Commit graph

11897 commits

Author SHA1 Message Date
Gilles Peskine 5a2d15256d
Merge pull request #183 from gilles-peskine-arm/psa-se_driver-register_key
Secure element key registration
2019-08-09 16:22:52 +02:00
Gilles Peskine 2c897d76ff Document the rationale for the armel build
Call the component xxx_arm5vte, because that's what it does. Explain
"armel", and more generally why this component exists, in a comment.
2019-08-09 16:05:05 +02:00
Gilles Peskine 49bd58274e Test the call to p_validate_slot_number when registering a key 2019-08-09 15:05:32 +02:00
Gilles Peskine a5f8749812 SE key registration: call p_validate_slot_number
When registering a key in a secure element, if the driver has a
p_validate_slot_number method, call it.
2019-08-09 15:05:32 +02:00
Gilles Peskine d772958ffc New function mbedtls_psa_register_se_key
Register an existing key in a secure element.

Minimal implementation that doesn't call any driver method and just
lets the application declare whatever it wants.
2019-08-09 15:05:21 +02:00
Gilles Peskine e88c2c1338 Pass the key creation method to drivers
Pass the key creation method (import/generate/derive/copy) to the
driver methods to allocate or validate a slot number. This allows
drivers to enforce policies such as "this key slot can only be used
for keys generated inside the secure element".
2019-08-09 14:59:31 +02:00
Gilles Peskine df17914e01 psa_start_key_creation: take the method as a parameter
Let psa_start_key_creation know what type of key creation this is. This
will be used at least for key registration in a secure element, which
is a peculiar kind of creation since it uses existing key material.
2019-08-09 14:54:03 +02:00
Gilles Peskine b231d996a0
Merge pull request #202 from gilles-peskine-arm/psa-se_driver-choose_key_slot_number
Let applications create a key in a specific secure element slot
2019-08-09 14:29:54 +02:00
Gilles Peskine fdbc544b22
Merge pull request #192 from gilles-peskine-arm/psa-test-policy_bad_algorithm
Add some negative tests for policy checks
2019-08-09 13:32:45 +02:00
Gilles Peskine 9d75202efb Clarify and expand the documentation of the allocate/create sequence 2019-08-09 11:33:48 +02:00
Janos Follath 849b05afb8 Fix PSA tests
The test framework has changed, but it did not cause any merge
conflicts. Still it affected new code in the tests.
2019-08-09 10:22:32 +01:00
Gilles Peskine 311809a49d
Merge pull request #201 from gilles-peskine-arm/psa-se_driver-set_key_slot_number
Add slot number attribute
2019-08-08 19:19:29 +02:00
Gilles Peskine 059d9d3fc5
Merge pull request #182 from gilles-peskine-arm/ecp-factorize-reduction
Replace some macros by functions in ecp
2019-08-08 19:16:27 +02:00
Gilles Peskine 8a52af9b77 Switch armel build to -Os
Without any -O option, the default is -O0, and then the assembly code
is not used, so this would not be a non-regression test for the
assembly code that doesn't build.
2019-08-08 16:09:02 +02:00
Janos Follath 8aa7e9bc56 Merge branch 'psa-api-1.0-beta' into merge-psa-api-branch-into-development 2019-08-08 14:40:23 +01:00
Gilles Peskine 0a1104474b Test restarting after creating a key in a specific slot 2019-08-08 11:02:30 +02:00
Gilles Peskine 46d9439a5e Support slot_number attribute when creating a key
Allow the application to choose the slot number in a secure element,
rather than always letting the driver choose.

With this commit, any application may request any slot. In an
implementation with isolation, it's up to the service to filter key
creation requests and apply policies to limit which applications can
request which slot.
2019-08-08 11:02:30 +02:00
Gilles Peskine ae9964d3ef Add validate_slot_number method to SE drivers
Pave the way for allowing the application to choose the slot number in
a secure element, rather than always letting the driver choose.
2019-08-08 11:02:30 +02:00
Gilles Peskine 0a23322431 Improve documentation of the allocate method 2019-08-08 11:02:30 +02:00
Gilles Peskine edbed5670a Rename psa_internal_allocate_key_slot to psa_get_empty_key_slot
This function no longer modifies anything, so it doesn't actually
allocate the slot. Now, it just returns the empty key slot, and it's
up to the caller to cause the slot to be in use (or not).
2019-08-08 10:58:09 +02:00
Gilles Peskine 094dac1d12 Fix copypasta 2019-08-08 10:58:09 +02:00
Gilles Peskine 013f5474cf Fix erasure of external flags
This didn't break anything now, but would have broken things once we
start to add internal flags.
2019-08-08 10:58:09 +02:00
Gilles Peskine 5a68056755 Rename internal macro to pass check-names.sh
check-names.sh rejects MBEDTLS_XXX identifiers that are not defined in
a public header.
2019-08-08 10:58:09 +02:00
Gilles Peskine 5fe5e27591 Test slot_number attribute
Test the behavior of the getter/setter functions.

