From 637a628797a2fc8a96c74e956002f3a4406090da Mon Sep 17 00:00:00 2001
From: Lukas-Luger <lukas.luger@mailbox.tu-dresden.de>
Date: Fri, 25 Apr 2025 14:34:13 +0200
Subject: [PATCH] pkg/tinycrypt: add psa_crypto aes ccm glue code

---
 pkg/tinycrypt/Makefile.include        |   9 ++-
 pkg/tinycrypt/psa_tinycrypt/Makefile  |   4 +
 pkg/tinycrypt/psa_tinycrypt/aes_ccm.c | 106 ++++++++++++++++++++++++++
 3 files changed, 118 insertions(+), 1 deletion(-)
 create mode 100644 pkg/tinycrypt/psa_tinycrypt/Makefile
 create mode 100644 pkg/tinycrypt/psa_tinycrypt/aes_ccm.c

diff --git a/pkg/tinycrypt/Makefile.include b/pkg/tinycrypt/Makefile.include
index 2899d47cee..18cfb6b0f4 100644
--- a/pkg/tinycrypt/Makefile.include
+++ b/pkg/tinycrypt/Makefile.include
@@ -1,2 +1,9 @@
-# Using -isyste instead of -I to avoid warnings about these headers
+# Using -isystem instead of -I to avoid warnings about these headers
 INCLUDES += -isystem$(PKGDIRBASE)/tinycrypt/lib/include
+
+ifneq (,$(filter psa_tinycrypt_%, $(USEMODULE)))
+  DIRS += $(RIOTPKG)/tinycrypt/psa_tinycrypt
+  INCLUDES += -I$(RIOTBASE)/sys/psa_crypto/include
+endif
+
+PSEUDOMODULES += psa_tinycrypt_aes_ccm
diff --git a/pkg/tinycrypt/psa_tinycrypt/Makefile b/pkg/tinycrypt/psa_tinycrypt/Makefile
new file mode 100644
index 0000000000..7ba82c1ae0
--- /dev/null
+++ b/pkg/tinycrypt/psa_tinycrypt/Makefile
@@ -0,0 +1,4 @@
+BASE_MODULE := psa_tinycrypt
+SUBMODULES := 1
+
+include $(RIOTBASE)/Makefile.base
diff --git a/pkg/tinycrypt/psa_tinycrypt/aes_ccm.c b/pkg/tinycrypt/psa_tinycrypt/aes_ccm.c
new file mode 100644
index 0000000000..b7c192383d
--- /dev/null
+++ b/pkg/tinycrypt/psa_tinycrypt/aes_ccm.c
@@ -0,0 +1,106 @@
+/*
+ * Copyright (C) 2025 TU Dresden
+ *
+ * This file is subject to the terms and conditions of the GNU Lesser
+ * General Public License v2.1. See the file LICENSE in the top level
+ * directory for more details.
+ */
+
+/**
+ * @ingroup     sys_psa_crypto pkg_tinycrypt
+ * @{
+ *
+ * @brief       Glue code translating between PSA Crypto and the tinycrypt APIs
+ *
+ * @author      Lukas Luger <lukas.luger@mailbox.tu-dresden.de>
+ *
+ * @}
+ */
+
+#include "psa/crypto.h"
+#include "tinycrypt/aes.h"
+#include "tinycrypt/ccm_mode.h"
+#include <assert.h>
+
+psa_status_t psa_aead_aes_128_ccm_encrypt(const psa_key_attributes_t *attributes,
+                                          uint8_t *key_buffer, size_t key_buffer_length,
+                                          uint8_t tag_length, const uint8_t *nonce,
+                                          size_t nonce_length, const uint8_t *additional_data,
+                                          size_t additional_data_length, const uint8_t *plaintext,
+                                          size_t plaintext_length, uint8_t *ciphertext,
+                                          size_t ciphertext_size, size_t *ciphertext_length)
+{
+    (void)attributes;
+    (void)key_buffer_length;
+    /* This should already have been checked by PSA. */
+    assert(ciphertext_size >= plaintext_length + tag_length);
+
+    int ret;
+    struct tc_ccm_mode_struct c;
+    struct tc_aes_key_sched_struct sched;
+    /* tinycrypt only supports a nonce_length of 13 */
+    if (nonce_length != 13 || additional_data_length >= TC_CCM_AAD_MAX_BYTES ||
+        plaintext_length >= TC_CCM_PAYLOAD_MAX_BYTES) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    tc_aes128_set_encrypt_key(&sched, key_buffer);
+
+    ret = tc_ccm_config(&c, &sched, (uint8_t *)nonce, nonce_length, tag_length);
+    if (ret != 1) {
+        return PSA_ERROR_GENERIC_ERROR;
+    }
+
+    ret = tc_ccm_generation_encryption(ciphertext, ciphertext_size, additional_data,
+                                       additional_data_length, plaintext,
+                                       plaintext_length, &c);
+    if (ret != 1) {
+        return PSA_ERROR_GENERIC_ERROR;
+    }
+
+    *ciphertext_length = ciphertext_size;
+
+    return PSA_SUCCESS;
+}
+
+psa_status_t psa_aead_aes_128_ccm_decrypt(const psa_key_attributes_t *attributes,
+                                          uint8_t *key_buffer, size_t key_buffer_length,
+                                          uint8_t tag_length, const uint8_t *nonce,
+                                          size_t nonce_length, const uint8_t *additional_data,
+                                          size_t additional_data_length, const uint8_t *ciphertext,
+                                          size_t ciphertext_length, uint8_t *plaintext,
+                                          size_t plaintext_size, size_t *plaintext_length)
+{
+    (void)attributes;
+    (void)key_buffer_length;
+    /* This should already have been checked by PSA. */
+    assert(plaintext_size >= ciphertext_length - tag_length);
+
+    int ret;
+
+    struct tc_ccm_mode_struct c;
+    struct tc_aes_key_sched_struct sched;
+    /* tinycrypt only supports a nonce_length of 13 */
+    if (nonce_length != 13 || additional_data_length >= TC_CCM_AAD_MAX_BYTES ||
+        ciphertext_length >= TC_CCM_PAYLOAD_MAX_BYTES) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    tc_aes128_set_decrypt_key(&sched, key_buffer);
+
+    ret = tc_ccm_config(&c, &sched, (uint8_t *)nonce, nonce_length, tag_length);
+    if (ret != 1) {
+        return PSA_ERROR_GENERIC_ERROR;
+    }
+
+    ret = tc_ccm_decryption_verification(plaintext, plaintext_size, additional_data,
+                                         additional_data_length, ciphertext,
+                                         ciphertext_length, &c);
+    if (ret != 1) {
+        return PSA_ERROR_INVALID_SIGNATURE;
+    }
+
+    *plaintext_length = plaintext_size;
+
+    return PSA_SUCCESS;
+}