional_data_length,
|
||||||
ciphertext_length - operation.tag_length,
|
ciphertext, ciphertext_length,
|
||||||
nonce, nonce_length,
|
plaintext, plaintext_size, plaintext_length );
|
||||||
additional_data,
|
|
||||||
additional_data_length,
|
|
||||||
tag, operation.tag_length,
|
|
||||||
ciphertext, plaintext ) );
|
|
||||||
}
|
|
||||||
else
|
|
||||||
#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
|
|
||||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
|
|
||||||
if( operation.core_alg == PSA_ALG_CCM )
|
|
||||||
{
|
|
||||||
status = mbedtls_to_psa_error(
|
|
||||||
mbedtls_ccm_auth_decrypt( &operation.ctx.ccm,
|
|
||||||
ciphertext_length - operation.tag_length,
|
|
||||||
nonce, nonce_length,
|
|
||||||
additional_data,
|
|
||||||
additional_data_length,
|
|
||||||
ciphertext, plaintext,
|
|
||||||
tag, operation.tag_length ) );
|
|
||||||
}
|
|
||||||
else
|
|
||||||
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
|
|
||||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
|
|
||||||
if( operation.core_alg == PSA_ALG_CHACHA20_POLY1305 )
|
|
||||||
{
|
|
||||||
if( nonce_length != 12 || operation.tag_length != 16 )
|
|
||||||
{
|
|
||||||
status = PSA_ERROR_NOT_SUPPORTED;
|
|
||||||
goto exit;
|
|
||||||
}
|
|
||||||
status = mbedtls_to_psa_error(
|
|
||||||
mbedtls_chachapoly_auth_decrypt( &operation.ctx.chachapoly,
|
|
||||||
ciphertext_length - operation.tag_length,
|
|
||||||
nonce,
|
|
||||||
additional_data,
|
|
||||||
additional_data_length,
|
|
||||||
tag,
|
|
||||||
ciphertext,
|
|
||||||
plaintext ) );
|
|
||||||
}
|
|
||||||
else
|
|
||||||
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
|
|
||||||
{
|
|
||||||
return( PSA_ERROR_NOT_SUPPORTED );
|
|
||||||
}
|
|
||||||
|
|
||||||
if( status != PSA_SUCCESS && plaintext_size != 0 )
|
if( status != PSA_SUCCESS && plaintext_size != 0 )
|
||||||
memset( plaintext, 0, plaintext_size );
|
memset( plaintext, 0, plaintext_size );
|
||||||
|
|
||||||
exit:
|
psa_unlock_key_slot( slot );
|
||||||
psa_aead_abort_internal( &operation );
|
|
||||||
if( status == PSA_SUCCESS )
|
|
||||||
*plaintext_length = ciphertext_length - operation.tag_length;
|
|
||||||
return( status );
|
return( status );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/****************************************************************/
|
/****************************************************************/
|
||||||
/* Generators */
|
/* Generators */
|
||||||
/****************************************************************/
|
/****************************************************************/
|
||||||
|
|
363
library/psa_crypto_aead.c
Normal file
363
library/psa_crypto_aead.c
Normal file
|
@ -0,0 +1,363 @@
|
||||||
|
/*
|
||||||
|
* PSA AEAD entry points
|
||||||
|
*/
|
||||||
|
/*
|
||||||
|
* Copyright The Mbed TLS Contributors
|
||||||
|
* SPDX-License-Identifier: Apache-2.0
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
* not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include "common.h"
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_PSA_CRYPTO_C)
|
||||||
|
|
||||||
|
#include "psa_crypto_aead.h"
|
||||||
|
#include "psa_crypto_core.h"
|
||||||
|
|
||||||
|
#include "mbedtls/ccm.h"
|
||||||
|
#include "mbedtls/chachapoly.h"
|
||||||
|
#include "mbedtls/cipher.h"
|
||||||
|
#include "mbedtls/gcm.h"
|
||||||
|
|
||||||
|
typedef struct
|
||||||
|
{
|
||||||
|
union
|
||||||
|
{
|
||||||
|
unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
|
||||||
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
|
||||||
|
mbedtls_ccm_context ccm;
|
||||||
|
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
|
||||||
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
|
||||||
|
mbedtls_gcm_context gcm;
|
||||||
|
#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
|
||||||
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
|
||||||
|
mbedtls_chachapoly_context chachapoly;
|
||||||
|
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
|
||||||
|
} ctx;
|
||||||
|
psa_algorithm_t core_alg;
|
||||||
|
uint8_t tag_length;
|
||||||
|
} aead_operation_t;
|
||||||
|
|
||||||
|
#define AEAD_OPERATION_INIT {{0}, 0, 0}
|
||||||
|
|
||||||
|
static void psa_aead_abort_internal( aead_operation_t *operation )
|
||||||
|
{
|
||||||
|
switch( operation->core_alg )
|
||||||
|
{
|
||||||
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
|
||||||
|
case PSA_ALG_CCM:
|
||||||
|
mbedtls_ccm_free( &operation->ctx.ccm );
|
||||||
|
break;
|
||||||
|
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
|
||||||
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
|
||||||
|
case PSA_ALG_GCM:
|
||||||
|
mbedtls_gcm_free( &operation->ctx.gcm );
|
||||||
|
break;
|
||||||
|
#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
|
||||||
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
|
||||||
|
case PSA_ALG_CHACHA20_POLY1305:
|
||||||
|
mbedtls_chachapoly_free( &operation->ctx.chachapoly );
|
||||||
|
break;
|
||||||
|
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
static psa_status_t psa_aead_setup(
|
||||||
|
aead_operation_t *operation,
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key_buffer,
|
||||||
|
psa_algorithm_t alg )
|
||||||
|
{
|
||||||
|
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||||
|
size_t key_bits;
|
||||||
|
const mbedtls_cipher_info_t *cipher_info;
|
||||||
|
mbedtls_cipher_id_t cipher_id;
|
||||||
|
size_t full_tag_length = 0;
|
||||||
|
|
||||||
|
key_bits = attributes->core.bits;
|
||||||
|
|
||||||
|
cipher_info = mbedtls_cipher_info_from_psa( alg,
|
||||||
|
attributes->core.type, key_bits,
|
||||||
|
&cipher_id );
|
||||||
|
if( cipher_info == NULL )
|
||||||
|
return( PSA_ERROR_NOT_SUPPORTED );
|
||||||
|
|
||||||
|
switch( PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, 0 ) )
|
||||||
|
{
|
||||||
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
|
||||||
|
case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 0 ):
|
||||||
|
operation->core_alg = PSA_ALG_CCM;
|
||||||
|
full_tag_length = 16;
|
||||||
|
/* CCM allows the following tag lengths: 4, 6, 8, 10, 12, 14, 16.
