Merge pull request #167 from adrianlshaw/document_algorithms2

Documented some algorithms
2019-07-12 11:03:40 +02:00 · 2019-07-12 11:03:40 +02:00 · 1168ef947b
commit 1168ef947b
parent 93fe3a1a8f 2282cfa660
3 changed files with 18 additions and 15 deletions
--- a/include/psa/crypto_values.h
+++ b/include/psa/crypto_values.h
@ -837,9 +837,14 @@
    (((mac_alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET)

 #define PSA_ALG_CIPHER_MAC_BASE                 ((psa_algorithm_t)0x02c00000)
+/** The CBC-MAC construction over a block cipher
+ *
+ * \warning CBC-MAC is insecure in many cases.
+ * A more secure mode, such as #PSA_ALG_CMAC, is recommended.
+ */
 #define PSA_ALG_CBC_MAC                         ((psa_algorithm_t)0x02c00001)
+/** The CMAC construction over a block cipher */
 #define PSA_ALG_CMAC                            ((psa_algorithm_t)0x02c00002)
-#define PSA_ALG_GMAC                            ((psa_algorithm_t)0x02c00003)

 /** Whether the specified algorithm is a MAC algorithm based on a block cipher.
 *
@ -897,8 +902,16 @@
 */
 #define PSA_ALG_CTR                             ((psa_algorithm_t)0x04c00001)

+/** The CFB stream cipher mode.
+ *
+ * The underlying block cipher is determined by the key type.
+ */
 #define PSA_ALG_CFB                             ((psa_algorithm_t)0x04c00002)

+/** The OFB stream cipher mode.
+ *
+ * The underlying block cipher is determined by the key type.
+ */
 #define PSA_ALG_OFB                             ((psa_algorithm_t)0x04c00003)

 /** The XTS cipher mode.
@ -942,10 +955,14 @@
     (PSA_ALG_CATEGORY_AEAD | PSA_ALG_AEAD_FROM_BLOCK_FLAG))

 /** The CCM authenticated encryption algorithm.
+ *
+ * The underlying block cipher is determined by the key type.
 */
 #define PSA_ALG_CCM                             ((psa_algorithm_t)0x06401001)

 /** The GCM authenticated encryption algorithm.
+ *
+ * The underlying block cipher is determined by the key type.
 */
 #define PSA_ALG_GCM                             ((psa_algorithm_t)0x06401002)

--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@ -2005,8 +2005,6 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
    }
    else if( alg == PSA_ALG_CMAC )
        mode = MBEDTLS_MODE_ECB;
-    else if( alg == PSA_ALG_GMAC )
-        mode = MBEDTLS_MODE_GCM;
    else
        return( NULL );

--- a/tests/suites/test_suite_psa_crypto_metadata.data
+++ b/tests/suites/test_suite_psa_crypto_metadata.data
@ -150,18 +150,6 @@ MAC: CMAC-3DES
 depends_on:MBEDTLS_DES_C:MBEDTLS_CMAC_C
 mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:8:PSA_KEY_TYPE_DES:192

-MAC: GMAC-AES-128
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128
-
-MAC: GMAC-AES-192
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192
-
-MAC: GMAC-AES-256
-depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256
-
 Cipher: ARC4
 depends_on:MBEDTLS_ARC4_C
 cipher_algorithm:PSA_ALG_ARC4:ALG_IS_STREAM_CIPHER