Commit graph

10772 commits

Author SHA1 Message Date
Gilles Peskine a3dd737be4 Move legacy definitions to crypto_extra.h
Types and functions that are not used in the attribute-based key
creation API are now implementation-specific extensions, kept around
until we finish transitioning to the new API.
2019-04-24 15:47:30 +02:00
Gilles Peskine 2062859496 Document the new functions related to key attributes
Also update the documentation of key creation functions that have been
modified to use key attributes.
2019-04-24 15:47:30 +02:00
Gilles Peskine 4440688a69 Update key management tests to use attributes
Remove test cases which are no longer relevant because they involve a
slot which is allocated but not filled with key material.
2019-04-24 15:47:29 +02:00
Gilles Peskine d167b94b87 Reject invalid key ids/lifetimes in attribute-based creation 2019-04-24 15:46:04 +02:00
Gilles Peskine 34e23d2109 Persistent key gray-box tests: add test cases with restart
Also test the behavior if the crypto subsystem is restarted after
creating the persistent key.
2019-04-24 15:46:04 +02:00
Gilles Peskine 5c648abe44 Update persistent_key_load_key_from_storage to use attributes
Update persistent_key_load_key_from_storage to the new attribute-based
key creation interface. I tweaked the code a little to make it simpler
and more robust without changing the core logic.
2019-04-24 15:46:04 +02:00
Gilles Peskine ca25db91f5 Update copy_key tests to the new attribute-based interface 2019-04-24 15:46:04 +02:00
Gilles Peskine 4cf3a43dbd Simplify and expand invalid-handle tests
Simplify invalid-handle tests and make them test more things. Call
these tests in several test functions after destroying a key.
2019-04-24 15:46:04 +02:00
Gilles Peskine c4344042f4 Remove tests for empty slots
With the attribute-based key creation API, it is no longer possible to
have a handle to a slot that does not hold key material. Remove all
corresponding tests.
2019-04-24 15:46:04 +02:00
Gilles Peskine 8c8f2ab66b Implement psa_get_key_attributes
Implement attribute querying.

Test attribute getters and setters. Use psa_get_key_attributes instead
of the deprecated functions psa_get_key_policy or
psa_get_key_information in most tests.
2019-04-24 15:46:04 +02:00
Gilles Peskine dfea0a2510 Use the attribute-based key creation interface in sample programs 2019-04-24 15:46:04 +02:00
Gilles Peskine ff5f0e7221 Implement atomic-creation psa_{generate,generator_import}_key
Implement the new, attribute-based psa_generate_key and
psa_generator_import_key.
2019-04-24 15:46:03 +02:00
Gilles Peskine db4b3abab1 Implement missing attributes setters and getters 2019-04-24 15:46:03 +02:00
Gilles Peskine 4747d19d18 Implement atomic-creation psa_import_key
Implement the new, attribute-based psa_import_key and some basic
functions to access psa_key_attributes_t. Replace
psa_import_key_to_handle by psa_import_key in a few test functions.

This commit does not handle persistence attributes yet.
2019-04-24 15:45:50 +02:00
Gilles Peskine 87a5e565f4 Rename functions that inject key material to an allocated handle
This commit starts a migration to a new interface for key creation.
Today, the application allocates a handle, then fills its metadata,
and finally injects key material. The new interface fills metadata
into a temporary structure, and a handle is allocated at the same time
it gets filled with both metadata and key material.

This commit was obtained by moving the declaration of the old-style
functions to crypto_extra.h and renaming them with the to_handle
suffix, adding declarations for the new-style functions in crypto.h
under their new name, and running

    perl -i -pe 's/\bpsa_(import|copy|generator_import|generate)_key\b/$&_to_handle/g' library/*.c tests/suites/*.function programs/psa/*.c
    perl -i -pe 's/\bpsa_get_key_lifetime\b/$&_from_handle/g' library/*.c tests/suites/*.function programs/psa/*.c

Many functions that are specific to the old interface, and which will
not remain under the same name with the new interface, are still in
crypto.h for now.