|
||||||
|
* The call to mbedtls_ccm_encrypt_and_tag or
|
||||||
|
* mbedtls_ccm_auth_decrypt will validate the tag length. */
|
||||||
|
if( PSA_BLOCK_CIPHER_BLOCK_LENGTH( attributes->core.type ) != 16 )
|
||||||
|
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||||
|
|
||||||
|
mbedtls_ccm_init( &operation->ctx.ccm );
|
||||||
|
status = mbedtls_to_psa_error(
|
||||||
|
mbedtls_ccm_setkey( &operation->ctx.ccm, cipher_id,
|
||||||
|
key_buffer, (unsigned int) key_bits ) );
|
||||||
|
if( status != PSA_SUCCESS )
|
||||||
|
return( status );
|
||||||
|
break;
|
||||||
|
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
|
||||||
|
case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 0 ):
|
||||||
|
operation->core_alg = PSA_ALG_GCM;
|
||||||
|
full_tag_length = 16;
|
||||||
|
/* GCM allows the following tag lengths: 4, 8, 12, 13, 14, 15, 16.
|
||||||
|
* The call to mbedtls_gcm_crypt_and_tag or
|
||||||
|
* mbedtls_gcm_auth_decrypt will validate the tag length. */
|
||||||
|
if( PSA_BLOCK_CIPHER_BLOCK_LENGTH( attributes->core.type ) != 16 )
|
||||||
|
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||||
|
|
||||||
|
mbedtls_gcm_init( &operation->ctx.gcm );
|
||||||
|
status = mbedtls_to_psa_error(
|
||||||
|
mbedtls_gcm_setkey( &operation->ctx.gcm, cipher_id,
|
||||||
|
key_buffer, (unsigned int) key_bits ) );
|
||||||
|
if( status != PSA_SUCCESS )
|
||||||
|
return( status );
|
||||||
|
break;
|
||||||
|
#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
|
||||||
|
case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CHACHA20_POLY1305, 0 ):
|
||||||
|
operation->core_alg = PSA_ALG_CHACHA20_POLY1305;
|
||||||
|
full_tag_length = 16;
|
||||||
|
/* We only support the default tag length. */
|
||||||
|
if( alg != PSA_ALG_CHACHA20_POLY1305 )
|
||||||
|
return( PSA_ERROR_NOT_SUPPORTED );
|
||||||
|
|
||||||
|
mbedtls_chachapoly_init( &operation->ctx.chachapoly );
|
||||||
|
status = mbedtls_to_psa_error(
|
||||||
|
mbedtls_chachapoly_setkey( &operation->ctx.chachapoly,
|
||||||
|
key_buffer ) );
|
||||||
|
if( status != PSA_SUCCESS )
|
||||||
|
return( status );
|
||||||
|
break;
|
||||||
|
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
|
||||||
|
|
||||||
|
default:
|
||||||
|
return( PSA_ERROR_NOT_SUPPORTED );
|
||||||
|
}
|
||||||
|
|
||||||
|
if( PSA_AEAD_TAG_LENGTH( alg ) > full_tag_length )
|
||||||
|
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||||
|
|
||||||
|
operation->tag_length = PSA_AEAD_TAG_LENGTH( alg );
|
||||||
|
|
||||||
|
return( PSA_SUCCESS );
|
||||||
|
}
|
||||||
|
|
||||||
|
psa_status_t mbedtls_psa_aead_encrypt(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
const uint8_t *nonce, size_t nonce_length,
|
||||||
|
const uint8_t *additional_data, size_t additional_data_length,
|
||||||
|
const uint8_t *plaintext, size_t plaintext_length,
|
||||||
|
uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length )
|
||||||
|
{
|
||||||
|
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||||
|
aead_operation_t operation = AEAD_OPERATION_INIT;
|
||||||
|
uint8_t *tag;
|
||||||
|
(void) key_buffer_size;
|
||||||
|
|
||||||
|
status = psa_aead_setup( &operation, attributes, key_buffer, alg );
|
||||||
|
if( status != PSA_SUCCESS )
|
||||||
|
goto exit;
|
||||||
|
|
||||||
|
/* For all currently supported modes, the tag is at the end of the
|
||||||
|
* ciphertext. */
|
||||||
|
if( ciphertext_size < ( plaintext_length + operation.tag_length ) )
|
||||||
|
{
|
||||||
|
status = PSA_ERROR_BUFFER_TOO_SMALL;
|
||||||
|
goto exit;
|
||||||
|
}
|
||||||
|
tag = ciphertext + plaintext_length;
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
|
||||||
|
if( operation.core_alg == PSA_ALG_CCM )
|
||||||
|
{
|
||||||
|
status = mbedtls_to_psa_error(
|
||||||
|
mbedtls_ccm_encrypt_and_tag( &operation.ctx.ccm,
|
||||||
|
plaintext_length,
|
||||||
|
nonce, nonce_length,
|
||||||
|
additional_data,
|
||||||
|
additional_data_length,
|
||||||
|
plaintext, ciphertext,
|
||||||
|
tag, operation.tag_length ) );
|
||||||
|
}
|
||||||
|
else
|
||||||
|
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
|
||||||
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
|
||||||
|
if( operation.core_alg == PSA_ALG_GCM )
|
||||||
|
{
|
||||||
|
status = mbedtls_to_psa_error(
|
||||||
|
mbedtls_gcm_crypt_and_tag( &operation.ctx.gcm,
|
||||||
|
MBEDTLS_GCM_ENCRYPT,
|
||||||
|
plaintext_length,
|
||||||
|
nonce, nonce_length,
|
||||||
|
additional_data, additional_data_length,
|
||||||
|
plaintext, ciphertext,
|
||||||
|
operation.tag_length, tag ) );
|
||||||
|
}
|
||||||
|
else
|
||||||
|
#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
|
||||||
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
|
||||||
|
if( operation.core_alg == PSA_ALG_CHACHA20_POLY1305 )
|
||||||
|
{
|
||||||
|
if( nonce_length != 12 || operation.tag_length != 16 )
|
||||||
|
{
|
||||||
|
status = PSA_ERROR_NOT_SUPPORTED;
|
||||||
|
goto exit;
|
||||||
|
}
|
||||||
|
status = mbedtls_to_psa_error(
|
||||||
|
mbedtls_chachapoly_encrypt_and_tag( &operation.ctx.chachapoly,
|
||||||
|
plaintext_length,
|
||||||
|
nonce,
|
||||||
|
additional_data,
|
||||||
|
additional_data_length,
|
||||||
|
plaintext,
|
||||||
|
ciphertext,
|
||||||
|
tag ) );
|
||||||
|
}
|
||||||
|
else
|
||||||
|
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
|
||||||
|
{
|
||||||
|
(void) tag;
|
||||||
|
return( PSA_ERROR_NOT_SUPPORTED );
|
||||||
|
}
|
||||||
|
|
||||||
|
if( status == PSA_SUCCESS )
|
||||||
|
*ciphertext_length = plaintext_length + operation.tag_length;
|
||||||
|
|
||||||
|
exit:
|
||||||
|
psa_aead_abort_internal( &operation );
|
||||||
|
|
||||||
|
return( status );
