aboutsummaryrefslogtreecommitdiff
path: root/lib/mbedtls-2.27.0/library/psa_crypto_cipher.c
diff options
context:
space:
mode:
authorAdam Harrison <adamdharrison@gmail.com>2022-11-26 16:20:59 -0500
committerAdam Harrison <adamdharrison@gmail.com>2022-11-29 18:39:46 -0500
commitfc0c4ed9a3103e0e6534311923668879fc8e0875 (patch)
tree6e7723c3f45d39f06c243d9c18a3c038da948793 /lib/mbedtls-2.27.0/library/psa_crypto_cipher.c
parent3836606e2b735ba7b2dc0f580231843660587fb4 (diff)
downloadlite-xl-plugin-manager-fc0c4ed9a3103e0e6534311923668879fc8e0875.tar.gz
lite-xl-plugin-manager-fc0c4ed9a3103e0e6534311923668879fc8e0875.zip
Removed openssl, and curl, and added mbedded tls.curl-removal
Almost fully removed curl, needs more testing. Fixed most issues, now trying to cross compile. Fix? Sigh.
Diffstat (limited to 'lib/mbedtls-2.27.0/library/psa_crypto_cipher.c')
-rw-r--r--lib/mbedtls-2.27.0/library/psa_crypto_cipher.c726
1 files changed, 726 insertions, 0 deletions
diff --git a/lib/mbedtls-2.27.0/library/psa_crypto_cipher.c b/lib/mbedtls-2.27.0/library/psa_crypto_cipher.c
new file mode 100644
index 0000000..2213ad0
--- /dev/null
+++ b/lib/mbedtls-2.27.0/library/psa_crypto_cipher.c
@@ -0,0 +1,726 @@
+/*
+ * PSA cipher driver entry points
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+#include <psa_crypto_cipher.h>
+#include "psa_crypto_core.h"
+#include "psa_crypto_random_impl.h"
+
+#include "mbedtls/cipher.h"
+#include "mbedtls/error.h"
+
+#include <string.h>
+
+#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES) || \
+ ( defined(PSA_CRYPTO_DRIVER_TEST) && \
+ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES) ) )
+#define BUILTIN_KEY_TYPE_DES 1
+#endif
+
+#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \
+ ( defined(PSA_CRYPTO_DRIVER_TEST) && \
+ defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) ) )
+#define BUILTIN_ALG_CBC_NO_PADDING 1
+#endif
+
+#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7) || \
+ ( defined(PSA_CRYPTO_DRIVER_TEST) && \
+ defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7) ) )
+#define BUILTIN_ALG_CBC_PKCS7 1
+#endif
+
+#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20) || \
+ ( defined(PSA_CRYPTO_DRIVER_TEST) && \
+ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20) ) )
+#define BUILTIN_KEY_TYPE_CHACHA20 1
+#endif
+
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
+ psa_algorithm_t alg,
+ psa_key_type_t key_type,
+ size_t key_bits,
+ mbedtls_cipher_id_t* cipher_id )
+{
+ mbedtls_cipher_mode_t mode;
+ mbedtls_cipher_id_t cipher_id_tmp;
+
+ if( PSA_ALG_IS_AEAD( alg ) )
+ alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, 0 );
+
+ if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) )
+ {
+ switch( alg )
+ {
+ case PSA_ALG_STREAM_CIPHER:
+ mode = MBEDTLS_MODE_STREAM;
+ break;
+ case PSA_ALG_CTR:
+ mode = MBEDTLS_MODE_CTR;
+ break;
+ case PSA_ALG_CFB:
+ mode = MBEDTLS_MODE_CFB;
+ break;
+ case PSA_ALG_OFB:
+ mode = MBEDTLS_MODE_OFB;
+ break;
+ case PSA_ALG_ECB_NO_PADDING:
+ mode = MBEDTLS_MODE_ECB;
+ break;
+ case PSA_ALG_CBC_NO_PADDING:
+ mode = MBEDTLS_MODE_CBC;
+ break;
+ case PSA_ALG_CBC_PKCS7:
+ mode = MBEDTLS_MODE_CBC;
+ break;
+ case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 0 ):
+ mode = MBEDTLS_MODE_CCM;
+ break;
+ case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 0 ):
+ mode = MBEDTLS_MODE_GCM;
+ break;
+ case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CHACHA20_POLY1305, 0 ):
+ mode = MBEDTLS_MODE_CHACHAPOLY;
+ break;
+ default:
+ return( NULL );
+ }
+ }
+ else if( alg == PSA_ALG_CMAC )
+ mode = MBEDTLS_MODE_ECB;
+ else
+ return( NULL );
+
+ switch( key_type )
+ {
+ case PSA_KEY_TYPE_AES:
