TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / f494bcd31347456c58362efa606832de14e8f461 / . / library / psa_crypto_cipher.c
blob: a65e88492e78b684855f7ecfefd1dd04bbc41c4f [file] [log] [blame]
Ronald Cron0ff57952021-03-08 16:46:35 +0100[diff] [blame]1/*
2 * PSA cipher driver entry points
3 */
4/*
5 * Copyright The Mbed TLS Contributors
6 * SPDX-License-Identifier: Apache-2.0
7 *
8 * Licensed under the Apache License, Version 2.0 (the "License"); you may
9 * not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
11 *
12 * http://www.apache.org/licenses/LICENSE-2.0
13 *
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 */
20
21#include "common.h"
22
23#if defined(MBEDTLS_PSA_CRYPTO_C)
24
25#include <psa_crypto_cipher.h>
Ronald Crond6d28882020-12-14 14:56:02 +0100[diff] [blame]26#include "psa_crypto_core.h"
Ronald Cron6d051732020-10-01 14:10:20 +0200[diff] [blame]27#include "psa_crypto_random_impl.h"
28
Ronald Crond6d28882020-12-14 14:56:02 +0100[diff] [blame]29#include "mbedtls/cipher.h"
Ronald Cron6d051732020-10-01 14:10:20 +0200[diff] [blame]30#include "mbedtls/error.h"
Ronald Cron0ff57952021-03-08 16:46:35 +0100[diff] [blame]31
Ronald Crond6d28882020-12-14 14:56:02 +0100[diff] [blame]32#include <string.h>
33
Ronald Cron5d9b00d2021-03-10 14:43:20 +0100[diff] [blame]34#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES) || \
35 ( defined(PSA_CRYPTO_DRIVER_TEST) && \
36 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES) ) )
37#define BUILTIN_KEY_TYPE_DES 1
38#endif
39
40#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \
41 ( defined(PSA_CRYPTO_DRIVER_TEST) && \
42 defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) ) )
43#define BUILTIN_ALG_CBC_NO_PADDING 1
44#endif
45
46#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7) || \
47 ( defined(PSA_CRYPTO_DRIVER_TEST) && \
48 defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7) ) )
49#define BUILTIN_ALG_CBC_PKCS7 1
50#endif
51
52#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20) || \
53 ( defined(PSA_CRYPTO_DRIVER_TEST) && \
54 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20) ) )
55#define BUILTIN_KEY_TYPE_CHACHA20 1
56#endif
57
Ronald Cron75e6ae22021-03-17 14:46:05 +0100[diff] [blame]58const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
59 psa_algorithm_t alg,
60 psa_key_type_t key_type,
61 size_t key_bits,
62 mbedtls_cipher_id_t* cipher_id )
63{
64 mbedtls_cipher_mode_t mode;
65 mbedtls_cipher_id_t cipher_id_tmp;
66
67 if( PSA_ALG_IS_AEAD( alg ) )
68 alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, 0 );
69
70 if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) )
71 {
72 switch( alg )
73 {
74 case PSA_ALG_STREAM_CIPHER:
75 mode = MBEDTLS_MODE_STREAM;
76 break;
77 case PSA_ALG_CTR:
78 mode = MBEDTLS_MODE_CTR;
79 break;
80 case PSA_ALG_CFB:
81 mode = MBEDTLS_MODE_CFB;
82 break;
83 case PSA_ALG_OFB:
84 mode = MBEDTLS_MODE_OFB;
85 break;
86 case PSA_ALG_ECB_NO_PADDING:
87 mode = MBEDTLS_MODE_ECB;
88 break;
89 case PSA_ALG_CBC_NO_PADDING:
90 mode = MBEDTLS_MODE_CBC;
91 break;
