Commit graph

3357 commits

Author SHA1 Message Date
Gilles Peskine 3825e14e65 Fix policy validity check on key creation.
Add a non-regression test.
2019-07-31 16:54:38 +02:00
Gilles Peskine 6edfa293c2 Add test function for import with a bad policy 2019-07-31 16:54:38 +02:00
Gilles Peskine 7c227aee5e Test key creation with an invalid type (0 and nonzero) 2019-07-31 16:54:38 +02:00
Gilles Peskine 4ed0e6f11a Switch storage functions over to psa_core_key_attributes_t 2019-07-31 14:15:27 +02:00
Gilles Peskine c744d99386 Limit keys to 65528 bits
65528 bits is more than any reasonable key until we start supporting
post-quantum cryptography.

This limit is chosen to allow bit-sizes to be stored in 16 bits, with
65535 left to indicate an invalid value. It's a whole number of bytes,
which facilitates some calculations, in particular allowing a key of
exactly PSA_CRYPTO_MAX_STORAGE_SIZE to be created but not one bit
more.

As a resource usage limit, this is arguably too large, but that's out
of scope of the current commit.

Test that key import, generation and derivation reject overly large
sizes.
2019-07-30 20:58:33 +02:00
Gilles Peskine 7e0cff90b9 Move attribute fields to a substructure
Move the "core attributes" to a substructure of psa_key_attribute_t.
The motivation is to be able to use the new structure
psa_core_key_attributes_t internally.
2019-07-30 20:58:27 +02:00
Gilles Peskine fc321f1a5e SE keys: test that the bit size is saved and loaded correctly 2019-07-29 18:12:34 +02:00
Gilles Peskine 1801740a7c SE driver: report the bit size on key import
Add a parameter to the key import method of a secure element driver to
make it report the key size in bits. This is necessary (otherwise the
core has no idea what the bit-size is), and making import report it is
easier than adding a separate method (for other key creation methods,
this information is an input, not an output).
2019-07-29 18:07:09 +02:00
Gilles Peskine dc5bfe9784 SE keys: implement and test psa_get_key_attributes 2019-07-29 18:07:03 +02:00
Gilles Peskine f96aefe3ad Test with secure element support
Test with default config + SE with Clang and with full config + SE
with GCC, for variety. Full+Clang+Asan has known issues so don't do
that.
2019-07-24 14:58:38 +02:00
Gilles Peskine 105736653f SE keys: test that no function goes crazy
Run all functions that take a key handle as input with a key that is
in a secure element. All calls are expected to error out one way or
another (not permitted by policy, invalid key type, method not
implemented in the secure element, ...). The goal of this test is to
ensure that nothing bad happens (e.g. invalid pointer dereference).

Run with various key types and algorithms to get good coverage.
2019-07-24 13:45:36 +02:00
Gilles Peskine d1cd766e96 SE keys: test NOT_SUPPORTED error from generate_key 2019-07-24 13:45:02 +02:00
Gilles Peskine 89870eb123 Cosmetic improvements in SE driver tests 2019-07-24 13:44:03 +02:00
Gilles Peskine 1d04b05fae Dear check-names, where you accept struct, also accept union. 2019-07-23 17:38:41 +02:00
Gilles Peskine 8b96cad204 SE drivers: implement persistent storage
Store the persistent data of secure element drivers.

This is fully implemented, but not at all tested.
2019-07-23 17:38:08 +02:00
Gilles Peskine 1df83d4f5b SE keys: implement persistent storage
For a key in a secure element, persist the key slot.

This is implemented in the nominal case. Failures may not be handled
properly.
2019-07-23 16:13:14 +02:00
Gilles Peskine 0e8d495bd9 Add the lifetime to the key storage format
Stored keys must contain lifetime information. The lifetime used to be
implied by the location of the key, back when applications supplied
the lifetime value when opening the key. Now that all keys' metadata
are stored in a central location, this location needs to store the
lifetime explicitly.
2019-07-23 14:46:52 +02:00
Gilles Peskine bfd322ff34 Use a key attribute structure in the internal storage interface
Pass information via a key attribute structure rather than as separate
parameters to psa_crypto_storage functions. This makes it easier to
maintain the code when the metadata of a key evolves.

