cipher: keep MBEDTLS_CIPHER_HAVE symbols private This commit also improve the usage of these new symbols in cipher_wrap code Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

commit: db1ca8fc3344df9c5b065ea0247d2df7a65ee539 [log] [tgz]
author: Valerio Setti <valerio.setti@nordicsemi.no> Wed Oct 11 12:46:16 2023 +0200
committer: Valerio Setti <valerio.setti@nordicsemi.no> Thu Oct 12 10:39:54 2023 +0200
tree: 4e1c83b50c1c7700a26e2fa4c5d2ae646635c40d
parent: e570704f1fa834a5fc408cd0efad31613655b164 [diff]
diff --git a/library/cipher.c b/library/cipher.c
index 9f9f107..f17f3e0 100644
--- a/library/cipher.c
+++ b/library/cipher.c

@@ -1390,7 +1390,7 @@
     return 0;
 }
 
-#if defined(MBEDTLS_CIPHER_MODE_AEAD)
+#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD)
 /*
  * Packet-oriented encryption for AEAD modes: internal function used by
  * mbedtls_cipher_auth_encrypt_ext().
@@ -1569,9 +1569,9 @@
 
     return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
 }
-#endif /* MBEDTLS_CIPHER_MODE_AEAD */
+#endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD */
 
-#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C)
+#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD) || defined(MBEDTLS_NIST_KW_C)
 /*
  * Packet-oriented encryption for AEAD/NIST_KW: public function.
  */
@@ -1607,7 +1607,7 @@
     }
 #endif /* MBEDTLS_NIST_KW_C */
 
-#if defined(MBEDTLS_CIPHER_MODE_AEAD)
+#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD)
     /* AEAD case: check length before passing on to shared function */
     if (output_len < ilen + tag_len) {
         return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
@@ -1620,7 +1620,7 @@
     return ret;
 #else
     return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
-#endif /* MBEDTLS_CIPHER_MODE_AEAD */
+#endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD */
 }
 
 /*
@@ -1658,7 +1658,7 @@
     }
 #endif /* MBEDTLS_NIST_KW_C */
 
-#if defined(MBEDTLS_CIPHER_MODE_AEAD)
+#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD)
     /* AEAD case: check length before passing on to shared function */
     if (ilen < tag_len || output_len < ilen - tag_len) {
         return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
@@ -1669,8 +1669,8 @@
                                        input + ilen - tag_len, tag_len);
 #else
     return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
-#endif /* MBEDTLS_CIPHER_MODE_AEAD */
+#endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD */
 }
-#endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */
+#endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD || MBEDTLS_NIST_KW_C */
 
 #endif /* MBEDTLS_CIPHER_C */

diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c
index 5a789ce..63b725f 100644
--- a/library/cipher_wrap.c
+++ b/library/cipher_wrap.c

@@ -80,8 +80,7 @@
 #if defined(MBEDTLS_CAMELLIA_C)
     MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA,
 #endif
-#if (defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C)) || \
-    (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM))
+#if defined(MBEDTLS_CIPHER_HAVE_CCM_AES)
     MBEDTLS_CIPHER_BASE_INDEX_CCM_AES,
 #endif
 #if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_ARIA_C)
@@ -105,8 +104,7 @@
 #if defined(MBEDTLS_DES_C)
     MBEDTLS_CIPHER_BASE_INDEX_DES,
 #endif
-#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C)) || \
-    (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM))
+#if defined(MBEDTLS_CIPHER_HAVE_GCM_AES)
     MBEDTLS_CIPHER_BASE_INDEX_GCM_AES,
 #endif
 #if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_ARIA_C)
@@ -580,8 +578,7 @@
 }
 #endif /* MBEDTLS_GCM_C */
 
