diff --git a/include/psa/crypto_builtin_composites.h b/include/psa/crypto_builtin_composites.h index 16fa3db72..fd7f6f91a 100644 --- a/include/psa/crypto_builtin_composites.h +++ b/include/psa/crypto_builtin_composites.h @@ -38,8 +38,12 @@ /* * MAC multi-part operation definitions. */ +#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) +#define MBEDTLS_PSA_BUILTIN_MAC +#endif -#if defined(MBEDTLS_MD_C) +#if defined(PSA_WANT_ALG_HMAC) typedef struct { /** The HMAC algorithm in use */ @@ -49,22 +53,33 @@ typedef struct /** The HMAC part of the context. */ uint8_t opad[PSA_HMAC_MAX_HASH_BLOCK_SIZE]; } psa_hmac_internal_data; -#endif /* MBEDTLS_MD_C */ +#endif /* PSA_WANT_ALG_HMAC */ #include "mbedtls/cmac.h" -#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) -#define MBEDTLS_PSA_BUILTIN_MAC -#endif - typedef struct { psa_algorithm_t alg; - /* To be fleshed out in a later commit. */ + unsigned int key_set : 1; + unsigned int iv_required : 1; + unsigned int iv_set : 1; + unsigned int has_input : 1; + unsigned int is_sign : 1; + uint8_t mac_size; + unsigned int id; + union + { + unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ +#if defined(PSA_WANT_ALG_HMAC) + psa_hmac_internal_data hmac; +#endif +#if defined(MBEDTLS_CMAC_C) + mbedtls_cipher_context_t cmac; +#endif + } ctx; } mbedtls_psa_mac_operation_t; -#define MBEDTLS_PSA_MAC_OPERATION_INIT {0, {0}} +#define MBEDTLS_PSA_MAC_OPERATION_INIT {0, 0, 0, 0, 0, 0, 0, 0, {0}} /* * BEYOND THIS POINT, TEST DRIVER DECLARATIONS ONLY. diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 975e9f76b..04c006463 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -130,28 +130,17 @@ static inline struct psa_cipher_operation_s psa_cipher_operation_init( void ) struct psa_mac_operation_s { - psa_algorithm_t alg; - unsigned int key_set : 1; - unsigned int iv_required : 1; - unsigned int iv_set : 1; - unsigned int has_input : 1; - unsigned int is_sign : 1; - uint8_t mac_size; + /** Unique ID indicating which driver got assigned to do the + * operation. Since driver contexts are driver-specific, swapping + * drivers halfway through the operation is not supported. + * ID values are auto-generated in psa_driver_wrappers.h + * ID value zero means the context is not valid or not assigned to + * any driver (i.e. none of the driver contexts are active). */ unsigned int id; - union - { - unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ -#if defined(MBEDTLS_MD_C) - psa_hmac_internal_data hmac; -#endif -#if defined(MBEDTLS_CMAC_C) - mbedtls_cipher_context_t cmac; -#endif - psa_driver_mac_context_t driver; - } ctx; + psa_driver_mac_context_t ctx; }; -#define PSA_MAC_OPERATION_INIT {0, 0, 0, 0, 0, 0, 0, 0, {0}} +#define PSA_MAC_OPERATION_INIT {0, {0}} static inline struct psa_mac_operation_s psa_mac_operation_init( void ) { const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT; diff --git a/library/psa_crypto.c b/library/psa_crypto.c index f58df4aef..f91e5c322 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2328,7 +2328,7 @@ static size_t psa_get_hash_block_size( psa_algorithm_t alg ) /* Initialize the MAC operation structure. Once this function has been * called, psa_mac_abort can run and will do the right thing. */ -static psa_status_t psa_mac_init( psa_mac_operation_t *operation, +static psa_status_t psa_mac_init( mbedtls_psa_mac_operation_t *operation, psa_algorithm_t alg ) { psa_status_t status = PSA_ERROR_NOT_SUPPORTED; @@ -2376,8 +2376,11 @@ static psa_status_t psa_hmac_abort_internal( psa_hmac_internal_data *hmac ) } #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ -psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) +psa_status_t psa_mac_abort( psa_mac_operation_t *psa_operation ) { + /* Temporary recast to avoid changing a lot of lines */ + mbedtls_psa_mac_operation_t* operation = &psa_operation->ctx.mbedtls_ctx; + if( operation->alg == 0 ) { /* The object has (apparently) been initialized but it is not @@ -2425,7 +2428,7 @@ bad_state: } #if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) -static psa_status_t psa_cmac_setup( psa_mac_operation_t *operation, +static psa_status_t psa_cmac_setup( mbedtls_psa_mac_operation_t *operation, psa_key_slot_t *slot ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -2514,7 +2517,7 @@ cleanup: } #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ -static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, +static psa_status_t psa_mac_setup( psa_mac_operation_t *psa_operation, mbedtls_svc_key_id_t key, psa_algorithm_t alg, int is_sign ) @@ -2525,6 +2528,9 