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Locate the tag in a ciphertext buffer containing the encrypted data
|
||||||
|
* followed by the tag. Return the length of the part preceding the tag in
|
||||||
|
* *plaintext_length. This is the size of the plaintext in modes where
|
||||||
|
* the encrypted data has the same size as the plaintext, such as
|
||||||
|
* CCM and GCM. */
|
||||||
|
static psa_status_t psa_aead_unpadded_locate_tag( size_t tag_length,
|
||||||
|
const uint8_t *ciphertext,
|
||||||
|
size_t ciphertext_length,
|
||||||
|
size_t plaintext_size,
|
||||||
|
const uint8_t **p_tag )
|
||||||
|
{
|
||||||
|
size_t payload_length;
|
||||||
|
if( tag_length > ciphertext_length )
|
||||||
|
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||||
|
payload_length = ciphertext_length - tag_length;
|
||||||
|
if( payload_length > plaintext_size )
|
||||||
|
return( PSA_ERROR_BUFFER_TOO_SMALL );
|
||||||
|
*p_tag = ciphertext + payload_length;
|
||||||
|
return( PSA_SUCCESS );
|
||||||
|
}
|
||||||
|
|
||||||
|
psa_status_t mbedtls_psa_aead_decrypt(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
const uint8_t *nonce, size_t nonce_length,
|
||||||
|
const uint8_t *additional_data, size_t additional_data_length,
|
||||||
|
const uint8_t *ciphertext, size_t ciphertext_length,
|
||||||
|
uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length )
|
||||||
|
{
|
||||||
|
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||||
|
aead_operation_t operation = AEAD_OPERATION_INIT;
|
||||||
|
const uint8_t *tag = NULL;
|
||||||
|
(void) key_buffer_size;
|
||||||
|
|
||||||
|
status = psa_aead_setup( &operation, attributes, key_buffer, alg );
|
||||||
|
if( status != PSA_SUCCESS )
|
||||||
|
goto exit;
|
||||||
|
|
||||||
|
status = psa_aead_unpadded_locate_tag( operation.tag_length,
|
||||||
|
ciphertext, ciphertext_length,
|
||||||
|
plaintext_size, &tag );
|
||||||
|
if( status != PSA_SUCCESS )
|
||||||
|
goto exit;
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
|
||||||
|
if( operation.core_alg == PSA_ALG_CCM )
|
||||||
|
{
|
||||||
|
status = mbedtls_to_psa_error(
|
||||||
|
mbedtls_ccm_auth_decrypt( &operation.ctx.ccm,
|
||||||
|
ciphertext_length - operation.tag_length,
|
||||||
|
nonce, nonce_length,
|
||||||
|
additional_data,
|
||||||
|
additional_data_length,
|
||||||
|
ciphertext, plaintext,
|
||||||
|
tag, operation.tag_length ) );
|
||||||
|
}
|
||||||
|
else
|
||||||
|
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
|
||||||
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
|
||||||
|
if( operation.core_alg == PSA_ALG_GCM )
|
||||||
|
{
|
||||||
|
status = mbedtls_to_psa_error(
|
||||||
|
mbedtls_gcm_auth_decrypt( &operation.ctx.gcm,
|
||||||
|
ciphertext_length - operation.tag_length,
|
||||||
|
nonce, nonce_length,
|
||||||
|
additional_data,
|
||||||
|
additional_data_length,
|
||||||
|
tag, operation.tag_length,
|
||||||
|
ciphertext, plaintext ) );
|
||||||
|
}
|
||||||
|
else
|
||||||
|
#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
|
||||||
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
|
||||||
|
if( operation.core_alg == PSA_ALG_CHACHA20_POLY1305 )
|
||||||
|
{
|
||||||
|
if( nonce_length != 12 || operation.tag_length != 16 )
|
||||||
|
{
|
||||||
|
status = PSA_ERROR_NOT_SUPPORTED;
|
||||||
|
goto exit;
|
||||||
|
}
|
||||||
|
status = mbedtls_to_psa_error(
|
||||||
|
mbedtls_chachapoly_auth_decrypt( &operation.ctx.chachapoly,
|
||||||
|
ciphertext_length - operation.tag_length,
|
||||||
|
nonce,
|
||||||
|
additional_data,
|
||||||
|
additional_data_length,
|
||||||
|
tag,
|
||||||
|
ciphertext,
|
||||||
|
plaintext ) );
|
||||||
|
}
|
||||||
|
else
|
||||||
|
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
|
||||||
|
{
|
||||||
|
return( PSA_ERROR_NOT_SUPPORTED );
|
||||||
|
}
|
||||||
|
|
||||||
|
if( status == PSA_SUCCESS )
|
||||||
|
*plaintext_length = ciphertext_length - operation.tag_length;
|
||||||
|
|
||||||
|
exit:
|
||||||
|
psa_aead_abort_internal( &operation );
|
||||||
|
|
||||||
|
if( status == PSA_SUCCESS )
|
||||||
|
*plaintext_length = ciphertext_length - operation.tag_length;
|
||||||
|
return( status );
|
||||||
|
}
|
||||||
|
|
||||||
|
#endif /* MBEDTLS_PSA_CRYPTO_C */
|
||||||
|
|
151
library/psa_crypto_aead.h
Normal file
151
library/psa_crypto_aead.h
Normal file
|
@ -0,0 +1,151 @@
|
||||||
|
/*
|
||||||
|
* PSA AEAD driver entry points
|
||||||
|
*/
|
||||||
|
/*
|
||||||
|
* Copyright The Mbed TLS Contributors
|
||||||
|
* SPDX-License-Identifier: Apache-2.0
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
* not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef PSA_CRYPTO_AEAD_H
|
||||||
|
#define PSA_CRYPTO_AEAD_H
|
||||||
|
|
||||||
|
#include <psa/crypto.h>
|
||||||
|
|
||||||
|
/**
|
||||||
|
* \brief Process an authenticated encryption operation.
|
||||||
|
*
|
||||||
|
* \note The signature of this function is that of a PSA driver
|
||||||
|
* aead_encrypt entry point. This function behaves as an aead_encrypt
|
||||||
|
* entry point as defined in the PSA driver interface specification for
|
||||||
|
* transparent drivers.
|
||||||
|
*
|
||||||
|
* \param[in] attributes The attributes of the key to use for the
|
||||||
|
* operation.
|
||||||
|
* \param[in] key_buffer The buffer containing the key context.
|
||||||
|
* \param key_buffer_size Size of the \p key_buffer buffer in bytes.
|
||||||
|
* \param alg The AEAD algorithm to compute.
|
||||||
|
* \param[in] nonce Nonce or IV to use.
|
||||||
|
* \param nonce_length Size of the nonce buffer in bytes. This must
|
||||||
|
* be appropriate for the selected algorithm.
|
||||||
|
* The default nonce size is
|
||||||
|
* PSA_AEAD_NONCE_LENGTH(key_type, alg) where
|
||||||
|
* key_type is the type of key.