92 case PSA_ALG_CBC_PKCS7:
93 mode = MBEDTLS_MODE_CBC;
94 break;
95 case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 0 ):
96 mode = MBEDTLS_MODE_CCM;
97 break;
98 case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 0 ):
99 mode = MBEDTLS_MODE_GCM;
100 break;
101 case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CHACHA20_POLY1305, 0 ):
102 mode = MBEDTLS_MODE_CHACHAPOLY;
103 break;
104 default:
105 return( NULL );
106 }
107 }
108 else if( alg == PSA_ALG_CMAC )
109 mode = MBEDTLS_MODE_ECB;
110 else
111 return( NULL );
112
113 switch( key_type )
114 {
115 case PSA_KEY_TYPE_AES:
116 cipher_id_tmp = MBEDTLS_CIPHER_ID_AES;
117 break;
118 case PSA_KEY_TYPE_DES:
119 /* key_bits is 64 for Single-DES, 128 for two-key Triple-DES,
120 * and 192 for three-key Triple-DES. */
121 if( key_bits == 64 )
122 cipher_id_tmp = MBEDTLS_CIPHER_ID_DES;
123 else
124 cipher_id_tmp = MBEDTLS_CIPHER_ID_3DES;
125 /* mbedtls doesn't recognize two-key Triple-DES as an algorithm,
126 * but two-key Triple-DES is functionally three-key Triple-DES
127 * with K1=K3, so that's how we present it to mbedtls. */
128 if( key_bits == 128 )
129 key_bits = 192;
130 break;
131 case PSA_KEY_TYPE_CAMELLIA:
132 cipher_id_tmp = MBEDTLS_CIPHER_ID_CAMELLIA;
133 break;
Ronald Cron75e6ae22021-03-17 14:46:05 +0100[diff] [blame]134 case PSA_KEY_TYPE_CHACHA20:
135 cipher_id_tmp = MBEDTLS_CIPHER_ID_CHACHA20;
136 break;
137 default:
138 return( NULL );
139 }
140 if( cipher_id != NULL )
141 *cipher_id = cipher_id_tmp;
142
143 return( mbedtls_cipher_info_from_values( cipher_id_tmp,
144 (int) key_bits, mode ) );
145}
146
Ronald Cron5d9b00d2021-03-10 14:43:20 +0100[diff] [blame]147#if defined(MBEDTLS_PSA_BUILTIN_CIPHER) || defined(PSA_CRYPTO_DRIVER_TEST)
148
Ronald Crond6d28882020-12-14 14:56:02 +0100[diff] [blame]149static psa_status_t cipher_setup(
Ronald Cron6e412a72021-03-10 09:58:47 +0100[diff] [blame]150 mbedtls_psa_cipher_operation_t *operation,
Ronald Crond6d28882020-12-14 14:56:02 +0100[diff] [blame]151 const psa_key_attributes_t *attributes,
152 const uint8_t *key_buffer, size_t key_buffer_size,
153 psa_algorithm_t alg,
154 mbedtls_operation_t cipher_operation )
155{
156 int ret = 0;
157 size_t key_bits;
158 const mbedtls_cipher_info_t *cipher_info = NULL;
159 psa_key_type_t key_type = attributes->core.type;
160
161 (void)key_buffer_size;
162
163 /* Proceed with initializing an mbed TLS cipher context if no driver is
164 * available for the given algorithm & key. */
Ronald Cron6e412a72021-03-10 09:58:47 +0100[diff] [blame]165 mbedtls_cipher_init( &operation->cipher );
Ronald Crond6d28882020-12-14 14:56:02 +0100[diff] [blame]166
Ronald Cron6e412a72021-03-10 09:58:47 +0100[diff] [blame]167 operation->alg = alg;
Ronald Crond6d28882020-12-14 14:56:02 +0100[diff] [blame]168 key_bits = attributes->core.bits;
169 cipher_info = mbedtls_cipher_info_from_psa( alg, key_type,
170 key_bits, NULL );
171 if( cipher_info == NULL )
172 return( PSA_ERROR_NOT_SUPPORTED );
173
Ronald Cron6e412a72021-03-10 09:58:47 +0100[diff] [blame]174 ret = mbedtls_cipher_setup( &operation->cipher, cipher_info );
