Add helper function to translate mbedtls cipher type/mode pair to psa: algorithm, key type and key size.
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index ad358b3..fb7533a 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -1274,6 +1274,22 @@
return( MBEDTLS_SVC_KEY_ID_INIT );
}
+
+/* Corresponding PSA algorithm for MBEDTLS_CIPHER_NULL */
+#define MBEDTLS_SSL_NULL_CIPHER 0x04000000
+
+/**
+ * Translate mbedtls cipher type/mode pair to psa: algorithm, key type and
+ * key size.
+ *
+ * Return PSA_SUCCESS on success or PSA_ERROR_NOT_SUPPORTED if
+ * conversion is not supported.
+ */
+psa_status_t mbedtls_cipher_to_psa( mbedtls_cipher_type_t mbedtls_cipher_type,
+ size_t taglen,
+ psa_algorithm_t *alg,
+ psa_key_type_t *key_type,
+ size_t *key_size );
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index f261a6a..61b8c6c 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -4006,6 +4006,151 @@
return( ret );
}
+psa_status_t mbedtls_cipher_to_psa( mbedtls_cipher_type_t mbedtls_cipher_type,
+ size_t taglen,
+ psa_algorithm_t *alg,
+ psa_key_type_t *key_type,
+ size_t *key_size )
+{
+ switch ( mbedtls_cipher_type )
+ {
+ case MBEDTLS_CIPHER_AES_128_CBC:
+ *alg = PSA_ALG_CBC_NO_PADDING;
+ *key_type = PSA_KEY_TYPE_AES;
+ *key_size = 128;
+ break;
+ case MBEDTLS_CIPHER_AES_128_CCM:
+ *alg = taglen ? PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, taglen ) : PSA_ALG_CCM;
+ *key_type = PSA_KEY_TYPE_AES;
+ *key_size = 128;
+ break;
+ case MBEDTLS_CIPHER_AES_128_GCM:
+ *alg = PSA_ALG_GCM;
+ *key_type = PSA_KEY_TYPE_AES;
+ *key_size = 128;
+ break;
+ case MBEDTLS_CIPHER_AES_192_CCM:
+ *alg = taglen ? PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, taglen ) : PSA_ALG_CCM;
+ *key_type = PSA_KEY_TYPE_AES;
+ *key_size = 192;
+ break;
+ case MBEDTLS_CIPHER_AES_192_GCM:
+ *alg = PSA_ALG_GCM;
+ *key_type = PSA_KEY_TYPE_AES;
+ *key_size = 192;
+ break;
+ case MBEDTLS_CIPHER_AES_256_CBC:
+ *alg = PSA_ALG_CBC_NO_PADDING;
+ *key_type = PSA_KEY_TYPE_AES;
+ *key_size = 256;
+ break;
+ case MBEDTLS_CIPHER_AES_256_CCM:
+ *alg = taglen ? PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, taglen ) : PSA_ALG_CCM;
+ *key_type = PSA_KEY_TYPE_AES;
+ *key_size = 256;
+ break;
+ case MBEDTLS_CIPHER_AES_256_GCM:
+ *alg = PSA_ALG_GCM;
+ *key_type = PSA_KEY_TYPE_AES;
+ *key_size = 256;
+ break;
+ case MBEDTLS_CIPHER_ARIA_128_CBC:
+ *alg = PSA_ALG_CBC_NO_PADDING;
+ *key_type = PSA_KEY_TYPE_ARIA;
+ *key_size = 128;
+ break;
+ case MBEDTLS_CIPHER_ARIA_128_CCM:
+ *alg = taglen ? PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, taglen ) : PSA_ALG_CCM;
