Commit graph

7858 commits

Author SHA1 Message Date
Gilles Peskine 1672d1d2e4 Remove features with missing dependencies from config.h
The default config.h omits non-crypto features. Remove some features
that had been accidentally left in but have dependencies that had been
removed.

Also update configs/config-psa-crypto.h to match
include/mbedtls/config.h. They were historically identical but started
diverging when the feature-psa branch was rebased on top of a more
recent upstream.

Now the code builds with the "full" config.
2018-09-12 16:22:51 +03:00
Gilles Peskine 13187931f1 Update the PSA crypto-only config.h in configs
The file was derived from an earlier version of Mbed TLS and had not
been updated in a rebase of the PSA branch.
2018-09-12 16:22:51 +03:00
Gilles Peskine 828ed149d5 Rename MBEDTLS_xxx macros in psa_crypto.c to placate check-names.sh 2018-09-12 16:22:51 +03:00
Gilles Peskine 2d9d6db60f check-names: also check PSA files
Allow both mbedtls and psa identifiers in either set of files for now.
2018-09-12 16:22:51 +03:00
Gilles Peskine 313b8af18e Improve the description of some test cases
Make the descriptions more consistent.
2018-09-12 16:22:51 +03:00
Gilles Peskine d5b3322f72 Reorder PSA test cases to group them by topic
* init-deinit
* import-export
* policies
* lifetime
* hash
* MAC
* cipher
* AEAD
* asymmetric sign
* asymmetric verify
* asymmetric encrypt-decrypt

This commit only moves test functions and test cases around. It does
not modify, add or remove tests.
2018-09-12 16:22:49 +03:00
Gilles Peskine 34ef7f5a55 Check the curve of an elliptic curve key on import
psa_import_key must check that the imported key data matches the
expected key type. Implement the missing check for EC keys that the
curve is the expected one.
2018-09-12 16:19:04 +03:00
Gilles Peskine e1fed0de18 Define elliptic curve identifiers from TLS
Instead of rolling our own list of elliptic curve identifiers, use one
from somewhere. Pick TLS because it's the right size (16 bits) and
it's as good as any.
2018-09-12 16:19:04 +03:00
Gilles Peskine b3e6e5deeb Rename hash max sizes for consistency
Use "hash" throughout the library, not "md" as in Mbed TLS.
2018-09-12 16:19:04 +03:00
Gilles Peskine dec7261df1 Remove redundant initialization of policies to {0}
Some compilers don't like initializing a structure to {0} (incomplete
initializer). It's redundant anyway since we always call
psa_key_policy_init.
2018-09-12 16:19:04 +03:00
Gilles Peskine c0ec97222b mac_verify: remove unused IV argument
We aren't going to have MAC with IV in the API any time soon, if at
all, so remove the embryonic support for it in the tests.
2018-09-12 16:19:03 +03:00
Gilles Peskine 01b929c85b Fix key_lifetime_set_fail not cleaning up the right key slot 2018-09-12 16:18:04 +03:00
Gilles Peskine 4abf741e6a Hygiene improvements in PSA crypto test code
Get rid of many redundant casts. In particular, it is not useful to
cast uint32_t values to size_t before performing arithmetic or
comparisons on them.

Rewrap a number of function calls, many of which now have narrower
arguments thanks to the removed casts. When a function call doesn't
fit on a single line, avoid grouping unrelated parameters together,
but do try to group a buffer pointer and the associated size.

Define more auxiliary variables xxx of a particular integer
type (psa_algorithm_t, psa_key_usage_t, etc.) corresponding to a test
function xxx_arg which has the type int. This avoids the need to cast
xxx_arg to an unsigned type sometimes in the code.
2018-09-12 16:18:04 +03:00
Gilles Peskine 7bcfc0a9ae Be more consistent about blank lines 2018-09-12 16:18:04 +03:00
Gilles Peskine 803ce7402a Change sizeof(type) to sizeof(variable) 2018-09-12 16:18:04 +03:00
Gilles Peskine c1bb6c8dcc Formatting improvements
Avoid lines longer than 80 columns.

Remove some redundant parentheses, e.g. change
    if( ( a == b ) && ( c == d ) )
to
    if( a == b && c == d )
which makes lines less long and makes the remaining parentheses more
relevant.

Add missing parentheses around return statements.

There should be no semantic change in this commit.
2018-09-12 16:18:02 +03:00
Gilles Peskine 2d2778650b Normalize whitespace
Normalize whitespace to Mbed TLS standards. There are only whitespace
changes in this commit.
2018-09-12 16:15:52 +03:00
Gilles Peskine 6de7a179c8 Fix file permissions
Some files were marked as executable but shouldn't have been.
2018-09-12 16:13:49 +03:00
Gilles Peskine 781afb4b07 Merge remote-tracking branch 'psa/pr/45' into feature-psa 2018-09-12 16:13:49 +03:00
itayzafrir 27fbaf7781 Fixed test sign_deterministic, macro PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE
Arguments in the wrong order
2018-09-12 16:13:49 +03:00
Nir Sonnenschein aa5aea0bac fix spaces and add braces 2018-09-12 16:13:49 +03:00
Nir Sonnenschein e9664c30f0 space and style fixes 2018-09-12 16:13:49 +03:00
Nir Sonnenschein 9627241beb change macro PSA_HASH_BLOCK_SIZE to function psa_get_hash_block_size 2018-09-12 16:13:49 +03:00
Nir Sonnenschein 5ca6547b77 Renamed hmac_ctx to opad and removed null check.
this array is now part of the struct and not dynamically allocated
so it can't be null.
2018-09-12 16:13:49 +03:00
Nir Sonnenschein caec7f0c49 Fix rename issue missed by re-base 2018-09-12 16:13:49 +03:00
Gilles Peskine d223b52a9a psa_hmac_start: reduce stack usage
Store the temporary key in the long-key case (where the key is first
hashed) directly into ipad. This reduces the stack usage a little, at
a slight cost in complexity.
2018-09-12 16:13:49 +03:00
Gilles Peskine 6a0a44e167 HMAC: clean up local variables containing key material
In psa_mac_start, the hash of the key and ipad contain material that
can be used to make HMAC calculations with the key, therefore they
must be wiped.

