diff --git a/library/psa_crypto.c b/library/psa_crypto.c index d100eb1fc..910de1f03 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3146,7 +3146,7 @@ static void psa_aead_abort( aead_operation_t *operation ) mbedtls_ccm_free( &operation->ctx.ccm ); break; #endif /* MBEDTLS_CCM_C */ -#if defined(MBEDTLS_CCM_C) +#if defined(MBEDTLS_GCM_C) case PSA_ALG_GCM: mbedtls_gcm_free( &operation->ctx.gcm ); break; @@ -3259,6 +3259,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, } tag = ciphertext + plaintext_length; +#if defined(MBEDTLS_GCM_C) if( operation.core_alg == PSA_ALG_GCM ) { status = mbedtls_to_psa_error( @@ -3270,7 +3271,10 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, plaintext, ciphertext, operation.tag_length, tag ) ); } - else if( operation.core_alg == PSA_ALG_CCM ) + else +#endif /* MBEDTLS_GCM_C */ +#if defined(MBEDTLS_CCM_C) + if( operation.core_alg == PSA_ALG_CCM ) { status = mbedtls_to_psa_error( mbedtls_ccm_encrypt_and_tag( &operation.ctx.ccm, @@ -3282,6 +3286,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, tag, operation.tag_length ) ); } else +#endif /* MBEDTLS_CCM_C */ { return( PSA_ERROR_NOT_SUPPORTED ); } @@ -3339,6 +3344,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, if( status != PSA_SUCCESS ) return( status ); +#if defined(MBEDTLS_GCM_C) if( operation.core_alg == PSA_ALG_GCM ) { status = psa_aead_unpadded_locate_tag( operation.tag_length, @@ -3356,7 +3362,10 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, tag, operation.tag_length, ciphertext, plaintext ) ); } - else if( operation.core_alg == PSA_ALG_CCM ) + else +#endif /* MBEDTLS_GCM_C */ +#if defined(MBEDTLS_CCM_C) + if( operation.core_alg == PSA_ALG_CCM ) { status = psa_aead_unpadded_locate_tag( operation.tag_length, ciphertext, ciphertext_length, @@ -3374,6 +3383,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, tag, operation.tag_length ) ); } else +#endif /* MBEDTLS_CCM_C */ { return( PSA_ERROR_NOT_SUPPORTED ); } diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index e1c1b0545..6087412be 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1770,19 +1770,19 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_SUCCESS PSA generate key: AES, 128 bits, GCM -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_GCM:PSA_SUCCESS PSA generate key: DES, 64 bits, CBC-nopad -depends_on:MBEDTLS_DES_C +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS PSA generate key: DES, 128 bits, CBC-nopad -depends_on:MBEDTLS_DES_C +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC generate_key:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS PSA generate key: DES, 192 bits, CBC-nopad -depends_on:MBEDTLS_DES_C +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC generate_key:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS PSA generate key: invalid key size: AES, 64 bits