Gilles Peskine
a8860b2990
Remove lifetime test functions
...
With the handle-based slot management interface, psa_set_key_lifetime
will no longer exist, so remove the corresponding unit tests.
2018-12-11 16:48:13 +01:00
Gilles Peskine
dc911fd594
Remove redundant slot-based test
...
fill_slots is superseded by many_transient_handles.
2018-12-11 16:48:13 +01:00
Gilles Peskine
f77ed1f20b
Factor the common idiom psa_wipe_key_slot into a function
...
Many places in the code called psa_remove_key_data_from_memory (which
preserves metadata for the sake of failues in psa_import_key) followed
by clearing the slot data. Use an auxiliary function for this.
2018-12-11 16:48:13 +01:00
Gilles Peskine
a426168cbf
Test that failure of import_key preserves metadata
2018-12-11 16:48:13 +01:00
Gilles Peskine
d7c75707b8
mbedtls_psa_crypto_free: free allocated slots as well
...
Access the slot directly rather than going through psa_get_key_slot.
Unlike other places where key slots are accessed through
psa_get_key_slot, here, we know where all the slots are and there are
no policy or permission considerations.
This resolves a memory leak: allocated slots were not getting freed
because psa_get_key_slot rejected the attempt of accessing them
directly rather than via a handle.
2018-12-11 16:48:13 +01:00
Gilles Peskine
961849f6d1
Implement slot allocation
...
Implement psa_allocate_key, psa_open_key, psa_create_key,
psa_close_key.
Add support for keys designated to handles to psa_get_key_slot, and
thereby to the whole API.
Allocated and non-allocated keys can coexist. This is a temporary
stage in order to transition from the use of direct slot numbers to
allocated handles only. Once all the tests and sample programs have
been migrated to use handles, the implementation will be simplified
and made more robust with support for handles only.
2018-12-11 16:48:13 +01:00
Gilles Peskine
5ec7b078ea
Add tests for the new slot management mechanism
...
Add unit tests for handle allocation and release.
2018-12-11 16:48:12 +01:00
Gilles Peskine
7f6e3a868a
Change ASSERT_ALLOC to take a size in elements, not bytes
...
`ASSERT_ALLOC(p, length)` now allocates `length` elements, i.e.
`length * sizeof(*p)` bytes.
2018-12-11 16:48:12 +01:00
Gilles Peskine
69f976b1d6
Distinguish in-memory slot number from in-storage slot identifier
...
At the moment, the in-storage slot identifier is the in-memory slot
number. But track them separately, to prepare for API changes that
will let them be different (psa_open_key, psa_create_key).
2018-12-11 16:48:12 +01:00
Gilles Peskine
ae32aac48e
Switch function declarations from key slots to key handles
...
Replace `psa_key_slot_t key` by `psa_key_handle_t` in function
declarations.
This is a transition period during which handles are key slot numbers
and the whole library can still be used by accessing a key slot number
without allocating a handle.
2018-12-11 16:48:10 +01:00
Gilles Peskine
644cd5fd89
Linkify some macros that were just typeset as text
2018-12-11 16:47:35 +01:00
Gilles Peskine
f535eb2e61
Declare the new slot management functions in crypto.h
...
No changes to existing functions.
2018-12-11 16:06:51 +01:00
Jaeden Amero
750a049a15
Merge pull request #229 from ARMmbed/dev/Patater/fix-its-typo
...
storage: Correct typo of PSA_PS_ERROR_OFFSET
2018-12-05 13:19:31 +00:00
Gilles Peskine
3cac8c4d78
Move declarations related to lifetimes further up in crypto.h
...
No content change. This is in preparation for declaring the slot
management functions, which need the type psa_key_lifetime_t.
2018-12-05 09:40:07 +01:00
Gilles Peskine
de14d4d86d
Merge pull request #233 from ARMmbed/psa-fix_all.sh-20181204
...
Fix all.sh
2018-12-05 09:36:52 +01:00
Gilles Peskine
5a3c50e890
Don't use an enum in a bit-field
...
This isn't standard C. GCC and Clang accept it but not every
compiler (e.g. Armcc 5).
2018-12-04 12:27:09 +01:00
Gilles Peskine
79e213cfc8
Don't include mbedtls/platform.h unconditionally
...
Programs must not include mbedtls/platform.h if MBEDTLS_PLATFORM_C is
not defined. Test suites don't need to include mbedtls/platform.h
because helpers.function takes care of it.
This commit also removes a stray `;` which is technically not standard C.
2018-12-04 12:25:40 +01:00
Gilles Peskine
ac41c191b9
Add psa_crypto_invasive.h
2018-12-04 10:57:13 +01:00
Gilles Peskine
9edc146237
Merge pull request #209 from ARMmbed/psa-init_tests
...
