Introduce PSA_ALG_STREAM_CIPHER

This algorithm replaces the pre-existing stream cipher algorithms.
The underlying stream cipher is determined by the key type.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>

include/psa/crypto_compat.h

@@ -242,6 +242,14 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key
 
 #endif /* MBEDTLS_DEPRECATED_REMOVED */
 
+/*
+ * Deprecated PSA Crypto stream cipher algorithms (PSA Crypto API  <= 1.0 beta3)
+ */
+#define PSA_ALG_ARC4 \
+    PSA_ALG_STREAM_CIPHER
+#define PSA_ALG_CHACHA20 \
+    PSA_ALG_STREAM_CIPHER
+
 /** Open a handle to an existing persistent key.
  *
  * Open a handle to a persistent key. A key is persistent if it was created

include/psa/crypto_values.h

@@ -933,21 +933,15 @@
     (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \
         (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG))
 
-/** The ARC4 stream cipher algorithm.
+/** The stream cipher mode of a stream cipher algorithm.
+ *
+ * The underlying stream cipher is determined by the key type.
+ * - To use ChaCha20, use a key type of #PSA_KEY_TYPE_CHACHA20
+ *   and algorithm id #PSA_ALG_STREAM_CIPHER.
+ * - To use ARC4, use a key type of #PSA_KEY_TYPE_ARC4
+ *   and algorithm id #PSA_ALG_STREAM_CIPHER.
  */
-#define PSA_ALG_ARC4                            ((psa_algorithm_t)0x04800001)
-
-/** The ChaCha20 stream cipher.
- *
- * ChaCha20 is defined in RFC 7539.
- *
- * The nonce size for psa_cipher_set_iv() or psa_cipher_generate_iv()
- * must be 12.
- *
- * The initial block counter is always 0.
- *
- */
-#define PSA_ALG_CHACHA20                        ((psa_algorithm_t)0x04800005)
+#define PSA_ALG_STREAM_CIPHER                   ((psa_algorithm_t)0x04800100)
 
 /** The CTR stream cipher mode.
  *

library/psa_crypto.c

@@ -2948,8 +2948,7 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
     {
         switch( alg )
         {
-            case PSA_ALG_ARC4:
-            case PSA_ALG_CHACHA20:
+            case PSA_ALG_STREAM_CIPHER:
                 mode = MBEDTLS_MODE_STREAM;
                 break;
             case PSA_ALG_CTR:

programs/psa/psa_constant_names_generated.c

@@ -175,7 +175,6 @@ static int psa_snprint_algorithm(char *buffer, size_t buffer_size,
     }
     switch (core_alg) {
     case PSA_ALG_ANY_HASH: append(&buffer, buffer_size, &required_size, "PSA_ALG_ANY_HASH", 16); break;
-    case PSA_ALG_ARC4: append(&buffer, buffer_size, &required_size, "PSA_ALG_ARC4", 12); break;
     case PSA_ALG_CATEGORY_AEAD: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_AEAD", 21); break;
     case PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION", 38); break;
     case PSA_ALG_CATEGORY_CIPHER: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_CIPHER", 23); break;
@@ -189,7 +188,6 @@ static int psa_snprint_algorithm(char *buffer, size_t buffer_size,
     case PSA_ALG_CBC_PKCS7: append(&buffer, buffer_size, &required_size, "PSA_ALG_CBC_PKCS7", 17); break;
     case PSA_ALG_CCM: append(&buffer, buffer_size, &required_size, "PSA_ALG_CCM", 11); break;
     case PSA_ALG_CFB: append(&buffer, buffer_size, &required_size, "PSA_ALG_CFB", 11); break;
-    case PSA_ALG_CHACHA20: append(&buffer, buffer_size, &required_size, "PSA_ALG_CHACHA20", 16); break;
     case PSA_ALG_CHACHA20_POLY1305: append(&buffer, buffer_size, &required_size, "PSA_ALG_CHACHA20_POLY1305", 25); break;
     case PSA_ALG_CIPHER_MAC_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_CIPHER_MAC_BASE", 23); break;
     case PSA_ALG_CMAC: append(&buffer, buffer_size, &required_size, "PSA_ALG_CMAC", 12); break;
@@ -224,6 +222,7 @@ static int psa_snprint_algorithm(char *buffer, size_t buffer_size,
     case PSA_ALG_SHA_512: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_512", 15); break;
     case PSA_ALG_SHA_512_224: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_512_224", 19); break;
     case PSA_ALG_SHA_512_256: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_512_256", 19); break;
+    case PSA_ALG_STREAM_CIPHER: append(&buffer, buffer_size, &required_size, "PSA_ALG_STREAM_CIPHER", 21); break;
     case PSA_ALG_TLS12_PRF_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_TLS12_PRF_BASE", 22); break;
     case PSA_ALG_TLS12_PSK_TO_MS_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_TLS12_PSK_TO_MS_BASE", 28); break;
     case PSA_ALG_XTS: append(&buffer, buffer_size, &required_size, "PSA_ALG_XTS", 11); break;