Commit graph

921 commits

Author SHA1 Message Date
Steven Cooreman a6474de2ac Supply actual key bits to PSA_MAC_LENGTH during MAC setup
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-05-11 18:56:01 +02:00
Steven Cooreman 15f0d92a48 Move is_sign and mac_size checking back to PSA core scope
It makes sense to do the length checking in the core rather than expect
each driver to deal with it themselves. This puts the onus on the core to
dictate which algorithm/key combinations are valid before calling a driver.

Additionally, this commit also updates the psa_mac_sign_finish function
to better deal with output buffer sanitation, as per the review comments
on #4247.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-05-11 18:56:01 +02:00
Steven Cooreman 9878a160c6 Code flow and style improvements
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-05-11 18:56:01 +02:00
Steven Cooreman 22dea1d527 Base the PSA implementation of TLS 1.2 PRF on the MAC API
This means there is no longer a need to have an internal HMAC API, so
it is being removed in this commit as well.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-05-11 18:56:01 +02:00
Steven Cooreman b27e3506fe Make HKDF use the generic MAC API
Such that the underlying HMAC can be accelerated if such a driver is present

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-05-11 18:56:01 +02:00
Steven Cooreman 4f7cae6cbe Rename HMAC operation structure
Prefix with 'mbedtls_psa' as per the other types which implement some
sort of algorithm in software.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-05-11 18:56:01 +02:00
Steven Cooreman a2a1b803da Make safer_memcmp available to all compile units under PSA
Now renamed to mbedtls_psa_safer_memcmp, it provides a single location
for buffer comparison.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-05-11 18:56:01 +02:00
Steven Cooreman 6e6451ec01 Code flow/readability improvements after review
* Early return since there's nothing to clean up
* Get rid of unnecessary local variable
* Check algorithm validity for MAC in the PSA core instead of in the driver

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-05-11 18:56:01 +02:00
Steven Cooreman f64b25e205 Rename internal HMAC structure type to match convention
Typedef'ed structures are suffixed _t
Also updated the initialiser macro with content that actually
matches the structure's content.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-05-11 18:56:01 +02:00
Steven Cooreman 76720f6389 Complete, document and fully use internal HMAC API
Since HMAC moved into its own compilation unit, the internal API needed
to be documented and finalized. This means no more reaching deep into
the operation structure from within the PSA Crypto core. This will make
future refactoring work easier, since internal HMAC is now opaque to the
core.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-05-11 18:56:01 +02:00
Steven Cooreman 87885df795 Migrate MAC finish calls into the software driver
Step 3/x in moving the driver. Separate commits should make for easier
review.

Additional changes on top of code movement:
* Copied the implementation of safer_memcmp from psa_crypto into
  psa_cipher_mac since the mac_verify driver implementation
  depends on it, and it isn't available through external linkage

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-05-11 18:56:01 +02:00
Steven Cooreman 11743f91de Migrate MAC update call into the software driver
Step 2/x in moving the driver. Separate commits should make for easier
review.

Additional changes on top of code movement:
* Early-return success on input with zero-length to mac_update, to
  avoid NULL pointers getting passed into the driver dispatch

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-05-11 18:56:01 +02:00
Steven Cooreman 0789783c17 Migrate MAC setup/abort calls into the software driver
Step 1/x in moving the driver. Separate commits should make for easier
review.
Additional changes on top of just moving code:
* Added a sanity check on the key buffer size for CMAC.
* Transfered responsibility for resetting the core members of the
  PSA MAC operation structure back to the core (from the driver
  wrapper layer)