All functional tests should still pass. The documentation may have
some broken links.
2019-04-24 15:24:45 +02:00
Jaeden Amero 1cd7bea2b1 Merge remote-tracking branch 'origin/pr/2586' into development
* origin/pr/2586:
  all.sh: Require i686-w64-mingw32-gcc version >= 6
2019-04-24 11:23:54 +01:00
Jaeden Amero 9679cb48d5 Merge remote-tracking branch 'origin/pr/2549' into development
* origin/pr/2549:
  Document the scripts behaviour further
  Add --internal option to list-identifiers.sh
2019-04-24 11:22:24 +01:00
Jaeden Amero 5c03c65a66 Merge remote-tracking branch 'origin/pr/2547' into development
* origin/pr/2547:
  generate_visualc_files.pl: add mbedtls source shadowing by crypto
  generate_errors.pl: refactor and simplify the code
  generate_errors.pl: typo fix
  revert changes to generate_features.pl and generate_query_config.pl
  generate_errors.pl: add mbedtls header shadowing by crypto headers
  Add an option to use crypto source files in generated visual c project
  Add description of generate_query_config.pl argument
  Add crypto includes when generating features in generate_features.pl
  Include crypto config when generating query config
  Add crypto includes when generating errors in generate_errors.pl
2019-04-24 11:21:56 +01:00
Jaeden Amero 1439b09049 Merge remote-tracking branch 'origin/pr/2540' into development
* origin/pr/2540:
  Add guards for MBEDTLS_X509_CRL_PARSE_C in sample
2019-04-24 11:20:31 +01:00
Jaeden Amero 2c8d949833 Merge remote-tracking branch 'origin/pr/2480' into development
* origin/pr/2480: (22 commits)
  Use check_output instead of Popen
  Start unused variable with underscore
  Correct documentation
  Check that the report directory is a directory
  Use namespaces instead of full classes
  Fix pylint issues
  Don't put abi dumps in subfolders
  Add verbose switch to silence all output except the final report
  Fetch the remote crypto branch, rather than cloning it
  Prefix internal functions with underscore
  Add RepoVersion class to make handling of many arguments easier
  Reduce indentation levels
  Improve documentation
  Use optional arguments for setting repositories
  Only build the library
  Add ability to compare submodules from different repositories
  Add handling for cases when not all .so files are present
  Extend functionality to allow setting crypto submodule version
  Simplify logic for checking if report folder can be removed
  Add option for a brief report of problems only
  ...
2019-04-24 11:18:57 +01:00
Jaeden Amero 3956a847e6 Merge remote-tracking branch 'origin/pr/2092' into development
* origin/pr/2092:
  Add more missing parentheses around macro parameters
  Add further missing brackets around macro parameters
  Adapt ChangeLog
  Improve macro hygiene
2019-04-24 11:17:21 +01:00
Jaeden Amero c69af209f8
Merge pull request #92 from gilles-peskine-arm/psa-api-beta2-merge-development
Merge development into API spec branch
2019-04-18 14:38:34 +01:00
Darryl Green 1ae4886c82 Document the scripts behaviour further 2019-04-18 13:09:25 +01:00
Jaeden Amero d874a1fd14 Remove zlib
The library no longer uses zlib, so we can remove the option to build
with zlib.
2019-04-18 10:32:56 +01:00
Jaeden Amero d832f187f7 Remove pkcs11-helper option
In preparation for removing X.509 and PKCS11 from Mbed Crypto, remove
pkcs11-helper. It won't be relevant after X.509 and PKCS11 are removed.
2019-04-18 10:32:56 +01:00
Darryl Green b2ee0b8782 Use check_output instead of Popen 2019-04-18 09:24:38 +01:00
Gilles Peskine a780f24cb4 Merge remote-tracking branch 'upstream-crypto/development' into psa-api-beta2-merge-development 2019-04-18 09:48:38 +02:00
Gilles Peskine 2b522db26d fixup! Key derivation by small input steps: proof-of-concept
Simplify the logic inside a few case statements. This removes
unreachable break statements.
2019-04-18 09:42:21 +02:00
Gilles Peskine 22c51517fb Use unsigned int for bitfields
uintN_t is not a standard type for a bitfield, as armcc points out.
2019-04-18 09:42:21 +02:00
Gilles Peskine ab4b201497 fixup! Key derivation by small input steps: proof-of-concept
Fix logic error that clang helpfully points out
2019-04-18 09:42:21 +02:00
Gilles Peskine c88644dd24 Remove "TODO" comments
One was obsolete. Reword the other two to avoid the magic word that
our CI rejects.
2019-04-18 09:42:21 +02:00
Gilles Peskine 882e57ecba psa_constant_names: support key agreement algorithms 2019-04-18 09:42:21 +02:00
Gilles Peskine a52460c3ed Algorithm encoding: move two bits from derivation to agreement
This gives a little more room to encode key agreement algorithms,
while keeping enough space for key derivation algorithms.

This doesn't affect any of the already-defined algorithms.
2019-04-18 09:42:21 +02:00
Gilles Peskine f8a9d942a5 Test multipart key agreement with ECDH+HKDF
Basic coverage with one algorithm only and a restricted choice of
output lengths.
2019-04-18 09:42:21 +02:00
Gilles Peskine f0cba73b99 New test function for raw agreement
Change test cases with test data for raw agreement to this new test
function.
2019-04-18 09:42:21 +02:00
Gilles Peskine f8831c27f3 Remove obsolete test case "ECDH-only public key"
Since the format change for EC public key import from
SubjectPublicKeyInfo to the ECPoint content, it is no longer possible
to import a key with metadata marking it as ECDH-only. This test was
converted systematically but now no longer has any purpose since the
public key is now like any other public key.
2019-04-18 09:42:21 +02:00
Gilles Peskine 77f40d83c1 Quick fix of key agreement setup tests for the new derivation API
Allow either the key derivation step or the key agreement step to
fail.

These tests should be split into three groups: key derivation setup
tests with an algorithm that includes a key agreement step, and
multipart key agreement failure tests, and raw key agreement failure
tests.
2019-04-18 09:42:21 +02:00
Gilles Peskine 04ee2d2295 Update key agreement policy tests for the new derivation API
Separate test functions for raw key agreement and key agreement with
KDF.
2019-04-18 09:42:21 +02:00
Gilles Peskine 2e46e9cf21 Add exercise_key for raw key agreement 2019-04-18 09:42:21 +02:00
Gilles Peskine 0216fe16b7 Implement psa_key_agreement_raw_shared_secret
Refactor: split psa_key_agreement_raw_internal out of
psa_key_agreement_internal, and call it from
psa_key_agreement_raw_shared_secret as well.
2019-04-18 09:42:21 +02:00
Jaeden Amero 117b8a4516 all.sh: Require i686-w64-mingw32-gcc version >= 6
Require mingw gcc version 6 or greater in order to ensure
BCryptGenRandom() is available.
2019-04-17 15:23:17 +01:00
Jaeden Amero 521dbc67da Merge remote-tracking branch 'tls/development' into development
Merge Mbed TLS at f790a6cbee into Mbed Crypto.

Resolve conflicts by performing the following:
    - Reject changes to README.md
    - Don't add crypto as a submodule
    - Remove test/ssl_cert_test from programs/Makefile
    - Add cipher.nist_kw test to tests/CMakeLists.txt
    - Reject removal of crypto-specific all.sh tests
    - Reject update to SSL-specific portion of component_test_valgrind
      in all.sh
    - Reject addition of ssl-opt.sh testing to component_test_m32_o1 in
      all.sh

* tls/development: (87 commits)
  Call mbedtls_cipher_free() to reset a cipher context
  Don't call mbedtls_cipher_setkey twice
  Update crypto submodule
  Minor fixes in get certificate policies oid test
  Add certificate policy oid x509 extension
  cpp_dummy_build: Add missing header psa_util.h
  Clarify comment mangled by an earlier refactoring
  Add an "out-of-box" component
  Run ssl-opt.sh on 32-bit runtime
  Don't use debug level 1 for informational messages
  Skip uncritical unsupported extensions
  Give credit to OSS-Fuzz for #2404
  all.sh: remove component_test_new_ecdh_context
  Remove crypto-only related components from all.sh
  Remove ssl_cert_test sample app
  Make CRT callback tests more robust
  Rename constant in client2.c
  Document and test flags in x509_verify
  Fix style issues and a typo
  Fix a rebase error
  ...
2019-04-17 12:12:24 +01:00
Jaeden Amero f790a6cbee Merge remote-tracking branch 'origin/pr/2536' into development
* origin/pr/2536:
  Update crypto submodule
  Minor fixes in get certificate policies oid test
  Add certificate policy oid x509 extension
2019-04-17 10:52:54 +01:00
Jaeden Amero 5c7915b0ed Merge remote-tracking branch 'origin/pr/2582' into development
* origin/pr/2582:
  Call mbedtls_cipher_free() to reset a cipher context
  Don't call mbedtls_cipher_setkey twice
2019-04-17 10:46:45 +01:00
Jaeden Amero ceb1370662 Merge remote-tracking branch 'origin/pr/2580' into development
* origin/pr/2580:
  cpp_dummy_build: Add missing header psa_util.h
2019-04-16 15:11:32 +01:00
Jaeden Amero c41a3285de Merge remote-tracking branch 'origin/pr/2559' into development
* origin/pr/2559:
  Clarify comment mangled by an earlier refactoring
  Add an "out-of-box" component
  Run ssl-opt.sh on 32-bit runtime
2019-04-16 15:09:42 +01:00
Jaeden Amero 7a1c4eb826 Merge remote-tracking branch 'origin/pr/2567' into development
* origin/pr/2567:
  Don't use debug level 1 for informational messages
2019-04-16 15:08:39 +01:00
Jaeden Amero d4d20adea9 Merge remote-tracking branch 'origin/pr/2555' into development
* origin/pr/2555:
  Give credit to OSS-Fuzz for #2404
2019-04-16 15:07:44 +01:00
Jaeden Amero ef42847dee Merge remote-tracking branch 'origin/pr/2552' into development
* origin/pr/2552:
  Remove ssl_cert_test sample app
2019-04-16 15:06:45 +01:00
Gilles Peskine 424840e033 Call mbedtls_cipher_free() to reset a cipher context
mbedtls_cipher_reset() only restarts the operation, it doesn't
dissociate the key from the context.
2019-04-16 16:06:34 +02:00