Ronald Crond6d28882020-12-14 14:56:02 +0100[diff] [blame]175 if( ret != 0 )
176 goto exit;
177
Ronald Cron5d9b00d2021-03-10 14:43:20 +0100[diff] [blame]178#if defined(BUILTIN_KEY_TYPE_DES)
Ronald Crond6d28882020-12-14 14:56:02 +0100[diff] [blame]179 if( key_type == PSA_KEY_TYPE_DES && key_bits == 128 )
180 {
181 /* Two-key Triple-DES is 3-key Triple-DES with K1=K3 */
182 uint8_t keys[24];
183 memcpy( keys, key_buffer, 16 );
184 memcpy( keys + 16, key_buffer, 8 );
Ronald Cron6e412a72021-03-10 09:58:47 +0100[diff] [blame]185 ret = mbedtls_cipher_setkey( &operation->cipher,
Ronald Crond6d28882020-12-14 14:56:02 +0100[diff] [blame]186 keys,
187 192, cipher_operation );
188 }
189 else
190#endif
191 {
Ronald Cron6e412a72021-03-10 09:58:47 +0100[diff] [blame]192 ret = mbedtls_cipher_setkey( &operation->cipher, key_buffer,
Ronald Crond6d28882020-12-14 14:56:02 +0100[diff] [blame]193 (int) key_bits, cipher_operation );
194 }
195 if( ret != 0 )
196 goto exit;
197
Ronald Cron5d9b00d2021-03-10 14:43:20 +0100[diff] [blame]198#if defined(BUILTIN_ALG_CBC_NO_PADDING) || \
199 defined(BUILTIN_ALG_CBC_PKCS7)
Ronald Crond6d28882020-12-14 14:56:02 +0100[diff] [blame]200 switch( alg )
201 {
202 case PSA_ALG_CBC_NO_PADDING:
Ronald Cron6e412a72021-03-10 09:58:47 +0100[diff] [blame]203 ret = mbedtls_cipher_set_padding_mode( &operation->cipher,
Ronald Crond6d28882020-12-14 14:56:02 +0100[diff] [blame]204 MBEDTLS_PADDING_NONE );
205 break;
206 case PSA_ALG_CBC_PKCS7:
Ronald Cron6e412a72021-03-10 09:58:47 +0100[diff] [blame]207 ret = mbedtls_cipher_set_padding_mode( &operation->cipher,
Ronald Crond6d28882020-12-14 14:56:02 +0100[diff] [blame]208 MBEDTLS_PADDING_PKCS7 );
209 break;
210 default:
211 /* The algorithm doesn't involve padding. */
212 ret = 0;
213 break;
214 }
215 if( ret != 0 )
216 goto exit;
Ronald Cron5d9b00d2021-03-10 14:43:20 +0100[diff] [blame]217#endif /* BUILTIN_ALG_CBC_NO_PADDING || BUILTIN_ALG_CBC_PKCS7 */
Ronald Crond6d28882020-12-14 14:56:02 +0100[diff] [blame]218
Ronald Cron6ad554c2021-03-26 09:29:09 +0100[diff] [blame]219 operation->block_length = ( PSA_ALG_IS_STREAM_CIPHER( alg ) ? 1 :
220 PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) );
Ronald Cronc17e8a92021-03-19 14:12:26 +0100[diff] [blame]221 operation->iv_length = PSA_CIPHER_IV_LENGTH( key_type, alg );
Ronald Crond6d28882020-12-14 14:56:02 +0100[diff] [blame]222
223exit:
224 return( mbedtls_to_psa_error( ret ) );
225}
226
Ronald Cron8287e6b2021-03-12 10:35:18 +0100[diff] [blame]227static psa_status_t cipher_encrypt_setup(
Ronald Cron6e412a72021-03-10 09:58:47 +0100[diff] [blame]228 mbedtls_psa_cipher_operation_t *operation,
Ronald Crond6d28882020-12-14 14:56:02 +0100[diff] [blame]229 const psa_key_attributes_t *attributes,
230 const uint8_t *key_buffer, size_t key_buffer_size,
231 psa_algorithm_t alg )
232{
233 return( cipher_setup( operation, attributes,
234 key_buffer, key_buffer_size,
235 alg, MBEDTLS_ENCRYPT ) );
236}
237
Ronald Cron8287e6b2021-03-12 10:35:18 +0100[diff] [blame]238static psa_status_t cipher_decrypt_setup(
Ronald Cron6e412a72021-03-10 09:58:47 +0100[diff] [blame]239 mbedtls_psa_cipher_operation_t *operation,
Ronald Crond6d28882020-12-14 14:56:02 +0100[diff] [blame]240 const psa_key_attributes_t *attributes,
241 const uint8_t *key_buffer, size_t key_buffer_size,
242 psa_algorithm_t alg )
243{
244 return( cipher_setup( operation, attributes,
245 key_buffer, key_buffer_size,
246 alg, MBEDTLS_DECRYPT ) );
247}
Ronald Cron6d051732020-10-01 14:10:20 +0200[diff] [blame]248
Ronald Cron8287e6b2021-03-12 10:35:18 +0100[diff] [blame]249static psa_status_t cipher_set_iv( mbedtls_psa_cipher_operation_t *operation,
250 const uint8_t *iv, size_t iv_length )
251{
Ronald Cron6ad554c2021-03-26 09:29:09 +0100[diff] [blame]252 if( iv_length != operation->iv_length )
Ronald Cron8287e6b2021-03-12 10:35:18 +0100[diff] [blame]253 return( PSA_ERROR_INVALID_ARGUMENT );
254
255 return( mbedtls_to_psa_error(
256 mbedtls_cipher_set_iv( &operation->cipher,
257 iv, iv_length ) ) );
258}
259
Ronald Cron6d051732020-10-01 14:10:20 +0200[diff] [blame]260/* Process input for which the algorithm is set to ECB mode. This requires
261 * manual processing, since the PSA API is defined as being able to process
262 * arbitrary-length calls to psa_cipher_update() with ECB mode, but the
263 * underlying mbedtls_cipher_update only takes full blocks. */
264static psa_status_t psa_cipher_update_ecb(
265 mbedtls_cipher_context_t *ctx,
266 const uint8_t *input,
267 size_t input_length,
268 uint8_t *output,
269 size_t output_size,
270 size_t *output_length )
271{
272 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
273 size_t block_size = ctx->cipher_info->block_size;
274 size_t internal_output_length = 0;
275 *output_length = 0;
276
277 if( input_length == 0 )
278 {
279 status = PSA_SUCCESS;
280 goto exit;
281 }
282
283 if( ctx->unprocessed_len > 0 )
284 {
285 /* Fill up to block size, and run the block if there's a full one. */
286 size_t bytes_to_copy = block_size - ctx->unprocessed_len;
287
288 if( input_length < bytes_to_copy )
289 bytes_to_copy = input_length;
290
291 memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ),
292 input, bytes_to_copy );
293 input_length -= bytes_to_copy;
294 input += bytes_to_copy;
295 ctx->unprocessed_len += bytes_to_copy;
296
297 if( ctx->unprocessed_len == block_size )
298 {
299 status = mbedtls_to_psa_error(
300 mbedtls_cipher_update( ctx,
301 ctx->unprocessed_data,
302 block_size,
303 output, &internal_output_length ) );
304
305 if( status != PSA_SUCCESS )
306 goto exit;
307
308 output += internal_output_length;
309 output_size -= internal_output_length;
310 *output_length += internal_output_length;
311 ctx->unprocessed_len = 0;
312 }
313 }
314
315 while( input_length >= block_size )
316 {
317 /* Run all full blocks we have, one by one */
318 status = mbedtls_to_psa_error(
319 mbedtls_cipher_update( ctx, input,
320 block_size,
321 output, &internal_output_length ) );
322
323 if( status != PSA_SUCCESS )
324 goto exit;
325
326 input_length -= block_size;
327 input += block_size;
328
329 output += internal_output_length;
