| /* |
| * PSA cipher driver entry points |
| */ |
| /* |
| * Copyright The Mbed TLS Contributors |
| * SPDX-License-Identifier: Apache-2.0 |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); you may |
| * not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
| * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| #include "common.h" |
| |
| #if defined(MBEDTLS_PSA_CRYPTO_C) |
| |
| # include <psa_crypto_cipher.h> |
| # include "psa_crypto_core.h" |
| # include "psa_crypto_random_impl.h" |
| |
| # include "mbedtls/cipher.h" |
| # include "mbedtls/error.h" |
| |
| # include <string.h> |
| |
| # if (defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES) || \ |
| (defined(PSA_CRYPTO_DRIVER_TEST) && \ |
| defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES))) |
| # define BUILTIN_KEY_TYPE_DES 1 |
| # endif |
| |
| # if (defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \ |
| (defined(PSA_CRYPTO_DRIVER_TEST) && \ |
| defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING))) |
| # define BUILTIN_ALG_CBC_NO_PADDING 1 |
| # endif |
| |
| # if (defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7) || \ |
| (defined(PSA_CRYPTO_DRIVER_TEST) && \ |
| defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7))) |
| # define BUILTIN_ALG_CBC_PKCS7 1 |
| # endif |
| |
| # if (defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20) || \ |
| (defined(PSA_CRYPTO_DRIVER_TEST) && \ |
| defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20))) |
| # define BUILTIN_KEY_TYPE_CHACHA20 1 |
| # endif |
| |
| const mbedtls_cipher_info_t * |
| mbedtls_cipher_info_from_psa(psa_algorithm_t alg, |
| psa_key_type_t key_type, |
| size_t key_bits, |
| mbedtls_cipher_id_t *cipher_id) |
| { |
| mbedtls_cipher_mode_t mode; |
| mbedtls_cipher_id_t cipher_id_tmp; |
| |
| if (PSA_ALG_IS_AEAD(alg)) |
| alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, 0); |
| |
| if (PSA_ALG_IS_CIPHER(alg) || PSA_ALG_IS_AEAD(alg)) { |
| switch (alg) { |
| case PSA_ALG_STREAM_CIPHER: |
| mode = MBEDTLS_MODE_STREAM; |
| break; |
| case PSA_ALG_CTR: |
| mode = MBEDTLS_MODE_CTR; |
| break; |
| case PSA_ALG_CFB: |
| mode = MBEDTLS_MODE_CFB; |
| break; |
| case PSA_ALG_OFB: |
| mode = MBEDTLS_MODE_OFB; |
| break; |
| case PSA_ALG_ECB_NO_PADDING: |
| mode = MBEDTLS_MODE_ECB; |
| break; |
| case PSA_ALG_CBC_NO_PADDING: |
| mode = MBEDTLS_MODE_CBC; |
| break; |
| case PSA_ALG_CBC_PKCS7: |
| mode = MBEDTLS_MODE_CBC; |
| break; |
| case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 0): |
| mode = MBEDTLS_MODE_CCM; |
| break; |
| case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 0): |
| mode = MBEDTLS_MODE_GCM; |
| break; |
| case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 0): |
| mode = MBEDTLS_MODE_CHACHAPOLY; |
| break; |
| default: |
| return NULL; |
| } |
| } else if (alg == PSA_ALG_CMAC) |
| mode = MBEDTLS_MODE_ECB; |
| else |
| return NULL; |
| |
| switch (key_type) { |
| case PSA_KEY_TYPE_AES: |
| cipher_id_tmp = MBEDTLS_CIPHER_ID_AES; |
| break; |
| case PSA_KEY_TYPE_DES: |
| /* key_bits is 64 for Single-DES, 128 for two-key Triple-DES, |
| * and 192 for three-key Triple-DES. */ |
| if (key_bits == 64) |
| cipher_id_tmp = MBEDTLS_CIPHER_ID_DES; |
| else |
| cipher_id_tmp = MBEDTLS_CIPHER_ID_3DES; |
| /* mbedtls doesn't recognize two-key Triple-DES as an algorithm, |
| * but two-key Triple-DES is functionally three-key Triple-DES |
| * with K1=K3, so that's how we present it to mbedtls. */ |
