Setup PSA-based cipher context in mbedtls_ssl_derive_keys()

This commit changes the code path in mbedtls_ssl_derive_keys()
responsible for setting up record protection cipher contexts
to attempt to use the new API mbedtls_cipher_setup_psa() in
case MBEDTLS_USE_PSA_CRYPTO is set.

For that, the AEAD tag length must be provided, which is already
computed earlier in mbedtls_ssl_derive_keys() and only needs to be
stored a function scope to be available for mbedtls_cipher_setup_psa().

If mbedtls_cipher_setup_psa() fails cleanly indicating that the
requested cipher is not supported in PSA, we fall through to
the default setup using mbedtls_cipher_setup(). However, we print
a debug message in this case, to allow catching the fallthrough in
tests where we know we're using a cipher which should be supported
by PSA.
This commit is contained in:
Hanno Becker 2018-11-16 15:21:18 +00:00
parent 7909c4c875
commit f704befee8

View file

@ -618,6 +618,7 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
unsigned char *mac_dec; unsigned char *mac_dec;
size_t mac_key_len; size_t mac_key_len;
size_t iv_copy_len; size_t iv_copy_len;
size_t taglen = 0;
const mbedtls_cipher_info_t *cipher_info; const mbedtls_cipher_info_t *cipher_info;
const mbedtls_md_info_t *md_info; const mbedtls_md_info_t *md_info;
@ -810,7 +811,7 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
cipher_info->mode == MBEDTLS_MODE_CCM || cipher_info->mode == MBEDTLS_MODE_CCM ||
cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY ) cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY )
{ {
size_t taglen, explicit_ivlen; size_t explicit_ivlen;
transform->maclen = 0; transform->maclen = 0;
mac_key_len = 0; mac_key_len = 0;
@ -1030,6 +1031,22 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
} }
#endif #endif
#if defined(MBEDTLS_USE_PSA_CRYPTO)
ret = mbedtls_cipher_setup_psa( &transform->cipher_ctx_enc,
cipher_info, taglen );
if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup_psa", ret );
return( ret );
}
if( ret == 0 )
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Successfully setup PSA-based encryption cipher context" ) );
else
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to setup PSA-based cipher context for record encryption - fall through to default setup." ) );
if( ret != 0 )
#endif /* MBEDTLS_USE_PSA_CRYPTO */
if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_enc, if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_enc,
cipher_info ) ) != 0 ) cipher_info ) ) != 0 )
{ {
@ -1037,6 +1054,23 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
return( ret ); return( ret );
} }
#if defined(MBEDTLS_USE_PSA_CRYPTO)
ret = mbedtls_cipher_setup_psa( &transform->cipher_ctx_dec,
cipher_info, taglen );
if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup_psa", ret );
return( ret );
}
if( ret == 0 )
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Successfully setup PSA-based decryption cipher context" ) );
else
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to setup PSA-based cipher context for record decryption - fall through to default setup." ) );
if( ret != 0 )
#endif /* MBEDTLS_USE_PSA_CRYPTO */
if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_dec, if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_dec,
cipher_info ) ) != 0 ) cipher_info ) ) != 0 )
{ {