+ cipher_id_tmp = MBEDTLS_CIPHER_ID_AES;
+ break;
+ case PSA_KEY_TYPE_DES:
+ /* key_bits is 64 for Single-DES, 128 for two-key Triple-DES,
+ * and 192 for three-key Triple-DES. */
+ if( key_bits == 64 )
+ cipher_id_tmp = MBEDTLS_CIPHER_ID_DES;
+ else
+ cipher_id_tmp = MBEDTLS_CIPHER_ID_3DES;
+ /* mbedtls doesn't recognize two-key Triple-DES as an algorithm,
+ * but two-key Triple-DES is functionally three-key Triple-DES
+ * with K1=K3, so that's how we present it to mbedtls. */
+ if( key_bits == 128 )
+ key_bits = 192;
+ break;
+ case PSA_KEY_TYPE_CAMELLIA:
+ cipher_id_tmp = MBEDTLS_CIPHER_ID_CAMELLIA;
+ break;
+ case PSA_KEY_TYPE_ARC4:
+ cipher_id_tmp = MBEDTLS_CIPHER_ID_ARC4;
+ break;
+ case PSA_KEY_TYPE_CHACHA20:
+ cipher_id_tmp = MBEDTLS_CIPHER_ID_CHACHA20;
+ break;
+ default:
+ return( NULL );
+ }
+ if( cipher_id != NULL )
+ *cipher_id = cipher_id_tmp;
+
+ return( mbedtls_cipher_info_from_values( cipher_id_tmp,
+ (int) key_bits, mode ) );
+}
+
+#if defined(MBEDTLS_PSA_BUILTIN_CIPHER) || defined(PSA_CRYPTO_DRIVER_TEST)
+
+static psa_status_t cipher_setup(
+ mbedtls_psa_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg,
+ mbedtls_operation_t cipher_operation )
+{
+ int ret = 0;
+ size_t key_bits;
+ const mbedtls_cipher_info_t *cipher_info = NULL;
+ psa_key_type_t key_type = attributes->core.type;
+
+ (void)key_buffer_size;
+
+ mbedtls_cipher_init( &operation->ctx.cipher );
+
+ operation->alg = alg;
+ key_bits = attributes->core.bits;
+ cipher_info = mbedtls_cipher_info_from_psa( alg, key_type,
+ key_bits, NULL );
+ if( cipher_info == NULL )
+ return( PSA_ERROR_NOT_SUPPORTED );
+
+ ret = mbedtls_cipher_setup( &operation->ctx.cipher, cipher_info );
+ if( ret != 0 )
+ goto exit;
+
+#if defined(BUILTIN_KEY_TYPE_DES)
+ if( key_type == PSA_KEY_TYPE_DES && key_bits == 128 )
+ {
+ /* Two-key Triple-DES is 3-key Triple-DES with K1=K3 */
+ uint8_t keys[24];
+ memcpy( keys, key_buffer, 16 );
+ memcpy( keys + 16, key_buffer, 8 );
+ ret = mbedtls_cipher_setkey( &operation->ctx.cipher,
+ keys,
+ 192, cipher_operation );
+ }
+ else
+#endif
+ {
+ ret = mbedtls_cipher_setkey( &operation->ctx.cipher, key_buffer,
+ (int) key_bits, cipher_operation );
+ }
+ if( ret != 0 )
+ goto exit;
+
+#if defined(BUILTIN_ALG_CBC_NO_PADDING) || \
+ defined(BUILTIN_ALG_CBC_PKCS7)
+ switch( alg )
+ {
+ case PSA_ALG_CBC_NO_PADDING:
+ ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher,
+ MBEDTLS_PADDING_NONE );
+ break;
+ case PSA_ALG_CBC_PKCS7:
+ ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher,
+ MBEDTLS_PADDING_PKCS7 );
+ break;
+ default:
+ /* The algorithm doesn't involve padding. */
+ ret = 0;
+ break;
+ }
+ if( ret != 0 )
+ goto exit;
+#endif /* BUILTIN_ALG_CBC_NO_PADDING || BUILTIN_ALG_CBC_PKCS7 */
+
+ operation->block_length = ( PSA_ALG_IS_STREAM_CIPHER( alg ) ? 1 :
+ PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) );
+ operation->iv_length = PSA_CIPHER_IV_LENGTH( key_type, alg );
+
+exit:
+ return( mbedtls_to_psa_error( ret ) );
+}
+
+static psa_status_t cipher_encrypt_setup(
+ mbedtls_psa_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg )
+{
+ return( cipher_setup( operation, attributes,
+ key_buffer, key_buffer_size,
+ alg, MBEDTLS_ENCRYPT ) );
+}
+
+static psa_status_t cipher_decrypt_setup(
+ mbedtls_psa_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg )
+{
+ return( cipher_setup( operation, attributes,
+ key_buffer, key_buffer_size,
+ alg, MBEDTLS_DECRYPT ) );
+}
+
+static psa_status_t cipher_set_iv( mbedtls_psa_cipher_operation_t *operation,
+ const uint8_t *iv, size_t iv_length )
+{
+ if( iv_length != operation->iv_length )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ return( mbedtls_to_psa_error(