| if (key_bits == 128) |
| key_bits = 192; |
| break; |
| case PSA_KEY_TYPE_CAMELLIA: |
| cipher_id_tmp = MBEDTLS_CIPHER_ID_CAMELLIA; |
| break; |
| case PSA_KEY_TYPE_CHACHA20: |
| cipher_id_tmp = MBEDTLS_CIPHER_ID_CHACHA20; |
| break; |
| default: |
| return NULL; |
| } |
| if (cipher_id != NULL) |
| *cipher_id = cipher_id_tmp; |
| |
| return ( |
| mbedtls_cipher_info_from_values(cipher_id_tmp, (int)key_bits, mode)); |
| } |
| |
| # if defined(MBEDTLS_PSA_BUILTIN_CIPHER) || defined(PSA_CRYPTO_DRIVER_TEST) |
| |
| static psa_status_t cipher_setup(mbedtls_psa_cipher_operation_t *operation, |
| const psa_key_attributes_t *attributes, |
| const uint8_t *key_buffer, |
| size_t key_buffer_size, |
| psa_algorithm_t alg, |
| mbedtls_operation_t cipher_operation) |
| { |
| int ret = 0; |
| size_t key_bits; |
| const mbedtls_cipher_info_t *cipher_info = NULL; |
| psa_key_type_t key_type = attributes->core.type; |
| |
| (void)key_buffer_size; |
| |
| mbedtls_cipher_init(&operation->ctx.cipher); |
| |
| operation->alg = alg; |
| key_bits = attributes->core.bits; |
| cipher_info = mbedtls_cipher_info_from_psa(alg, key_type, key_bits, NULL); |
| if (cipher_info == NULL) |
| return PSA_ERROR_NOT_SUPPORTED; |
| |
| ret = mbedtls_cipher_setup(&operation->ctx.cipher, cipher_info); |
| if (ret != 0) |
| goto exit; |
| |
| # if defined(BUILTIN_KEY_TYPE_DES) |
| if (key_type == PSA_KEY_TYPE_DES && key_bits == 128) { |
| /* Two-key Triple-DES is 3-key Triple-DES with K1=K3 */ |
| uint8_t keys[24]; |
| memcpy(keys, key_buffer, 16); |
| memcpy(keys + 16, key_buffer, 8); |
| ret = mbedtls_cipher_setkey(&operation->ctx.cipher, keys, 192, |
| cipher_operation); |
| } else |
| # endif |
| { |
| ret = mbedtls_cipher_setkey(&operation->ctx.cipher, key_buffer, |
| (int)key_bits, cipher_operation); |
| } |
| if (ret != 0) |
| goto exit; |
| |
| # if defined(BUILTIN_ALG_CBC_NO_PADDING) || \ |
| defined(BUILTIN_ALG_CBC_PKCS7) |
| switch (alg) { |
| case PSA_ALG_CBC_NO_PADDING: |
| ret = mbedtls_cipher_set_padding_mode(&operation->ctx.cipher, |
| MBEDTLS_PADDING_NONE); |
| break; |
| case PSA_ALG_CBC_PKCS7: |
| ret = mbedtls_cipher_set_padding_mode(&operation->ctx.cipher, |
| MBEDTLS_PADDING_PKCS7); |
| break; |
| default: |
| /* The algorithm doesn't involve padding. */ |
| ret = 0; |
| break; |
| } |
| if (ret != 0) |
| goto exit; |
| # endif /* BUILTIN_ALG_CBC_NO_PADDING || BUILTIN_ALG_CBC_PKCS7 */ |
| |
| operation->block_length = (PSA_ALG_IS_STREAM_CIPHER(alg) ? |
| 1 : |
| PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type)); |
| operation->iv_length = PSA_CIPHER_IV_LENGTH(key_type, alg); |
| |
| exit: |
| return mbedtls_to_psa_error(ret); |
| } |
| |
| static psa_status_t |
| cipher_encrypt_setup(mbedtls_psa_cipher_operation_t *operation, |
| const psa_key_attributes_t *attributes, |
| const uint8_t *key_buffer, |
| size_t key_buffer_size, |
| psa_algorithm_t alg) |
| { |
| return (cipher_setup(operation, attributes, key_buffer, key_buffer_size, |
| alg, MBEDTLS_ENCRYPT)); |
| } |
| |
| static psa_status_t |
| cipher_decrypt_setup(mbedtls_psa_cipher_operation_t *operation, |
| const psa_key_attributes_t *attributes, |
| const uint8_t *key_buffer, |
| size_t key_buffer_size, |
| psa_algorithm_t alg) |
| { |
| return (cipher_setup(operation, attributes, key_buffer, key_buffer_size, |
| alg, MBEDTLS_DECRYPT)); |
| } |
| |
| static psa_status_t cipher_set_iv(mbedtls_psa_cipher_operation_t *operation, |
| const uint8_t *iv, |
| size_t iv_length) |