In psa_mac_finish_internal, tmp contains an intermediate value which
could reveal the HMAC. This is definitely sensitive in the verify case,
and marginally sensitive in the finish case (it isn't if the hash
function is ideal, but it could make things worse if the hash function
is partially broken).
2018-09-12 16:13:49 +03:00
Gilles Peskine c102e3ce4b psa_hmac_start: simplify key_length logic in hash-the-key case 2018-09-12 16:13:49 +03:00
Gilles Peskine e1bc6800cc psa_hmac_start: remove useless casts 2018-09-12 16:13:49 +03:00
Gilles Peskine 7e454bc19f Split out CMAC and HMAC code into auxiliary functions
Split algorithm-specific code out of psa_mac_start. This makes the
function easier to read.

The behavior is mostly unchanged. In a few cases, errors before
setting a key trigger a context wipe where they didn't. This is a
marginal performance loss but only cases that are an error in caller
code.
2018-09-12 16:13:49 +03:00
Gilles Peskine 99bc649760 Normalize whitespace to Mbed TLS standards
Only whitespace changes in this commit.
2018-09-12 16:13:49 +03:00
Gilles Peskine ef057ac8ed Remove dead code
Remove an unused function and an unused variable. Now the code builds
with gcc -Wall -Wextra -Werror.
2018-09-12 16:13:49 +03:00
Nir Sonnenschein 084832d65f replace get_block_size_from_hash_algorithm with PSA_HASH_BLOCK_SIZE macro 2018-09-12 16:13:49 +03:00
Nir Sonnenschein 9e2ffe83ac change type of hash block to uint8_t 2018-09-12 16:13:49 +03:00
Nir Sonnenschein 1e2b046026 adding more test cases for hmac 2018-09-12 16:13:49 +03:00
Nir Sonnenschein 35dfbf4601 change hmac context to use statically allocated memory
1. removed dynamic allocation of stack context
2. moved ipad to stack
3. added defines for maximal sizes
2018-09-12 16:13:49 +03:00
Nir Sonnenschein 0c9ec53a10 remove reliance on md_info context for hash information
1. remove reliance on md_info context for hash information by decoding locally
2. remove block_size field in context as this is dynamically computed
2018-09-12 16:13:49 +03:00
Nir Sonnenschein eeace0bf7f Code style fix : changed keylen to key_length 2018-09-12 16:13:49 +03:00
Nir Sonnenschein 7810be273a Code correction: remove unneeded sizeof 2018-09-12 16:13:49 +03:00
Nir Sonnenschein dcd636a73f Commit changes to hmac to not use MD abstraction
this PR is part of efforts to use "lower level" mbedTLS APIs vs "higher level" abstract APIs.
2018-09-12 16:13:49 +03:00
itayzafrir 3e02b3b280 On target testing tests adaptation
Updated all psa crypto tests to use the new test format
2018-09-12 16:13:39 +03:00
itayzafrir 423f219bb2 Fixed missing dependencies in psa crypto tests
PSA verify RSA PKCS#1 v1.5 SHA-256, wrong hash
    PSA Symmetric decryption: AES-CTR, 16 bytes, good
    PSA Symmetric encryption: AES-CTR, 15 bytes, good
    PSA Symmetric encryption: AES-CTR, 16 bytes, good
2018-09-05 12:46:20 +03:00
Gilles Peskine 8605428dcf Merge remote-tracking branch 'psa/pr/27' into feature-psa 2018-09-05 12:46:19 +03:00
Gilles Peskine eebd7381bb Rename asymmetric_encrypt to clarify what it does
Renamed to asymmetric_encrypt_decrypt
2018-09-05 12:44:18 +03:00
Gilles Peskine c4def2f228 Add input length check in psa_asymmetric_decrypt
Remove output size check which is not needed here and was copypasta.

Add non-regression tests.
2018-09-05 12:44:18 +03:00
Gilles Peskine b75e4f1314 Remove ECC boilerplate in asymmetric encrypt/decrypt
We don't have any encryption algorithm using ECC keys at the moment.
2018-09-05 12:44:17 +03:00
Gilles Peskine beb4948d10 Add RSA PSS verification (untested) 2018-09-05 12:44:17 +03:00
Gilles Peskine 625b01c9c3 Add OAEP placeholders in asymmetric encrypt/decrypt
Replace PSS placeholders by OAEP placeholders. PSS is a signature
algorithm, not an encryption algorithm.

Fix typo in PSA_ALG_IS_RSA_OAEP_MGF1.
2018-09-05 12:44:17 +03:00
Gilles Peskine 8b18a4fef3 Rename verify_RSA_hash_input_and_get_md_type
Give it a shorter name that's more in line with our naming conventions.
2018-09-05 12:44:17 +03:00
Gilles Peskine 61b91d4476 Normalize whitespace to Mbed TLS standards
Only whitespace changes in this commit.
2018-09-05 12:44:17 +03:00