Remove generic wildcard checks after review feedback

Applied specific wildcard checks instead.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>

# Conflicts:
#	library/psa_crypto.c
This commit is contained in:
Steven Cooreman 2021-02-18 12:07:20 +01:00
parent ee18b1f5a4
commit 0348802247

View file

@ -663,78 +663,78 @@ static psa_algorithm_t psa_key_policy_algorithm_intersection(
/* Common case: both sides actually specify the same policy. */ /* Common case: both sides actually specify the same policy. */
if( alg1 == alg2 ) if( alg1 == alg2 )
return( alg1 ); return( alg1 );
/* Special case: one or both sides contain a wildcard. */ /* If the policies are from the same hash-and-sign family, check
if( PSA_ALG_IS_WILDCARD( alg1 ) || PSA_ALG_IS_WILDCARD( alg2 ) ) * if one is a wildcard. If so the other has the specific algorithm. */
if( PSA_ALG_IS_HASH_AND_SIGN( alg1 ) &&
PSA_ALG_IS_HASH_AND_SIGN( alg2 ) &&
( alg1 & ~PSA_ALG_HASH_MASK ) == ( alg2 & ~PSA_ALG_HASH_MASK ) )
{ {
/* If the policies are from the same hash-and-sign family, check if( PSA_ALG_SIGN_GET_HASH( alg1 ) == PSA_ALG_ANY_HASH )
* if one is a wildcard. If so the other has the specific algorithm. */ return( alg2 );
if( PSA_ALG_IS_HASH_AND_SIGN( alg1 ) && if( PSA_ALG_SIGN_GET_HASH( alg2 ) == PSA_ALG_ANY_HASH )
PSA_ALG_IS_HASH_AND_SIGN( alg2 ) && return( alg1 );
( alg1 & ~PSA_ALG_HASH_MASK ) == ( alg2 & ~PSA_ALG_HASH_MASK ) ) }
{ /* If the policies are from the same AEAD family, check whether
if( PSA_ALG_SIGN_GET_HASH( alg1 ) == PSA_ALG_ANY_HASH ) * one f them is a minimum-tag-length wildcard. Calculate the most
return( alg2 ); * restrictive tag length. */
if( PSA_ALG_SIGN_GET_HASH( alg2 ) == PSA_ALG_ANY_HASH ) if( PSA_ALG_IS_AEAD( alg1 ) && PSA_ALG_IS_AEAD( alg2 ) &&
return( alg1 ); ( PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg1, 0 ) ==
} PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg2, 0 ) ) )
/* If the policies are from the same AEAD family, then at least one {
* of them is a minimum-tag-length policy. Calculate the most size_t alg1_len = PSA_ALG_AEAD_GET_TAG_LENGTH( alg1 );
* restrictive tag length. */ size_t alg2_len = PSA_ALG_AEAD_GET_TAG_LENGTH( alg2 );
if( PSA_ALG_IS_AEAD( alg1 ) && PSA_ALG_IS_AEAD( alg2 ) && size_t max_len = alg1_len > alg2_len ? alg1_len : alg2_len;
( PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg1, 0 ) ==
PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg2, 0 ) ) )
{
size_t alg1_len = PSA_ALG_AEAD_GET_TAG_LENGTH( alg1 );
size_t alg2_len = PSA_ALG_AEAD_GET_TAG_LENGTH( alg2 );
size_t max_len = alg1_len > alg2_len ? alg1_len : alg2_len;
/* If both are wildcards, return most restricitve wildcard */ /* If both are wildcards, return most restricitve wildcard */
if( PSA_ALG_IS_WILDCARD( alg1 ) && PSA_ALG_IS_WILDCARD( alg2 ) ) if( ( ( alg1 & PSA_ALG_AEAD_MINIMUM_LENGTH_FLAG ) != 0 ) &&
{ ( ( alg2 & PSA_ALG_AEAD_MINIMUM_LENGTH_FLAG ) != 0 ) )
return( PSA_ALG_AEAD_WITH_MINIMUM_LENGTH_TAG( alg1, max_len ) );
}
/* If only one is a wildcard, return specific algorithm if compatible. */
if( PSA_ALG_IS_WILDCARD( alg1 ) && (alg1_len <= alg2_len) )
{
return( alg2 );
}
if( PSA_ALG_IS_WILDCARD( alg2 ) && (alg2_len <= alg1_len) )
{
return( alg1 );
}
}
/* If the policies are from the same MAC family, then at least one