This has negligible impact on code size (+4B with "gcc -Os" on x86_64).
2019-07-23 13:31:54 +02:00
Gilles Peskine 5dc742c36a SE keys: smoke test import, export, destroy 2019-07-12 23:47:47 +02:00
Adrian L. Shaw 2282cfa660 Remove GMAC algorithm (for now)
It can't be implemented with the current version of the API
2019-07-11 15:51:45 +01:00
Jaeden Amero 93fe3a1a8f
Merge pull request #160 from yanesca/iotcrypt-790-update-tests-to-multipart-key-derivation
Iotcrypt 790 update tests to multipart key derivation
2019-07-04 17:19:36 +01:00
Janos Follath 343067e0d1 Add invalid_key_derivation test cases for TLS PRF
Add test_derive_invalid_key_derivation_state test cases for TLS 1.2 PRF.
2019-07-04 14:29:30 +01:00
Janos Follath d958bb7aae Convert invalid_key_derivation_state to new API
Convert the test_derive_invalid_key_derivation_state() test to the new
KDF API.
2019-07-04 14:29:30 +01:00
Janos Follath 5ab0e0b601 Add derive_key_export test cases for TLS 1.2 PRF 2019-07-04 14:29:30 +01:00
Janos Follath 42fd888ab0 Convert derive_key_export to the new KDF API 2019-07-04 14:29:30 +01:00
Janos Follath 8d98a1e626 Add derive_key_exercise test cases for TLS 1.2 PRF 2019-07-04 14:29:30 +01:00
Janos Follath e60c9052ec Convert derive_key_exercise to the new KDF API 2019-07-04 14:29:30 +01:00
Janos Follath f2815eaec6 Refactor key derivation setup in tests 2019-07-04 14:29:00 +01:00
Janos Follath e7e4706230 Add derive_full test cases for TLS 1.2 PRF 2019-07-04 14:22:27 +01:00
Janos Follath 47f27ed752 Convert derive_full test to the new KDF API 2019-07-04 14:22:27 +01:00
Janos Follath 46d9fbc4a9 Add test cases for exercise_key_derivation_key 2019-07-04 14:22:27 +01:00
Gilles Peskine 7607cd6e57 Convert exercise_key_derivation_key to the new KDF API 2019-07-04 14:22:27 +01:00
Jaeden Amero c19dcebbdd
Merge pull request #154 from yanesca/iotcrypt-789-update-tls-prf-to-multipart
Update TLS 1.2 PRF to multipart API
2019-07-04 11:53:04 +01:00
Janos Follath 0c1ed84258 Improve style 2019-06-28 15:10:06 +01:00
Gilles Peskine 651447905c Fix typo in invalid-lifetime test and add explicit test for 0 2019-06-26 20:01:35 +02:00
Gilles Peskine a8ade16ffd Gate secure element support by a separate config option
Secure element support has its own source file, and in addition
requires many hooks in other files. This is a nontrivial amount of
code, so make it optional (but default on).
2019-06-26 20:01:35 +02:00
Gilles Peskine 1468da76a5 Convert derive_output to the new KDF API 2019-06-26 09:15:08 +01:00
Janos Follath adbec81cc4 Remove the deprecated PSA_ALG_SELECT_RAW option
This change affects the psa_key_derivation_s structure. With the buffer
removed from the union, it is empty if MBEDTLS_MD_C is not defined.

We can avoid undefined behaviour by adding a new dummy field that is
always present or make the whole union conditional on MBEDTLS_MD_C.

In this latter case the initialiser macro has to depend on MBEDTLS_MD_C
as well. Furthermore the first structure would be either
psa_hkdf_key_derivation_t or psa_tls12_prf_key_derivation_t both of
which are very deep and would make the initialisation macro difficult
to maintain, therefore we go with the first option.
2019-06-26 09:15:08 +01:00
Janos Follath a27c927d4a Add test for psa_key_derivation_set_capacity
This commit restores the test coverage to the level before adapting the
derive_setup tests.
2019-06-26 09:15:08 +01:00
Janos Follath 16de4a4017 Adapt the derive_setup tests to the new API
Part of the tests are adapted in this commit, another part is already
covered by the derive_input tests and some of them are not applicable to
the new API (the new API does not request capacity at the setup stage).

The test coverage temporarily drops with this commit, the two test cases
conserning capacity will be re-added in a later commit.
2019-06-26 09:15:08 +01:00
Janos Follath ba3fab9074 Adapt derive_key_policy test to the new API 2019-06-26 09:15:08 +01:00
Janos Follath 4b7effd35a Add more tests for TLS 1.2 PRF input 2019-06-26 09:15:08 +01:00
Janos Follath 99dd6acdce Add test cases for derive_input
In the 1.0 API some functionality has been split from the
psa_key_derivation_setup() function and is now done with the
psa_key_derivation_input_*() functions. The new tests maintain the
existing test coverage of this functionality.
2019-06-26 09:15:08 +01:00
Janos Follath af3c2a0700 Add a test for psa_key_derivation_input 2019-06-26 09:15:08 +01:00
Janos Follath 71a4c9125b Add flag for removing deprecated API
Add the compile time option PSA_PRE_1_0_KEY_DERIVATION. If this is not
turned on, then the function `psa_key_derivation()` is removed.

Most of the tests regarding key derivation haven't been adapted to the
new API yet and some of them have only been adapted partially. When this
new option is turned off, the tests using the old API and test cases
using the old API of partially adapted tests are skipped.

The sole purpose of this option is to make the transition to the new API
smoother. Once the transition is complete it can and should be removed
along with the old API and its implementation.
2019-06-26 09:15:08 +01:00
Gilles Peskine 7a52464fba Driver registration: more future-proof bad-version test 2019-06-24 19:58:12 +02:00
Gilles Peskine 55a6acfe4d Add negative tests for driver registration 2019-06-24 19:55:49 +02:00
Gilles Peskine 2c2243dc0b Smoke test for secure element driver registration 2019-06-24 14:29:28 +02:00
Gilles Peskine 1d10257d21 Copy the new header files to Mbed OS on-target test directories
The new PSA helper headers are needed at build time. When building
Mbed OS tests, the source files are copied to a directory under TESTS.
The required header files need to be present in this directory.
2019-06-20 17:23:58 +02:00
Gilles Peskine 3cff768ad4 Move the one non-crypto-specific PSA helper macro to a new header
Create a new header file psa_helpers.h and put the one helper macro
that isn't specific to PSA crypto there. Use this header file in the
ITS test suite.
2019-06-20 12:54:43 +02:00