Andrzej Kurek
3016de3eeb
pk_wrap: rework signature extraction to work with small r and s values
...
There is a probability that r will be encoded as 31 or less bytes in DER,
so additional padding is added in such case.
Added a signature-part extraction function to tidy up the code further.
2018-11-22 13:37:14 -05:00
Manuel Pégourié-Gonnard
7b7808cc76
Add tests for ECDSA verify with short r, s values
...
This is intended to test transcoding the signature to the format expected by
PSA (fixed-length encoding of r, s) when r and s have respectively:
- full length with initial null byte
- full length without initial null byte
- non-full length with initial null byte
- non-full length without initial null byte
The signatures were generated using:
programs/pkey/pk_sign tests/data_files/server5.key foo
where foo is an empty file, and with a variant of one of the following patches
applied:
diff --git a/library/ecdsa.c b/library/ecdsa.c
index abac015cebc6..e4a27b044516 100644
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@@ -305,7 +305,9 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp,
ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
goto cleanup;
}
+ printf("\ngenerating r...\n");
+gen:
MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, pk, f_rng, p_rng ) );
#if defined(MBEDTLS_ECP_RESTARTABLE)
@@ -317,6 +319,11 @@ mul:
MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, &R, pk, &grp->G,
f_rng, p_rng, ECDSA_RS_ECP ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( pr, &R.X, &grp->N ) );
+
+ size_t bits = mbedtls_mpi_bitlen( pr );
+ printf("%zu ", bits);
+ if( bits != 255 )
+ goto gen;
}
while( mbedtls_mpi_cmp_int( pr, 0 ) == 0 );
or:
diff --git a/library/ecdsa.c b/library/ecdsa.c
index abac015cebc6..d704376e0c42 100644
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@@ -305,7 +305,9 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp,
ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
goto cleanup;
}
+ printf("\ngenerating r...\n");
+gen:
MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, pk, f_rng, p_rng ) );
#if defined(MBEDTLS_ECP_RESTARTABLE)
@@ -353,6 +355,11 @@ modn:
MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( s, pk, &grp->N ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( s, s, &e ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( s, s, &grp->N ) );
+
+ size_t bits = mbedtls_mpi_bitlen( s );
+ printf("%zu ", bits);
+ if( bits != 247 )
+ goto gen;
}
while( mbedtls_mpi_cmp_int( s, 0 ) == 0 );
with the value edited manually between each run to get the desired bit length.
2018-11-22 13:37:14 -05:00
Andrzej Kurek
45fc464156
pk_wrap: improve error codes returned from ecdsa_verify_wrap
...
Use the shared PSA utilities to translate errors.
2018-11-22 13:37:14 -05:00
Andrzej Kurek
ca6330992e
pk_wrap: switch to helper functions defined in psa_util.h
...
Remove duplicated helper functions.
Remove an unnecessary call to psa_crypto_init().
2018-11-22 13:37:14 -05:00
Andrzej Kurek
510ee70501
pk_wrap: test if a valid md_alg is passed to ecdsa_verify_wrap
...
Adjust tests to pass a valid algorithm
2018-11-22 13:37:14 -05:00
Andrzej Kurek
2f69b1a059
pk_wrap: destroy key slot on errors with policy or key importing
2018-11-22 13:37:14 -05:00
Andrzej Kurek
c097b0fded
pk_wrap: add a check for equal signature parts
2018-11-22 13:37:14 -05:00
Andrzej Kurek
f8c94a811a
pk_wrap: check if curve conversion is successful
2018-11-22 13:37:14 -05:00
Andrzej Kurek
6d49ae9223
pk_wrap: nullify the signature pointer on error in extract_ecdsa_sig
...
Fix a double free error in ecdsa_verify_wrap
2018-11-22 13:37:14 -05:00
Andrzej Kurek
1e3b6865d7
pk_wrap: cosmetic changes
...
