Merge remote-tracking branch 'upstream-crypto/development' into psa-api-1.0-beta-merge_development_20190524

Conflicts: * library/ssl_cli.c, library/ssl_tls.c: Removed on the development branch. Keep them removed. * include/psa/crypto_extra.h, library/psa_crypto_storage.c, tests/suites/test_suite_psa_crypto.data, tests/suites/test_suite_psa_crypto.function, tests/suites/test_suite_psa_crypto_persistent_key.data, tests/suites/test_suite_psa_crypto_slot_management.data, tests/suites/test_suite_psa_crypto_slot_management.function: Modified on the development branch only to implement the enrollment algorithm, which has been reimplemented on the API branch. Keep the API branch.
2025-07-28 00:21:48 +03:00 · 2019-05-29 09:57:29 +02:00
parent 6562dd32ee f479aaef9b
commit 2938268fb4
488 changed files with 1824 additions and 76113 deletions
--- a/library/cipher.c
+++ b/library/cipher.c
@ -63,6 +63,10 @@
 #include "mbedtls/psa_util.h"
 #endif /* MBEDTLS_USE_PSA_CRYPTO */

+#if defined(MBEDTLS_NIST_KW_C)
+#include "mbedtls/nist_kw.h"
+#endif
+
 #if defined(MBEDTLS_PLATFORM_C)
 #include "mbedtls/platform.h"
 #else
@ -1385,6 +1389,22 @@ int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
                                ilen, iv, ad, ad_len, input, output, tag ) );
    }
 #endif /* MBEDTLS_CHACHAPOLY_C */
+#if defined(MBEDTLS_NIST_KW_C)
+   if( MBEDTLS_MODE_KW == ctx->cipher_info->mode ||
+       MBEDTLS_MODE_KWP == ctx->cipher_info->mode )
+    {
+        mbedtls_nist_kw_mode_t mode = ( MBEDTLS_MODE_KW == ctx->cipher_info->mode ) ?
+                                        MBEDTLS_KW_MODE_KW : MBEDTLS_KW_MODE_KWP;
+
+        /* There is no iv, tag or ad associated with KW and KWP, these length should be 0 */
+        if( iv_len != 0 || tag_len != 0 || ad_len != 0 )
+        {
+            return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+        }
+
+        return( mbedtls_nist_kw_wrap( ctx->cipher_ctx, mode, input, ilen, output, olen, SIZE_MAX ) );
+    }
+#endif /* MBEDTLS_NIST_KW_C */

    return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
 }
@ -1494,6 +1514,22 @@ int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
        return( ret );
    }
 #endif /* MBEDTLS_CHACHAPOLY_C */
+#if defined(MBEDTLS_NIST_KW_C)
+    if( MBEDTLS_MODE_KW == ctx->cipher_info->mode ||
+        MBEDTLS_MODE_KWP == ctx->cipher_info->mode )
+    {
+        mbedtls_nist_kw_mode_t mode = ( MBEDTLS_MODE_KW == ctx->cipher_info->mode ) ?
+                                        MBEDTLS_KW_MODE_KW : MBEDTLS_KW_MODE_KWP;
+
+        /* There is no iv, tag or ad associated with KW and KWP, these length should be 0 */
+        if( iv_len != 0 || tag_len != 0 || ad_len != 0 )
+        {
+            return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+        }
+
+        return( mbedtls_nist_kw_unwrap( ctx->cipher_ctx, mode, input, ilen, output, olen, SIZE_MAX ) );
+    }
+#endif /* MBEDTLS_NIST_KW_C */

    return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
 }