Test psa_crypto_init and make it more robust
2018-11-30 13:28:47 +01:00
Jaeden Amero
58600557bb
storage: Correct typo of PSA_PS_ERROR_OFFSET
...
Correct typo of PSA_PS_ERROR_OFFSET to PSA_ITS_ERROR_OFFSET.
2018-11-30 12:10:29 +00:00
Jaeden Amero
886ffc278f
Merge pull request #228 from ARMmbed/github-template-for-issue-tracking
...
Add github issue template
2018-11-30 11:35:56 +00:00
Jaeden Amero
368aa771a8
Merge pull request #225 from ARMmbed/dev/Patater/add-psa-crypto-docs
...
Add generated documentation for mbedcrypto-0.1.0b
2018-11-30 11:13:23 +00:00
itayzafrir
ce6ec7d5e7
Add github issue template
...
Required for internal issue tracking.
2018-11-29 15:53:00 +02:00
Gilles Peskine
59fd5aee42
Merge pull request #227 from ARMmbed/psa-aead-guards-fix
...
Add missing compilation guards for GCM and CCM
2018-11-28 18:28:11 +01:00
Gilles Peskine
b0b189f31f
Add missing compilation guards for GCM and CCM
...
Add missing compilation guards that broke the build if either GCM or
CCM was not defined.
Add missing guards on test cases that require GCM or CBC.
The build and tests now pass for any subset of {MBEDTLS_CCM_C,
MBEDTLS_GCM_C}. There are still unused variables warnings if neither
is defined.
2018-11-28 17:30:58 +01:00
Jaeden Amero
8fe3372de1
Add generated documentation for mbedcrypto-0.1.0b
2018-11-26 17:21:23 +00:00
Gilles Peskine
9e1be6a246
Create the NV seed file for the tests if needed
...
Write an all-bits-zero NV seed file for the tests. Without this, if
the seed file is not present when this test suite is executed, the
PSA module initialization will fail, causing most test cases to fail.
Also write an all-bits-zero NV seed file at the end. The test cases in
this test suite mess with the file, but subsequent test suites may
need it.
2018-11-23 22:58:40 +01:00
Gilles Peskine
0fce4c5830
Add init tests with entropy from NV seed
2018-11-23 22:58:40 +01:00
Gilles Peskine
0b3b5733fc
Support NV seed enabled at compile time but not at runtime
...
When testing with custom entropy sources, if MBEDTLS_ENTROPY_NV_SEED
is enabled at compile time but the NV seed source is not used at
runtime, mbedtls_entropy_func makes a second pass anyway. Cope with
this in the test code by telling the entropy module not to make this
second pass.
2018-11-23 22:58:40 +01:00
Gilles Peskine
ebe770c693
Add tests with a fake entropy source
...
Add tests with a fake entropy source to check that the required amount
of entropy is one block, fed in one or more steps.
2018-11-23 22:58:40 +01:00
Gilles Peskine
5e76952235
Add a facility to configure entropy sources
...
Add a function to configure entropy sources. For testing only.
Use it to test that the library initialization fails properly if there is no
entropy source.
2018-11-23 22:58:38 +01:00
Jaeden Amero
0e9ff8546b
Merge pull request #224 from ARMmbed/feature-psa-tls-integration-proposed
...
Update with "Mbed TLS using PSA" mini-release
2018-11-23 21:30:23 +00:00
Hanno Becker
9edcc3e8fb
Merge branch 'iotssl-2597-psa-hashing-x509_CRYPTO' into feature-psa-tls-integration-proposed
2018-11-23 16:00:34 +00:00
Hanno Becker
8295695aca
Merge branch 'iotssl-2578-psa-sig-verification_CRYPTO' into feature-psa-tls-integration-proposed
2018-11-23 16:00:32 +00:00
Hanno Becker
02f20216bd
Merge branch 'psa_cipher_integration_CRYPTO' into feature-psa-tls-integration-proposed
2018-11-23 15:59:26 +00:00
Hanno Becker
6b01a9fa7c
Merge branch 'psa_cipher_CRYPTO' into feature-psa-tls-integration-proposed
2018-11-23 15:53:27 +00:00
Hanno Becker
e322d3edd5
Merge branch 'opaque_psk_implementation_CRYPTO' into feature-psa-tls-integration-proposed
2018-11-23 15:53:24 +00:00
Hanno Becker
a96cc8a9fd
Merge branch 'iotssl-2596-opaque-csr-creation_CRYPTO' into feature-psa-tls-integration-proposed
2018-11-23 15:47:22 +00:00
Hanno Becker
826987f26c
Merge branch 'iotssl-2574-pk-opaque-tls_CRYPTO' into feature-psa-tls-integration-proposed
2018-11-23 15:47:21 +00:00
Hanno Becker
7fde035ddc
Merge branch 'iotssl-2580-pk-opaque-psa_CRYPTO' into feature-psa-tls-integration-proposed
2018-11-23 15:47:20 +00:00
Jaeden Amero
dc5f950e25
Merge pull request #223 from ARMmbed/dev/Patater/fix-unused-mac_setup
...