Adjust whitespaces and variable names
2018-11-22 13:37:14 -05:00
Andrzej Kurek
39d1f4b29f
pk_wrap.c: add support for ecdsa signature verification using PSA
...
Use PSA internally to verify signatures.
Add a conversion to a raw signature format.
2018-11-22 13:37:14 -05:00
Hanno Becker
12bd57b8c8
Refer to PSA through MBEDTLS_USE_PSA_CRYPTO, not USE_PSA, in all.sh
2018-11-22 16:27:57 +00:00
Hanno Becker
fc359fd837
Remove double white space
2018-11-22 16:27:57 +00:00
Hanno Becker
47a6291445
Use MBEDTLS_PSA_UTIL_H instead of MBEDTLS_PSA_COMPAT_H in psa_util.h
...
This is still an artifact from when psa_util.h was called psa_compat.h.
2018-11-22 16:27:57 +00:00
Hanno Becker
56a78dd4ad
State explicitly that any API depending on PSA is unstable
2018-11-22 16:27:57 +00:00
Hanno Becker
77030426a0
Update VisualC files
2018-11-22 16:27:57 +00:00
Hanno Becker
4d9e1e0ac4
Improve documentation of mbedtls_psa_err_translate_pk()
2018-11-22 16:27:57 +00:00
Hanno Becker
dec64735e2
Add AEAD tag length parameter to mbedtls_psa_translate_cipher_mode()
...
In case of AEAD ciphers, the cipher mode (and not even the entire content
of mbedtls_cipher_info_t) doesn't uniquely determine a psa_algorithm_t
because it doesn't specify the AEAD tag length, which however is included
in psa_algorithm_t identifiers.
This commit adds a tag length value to mbedtls_psa_translate_cipher_mode()
to account for that ambiguity.
2018-11-22 16:27:57 +00:00
Hanno Becker
14f78b03bb
Add function to translate PSA errors to PK module errors
2018-11-22 16:27:57 +00:00
Hanno Becker
639a4320ca
Fix Doxygen annotation in psa_util.h
2018-11-22 16:27:57 +00:00
Hanno Becker
06b6f34e9f
Initialize PSA Crypto implementation in ssl_server2
2018-11-22 16:27:57 +00:00
Hanno Becker
50955d1c18
Initialize PSA Crypto implementation in ssl_client2.c
2018-11-22 16:27:56 +00:00
Hanno Becker
eba9993171
Initialize PSA Crypto implementation at the start of each test suite
2018-11-22 16:27:56 +00:00
Hanno Becker
5f48818712
Make PSA utility functions static inline
...
Compilers warn about unused static functions.
2018-11-22 16:27:56 +00:00
Hanno Becker
28b9d35904
Add PSA-to-Mbed TLS translations for cipher module
2018-11-22 16:27:56 +00:00
Hanno Becker
560aeaf26b
Add internal header for PSA utility functions
...
This commit adds the header file mbedtls/psa_util.h which contains
static utility functions `mbedtls_psa_xxx()` used in the integration
of PSA Crypto into Mbed TLS.
Warning: These functions are internal only and may change at any time.
2018-11-22 16:27:56 +00:00
Manuel Pégourié-Gonnard
dde4442581
Add build using PSA to all.sh
2018-11-22 16:27:52 +00:00
Manuel Pégourié-Gonnard
26fd730876
Add config option for X.509/TLS to use PSA
2018-11-22 16:25:36 +00:00
Gilles Peskine
a678f233a7
Merge pull request #197 from netanelgonen/entropy-inject
...
Add entropy inject API (#197 )
2018-11-21 19:21:05 +01:00
avolinski
0d2c266c06
change MBEDTLS_RANDOM_SEED_ITS define to be PSA_CRYPTO_ITS_RANDOM_SEED_UID
2018-11-21 17:31:07 +02:00
avolinski
1c66205df6
Remove trailing space in psa_crypto.c
2018-11-21 16:54:09 +02:00
Gilles Peskine
83146e10bb
Merge pull request #211 from ARMmbed/bug_fix_210
...