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-05-11 18:56:01 +02:00
Steven Cooreman 32d569449b Move internal HMAC implementation into internal MAC driver
This is a temporary measure. Other operations in the PSA Core which rely
on this internal HMAC API should be rewritten to use the MAC API instead,
since they can then leverage accelerated HMAC should a platform provide
such acceleration support.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-05-11 18:56:01 +02:00
Steven Cooreman 6e3c2cbb52 Move the MAC operation structure into the driver headers
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-05-11 18:56:01 +02:00
gabor-mezei-arm f3c5c86db7
Rename sign/verify builtin functions called by driver wrapper functions
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-06 13:50:33 +02:00
gabor-mezei-arm ef6f2aa94b
Return error if algorithm is not hash-then-sign for psa_sign_message
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-06 13:50:32 +02:00
gabor-mezei-arm 5698048cc6
Use bool variable instead of enum values
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-06 13:50:32 +02:00
gabor-mezei-arm 12ff4d581e
Fix documentation
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-06 13:50:32 +02:00
gabor-mezei-arm dd05aab6a0
Use switch-case for error handling
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-06 13:50:32 +02:00
gabor-mezei-arm 9719a8450e
Fix for algorithms other than hash-then-sign
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-06 13:49:24 +02:00
gabor-mezei-arm fc8d0aedd6
Use driver-wrapper functions for psa_sign/verify_message
To avoid code duplication of the old-style SE interface usage
call psa_driver_wrapper_sign/verify_hash function instead of
the direct internal functions.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-06 13:49:24 +02:00
gabor-mezei-arm bfbe465bb0
Enable algorithms other than hash-then-sign
For psa_hash/verify_message other algorithms than hash-then-sign is
enabled like PureEdDSA.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-06 13:49:24 +02:00
gabor-mezei-arm 81bf120076
Fix error checking
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-06 13:49:24 +02:00
gabor-mezei-arm c53f4f6281
Dispatch sign/verify funtions through the driver interface
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-06 13:47:42 +02:00
gabor-mezei-arm bc0088b99b
Unify similar functions
Use common funtion for psa_sign_hash and psa_sign_message and one for
psa_verify_hash and psa_verify_message to unify them.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-06 13:47:41 +02:00
gabor-mezei-arm e8efa3911c
Implement psa_sign_message and psa_verify_message functions
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-06 13:47:41 +02:00
Steven Cooreman 7ddee7f7c5 Use remove_key_data_from_memory instead of wipe_key_slot
Since the loading attempt of a builtin key might be followed by trying
to load a persistent key, we can only wipe the allocated key data, not
the associated metadata.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-15 15:06:53 +02:00
Steven Cooreman 7609b1ff6c leverage psa_allocate_buffer_to_slot from slot management
It makes the implementation of psa_load_builtin_key_into_slot a lot
cleaner.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-15 15:06:53 +02:00
Manuel Pégourié-Gonnard 93c0847914 Revert "Remove deprecated things from hashing modules"
This reverts commit c75d9f589b.

This was merged by mistake in development instead of development_3.0.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-04-15 12:28:15 +02:00
Manuel Pégourié-Gonnard c039514559
Merge pull request #4334 from TRodziewicz/origin/remove_old_func_from_hashing
Remove deprecated things from hashing modules
2021-04-15 10:13:32 +02:00
Gilles Peskine 09c916afba
Merge pull request #4257 from ronald-cron-arm/psa-aead
Add PSA crypto driver delegation for AEAD single shot PSA APIs - 1
2021-04-14 14:07:51 +02:00
TRodziewicz c75d9f589b Remove deprecated things from hashing modules
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-04-12 11:38:37 +02:00
Steven Cooreman ea7ab13991 Do validation on the algorithm argument in AEAD
Corresponds better to the validation done in other modules of PSA Crypto.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-04-07 16:03:31 +02:00
Ronald Cron 9a986165bf psa: aead: Accept opaque keys for encryption/decryption
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-04-07 16:03:31 +02:00
Ronald Cron de82281541 psa: aead: Add driver delegation
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-04-07 16:03:31 +02:00
Ronald Cron 46f9178d85 psa: aead: Move AEAD driver entry points to psa_crypto_aead.c
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-04-07 16:03:31 +02:00
Ronald Cron 215633cea4 psa: aead: Implement aead operations as a driver entry point
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-04-07 16:03:31 +02:00
Ronald Cron 9f31017956 psa: aead: Remove key slot from operation context
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-04-07 16:03:21 +02:00
Ronald Cron 7dbd800f42 psa: aead: Isolate key slot unlock from operation abort
As we want to do Mbed TLS aead operations as a
driver does, aead operations should not access
the key slot as key slots are not available to
drivers.

Second step in this PR: do not unlock the key slot
as part of operation abort.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-04-06 09:21:35 +02:00
Ronald Cron 197c2fd0a0 psa: aead: Move key resolution
As we want to do Mbed TLS aead operations as a
driver does, aead operations should not access
the key slot as key slots are not available to
drivers.