| { |
| if (iv_length != operation->iv_length) |
| return PSA_ERROR_INVALID_ARGUMENT; |
| |
| return (mbedtls_to_psa_error( |
| mbedtls_cipher_set_iv(&operation->ctx.cipher, iv, iv_length))); |
| } |
| |
| /* Process input for which the algorithm is set to ECB mode. This requires |
| * manual processing, since the PSA API is defined as being able to process |
| * arbitrary-length calls to psa_cipher_update() with ECB mode, but the |
| * underlying mbedtls_cipher_update only takes full blocks. */ |
| static psa_status_t psa_cipher_update_ecb(mbedtls_cipher_context_t *ctx, |
| const uint8_t *input, |
| size_t input_length, |
| uint8_t *output, |
| size_t output_size, |
| size_t *output_length) |
| { |
| psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; |
| size_t block_size = ctx->cipher_info->block_size; |
| size_t internal_output_length = 0; |
| *output_length = 0; |
| |
| if (input_length == 0) { |
| status = PSA_SUCCESS; |
| goto exit; |
| } |
| |
| if (ctx->unprocessed_len > 0) { |
| /* Fill up to block size, and run the block if there's a full one. */ |
| size_t bytes_to_copy = block_size - ctx->unprocessed_len; |
| |
| if (input_length < bytes_to_copy) |
| bytes_to_copy = input_length; |
| |
| memcpy(&(ctx->unprocessed_data[ctx->unprocessed_len]), input, |
| bytes_to_copy); |
| input_length -= bytes_to_copy; |
| input += bytes_to_copy; |
| ctx->unprocessed_len += bytes_to_copy; |
| |
| if (ctx->unprocessed_len == block_size) { |
| status = mbedtls_to_psa_error( |
| mbedtls_cipher_update(ctx, ctx->unprocessed_data, block_size, |
| output, &internal_output_length)); |
| |
| if (status != PSA_SUCCESS) |
| goto exit; |
| |
| output += internal_output_length; |
| output_size -= internal_output_length; |
| *output_length += internal_output_length; |
| ctx->unprocessed_len = 0; |
| } |
| } |
| |
| while (input_length >= block_size) { |
| /* Run all full blocks we have, one by one */ |
| status = mbedtls_to_psa_error(mbedtls_cipher_update( |
| ctx, input, block_size, output, &internal_output_length)); |
| |
| if (status != PSA_SUCCESS) |
| goto exit; |
| |
| input_length -= block_size; |
| input += block_size; |
| |
| output += internal_output_length; |
| output_size -= internal_output_length; |
| *output_length += internal_output_length; |
| } |
| |
| if (input_length > 0) { |
| /* Save unprocessed bytes for later processing */ |
| memcpy(&(ctx->unprocessed_data[ctx->unprocessed_len]), input, |
| input_length); |
| ctx->unprocessed_len += input_length; |
| } |
| |
| status = PSA_SUCCESS; |
| |
| exit: |
| return status; |
| } |
| |
| static psa_status_t cipher_update(mbedtls_psa_cipher_operation_t *operation, |
| const uint8_t *input, |
| size_t input_length, |
| uint8_t *output, |
| size_t output_size, |
| size_t *output_length) |
| { |
| psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; |
| size_t expected_output_size; |
| |
| if (!PSA_ALG_IS_STREAM_CIPHER(operation->alg)) { |
| /* Take the unprocessed partial block left over from previous |
| * update calls, if any, plus the input to this call. Remove |
| * the last partial block, if any. You get the data that will be |
| * output in this call. */ |
| expected_output_size = |
| (operation->ctx.cipher.unprocessed_len + input_length) / |
| operation->block_length * operation->block_length; |
| } else { |
| expected_output_size = input_length; |
| } |
| |
| if (output_size < expected_output_size) |
| return PSA_ERROR_BUFFER_TOO_SMALL; |
| |
