Commit Graph

6173 Commits

Author SHA1 Message Date
Gilles Peskine
82e57d1611 PSA: support HMAC_DRBG
Support using HMAC_DRBG instead of CTR_DRBG in the PSA subsystem.

Use HMAC_DRBG if CTR_DRBG is available. Choose between SHA-256 and
SHA-512 based on availability.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-11-23 17:42:54 +01:00
Gilles Peskine
4fc21fdeb6 Implement MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
Implement support for MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG.

For test purposes, write an implementation that uses libc rand().

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-11-23 17:42:54 +01:00
Gilles Peskine
1c49f1ac46 Include headers in psa_crypto.h for mbedtls_to_psa_error
psa_crypto must be able to convert error codes even from modules that
it doesn't call directly.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-11-23 16:28:09 +01:00
Gilles Peskine
f08b3f8624 Autonomous random driver: create configuration option
Create a configuration option for autonomous random drivers, i.e. PSA
crypto drivers that provide a random generator, that have their own
entropy source and do not support injecting entropy from another
source.

This commit only creates the configuration option. Subsequent commits
will add the implementation and tests.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-11-23 16:28:09 +01:00
Gilles Peskine
30524eb7e5 psa_crypto: create random and drbg abstraction
Create wrapper functions around calls to CTR_DRBG and around calls to
entropy+DRBG. This is in preparation for allowing alternative DRBG
implementations that use the Mbed TLS entropy module, or complete RNG
implementations that bypass the entropy module as well.

This is purely a refactoring commit. No behavior change.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-11-23 16:27:40 +01:00
Gilles Peskine
90edc99e30 Create a header file for PSA crypto random generator abstraction
Subsequent commits will move declarations and definitions there.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-11-23 16:27:40 +01:00
Gilles Peskine
9aaa3e164a
Merge pull request #3786 from stevew817/feature/generate_pubkey_in_driver
Add export_public_key entry point for drivers
2020-11-23 11:54:53 +01:00
Gilles Peskine
662deb38d6
Merge pull request #3547 from ronald-cron-arm/psa-openless
Openless PSA crypto APIs implementation
2020-11-20 18:48:33 +01:00
Steven Cooreman
b9b844220b Plug in the entry point for public key export through driver
Including test.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-11-20 17:31:24 +01:00
Ronald Cron
1d12d87d18 Improve/fix documentation
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-20 13:57:15 +01:00
Ronald Cron
1ad1eeeaf1 psa stats: Count locked slots instead of unlocked ones
Count locked slots and not unlocked ones to
align with the other statistics counters.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-19 16:59:40 +01:00
Ronald Cron
5c522920ba psa: Rename functions to get a key slot
Rename functions to get a key slot:
. to make their naming more consistent
. to emphasize that those functions set a lock on the
  key slot they return to protect it from being wiped
  out and re-used while some part of the library
  is accessing it.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-19 16:59:40 +01:00
Ronald Cron
81709fc78e psa: Move key identifier return to psa_finish_key_creation()
Move the return of the identifier of a created key from
psa_start_key_creation() to psa_finish_key_creation().
That way in case of creation error, it is less likely to
return the identifier that was temporarily assigned to
the key while trying to create it.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-19 16:59:40 +01:00
Ronald Cron
5097294be9 psa: Decrement slot access count when finalizing key creation
Decrement the slot access count in psa_finish_key_creation()
when the finalization succeeds instead of in functions calling
psa_finish_key_creation(). That way the decrementation cannot
be forgotten and it reduces the code size.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-19 16:59:40 +01:00
Ronald Cron
cbf6a1d651 psa: slot mgmt: Add access counter overflow check
It adds a bit a code for not much but that way we
are such that a count overflow cannot occur.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-19 16:59:40 +01:00
Ronald Cron
4640c15deb psa: Remove error message output
Remove error message output in case of
unexpected access counter as

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-19 16:59:40 +01:00
Ronald Cron
cbd7beab0d psa: slot mgmt: Simplify psa_validate_key_id
Special handling of volatile key identifiers is not
needed eventually, they can be handled just as
key identifier in the vendor range.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-19 16:59:40 +01:00
Ronald Cron
f473d8b44b psa: slot mgmt: Improve psa_search_key_in_slots implementation
In case of a volatile key identifier, no need to check first
the validity of the key identifier, a volatile key identifier
is valid.

Move to a forward search for non-volatile key identifiers as
now key slots with small index are allocated first by
psa_get_empty_key_slot().