First step in this PR: move key resolution from
aead operation setup to psa_aead_encrypt/decrypt
APIs.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-04-06 09:21:35 +02:00
Ronald Cron 004f917ee8 psa: aead: Fix status initialization
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-04-06 09:21:35 +02:00
Ronald Cron 6cc6631015 psa: Return in error when requested to copy a key to an opaque driver
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-04-02 12:27:47 +02:00
Ronald Cron 77e412cd71 psa: Fix error code when creating/registering a key with invalid id
When creating a persistent key or registering a key
with an invalid key identifier return
PSA_ERROR_INVALID_ARGUMENT instead of
PSA_ERROR_INVALID_HANDLE.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-04-01 14:05:41 +02:00
Ronald Cron 5618a39fcf psa: cipher: Remove cipher_generate_iv driver entry point
Remove cipher_generate_iv driver entry point as there
is no known use case to delegate this to a driver.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-26 15:58:25 +01:00
Ronald Cron a0d6817838 psa: cipher: Add bound check of the IV length in the core
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-26 15:58:25 +01:00
Ronald Cron 75e6ae25ef Move mbedtls_cipher_info_from_psa to psa_crypto_cipher.c
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-26 15:48:13 +01:00
Ronald Cron 1f0db80c78 psa: cipher: Fix symmetric key management
Symmetric key management is not intended to be
delegated to drivers. Thus, key management code
for a given symmetric key type should be included
in the library whether or not the support for
cryptographic operations based on that type of
symmetric key may be delegated to drivers.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-26 15:48:13 +01:00
Ronald Cron 937dfee92c psa: cipher: Re-organize multi-part operation context
Move members that are of no use to the PSA crypto core
to the Mbed TLS implementation specific operation context.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-26 11:38:40 +01:00
Ronald Cron 49fafa98b1 psa: cipher: Dispatch based on driver identifier
For cipher multi-part operations, dispatch based on
the driver identifier even in the case of the
Mbed TLS software implementation (viewed as a driver).
Also use the driver identifier to check that an
cipher operation context is active or not.

This aligns the way hash and cipher multi-part
operations are dispatched.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-26 11:38:40 +01:00
Ronald Cron 06aa442bef psa: cipher: Remove unused key_set operation field
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-26 11:38:40 +01:00
Ronald Cron dd24c9bbd9 psa: Call cipher operations software implementations as a driver
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-26 11:38:40 +01:00
Ronald Cron 6056fe8a81 psa: driver wrapper: Change cipher_xyz signature
Change the operation context to the PSA one to be
able to call the software implementation from
the driver wrapper later on.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-26 11:38:40 +01:00
Ronald Cron 6d05173359 psa: Add mbedtls_psa_cipher_xyz() APIs
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-26 11:38:40 +01:00
Ronald Cron 0b80559827 psa: Call cipher setup implementation as a driver
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-26 11:38:40 +01:00
Ronald Cron a4af55f14f psa: driver wrapper: Change cipher_*_setup signatures
Change the signature of
psa_driver_wrapper_cipher_encrypt/decrypt_setup to
that of a PSA driver cipher_encrypt/decrypt_setup
entry point.

Change the operation context to the PSA one to be
able to call the software implementation from
the driver wrapper later on.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-26 11:38:40 +01:00
Ronald Cron d6d28885f0 psa: Add mbedtls_psa_cipher_encrypt/decrypt_setup functions
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-26 11:38:40 +01:00
Ronald Cron 7986f7e14b psa: Export "internally" mbedtls_cipher_info_from_psa
Export "internally" mbedtls_cipher_info_from_psa to be
able to use it in psa_crypto_cipher.c.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-26 11:38:40 +01:00
Ronald Cron ab99ac2f33 psa: Rework psa_cipher_setup (2)
Split out the cipher setup based on cipher.c
in psa_cipher_setup_internal() whose signature
is that of a PSA driver cipher_setup entry
point.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-26 11:38:40 +01:00
Ronald Cron 590d3e56e9 psa: Rework psa_cipher_setup (1)
Rework psa_cipher_setup in preparation of
calling the cipher setup based on cipher.c
through the interface of a PSA driver
cipher_setup entry point.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-26 11:38:40 +01:00
Ronald Cron c45b4afc63 Fix PSA SE driver tests
Fix PSA SE driver tests in configuration
full + MBEDTLS_PSA_CRYPTO_DRIVERS.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-26 11:38:40 +01:00
Ronald Cron 4501c98fc2 psa: sign: Return INVALID_ARGUMENT instead of NOT_SUPPORTED
To run succesfully the test
"PSA sign: invalid algorithm for ECC key" of
test_suite_psa_crypto when ECDSA support is not included
in the library, always return INVALID_ARGUMENT
in case of an ECC key not used for ECDSA, whether
ECDSA support is present or not.