| if (operation->alg == PSA_ALG_ECB_NO_PADDING) { |
| /* mbedtls_cipher_update has an API inconsistency: it will only |
| * process a single block at a time in ECB mode. Abstract away that |
| * inconsistency here to match the PSA API behaviour. */ |
| status = psa_cipher_update_ecb(&operation->ctx.cipher, input, |
| input_length, output, output_size, |
| output_length); |
| } else { |
| status = mbedtls_to_psa_error( |
| mbedtls_cipher_update(&operation->ctx.cipher, input, input_length, |
| output, output_length)); |
| |
| if (*output_length > output_size) |
| return PSA_ERROR_CORRUPTION_DETECTED; |
| } |
| |
| return status; |
| } |
| |
| static psa_status_t cipher_finish(mbedtls_psa_cipher_operation_t *operation, |
| uint8_t *output, |
| size_t output_size, |
| size_t *output_length) |
| { |
| psa_status_t status = PSA_ERROR_GENERIC_ERROR; |
| uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH]; |
| |
| if (operation->ctx.cipher.unprocessed_len != 0) { |
| if (operation->alg == PSA_ALG_ECB_NO_PADDING || |
| operation->alg == PSA_ALG_CBC_NO_PADDING) { |
| status = PSA_ERROR_INVALID_ARGUMENT; |
| goto exit; |
| } |
| } |
| |
| status = mbedtls_to_psa_error(mbedtls_cipher_finish( |
| &operation->ctx.cipher, temp_output_buffer, output_length)); |
| if (status != PSA_SUCCESS) |
| goto exit; |
| |
| if (*output_length == 0) |
| ; /* Nothing to copy. Note that output may be NULL in this case. */ |
| else if (output_size >= *output_length) |
| memcpy(output, temp_output_buffer, *output_length); |
| else |
| status = PSA_ERROR_BUFFER_TOO_SMALL; |
| |
| exit: |
| mbedtls_platform_zeroize(temp_output_buffer, sizeof(temp_output_buffer)); |
| |
| return status; |
| } |
| |
| static psa_status_t cipher_abort(mbedtls_psa_cipher_operation_t *operation) |
| { |
| /* Sanity check (shouldn't happen: operation->alg should |
| * always have been initialized to a valid value). */ |
| if (!PSA_ALG_IS_CIPHER(operation->alg)) |
| return PSA_ERROR_BAD_STATE; |
| |
| mbedtls_cipher_free(&operation->ctx.cipher); |
| |
| return PSA_SUCCESS; |
| } |
| |
| static psa_status_t cipher_encrypt(const psa_key_attributes_t *attributes, |
| const uint8_t *key_buffer, |
| size_t key_buffer_size, |
| psa_algorithm_t alg, |
| const uint8_t *input, |
| size_t input_length, |
| uint8_t *output, |
| size_t output_size, |
| size_t *output_length) |
| { |
| psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; |
| mbedtls_psa_cipher_operation_t operation = |
| MBEDTLS_PSA_CIPHER_OPERATION_INIT; |
| size_t olength, accumulated_length; |
| |
| status = cipher_encrypt_setup(&operation, attributes, key_buffer, |
| key_buffer_size, alg); |
| if (status != PSA_SUCCESS) |
| goto exit; |
| |
| accumulated_length = 0; |
| if (operation.iv_length > 0) { |
| status = cipher_set_iv(&operation, output, operation.iv_length); |
| if (status != PSA_SUCCESS) |
| goto exit; |
| |
| accumulated_length = operation.iv_length; |
| } |
| |
| status = cipher_update(&operation, input, input_length, |
| output + operation.iv_length, |
| output_size - operation.iv_length, &olength); |
| if (status != PSA_SUCCESS) |
| goto exit; |
| |
| accumulated_length += olength; |
| |
| status = cipher_finish(&operation, output + accumulated_length, |
| output_size - accumulated_length, &olength); |
| if (status != PSA_SUCCESS) |
| goto exit; |
| |
| *output_length = accumulated_length + olength; |
| |
| exit: |
| if (status == PSA_SUCCESS) |
| status = cipher_abort(&operation); |
| else |