* of them is a minimum-tag-length policy. Calculate the most
* restrictive tag length. */
if( PSA_ALG_IS_MAC( alg1 ) && PSA_ALG_IS_MAC( alg2 ) &&
( PSA_ALG_FULL_LENGTH_MAC( alg1 ) ==
PSA_ALG_FULL_LENGTH_MAC( alg2 ) ) )
{ {
size_t alg1_len = PSA_MAC_TRUNCATED_LENGTH( alg1 ); return( PSA_ALG_AEAD_WITH_MINIMUM_LENGTH_TAG( alg1, max_len ) );
size_t alg2_len = PSA_MAC_TRUNCATED_LENGTH( alg2 ); }
size_t max_len = alg1_len > alg2_len ? alg1_len : alg2_len; /* If only one is a wildcard, return specific algorithm if compatible. */
if( ( ( alg1 & PSA_ALG_AEAD_MINIMUM_LENGTH_FLAG ) != 0 ) &&
( alg1_len <= alg2_len ) )
{
return( alg2 );
}
if( ( ( alg2 & PSA_ALG_AEAD_MINIMUM_LENGTH_FLAG ) != 0 ) &&
( alg2_len <= alg1_len ) )
{
return( alg1 );
}
}
/* If the policies are from the same MAC family, check whether one
* of them is a minimum-MAC-length policy. Calculate the most
* restrictive tag length. */
if( PSA_ALG_IS_MAC( alg1 ) && PSA_ALG_IS_MAC( alg2 ) &&
( PSA_ALG_FULL_LENGTH_MAC( alg1 ) ==
PSA_ALG_FULL_LENGTH_MAC( alg2 ) ) )
{
size_t alg1_len = PSA_MAC_TRUNCATED_LENGTH( alg1 );
size_t alg2_len = PSA_MAC_TRUNCATED_LENGTH( alg2 );
size_t max_len = alg1_len > alg2_len ? alg1_len : alg2_len;
/* If both are wildcards, return most restricitve wildcard */ /* If both are wildcards, return most restricitve wildcard */
if( PSA_ALG_IS_WILDCARD( alg1 ) && PSA_ALG_IS_WILDCARD( alg2 ) ) if( ( ( alg1 & PSA_ALG_MAC_MINIMUM_LENGTH_FLAG ) != 0 ) &&
{ ( ( alg2 & PSA_ALG_MAC_MINIMUM_LENGTH_FLAG ) != 0 ) )
return( PSA_ALG_MAC_WITH_MINIMUM_LENGTH_TAG( alg1, max_len ) ); {
} return( PSA_ALG_MAC_WITH_MINIMUM_LENGTH_TAG( alg1, max_len ) );
/* If only one is a wildcard, return specific algorithm if compatible. }
* Special case: specific MAC algorithm with '0' as length means full- /* If only one is a wildcard, return specific algorithm if compatible.
* length MAC, which is always allowed by a wildcard with the same * Special case: specific MAC algorithm with '0' as length means full-
* base algorithm. */ * length MAC, which is always allowed by a wildcard with the same
if( PSA_ALG_IS_WILDCARD( alg1 ) && * base algorithm. */
( ( alg1_len <= alg2_len) || if( ( ( alg1 & PSA_ALG_MAC_MINIMUM_LENGTH_FLAG ) != 0 ) &&
( alg2 == PSA_ALG_FULL_LENGTH_MAC( alg1 ) ) ) ) ( ( alg1_len <= alg2_len ) ||
{ ( alg2 == PSA_ALG_FULL_LENGTH_MAC( alg1 ) ) ) )
return( alg2 ); {
} return( alg2 );
if( PSA_ALG_IS_WILDCARD( alg2 ) && }
( (alg2_len <= alg1_len) || if( ( ( alg2 & PSA_ALG_MAC_MINIMUM_LENGTH_FLAG ) != 0 ) &&
( alg1 == PSA_ALG_FULL_LENGTH_MAC( alg2 ) ) ) ) ( ( alg2_len <= alg1_len ) ||
{ ( alg1 == PSA_ALG_FULL_LENGTH_MAC( alg2 ) ) ) )
return( alg1 ); {
} return( alg1 );
} }
} }
/* If the policies are incompatible, allow nothing. */ /* If the policies are incompatible, allow nothing. */
@ -750,45 +750,43 @@ static int psa_key_algorithm_permits( psa_algorithm_t policy_alg,
/* Common case: the policy only allows requested_alg. */ /* Common case: the policy only allows requested_alg. */
if( requested_alg == policy_alg ) if( requested_alg == policy_alg )
return( 1 ); return( 1 );
/* Special cases: the policy is an algorithm collection. */ /* If policy_alg is a hash-and-sign with a wildcard for the hash,
if( PSA_ALG_IS_WILDCARD( policy_alg ) ) * and requested_alg is the same hash-and-sign family with any hash,