330 output_size -= internal_output_length;
331 *output_length += internal_output_length;
332 }
333
334 if( input_length > 0 )
335 {
336 /* Save unprocessed bytes for later processing */
337 memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ),
338 input, input_length );
339 ctx->unprocessed_len += input_length;
340 }
341
342 status = PSA_SUCCESS;
343
344exit:
345 return( status );
346}
347
Ronald Cron8287e6b2021-03-12 10:35:18 +0100[diff] [blame]348static psa_status_t cipher_update( mbedtls_psa_cipher_operation_t *operation,
349 const uint8_t *input,
350 size_t input_length,
351 uint8_t *output,
352 size_t output_size,
353 size_t *output_length )
Ronald Cron6d051732020-10-01 14:10:20 +0200[diff] [blame]354{
355 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
356 size_t expected_output_size;
357
Ronald Cron6e412a72021-03-10 09:58:47 +0100[diff] [blame]358 if( ! PSA_ALG_IS_STREAM_CIPHER( operation->alg ) )
Ronald Cron6d051732020-10-01 14:10:20 +0200[diff] [blame]359 {
360 /* Take the unprocessed partial block left over from previous
361 * update calls, if any, plus the input to this call. Remove
362 * the last partial block, if any. You get the data that will be
363 * output in this call. */
364 expected_output_size =
Ronald Cron6e412a72021-03-10 09:58:47 +0100[diff] [blame]365 ( operation->cipher.unprocessed_len + input_length )
Ronald Cron6ad554c2021-03-26 09:29:09 +0100[diff] [blame]366 / operation->block_length * operation->block_length;
Ronald Cron6d051732020-10-01 14:10:20 +0200[diff] [blame]367 }
368 else
369 {
370 expected_output_size = input_length;
371 }
372
373 if( output_size < expected_output_size )
374 return( PSA_ERROR_BUFFER_TOO_SMALL );
375
Ronald Cron6e412a72021-03-10 09:58:47 +0100[diff] [blame]376 if( operation->alg == PSA_ALG_ECB_NO_PADDING )
Ronald Cron6d051732020-10-01 14:10:20 +0200[diff] [blame]377 {
378 /* mbedtls_cipher_update has an API inconsistency: it will only
379 * process a single block at a time in ECB mode. Abstract away that
380 * inconsistency here to match the PSA API behaviour. */
Ronald Cron6e412a72021-03-10 09:58:47 +0100[diff] [blame]381 status = psa_cipher_update_ecb( &operation->cipher,
Ronald Cron6d051732020-10-01 14:10:20 +0200[diff] [blame]382 input,
383 input_length,
384 output,
385 output_size,
386 output_length );
387 }
388 else
389 {
390 status = mbedtls_to_psa_error(
Ronald Cron6e412a72021-03-10 09:58:47 +0100[diff] [blame]391 mbedtls_cipher_update( &operation->cipher, input,
Ronald Cron6d051732020-10-01 14:10:20 +0200[diff] [blame]392 input_length, output, output_length ) );
393 }
394
395 return( status );
396}
397
Ronald Cron8287e6b2021-03-12 10:35:18 +0100[diff] [blame]398static psa_status_t cipher_finish( mbedtls_psa_cipher_operation_t *operation,
399 uint8_t *output,
400 size_t output_size,
401 size_t *output_length )
Ronald Cron6d051732020-10-01 14:10:20 +0200[diff] [blame]402{
403 psa_status_t status = PSA_ERROR_GENERIC_ERROR;
404 uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH];
405