Test that psa_get_key_slot_number() reports a slot number for a key in
a secure element, and doesn't report a slot number for a key that is
not in a secure element.

Test that psa_get_key_slot_number() reports the correct slot number
for a key in a secure element.
2019-08-08 10:58:09 +02:00
Gilles Peskine c8000c005a Add slot_number attribute
Add a slot_number field to psa_key_attributes_t and getter/setter
functions. Since slot numbers can have the value 0, indicate the
presence of the field via a separate flag.

In psa_get_key_attributes(), report the slot number if the key is in a
secure element.

When creating a key, for now, applications cannot choose a slot
number. A subsequent commit will add this capability in the secure
element HAL.
2019-08-08 10:58:09 +02:00
Gilles Peskine 74f3352b05 Add missing guard around a union field 2019-08-08 10:58:09 +02:00
Gilles Peskine 91e8c33f48 Add infrastructure for key attribute flags
Add infrastructure for internal, external and dual-use flags, with a
compile-time check (if static_assert is available) to ensure that the
same numerical value doesn't get declared for two different purposes
in crypto_struct.h (external or dual-use) and
psa_crypto_core.h (internal).
2019-08-08 10:58:09 +02:00
Gilles Peskine 0c77b0e2f9
Merge pull request #198 from gilles-peskine-arm/psa-api-1.0-beta-merge_development_20190801
Merge mbed-crypto/development into psa-api-1.0-beta
2019-08-08 10:24:53 +02:00
Gilles Peskine 82a571167e
Merge pull request #197 from gilles-peskine-arm/psa-refactor-attributes-and-slots
Tidy up attribute management inside psa_crypto
2019-08-08 10:22:30 +02:00
Alexander K 1f5e6abfb9 Remove extra mbedtls_ecp_group_free() call since the grp is free
at the top of the function.
2019-08-07 20:40:46 +03:00
Gilles Peskine f181eca350 Fix psa_generate_random for >1024 bytes
mbedtls_ctr_drbg_random can only return up to
MBEDTLS_CTR_DRBG_MAX_REQUEST (normally 1024) bytes at a time. So if
more than that is requested, call mbedtls_ctr_drbg_random in a loop.
2019-08-07 13:49:00 +02:00
Gilles Peskine bdc96fd636 Add tests to generate more random than MBEDTLS_CTR_DRBG_MAX_REQUEST
Add tests that call psa_generate_random() (possibly via
psa_generate_key()) with a size that's larger than
MBEDTLS_CTR_DRBG_MAX_REQUEST. This causes psa_generate_random() to
fail because it calls mbedtls_ctr_drbg_random() without taking the
maximum request size of CTR_DRBG into account.

Non-regression test for #206
2019-08-07 13:47:28 +02:00
Gilles Peskine a6b2f60b4c Fix double free in psa_generate_key when psa_generate_random fails
When psa_generate_random fails, psa_generate_key_internal frees the
key buffer but a the pointer to the now-freed buffer in the slot. Then
psa_generate_key calls psa_fail_key_creation which sees the pointer
and calls free() again.

This bug was introduced by ff5f0e7221
"Implement atomic-creation psa_{generate,generator_import}_key" which
changed how psa_generate_key() cleans up on errors. I went through the
code and could not find a similar bug in cleanup on an error during
key creation.