+ mbedtls_cipher_set_iv( &operation->ctx.cipher,
+ iv, iv_length ) ) );
+}
+
+/* Process input for which the algorithm is set to ECB mode. This requires
+ * manual processing, since the PSA API is defined as being able to process
+ * arbitrary-length calls to psa_cipher_update() with ECB mode, but the
+ * underlying mbedtls_cipher_update only takes full blocks. */
+static psa_status_t psa_cipher_update_ecb(
+ mbedtls_cipher_context_t *ctx,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ size_t block_size = ctx->cipher_info->block_size;
+ size_t internal_output_length = 0;
+ *output_length = 0;
+
+ if( input_length == 0 )
+ {
+ status = PSA_SUCCESS;
+ goto exit;
+ }
+
+ if( ctx->unprocessed_len > 0 )
+ {
+ /* Fill up to block size, and run the block if there's a full one. */
+ size_t bytes_to_copy = block_size - ctx->unprocessed_len;
+
+ if( input_length < bytes_to_copy )
+ bytes_to_copy = input_length;
+
+ memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ),
+ input, bytes_to_copy );
+ input_length -= bytes_to_copy;
+ input += bytes_to_copy;
+ ctx->unprocessed_len += bytes_to_copy;
+
+ if( ctx->unprocessed_len == block_size )
+ {
+ status = mbedtls_to_psa_error(
+ mbedtls_cipher_update( ctx,
+ ctx->unprocessed_data,
+ block_size,
+ output, &internal_output_length ) );
+
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ output += internal_output_length;
+ output_size -= internal_output_length;
+ *output_length += internal_output_length;
+ ctx->unprocessed_len = 0;
+ }
+ }
+
+ while( input_length >= block_size )
+ {
+ /* Run all full blocks we have, one by one */
+ status = mbedtls_to_psa_error(
+ mbedtls_cipher_update( ctx, input,
+ block_size,
+ output, &internal_output_length ) );
+
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ input_length -= block_size;
+ input += block_size;
+
+ output += internal_output_length;
+ output_size -= internal_output_length;
+ *output_length += internal_output_length;
+ }
+
+ if( input_length > 0 )
+ {
+ /* Save unprocessed bytes for later processing */
+ memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ),
+ input, input_length );
+ ctx->unprocessed_len += input_length;
+ }
+
+ status = PSA_SUCCESS;
+
+exit:
+ return( status );
+}
+
+static psa_status_t cipher_update( mbedtls_psa_cipher_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ size_t expected_output_size;
+
+ if( ! PSA_ALG_IS_STREAM_CIPHER( operation->alg ) )
+ {
+ /* Take the unprocessed partial block left over from previous
+ * update calls, if any, plus the input to this call. Remove
+ * the last partial block, if any. You get the data that will be
+ * output in this call. */
+ expected_output_size =
+ ( operation->ctx.cipher.unprocessed_len + input_length )
+ / operation->block_length * operation->block_length;
+ }
+ else
+ {
+ expected_output_size = input_length;
+ }
+
+ if( output_size < expected_output_size )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+
+ if( operation->alg == PSA_ALG_ECB_NO_PADDING )
+ {
+ /* mbedtls_cipher_update has an API inconsistency: it will only
+ * process a single block at a time in ECB mode. Abstract away that
+ * inconsistency here to match the PSA API behaviour. */
+ status = psa_cipher_update_ecb( &operation->ctx.cipher,
+ input,
+ input_length,
+ output,
+ output_size,
+ output_length );
+ }
+ else
+ {
+ status = mbedtls_to_psa_error(
+ mbedtls_cipher_update( &operation->ctx.cipher, input,
+ input_length, output, output_length ) );
+
+ if( *output_length > output_size )
+ return( PSA_ERROR_CORRUPTION_DETECTED );
+ }
+
+ return( status );
+}
+