Fix memory allocation check in psa_save_generated_persistent_key (#211 )
2018-11-21 15:51:07 +01:00
avolinski
13beb100c2
Adjust psa entropy inject tests to take as minimum seed size
...
the maximum of MBEDTLS_ENTROPY_MIN_PLATFORM and MBEDTLS_ENTROPY_BLOCK_SIZE
2018-11-21 16:24:53 +02:00
avolinski
7cc8229d80
Replace MBED_RANDOM_SEED_ITS_UID with MBEDTLS_RANDOM_SEED_ITS_UID
...
Update mbedtls_psa_inject_entropy function documentation
2018-11-21 16:24:53 +02:00
avolinski
4d27c94aee
Adding testcase for PSA validate entropy injection: bad, too small using MBEDTLS_ENTROPY_MIN_PLATFORM
2018-11-21 16:24:53 +02:00
Netanel Gonen
21f37cbbec
Add Tests for psa crypto entropy incjection
...
Adjust code to handle and work with MBEDTLS_ENTROPY_BLOCK_SIZE definition option
2018-11-21 16:24:52 +02:00
Gilles Peskine
ee2ffd311b
Document the maximum seed size as well as the minimum
2018-11-21 16:23:42 +02:00
Gilles Peskine
0338ded2f4
Improve documentation of mbedtls_psa_inject_entropy
...
Explain what the function does, why one would use it, how to use it,
how to handle its input, and what the status codes mean.
2018-11-21 16:23:42 +02:00
Netanel Gonen
212a793217
add MBEDTLS_PSA_HAS_ITS_IO to config.h
2018-11-21 16:23:42 +02:00
Netanel Gonen
9468bb241c
Add Tests for psa crypto entropy incjection
2018-11-21 16:23:41 +02:00
Netanel Gonen
2bcd312cda
Add entropy injection function to psa cripto APIs
2018-11-21 16:15:14 +02:00
itayzafrir
910c76b3d1
Check that memory allocation was successful in psa_save_generated_persistent_key
2018-11-21 16:10:33 +02:00
Gilles Peskine
3d5d8372a5
Merge pull request #198 from ARMmbed/psa_crypto_its
...
PSA Crypto Storage backend implementation over PSA ITS APIs (#198 )
2018-11-21 15:04:03 +01:00
Jaeden Amero
dbb83ac5f7
Merge pull request #194 from ARMmbed/dev/Patater/enable-use-as-submodule-only
...
Enable use as submodule only (no removal of non-crypto)
2018-11-21 12:53:12 +00:00
Jaeden Amero
3c7cc5eb18
Makefile: Install PSA headers
...
When running `make install`, it can be desirable for the PSA Crypto header
files to get installed as well, so that the PSA portions of the library are
usable.
2018-11-21 12:17:31 +00:00
Jaeden Amero
852dac2df8
README: Update with the CMake build option
...
Note that one can also use CMake and doesn't strictly require GNU Make. For
instance, telling CMake to output Visual Studio project files and using
those would preclude the need for GNU Make.
2018-11-21 12:17:31 +00:00
Jaeden Amero
a49ba5ea5f
README: Specify that C99 is required
2018-11-21 12:17:31 +00:00
Jaeden Amero
11293ccced
README: Update with how to use as a subproject
2018-11-21 12:17:31 +00:00
Jaeden Amero
c6e4ab00a8
Use parent module includes when used as a submodule
...
For Makefiles, enable overriding where includes can come from in order to
enable the parent module to set the include path. This allows the parent
module to specify that its config.h should be used, even when the submodule
when built standalone would use a different config.h.
For CMake, always look in the parent's include folder and our own. List the
parent's include folder first, so that preference is given to parent
include files.
2018-11-21 12:17:31 +00:00
Jaeden Amero
74a04cdd59
Remove exporter script
...
We no longer need an exporter script as we'll use our existing tooling in
the top level directory for builds and releases.
2018-11-21 12:17:29 +00:00