Add internal implementation of multipart AEAD

For the time being CCM and GCM are not entirely implemented correctly due to issues with their underlying implentations, which would be difficult to fix in 2.x, and thus require all the AD and data to be passed in in one go. Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2025-07-29 11:41:15 +03:00 · 2021-04-20 16:06:57 +01:00
parent 07a30c4c00
commit adb8b16b16
3 changed files with 1397 additions and 23 deletions
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@ -154,10 +154,32 @@ static inline struct psa_mac_operation_s psa_mac_operation_init( void )
 struct psa_aead_operation_s
 {
    psa_algorithm_t alg;
+    psa_key_type_t key_type;
+
    unsigned int key_set : 1;
    unsigned int nonce_set : 1;
+    unsigned int lengths_set : 1;
+    unsigned int is_encrypt : 1;
+    unsigned int ad_started : 1;
+    unsigned int body_started : 1;

    uint8_t tag_length;
+    uint8_t nonce_length;
+
+    size_t ad_remaining;
+    size_t body_remaining;
+
+    /* Buffers for AD/data - only required until CCM gets proper multipart
+       support. */
+    uint8_t* ad_buffer;
+    size_t ad_length;
+
+    uint8_t* data_buffer;
+    size_t data_length;
+
+    /* buffer to store Nonce - only required until CCM and GCM get proper
+       multipart support. */
+    uint8_t nonce[PSA_AEAD_NONCE_MAX_SIZE];

    union
    {
@ -175,7 +197,7 @@ struct psa_aead_operation_s
    } ctx;
 };

-#define PSA_AEAD_OPERATION_INIT {0, 0, 0, 0, {0}}
+#define PSA_AEAD_OPERATION_INIT {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, {0}, {0}}
 static inline struct psa_aead_operation_s psa_aead_operation_init( void )
 {
    const struct psa_aead_operation_s v = PSA_AEAD_OPERATION_INIT;