AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #202 from ARMmbed/psa-tls12_prf_minor_fixes

Browse Source 
Minor fixes for ECDH and TLS12_PRF
This commit is contained in:
Jaeden Amero 2018-11-16 16:31:59 +00:00 committed by GitHub
commit 65b691793d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 58 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
include/psa/crypto.h
View File

@ -1270,7 +1270,7 @@ typedef uint32_t psa_algorithm_t;
* \param kdf_alg A key derivation algorithm (\c PSA_ALG_XXX value such * \param kdf_alg A key derivation algorithm (\c PSA_ALG_XXX value such
* that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true) * that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true)
* or a key selection algorithm (\c PSA_ALG_XXX value such * or a key selection algorithm (\c PSA_ALG_XXX value such
* that #PSA_ALG_IS_SELECTION(\p hash_alg) is true). * that #PSA_ALG_IS_KEY_SELECTION(\p hash_alg) is true).
* *
* \return The Diffie-Hellman algorithm with the specified * \return The Diffie-Hellman algorithm with the specified
* selection or derivation algorithm. * selection or derivation algorithm.

8
include/psa/crypto_struct.h
View File

@ -85,7 +85,7 @@ struct psa_hash_operation_s
} ctx; } ctx;
}; };
#if defined(MBEDTLS_MD_C)
typedef struct typedef struct
{ {
/** The hash context. */ /** The hash context. */
@ -93,7 +93,7 @@ typedef struct
/** The HMAC part of the context. */ /** The HMAC part of the context. */
uint8_t opad[PSA_HMAC_MAX_HASH_BLOCK_SIZE]; uint8_t opad[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
} psa_hmac_internal_data; } psa_hmac_internal_data;
#endif /* MBEDTLS_MD_C */
struct psa_mac_operation_s struct psa_mac_operation_s
{ {
@ -130,6 +130,7 @@ struct psa_cipher_operation_s
} ctx; } ctx;
}; };
#if defined(MBEDTLS_MD_C)
typedef struct typedef struct
{ {
uint8_t *info; uint8_t *info;
@ -143,7 +144,9 @@ typedef struct
uint8_t offset_in_block; uint8_t offset_in_block;
uint8_t block_number; uint8_t block_number;
} psa_hkdf_generator_t; } psa_hkdf_generator_t;
#endif /* MBEDTLS_MD_C */
#if defined(MBEDTLS_MD_C)
typedef struct psa_tls12_prf_generator_s typedef struct psa_tls12_prf_generator_s
{ {
/* The TLS 1.2 PRF uses the key for each HMAC iteration, /* The TLS 1.2 PRF uses the key for each HMAC iteration,
@ -172,6 +175,7 @@ typedef struct psa_tls12_prf_generator_s
uint8_t block_number; uint8_t block_number;
} psa_tls12_prf_generator_t; } psa_tls12_prf_generator_t;
#endif /* MBEDTLS_MD_C */
struct psa_crypto_generator_s struct psa_crypto_generator_s
{ {

