From 9878a160c69a4e77a586abb5d9673a7484476cb7 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Thu, 6 May 2021 17:58:36 +0200 Subject: [PATCH] Code flow and style improvements Signed-off-by: Steven Cooreman --- library/psa_crypto.c | 98 ++++++++++++++++++---------------------- library/psa_crypto_mac.c | 15 +++--- 2 files changed, 50 insertions(+), 63 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 959549785..44b3680b5 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3233,7 +3233,32 @@ psa_status_t psa_aead_decrypt( mbedtls_svc_key_id_t key, defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) #define AT_LEAST_ONE_BUILTIN_KDF -#endif +#endif /* At least one builtin KDF */ + +#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) +static psa_status_t psa_key_derivation_start_hmac( + psa_mac_operation_t *operation, + psa_algorithm_t hash_alg, + const uint8_t *hmac_key, + size_t hmac_key_length ) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_set_key_type( &attributes, PSA_KEY_TYPE_HMAC ); + psa_set_key_bits( &attributes, PSA_BYTES_TO_BITS( hmac_key_length ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); + + status = psa_driver_wrapper_mac_sign_setup( operation, + &attributes, + hmac_key, hmac_key_length, + PSA_ALG_HMAC( hash_alg ) ); + + psa_reset_key_attributes( &attributes ); + return( status ); +} +#endif /* KDF algorithms reliant on HMAC */ #define HKDF_STATE_INIT 0 /* no input yet */ #define HKDF_STATE_STARTED 1 /* got salt */ @@ -3374,17 +3399,10 @@ static psa_status_t psa_key_derivation_hkdf_read( psa_hkdf_key_derivation_t *hkd ++hkdf->block_number; hkdf->offset_in_block = 0; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_set_key_type( &attributes, PSA_KEY_TYPE_HMAC ); - psa_set_key_bits( &attributes, - PSA_BYTES_TO_BITS( hash_length ) ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); - - status = psa_driver_wrapper_mac_sign_setup( &hkdf->hmac, - &attributes, - hkdf->prk, hash_length, - PSA_ALG_HMAC( hash_alg ) ); - psa_reset_key_attributes( &attributes ); + status = psa_key_derivation_start_hmac( &hkdf->hmac, + hash_alg, + hkdf->prk, + hash_length ); if( status != PSA_SUCCESS ) return( status ); @@ -3458,17 +3476,10 @@ static psa_status_t psa_key_derivation_tls12_prf_generate_next_block( * `block_number`. */ - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_set_key_type( &attributes, PSA_KEY_TYPE_HMAC ); - psa_set_key_bits( &attributes, - PSA_BYTES_TO_BITS( tls12_prf->secret_length ) ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); - - status = psa_driver_wrapper_mac_sign_setup( &hmac, - &attributes, - tls12_prf->secret, - tls12_prf->secret_length, - PSA_ALG_HMAC( hash_alg ) ); + status = psa_key_derivation_start_hmac( &hmac, + hash_alg, + tls12_prf->secret, + tls12_prf->secret_length ); if( status != PSA_SUCCESS ) goto cleanup; @@ -3506,11 +3517,10 @@ static psa_status_t psa_key_derivation_tls12_prf_generate_next_block( goto cleanup; /* Calculate HMAC_hash(secret, A(i) + label + seed). */ - status = psa_driver_wrapper_mac_sign_setup( &hmac, - &attributes, - tls12_prf->secret, - tls12_prf->secret_length, - PSA_ALG_HMAC( hash_alg ) ); + status = psa_key_derivation_start_hmac( &hmac, + hash_alg, + tls12_prf->secret, + tls12_prf->secret_length ); if( status != PSA_SUCCESS ) goto cleanup; status = psa_mac_update( &hmac, tls12_prf->Ai, hash_length ); @@ -3530,8 +3540,6 @@ static psa_status_t psa_key_derivation_tls12_prf_generate_next_block( cleanup: - psa_reset_key_attributes( &attributes ); - cleanup_status = psa_mac_abort( &hmac ); if( status == PSA_SUCCESS && cleanup_status != PSA_SUCCESS ) status = cleanup_status; @@ -3860,19 +3868,9 @@ static psa_status_t psa_hkdf_input( psa_hkdf_key_derivation_t *hkdf, return( PSA_ERROR_BAD_STATE ); else { - /* In a scope block due to scope-local attributes variable */ - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_set_key_type( &attributes, PSA_KEY_TYPE_HMAC ); - psa_set_key_bits( &attributes, - PSA_BYTES_TO_BITS( data_length ) ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); - - status = psa_driver_wrapper_mac_sign_setup( - &hkdf->hmac, - &attributes, - data, data_length, - PSA_ALG_HMAC( hash_alg ) ); - psa_reset_key_attributes( &attributes ); + status = psa_key_derivation_start_hmac( &hkdf->hmac, + hash_alg, + data, data_length ); if( status != PSA_SUCCESS ) return( status ); hkdf->state = HKDF_STATE_STARTED; @@ -3882,17 +3880,9 @@ static psa_status_t psa_hkdf_input( psa_hkdf_key_derivation_t *hkdf, /* If no salt was provided, use an empty salt. */ if( hkdf->state == HKDF_STATE_INIT ) { - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_set_key_type( &attributes, PSA_KEY_TYPE_HMAC ); - psa_set_key_bits( &attributes, 0 ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); - - status = psa_driver_wrapper_mac_sign_setup( - &hkdf->hmac, - &attributes, - NULL, 0, - PSA_ALG_HMAC( hash_alg ) ); - psa_reset_key_attributes( &attributes ); + status = psa_key_derivation_start_hmac( &hkdf->hmac, + hash_alg, + NULL, 0 ); if( status != PSA_SUCCESS ) return( status ); hkdf->state = HKDF_STATE_STARTED; diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c index ca40b03bf..8e64741e6 100644 --- a/library/psa_crypto_mac.c +++ b/library/psa_crypto_mac.c @@ -200,20 +200,20 @@ static psa_status_t cmac_setup( mbedtls_psa_mac_operation_t *operation, size_t key_buffer_size ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - const mbedtls_cipher_info_t * cipher_info_tmp = + const mbedtls_cipher_info_t * cipher_info = mbedtls_cipher_info_from_psa( PSA_ALG_CMAC, psa_get_key_type( attributes ), psa_get_key_bits( attributes ), NULL ); - if( cipher_info_tmp == NULL ) + if( cipher_info == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); if( key_buffer_size < PSA_BITS_TO_BYTES( psa_get_key_bits( attributes ) ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - ret = mbedtls_cipher_setup( &operation->ctx.cmac, cipher_info_tmp ); + ret = mbedtls_cipher_setup( &operation->ctx.cmac, cipher_info ); if( ret != 0 ) goto exit; @@ -319,15 +319,12 @@ static psa_status_t mac_setup( mbedtls_psa_mac_operation_t *operation, /* A context must be freshly initialized before it can be set up. */ if( operation->alg != 0 ) - { return( PSA_ERROR_BAD_STATE ); - } status = mac_init( operation, alg ); if( status != PSA_SUCCESS ) return( status ); - if( is_sign ) - operation->is_sign = 1; + operation->is_sign = is_sign; /* Get the output length for the algorithm and key combination. None of the * currently supported algorithms have an output length dependent on actual @@ -498,7 +495,7 @@ static psa_status_t mac_sign_finish( size_t mac_size, size_t *mac_length ) { - psa_status_t status; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; if( operation->alg == 0 ) return( PSA_ERROR_BAD_STATE ); @@ -520,7 +517,7 @@ static psa_status_t mac_verify_finish( size_t mac_length ) { uint8_t actual_mac[PSA_MAC_MAX_SIZE]; - psa_status_t status; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; if( operation->alg == 0 ) return( PSA_ERROR_BAD_STATE );