+ *key_type = PSA_KEY_TYPE_ARIA;
+ *key_size = 128;
+ break;
+ case MBEDTLS_CIPHER_ARIA_128_GCM:
+ *alg = PSA_ALG_GCM;
+ *key_type = PSA_KEY_TYPE_ARIA;
+ *key_size = 128;
+ break;
+ case MBEDTLS_CIPHER_ARIA_192_CCM:
+ *alg = taglen ? PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, taglen ) : PSA_ALG_CCM;
+ *key_type = PSA_KEY_TYPE_ARIA;
+ *key_size = 192;
+ break;
+ case MBEDTLS_CIPHER_ARIA_192_GCM:
+ *alg = PSA_ALG_GCM;
+ *key_type = PSA_KEY_TYPE_ARIA;
+ *key_size = 192;
+ break;
+ case MBEDTLS_CIPHER_ARIA_256_CBC:
+ *alg = PSA_ALG_CBC_NO_PADDING;
+ *key_type = PSA_KEY_TYPE_ARIA;
+ *key_size = 256;
+ break;
+ case MBEDTLS_CIPHER_ARIA_256_CCM:
+ *alg = taglen ? PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, taglen ) : PSA_ALG_CCM;
+ *key_type = PSA_KEY_TYPE_ARIA;
+ *key_size = 256;
+ break;
+ case MBEDTLS_CIPHER_ARIA_256_GCM:
+ *alg = PSA_ALG_GCM;
+ *key_type = PSA_KEY_TYPE_ARIA;
+ *key_size = 256;
+ break;
+ case MBEDTLS_CIPHER_CAMELLIA_128_CBC:
+ *alg = PSA_ALG_CBC_NO_PADDING;
+ *key_type = PSA_KEY_TYPE_CAMELLIA;
+ *key_size = 128;
+ break;
+ case MBEDTLS_CIPHER_CAMELLIA_128_CCM:
+ *alg = taglen ? PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, taglen ) : PSA_ALG_CCM;
+ *key_type = PSA_KEY_TYPE_CAMELLIA;
+ *key_size = 128;
+ break;
+ case MBEDTLS_CIPHER_CAMELLIA_128_GCM:
+ *alg = PSA_ALG_GCM;
+ *key_type = PSA_KEY_TYPE_CAMELLIA;
+ *key_size = 128;
+ break;
+ case MBEDTLS_CIPHER_CAMELLIA_192_CCM:
+ *alg = taglen ? PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, taglen ) : PSA_ALG_CCM;
+ *key_type = PSA_KEY_TYPE_CAMELLIA;
+ *key_size = 192;
+ break;
+ case MBEDTLS_CIPHER_CAMELLIA_192_GCM:
+ *alg = PSA_ALG_GCM;
+ *key_type = PSA_KEY_TYPE_CAMELLIA;
+ *key_size = 192;
+ break;
+ case MBEDTLS_CIPHER_CAMELLIA_256_CBC:
+ *alg = PSA_ALG_CBC_NO_PADDING;
+ *key_type = PSA_KEY_TYPE_CAMELLIA;
+ *key_size = 256;
+ break;
+ case MBEDTLS_CIPHER_CAMELLIA_256_CCM:
+ *alg = taglen ? PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, taglen ) : PSA_ALG_CCM;
+ *key_type = PSA_KEY_TYPE_CAMELLIA;
+ *key_size = 256;
+ break;
+ case MBEDTLS_CIPHER_CAMELLIA_256_GCM:
+ *alg = PSA_ALG_GCM;
+ *key_type = PSA_KEY_TYPE_CAMELLIA;
+ *key_size = 256;
+ break;
+ case MBEDTLS_CIPHER_CHACHA20_POLY1305:
+ *alg = PSA_ALG_CHACHA20_POLY1305;
+ *key_type = PSA_KEY_TYPE_CHACHA20;
+ *key_size = 256;
+ break;
+ case MBEDTLS_CIPHER_NULL:
+ *alg = MBEDTLS_SSL_NULL_CIPHER;
+ *key_type = 0;
+ *key_size = 0;
+ break;
+ default:
+ return PSA_ERROR_NOT_SUPPORTED;
+ }
+
+ return PSA_SUCCESS;
+}
+
int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl,
mbedtls_svc_key_id_t psk )
{