Fix dependencies: GCM != AEAD != CCM
diff --git a/include/polarssl/cipher.h b/include/polarssl/cipher.h
index 5153461..84993f7 100644
--- a/include/polarssl/cipher.h
+++ b/include/polarssl/cipher.h
@@ -36,7 +36,7 @@
#include POLARSSL_CONFIG_FILE
#endif
-#if defined(POLARSSL_GCM_C)
+#if defined(POLARSSL_GCM_C) || defined(POLARSSL_CCM_C)
#define POLARSSL_CIPHER_MODE_AEAD
#endif
@@ -534,25 +534,21 @@
*/
int cipher_reset( cipher_context_t *ctx );
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
/**
* \brief Add additional data (for AEAD ciphers).
- * This function has no effect for non-AEAD ciphers.
- * For AEAD ciphers, it may or may not be called
- * repeatedly, and/or interleaved with calls to
- * cipher_udpate(), depending on the cipher.
- * E.g. for GCM is must be called exactly once, right
- * after cipher_reset().
+ * Currently only supported with GCM.
+ * Must be called exactly once, after cipher_reset().
*
* \param ctx generic cipher context
* \param ad Additional data to use.
* \param ad_len Length of ad.
*
- * \returns 0 on success, or a specific error code.
+ * \return 0 on success, or a specific error code.
*/
int cipher_update_ad( cipher_context_t *ctx,
const unsigned char *ad, size_t ad_len );
-#endif /* POLARSSL_CIPHER_MODE_AEAD */
+#endif /* POLARSSL_GCM_C */
/**
* \brief Generic cipher update function. Encrypts/decrypts
@@ -606,10 +602,10 @@
int cipher_finish( cipher_context_t *ctx,
unsigned char *output, size_t *olen );
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
/**
* \brief Write tag for AEAD ciphers.
- * No effect for other ciphers.
+ * Currently only supported with GCM.
* Must be called after cipher_finish().
*
* \param ctx Generic cipher context
@@ -623,9 +619,8 @@
/**
* \brief Check tag for AEAD ciphers.
- * No effect for other ciphers.
- * Calling time depends on the cipher:
- * for GCM, must be called after cipher_finish().
+ * Currently only supported with GCM.
+ * Must be called after cipher_finish().
*
* \param ctx Generic cipher context
* \param tag Buffer holding the tag
@@ -635,7 +630,7 @@
*/
int cipher_check_tag( cipher_context_t *ctx,
const unsigned char *tag, size_t tag_len );
-#endif /* POLARSSL_CIPHER_MODE_AEAD */
+#endif /* POLARSSL_GCM_C */
/**
* \brief Generic all-in-one encryption/decryption
diff --git a/library/cipher.c b/library/cipher.c
index 558c4b3..16acd80 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -234,24 +234,22 @@
return( 0 );
}
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
int cipher_update_ad( cipher_context_t *ctx,
const unsigned char *ad, size_t ad_len )
{
if( NULL == ctx || NULL == ctx->cipher_info )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
-#if defined(POLARSSL_GCM_C)
if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
{
return gcm_starts( (gcm_context *) ctx->cipher_ctx, ctx->operation,
ctx->iv, ctx->iv_size, ad, ad_len );
}
-#endif
return( 0 );
}
-#endif /* POLARSSL_CIPHER_MODE_AEAD */
+#endif /* POLARSSL_GCM_C */
int cipher_update( cipher_context_t *ctx, const unsigned char *input,
size_t ilen, unsigned char *output, size_t *olen )
@@ -724,7 +722,7 @@
}
#endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
int cipher_write_tag( cipher_context_t *ctx,
unsigned char *tag, size_t tag_len )
{
@@ -734,10 +732,8 @@
if( POLARSSL_ENCRYPT != ctx->operation )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
-#if defined(POLARSSL_GCM_C)
if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
return gcm_finish( (gcm_context *) ctx->cipher_ctx, tag, tag_len );
-#endif
return( 0 );
}
@@ -753,7 +749,6 @@
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
}
-#if defined(POLARSSL_GCM_C)
if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
{
unsigned char check_tag[16];
@@ -778,11 +773,10 @@
return( 0 );
}
-#endif /* POLARSSL_GCM_C */
return( 0 );
}
-#endif /* POLARSSL_CIPHER_MODE_AEAD */
+#endif /* POLARSSL_GCM_C */
/*
* Packet-oriented wrapper for non-AEAD modes
diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function
index 09ae2e0..7c9c76d 100644
--- a/tests/suites/test_suite_cipher.function
+++ b/tests/suites/test_suite_cipher.function
@@ -60,7 +60,7 @@
TEST_ASSERT( cipher_reset( NULL ) == POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
