Gilles Peskine
c63b6ba754
Merge remote-tracking branch 'psa/pr/14' into feature-psa
...
Conflict resolution:
* `tests/suites/test_suite_psa_crypto.data`: in the new tests from PR #14 ,
rename `PSA_ALG_RSA_PKCS1V15_RAW` to `PSA_ALG_RSA_PKCS1V15_SIGN_RAW` as
was done in PR #15 in the other branch.
2018-09-05 12:01:34 +03:00
Gilles Peskine
f48af7fe76
psa_generate_key: specify what the extra parameters mean
2018-09-05 11:53:26 +03:00
Gilles Peskine
47c1bc0458
Correct some return codes
2018-09-05 11:53:26 +03:00
Gilles Peskine
8d2abd6f72
Merge remote-tracking branch 'psa/pr/15' into feature-psa
2018-09-05 11:53:26 +03:00
mohammad1603
38a622b68b
Function psa_get_key_policy() now return policy value for empty slots
...
Function psa_get_key_policy() now return policy value for empty slots
2018-09-05 11:53:26 +03:00
Gilles Peskine
9e7dc717b0
New function: generate key/random
2018-09-05 11:53:26 +03:00
Gilles Peskine
0eb6e97ac6
Merge pull request #4 from ARMmbed/psa-wrapper-apis-march-2
...
Interfaces: general framework for key types and algorithms; key import, export and destruction; multipart hash, MAC, cipher and AEAD operations; asymmetric sign/verify, key lifetimes and policies.
Implementation: key import, export and destruction (RSA, symmetric keys); multipart hash and MAC operations. Tested only with a few smoke tests.
2018-09-05 11:53:26 +03:00
Gilles Peskine
06297936f2
More precise bounds for PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE
2018-09-05 11:53:26 +03:00
mohammad1603
5feda72d7a
Remove usage of PSA_ERROR_INVALID_KEY_POLICY
...
use PSA_ERROR_INVALID_ARGUMENT instead of INVALID_KEY_POLICY error
2018-09-05 11:53:26 +03:00
Gilles Peskine
6944f9a831
New functions: asymmetric encrypt/decrypt
2018-09-05 11:53:26 +03:00
Gilles Peskine
058e0b9963
Avoid empty unions
...
When no algorithms are present in a category (e.g. no AEAD algorithm),
the union in the corresponding operation structure was empty, which is
not valid C. Add a dummy field to avoid this.
2018-09-05 11:53:26 +03:00
Gilles Peskine
9673cc8255
Define PSA_ALG_RSA_OAEP_MGF1(hash)
2018-09-05 11:53:26 +03:00
mohammad1603
d926b88085
Fix Policy enforcement sign test
...
Fix Policy sign scenario for enforcement test
2018-09-05 11:53:26 +03:00
Gilles Peskine
8484565f85
Minor errors in documentation around asymmetric signature
2018-09-05 11:53:26 +03:00
Gilles Peskine
9a1ba0dd3f
Typo in the documentation of psa_get_key_information
2018-09-05 11:53:26 +03:00
mohammad1603
6df908f234
Add static internal MAC finish function
...
add new psa_mac_finish_internal() to be called by psa_mac_finish() and
psa_mac_verify() in order to be able to check key usage separatly.
2018-09-05 11:53:26 +03:00
Gilles Peskine
a59262338a
Rename PKCS1V15 to PKCS1V15_SIGN
...
There's PKCS1V15_CRYPT as well (to be added soon).
2018-09-05 11:53:26 +03:00
mohammad1603
4eed757901
add new test scenarios
2018-09-05 11:53:26 +03:00
mohammad1603
a97cb8c303
Add calls for set policy in export/sign tests
...
Add calls for set policy in export/sign tests
2018-09-05 11:53:26 +03:00
mohammad1603
06e7920be5
integrate policy key usage in export and asymmetric sign functions
2018-09-05 11:53:26 +03:00
mohammad1603
8cc1ceec3e
Key Policy APIs implementation
2018-09-05 11:53:26 +03:00
Gilles Peskine
1906798d4c
Fix some typos and copypasta
2018-09-05 11:53:25 +03:00
Gilles Peskine
ed522974bd
Clarify how multipart operations get terminated
2018-09-05 11:53:25 +03:00
Gilles Peskine
971f7064e9
More precise reference for the RSA public key format
2018-09-05 11:53:25 +03:00
Gilles Peskine
7e19853722
More documentation
2018-09-05 11:53:25 +03:00
Gilles Peskine
d393e18f90
Add psa_set_key_lifetime
...
It is likely that most implementations won't support this function.
But in case an implementation wants to provide it, standardize its
interface.
2018-09-05 11:53:25 +03:00
Gilles Peskine
e3f694f49a
Remove non-standard hash algorithms
2018-09-05 11:53:25 +03:00
Gilles Peskine
06dc26350e
Fix macro definitions for ECC keys
...
Public keys and key pairs have different types.
2018-09-05 11:53:25 +03:00
Gilles Peskine
40f68b9863
Use unhexify_alloc where applicable
2018-09-05 11:53:25 +03:00
Gilles Peskine
dc2fc8443f
Rename xxx_of_psa functions to xxx_from_psa
...
Be consistent with how similar functions are named in Mbed TLS.
2018-09-05 11:53:25 +03:00
Gilles Peskine
3c6e970752
Fix memory leak in psa_destroy_key
2018-09-05 11:53:25 +03:00
Gilles Peskine
6d9121381a
Add some comments to document some non-obvious coding choices
2018-09-05 11:53:25 +03:00
Gilles Peskine
03182e99b6
Fix parameter name in PSA_BLOCK_CIPHER_BLOCK_SIZE
2018-09-05 11:53:25 +03:00
Gilles Peskine
f5b9fa13e0
Documentation clarifications
...
Clarify or add the documentation of some functions and constants.
Add a note about what the __DOXYGEN_ONLY__ section is for.
2018-09-05 11:53:25 +03:00
Gilles Peskine
2905a7adcc
Fix namespace violation
2018-09-05 11:53:25 +03:00
Gilles Peskine
e4ebc12fcd
psa_crypto_init: set the global initialized flag
2018-09-05 11:53:25 +03:00
Gilles Peskine
609b6a5b67
Get the lifetime of a key slot
2018-09-05 11:53:25 +03:00
Gilles Peskine
7698bcf338
Basic interface for key policies
...
Get/set the policy of a key slot.
Opaque structure for key policies and field access functions.
2018-09-05 11:53:25 +03:00
Gilles Peskine
92b3073e36
Minor documentation fixes
2018-09-05 11:53:25 +03:00
Gilles Peskine
3b555710e2
Prototypes for AEAD functions
...
This is still tentative.
2018-09-05 11:53:25 +03:00
Gilles Peskine
428dc5aef1
Prototypes for symmetric cipher functions
2018-09-05 11:53:25 +03:00
Gilles Peskine
7e4acc5ef8
Document some MAC functions: psa_mac_start
...
Adapt the documentation of hash functions.
State that the key object does not need to remain valid throughout the
operation.
2018-09-05 11:53:25 +03:00
Gilles Peskine
8c9def3e7f
PSA: Implement MAC functions
...
Implement psa_mac_start, psa_mac_update and psa_mac_final.
Implement HMAC anc CMAC.
Smoke tests.
2018-09-05 11:53:25 +03:00
Gilles Peskine
308b91d7db
Wrote documentation for several functions, macros and types
...
Document key import/export functions, hash functions, and asymmetric
sign/verify, as well as some related macros and types.
Nicer formatting for return values: use \retval.
2018-09-05 11:53:25 +03:00
Gilles Peskine
9ef733faa0
Implement hash functions
...
New header file crypto_struct.h. The main file crypto.sh declares
structures which are implementation-defined. These structures must be
defined in crypto_struct.h, which is included at the end so that the
structures can use types defined in crypto.h.
Implement psa_hash_start, psa_hash_update and psa_hash_final. This
should work for all hash algorithms supported by Mbed TLS, but has
only been smoke-tested for SHA-256, and only in the nominal case.
2018-09-05 11:53:25 +03:00
Gilles Peskine
a590529938
Greatly expanded mbedtls_to_psa_error
...
It now covers most cryptography algorithm modules (missing: bignum,
DHM, everything ECC, HMAC_DRBG).
2018-09-05 11:53:24 +03:00
Gilles Peskine
98f0a24255
Improve key type and algorithm encodings
...
Refine the encoding of key types and algorithms so that ranges of bits
make more sense.
Define a few symmetric cipher algorithms.
2018-09-05 11:53:24 +03:00
Gilles Peskine
93aa0334d9
PSA asymmetric signature: set *signature_length = 0 on failure
2018-09-05 11:53:24 +03:00
Gilles Peskine
0189e7512d
PSA crypto: PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE macro
...
Test it for RSA.
2018-09-05 11:53:24 +03:00
Gilles Peskine
20035e3579
PSA crypto: asymmetric signature (RSA PKCS#1v1.5 only)
...
Define hash algorithms and RSA signature algorithms.
New function psa_asymmetric_sign.
Implement psa_asymmetric_sign for RSA PKCS#1 v1.5.
2018-09-05 11:53:24 +03:00