CC3XX: Add support for multipart AEAD APIs in Chacha20-Poly1305

Signed-off-by: Antonio de Angelis <[email protected]>
Change-Id: Icbcbc7cd3840aad873861b2dfd5c95829cbfb3ae

Author: adeaarm

lib/ext/cryptocell-312-runtime/codesafe/src/psa_driver_api/include/cc3xx_internal_chacha20_poly1305.h

@@ -41,6 +41,129 @@ typedef struct ChachaPolyContext_t {
     bool bAuthenticateInput; /*!< True when input is used for AEAD authent */
 } ChachaPolyContext_t;
 
+/**
+ * \brief Generates an OTK as per RFC7539. This function must be called only
+ *        after the key has been set on the Chacha20 context
+ *
+ * \note This function implements the block which generates the one time key
+ *       to be used for Poly1305 as part of RFC7539 to be generated through
+ *       Chacha20, i.e.
+ *           poly1305_key_gen(key, nonce):
+ *               counter = 0;
+ *               block = chacha_block(key, counter, nonce)
+ *               return block[0..31]
+ *
+ * \param[in,out] context  Pointer to the Chacha context to be used for the
+ *                         encryption. Note that this is the Chacha and not
+ *                         the ChachaPoly context because encryption only is
+ *                         required
+ * \param[out]    otk      Buffer to hold the one time key produced.
+ * \param[in]     otk_size Size in bytes of the otk buffer. Must be at least 32
+ */
+psa_status_t cc3xx_chacha20_poly1305_gen_otk(
+    ChachaContext_t *context,
+    uint8_t *otk,
+    size_t otk_size);
+
+/**
+ * \brief Sets the value of the one time key (OTK) to be used by the Poly1305
+ *        algorithm in a multipart flow.
+ *
+ * \param[in,out] state      Pointer to the Poly1305 state to be used
+ * \param[in]     otk        Buffer containing the OTK to be set in the state
+ * \param[in]     otk_length Size in bytes of the data in the otk buffer. Must
+ *                           be 32.
+ *
+ * \return psa_status_t
+ */
+psa_status_t cc3xx_chacha20_poly1305_set_otk(
+    PolyState_t *state,
+    const uint8_t *otk,
+    size_t otk_length);
+
+/**
+ * \brief Sets the lengths for the data to be authenticate and for the
+ *        data to be encrypted. These lengths are used by the algorithm
+ *        to build the associated AEAD construction as per RFC7539 that
+ *        is authenticated with Poly1305.
+ *
+ * \param[in,out] context          Context for the multipart Chacha20Poly1305
+ * \param[in]     ad_length        Expected byte length of the additional data
+ * \param[in]     plaintext_length Expected byte length of the data to encrypt
+ *
+ * \return psa_status_t
+ */
+psa_status_t cc3xx_chacha20_poly1305_set_lengths(
+    ChachaPolyContext_t *context,
+    size_t ad_length,
+    size_t plaintext_length);
+
+/**
+ * \brief Updates the additional data to be authenticated with a new chunk of
+ *        information
+ *
+ * \param[in,out] context      Context for the multipart Chacha20Poly1305
+ * \param[in]     input        Buffer containing the chunk of additional data
+ * \param[in]     input_length Size in bytes of the data in the input buffer
+ *
+ * \return psa_status_t
+ */
+psa_status_t cc3xx_chacha20_poly1305_update_ad(
+    ChachaPolyContext_t *context,
+    const uint8_t *input,
+    size_t input_length);
+
+/**
+ * \brief Updates the data to be encrypted or decrypted, based on the type of
+ *        multipart operation, with a new chunk of information
+ *
+ * \param[in,out] context       Context for the multipart Chacha20Poly1305
+ * \param[in]     input         Buffer containing the chunk of new data
+ * \param[in]     input_length  Size in bytes of the data pointed in input
+ * \param[out]    output        Buffer to hold the processed data
+ * \param[in]     output_size   Size in bytes of the output buffer
+ * \param[out]    output_length Length in bytes of the processed data
+ *
+ * \return psa_status_t
+ */
+psa_status_t cc3xx_chacha20_poly1305_update(
+    ChachaPolyContext_t *context,
+    const uint8_t *input,
+    size_t input_length,
+    uint8_t *output,
+    size_t output_size,
+    size_t *output_length);
+
+/**
+ * \brief Finalize the multipart AEAD producing the authentication tag
+ *
+ * \param[in,out] context    Context for the multipart Chacha20Poly1305
+ * \param[out]    tag        Buffer containing the produced tag from Poly1305
+ * \param[in]     tag_size   Size in bytes of the tag buffer. Must be >= 16
+ * \param[out]    tag_length Length in bytes of the tag. On success is 16
+ *
+ * \return psa_status_t
+ */
+psa_status_t cc3xx_chacha20_poly1305_finish(
+    ChachaPolyContext_t *context,
+    uint8_t *tag,
+    size_t tag_size,
+    size_t *tag_length);
+
+/**
+ * \brief Verifies that the tag given as parameter matches the one from the
+ *        finalization of the multipart AEAD operation
+ *
+ * \param[in,out] context  Context for the multipart Chacha20Poly1305
+ * \param[in]     tag      Buffer containing the tag to verify
+ * \param[in]     tag_size Size in bytes of the tag buffer
+ *
+ * \return psa_status_t
+ */
+psa_status_t cc3xx_chacha20_poly1305_verify(
+    ChachaPolyContext_t *context,
+    const uint8_t *tag,
+    size_t tag_size);
 /**
  * \brief Encrypt and create auth tag with Chacha20-Poly1305
  */