TEST_ASSERT( cipher_reset( &ctx ) == POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
TEST_ASSERT( cipher_update_ad( NULL, buf, 0 )
== POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
TEST_ASSERT( cipher_update_ad( &ctx, buf, 0 )
@@ -77,7 +77,7 @@
TEST_ASSERT( cipher_finish( &ctx, buf, &olen )
== POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
TEST_ASSERT( cipher_write_tag( NULL, buf, olen )
== POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
TEST_ASSERT( cipher_write_tag( &ctx, buf, olen )
@@ -157,10 +157,10 @@
TEST_ASSERT( 0 == cipher_reset( &ctx_dec ) );
TEST_ASSERT( 0 == cipher_reset( &ctx_enc ) );
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
TEST_ASSERT( 0 == cipher_update_ad( &ctx_dec, ad, sizeof( ad ) - i ) );
TEST_ASSERT( 0 == cipher_update_ad( &ctx_enc, ad, sizeof( ad ) - i ) );
-#endif /* POLARSSL_CIPHER_MODE_AEAD */
+#endif
/* encode length number of bytes from inbuf */
TEST_ASSERT( 0 == cipher_update( &ctx_enc, inbuf, length, encbuf, &outlen ) );
@@ -174,9 +174,9 @@
TEST_ASSERT( 0 == cipher_finish( &ctx_enc, encbuf + outlen, &outlen ) );
total_len += outlen;
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
TEST_ASSERT( 0 == cipher_write_tag( &ctx_enc, tag, sizeof( tag ) ) );
-#endif /* POLARSSL_CIPHER_MODE_AEAD */
+#endif
TEST_ASSERT( total_len == length ||
( total_len % cipher_get_block_size( &ctx_enc ) == 0 &&
@@ -195,9 +195,9 @@
TEST_ASSERT( 0 == cipher_finish( &ctx_dec, decbuf + outlen, &outlen ) );
total_len += outlen;
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
TEST_ASSERT( 0 == cipher_check_tag( &ctx_dec, tag, sizeof( tag ) ) );
-#endif /* POLARSSL_CIPHER_MODE_AEAD */
+#endif
/* check result */
TEST_ASSERT( total_len == length );
@@ -250,9 +250,9 @@
#endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */
TEST_ASSERT( 0 == cipher_set_iv( &ctx, iv, 16 ) );
TEST_ASSERT( 0 == cipher_reset( &ctx ) );
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
TEST_ASSERT( 0 == cipher_update_ad( &ctx, NULL, 0 ) );
-#endif /* POLARSSL_CIPHER_MODE_AEAD */
+#endif
/* encode length number of bytes from inbuf */
TEST_ASSERT( 0 == cipher_update( &ctx, inbuf, length, encbuf, &outlen ) );
@@ -297,9 +297,9 @@
TEST_ASSERT( 0 == cipher_reset( &ctx_dec ) );
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
TEST_ASSERT( 0 == cipher_update_ad( &ctx_dec, NULL, 0 ) );
-#endif /* POLARSSL_CIPHER_MODE_AEAD */
+#endif
/* decode 0-byte string */
TEST_ASSERT( 0 == cipher_update( &ctx_dec, encbuf, 0, decbuf, &outlen ) );
@@ -359,10 +359,10 @@
TEST_ASSERT( 0 == cipher_reset( &ctx_dec ) );
TEST_ASSERT( 0 == cipher_reset( &ctx_enc ) );
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
TEST_ASSERT( 0 == cipher_update_ad( &ctx_dec, NULL, 0 ) );
TEST_ASSERT( 0 == cipher_update_ad( &ctx_enc, NULL, 0 ) );
-#endif /* POLARSSL_CIPHER_MODE_AEAD */
+#endif
/* encode length number of bytes from inbuf */
TEST_ASSERT( 0 == cipher_update( &ctx_enc, inbuf, first_length, encbuf, &outlen ) );
@@ -416,7 +416,7 @@
unsigned char ad[200];
unsigned char tag[20];
size_t key_len, iv_len, cipher_len, clear_len;
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
size_t ad_len, tag_len;
#endif
cipher_context_t ctx;
@@ -435,7 +435,7 @@
iv_len = unhexify( iv, hex_iv );
cipher_len = unhexify( cipher, hex_cipher );
clear_len = unhexify( clear, hex_clear );
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
ad_len = unhexify( ad, hex_ad );
tag_len = unhexify( tag, hex_tag );
#else
@@ -455,9 +455,9 @@
#endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */
TEST_ASSERT( 0 == cipher_set_iv( &ctx, iv, iv_len ) );
TEST_ASSERT( 0 == cipher_reset( &ctx ) );
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
TEST_ASSERT( 0 == cipher_update_ad( &ctx, ad, ad_len ) );
-#endif /* POLARSSL_CIPHER_MODE_AEAD */
+#endif
/* decode buffer and check tag */
total_len = 0;
@@ -466,9 +466,9 @@
TEST_ASSERT( finish_result == cipher_finish( &ctx, output + outlen,
&outlen ) );
total_len += outlen;
-#if defined(POLARSSL_CIPHER_MODE_AEAD)
+#if defined(POLARSSL_GCM_C)
TEST_ASSERT( tag_result == cipher_check_tag( &ctx, tag, tag_len ) );
-#endif /* POLARSSL_CIPHER_MODE_AEAD */
+#endif
/* check plaintext only if everything went fine */
if( 0 == finish_result && 0 == tag_result )