|
||||||
|
* \param[in] additional_data Additional data that will be authenticated
|
||||||
|
* but not encrypted.
|
||||||
|
* \param additional_data_length Size of additional_data in bytes.
|
||||||
|
* \param[in] plaintext Data that will be authenticated and encrypted.
|
||||||
|
* \param plaintext_length Size of plaintext in bytes.
|
||||||
|
* \param[out] ciphertext Output buffer for the authenticated and
|
||||||
|
* encrypted data. The additional data is not
|
||||||
|
* part of this output. For algorithms where the
|
||||||
|
* encrypted data and the authentication tag are
|
||||||
|
* defined as separate outputs, the
|
||||||
|
* authentication tag is appended to the
|
||||||
|
* encrypted data.
|
||||||
|
* \param ciphertext_size Size of the ciphertext buffer in bytes. This
|
||||||
|
* must be appropriate for the selected algorithm
|
||||||
|
* and key:
|
||||||
|
* - A sufficient output size is
|
||||||
|
* PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, alg,
|
||||||
|
* plaintext_length) where key_type is the type
|
||||||
|
* of key.
|
||||||
|
* - PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(
|
||||||
|
* plaintext_length) evaluates to the maximum
|
||||||
|
* ciphertext size of any supported AEAD
|
||||||
|
* encryption.
|
||||||
|
* \param[out] ciphertext_length On success, the size of the output in the
|
||||||
|
* ciphertext buffer.
|
||||||
|
*
|
||||||
|
* \retval #PSA_SUCCESS Success.
|
||||||
|
* \retval #PSA_ERROR_NOT_SUPPORTED
|
||||||
|
* \p alg is not supported.
|
||||||
|
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
|
||||||
|
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
|
||||||
|
* ciphertext_size is too small.
|
||||||
|
* \retval #PSA_ERROR_CORRUPTION_DETECTED
|
||||||
|
*/
|
||||||
|
psa_status_t mbedtls_psa_aead_encrypt(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
const uint8_t *nonce, size_t nonce_length,
|
||||||
|
const uint8_t *additional_data, size_t additional_data_length,
|
||||||
|
const uint8_t *plaintext, size_t plaintext_length,
|
||||||
|
uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length );
|
||||||
|
|
||||||
|
/**
|
||||||
|
* \brief Process an authenticated decryption operation.
|
||||||
|
*
|
||||||
|
* \note The signature of this function is that of a PSA driver
|
||||||
|
* aead_decrypt entry point. This function behaves as an aead_decrypt
|
||||||
|
* entry point as defined in the PSA driver interface specification for
|
||||||
|
* transparent drivers.
|
||||||
|
*
|
||||||
|
* \param[in] attributes The attributes of the key to use for the
|
||||||
|
* operation.
|
||||||
|
* \param[in] key_buffer The buffer containing the key context.
|
||||||
|
* \param key_buffer_size Size of the \p key_buffer buffer in bytes.
|
||||||
|
* \param alg The AEAD algorithm to compute.
|
||||||
|
* \param[in] nonce Nonce or IV to use.
|
||||||
|
* \param nonce_length Size of the nonce buffer in bytes. This must
|
||||||
|
* be appropriate for the selected algorithm.
|
||||||
|
* The default nonce size is
|
||||||
|
* PSA_AEAD_NONCE_LENGTH(key_type, alg) where
|
||||||
|
* key_type is the type of key.
|
||||||
|
* \param[in] additional_data Additional data that has been authenticated
|
||||||
|
* but not encrypted.
|
||||||
|
* \param additional_data_length Size of additional_data in bytes.
|
||||||
|
* \param[in] ciphertext Data that has been authenticated and
|
||||||
|
* encrypted. For algorithms where the encrypted
|
||||||
|
* data and the authentication tag are defined
|
||||||
|
* as separate inputs, the buffer contains
|
||||||
|
* encrypted data followed by the authentication
|
||||||
|
* tag.
|
||||||
|
* \param ciphertext_length Size of ciphertext in bytes.
|
||||||
|
* \param[out] plaintext Output buffer for the decrypted data.
|
||||||
|
* \param plaintext_size Size of the plaintext buffer in bytes. This
|
||||||
|
* must be appropriate for the selected algorithm
|
||||||
|
* and key:
|
||||||
|
* - A sufficient output size is
|
||||||
|
* PSA_AEAD_DECRYPT_OUTPUT_SIZE(key_type, alg,
|
||||||
|
* ciphertext_length) where key_type is the
|
||||||
|
* type of key.
|
||||||
|
* - PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(
|
||||||
|
* ciphertext_length) evaluates to the maximum
|
||||||
|
* plaintext size of any supported AEAD
|
||||||
|
* decryption.
|
||||||
|
* \param[out] plaintext_length On success, the size of the output in the
|
||||||
|
* plaintext buffer.
|
||||||
|
*
|
||||||
|
* \retval #PSA_SUCCESS Success.
|
||||||
|
* \retval #PSA_ERROR_INVALID_SIGNATURE
|
||||||
|
* The cipher is not authentic.
|
||||||
|
* \retval #PSA_ERROR_NOT_SUPPORTED
|
||||||
|
* \p alg is not supported.
|
||||||
|
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
|
||||||
|
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
|
||||||
|
* plaintext_size is too small.
|
||||||
|
* \retval #PSA_ERROR_CORRUPTION_DETECTED
|
||||||
|
*/
|
||||||
|
psa_status_t mbedtls_psa_aead_decrypt(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
const uint8_t *nonce, size_t nonce_length,
|
||||||
|
const uint8_t *additional_data, size_t additional_data_length,
|
||||||
|
const uint8_t *ciphertext, size_t ciphertext_length,
|
||||||
|
uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length );
|
||||||
|
|
||||||
|
#endif /* PSA_CRYPTO_AEAD */
|
|
@ -212,6 +212,22 @@ psa_status_t psa_copy_key_material_into_slot( psa_key_slot_t *slot,
|
||||||
*/
|
*/
|
||||||
psa_status_t mbedtls_to_psa_error( int ret );
|
psa_status_t mbedtls_to_psa_error( int ret );
|
||||||
|
|
||||||
|
/** Get Mbed TLS cipher information given the cipher algorithm PSA identifier
|
||||||
|
* as well as the PSA type and size of the key to be used with the cipher
|
||||||
|
* algorithm.
|
||||||
|
*
|
||||||
|
* \param alg PSA cipher algorithm identifier
|
||||||
|
* \param key_type PSA key type
|
||||||
|
* \param key_bits Size of the key in bits
|
||||||
|
* \param[out] cipher_id Mbed TLS cipher algorithm identifier
|
||||||
|
*
|
||||||
|
* \return The Mbed TLS cipher information of the cipher algorithm.
|
||||||
|
* \c NULL if the PSA cipher algorithm is not supported.