+static psa_status_t cipher_finish( mbedtls_psa_cipher_operation_t *operation,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+ uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH];
+
+ if( operation->ctx.cipher.unprocessed_len != 0 )
+ {
+ if( operation->alg == PSA_ALG_ECB_NO_PADDING ||
+ operation->alg == PSA_ALG_CBC_NO_PADDING )
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto exit;
+ }
+ }
+
+ status = mbedtls_to_psa_error(
+ mbedtls_cipher_finish( &operation->ctx.cipher,
+ temp_output_buffer,
+ output_length ) );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ if( *output_length == 0 )
+ ; /* Nothing to copy. Note that output may be NULL in this case. */
+ else if( output_size >= *output_length )
+ memcpy( output, temp_output_buffer, *output_length );
+ else
+ status = PSA_ERROR_BUFFER_TOO_SMALL;
+
+exit:
+ mbedtls_platform_zeroize( temp_output_buffer,
+ sizeof( temp_output_buffer ) );
+
+ return( status );
+}
+
+static psa_status_t cipher_abort( mbedtls_psa_cipher_operation_t *operation )
+{
+ /* Sanity check (shouldn't happen: operation->alg should
+ * always have been initialized to a valid value). */
+ if( ! PSA_ALG_IS_CIPHER( operation->alg ) )
+ return( PSA_ERROR_BAD_STATE );
+
+ mbedtls_cipher_free( &operation->ctx.cipher );
+
+ return( PSA_SUCCESS );
+}
+
+static psa_status_t cipher_encrypt( const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT;
+ size_t olength, accumulated_length;
+
+ status = cipher_encrypt_setup( &operation, attributes,
+ key_buffer, key_buffer_size, alg );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ accumulated_length = 0;
+ if( operation.iv_length > 0 )
+ {
+ status = cipher_set_iv( &operation, output, operation.iv_length );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ accumulated_length = operation.iv_length;
+ }
+
+ status = cipher_update( &operation, input, input_length,
+ output + operation.iv_length,
+ output_size - operation.iv_length,
+ &olength );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ accumulated_length += olength;
+
+ status = cipher_finish( &operation, output + accumulated_length,
+ output_size - accumulated_length, &olength );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ *output_length = accumulated_length + olength;
+
+exit:
+ if( status == PSA_SUCCESS )
+ status = cipher_abort( &operation );
+ else
+ cipher_abort( &operation );
+ return( status );
+}
+
+static psa_status_t cipher_decrypt( const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT;
+ size_t olength, accumulated_length;
+
+ status = cipher_decrypt_setup( &operation, attributes,
+ key_buffer, key_buffer_size, alg );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ if( operation.iv_length > 0 )
+ {
+ status = cipher_set_iv( &operation, input, operation.iv_length );
+ if( status != PSA_SUCCESS )
+ goto exit;
+ }
+
+ status = cipher_update( &operation, input + operation.iv_length,
+ input_length - operation.iv_length,
+ output, output_size, &olength );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ accumulated_length = olength;
+
+ status = cipher_finish( &operation, output + accumulated_length,
+ output_size - accumulated_length, &olength );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ *output_length = accumulated_length + olength;
+
+exit:
+ if ( status == PSA_SUCCESS )
+ status = cipher_abort( &operation );
+ else
+ cipher_abort( &operation );
+ return( status );
+}
+#endif /* MBEDTLS_PSA_BUILTIN_CIPHER || PSA_CRYPTO_DRIVER_TEST */
+
+#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+psa_status_t mbedtls_psa_cipher_encrypt_setup(
+ mbedtls_psa_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg )
+{
+ return( cipher_encrypt_setup(