Ronald Cron6e412a72021-03-10 09:58:47 +0100[diff] [blame]406 if( operation->cipher.unprocessed_len != 0 )
Ronald Cron6d051732020-10-01 14:10:20 +0200[diff] [blame]407 {
Ronald Cron6e412a72021-03-10 09:58:47 +0100[diff] [blame]408 if( operation->alg == PSA_ALG_ECB_NO_PADDING ||
409 operation->alg == PSA_ALG_CBC_NO_PADDING )
Ronald Cron6d051732020-10-01 14:10:20 +0200[diff] [blame]410 {
411 status = PSA_ERROR_INVALID_ARGUMENT;
412 goto exit;
413 }
414 }
415
416 status = mbedtls_to_psa_error(
Ronald Cron6e412a72021-03-10 09:58:47 +0100[diff] [blame]417 mbedtls_cipher_finish( &operation->cipher,
Ronald Cron6d051732020-10-01 14:10:20 +0200[diff] [blame]418 temp_output_buffer,
419 output_length ) );
420 if( status != PSA_SUCCESS )
421 goto exit;
422
423 if( *output_length == 0 )
424 ; /* Nothing to copy. Note that output may be NULL in this case. */
425 else if( output_size >= *output_length )
426 memcpy( output, temp_output_buffer, *output_length );
427 else
428 status = PSA_ERROR_BUFFER_TOO_SMALL;
429
430exit:
431 mbedtls_platform_zeroize( temp_output_buffer,
432 sizeof( temp_output_buffer ) );
433
434 return( status );
435}
436
Ronald Cron8287e6b2021-03-12 10:35:18 +0100[diff] [blame]437static psa_status_t cipher_abort( mbedtls_psa_cipher_operation_t *operation )
Ronald Cron6d051732020-10-01 14:10:20 +0200[diff] [blame]438{
Ronald Cron937dfee2021-03-10 09:17:32 +0100[diff] [blame]439 /* Sanity check (shouldn't happen: operation->alg should
440 * always have been initialized to a valid value). */
Ronald Cron6e412a72021-03-10 09:58:47 +0100[diff] [blame]441 if( ! PSA_ALG_IS_CIPHER( operation->alg ) )
Ronald Cron937dfee2021-03-10 09:17:32 +0100[diff] [blame]442 return( PSA_ERROR_BAD_STATE );
443
Ronald Cron6e412a72021-03-10 09:58:47 +0100[diff] [blame]444 mbedtls_cipher_free( &operation->cipher );
Ronald Cron6d051732020-10-01 14:10:20 +0200[diff] [blame]445
446 return( PSA_SUCCESS );
447}
Ronald Cron5d9b00d2021-03-10 14:43:20 +0100[diff] [blame]448#endif /* MBEDTLS_PSA_BUILTIN_CIPHER || PSA_CRYPTO_DRIVER_TEST */
Ronald Cron6d051732020-10-01 14:10:20 +0200[diff] [blame]449
Ronald Cron5d9b00d2021-03-10 14:43:20 +0100[diff] [blame]450#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
Ronald Cron8287e6b2021-03-12 10:35:18 +0100[diff] [blame]451psa_status_t mbedtls_psa_cipher_encrypt_setup(
452 mbedtls_psa_cipher_operation_t *operation,
453 const psa_key_attributes_t *attributes,
454 const uint8_t *key_buffer, size_t key_buffer_size,
455 psa_algorithm_t alg )
456{
457 return( cipher_encrypt_setup(
458 operation, attributes, key_buffer, key_buffer_size, alg ) );
459}
460
461psa_status_t mbedtls_psa_cipher_decrypt_setup(
462 mbedtls_psa_cipher_operation_t *operation,
463 const psa_key_attributes_t *attributes,
464 const uint8_t *key_buffer, size_t key_buffer_size,
465 psa_algorithm_t alg )
466{
467 return( cipher_decrypt_setup(
468 operation, attributes, key_buffer, key_buffer_size, alg ) );
469}
470
Ronald Cron8287e6b2021-03-12 10:35:18 +0100[diff] [blame]471psa_status_t mbedtls_psa_cipher_set_iv( mbedtls_psa_cipher_operation_t *operation,