|
||||||
|
*/
|
||||||
|
const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
|
||||||
|
psa_algorithm_t alg, psa_key_type_t key_type, size_t key_bits,
|
||||||
|
mbedtls_cipher_id_t *cipher_id );
|
||||||
|
|
||||||
/** Import a key in binary format.
|
/** Import a key in binary format.
|
||||||
*
|
*
|
||||||
* \note The signature of this function is that of a PSA driver
|
* \note The signature of this function is that of a PSA driver
|
||||||
|
|
|
@ -19,6 +19,7 @@
|
||||||
* limitations under the License.
|
* limitations under the License.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
#include "psa_crypto_aead.h"
|
||||||
#include "psa_crypto_cipher.h"
|
#include "psa_crypto_cipher.h"
|
||||||
#include "psa_crypto_core.h"
|
#include "psa_crypto_core.h"
|
||||||
#include "psa_crypto_driver_wrappers.h"
|
#include "psa_crypto_driver_wrappers.h"
|
||||||
|
@ -1177,4 +1178,107 @@ psa_status_t psa_driver_wrapper_hash_abort(
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
psa_status_t psa_driver_wrapper_aead_encrypt(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
const uint8_t *nonce, size_t nonce_length,
|
||||||
|
const uint8_t *additional_data, size_t additional_data_length,
|
||||||
|
const uint8_t *plaintext, size_t plaintext_length,
|
||||||
|
uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length )
|
||||||
|
{
|
||||||
|
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||||
|
psa_key_location_t location =
|
||||||
|
PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
|
||||||
|
|
||||||
|
switch( location )
|
||||||
|
{
|
||||||
|
case PSA_KEY_LOCATION_LOCAL_STORAGE:
|
||||||
|
/* Key is stored in the slot in export representation, so
|
||||||
|
* cycle through all known transparent accelerators */
|
||||||
|
|
||||||
|
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
|
||||||
|
#if defined(PSA_CRYPTO_DRIVER_TEST)
|
||||||
|
status = test_transparent_aead_encrypt(
|
||||||
|
attributes, key_buffer, key_buffer_size,
|
||||||
|
alg,
|
||||||
|
nonce, nonce_length,
|
||||||
|
additional_data, additional_data_length,
|
||||||
|
plaintext, plaintext_length,
|
||||||
|
ciphertext, ciphertext_size, ciphertext_length );
|
||||||
|
/* Declared with fallback == true */
|
||||||
|
if( status != PSA_ERROR_NOT_SUPPORTED )
|
||||||
|
return( status );
|
||||||
|
#endif /* PSA_CRYPTO_DRIVER_TEST */
|
||||||
|
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
|
||||||
|
|
||||||
|
/* Fell through, meaning no accelerator supports this operation */
|
||||||
|
return( mbedtls_psa_aead_encrypt(
|
||||||
|
attributes, key_buffer, key_buffer_size,
|
||||||
|
alg,
|
||||||
|
nonce, nonce_length,
|
||||||
|
additional_data, additional_data_length,
|
||||||
|
plaintext, plaintext_length,
|
||||||
|
ciphertext, ciphertext_size, ciphertext_length ) );
|
||||||
|
|
||||||
|
/* Add cases for opaque driver here */
|
||||||
|
|
||||||
|
default:
|
||||||
|
/* Key is declared with a lifetime not known to us */
|
||||||
|
(void)status;
|
||||||
|
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
psa_status_t psa_driver_wrapper_aead_decrypt(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
const uint8_t *nonce, size_t nonce_length,
|
||||||
|
const uint8_t *additional_data, size_t additional_data_length,
|
||||||
|
const uint8_t *ciphertext, size_t ciphertext_length,
|
||||||
|
uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length )
|
||||||
|
{
|
||||||
|
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||||
|
psa_key_location_t location =
|
||||||
|
PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
|
||||||
|
|
||||||
|
switch( location )
|
||||||
|
{
|
||||||
|
case PSA_KEY_LOCATION_LOCAL_STORAGE:
|
||||||
|
/* Key is stored in the slot in export representation, so
|
||||||
|
* cycle through all known transparent accelerators */
|
||||||
|
|
||||||
|
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
|
||||||
|
#if defined(PSA_CRYPTO_DRIVER_TEST)
|
||||||
|
status = test_transparent_aead_decrypt(
|
||||||
|
attributes, key_buffer, key_buffer_size,
|
||||||
|
alg,
|
||||||
|
nonce, nonce_length,
|
||||||
|
additional_data, additional_data_length,
|
||||||
|
ciphertext, ciphertext_length,
|
||||||
|
plaintext, plaintext_size, plaintext_length );
|
||||||
|
/* Declared with fallback == true */
|
||||||
|
if( status != PSA_ERROR_NOT_SUPPORTED )
|
||||||
|
return( status );
|
||||||
|
#endif /* PSA_CRYPTO_DRIVER_TEST */
|
||||||
|
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
|
||||||
|
|
||||||
|
/* Fell through, meaning no accelerator supports this operation */
|
||||||
|
return( mbedtls_psa_aead_decrypt(
|
||||||
|
attributes, key_buffer, key_buffer_size,
|
||||||
|
alg,
|
||||||
|
nonce, nonce_length,
|
||||||
|
additional_data, additional_data_length,
|
||||||
|
ciphertext, ciphertext_length,
|
||||||
|
plaintext, plaintext_size, plaintext_length ) );
|
||||||
|
|
||||||
|
/* Add cases for opaque driver here */
|
||||||
|
|
||||||
|
default:
|
||||||
|
/* Key is declared with a lifetime not known to us */
|
||||||
|
(void)status;
|
||||||
|
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||||
|
}
|
||||||
|
}
|
||||||
/* End of automatically generated file. */
|
/* End of automatically generated file. */
|
||||||
|
|
|
@ -156,6 +156,28 @@ psa_status_t psa_driver_wrapper_hash_finish(
|
||||||
psa_status_t psa_driver_wrapper_hash_abort(
|
psa_status_t psa_driver_wrapper_hash_abort(
|
||||||
psa_hash_operation_t *operation );
|
psa_hash_operation_t *operation );
|
||||||
|
|
||||||
|
/*
|
||||||
|
* AEAD functions
|
||||||
|
*/
|
||||||
|
|
||||||
|
psa_status_t psa_driver_wrapper_aead_encrypt(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
const uint8_t *nonce, size_t nonce_length,
|
||||||
|
const uint8_t *additional_data, size_t additional_data_length,
|
||||||
|
const uint8_t *plaintext, size_t plaintext_length,
|
||||||
|
uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length );
|
||||||
|
|
||||||
|
psa_status_t psa_driver_wrapper_aead_decrypt(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
const uint8_t *nonce, size_t nonce_length,
|
||||||
|
const uint8_t *additional_data, size_t additional_data_length,
|
||||||
|
const uint8_t *ciphertext, size_t ciphertext_length,
|
||||||
|
uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length );
|
||||||
|
|
||||||
#endif /* PSA_CRYPTO_DRIVER_WRAPPERS_H */
|
#endif /* PSA_CRYPTO_DRIVER_WRAPPERS_H */
|
||||||
|
|
||||||
/* End of automatically generated file. */
|
/* End of automatically generated file. */
|
||||||
|
|
70
tests/include/test/drivers/aead.h
Normal file
70
tests/include/test/drivers/aead.h
Normal file
|
@ -0,0 +1,70 @@
|
||||||
|
/*
|
||||||
|
* Test driver for AEAD driver entry points.