-#if defined(MBEDTLS_GCM_C) || \
-    (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM))
+#if defined(MBEDTLS_CIPHER_HAVE_GCM)
 static const mbedtls_cipher_base_t gcm_aes_info = {
     MBEDTLS_CIPHER_ID_AES,
     NULL,
@@ -615,10 +612,9 @@
     NULL,
 #endif /* MBEDTLS_GCM_C */
 };
-#endif /* MBEDTLS_GCM_C || (MBEDTLS_USE_PSA_CRYPTO && PSA_WANT_ALG_GCM) */
+#endif /* MBEDTLS_CIPHER_HAVE_GCM */
 
-#if defined(MBEDTLS_GCM_C) || \
-    (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM))
+#if defined(MBEDTLS_CIPHER_HAVE_GCM)
 static const mbedtls_cipher_info_t aes_128_gcm_info = {
     "AES-128-GCM",
     16,
@@ -653,7 +649,7 @@
     MBEDTLS_CIPHER_BASE_INDEX_GCM_AES
 };
 #endif
-#endif /* MBEDTLS_GCM_C || PSA_WANT_ALG_GCM */
+#endif /* MBEDTLS_CIPHER_HAVE_GCM */
 
 #if defined(MBEDTLS_CCM_C)
 static int ccm_aes_setkey_wrap(void *ctx, const unsigned char *key,
@@ -664,8 +660,7 @@
 }
 #endif /* MBEDTLS_CCM_C */
 
-#if defined(MBEDTLS_CCM_C) || \
-    (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM))
+#if defined(MBEDTLS_CIPHER_HAVE_CCM)
 static const mbedtls_cipher_base_t ccm_aes_info = {
     MBEDTLS_CIPHER_ID_AES,
     NULL,
@@ -699,10 +694,9 @@
     NULL,
 #endif
 };
-#endif /* MBEDTLS_CCM_C || (MBEDTLS_USE_PSA_CRYPTO && PSA_WANT_ALG_CCM) */
+#endif /* MBEDTLS_CIPHER_HAVE_CCM */
 
-#if defined(MBEDTLS_CCM_C) || \
-    (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM))
+#if defined(MBEDTLS_CIPHER_HAVE_CCM)
 static const mbedtls_cipher_info_t aes_128_ccm_info = {
     "AES-128-CCM",
     16,
@@ -737,10 +731,9 @@
     MBEDTLS_CIPHER_BASE_INDEX_CCM_AES
 };
 #endif
-#endif /* MBEDTLS_CCM_C || PSA_WANT_ALG_CCM */
+#endif /* MBEDTLS_CIPHER_HAVE_CCM */
 
-#if defined(MBEDTLS_CCM_C) || \
-    (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM_STAR_NO_TAG))
+#if defined(MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG)
 static const mbedtls_cipher_info_t aes_128_ccm_star_no_tag_info = {
     "AES-128-CCM*-NO-TAG",
     16,
@@ -775,7 +768,7 @@
     MBEDTLS_CIPHER_BASE_INDEX_CCM_AES
 };
 #endif
-#endif /* MBEDTLS_CCM_C || PSA_WANT_ALG_CCM_STAR_NO_TAG */
+#endif /* MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG */
 
 #endif /* MBEDTLS_AES_C */
 
@@ -2276,24 +2269,21 @@
     { MBEDTLS_CIPHER_AES_256_XTS,          &aes_256_xts_info },
 #endif
 #endif
-#if defined(MBEDTLS_GCM_C) || \
-    (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM))
+#if defined(MBEDTLS_CIPHER_HAVE_GCM)
     { MBEDTLS_CIPHER_AES_128_GCM,          &aes_128_gcm_info },
 #if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH)
     { MBEDTLS_CIPHER_AES_192_GCM,          &aes_192_gcm_info },
     { MBEDTLS_CIPHER_AES_256_GCM,          &aes_256_gcm_info },
 #endif
 #endif
-#if defined(MBEDTLS_CCM_C) || \
-    (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM))
+#if defined(MBEDTLS_CIPHER_HAVE_CCM)
     { MBEDTLS_CIPHER_AES_128_CCM,          &aes_128_ccm_info },
 #if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH)
     { MBEDTLS_CIPHER_AES_192_CCM,          &aes_192_ccm_info },
     { MBEDTLS_CIPHER_AES_256_CCM,          &aes_256_ccm_info },
 #endif
 #endif
-#if defined(MBEDTLS_CCM_C) || \
-    (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM_STAR_NO_TAG))
+#if defined(MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG)
     { MBEDTLS_CIPHER_AES_128_CCM_STAR_NO_TAG,          &aes_128_ccm_star_no_tag_info },
 #if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH)
     { MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG,          &aes_192_ccm_star_no_tag_info },
@@ -2423,8 +2413,7 @@
 #if defined(MBEDTLS_CAMELLIA_C)
     [MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA] = &camellia_info,
 #endif
-#if (defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C)) || \
-    (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM) && defined(PSA_WANT_KEY_TYPE_AES))
+#if defined(MBEDTLS_CIPHER_HAVE_CCM_AES)
     [MBEDTLS_CIPHER_BASE_INDEX_CCM_AES] = &ccm_aes_info,
 #endif
 #if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_ARIA_C)
@@ -2448,8 +2437,7 @@
 #if defined(MBEDTLS_DES_C)
     [MBEDTLS_CIPHER_BASE_INDEX_DES] = &des_info,
 #endif
-#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C)) || \
-    (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_KEY_TYPE_AES))
+#if defined(MBEDTLS_CIPHER_HAVE_GCM_AES)
     [MBEDTLS_CIPHER_BASE_INDEX_GCM_AES] = &gcm_aes_info,
 #endif
 #if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_ARIA_C)

diff --git a/library/cipher_wrap.h b/library/cipher_wrap.h
index c85a4ef..53cf12f 100644
--- a/library/cipher_wrap.h
+++ b/library/cipher_wrap.h

@@ -36,6 +36,42 @@
 extern "C" {
 #endif
 
+/* Support for GCM either through Mbed TLS SW implementation or PSA */
+#if defined(MBEDTLS_GCM_C) || \
+    (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM))
+#define MBEDTLS_CIPHER_HAVE_GCM
+#endif
+
+#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C)) || \
+    (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_KEY_TYPE_AES))
+#define MBEDTLS_CIPHER_HAVE_GCM_AES
+#endif
+
+#if defined(MBEDTLS_CCM_C) || \
+    (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM))
+#define MBEDTLS_CIPHER_HAVE_CCM
+#endif
+
+#if (defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C)) || \
+    (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM) && defined(PSA_WANT_KEY_TYPE_AES))
+#define MBEDTLS_CIPHER_HAVE_CCM_AES
+#endif
+
+#if defined(MBEDTLS_CCM_C) || \
+    (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM_STAR_NO_TAG))
+#define MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG
+#endif
+
+#if defined(MBEDTLS_CHACHAPOLY_C) || \
+    (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CHACHA20_POLY1305))
+#define MBEDTLS_CIPHER_HAVE_CHACHAPOLY
+#endif
+
+#if defined(MBEDTLS_CIPHER_HAVE_GCM) || defined(MBEDTLS_CIPHER_HAVE_CCM) || \
+    defined(MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG) || defined(MBEDTLS_CIPHER_HAVE_CHACHAPOLY)
+#define MBEDTLS_CIPHER_HAVE_SOME_AEAD
+#endif
+
 /**
  * Base cipher information. The non-mode specific functions and values.
  */
commit	db1ca8fc3344df9c5b065ea0247d2df7a65ee539	[log] [tgz]
author	Valerio Setti <valerio.setti@nordicsemi.no>	Wed Oct 11 12:46:16 2023 +0200
committer	Valerio Setti <valerio.setti@nordicsemi.no>	Thu Oct 12 10:39:54 2023 +0200
tree	4e1c83b50c1c7700a26e2fa4c5d2ae646635c40d
parent	e570704f1fa834a5fc408cd0efad31613655b164 [diff]