Merge pull request #3995 from stevew817/feature/psa_configurable_static_ram_usage

Allow tweaking PSA_KEY_SLOT_COUNT
This commit is contained in:
Gilles Peskine 2021-02-16 12:52:24 +01:00 committed by GitHub
commit bb86d0c61c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 52 additions and 28 deletions

View file

@ -0,0 +1,5 @@
Features
* The PSA crypto subsystem can now be configured to use less static RAM by
tweaking the setting for the maximum amount of keys simultaneously in RAM.
MBEDTLS_PSA_KEY_SLOT_COUNT sets the maximum number of volatile keys that
can exist simultaneously. It has a sensible default if not overridden.

View file

@ -3687,6 +3687,17 @@
*/
//#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256
/** \def MBEDTLS_PSA_KEY_SLOT_COUNT
* Restrict the PSA library to supporting a maximum amount of simultaneously
* loaded keys. A loaded key is a key stored by the PSA Crypto core as a
* volatile key, or a persistent key which is loaded temporarily by the
* library as part of a crypto operation in flight.
*
* If this option is unset, the library will fall back to a default value of
* 32 keys.
*/
//#define MBEDTLS_PSA_KEY_SLOT_COUNT 32
/* SSL Cache options */
//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */

View file

@ -39,6 +39,10 @@ extern "C" {
/* UID for secure storage seed */
#define PSA_CRYPTO_ITS_RANDOM_SEED_UID 0xFFFFFF52
/* See config.h for definition */
#if !defined(MBEDTLS_PSA_KEY_SLOT_COUNT)
#define MBEDTLS_PSA_KEY_SLOT_COUNT 32
#endif
/** \addtogroup attributes
* @{

View file

@ -45,7 +45,7 @@
typedef struct
{
psa_key_slot_t key_slots[PSA_KEY_SLOT_COUNT];
psa_key_slot_t key_slots[MBEDTLS_PSA_KEY_SLOT_COUNT];
unsigned key_slots_initialized : 1;
} psa_global_data_t;
@ -128,13 +128,13 @@ static psa_status_t psa_get_and_lock_key_slot_in_memory(
if( status != PSA_SUCCESS )
return( status );
for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ )
for( slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++ )
{
slot = &global_data.key_slots[ slot_idx ];
if( mbedtls_svc_key_id_equal( key, slot->attr.id ) )
break;
}
status = ( slot_idx < PSA_KEY_SLOT_COUNT ) ?
status = ( slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT ) ?
PSA_SUCCESS : PSA_ERROR_DOES_NOT_EXIST;
}
@ -161,7 +161,7 @@ void psa_wipe_all_key_slots( void )
{
size_t slot_idx;
for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ )
for( slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++ )
{
psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ];
slot->lock_count = 1;
@ -184,7 +184,7 @@ psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id,
}
selected_slot = unlocked_persistent_key_slot = NULL;
for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ )
for( slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++ )
{
psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ];
if( ! psa_is_key_slot_occupied( slot ) )
@ -453,7 +453,7 @@ void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats )
memset( stats, 0, sizeof( *stats ) );
for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ )
for( slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++ )
{
const psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ];
if( psa_is_key_slot_locked( slot ) )

View file

@ -25,14 +25,10 @@
#include "psa_crypto_core.h"
#include "psa_crypto_se.h"
/* Number of key slots (plus one because 0 is not used).
* The value is a compile-time constant for now, for simplicity. */
#define PSA_KEY_SLOT_COUNT 32
/** Range of volatile key identifiers.
*
* The last PSA_KEY_SLOT_COUNT identifiers of the implementation range
* of key identifiers are reserved for volatile key identifiers.
* The last #MBEDTLS_PSA_KEY_SLOT_COUNT identifiers of the implementation
* range of key identifiers are reserved for volatile key identifiers.
* A volatile key identifier is equal to #PSA_KEY_ID_VOLATILE_MIN plus the
* index of the key slot containing the volatile key definition.
*/
@ -40,7 +36,7 @@
/** The minimum value for a volatile key identifier.
*/
#define PSA_KEY_ID_VOLATILE_MIN ( PSA_KEY_ID_VENDOR_MAX - \
PSA_KEY_SLOT_COUNT + 1 )
MBEDTLS_PSA_KEY_SLOT_COUNT + 1 )
/** The maximum value for a volatile key identifier.
*/

View file

@ -49,7 +49,7 @@ extern "C" {
* - Using the ITS backend, all key ids are ok except 0xFFFFFF52
* (#PSA_CRYPTO_ITS_RANDOM_SEED_UID) for which the file contains the
* device's random seed (if this feature is enabled).
* - Only key ids from 1 to #PSA_KEY_SLOT_COUNT are actually used.
* - Only key ids from 1 to #MBEDTLS_PSA_KEY_SLOT_COUNT are actually used.
*
* Since we need to preserve the random seed, avoid using that key slot.
* Reserve a whole range of key slots just in case something else comes up.

View file

@ -2642,6 +2642,14 @@ int query_config( const char *config )
}
#endif /* MBEDTLS_PSA_HMAC_DRBG_MD_TYPE */
#if defined(MBEDTLS_PSA_KEY_SLOT_COUNT)
if( strcmp( "MBEDTLS_PSA_KEY_SLOT_COUNT", config ) == 0 )
{
MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_KEY_SLOT_COUNT );
return( 0 );
}
#endif /* MBEDTLS_PSA_KEY_SLOT_COUNT */
#if defined(MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT)
if( strcmp( "MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT", config ) == 0 )
{

View file

@ -933,9 +933,9 @@ void key_slot_eviction_to_import_new_key( int lifetime_arg )
psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
/*
* Create PSA_KEY_SLOT_COUNT persistent keys.
* Create MBEDTLS_PSA_KEY_SLOT_COUNT persistent keys.
*/
for( i = 0; i < PSA_KEY_SLOT_COUNT; i++ )
for( i = 0; i < MBEDTLS_PSA_KEY_SLOT_COUNT; i++ )
{
key = mbedtls_svc_key_id_make( i, i + 1 );
psa_set_key_id( &attributes, key );
@ -951,7 +951,7 @@ void key_slot_eviction_to_import_new_key( int lifetime_arg )
* is removed from the RAM key slots. This makes room to store its
* description in RAM.
*/
i = PSA_KEY_SLOT_COUNT;
i = MBEDTLS_PSA_KEY_SLOT_COUNT;
key = mbedtls_svc_key_id_make( i, i + 1 );
psa_set_key_id( &attributes, key );
psa_set_key_lifetime( &attributes, lifetime );
@ -966,15 +966,15 @@ void key_slot_eviction_to_import_new_key( int lifetime_arg )
MBEDTLS_SVC_KEY_ID_GET_KEY_ID( returned_key_id ) ) );
/*
* Check that we can export all ( PSA_KEY_SLOT_COUNT + 1 ) keys,
* Check that we can export all ( MBEDTLS_PSA_KEY_SLOT_COUNT + 1 ) keys,
* that they have the expected value and destroy them. In that process,
* the description of the persistent key that was evicted from the RAM
* slots when creating the last key is restored in a RAM slot to export
* its value.
*/
for( i = 0; i <= PSA_KEY_SLOT_COUNT; i++ )
for( i = 0; i <= MBEDTLS_PSA_KEY_SLOT_COUNT; i++ )
{
if( i < PSA_KEY_SLOT_COUNT )
if( i < MBEDTLS_PSA_KEY_SLOT_COUNT )
key = mbedtls_svc_key_id_make( i, i + 1 );
else
key = returned_key_id;
@ -1005,9 +1005,9 @@ void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation( )
mbedtls_svc_key_id_t returned_key_id = MBEDTLS_SVC_KEY_ID_INIT;
mbedtls_svc_key_id_t *keys = NULL;
TEST_ASSERT( PSA_KEY_SLOT_COUNT >= 1 );
TEST_ASSERT( MBEDTLS_PSA_KEY_SLOT_COUNT >= 1 );
ASSERT_ALLOC( keys, PSA_KEY_SLOT_COUNT );
ASSERT_ALLOC( keys, MBEDTLS_PSA_KEY_SLOT_COUNT );
PSA_ASSERT( psa_crypto_init( ) );
psa_set_key_usage_flags( &attributes,
@ -1027,10 +1027,10 @@ void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation( )
TEST_ASSERT( mbedtls_svc_key_id_equal( returned_key_id, persistent_key ) );
/*
* Create PSA_KEY_SLOT_COUNT volatile keys
* Create MBEDTLS_PSA_KEY_SLOT_COUNT volatile keys
*/
psa_set_key_lifetime( &attributes, PSA_KEY_LIFETIME_VOLATILE );
for( i = 0; i < PSA_KEY_SLOT_COUNT; i++ )
for( i = 0; i < MBEDTLS_PSA_KEY_SLOT_COUNT; i++ )
{
PSA_ASSERT( psa_import_key( &attributes,
(uint8_t *) &i, sizeof( i ),
@ -1050,12 +1050,12 @@ void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation( )
* Check we can export the volatile key created last and that it has the
* expected value. Then, destroy it.
*/
PSA_ASSERT( psa_export_key( keys[PSA_KEY_SLOT_COUNT - 1],
PSA_ASSERT( psa_export_key( keys[MBEDTLS_PSA_KEY_SLOT_COUNT - 1],
exported, sizeof( exported ),
&exported_length ) );
i = PSA_KEY_SLOT_COUNT - 1;
i = MBEDTLS_PSA_KEY_SLOT_COUNT - 1;
ASSERT_COMPARE( exported, exported_length, (uint8_t *) &i, sizeof( i ) );
PSA_ASSERT( psa_destroy_key( keys[PSA_KEY_SLOT_COUNT - 1] ) );
PSA_ASSERT( psa_destroy_key( keys[MBEDTLS_PSA_KEY_SLOT_COUNT - 1] ) );
/*
* Check that we can now access the persistent key again.
@ -1078,7 +1078,7 @@ void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation( )
* Check we can export the remaining volatile keys and that they have the
* expected values.
*/
for( i = 0; i < ( PSA_KEY_SLOT_COUNT - 1 ); i++ )
for( i = 0; i < ( MBEDTLS_PSA_KEY_SLOT_COUNT - 1 ); i++ )
{
PSA_ASSERT( psa_export_key( keys[i],
exported, sizeof( exported ),