472 const uint8_t *iv,
473 size_t iv_length )
474{
475 return( cipher_set_iv( operation, iv, iv_length ) );
476}
477
478psa_status_t mbedtls_psa_cipher_update( mbedtls_psa_cipher_operation_t *operation,
479 const uint8_t *input,
480 size_t input_length,
481 uint8_t *output,
482 size_t output_size,
483 size_t *output_length )
484{
485 return( cipher_update( operation, input, input_length,
486 output, output_size, output_length ) );
487}
488
489psa_status_t mbedtls_psa_cipher_finish( mbedtls_psa_cipher_operation_t *operation,
490 uint8_t *output,
491 size_t output_size,
492 size_t *output_length )
493{
494 return( cipher_finish( operation, output, output_size, output_length ) );
495}
496
497psa_status_t mbedtls_psa_cipher_abort( mbedtls_psa_cipher_operation_t *operation )
498{
499 return( cipher_abort( operation ) );
500}
Ronald Cron5d9b00d2021-03-10 14:43:20 +0100[diff] [blame]501#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
Ronald Cron8287e6b2021-03-12 10:35:18 +0100[diff] [blame]502
Ronald Cron3522e322021-03-12 11:08:49 +0100[diff] [blame]503/*
504 * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
505 */
506
507#if defined(PSA_CRYPTO_DRIVER_TEST)
508psa_status_t mbedtls_transparent_test_driver_cipher_encrypt_setup(
509 mbedtls_psa_cipher_operation_t *operation,
510 const psa_key_attributes_t *attributes,
511 const uint8_t *key_buffer, size_t key_buffer_size,
512 psa_algorithm_t alg )
513{
514 return( cipher_encrypt_setup(
515 operation, attributes, key_buffer, key_buffer_size, alg ) );
516}
517
518psa_status_t mbedtls_transparent_test_driver_cipher_decrypt_setup(
519 mbedtls_psa_cipher_operation_t *operation,
520 const psa_key_attributes_t *attributes,
521 const uint8_t *key_buffer, size_t key_buffer_size,
522 psa_algorithm_t alg )
523{
524 return( cipher_decrypt_setup(
525 operation, attributes, key_buffer, key_buffer_size, alg ) );
526}
527
Ronald Cron3522e322021-03-12 11:08:49 +0100[diff] [blame]528psa_status_t mbedtls_transparent_test_driver_cipher_set_iv(
529 mbedtls_psa_cipher_operation_t *operation,
530 const uint8_t *iv, size_t iv_length )
531{
532 return( cipher_set_iv( operation, iv, iv_length ) );
533}
534
535psa_status_t mbedtls_transparent_test_driver_cipher_update(
536 mbedtls_psa_cipher_operation_t *operation,
537 const uint8_t *input, size_t input_length,
538 uint8_t *output, size_t output_size, size_t *output_length )
539{
540 return( cipher_update( operation, input, input_length,
541 output, output_size, output_length ) );
542}
543
544psa_status_t mbedtls_transparent_test_driver_cipher_finish(
545 mbedtls_psa_cipher_operation_t *operation,
546 uint8_t *output, size_t output_size, size_t *output_length )
547{
548 return( cipher_finish( operation, output, output_size, output_length ) );
549}
550
551psa_status_t mbedtls_transparent_test_driver_cipher_abort(
552 mbedtls_psa_cipher_operation_t *operation )
553{
554 return( cipher_abort( operation ) );
555}
556#endif /* PSA_CRYPTO_DRIVER_TEST */
557
Ronald Cron0ff57952021-03-08 16:46:35 +0100[diff] [blame]558#endif /* MBEDTLS_PSA_CRYPTO_C */