49
library/psa_crypto.c
View File

@ -1431,6 +1431,7 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
(int) key_bits, mode ) ); (int) key_bits, mode ) );
} }
#if defined(MBEDTLS_MD_C)
static size_t psa_get_hash_block_size( psa_algorithm_t alg ) static size_t psa_get_hash_block_size( psa_algorithm_t alg )
{ {
switch( alg ) switch( alg )
@ -1457,6 +1458,7 @@ static size_t psa_get_hash_block_size( psa_algorithm_t alg )
return( 0 ); return( 0 );
} }
} }
#endif /* MBEDTLS_MD_C */
/* Initialize the MAC operation structure. Once this function has been /* Initialize the MAC operation structure. Once this function has been
* called, psa_mac_abort can run and will do the right thing. */ * called, psa_mac_abort can run and will do the right thing. */
@ -2164,6 +2166,7 @@ static psa_status_t psa_ecdsa_sign( mbedtls_ecp_keypair *ecp,
goto cleanup; goto cleanup;
} }
#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
if( PSA_ALG_DSA_IS_DETERMINISTIC( alg ) ) if( PSA_ALG_DSA_IS_DETERMINISTIC( alg ) )
{ {
psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg ); psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
@ -2174,7 +2177,9 @@ static psa_status_t psa_ecdsa_sign( mbedtls_ecp_keypair *ecp,
md_alg ) ); md_alg ) );
} }
else else
#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
{ {
(void) alg;
MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ecp->grp, &r, &s, &ecp->d, MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ecp->grp, &r, &s, &ecp->d,
hash, hash_length, hash, hash_length,
mbedtls_ctr_drbg_random, mbedtls_ctr_drbg_random,
@ -2265,7 +2270,13 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key,
if( PSA_KEY_TYPE_IS_ECC( slot->type ) ) if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
{ {
#if defined(MBEDTLS_ECDSA_C) #if defined(MBEDTLS_ECDSA_C)
if( PSA_ALG_IS_ECDSA( alg ) ) if(
#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
PSA_ALG_IS_ECDSA( alg )
#else
PSA_ALG_IS_RANDOMIZED_ECDSA( alg )
#endif
)
status = psa_ecdsa_sign( slot->data.ecp, status = psa_ecdsa_sign( slot->data.ecp,
alg, alg,
hash, hash_length, hash, hash_length,
@ -3637,8 +3648,13 @@ exit:
/* Key derivation */ /* Key derivation */
/****************************************************************/ /****************************************************************/
#if defined(MBEDTLS_MD_C)
/* Set up an HKDF-based generator. This is exactly the extract phase /* Set up an HKDF-based generator. This is exactly the extract phase
* of the HKDF algorithm. */ * of the HKDF algorithm.
*
* Note that if this function fails, you must call psa_generator_abort()
* to potentially free embedded data structures and wipe confidential data.
*/
static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf, static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf,
const uint8_t *secret, const uint8_t *secret,
size_t secret_length, size_t secret_length,
@ -3674,8 +3690,14 @@ static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf,
} }
return( PSA_SUCCESS ); return( PSA_SUCCESS );
} }
#endif /* MBEDTLS_MD_C */
/* Set up a TLS-1.2-prf-based generator (see RFC 5246, Section 5). */ #if defined(MBEDTLS_MD_C)
/* Set up a TLS-1.2-prf-based generator (see RFC 5246, Section 5).
*
* Note that if this function fails, you must call psa_generator_abort()
* to potentially free embedded data structures and wipe confidential data.
*/
static psa_status_t psa_generator_tls12_prf_setup( static psa_status_t psa_generator_tls12_prf_setup(
psa_tls12_prf_generator_t *tls12_prf, psa_tls12_prf_generator_t *tls12_prf,
const unsigned char *key, const unsigned char *key,
@ -3727,7 +3749,11 @@ static psa_status_t psa_generator_tls12_prf_setup(
return( PSA_SUCCESS ); return( PSA_SUCCESS );
} }
#endif /* MBEDTLS_MD_C */
/* Note that if this function fails, you must call psa_generator_abort()
* to potentially free embedded data structures and wipe confidential data.
*/
static psa_status_t psa_key_derivation_internal( static psa_status_t psa_key_derivation_internal(
psa_crypto_generator_t *generator, psa_crypto_generator_t *generator,
const uint8_t *secret, size_t secret_length, const uint8_t *secret, size_t secret_length,
@ -3744,8 +3770,10 @@ static psa_status_t psa_key_derivation_internal(