* then requested_alg is compliant with policy_alg. */
if( PSA_ALG_IS_HASH_AND_SIGN( requested_alg ) &&
PSA_ALG_SIGN_GET_HASH( policy_alg ) == PSA_ALG_ANY_HASH )
{ {
/* If policy_alg is a hash-and-sign with a wildcard for the hash, return( ( policy_alg & ~PSA_ALG_HASH_MASK ) ==
* and requested_alg is the same hash-and-sign family with any hash, ( requested_alg & ~PSA_ALG_HASH_MASK ) );
* then requested_alg is compliant with policy_alg. */ }
if( PSA_ALG_IS_HASH_AND_SIGN( requested_alg ) && /* If policy_alg is a wildcard AEAD algorithm of the same base as
PSA_ALG_SIGN_GET_HASH( policy_alg ) == PSA_ALG_ANY_HASH ) * the requested algorithm, check the requested tag length to be
{ * equal-length or longer than the wildcard-specified length. */
return( ( policy_alg & ~PSA_ALG_HASH_MASK ) == if( PSA_ALG_IS_AEAD( policy_alg ) &&
( requested_alg & ~PSA_ALG_HASH_MASK ) ); PSA_ALG_IS_AEAD( requested_alg ) &&
} ( PSA_ALG_AEAD_WITH_SHORTENED_TAG( policy_alg, 0 ) ==
/* If policy_alg is a wildcard AEAD algorithm of the same base as PSA_ALG_AEAD_WITH_SHORTENED_TAG( requested_alg, 0 ) ) &&
* the requested algorithm, check the requested tag length to be ( ( policy_alg & PSA_ALG_AEAD_MINIMUM_LENGTH_FLAG ) != 0 ) )
* equal-length or longer than the wildcard-specified length. */ {
if( PSA_ALG_IS_AEAD( policy_alg ) && return( PSA_ALG_AEAD_GET_TAG_LENGTH( policy_alg ) <=
PSA_ALG_IS_AEAD( requested_alg ) && PSA_ALG_AEAD_GET_TAG_LENGTH( requested_alg ) );
( PSA_ALG_AEAD_WITH_SHORTENED_TAG( policy_alg, 0 ) == }
PSA_ALG_AEAD_WITH_SHORTENED_TAG( requested_alg, 0 ) ) ) /* If policy_alg is a wildcard MAC algorithm of the same base as
{ * the requested algorithm, check the requested tag length to be
return( PSA_ALG_AEAD_GET_TAG_LENGTH( policy_alg ) <= * equal-length or longer than the wildcard-specified length. */
PSA_ALG_AEAD_GET_TAG_LENGTH( requested_alg ) ); if( PSA_ALG_IS_MAC( policy_alg ) &&
} PSA_ALG_IS_MAC( requested_alg ) &&
/* If policy_alg is a wildcard MAC algorithm of the same base as ( PSA_ALG_FULL_LENGTH_MAC( policy_alg ) ==
* the requested algorithm, check the requested tag length to be PSA_ALG_FULL_LENGTH_MAC( requested_alg ) ) &&
* equal-length or longer than the wildcard-specified length. */ ( ( policy_alg & PSA_ALG_MAC_MINIMUM_LENGTH_FLAG ) != 0 ) )
if( PSA_ALG_IS_MAC( policy_alg ) && {
PSA_ALG_IS_MAC( requested_alg ) && /* Special case: full-length MAC is encoded with 0-length.
( PSA_ALG_FULL_LENGTH_MAC( policy_alg ) == * A minimum-length policy will always allow a full-length MAC. */
PSA_ALG_FULL_LENGTH_MAC( requested_alg ) ) ) if( PSA_ALG_FULL_LENGTH_MAC( requested_alg ) == requested_alg )
{ return( 1 );
/* Special case: full-length MAC is encoded with 0-length.
* A minimum-length policy will always allow a full-length MAC. */
if( PSA_ALG_FULL_LENGTH_MAC( requested_alg ) == requested_alg )
return( 1 );
return( PSA_MAC_TRUNCATED_LENGTH( policy_alg ) <= return( PSA_MAC_TRUNCATED_LENGTH( policy_alg ) <=
PSA_MAC_TRUNCATED_LENGTH( requested_alg ) ); PSA_MAC_TRUNCATED_LENGTH( requested_alg ) );
}
} }
/* If policy_alg is a generic key agreement operation, then using it for /* If policy_alg is a generic key agreement operation, then using it for
* a key derivation with that key agreement should also be allowed. This * a key derivation with that key agreement should also be allowed. This