Then apply the same logic to RSA sign RSA and RSA/ECC
verify for the sake of consistency.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-24 12:05:51 +01:00
Ronald Cron 3d471814bc psa: Add missing PSA configs
Add missing PSA_WANT_CCM/GCM/CMAC. This completes
the set of PSA_WANT config options given the
current support of PSA crypto in Mbed TLS.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-23 16:47:46 +01:00
Gilles Peskine 71f45ba0e8 Fix unused parameter warning in some configurations
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-03-23 14:17:55 +01:00
Gilles Peskine a1684f42d3 PSA: Reject curves that are not enabled in the PSA configuration
If an elliptic curve was enabled in the Mbed TLS classic API (#define
MBEDTLS_ECP_DP_xxx), but not enabled in the PSA configuration (#define
PSA_WANT_ECC_xxx), it would still work if you tried to use it through
PSA.

This is generally benign, but could be a security issue if you want to
disable a curve in PSA for some security reason (such as a known bug
in its implementation, which may not matter in the classic API if Mbed
TLS is running in a secure enclave and is only reachable from
untrusted callers through the PSA API). More urgently, this broke
test_suite_psa_crypto_not_supported.generated.

So if a curve is not enabled in the PSA configuration, ensure that
it's treated as unsupported through the PSA software implementation.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-03-23 13:12:34 +01:00
Steven Cooreman b6bf4bbf95 Clear up language on zeroizing driver context at setup
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-15 19:00:14 +01:00
Steven Cooreman 893232fbde Ensure the full driver structure is zeroized at setup
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-15 12:23:37 +01:00
Steven Cooreman 5f88e776c3 Move mbedtls_md_info_from_psa into the mbedtls hash driver
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-15 12:14:40 +01:00
Steven Cooreman fbe09284cf Set output length to 0 at start of function
This behaviour was present previously, and is depended on by the
test suites.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-15 10:34:56 +01:00
Steven Cooreman f66d5fd2bd Apply same argument checking as in psa_hash_setup
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-15 10:34:56 +01:00
Steven Cooreman c8288354a2 move hash update zero-length-input check back into the core
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman dbf8ceda54 Change the way driver context structures are used
Apparently there's a goal to make the PSA Crypto core free from
dynamic memory allocations. Therefore, all driver context structures
need to be known at compile time in order for the core to know their
final size.

This change defines & implements for hashing operations how the context
structures get defined.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman 1e58235d8b Dispatch hashing calls through the driver wrapper layer
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman 84d670d20c Make psa_hash_compare go through hash_compute
It's more efficient when dealing with hardware drivers.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman 0e307647e6 Split hashing operations out into an mbedTLS hash driver
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Manuel Pégourié-Gonnard 17605f072b
Merge pull request #4151 from ronald-cron-arm/psa-sign_verify-hash
PSA sign and verify hash rework
2021-03-10 10:08:50 +01:00
Steven Cooreman 1fb691aea9 Remove superfluous check
mac size is previously checked to not be less than 4, so it can't be zero
anymore at this point.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-08 14:00:34 +01:00
Steven Cooreman cd64093222 Language & code readability updates
No functional/behavioral changes in this commit

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-08 14:00:29 +01:00
Ronald Cron bb9cbc7a23 psa: ecdsa: Prefer NOT_SUPPORTED error code
When ECDSA is not supported by the library, prefer
to return NOT_SUPPORTED than INVALID_ARGUMENT when
asked for an ECDSA signature.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-04 17:43:31 +01:00
Ronald Cron 9103d490e8 psa: ecdsa: Rework deterministic support check
Move the check that ECDSA is supported from the
caller of the function responsible for Mbed TLS
ECDSA signatures to this function, namely
mbedtls_psa_ecdsa_sign_hash().