|
||||||
|
*/
|
||||||
|
/* Copyright The Mbed TLS Contributors
|
||||||
|
* SPDX-License-Identifier: Apache-2.0
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
* not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef PSA_CRYPTO_TEST_DRIVERS_AEAD_H
|
||||||
|
#define PSA_CRYPTO_TEST_DRIVERS_AEAD_H
|
||||||
|
|
||||||
|
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||||
|
#include "mbedtls/config.h"
|
||||||
|
#else
|
||||||
|
#include MBEDTLS_CONFIG_FILE
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(PSA_CRYPTO_DRIVER_TEST)
|
||||||
|
#include <psa/crypto_driver_common.h>
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
/* If not PSA_SUCCESS, return this error code instead of processing the
|
||||||
|
* function call. */
|
||||||
|
psa_status_t forced_status;
|
||||||
|
/* Count the amount of times AEAD driver functions are called. */
|
||||||
|
unsigned long hits;
|
||||||
|
/* Status returned by the last AEAD driver function call. */
|
||||||
|
psa_status_t driver_status;
|
||||||
|
} test_driver_aead_hooks_t;
|
||||||
|
|
||||||
|
#define TEST_DRIVER_AEAD_INIT { 0, 0, 0 }
|
||||||
|
static inline test_driver_aead_hooks_t test_driver_aead_hooks_init( void )
|
||||||
|
{
|
||||||
|
const test_driver_aead_hooks_t v = TEST_DRIVER_AEAD_INIT;
|
||||||
|
return( v );
|
||||||
|
}
|
||||||
|
|
||||||
|
extern test_driver_aead_hooks_t test_driver_aead_hooks;
|
||||||
|
|
||||||
|
psa_status_t test_transparent_aead_encrypt(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
const uint8_t *nonce, size_t nonce_length,
|
||||||
|
const uint8_t *additional_data, size_t additional_data_length,
|
||||||
|
const uint8_t *plaintext, size_t plaintext_length,
|
||||||
|
uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length );
|
||||||
|
|
||||||
|
psa_status_t test_transparent_aead_decrypt(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
const uint8_t *nonce, size_t nonce_length,
|
||||||
|
const uint8_t *additional_data, size_t additional_data_length,
|
||||||
|
const uint8_t *ciphertext, size_t ciphertext_length,
|
||||||
|
uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length );
|
||||||
|
|
||||||
|
#endif /* PSA_CRYPTO_DRIVER_TEST */
|
||||||
|
#endif /* PSA_CRYPTO_TEST_DRIVERS_AEAD_H */
|
|
@ -22,6 +22,7 @@
|
||||||
|
|
||||||
#define PSA_CRYPTO_TEST_DRIVER_LIFETIME 0x7fffff
|
#define PSA_CRYPTO_TEST_DRIVER_LIFETIME 0x7fffff
|
||||||
|
|
||||||
|
#include "test/drivers/aead.h"
|
||||||
#include "test/drivers/signature.h"
|
#include "test/drivers/signature.h"
|
||||||
#include "test/drivers/key_management.h"
|
#include "test/drivers/key_management.h"
|
||||||
#include "test/drivers/cipher.h"
|
#include "test/drivers/cipher.h"
|
||||||
|
|
95
tests/src/drivers/aead.c
Normal file
95
tests/src/drivers/aead.c
Normal file
|
@ -0,0 +1,95 @@
|
||||||
|
/*
|
||||||
|
* Test driver for AEAD entry points.
|
||||||
|
*/
|
||||||
|
/* Copyright The Mbed TLS Contributors
|
||||||
|
* SPDX-License-Identifier: Apache-2.0
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
* not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||||
|
#include "mbedtls/config.h"
|
||||||
|
#else
|
||||||
|
#include MBEDTLS_CONFIG_FILE
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
|
||||||
|
#include "psa_crypto_aead.h"
|
||||||
|
|
||||||
|
#include "test/drivers/aead.h"
|
||||||
|
|
||||||
|
test_driver_aead_hooks_t test_driver_aead_hooks = TEST_DRIVER_AEAD_INIT;
|
||||||
|
|
||||||
|
psa_status_t test_transparent_aead_encrypt(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
const uint8_t *nonce, size_t nonce_length,
|
||||||
|
const uint8_t *additional_data, size_t additional_data_length,
|
||||||
|
const uint8_t *plaintext, size_t plaintext_length,
|
||||||
|
uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length )
|
||||||
|
{
|
||||||
|
test_driver_aead_hooks.hits++;
|
||||||
|
|
||||||
|
if( test_driver_aead_hooks.forced_status != PSA_SUCCESS )
|
||||||
|
{
|
||||||
|
test_driver_aead_hooks.driver_status =
|
||||||
|
test_driver_aead_hooks.forced_status;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
test_driver_aead_hooks.driver_status =
|
||||||
|
mbedtls_psa_aead_encrypt(
|
||||||
|
attributes, key_buffer, key_buffer_size,
|
||||||
|
alg,
|
||||||
|
nonce, nonce_length,
|
||||||
|
additional_data, additional_data_length,
|
||||||
|
plaintext, plaintext_length,
|
||||||
|
ciphertext, ciphertext_size, ciphertext_length );
|
||||||
|
}
|
||||||
|
|
||||||
|
return( test_driver_aead_hooks.driver_status );
|
||||||
|
}
|
||||||
|
|
||||||
|
psa_status_t test_transparent_aead_decrypt(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
const uint8_t *nonce, size_t nonce_length,
|
||||||
|
const uint8_t *additional_data, size_t additional_data_length,
|
||||||
|
const uint8_t *ciphertext, size_t ciphertext_length,
|
||||||
|
uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length )
|
||||||
|
{
|
||||||
|
test_driver_aead_hooks.hits++;
|
||||||
|
|
||||||
|
if( test_driver_aead_hooks.forced_status != PSA_SUCCESS )
|
||||||
|
{
|
||||||
|
test_driver_aead_hooks.driver_status =
|
||||||
|
test_driver_aead_hooks.forced_status;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
test_driver_aead_hooks.driver_status =
|
||||||
|
mbedtls_psa_aead_decrypt(
|
||||||
|
attributes, key_buffer, key_buffer_size,
|
||||||
|
alg,
|
||||||
|
nonce, nonce_length,
|
||||||
|
additional_data, additional_data_length,
|
||||||
|
ciphertext, ciphertext_length,
|
||||||
|
plaintext, plaintext_size, plaintext_length );
|
||||||
|
}
|
||||||
|
|
||||||
|
return( test_driver_aead_hooks.driver_status );
|
||||||
|
}
|
||||||
|
|
||||||
|
#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
|
|
@ -558,7 +558,7 @@ aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_
|
||||||
|
|
||||||
PSA key policy: AEAD, min-length policy used as algorithm
|
PSA key policy: AEAD, min-length policy used as algorithm
|
||||||
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
|
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
|
||||||
aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:8:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):PSA_ERROR_INVALID_ARGUMENT
|
aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:8:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):PSA_ERROR_NOT_SUPPORTED
|
||||||
|
|
||||||
PSA key policy: AEAD, tag length > exact-length policy
|
PSA key policy: AEAD, tag length > exact-length policy
|
||||||
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
|
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
|
||||||
|
|
|
@ -195,3 +195,51 @@ cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf715880
|
||||||
Cipher driver: negative testing on all entry points
|
Cipher driver: negative testing on all entry points
|
||||||
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
|
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
|
||||||
cipher_entry_points:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a"
|
cipher_entry_points:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a"
|
||||||
|
|
||||||
|
PSA AEAD encrypt: AES-CCM, 24 bytes
|
||||||
|
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
|
||||||
|
aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":PSA_SUCCESS
|
||||||
|
|
||||||
|
PSA AEAD encrypt: AES-CCM, 24 bytes, fallback
|
||||||
|
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
|
||||||
|
aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":PSA_ERROR_NOT_SUPPORTED
|
||||||
|
|
||||||
|
PSA AEAD encrypt: AES-CCM, 24 bytes, INSUFFICIENT_MEMORY
|
||||||
|
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
|
||||||
|
aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":PSA_ERROR_INSUFFICIENT_MEMORY
|
||||||
|
|
||||||
|
PSA AEAD encrypt, AES-GCM, 128 bytes #1
|
||||||
|
depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
|
||||||
|
aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":PSA_SUCCESS
|
||||||
|
|
||||||
|
PSA AEAD encrypt, AES-GCM, 128 bytes #1, fallback
|
||||||
|
depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
|
||||||
|
aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":PSA_ERROR_NOT_SUPPORTED
|
||||||
|
|
||||||
|
PSA AEAD encrypt, AES-GCM, 128 bytes #1, INSUFFICIENT_MEMORY
|
||||||
|
depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
|
||||||
|
aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":PSA_ERROR_INSUFFICIENT_MEMORY
|
||||||
|
|
||||||
|
PSA AEAD decrypt: AES-CCM, 39 bytes
|
||||||
|
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
|
||||||
|
aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS
|
||||||
|
|
||||||
|
PSA AEAD decrypt: AES-CCM, 39 bytes, fallback
|
||||||
|
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
|
||||||
|
aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_ERROR_NOT_SUPPORTED
|
||||||
|
|
||||||
|
PSA AEAD decrypt: AES-CCM, 39 bytes, INSUFFICIENT_MEMORY
|
||||||
|
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
|
||||||
|
aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_ERROR_INSUFFICIENT_MEMORY
|
||||||
|
|
||||||
|
PSA AEAD decrypt, AES-GCM, 144 bytes #1
|
||||||
|
depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
|
||||||
|
aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
|
||||||
|
|
||||||
|
PSA AEAD decrypt, AES-GCM, 144 bytes #1, fallback
|
||||||
|
depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
|
||||||
|
aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_ERROR_NOT_SUPPORTED
|
||||||
|
|
||||||
|
PSA AEAD decrypt, AES-GCM, 144 bytes #1, INSUFFICIENT_MEMORY
|
||||||
|
depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
|
||||||
|
aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_ERROR_INSUFFICIENT_MEMORY
|
||||||
|
|
|
@ -809,3 +809,130 @@ exit:
|
||||||
test_driver_cipher_hooks = test_driver_cipher_hooks_init();
|
test_driver_cipher_hooks = test_driver_cipher_hooks_init();
|
||||||
}
|
}
|
||||||
/* END_CASE */
|
/* END_CASE */
|
||||||
|
|
||||||
|
/* BEGIN_CASE */
|
||||||
|
void aead_encrypt( int key_type_arg, data_t *key_data,
|
||||||
|
int alg_arg,
|
||||||
|
data_t *nonce,
|
||||||
|
data_t *additional_data,
|
||||||
|
data_t *input_data,
|
||||||
|
data_t *expected_result,
|
||||||
|
int forced_status_arg )
|
||||||
|
{
|
||||||
|
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
|
||||||
|
psa_key_type_t key_type = key_type_arg;
|
||||||
|
psa_algorithm_t alg = alg_arg;
|
||||||
|
psa_status_t forced_status = forced_status_arg;
|
||||||
|
unsigned char *output_data = NULL;
|
||||||
|
size_t output_size = 0;
|
||||||
|
size_t output_length = 0;
|
||||||
|
size_t tag_length = PSA_AEAD_TAG_LENGTH( alg );
|
||||||
|
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||||
|
psa_status_t status = PSA_ERROR_GENERIC_ERROR;
|
||||||
|
test_driver_aead_hooks = test_driver_aead_hooks_init();
|
||||||
|
|
||||||
|
output_size = input_data->len + tag_length;
|
||||||
|
/* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE
|
||||||
|
* should be exact. */
|
||||||
|
TEST_EQUAL( output_size,
|
||||||
|
PSA_AEAD_ENCRYPT_OUTPUT_SIZE( alg, input_data->len ) );
|
||||||
|
TEST_ASSERT( output_size <=
|
||||||
|
PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) );
|
||||||
|
ASSERT_ALLOC( output_data, output_size );
|
||||||
|
|
||||||
|
PSA_ASSERT( psa_crypto_init( ) );
|
||||||
|
|
||||||
|
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT );
|
||||||
|
psa_set_key_algorithm( &attributes, alg );
|
||||||
|
psa_set_key_type( &attributes, key_type );
|
||||||
|
|
||||||
|
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
|
||||||
|
&key ) );
|
||||||
|
|
||||||
|
test_driver_aead_hooks.forced_status = forced_status;
|
||||||
|
status = psa_aead_encrypt( key, alg,
|
||||||
|
nonce->x, nonce->len,
|
||||||
|
additional_data->x, additional_data->len,
|
||||||
|
input_data->x, input_data->len,
|
||||||
|
output_data, output_size,
|
||||||
|
&output_length );
|
||||||
|
TEST_EQUAL( test_driver_aead_hooks.hits, 1 );
|
||||||
|
TEST_EQUAL( test_driver_aead_hooks.driver_status, forced_status );
|
||||||
|
|
||||||
|
TEST_EQUAL( status, ( forced_status == PSA_ERROR_NOT_SUPPORTED ) ?
