mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-29 22:04:15 +01:00
SE support: Use a transaction when registering a key
When registering a key in a secure element, go through the transaction mechanism. This makes the code simpler, at the expense of a few extra storage operations. Given that registering a key is typically very rare over the lifetime of a device, this is an acceptable loss. Drivers must now have a p_validate_slot_number method, otherwise registering a key is not possible. This reduces the risk that due to a mistake during the integration of a device, an application might claim a slot in a way that is not supported by the driver.
This commit is contained in:
parent
37b5c831b4
commit
3efcebbc5e
@ -186,6 +186,9 @@ static inline void psa_clear_key_slot_number(
|
||||
* \retval #PSA_ERROR_ALREADY_EXISTS
|
||||
* There is already a key with the identifier specified in
|
||||
* \p attributes.
|
||||
* \retval #PSA_ERROR_NOT_SUPPORTED
|
||||
* The secure element driver for the specified lifetime does not
|
||||
* support registering a key.
|
||||
* \retval #PSA_ERROR_INVALID_ARGUMENT
|
||||
* \p attributes specifies a lifetime which is not located
|
||||
* in a secure element.
|
||||
|
@ -1579,7 +1579,7 @@ static psa_status_t psa_start_key_creation(
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
|
||||
/* For a key in a secure element, we need to do three things
|
||||
* when creating a key (but not when registering an existing key):
|
||||
* when creating or registering a key:
|
||||
* create the key file in internal storage, create the
|
||||
* key inside the secure element, and update the driver's
|
||||
* persistent data. Start a transaction that will encompass these
|
||||
@ -1592,7 +1592,7 @@ static psa_status_t psa_start_key_creation(
|
||||
* secure element driver updates its persistent state, but we do not yet
|
||||
* save the driver's persistent state, so that if the power fails,
|
||||
* we can roll back to a state where the key doesn't exist. */
|
||||
if( *p_drv != NULL && method != PSA_KEY_CREATION_REGISTER )
|
||||
if( *p_drv != NULL )
|
||||
{
|
||||
status = psa_find_se_slot_for_key( attributes, method, *p_drv,
|
||||
&slot->data.se.slot_number );
|
||||
@ -1609,6 +1609,12 @@ static psa_status_t psa_start_key_creation(
|
||||
return( status );
|
||||
}
|
||||
}
|
||||
|
||||
if( *p_drv == NULL && method == PSA_KEY_CREATION_REGISTER )
|
||||
{
|
||||
/* Key registration only makes sense with a secure element. */
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
}
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
|
||||
|
||||
return( status );
|
||||
@ -1883,7 +1889,6 @@ psa_status_t mbedtls_psa_register_se_key(
|
||||
psa_status_t status;
|
||||
psa_key_slot_t *slot = NULL;
|
||||
psa_se_drv_table_entry_t *driver = NULL;
|
||||
const psa_drv_se_t *drv;
|
||||
psa_key_handle_t handle = 0;
|
||||
|
||||
/* Leaving attributes unspecified is not currently supported.
|
||||
@ -1900,37 +1905,6 @@ psa_status_t mbedtls_psa_register_se_key(
|
||||
if( status != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
if( driver == NULL )
|
||||
{
|
||||
status = PSA_ERROR_INVALID_ARGUMENT;
|
||||
goto exit;
|
||||
}
|
||||
drv = psa_get_se_driver_methods( driver );
|
||||
|
||||
if ( psa_get_key_slot_number( attributes,
|
||||
&slot->data.se.slot_number ) != PSA_SUCCESS )
|
||||
{
|
||||
/* The application didn't specify a slot number. This doesn't
|
||||
* make sense when registering a slot. */
|
||||
status = PSA_ERROR_INVALID_ARGUMENT;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/* If the driver has a slot number validation method, call it.
|
||||
* If it doesn't, it means the secure element is unable to validate
|
||||
* anything and so we have to trust the application. */
|
||||
if( drv->key_management != NULL &&
|
||||
drv->key_management->p_validate_slot_number != NULL )
|
||||
{
|
||||
status = drv->key_management->p_validate_slot_number(
|
||||
psa_get_se_driver_context( driver ),
|
||||
attributes,
|
||||
PSA_KEY_CREATION_REGISTER,
|
||||
slot->data.se.slot_number );
|
||||
if( status != PSA_SUCCESS )
|
||||
goto exit;
|
||||
}
|
||||
|
||||
status = psa_finish_key_creation( slot, driver );
|
||||
|
||||
exit:
|
||||
|
@ -225,6 +225,12 @@ psa_status_t psa_find_se_slot_for_key(
|
||||
attributes, method,
|
||||
*slot_number );
|
||||
}
|
||||
else if( method == PSA_KEY_CREATION_REGISTER )
|
||||
{
|
||||
/* The application didn't specify a slot number. This doesn't
|
||||
* make sense when registering a slot. */
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
}
|
||||
else
|
||||
{
|
||||
/* The application didn't tell us which slot to use. Let the driver
|
||||
|
@ -121,23 +121,23 @@ Key generation smoke test: HMAC-SHA-256
|
||||
generate_key_smoke:PSA_KEY_TYPE_HMAC:256:PSA_ALG_HMAC( PSA_ALG_SHA_256 )
|
||||
|
||||
Key registration: smoke test
|
||||
register_key_smoke_test:MIN_DRIVER_LIFETIME:-1:PSA_SUCCESS
|
||||
|
||||
Key registration: invalid lifetime (volatile)
|
||||
register_key_smoke_test:PSA_KEY_LIFETIME_VOLATILE:-1:PSA_ERROR_INVALID_ARGUMENT
|
||||
|
||||
Key registration: invalid lifetime (internal storage)
|
||||
register_key_smoke_test:PSA_KEY_LIFETIME_PERSISTENT:-1:PSA_ERROR_INVALID_ARGUMENT
|
||||
|
||||
Key registration: invalid lifetime (no registered driver)
|
||||
register_key_smoke_test:MIN_DRIVER_LIFETIME + 1:-1:PSA_ERROR_INVALID_ARGUMENT
|
||||
|
||||
Key registration: with driver validation (accepted)
|
||||
register_key_smoke_test:MIN_DRIVER_LIFETIME:1:PSA_SUCCESS
|
||||
|
||||
Key registration: with driver validation (rejected)
|
||||
Key registration: invalid lifetime (volatile)
|
||||
register_key_smoke_test:PSA_KEY_LIFETIME_VOLATILE:1:PSA_ERROR_INVALID_ARGUMENT
|
||||
|
||||
Key registration: invalid lifetime (internal storage)
|
||||
register_key_smoke_test:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_INVALID_ARGUMENT
|
||||
|
||||
Key registration: invalid lifetime (no registered driver)
|
||||
register_key_smoke_test:MIN_DRIVER_LIFETIME + 1:1:PSA_ERROR_INVALID_ARGUMENT
|
||||
|
||||
Key registration: rejected
|
||||
register_key_smoke_test:MIN_DRIVER_LIFETIME:0:PSA_ERROR_NOT_PERMITTED
|
||||
|
||||
Key registration: not supported
|
||||
register_key_smoke_test:MIN_DRIVER_LIFETIME:-1:PSA_ERROR_NOT_SUPPORTED
|
||||
|
||||
Import-sign-verify: sign in driver, ECDSA
|
||||
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
sign_verify:SIGN_IN_DRIVER_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP256R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e"
|
||||
|
Loading…
Reference in New Issue
Block a user