From fd2aed4d76b908c96f96a10cadd2cbdf6cf0d62e Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Thu, 11 Jul 2019 15:47:40 +0100 Subject: [PATCH 1/2] Document cipher modes --- include/psa/crypto_values.h | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 19dc28bf42..472ad3847e 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -837,7 +837,13 @@ (((mac_alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET) #define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x02c00000) +/** The CBC-MAC construction over a block cipher + * + * \warning CBC-MAC is insecure in many cases. + * A more secure mode, such as #PSA_ALG_CMAC, is recommended. + */ #define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02c00001) +/** The CMAC construction over a block cipher */ #define PSA_ALG_CMAC ((psa_algorithm_t)0x02c00002) #define PSA_ALG_GMAC ((psa_algorithm_t)0x02c00003) @@ -897,8 +903,16 @@ */ #define PSA_ALG_CTR ((psa_algorithm_t)0x04c00001) +/** The CFB stream cipher mode. + * + * The underlying block cipher is determined by the key type. + */ #define PSA_ALG_CFB ((psa_algorithm_t)0x04c00002) +/** The OFB stream cipher mode. + * + * The underlying block cipher is determined by the key type. + */ #define PSA_ALG_OFB ((psa_algorithm_t)0x04c00003) /** The XTS cipher mode. @@ -942,10 +956,14 @@ (PSA_ALG_CATEGORY_AEAD | PSA_ALG_AEAD_FROM_BLOCK_FLAG)) /** The CCM authenticated encryption algorithm. + * + * The underlying block cipher is determined by the key type. */ #define PSA_ALG_CCM ((psa_algorithm_t)0x06401001) /** The GCM authenticated encryption algorithm. + * + * The underlying block cipher is determined by the key type. */ #define PSA_ALG_GCM ((psa_algorithm_t)0x06401002) From 2282cfa660da0470608ba93c1d4c383c96d60b06 Mon Sep 17 00:00:00 2001 From: "Adrian L. Shaw" Date: Thu, 11 Jul 2019 15:51:45 +0100 Subject: [PATCH 2/2] Remove GMAC algorithm (for now) It can't be implemented with the current version of the API --- include/psa/crypto_values.h | 1 - library/psa_crypto.c | 2 -- tests/suites/test_suite_psa_crypto_metadata.data | 12 ------------ 3 files changed, 15 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 472ad3847e..2c0acf3260 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -845,7 +845,6 @@ #define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02c00001) /** The CMAC construction over a block cipher */ #define PSA_ALG_CMAC ((psa_algorithm_t)0x02c00002) -#define PSA_ALG_GMAC ((psa_algorithm_t)0x02c00003) /** Whether the specified algorithm is a MAC algorithm based on a block cipher. * diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 2285694ee7..5245e61bf4 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2005,8 +2005,6 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( } else if( alg == PSA_ALG_CMAC ) mode = MBEDTLS_MODE_ECB; - else if( alg == PSA_ALG_GMAC ) - mode = MBEDTLS_MODE_GCM; else return( NULL ); diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index b011ad501e..f5d5a33d90 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -150,18 +150,6 @@ MAC: CMAC-3DES depends_on:MBEDTLS_DES_C:MBEDTLS_CMAC_C mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:8:PSA_KEY_TYPE_DES:192 -MAC: GMAC-AES-128 -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C -mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128 - -MAC: GMAC-AES-192 -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C -mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192 - -MAC: GMAC-AES-256 -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C -mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256 - Cipher: ARC4 depends_on:MBEDTLS_ARC4_C cipher_algorithm:PSA_ALG_ARC4:ALG_IS_STREAM_CIPHER