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, psa_key_usage_t usage = is_sign ? PSA_KEY_USAGE_SIGN_HASH : PSA_KEY_USAGE_VERIFY_HASH; + /* Temporary recast to avoid changing a lot of lines */ + mbedtls_psa_mac_operation_t* operation = &psa_operation->ctx.mbedtls_ctx; + /* A context must be freshly initialized before it can be set up. */ if( operation->alg != 0 ) { @@ -2608,7 +2614,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, exit: if( status != PSA_SUCCESS ) { - psa_mac_abort( operation ); + psa_mac_abort( psa_operation ); } else { @@ -2634,10 +2640,13 @@ psa_status_t psa_mac_verify_setup( psa_mac_operation_t *operation, return( psa_mac_setup( operation, key, alg, 0 ) ); } -psa_status_t psa_mac_update( psa_mac_operation_t *operation, +psa_status_t psa_mac_update( psa_mac_operation_t *psa_operation, const uint8_t *input, size_t input_length ) { + /* Temporary recast to avoid changing a lot of lines */ + mbedtls_psa_mac_operation_t* operation = &psa_operation->ctx.mbedtls_ctx; + psa_status_t status = PSA_ERROR_BAD_STATE; if( ! operation->key_set ) return( PSA_ERROR_BAD_STATE ); @@ -2669,7 +2678,7 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation, } if( status != PSA_SUCCESS ) - psa_mac_abort( operation ); + psa_mac_abort( psa_operation ); return( status ); } @@ -2713,7 +2722,7 @@ exit: } #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ -static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, +static psa_status_t psa_mac_finish_internal( mbedtls_psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size ) { @@ -2752,11 +2761,14 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, } } -psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation, +psa_status_t psa_mac_sign_finish( psa_mac_operation_t *psa_operation, uint8_t *mac, size_t mac_size, size_t *mac_length ) { + /* Temporary recast to avoid changing a lot of lines */ + mbedtls_psa_mac_operation_t* operation = &psa_operation->ctx.mbedtls_ctx; + psa_status_t status; if( operation->alg == 0 ) @@ -2782,21 +2794,24 @@ psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation, if( status == PSA_SUCCESS ) { - status = psa_mac_abort( operation ); + status = psa_mac_abort( psa_operation ); if( status == PSA_SUCCESS ) *mac_length = operation->mac_size; else memset( mac, '!', mac_size ); } else - psa_mac_abort( operation ); + psa_mac_abort( psa_operation ); return( status ); } -psa_status_t psa_mac_verify_finish( psa_mac_operation_t *operation, +psa_status_t psa_mac_verify_finish( psa_mac_operation_t *psa_operation, const uint8_t *mac, size_t mac_length ) { + /* Temporary recast to avoid changing a lot of lines */ + mbedtls_psa_mac_operation_t* operation = &psa_operation->ctx.mbedtls_ctx; + uint8_t actual_mac[PSA_MAC_MAX_SIZE]; psa_status_t status; @@ -2825,9 +2840,9 @@ psa_status_t psa_mac_verify_finish( psa_mac_operation_t *operation, cleanup: if( status == PSA_SUCCESS ) - status = psa_mac_abort( operation ); + status = psa_mac_abort( psa_operation ); else - psa_mac_abort( operation ); + psa_mac_abort( psa_operation ); mbedtls_platform_zeroize( actual_mac, sizeof( actual_mac ) ); diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 09f631919..32ea7f535 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -1383,7 +1383,7 @@ psa_status_t psa_driver_wrapper_mac_sign_setup( #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) status = mbedtls_transparent_test_driver_mac_sign_setup( - &operation->ctx.driver.transparent_test_driver_ctx, + &operation->ctx.transparent_test_driver_ctx, attributes, key_buffer, key_buffer_size, alg ); @@ -1397,7 +1397,7 @@ psa_status_t psa_driver_wrapper_mac_sign_setup( #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ #if defined(MBEDTLS_PSA_BUILTIN_MAC) /* Fell through, meaning no accelerator supports this operation */ - status = mbedtls_psa_mac_sign_setup( &operation->ctx.driver.mbedtls_ctx, + status = mbedtls_psa_mac_sign_setup( &operation->ctx.mbedtls_ctx, attributes, key_buffer, key_buffer_size, alg ); @@ -1414,7 +1414,7 @@ psa_status_t psa_driver_wrapper_mac_sign_setup( #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: status = mbedtls_opaque_test_driver_mac_sign_setup( - &operation->ctx.driver.opaque_test_driver_ctx, + &operation->ctx.opaque_test_driver_ctx, attributes, key_buffer, key_buffer_size, alg ); @@ -1454,7 +1454,7 @@ psa_status_t psa_driver_wrapper_mac_verify_setup( #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) status = mbedtls_transparent_test_driver_mac_verify_setup( - &operation->ctx.driver.transparent_test_driver_ctx, + &operation->ctx.transparent_test_driver_ctx, attributes, key_buffer, key_buffer_size, alg ); @@ -1468,7 +1468,7 @@ psa_status_t psa_driver_wrapper_mac_verify_setup( #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ #if defined(MBEDTLS_PSA_BUILTIN_MAC) /* Fell through, meaning no accelerator supports this operation */ - status = mbedtls_psa_mac_verify_setup( &operation->ctx.driver.mbedtls_ctx, + status = mbedtls_psa_mac_verify_setup( &operation->ctx.mbedtls_ctx, attributes, key_buffer, key_buffer_size, alg ); @@ -1485,7 +1485,7 @@ psa_status_t psa_driver_wrapper_mac_verify_setup( #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: status = mbedtls_opaque_test_driver_mac_sign_setup( - &operation->ctx.driver.opaque_test_driver_ctx, + &operation->ctx.opaque_test_driver_ctx, attributes, key_buffer, key_buffer_size, alg ); @@ -1515,7 +1515,7 @@ psa_status_t psa_driver_wrapper_mac_update( { #if defined(MBEDTLS_PSA_BUILTIN_MAC) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - return( mbedtls_psa_mac_update( &operation->ctx.driver.mbedtls_ctx, + return( mbedtls_psa_mac_update( &operation->ctx.mbedtls_ctx, input, input_length ) ); #endif /* MBEDTLS_PSA_BUILTIN_MAC */ @@ -1523,12 +1523,12 @@ psa_status_t psa_driver_wrapper_mac_update( #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: return( mbedtls_transparent_test_driver_mac_update( - &operation->ctx.driver.transparent_test_driver_ctx, + &operation->ctx.transparent_test_driver_ctx, input, input_length ) ); case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: return( mbedtls_opaque_test_driver_mac_update( - &operation->ctx.driver.opaque_test_driver_ctx, + &operation->ctx.opaque_test_driver_ctx, input, input_length ) ); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ @@ -1549,7 +1549,7 @@ psa_status_t psa_driver_wrapper_mac_sign_finish( { #if defined(MBEDTLS_PSA_BUILTIN_MAC) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - return( mbedtls_psa_mac_sign_finish( &operation->ctx.driver.mbedtls_ctx, + return( mbedtls_psa_mac_sign_finish( &operation->ctx.mbedtls_ctx, mac, mac_size, mac_length ) ); #endif /* MBEDTLS_PSA_BUILTIN_MAC */ @@ -1557,12 +1557,12 @@ psa_status_t psa_driver_wrapper_mac_sign_finish( #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: return( mbedtls_transparent_test_driver_mac_sign_finish( - &operation->ctx.driver.transparent_test_driver_ctx, + &operation->ctx.transparent_test_driver_ctx, mac, mac_size, mac_length ) ); case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: return( mbedtls_opaque_test_driver_mac_sign_finish( - &operation->ctx.driver.opaque_test_driver_ctx, + &operation->ctx.opaque_test_driver_ctx, mac, mac_size, mac_length ) ); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ @@ -1583,7 +1583,7 @@ psa_status_t psa_driver_wrapper_mac_verify_finish( { #if defined(MBEDTLS_PSA_BUILTIN_MAC) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - return( mbedtls_psa_mac_verify_finish( &operation->ctx.driver.mbedtls_ctx, + return( mbedtls_psa_mac_verify_finish( &operation->ctx.mbedtls_ctx, mac, mac_length ) ); #endif /* MBEDTLS_PSA_BUILTIN_MAC */ @@ -1591,12 +1591,12 @@ psa_status_t psa_driver_wrapper_mac_verify_finish( #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: return( mbedtls_transparent_test_driver_mac_verify_finish( - &operation->ctx.driver.transparent_test_driver_ctx, + &operation->ctx.transparent_test_driver_ctx, mac, mac_length ) ); case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: return( mbedtls_opaque_test_driver_mac_verify_finish( - &operation->ctx.driver.opaque_test_driver_ctx, + &operation->ctx.opaque_test_driver_ctx, mac, mac_length ) ); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ @@ -1615,7 +1615,7 @@ psa_status_t psa_driver_wrapper_mac_abort( { #if defined(MBEDTLS_PSA_BUILTIN_MAC) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - status = mbedtls_psa_mac_abort( &operation->ctx.driver.mbedtls_ctx ); + status = mbedtls_psa_mac_abort( &operation->ctx.mbedtls_ctx ); break; #endif /* MBEDTLS_PSA_BUILTIN_MAC */ @@ -1623,11 +1623,11 @@ psa_status_t psa_driver_wrapper_mac_abort( #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: status = mbedtls_transparent_test_driver_mac_abort( - &operation->ctx.driver.transparent_test_driver_ctx ); + &operation->ctx.transparent_test_driver_ctx ); break; case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: status = mbedtls_opaque_test_driver_mac_abort( - &operation->ctx.driver.opaque_test_driver_ctx ); + &operation->ctx.opaque_test_driver_ctx ); break; #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */