commit fe73adee5ae72d5d0b4de8fcab8e2efa3b7f4bc4
author Hanno Becker <hanno.becker@arm.com> Mon Nov 12 16:26:46 2018 +0000
committer Hanno Becker <hanno.becker@arm.com> Thu Nov 22 16:33:01 2018 +0000
tree d8495a519b3ebbe1a9676e82a4ea2a786867fb36
parent 20120b373e27f423ade5cb185c4815d1e5685852

Implement PSA-based AEAD enc/dec cipher operations

library/cipher.c

diff --git a/library/cipher.c b/library/cipher.c
index 0b7c887..c03b052 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -1289,8 +1289,32 @@
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
     if( ctx->psa_enabled == 1 )
     {
-        /* TODO */
-        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+        /* As in the non-PSA case, we don't check that
+         * a key has been set. If not, the key slot will
+         * still be in its default state of 0, which is
+         * guaranteed to be invalid, hence the PSA-call
+         * below will gracefully fail. */
+        mbedtls_cipher_context_psa * const cipher_psa =
+            (mbedtls_cipher_context_psa *) ctx->cipher_ctx;
+
+        psa_status_t status;
+
+        /* PSA Crypto API always writes the authentication tag
+         * at the end of the encrypted message. */
+        if( tag != output + ilen )
+            return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+
+        status = psa_aead_encrypt( cipher_psa->slot,
+                                   cipher_psa->alg,
+                                   iv, iv_len,
+                                   ad, ad_len,
+                                   input, ilen,
+                                   output, ilen + tag_len, olen );
+        if( status != PSA_SUCCESS )
+            return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
+
+        *olen -= tag_len;
+        return( 0 );
     }
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 
@@ -1344,8 +1368,33 @@
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
     if( ctx->psa_enabled == 1 )
     {
-        /* TODO */
-        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+        /* As in the non-PSA case, we don't check that
+         * a key has been set. If not, the key slot will
+         * still be in its default state of 0, which is
+         * guaranteed to be invalid, hence the PSA-call
+         * below will gracefully fail. */
+        mbedtls_cipher_context_psa * const cipher_psa =
+            (mbedtls_cipher_context_psa *) ctx->cipher_ctx;
+
+        psa_status_t status;
+
+        /* PSA Crypto API always writes the authentication tag
+         * at the end of the encrypted message. */
+        if( tag != input + ilen )
+            return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+
+        status = psa_aead_decrypt( cipher_psa->slot,
+                                   cipher_psa->alg,
+                                   iv, iv_len,
+                                   ad, ad_len,
+                                   input, ilen + tag_len,
+                                   output, ilen, olen );
+        if( status == PSA_ERROR_INVALID_SIGNATURE )
+            return( MBEDTLS_ERR_CIPHER_AUTH_FAILED );
+        else if( status != PSA_SUCCESS )
+            return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
+
+        return( 0 );
     }
 #endif /* MBEDTLS_USE_PSA_CRYPTO */