Merge pull request #5246 from adeaarm/development
Align function parameter names for mbedtls_set_key_owner_id
diff --git a/ChangeLog.d/additional_cipher_info_getters.txt b/ChangeLog.d/additional_cipher_info_getters.txt
new file mode 100644
index 0000000..5cb1ad6
--- /dev/null
+++ b/ChangeLog.d/additional_cipher_info_getters.txt
@@ -0,0 +1,3 @@
+Features
+ * Add functions to get the IV and block size from cipher_info structs.
+ * Add functions to check if a cipher supports variable IV or key size.
diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h
index 892771e..c04097d 100644
--- a/include/mbedtls/cipher.h
+++ b/include/mbedtls/cipher.h
@@ -508,6 +508,80 @@
}
/**
+ * \brief This function returns the size of the IV or nonce
+ * for the cipher info structure, in bytes.
+ *
+ * \param info The cipher info structure. This may be \c NULL.
+ *
+ * \return The recommended IV size.
+ * \return \c 0 for ciphers not using an IV or a nonce.
+ * \return \c 0 if \p info is \c NULL.
+ */
+static inline size_t mbedtls_cipher_info_get_iv_size(
+ const mbedtls_cipher_info_t *info )
+{
+ if( info == NULL )
+ return( 0 );
+
+ return( (size_t) info->MBEDTLS_PRIVATE(iv_size) );
+}
+
+/**
+ * \brief This function returns the block size of the given
+ * cipher info structure in bytes.
+ *
+ * \param info The cipher info structure. This may be \c NULL.
+ *
+ * \return The block size of the cipher.
+ * \return \c 1 if the cipher is a stream cipher.
+ * \return \c 0 if \p info is \c NULL.
+ */
+static inline size_t mbedtls_cipher_info_get_block_size(
+ const mbedtls_cipher_info_t *info )
+{
+ if( info == NULL )
+ return( 0 );
+
+ return( (size_t) info->MBEDTLS_PRIVATE(block_size) );
+}
+
+/**
+ * \brief This function returns a non-zero value if the key length for
+ * the given cipher is variable.
+ *
+ * \param info The cipher info structure. This may be \c NULL.
+ *
+ * \return Non-zero if the key length is variable, \c 0 otherwise.
+ * \return \c 0 if the given pointer is \c NULL.
+ */
+static inline int mbedtls_cipher_info_has_variable_key_bitlen(
+ const mbedtls_cipher_info_t *info )
+{
+ if( info == NULL )
+ return( 0 );
+
+ return( info->MBEDTLS_PRIVATE(flags) & MBEDTLS_CIPHER_VARIABLE_KEY_LEN );
+}
+
+/**
+ * \brief This function returns a non-zero value if the IV size for
+ * the given cipher is variable.
+ *
+ * \param info The cipher info structure. This may be \c NULL.
+ *
+ * \return Non-zero if the IV size is variable, \c 0 otherwise.
+ * \return \c 0 if the given pointer is \c NULL.
+ */
+static inline int mbedtls_cipher_info_has_variable_iv_size(
+ const mbedtls_cipher_info_t *info )
+{
+ if( info == NULL )
+ return( 0 );
+
+ return( info->MBEDTLS_PRIVATE(flags) & MBEDTLS_CIPHER_VARIABLE_IV_LEN );
+}
+
+/**
* \brief This function initializes a \p cipher_context as NONE.
*
* \param ctx The context to be initialized. This must not be \c NULL.
@@ -583,11 +657,13 @@
#endif /* MBEDTLS_USE_PSA_CRYPTO */
/**
- * \brief This function returns the block size of the given cipher.
+ * \brief This function returns the block size of the given cipher
+ * in bytes.
*
- * \param ctx The context of the cipher. This must be initialized.
+ * \param ctx The context of the cipher.
*
* \return The block size of the underlying cipher.
+ * \return \c 1 if the cipher is a stream cipher.
* \return \c 0 if \p ctx has not been initialized.
*/
static inline unsigned int mbedtls_cipher_get_block_size(
diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function
index e496856..2efc434 100644
--- a/tests/suites/test_suite_cipher.function
+++ b/tests/suites/test_suite_cipher.function
@@ -18,7 +18,7 @@
static int check_cipher_info( mbedtls_cipher_type_t type,
const mbedtls_cipher_info_t *info )
{
- size_t key_bitlen;
+ size_t key_bitlen, block_size, iv_size;
TEST_ASSERT( info != NULL );
TEST_EQUAL( type, mbedtls_cipher_info_get_type( info ) );
@@ -33,8 +33,14 @@
TEST_ASSERT( mbedtls_cipher_info_from_string( info->name ) == info );
key_bitlen = mbedtls_cipher_info_get_key_bitlen( info );
+ block_size = mbedtls_cipher_info_get_block_size( info );
+ iv_size = mbedtls_cipher_info_get_iv_size( info );
if( info->type == MBEDTLS_CIPHER_NULL )
+ {
TEST_ASSERT( key_bitlen == 0 );
+ TEST_ASSERT( block_size == 1 );
+ TEST_ASSERT( iv_size == 0 );
+ }
else if( info->mode == MBEDTLS_MODE_XTS )
{
TEST_ASSERT( key_bitlen == 256 ||
@@ -44,14 +50,28 @@
else if( ! strncmp( info->name, "DES-EDE3-", 9 ) )
{
TEST_ASSERT( key_bitlen == 192 );
+ TEST_ASSERT( ! mbedtls_cipher_info_has_variable_key_bitlen( info ) );
+ TEST_ASSERT( block_size == 8 );
}
else if( ! strncmp( info->name, "DES-EDE-", 8 ) )
{
TEST_ASSERT( key_bitlen == 128 );
+ TEST_ASSERT( ! mbedtls_cipher_info_has_variable_key_bitlen( info ) );
+ TEST_ASSERT( block_size == 8 );
}
else if( ! strncmp( info->name, "DES-", 4 ) )
{
TEST_ASSERT( key_bitlen == 64 );
+ TEST_ASSERT( ! mbedtls_cipher_info_has_variable_key_bitlen( info ) );
+ TEST_ASSERT( block_size == 8 );
+ }
+ else if( ! strncmp( info->name, "AES", 3 ) )
+ {
+ TEST_ASSERT( key_bitlen == 128 ||
+ key_bitlen == 192 ||
+ key_bitlen == 256 );
+ TEST_ASSERT( ! mbedtls_cipher_info_has_variable_key_bitlen( info ) );
+ TEST_ASSERT( block_size == 16 );
}
else
{
@@ -60,6 +80,23 @@
key_bitlen == 256 );
}
+ if( strstr( info->name, "-ECB" ) != NULL )
+ {
+ TEST_ASSERT( iv_size == 0 );
+ TEST_ASSERT( ! mbedtls_cipher_info_has_variable_iv_size( info ) );
+ }
+ else if( strstr( info->name, "-CBC" ) != NULL ||
+ strstr( info->name, "-CTR" ) != NULL )
+ {
+ TEST_ASSERT( iv_size == block_size );
+ TEST_ASSERT( ! mbedtls_cipher_info_has_variable_iv_size( info ) );
+ }
+ else if( strstr( info->name, "-GCM" ) != NULL )
+ {
+ TEST_ASSERT( iv_size == block_size - 4 );
+ TEST_ASSERT( mbedtls_cipher_info_has_variable_iv_size( info ) );
+ }
+
return( 1 );
exit: