Commit graph

6636 commits

Author SHA1 Message Date
Steven Cooreman b74b5602b7 Add missing parenthesis
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-27 17:08:26 +01:00
Ronald Cron b5939e814e
Merge pull request #4160 from stevew817/feature/driver_builtin_keys
Add implementation for MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS

Merging as it has been ready for four days now and I prefer not having to go through other rebases especially given the coming change of scope of development (3.0 rather than 2.2x).
2021-04-23 09:40:31 +02:00
Paul Elliott 986b55af03 Style Fix
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-04-20 21:46:29 +01:00
Paul Elliott 7725a63c24 Fix unchecked return in bignum
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-04-20 19:01:46 +01:00
Manuel Pégourié-Gonnard 0bbb38c67e
Merge pull request #4199 from TRodziewicz/mul_shortcut_fix
Fix ECDSA failing when the hash is all-bits-zero
2021-04-19 09:54:12 +02:00
Steven Cooreman 966db26779 Minor code flow improvements
* group setting of attributes before calling get_builtin_key
* return early instead of going to exit when no resources are allocated yet

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-16 11:22:17 +02:00
Steven Cooreman ce48702448 Get a builtin key's attributes in order to correctly get its size
Leverage the fact that the get_builtin_key entrypoint returns a key's
attributes, such that a proper size for the builtin key's buffer can
be calculated through the driver's get_key_buffer_size hook.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-15 15:06:53 +02:00
Steven Cooreman 7ddee7f7c5 Use remove_key_data_from_memory instead of wipe_key_slot
Since the loading attempt of a builtin key might be followed by trying
to load a persistent key, we can only wipe the allocated key data, not
the associated metadata.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-15 15:06:53 +02:00
Steven Cooreman 7609b1ff6c leverage psa_allocate_buffer_to_slot from slot management
It makes the implementation of psa_load_builtin_key_into_slot a lot
cleaner.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-15 15:06:53 +02:00
Steven Cooreman 0bb653600f If no storage backend is available, don't even attempt key loading
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-15 15:06:53 +02:00
Steven Cooreman b938b0bb03 Documentation clarification after review
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-15 15:06:53 +02:00
Steven Cooreman a1ce2f2675 Rename test driver lifetime to location
The macro always meant 'location', but was mistakenly named 'lifetime'.
Naming it location instead makes much more sense, and drives home the
conceptual differences between location and lifetime values.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-15 15:06:53 +02:00
Steven Cooreman c8b9534378 Change signature of mbedtls_psa_platform_get_builtin_key
Instead of the full attributes struct, it now only takes/returns what it
actually needs to.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-15 15:06:52 +02:00
Steven Cooreman 1a0fbacde1 Refactor opaque key handling in the test driver
Builtin key support for the test driver is always compiled in, and no
  longer guarded by MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS.
Parsing the key slot from the buffer by cast and assign instead of memcmp.
For exporting keys, the test driver no longer reaches into the key
  identifier in order to check whether a key is builtin, but rather
  assumes so based on the key buffer length. It's the driver's
  responsibility to be able to detect the key material it returned as part
  of the get_builtin_key operation.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-15 15:06:52 +02:00
Steven Cooreman e384252cb7 Move include to top of file
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-15 15:06:52 +02:00
Steven Cooreman 649a8f4301 replace memcpy of structure with regular assignment
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-15 15:06:52 +02:00
Steven Cooreman ffc7fc9b71 Move variable declarations to top of function
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-15 15:06:52 +02:00
Steven Cooreman 85d554a99b Use different variables for buffer size and data length
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-15 15:06:52 +02:00
Steven Cooreman 203bcbbc47 Style fixes (typos, whitespace, 80 column limit)
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-15 15:06:52 +02:00
Steven Cooreman e5e30859b7 Remove potentially unused exit label
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-15 15:06:52 +02:00
Steven Cooreman f9a55ffa2c Add test driver implementation for MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
As part of test_psa_crypto_drivers, define a builtin symmetric
plus an ECC key on the test driver lifetime.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-15 15:04:26 +02:00
Steven Cooreman 6801f08973 Implement support for MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
According to the design in psa-driver-interface.md. Compiles without
issue in test_psa_crypto_drivers.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-15 15:04:26 +02:00
Manuel Pégourié-Gonnard 93c0847914 Revert "Remove deprecated things from hashing modules"
This reverts commit c75d9f589b.

This was merged by mistake in development instead of development_3.0.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-04-15 12:28:15 +02:00
Manuel Pégourié-Gonnard 149211146f Revert "fix error.c - now it's autogenerated"
This reverts commit 48f6d0d6e5.

This was merged by mistake in development instead of development_3.0.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-04-15 12:28:06 +02:00
Manuel Pégourié-Gonnard 30dcdf40b4 Revert "fix error.c - second try"
This reverts commit 9a86843470.

This was merged by mistake in development instead of development_3.0.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-04-15 12:27:59 +02:00
Manuel Pégourié-Gonnard c039514559
Merge pull request #4334 from TRodziewicz/origin/remove_old_func_from_hashing
Remove deprecated things from hashing modules
2021-04-15 10:13:32 +02:00
Gilles Peskine 09c916afba
Merge pull request #4257 from ronald-cron-arm/psa-aead
Add PSA crypto driver delegation for AEAD single shot PSA APIs - 1
2021-04-14 14:07:51 +02:00
TRodziewicz 9a86843470 fix error.c - second try
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-04-12 15:13:10 +02:00
TRodziewicz 48f6d0d6e5 fix error.c - now it's autogenerated
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-04-12 14:49:55 +02:00
TRodziewicz c75d9f589b Remove deprecated things from hashing modules
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-04-12 11:38:37 +02:00
Gilles Peskine 9a1c092f8b
Merge pull request #4297 from gilles-peskine-arm/ecp-add-fix-202104
Fix ECP arithmetic bug and read of zero-padded negative number
2021-04-09 16:46:06 +02:00
Gilles Peskine 392d1010dc Clarify some comments
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-04-09 15:46:51 +02:00
Ronald Cron df2e4f22a8
Merge pull request #4290 from ronald-cron-arm/hash-dispatch-follow-up
Hash dispatch follow up
2021-04-08 09:13:19 +02:00
Ronald Cron 810eb16831 psa: aead: Make CCM/GCM ordering consistent
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-04-07 16:03:31 +02:00
Ronald Cron b9349a67a9 psa: aead: Add missing chachapoly context free
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-04-07 16:03:31 +02:00
Ronald Cron ecbc068252 psa: aead: Remove from operation ctx members only used in setup
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-04-07 16:03:31 +02:00
Steven Cooreman ea7ab13991 Do validation on the algorithm argument in AEAD
Corresponds better to the validation done in other modules of PSA Crypto.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-04-07 16:03:31 +02:00
Ronald Cron 9a986165bf psa: aead: Accept opaque keys for encryption/decryption
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-04-07 16:03:31 +02:00
Ronald Cron de82281541 psa: aead: Add driver delegation
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-04-07 16:03:31 +02:00
Ronald Cron 46f9178d85 psa: aead: Move AEAD driver entry points to psa_crypto_aead.c
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-04-07 16:03:31 +02:00
Ronald Cron 7ceee8d30a psa: Add psa_crypto_aead.[hc]
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-04-07 16:03:31 +02:00
Ronald Cron 215633cea4 psa: aead: Implement aead operations as a driver entry point
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-04-07 16:03:31 +02:00
Ronald Cron 9f31017956 psa: aead: Remove key slot from operation context
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-04-07 16:03:21 +02:00
Dave Rodgman b746825418 Capitalise MPS trace macros
Capitalise the MPS trace macros, as per the coding style (and make a slight
change to naming convention to avoid a name collision).

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-04-07 12:45:35 +01:00
Gilles Peskine 7bc6a3749c
Merge pull request #3183 from meuter/development
RSA PSS signature generation with the option to specify the salt length
2021-04-06 21:36:06 +02:00
Gilles Peskine 889828d0b4
Merge pull request #4279 from ronald-cron-arm/fix-invalid-id-error-code
Fix error code when creating/registering a key with invalid id
2021-04-06 18:46:30 +02:00
Ronald Cron 7dbd800f42 psa: aead: Isolate key slot unlock from operation abort
As we want to do Mbed TLS aead operations as a
driver does, aead operations should not access
the key slot as key slots are not available to
drivers.

Second step in this PR: do not unlock the key slot
as part of operation abort.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-04-06 09:21:35 +02:00
Ronald Cron 197c2fd0a0 psa: aead: Move key resolution
As we want to do Mbed TLS aead operations as a
driver does, aead operations should not access
the key slot as key slots are not available to
drivers.

First step in this PR: move key resolution from
aead operation setup to psa_aead_encrypt/decrypt
APIs.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-04-06 09:21:35 +02:00
Ronald Cron 004f917ee8 psa: aead: Fix status initialization
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-04-06 09:21:35 +02:00
Ronald Cron 93d356cbe2 psa: Export "internally" mbedtls_cipher_info_from_psa
Export "internally" mbedtls_cipher_info_from_psa to be
able to use it in psa_crypto_cipher.c.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-04-06 09:21:35 +02:00