mbedTLS: Update to new LTS v3.6.0

Keep module compatibility with mbedtls 2.x (old LTS branch).

A patch has been added to allow compiling after removing all the `psa_*`
files from the library folder (will look into upstreaming it).

Note: mbedTLS 3.6 finally enabled TLSv1.3 by default, but it requires
some module changes, and to enable PSA crypto (new "standard" API
specification), so it might be best done in a separate commit/PR.

thirdparty/mbedtls/library/block_cipher.c

@@ -0,0 +1,203 @@
+/**
+ * \file block_cipher.c
+ *
+ * \brief Lightweight abstraction layer for block ciphers with 128 bit blocks,
+ * for use by the GCM and CCM modules.
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
+#include "psa/crypto.h"
+#include "psa_crypto_core.h"
+#include "psa_util_internal.h"
+#endif
+
+#include "block_cipher_internal.h"
+
+#if defined(MBEDTLS_BLOCK_CIPHER_C)
+
+#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
+static psa_key_type_t psa_key_type_from_block_cipher_id(mbedtls_block_cipher_id_t cipher_id)
+{
+    switch (cipher_id) {
+#if defined(MBEDTLS_BLOCK_CIPHER_AES_VIA_PSA)
+        case MBEDTLS_BLOCK_CIPHER_ID_AES:
+            return PSA_KEY_TYPE_AES;
+#endif
+#if defined(MBEDTLS_BLOCK_CIPHER_ARIA_VIA_PSA)
+        case MBEDTLS_BLOCK_CIPHER_ID_ARIA:
+            return PSA_KEY_TYPE_ARIA;
+#endif
+#if defined(MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_PSA)
+        case MBEDTLS_BLOCK_CIPHER_ID_CAMELLIA:
+            return PSA_KEY_TYPE_CAMELLIA;
+#endif
+        default:
+            return PSA_KEY_TYPE_NONE;
+    }
+}
+
+static int mbedtls_cipher_error_from_psa(psa_status_t status)
+{
+    return PSA_TO_MBEDTLS_ERR_LIST(status, psa_to_cipher_errors,
+                                   psa_generic_status_to_mbedtls);
+}
+#endif /* MBEDTLS_BLOCK_CIPHER_SOME_PSA */
+
+void mbedtls_block_cipher_free(mbedtls_block_cipher_context_t *ctx)
+{
+#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
+    if (ctx->engine == MBEDTLS_BLOCK_CIPHER_ENGINE_PSA) {
+        psa_destroy_key(ctx->psa_key_id);
+        return;
+    }
+#endif
+    switch (ctx->id) {
+#if defined(MBEDTLS_AES_C)
+        case MBEDTLS_BLOCK_CIPHER_ID_AES:
+            mbedtls_aes_free(&ctx->ctx.aes);
+            break;
+#endif
+#if defined(MBEDTLS_ARIA_C)
+        case MBEDTLS_BLOCK_CIPHER_ID_ARIA:
+            mbedtls_aria_free(&ctx->ctx.aria);
+            break;
+#endif
+#if defined(MBEDTLS_CAMELLIA_C)
+        case MBEDTLS_BLOCK_CIPHER_ID_CAMELLIA:
+            mbedtls_camellia_free(&ctx->ctx.camellia);
+            break;
+#endif
+        default:
+            break;
+    }
+    ctx->id = MBEDTLS_BLOCK_CIPHER_ID_NONE;
+}
+
+int mbedtls_block_cipher_setup(mbedtls_block_cipher_context_t *ctx,
+                               mbedtls_cipher_id_t cipher_id)
+{
+    ctx->id = (cipher_id == MBEDTLS_CIPHER_ID_AES) ? MBEDTLS_BLOCK_CIPHER_ID_AES :
+              (cipher_id == MBEDTLS_CIPHER_ID_ARIA) ? MBEDTLS_BLOCK_CIPHER_ID_ARIA :
+              (cipher_id == MBEDTLS_CIPHER_ID_CAMELLIA) ? MBEDTLS_BLOCK_CIPHER_ID_CAMELLIA :
+              MBEDTLS_BLOCK_CIPHER_ID_NONE;
+
+#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
+    psa_key_type_t psa_key_type = psa_key_type_from_block_cipher_id(ctx->id);
+    if (psa_key_type != PSA_KEY_TYPE_NONE &&
+        psa_can_do_cipher(psa_key_type, PSA_ALG_ECB_NO_PADDING)) {
+        ctx->engine = MBEDTLS_BLOCK_CIPHER_ENGINE_PSA;
+        return 0;
+    }
+    ctx->engine = MBEDTLS_BLOCK_CIPHER_ENGINE_LEGACY;
+#endif
+
+    switch (ctx->id) {
+#if defined(MBEDTLS_AES_C)
+        case MBEDTLS_BLOCK_CIPHER_ID_AES:
+            mbedtls_aes_init(&ctx->ctx.aes);
