Add missing compilation guards for GCM and CCM
Add missing compilation guards that broke the build if either GCM or
CCM was not defined.
Add missing guards on test cases that require GCM or CBC.
The build and tests now pass for any subset of {MBEDTLS_CCM_C,
MBEDTLS_GCM_C}. There are still unused variables warnings if neither
is defined.
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index d100eb1..910de1f 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3146,7 +3146,7 @@
mbedtls_ccm_free( &operation->ctx.ccm );
break;
#endif /* MBEDTLS_CCM_C */
-#if defined(MBEDTLS_CCM_C)
+#if defined(MBEDTLS_GCM_C)
case PSA_ALG_GCM:
mbedtls_gcm_free( &operation->ctx.gcm );
break;
@@ -3259,6 +3259,7 @@
}
tag = ciphertext + plaintext_length;
+#if defined(MBEDTLS_GCM_C)
if( operation.core_alg == PSA_ALG_GCM )
{
status = mbedtls_to_psa_error(
@@ -3270,7 +3271,10 @@
plaintext, ciphertext,
operation.tag_length, tag ) );
}
- else if( operation.core_alg == PSA_ALG_CCM )
+ else
+#endif /* MBEDTLS_GCM_C */
+#if defined(MBEDTLS_CCM_C)
+ if( operation.core_alg == PSA_ALG_CCM )
{
status = mbedtls_to_psa_error(
mbedtls_ccm_encrypt_and_tag( &operation.ctx.ccm,
@@ -3282,6 +3286,7 @@
tag, operation.tag_length ) );
}
else
+#endif /* MBEDTLS_CCM_C */
{
return( PSA_ERROR_NOT_SUPPORTED );
}
@@ -3339,6 +3344,7 @@
if( status != PSA_SUCCESS )
return( status );
+#if defined(MBEDTLS_GCM_C)
if( operation.core_alg == PSA_ALG_GCM )
{
status = psa_aead_unpadded_locate_tag( operation.tag_length,
@@ -3356,7 +3362,10 @@
tag, operation.tag_length,
ciphertext, plaintext ) );
}
- else if( operation.core_alg == PSA_ALG_CCM )
+ else
+#endif /* MBEDTLS_GCM_C */
+#if defined(MBEDTLS_CCM_C)
+ if( operation.core_alg == PSA_ALG_CCM )
{
status = psa_aead_unpadded_locate_tag( operation.tag_length,
ciphertext, ciphertext_length,
@@ -3374,6 +3383,7 @@
tag, operation.tag_length ) );
}
else
+#endif /* MBEDTLS_CCM_C */
{
return( PSA_ERROR_NOT_SUPPORTED );
}
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index e1c1b05..6087412 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1770,19 +1770,19 @@
generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_SUCCESS
PSA generate key: AES, 128 bits, GCM
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_GCM:PSA_SUCCESS
PSA generate key: DES, 64 bits, CBC-nopad
-depends_on:MBEDTLS_DES_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS
PSA generate key: DES, 128 bits, CBC-nopad
-depends_on:MBEDTLS_DES_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
generate_key:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS
PSA generate key: DES, 192 bits, CBC-nopad
-depends_on:MBEDTLS_DES_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
generate_key:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS
PSA generate key: invalid key size: AES, 64 bits