Fix #207
2019-08-07 13:43:09 +02:00
Gilles Peskine b1f6c5fd4d Fix copypasta in test data 2019-08-07 13:37:22 +02:00
Gilles Peskine 86cef2a316
Merge pull request #204 from gilles-peskine-arm/merge-crypto-development-20190806
Bring in changes from Mbed TLS as of 2019-08-06
2019-08-07 12:58:29 +02:00
Gilles Peskine 49232e8b06 Avoid a lowercase letter in a macro name 2019-08-07 11:01:30 +02:00
Gilles Peskine 1b9505c451 Correct some comments 2019-08-07 10:59:45 +02:00
Gilles Peskine 3963993e2a Merge 'mbedtls/development' into merge-crypto-development-20190806
Conflicts and changes:
* Files that do not exist in Mbed Crypto and have changed in Mbed TLS:
  These files should not exist in Mbed Crypto. Keep them deleted.
* tests/data_files/test-ca.server1.db: new file in Mbed TLS, don't create
  it in Mbed Crypto.
* tests/data_files/rsa_pkcs1_1024_clear.pem: do create this file in
  Mbed Crypto. I don't see why it would be kept out.
* tests/data_files/Makefile: don't take any of the changes in sections
  that have been removed in Crypto. Do take in the certificate
  expiration date updates and the extra .crt.der rules (even if Crypto
  doesn't actually use those certificates: removing them would be out
  of scope of the present merge).
* tests/suites/helpers.function: consecutive additions, take
  both (order indifferent).
2019-08-06 19:09:55 +02:00
Gilles Peskine be23b770a8
Merge pull request #2773 from gilles-peskine-arm/pr_2417-changelog
Changelog entry for test certificates update
2019-08-06 10:51:26 +02:00
Gilles Peskine 640804b3e7
Merge pull request #191 from gilles-peskine-arm/psa-se_driver-key_bits
Secure element keys: save the key size
2019-08-05 16:58:51 +02:00
Gilles Peskine 93e4e03f94 Add a build on ARMv5TE in ARM mode
Non-regression test for
"bn_mul.h: require at least ARMv6 to enable the ARM DSP code"
2019-08-05 11:41:29 +02:00
Gilles Peskine a5cb7d48f3 Add changelog entry for ARM assembly fix 2019-08-05 11:41:24 +02:00
Aurelien Jarno 5daa34f155 bn_mul.h: require at least ARMv6 to enable the ARM DSP code
Commit 16b1bd8932 "bn_mul.h: add ARM DSP optimized MULADDC code"
added some ARM DSP instructions that was assumed to always be available
when __ARM_FEATURE_DSP is defined to 1. Unfortunately it appears that
the ARMv5TE architecture (GCC flag -march=armv5te) supports the DSP
instructions, but only in Thumb mode and not in ARM mode, despite
defining __ARM_FEATURE_DSP in both cases.

This patch fixes the build issue by requiring at least ARMv6 in addition
to the DSP feature.
2019-08-03 14:18:54 +02:00
Gilles Peskine 55603ee268 Changelog entry for test certificates update 2019-08-03 14:08:46 +02:00
Gilles Peskine 01655daeee
Merge pull request #2417 from RonEld/2734
Update soon to be expired crl
2019-08-03 13:38:14 +02:00
Gilles Peskine 82966d26c3
Merge pull request #2734 from hanno-arm/skip_test
Add TEST_ASSUME macro to allow skipping tests at runtime
2019-08-03 13:37:51 +02:00
Gilles Peskine 83d49bb84e
Merge pull request #2760 from dgreen-arm/fix-rev-parse-in-abi-script
Change worktree_rev to HEAD for rev-parse
2019-08-03 13:36:52 +02:00
Gilles Peskine e3223d1f85
Merge pull request #199 from jainvikas8/dev/jainvikas8/fix-return-code
Return right error code in psa_asymmetric_encrypt
2019-08-02 16:07:46 +02:00
Vikas Katariya 21599b6622 Return right error code.
Issue : 126
https://github.com/ARMmbed/mbed-crypto/issues/126

PSA_ERROR_BUFFER_TOO_SMALL error returned when we check for output_size.
2019-08-02 13:01:58 +01:00
Gilles Peskine 5386f6ba07 Fix PSA init/deinit in mbedtls_xxx tests when using PSA
In tests of mbedtls_cipher_xxx and mbedtls_pk_xxx with
MBEDTLS_USE_PSA_CRYPTO enabled, initialize and deinitialize the PSA
subsystem in every function. Before, the tests were only passing
because the first function to be called happened to call
psa_crypto_init() but not mbedtls_psa_crypto_free(). In some
configurations (not tested on CI), psa_crypto_init() was not called so
the tests using PSA failed.

Call PSA_DONE() at the end of each test function. This ensures that no
resources are leaked in the form of PSA crypto slot contents.
Incidentally, this also fixes a build error due to
test_helper_psa_done() being unused in test_suite_pk: the fact that it
wasn't used betrayed the missing calls to PSA_DONE().
2019-08-01 13:11:47 +02:00