|
||||||
|
PSA_SUCCESS : forced_status );
|
||||||
|
|
||||||
|
if( status == PSA_SUCCESS )
|
||||||
|
{
|
||||||
|
ASSERT_COMPARE( expected_result->x, expected_result->len,
|
||||||
|
output_data, output_length );
|
||||||
|
}
|
||||||
|
|
||||||
|
exit:
|
||||||
|
psa_destroy_key( key );
|
||||||
|
mbedtls_free( output_data );
|
||||||
|
PSA_DONE( );
|
||||||
|
test_driver_aead_hooks = test_driver_aead_hooks_init();
|
||||||
|
}
|
||||||
|
/* END_CASE */
|
||||||
|
|
||||||
|
/* BEGIN_CASE */
|
||||||
|
void aead_decrypt( int key_type_arg, data_t *key_data,
|
||||||
|
int alg_arg,
|
||||||
|
data_t *nonce,
|
||||||
|
data_t *additional_data,
|
||||||
|
data_t *input_data,
|
||||||
|
data_t *expected_data,
|
||||||
|
int forced_status_arg )
|
||||||
|
{
|
||||||
|
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
|
||||||
|
psa_key_type_t key_type = key_type_arg;
|
||||||
|
psa_algorithm_t alg = alg_arg;
|
||||||
|
psa_status_t forced_status = forced_status_arg;
|
||||||
|
unsigned char *output_data = NULL;
|
||||||
|
size_t output_size = 0;
|
||||||
|
size_t output_length = 0;
|
||||||
|
size_t tag_length = PSA_AEAD_TAG_LENGTH( alg );
|
||||||
|
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||||
|
psa_status_t status = PSA_ERROR_GENERIC_ERROR;
|
||||||
|
test_driver_aead_hooks = test_driver_aead_hooks_init();
|
||||||
|
|
||||||
|
output_size = input_data->len - tag_length;
|
||||||
|
ASSERT_ALLOC( output_data, output_size );
|
||||||
|
|
||||||
|
PSA_ASSERT( psa_crypto_init( ) );
|
||||||
|
|
||||||
|
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT );
|
||||||
|
psa_set_key_algorithm( &attributes, alg );
|
||||||
|
psa_set_key_type( &attributes, key_type );
|
||||||
|
|
||||||
|
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
|
||||||
|
&key ) );
|
||||||
|
|
||||||
|
test_driver_aead_hooks.forced_status = forced_status;
|
||||||
|
status = psa_aead_decrypt( key, alg,
|
||||||
|
nonce->x, nonce->len,
|
||||||
|
additional_data->x,
|
||||||
|
additional_data->len,
|
||||||
|
input_data->x, input_data->len,
|
||||||
|
output_data, output_size,
|
||||||
|
&output_length );
|
||||||
|
TEST_EQUAL( test_driver_aead_hooks.hits, 1 );
|
||||||
|
TEST_EQUAL( test_driver_aead_hooks.driver_status, forced_status );
|
||||||
|
|
||||||
|
TEST_EQUAL( status, ( forced_status == PSA_ERROR_NOT_SUPPORTED ) ?
|
||||||
|
PSA_SUCCESS : forced_status );
|
||||||
|
|
||||||
|
if( status == PSA_SUCCESS )
|
||||||
|
{
|
||||||
|
ASSERT_COMPARE( expected_data->x, expected_data->len,
|
||||||
|
output_data, output_length );
|
||||||
|
}
|
||||||
|
|
||||||
|
exit:
|
||||||
|
psa_destroy_key( key );
|
||||||
|
mbedtls_free( output_data );
|
||||||
|
PSA_DONE( );
|
||||||
|
test_driver_aead_hooks = test_driver_aead_hooks_init();
|
||||||
|
}
|
||||||
|
/* END_CASE */
|
||||||
|
|
|
@ -243,6 +243,7 @@
|
||||||
<ClInclude Include="..\..\tests\include\test\psa_exercise_key.h" />
|
<ClInclude Include="..\..\tests\include\test\psa_exercise_key.h" />
|
||||||
<ClInclude Include="..\..\tests\include\test\psa_helpers.h" />
|
<ClInclude Include="..\..\tests\include\test\psa_helpers.h" />
|
||||||
<ClInclude Include="..\..\tests\include\test\random.h" />
|
<ClInclude Include="..\..\tests\include\test\random.h" />
|
||||||
|
<ClInclude Include="..\..\tests\include\test\drivers\aead.h" />
|
||||||
<ClInclude Include="..\..\tests\include\test\drivers\cipher.h" />
|
<ClInclude Include="..\..\tests\include\test\drivers\cipher.h" />
|
||||||
<ClInclude Include="..\..\tests\include\test\drivers\key_management.h" />
|
<ClInclude Include="..\..\tests\include\test\drivers\key_management.h" />
|
||||||
<ClInclude Include="..\..\tests\include\test\drivers\signature.h" />
|
<ClInclude Include="..\..\tests\include\test\drivers\signature.h" />
|
||||||
|
@ -255,6 +256,7 @@
|
||||||
<ClInclude Include="..\..\library\mps_error.h" />
|
<ClInclude Include="..\..\library\mps_error.h" />
|
||||||
<ClInclude Include="..\..\library\mps_reader.h" />
|
<ClInclude Include="..\..\library\mps_reader.h" />
|
||||||
<ClInclude Include="..\..\library\mps_trace.h" />
|
<ClInclude Include="..\..\library\mps_trace.h" />
|
||||||
|
<ClInclude Include="..\..\library\psa_crypto_aead.h" />
|
||||||
<ClInclude Include="..\..\library\psa_crypto_cipher.h" />
|
<ClInclude Include="..\..\library\psa_crypto_cipher.h" />
|
||||||
<ClInclude Include="..\..\library\psa_crypto_core.h" />
|
<ClInclude Include="..\..\library\psa_crypto_core.h" />
|
||||||
<ClInclude Include="..\..\library\psa_crypto_driver_wrappers.h" />
|
<ClInclude Include="..\..\library\psa_crypto_driver_wrappers.h" />
|
||||||
|
@ -332,6 +334,7 @@
|
||||||
<ClCompile Include="..\..\library\platform_util.c" />
|
<ClCompile Include="..\..\library\platform_util.c" />
|
||||||
<ClCompile Include="..\..\library\poly1305.c" />
|
<ClCompile Include="..\..\library\poly1305.c" />
|
||||||
<ClCompile Include="..\..\library\psa_crypto.c" />
|
<ClCompile Include="..\..\library\psa_crypto.c" />
|
||||||
|
<ClCompile Include="..\..\library\psa_crypto_aead.c" />
|
||||||
<ClCompile Include="..\..\library\psa_crypto_cipher.c" />
|
<ClCompile Include="..\..\library\psa_crypto_cipher.c" />
|
||||||
<ClCompile Include="..\..\library\psa_crypto_client.c" />
|
<ClCompile Include="..\..\library\psa_crypto_client.c" />
|
||||||
<ClCompile Include="..\..\library\psa_crypto_driver_wrappers.c" />
|
<ClCompile Include="..\..\library\psa_crypto_driver_wrappers.c" />
|
||||||
|
|
Loading…
Reference in a new issue