if( alg == PSA_ALG_SELECT_RAW ) if( alg == PSA_ALG_SELECT_RAW )
{ {
(void) salt;
if( salt_length != 0 ) if( salt_length != 0 )
return( PSA_ERROR_INVALID_ARGUMENT ); return( PSA_ERROR_INVALID_ARGUMENT );
(void) label;
if( label_length != 0 ) if( label_length != 0 )
return( PSA_ERROR_INVALID_ARGUMENT ); return( PSA_ERROR_INVALID_ARGUMENT );
generator->ctx.buffer.data = mbedtls_calloc( 1, secret_length ); generator->ctx.buffer.data = mbedtls_calloc( 1, secret_length );
@ -3854,6 +3882,7 @@ psa_status_t psa_key_derivation( psa_crypto_generator_t *generator,
/* Key agreement */ /* Key agreement */
/****************************************************************/ /****************************************************************/
#if defined(MBEDTLS_ECDH_C)
static psa_status_t psa_key_agreement_ecdh( const uint8_t *peer_key, static psa_status_t psa_key_agreement_ecdh( const uint8_t *peer_key,
size_t peer_key_length, size_t peer_key_length,
const mbedtls_ecp_keypair *our_key, const mbedtls_ecp_keypair *our_key,
@ -3905,9 +3934,13 @@ exit:
mbedtls_ecdh_free( &ecdh ); mbedtls_ecdh_free( &ecdh );
return( mbedtls_to_psa_error( ret ) ); return( mbedtls_to_psa_error( ret ) );
} }
#endif /* MBEDTLS_ECDH_C */
#define PSA_KEY_AGREEMENT_MAX_SHARED_SECRET_SIZE MBEDTLS_ECP_MAX_BYTES #define PSA_KEY_AGREEMENT_MAX_SHARED_SECRET_SIZE MBEDTLS_ECP_MAX_BYTES
/* Note that if this function fails, you must call psa_generator_abort()
* to potentially free embedded data structures and wipe confidential data.
*/
static psa_status_t psa_key_agreement_internal( psa_crypto_generator_t *generator, static psa_status_t psa_key_agreement_internal( psa_crypto_generator_t *generator,
key_slot_t *private_key, key_slot_t *private_key,
const uint8_t *peer_key, const uint8_t *peer_key,
@ -3934,6 +3967,9 @@ static psa_status_t psa_key_agreement_internal( psa_crypto_generator_t *generato
break; break;
#endif /* MBEDTLS_ECDH_C */ #endif /* MBEDTLS_ECDH_C */
default: default:
(void) private_key;
(void) peer_key;
(void) peer_key_length;
return( PSA_ERROR_NOT_SUPPORTED ); return( PSA_ERROR_NOT_SUPPORTED );
} }
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
@ -3965,10 +4001,13 @@ psa_status_t psa_key_agreement( psa_crypto_generator_t *generator,
PSA_KEY_USAGE_DERIVE, alg ); PSA_KEY_USAGE_DERIVE, alg );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
return( status ); return( status );
return( psa_key_agreement_internal( generator, status = psa_key_agreement_internal( generator,
slot, slot,
peer_key, peer_key_length, peer_key, peer_key_length,
alg ) ); alg );
if( status != PSA_SUCCESS )
psa_generator_abort( generator );
return( status );
} }

6
tests/suites/test_suite_psa_crypto.data
View File

@ -1618,7 +1618,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBE
key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS
PSA key agreement setup: ECDH, raw: public key on different curve PSA key agreement setup: ECDH, raw: public key on different curve
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C
key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3076301006072a8648ce3d020106052b8104002203620004e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":PSA_ERROR_INVALID_ARGUMENT key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3076301006072a8648ce3d020106052b8104002203620004e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":PSA_ERROR_INVALID_ARGUMENT
PSA key agreement setup: ECDH, raw: public key instead of private key PSA key agreement setup: ECDH, raw: public key instead of private key
@ -1697,6 +1697,10 @@ PSA key agreement: ECDH brainpoolP512r1 (RFC 7027), raw: read
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C
key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"30819b301406072a8648ce3d020106092b240303020801010d03818200049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f":"" key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"30819b301406072a8648ce3d020106092b240303020801010d03818200049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f":""
PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C
key_agreement_output:PSA_ALG_ECDH(PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":""
PSA generate random: 0 bytes PSA generate random: 0 bytes
generate_random:0 generate_random:0