| cipher_abort(&operation); |
| return status; |
| } |
| |
| static psa_status_t cipher_decrypt(const psa_key_attributes_t *attributes, |
| const uint8_t *key_buffer, |
| size_t key_buffer_size, |
| psa_algorithm_t alg, |
| const uint8_t *input, |
| size_t input_length, |
| uint8_t *output, |
| size_t output_size, |
| size_t *output_length) |
| { |
| psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; |
| mbedtls_psa_cipher_operation_t operation = |
| MBEDTLS_PSA_CIPHER_OPERATION_INIT; |
| size_t olength, accumulated_length; |
| |
| status = cipher_decrypt_setup(&operation, attributes, key_buffer, |
| key_buffer_size, alg); |
| if (status != PSA_SUCCESS) |
| goto exit; |
| |
| if (operation.iv_length > 0) { |
| status = cipher_set_iv(&operation, input, operation.iv_length); |
| if (status != PSA_SUCCESS) |
| goto exit; |
| } |
| |
| status = cipher_update(&operation, input + operation.iv_length, |
| input_length - operation.iv_length, output, |
| output_size, &olength); |
| if (status != PSA_SUCCESS) |
| goto exit; |
| |
| accumulated_length = olength; |
| |
| status = cipher_finish(&operation, output + accumulated_length, |
| output_size - accumulated_length, &olength); |
| if (status != PSA_SUCCESS) |
| goto exit; |
| |
| *output_length = accumulated_length + olength; |
| |
| exit: |
| if (status == PSA_SUCCESS) |
| status = cipher_abort(&operation); |
| else |
| cipher_abort(&operation); |
| return status; |
| } |
| # endif /* MBEDTLS_PSA_BUILTIN_CIPHER || PSA_CRYPTO_DRIVER_TEST */ |
| |
| # if defined(MBEDTLS_PSA_BUILTIN_CIPHER) |
| psa_status_t |
| mbedtls_psa_cipher_encrypt_setup(mbedtls_psa_cipher_operation_t *operation, |
| const psa_key_attributes_t *attributes, |
| const uint8_t *key_buffer, |
| size_t key_buffer_size, |
| psa_algorithm_t alg) |
| { |
| return (cipher_encrypt_setup(operation, attributes, key_buffer, |
| key_buffer_size, alg)); |
| } |
| |
| psa_status_t |
| mbedtls_psa_cipher_decrypt_setup(mbedtls_psa_cipher_operation_t *operation, |
| const psa_key_attributes_t *attributes, |
| const uint8_t *key_buffer, |
| size_t key_buffer_size, |
| psa_algorithm_t alg) |
| { |
| return (cipher_decrypt_setup(operation, attributes, key_buffer, |
| key_buffer_size, alg)); |
| } |
| |
| psa_status_t |
| mbedtls_psa_cipher_set_iv(mbedtls_psa_cipher_operation_t *operation, |
| const uint8_t *iv, |
| size_t iv_length) |
| { |
| return cipher_set_iv(operation, iv, iv_length); |
| } |
| |
| psa_status_t |
| mbedtls_psa_cipher_update(mbedtls_psa_cipher_operation_t *operation, |
| const uint8_t *input, |
| size_t input_length, |
| uint8_t *output, |
| size_t output_size, |
| size_t *output_length) |
| { |
| return (cipher_update(operation, input, input_length, output, output_size, |
| output_length)); |
| } |
| |
| psa_status_t |
| mbedtls_psa_cipher_finish(mbedtls_psa_cipher_operation_t *operation, |
| uint8_t *output, |
| size_t output_size, |
| size_t *output_length) |
| { |
| return cipher_finish(operation, output, output_size, output_length); |
| } |
| |
| psa_status_t mbedtls_psa_cipher_abort(mbedtls_psa_cipher_operation_t *operation) |
| { |
| return cipher_abort(operation); |
| } |
| |
| psa_status_t mbedtls_psa_cipher_encrypt(const psa_key_attributes_t *attributes, |
| const uint8_t *key_buffer, |
| size_t key_buffer_size, |
| psa_algorithm_t alg, |
| const uint8_t *input, |
| size_t input_length, |
| uint8_t *output, |
| size_t output_size, |
| size_t *output_length) |
| { |