psa: Unused key_bits is OK
2018-11-23 15:35:43 +00:00
Jaeden Amero
82df32e3fd
psa: Unused key_bits is OK
...
When MD or CMAC are disabled, let the compiler know that it is OK that
`key_bits` is set but not used by casting `key_bits` to `(void)`.
2018-11-23 15:20:56 +00:00
Jaeden Amero
565e0bf49d
Merge pull request #212 from ARMmbed/psa-integration-utilities_CRYPTO
...
Mbed TLS integration: Shared code between module-specific integration work
2018-11-23 09:00:22 +00:00
Andrzej Kurek
266d907c87
pk_wrap.c: fix length mismatch check placement
2018-11-22 13:37:14 -05:00
Andrzej Kurek
96cc1b3def
pk_wrap.c: tidy up signature extraction
...
Add a sanity check for signature length, remove superfluous bounds check.
2018-11-22 13:37:14 -05:00
Andrzej Kurek
e30ad542a1
Cosmetic changes
...
Move memset to a more relevant spot, fix one whitespace error
2018-11-22 13:37:14 -05:00
Andrzej Kurek
73bf6b9e00
pk_wrap: rework and tidy up signature extraction
...
Improve comments, use a normal buffer instead of mbedtls_asn1_buf,
remove unneeded variables and use shared utilities where possible.
2018-11-22 13:37:14 -05:00
Andrzej Kurek
688ea8d10d
pk_wrap: reuse a static buffer for signature extraction
...
Use a buffer left over after importing a key to hold an extracted signature.
2018-11-22 13:37:14 -05:00
Andrzej Kurek
3016de3eeb
pk_wrap: rework signature extraction to work with small r and s values
...
There is a probability that r will be encoded as 31 or less bytes in DER,
so additional padding is added in such case.
Added a signature-part extraction function to tidy up the code further.
2018-11-22 13:37:14 -05:00
Manuel Pégourié-Gonnard
7b7808cc76
Add tests for ECDSA verify with short r, s values
...
This is intended to test transcoding the signature to the format expected by
PSA (fixed-length encoding of r, s) when r and s have respectively:
- full length with initial null byte
- full length without initial null byte
- non-full length with initial null byte
- non-full length without initial null byte
The signatures were generated using:
programs/pkey/pk_sign tests/data_files/server5.key foo
where foo is an empty file, and with a variant of one of the following patches
applied:
diff --git a/library/ecdsa.c b/library/ecdsa.c
index abac015cebc6..e4a27b044516 100644
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@@ -305,7 +305,9 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp,
ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
goto cleanup;
}
+ printf("\ngenerating r...\n");
+gen:
MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, pk, f_rng, p_rng ) );
#if defined(MBEDTLS_ECP_RESTARTABLE)
@@ -317,6 +319,11 @@ mul:
MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, &R, pk, &grp->G,
f_rng, p_rng, ECDSA_RS_ECP ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( pr, &R.X, &grp->N ) );
+
+ size_t bits = mbedtls_mpi_bitlen( pr );
+ printf("%zu ", bits);
+ if( bits != 255 )
+ goto gen;
}
while( mbedtls_mpi_cmp_int( pr, 0 ) == 0 );
or:
diff --git a/library/ecdsa.c b/library/ecdsa.c
index abac015cebc6..d704376e0c42 100644
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@@ -305,7 +305,9 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp,
ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
goto cleanup;
}
+ printf("\ngenerating r...\n");
+gen:
MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, pk, f_rng, p_rng ) );
#if defined(MBEDTLS_ECP_RESTARTABLE)
@@ -353,6 +355,11 @@ modn:
MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( s, pk, &grp->N ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( s, s, &e ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( s, s, &grp->N ) );
+
+ size_t bits = mbedtls_mpi_bitlen( s );
+ printf("%zu ", bits);
+ if( bits != 247 )
+ goto gen;
}
while( mbedtls_mpi_cmp_int( s, 0 ) == 0 );
with the value edited manually between each run to get the desired bit length.
2018-11-22 13:37:14 -05:00