+            return 0;
+#endif
+#if defined(MBEDTLS_ARIA_C)
+        case MBEDTLS_BLOCK_CIPHER_ID_ARIA:
+            mbedtls_aria_init(&ctx->ctx.aria);
+            return 0;
+#endif
+#if defined(MBEDTLS_CAMELLIA_C)
+        case MBEDTLS_BLOCK_CIPHER_ID_CAMELLIA:
+            mbedtls_camellia_init(&ctx->ctx.camellia);
+            return 0;
+#endif
+        default:
+            ctx->id = MBEDTLS_BLOCK_CIPHER_ID_NONE;
+            return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+}
+
+int mbedtls_block_cipher_setkey(mbedtls_block_cipher_context_t *ctx,
+                                const unsigned char *key,
+                                unsigned key_bitlen)
+{
+#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
+    if (ctx->engine == MBEDTLS_BLOCK_CIPHER_ENGINE_PSA) {
+        psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT;
+        psa_status_t status;
+
+        psa_set_key_type(&key_attr, psa_key_type_from_block_cipher_id(ctx->id));
+        psa_set_key_bits(&key_attr, key_bitlen);
+        psa_set_key_algorithm(&key_attr, PSA_ALG_ECB_NO_PADDING);
+        psa_set_key_usage_flags(&key_attr, PSA_KEY_USAGE_ENCRYPT);
+
+        status = psa_import_key(&key_attr, key, PSA_BITS_TO_BYTES(key_bitlen), &ctx->psa_key_id);
+        if (status != PSA_SUCCESS) {
+            return mbedtls_cipher_error_from_psa(status);
+        }
+        psa_reset_key_attributes(&key_attr);
+
+        return 0;
+    }
+#endif /* MBEDTLS_BLOCK_CIPHER_SOME_PSA */
+
+    switch (ctx->id) {
+#if defined(MBEDTLS_AES_C)
+        case MBEDTLS_BLOCK_CIPHER_ID_AES:
+            return mbedtls_aes_setkey_enc(&ctx->ctx.aes, key, key_bitlen);
+#endif
+#if defined(MBEDTLS_ARIA_C)
+        case MBEDTLS_BLOCK_CIPHER_ID_ARIA:
+            return mbedtls_aria_setkey_enc(&ctx->ctx.aria, key, key_bitlen);
+#endif
+#if defined(MBEDTLS_CAMELLIA_C)
+        case MBEDTLS_BLOCK_CIPHER_ID_CAMELLIA:
+            return mbedtls_camellia_setkey_enc(&ctx->ctx.camellia, key, key_bitlen);
+#endif
+        default:
+            return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT;
+    }
+}
+
+int mbedtls_block_cipher_encrypt(mbedtls_block_cipher_context_t *ctx,
+                                 const unsigned char input[16],
+                                 unsigned char output[16])
+{
+#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
+    if (ctx->engine == MBEDTLS_BLOCK_CIPHER_ENGINE_PSA) {
+        psa_status_t status;
+        size_t olen;
+
+        status = psa_cipher_encrypt(ctx->psa_key_id, PSA_ALG_ECB_NO_PADDING,
+                                    input, 16, output, 16, &olen);
+        if (status != PSA_SUCCESS) {
+            return mbedtls_cipher_error_from_psa(status);
+        }
+        return 0;
+    }
+#endif /* MBEDTLS_BLOCK_CIPHER_SOME_PSA */
+
+    switch (ctx->id) {
+#if defined(MBEDTLS_AES_C)
+        case MBEDTLS_BLOCK_CIPHER_ID_AES:
+            return mbedtls_aes_crypt_ecb(&ctx->ctx.aes, MBEDTLS_AES_ENCRYPT,
+                                         input, output);
+#endif
+#if defined(MBEDTLS_ARIA_C)
+        case MBEDTLS_BLOCK_CIPHER_ID_ARIA:
+            return mbedtls_aria_crypt_ecb(&ctx->ctx.aria, input, output);
+#endif
+#if defined(MBEDTLS_CAMELLIA_C)
+        case MBEDTLS_BLOCK_CIPHER_ID_CAMELLIA:
+            return mbedtls_camellia_crypt_ecb(&ctx->ctx.camellia,
+                                              MBEDTLS_CAMELLIA_ENCRYPT,
+                                              input, output);
+#endif
+        default:
+            return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT;
+    }
+}
+
+#endif /* MBEDTLS_BLOCK_CIPHER_C */