+ operation, attributes, key_buffer, key_buffer_size, alg ) );
+}
+
+psa_status_t mbedtls_psa_cipher_decrypt_setup(
+ mbedtls_psa_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg )
+{
+ return( cipher_decrypt_setup(
+ operation, attributes, key_buffer, key_buffer_size, alg ) );
+}
+
+psa_status_t mbedtls_psa_cipher_set_iv( mbedtls_psa_cipher_operation_t *operation,
+ const uint8_t *iv,
+ size_t iv_length )
+{
+ return( cipher_set_iv( operation, iv, iv_length ) );
+}
+
+psa_status_t mbedtls_psa_cipher_update( mbedtls_psa_cipher_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ return( cipher_update( operation, input, input_length,
+ output, output_size, output_length ) );
+}
+
+psa_status_t mbedtls_psa_cipher_finish( mbedtls_psa_cipher_operation_t *operation,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ return( cipher_finish( operation, output, output_size, output_length ) );
+}
+
+psa_status_t mbedtls_psa_cipher_abort( mbedtls_psa_cipher_operation_t *operation )
+{
+ return( cipher_abort( operation ) );
+}
+
+psa_status_t mbedtls_psa_cipher_encrypt( const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ return( cipher_encrypt( attributes, key_buffer, key_buffer_size,
+ alg, input, input_length,
+ output, output_size, output_length ) );
+}
+
+psa_status_t mbedtls_psa_cipher_decrypt( const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ return( cipher_decrypt( attributes, key_buffer, key_buffer_size,
+ alg, input, input_length,
+ output, output_size, output_length ) );
+}
+#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
+
+/*
+ * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
+ */
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+psa_status_t mbedtls_transparent_test_driver_cipher_encrypt_setup(
+ mbedtls_psa_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg )
+{
+ return( cipher_encrypt_setup(
+ operation, attributes, key_buffer, key_buffer_size, alg ) );
+}
+
+psa_status_t mbedtls_transparent_test_driver_cipher_decrypt_setup(
+ mbedtls_psa_cipher_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ psa_algorithm_t alg )
+{
+ return( cipher_decrypt_setup(
+ operation, attributes, key_buffer, key_buffer_size, alg ) );
+}
+
+psa_status_t mbedtls_transparent_test_driver_cipher_set_iv(
+ mbedtls_psa_cipher_operation_t *operation,
+ const uint8_t *iv, size_t iv_length )
+{
+ return( cipher_set_iv( operation, iv, iv_length ) );
+}
+
+psa_status_t mbedtls_transparent_test_driver_cipher_update(
+ mbedtls_psa_cipher_operation_t *operation,
+ const uint8_t *input, size_t input_length,
+ uint8_t *output, size_t output_size, size_t *output_length )
+{
+ return( cipher_update( operation, input, input_length,
+ output, output_size, output_length ) );
+}
+
+psa_status_t mbedtls_transparent_test_driver_cipher_finish(
+ mbedtls_psa_cipher_operation_t *operation,
+ uint8_t *output, size_t output_size, size_t *output_length )
+{
+ return( cipher_finish( operation, output, output_size, output_length ) );
+}
+
+psa_status_t mbedtls_transparent_test_driver_cipher_abort(
+ mbedtls_psa_cipher_operation_t *operation )
+{
+ return( cipher_abort( operation ) );
+}
+
+psa_status_t mbedtls_transparent_test_driver_cipher_encrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ return( cipher_encrypt( attributes, key_buffer, key_buffer_size,
+ alg, input, input_length,
+ output, output_size, output_length ) );
+}
+
+psa_status_t mbedtls_transparent_test_driver_cipher_decrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ return( cipher_decrypt( attributes, key_buffer, key_buffer_size,
+ alg, input, input_length,
+ output, output_size, output_length ) );
+}
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */