cipher: keep MBEDTLS_CIPHER_HAVE symbols private
This commit also improve the usage of these new symbols in
cipher_wrap code
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h
index 5153e19..bda768c 100644
--- a/include/mbedtls/cipher.h
+++ b/include/mbedtls/cipher.h
@@ -33,27 +33,6 @@
#include <stddef.h>
#include "mbedtls/platform_util.h"
-/* Support for GCM either through Mbed TLS SW implementation or PSA */
-#if defined(MBEDTLS_GCM_C) || \
- (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM))
-#define MBEDTLS_CIPHER_HAVE_GCM
-#endif
-/* Support for CCM either through Mbed TLS SW implementation or PSA */
-#if defined(MBEDTLS_CCM_C) || \
- (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM))
-#define MBEDTLS_CIPHER_HAVE_CCM
-#endif
-/* Support for CHACHAPOLY either through Mbed TLS SW implementation or PSA */
-#if defined(MBEDTLS_CHACHAPOLY_C) || \
- (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CHACHA20_POLY1305))
-#define MBEDTLS_CIPHER_HAVE_CHACHAPOLY
-#endif
-
-#if defined(MBEDTLS_CIPHER_HAVE_GCM) || defined(MBEDTLS_CIPHER_HAVE_CCM) || \
- defined(MBEDTLS_CIPHER_HAVE_CHACHAPOLY)
-#define MBEDTLS_CIPHER_MODE_AEAD
-#endif
-
#if defined(MBEDTLS_CIPHER_MODE_CBC)
#define MBEDTLS_CIPHER_MODE_WITH_PADDING
#endif
@@ -1097,7 +1076,7 @@
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen);
-#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C)
+#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD) || defined(MBEDTLS_NIST_KW_C)
/**
* \brief The authenticated encryption (AEAD/NIST_KW) function.
*
@@ -1204,7 +1183,7 @@
const unsigned char *input, size_t ilen,
unsigned char *output, size_t output_len,
size_t *olen, size_t tag_len);
-#endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */
+#endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD || MBEDTLS_NIST_KW_C */
#ifdef __cplusplus
}
#endif
diff --git a/library/cipher.c b/library/cipher.c
index 9f9f107..f17f3e0 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -1390,7 +1390,7 @@
return 0;
}
-#if defined(MBEDTLS_CIPHER_MODE_AEAD)
+#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD)
/*
* Packet-oriented encryption for AEAD modes: internal function used by
* mbedtls_cipher_auth_encrypt_ext().
@@ -1569,9 +1569,9 @@
return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
}
-#endif /* MBEDTLS_CIPHER_MODE_AEAD */
+#endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD */
-#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C)
+#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD) || defined(MBEDTLS_NIST_KW_C)
/*
* Packet-oriented encryption for AEAD/NIST_KW: public function.
*/
@@ -1607,7 +1607,7 @@
}
#endif /* MBEDTLS_NIST_KW_C */
-#if defined(MBEDTLS_CIPHER_MODE_AEAD)
+#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD)
/* AEAD case: check length before passing on to shared function */
if (output_len < ilen + tag_len) {
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
@@ -1620,7 +1620,7 @@
return ret;
#else
return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
-#endif /* MBEDTLS_CIPHER_MODE_AEAD */
+#endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD */
}
/*
@@ -1658,7 +1658,7 @@
}
#endif /* MBEDTLS_NIST_KW_C */
-#if defined(MBEDTLS_CIPHER_MODE_AEAD)
+#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD)
/* AEAD case: check length before passing on to shared function */
if (ilen < tag_len || output_len < ilen - tag_len) {
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
@@ -1669,8 +1669,8 @@
input + ilen - tag_len, tag_len);
#else
return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
-#endif /* MBEDTLS_CIPHER_MODE_AEAD */
+#endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD */
}
-#endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */
+#endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD || MBEDTLS_NIST_KW_C */
#endif /* MBEDTLS_CIPHER_C */
diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c
index 5a789ce..63b725f 100644
--- a/library/cipher_wrap.c
+++ b/library/cipher_wrap.c
@@ -80,8 +80,7 @@
#if defined(MBEDTLS_CAMELLIA_C)
MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA,
#endif
-#if (defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C)) || \
- (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM))
+#if defined(MBEDTLS_CIPHER_HAVE_CCM_AES)
MBEDTLS_CIPHER_BASE_INDEX_CCM_AES,
#endif
#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_ARIA_C)
@@ -105,8 +104,7 @@
#if defined(MBEDTLS_DES_C)
MBEDTLS_CIPHER_BASE_INDEX_DES,
#endif
-#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C)) || \
- (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM))
+#if defined(MBEDTLS_CIPHER_HAVE_GCM_AES)
MBEDTLS_CIPHER_BASE_INDEX_GCM_AES,
#endif
#if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_ARIA_C)
@@ -580,8 +578,7 @@
}
#endif /* MBEDTLS_GCM_C */
-#if defined(MBEDTLS_GCM_C) || \
- (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM))
+#if defined(MBEDTLS_CIPHER_HAVE_GCM)
static const mbedtls_cipher_base_t gcm_aes_info = {
MBEDTLS_CIPHER_ID_AES,
NULL,
@@ -615,10 +612,9 @@
NULL,
#endif /* MBEDTLS_GCM_C */
};
-#endif /* MBEDTLS_GCM_C || (MBEDTLS_USE_PSA_CRYPTO && PSA_WANT_ALG_GCM) */
+#endif /* MBEDTLS_CIPHER_HAVE_GCM */
-#if defined(MBEDTLS_GCM_C) || \
- (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM))
+#if defined(MBEDTLS_CIPHER_HAVE_GCM)
static const mbedtls_cipher_info_t aes_128_gcm_info = {
"AES-128-GCM",
16,
@@ -653,7 +649,7 @@
MBEDTLS_CIPHER_BASE_INDEX_GCM_AES
};
#endif
-#endif /* MBEDTLS_GCM_C || PSA_WANT_ALG_GCM */
+#endif /* MBEDTLS_CIPHER_HAVE_GCM */
#if defined(MBEDTLS_CCM_C)
static int ccm_aes_setkey_wrap(void *ctx, const unsigned char *key,
@@ -664,8 +660,7 @@
}
#endif /* MBEDTLS_CCM_C */
-#if defined(MBEDTLS_CCM_C) || \
- (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM))
+#if defined(MBEDTLS_CIPHER_HAVE_CCM)
static const mbedtls_cipher_base_t ccm_aes_info = {
MBEDTLS_CIPHER_ID_AES,
NULL,
@@ -699,10 +694,9 @@
NULL,
#endif
};
-#endif /* MBEDTLS_CCM_C || (MBEDTLS_USE_PSA_CRYPTO && PSA_WANT_ALG_CCM) */
+#endif /* MBEDTLS_CIPHER_HAVE_CCM */
-#if defined(MBEDTLS_CCM_C) || \
- (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM))
+#if defined(MBEDTLS_CIPHER_HAVE_CCM)
static const mbedtls_cipher_info_t aes_128_ccm_info = {
"AES-128-CCM",
16,
@@ -737,10 +731,9 @@
MBEDTLS_CIPHER_BASE_INDEX_CCM_AES
};
#endif
-#endif /* MBEDTLS_CCM_C || PSA_WANT_ALG_CCM */
+#endif /* MBEDTLS_CIPHER_HAVE_CCM */
-#if defined(MBEDTLS_CCM_C) || \
- (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM_STAR_NO_TAG))
+#if defined(MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG)
static const mbedtls_cipher_info_t aes_128_ccm_star_no_tag_info = {
"AES-128-CCM*-NO-TAG",
16,
@@ -775,7 +768,7 @@
MBEDTLS_CIPHER_BASE_INDEX_CCM_AES
};
#endif
-#endif /* MBEDTLS_CCM_C || PSA_WANT_ALG_CCM_STAR_NO_TAG */
+#endif /* MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG */
#endif /* MBEDTLS_AES_C */
@@ -2276,24 +2269,21 @@
{ MBEDTLS_CIPHER_AES_256_XTS, &aes_256_xts_info },
#endif
#endif
-#if defined(MBEDTLS_GCM_C) || \
- (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM))
+#if defined(MBEDTLS_CIPHER_HAVE_GCM)
{ MBEDTLS_CIPHER_AES_128_GCM, &aes_128_gcm_info },
#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH)
{ MBEDTLS_CIPHER_AES_192_GCM, &aes_192_gcm_info },
{ MBEDTLS_CIPHER_AES_256_GCM, &aes_256_gcm_info },
#endif
#endif
-#if defined(MBEDTLS_CCM_C) || \
- (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM))
+#if defined(MBEDTLS_CIPHER_HAVE_CCM)
{ MBEDTLS_CIPHER_AES_128_CCM, &aes_128_ccm_info },
#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH)
{ MBEDTLS_CIPHER_AES_192_CCM, &aes_192_ccm_info },
{ MBEDTLS_CIPHER_AES_256_CCM, &aes_256_ccm_info },
#endif
#endif
-#if defined(MBEDTLS_CCM_C) || \
- (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM_STAR_NO_TAG))
+#if defined(MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG)
{ MBEDTLS_CIPHER_AES_128_CCM_STAR_NO_TAG, &aes_128_ccm_star_no_tag_info },
#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH)
{ MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG, &aes_192_ccm_star_no_tag_info },
@@ -2423,8 +2413,7 @@
#if defined(MBEDTLS_CAMELLIA_C)
[MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA] = &camellia_info,
#endif
-#if (defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C)) || \
- (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM) && defined(PSA_WANT_KEY_TYPE_AES))
+#if defined(MBEDTLS_CIPHER_HAVE_CCM_AES)
[MBEDTLS_CIPHER_BASE_INDEX_CCM_AES] = &ccm_aes_info,
#endif
#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_ARIA_C)
@@ -2448,8 +2437,7 @@
#if defined(MBEDTLS_DES_C)
[MBEDTLS_CIPHER_BASE_INDEX_DES] = &des_info,
#endif
-#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C)) || \
- (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_KEY_TYPE_AES))
+#if defined(MBEDTLS_CIPHER_HAVE_GCM_AES)
[MBEDTLS_CIPHER_BASE_INDEX_GCM_AES] = &gcm_aes_info,
#endif
#if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_ARIA_C)
diff --git a/library/cipher_wrap.h b/library/cipher_wrap.h
index c85a4ef..53cf12f 100644
--- a/library/cipher_wrap.h
+++ b/library/cipher_wrap.h
@@ -36,6 +36,42 @@
extern "C" {
#endif
+/* Support for GCM either through Mbed TLS SW implementation or PSA */
+#if defined(MBEDTLS_GCM_C) || \
+ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM))
+#define MBEDTLS_CIPHER_HAVE_GCM
+#endif
+
+#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C)) || \
+ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_KEY_TYPE_AES))
+#define MBEDTLS_CIPHER_HAVE_GCM_AES
+#endif
+
+#if defined(MBEDTLS_CCM_C) || \
+ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM))
+#define MBEDTLS_CIPHER_HAVE_CCM
+#endif
+
+#if (defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C)) || \
+ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM) && defined(PSA_WANT_KEY_TYPE_AES))
+#define MBEDTLS_CIPHER_HAVE_CCM_AES
+#endif
+
+#if defined(MBEDTLS_CCM_C) || \
+ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM_STAR_NO_TAG))
+#define MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG
+#endif
+
+#if defined(MBEDTLS_CHACHAPOLY_C) || \
+ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CHACHA20_POLY1305))
+#define MBEDTLS_CIPHER_HAVE_CHACHAPOLY
+#endif
+
+#if defined(MBEDTLS_CIPHER_HAVE_GCM) || defined(MBEDTLS_CIPHER_HAVE_CCM) || \
+ defined(MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG) || defined(MBEDTLS_CIPHER_HAVE_CHACHAPOLY)
+#define MBEDTLS_CIPHER_HAVE_SOME_AEAD
+#endif
+
/**
* Base cipher information. The non-mode specific functions and values.
*/
diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function
index fdf22a9..da43fda 100644
--- a/tests/suites/test_suite_cipher.function
+++ b/tests/suites/test_suite_cipher.function
@@ -6,7 +6,7 @@
#include "mbedtls/gcm.h"
#endif
-#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C)
+#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD) || defined(MBEDTLS_NIST_KW_C)
#define MBEDTLS_CIPHER_AUTH_CRYPT
#endif