This makes the caller code more readable and is
more aligned with what is expected from a
sign_hash() PSA driver entry point.

Add a negative test case where a deterministic
ECDSA signature is requested while the library
does not support deterministic ECDSA.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-04 13:32:27 +01:00
Ronald Cron 566899eefa psa: Remove outdated comments
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-04 09:52:03 +01:00
Steven Cooreman 31a876da09 Clarify some policy-handling code comments
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-03 20:47:40 +01:00
Steven Cooreman f9f7fdfe49 Rework MAC algorithm / key type validation
Reworked the validation of MAC algorithm with the used key type by
introducing psa_mac_key_can_do, which guarantees that PSA_MAC_LENGTH can
be called successfully after validation of the algorithm and key type.

This means psa_get_mac_output_length is no longer required.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-03 19:58:02 +01:00
Steven Cooreman 4ff9a29686 Check truncation length explicitly
Comparing algorithm with its FULL_LENGTH_MAC version doesn't work in
cases where algorithm is a wildcard. Wildcard input is not specified in
the documentation of the function, but in order to test the function
using the same test as PSA_MAC_LENGTH we're mimicking that behaviour here.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-03 12:07:20 +01:00
Steven Cooreman 58c94d39ae Make psa_get_mac_output_length testable and test it
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-03 10:37:35 +01:00
Steven Cooreman 7d4b0d778f Reuse PSA_MAC_LENGTH in psa_get_mac_output_length
Avoid code duplication. Also update the guarantees made by the function
doc to match the guarantees given by PSA_MAC_LENGTH.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-02 21:40:03 +01:00
Steven Cooreman 5a17267442 Add a note about why key_type is required
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-02 21:40:03 +01:00
Steven Cooreman 1ac5ce3b91 Make psa_key_policy_algorithm_intersection MAC-length aware
This makes it more in-line with how psa_key_policy_permits works. It
also adds consistency: the intersection of MAC with default length and
MAC with exact-length is now computed correctly in case the exact length
equals the default length of the algorithm when used with the given
key type.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-02 21:39:26 +01:00
Steven Cooreman 15472f8c70 Clean up psa_mac_setup now that we have an output length calculator
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-02 21:36:33 +01:00
Steven Cooreman 5ad4bf75e3 Move MAC default length checking into psa_key_policy_permits
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-02 21:36:33 +01:00
Steven Cooreman 328f11c50e Language & readability touchups
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-02 11:44:51 +01:00
Steven Cooreman d788fab4ff Clarify usage of psa_key_policy_permits
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-01 16:09:24 +01:00
Steven Cooreman a1d8322f74 Fix typos & copy-paste errors
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-01 16:09:24 +01:00
Steven Cooreman 7e39f05929 Using a wildcard as a specific algorithm now reports invalid argument
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-01 16:03:40 +01:00
Steven Cooreman ae3f13bf5e Add more test cases and fix AT_LEAST_THIS_LENGTH against base algorithm
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-01 16:03:40 +01:00
Steven Cooreman d927ed7901 Rename _MINIMUM_LENGTH flags to _AT_LEAST_THIS_LENGTH
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-01 16:03:39 +01:00
Steven Cooreman 7de9e2db1f Language / verbiage fixes
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-01 16:03:39 +01:00
Steven Cooreman 5d81481a1c Rename AEAD WITH_MINIMUM_LENGTH to AT_LEAST_THIS_LENGTH
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>

# Conflicts:
#	include/psa/crypto_values.h
#	tests/suites/test_suite_psa_crypto.data
2021-03-01 16:00:31 +01:00
Steven Cooreman caad49316b rename MAC_WITH_MINIMUM_LENGTH_TAG to AT_LEAST_THIS_LENGTH_MAC
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-01 16:00:31 +01:00
Steven Cooreman 0348802247 Remove generic wildcard checks after review feedback
Applied specific wildcard checks instead.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>

# Conflicts:
#	library/psa_crypto.c
2021-03-01 16:00:31 +01:00