| return (cipher_encrypt(attributes, key_buffer, key_buffer_size, alg, input, |
| input_length, output, output_size, output_length)); |
| } |
| |
| psa_status_t mbedtls_psa_cipher_decrypt(const psa_key_attributes_t *attributes, |
| const uint8_t *key_buffer, |
| size_t key_buffer_size, |
| psa_algorithm_t alg, |
| const uint8_t *input, |
| size_t input_length, |
| uint8_t *output, |
| size_t output_size, |
| size_t *output_length) |
| { |
| return (cipher_decrypt(attributes, key_buffer, key_buffer_size, alg, input, |
| input_length, output, output_size, output_length)); |
| } |
| # endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ |
| |
| /* |
| * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. |
| */ |
| |
| # if defined(PSA_CRYPTO_DRIVER_TEST) |
| psa_status_t mbedtls_transparent_test_driver_cipher_encrypt_setup( |
| mbedtls_psa_cipher_operation_t *operation, |
| const psa_key_attributes_t *attributes, |
| const uint8_t *key_buffer, |
| size_t key_buffer_size, |
| psa_algorithm_t alg) |
| { |
| return (cipher_encrypt_setup(operation, attributes, key_buffer, |
| key_buffer_size, alg)); |
| } |
| |
| psa_status_t mbedtls_transparent_test_driver_cipher_decrypt_setup( |
| mbedtls_psa_cipher_operation_t *operation, |
| const psa_key_attributes_t *attributes, |
| const uint8_t *key_buffer, |
| size_t key_buffer_size, |
| psa_algorithm_t alg) |
| { |
| return (cipher_decrypt_setup(operation, attributes, key_buffer, |
| key_buffer_size, alg)); |
| } |
| |
| psa_status_t mbedtls_transparent_test_driver_cipher_set_iv( |
| mbedtls_psa_cipher_operation_t *operation, |
| const uint8_t *iv, |
| size_t iv_length) |
| { |
| return cipher_set_iv(operation, iv, iv_length); |
| } |
| |
| psa_status_t mbedtls_transparent_test_driver_cipher_update( |
| mbedtls_psa_cipher_operation_t *operation, |
| const uint8_t *input, |
| size_t input_length, |
| uint8_t *output, |
| size_t output_size, |
| size_t *output_length) |
| { |
| return (cipher_update(operation, input, input_length, output, output_size, |
| output_length)); |
| } |
| |
| psa_status_t mbedtls_transparent_test_driver_cipher_finish( |
| mbedtls_psa_cipher_operation_t *operation, |
| uint8_t *output, |
| size_t output_size, |
| size_t *output_length) |
| { |
| return cipher_finish(operation, output, output_size, output_length); |
| } |
| |
| psa_status_t mbedtls_transparent_test_driver_cipher_abort( |
| mbedtls_psa_cipher_operation_t *operation) |
| { |
| return cipher_abort(operation); |
| } |
| |
| psa_status_t mbedtls_transparent_test_driver_cipher_encrypt( |
| const psa_key_attributes_t *attributes, |
| const uint8_t *key_buffer, |
| size_t key_buffer_size, |
| psa_algorithm_t alg, |
| const uint8_t *input, |
| size_t input_length, |
| uint8_t *output, |
| size_t output_size, |
| size_t *output_length) |
| { |
| return (cipher_encrypt(attributes, key_buffer, key_buffer_size, alg, input, |
| input_length, output, output_size, output_length)); |
| } |
| |
| psa_status_t mbedtls_transparent_test_driver_cipher_decrypt( |
| const psa_key_attributes_t *attributes, |
| const uint8_t *key_buffer, |
| size_t key_buffer_size, |
| psa_algorithm_t alg, |
| const uint8_t *input, |
| size_t input_length, |
| uint8_t *output, |
| size_t output_size, |
| size_t *output_length) |
| { |
| return (cipher_decrypt(attributes, key_buffer, key_buffer_size, alg, input, |
| input_length, output, output_size, output_length)); |
| } |
| # endif /* PSA_CRYPTO_DRIVER_TEST */ |
| |
| #endif /* MBEDTLS_PSA_CRYPTO_C */ |