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-19 16:59:40 +01:00
Gilles Peskine
9a68810405
Merge pull request #3830 from jdurkop/psa-crypto-config-phase2
Phase 2 support for MBDTLS_PSA_CRYPTO_CONFIG
2020-11-19 09:32:23 +01:00
John Durkop
07cc04a8ad Updates to PSA crypto library based on review comments
Moved new check_crypto_config.h file from include/psa to library
directory and the file is now included from *.c instead of the
crypto_config.h file. Fixed guards in PSA crypto library based
on review comments for new PSA crypto config features.

Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
2020-11-18 08:09:49 -08:00
André Maroneze
7953329d73 Fix another use of uinitialized memory in ssl_parse_encrypted_pms
Complement to 0a8352b4: peer_pmslen is not initialized when decryption
fails, so '|= peer_pmslen' may access uninitialized memory, as indicated
by Frama-C/Eva.

Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>
Signed-off-by: André Maroneze <maroneze@users.noreply.github.com>
2020-11-18 13:44:24 +01:00
Gilles Peskine
c70431451b
Merge pull request #3867 from gilles-peskine-arm/error-include-string
Fix several configuration-related issues
2020-11-17 20:32:59 +01:00
Gilles Peskine
67aed9ada6 Simplify conditional guards in error.c
Simplify the guards on MBEDTLS_ERROR_C and MBEDTLS_ERROR_STRERROR_DUMMY.

No longer include superfluous headers and definition: platform.h is
only needed for MBEDTLS_ERROR_C; time_t is not needed at all.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-11-16 15:02:16 +01:00
John Durkop
5cc8dfb404 Removed final MBEDLTS_MD_C guard in PSA crypto library
There was one lingering MBEDTLS_MD_C that needed to be removed since
it is no longer needed.

Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
2020-11-13 06:45:40 -08:00
Ronald Cron
7587ae49cb Miscellaneous documentation improvements
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-13 09:49:01 +01:00
John Durkop
6ba40d1faa Corrected guards in PSA library based on review comments
Revised the placement of various new MBEDTLS_PSA_BUILTIN_xxx
guards based on review comments. Corrected guards in psa
test driver to use _ACCEL version instead of _BUILTIN version.
Updated check_config_psa.h to include additional dependency checks
for more algorithms. Renamed some of the new tests to be a little
more clear on the purpose.

Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
2020-11-12 10:21:40 -08:00
Ronald Cron
19daca9b2e Prefer persistent over permanent
For consistency across the code base, prefer
persistent over permanent to qualify a key
stored in persistent storage.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-11 15:12:16 +01:00
Ronald Cron
a5b894f7e2 psa: mgmt: Add key slot reuse
When looking for an empty key slot to store
the description of a key, if all key slots
are in use, reuse the first encountered
and unaccessed key slot containing the
description of a permanent key.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-10 18:19:59 +01:00
Ronald Cron
f291111007 psa: Do not reset a key slot under access
When psa_close/destroy/purge_key is called, do not
reset a key slot containing the description
of a persistent key if it is currently accessed.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-10 18:19:59 +01:00
Ronald Cron
ddd3d05803 psa: Add access counter check in slot wipe
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-10 18:19:59 +01:00
Ronald Cron
0c3752a46b psa: slot mgmt: Add unaccessed slots counter in stats
Add a counter of unaccessed slots and use it
in tests to check that at the end of PSA tests
all key slot are unaccessed.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-10 18:19:59 +01:00
Ronald Cron
f95a2b1190 psa: mgmt: Add key slot access counter
Add key slot access counter to be able to
state if a key slot containing the description
of a permanent key can be reset or reset
and re-used.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-10 18:19:59 +01:00
Ronald Cron
54b900827b psa: Forbid creation/registration of keys in vendor range
The identifier of keys created/registred should be in
the application range.

This is by spec for key creation.
This may change for registered key.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-10 18:19:59 +01:00
Ronald Cron
65f38a3c2e Add key id check when creating a volatile key
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-10 18:19:59 +01:00
Ronald Cron
d98059d599 psa: Fix tests/handling of lifetime incompatible with location
The lifetime of key attributes now encodes whether a key is
volatile/persistent or not AND its location.
Fix PSA code where the fact that the lifetime encodes
the key location was not taken into account properly.

Fix the impacted tests and add two non regression tests.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-10 18:18:15 +01:00
Ronald Cron
967835596c psa: Fix references to macros in comments
This commit tries to fix the usage of #MACRO_NAME
to reference macros in comments.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-10 16:18:07 +01:00
Ronald Cron
3c76a42475 Improve psa_key_start_creation description
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-10 16:18:07 +01:00
Ronald Cron
513451987d Fix close/purge of a key
In case of persistent keys, do not load the key
in a slot before to close/purge it.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-10 16:18:07 +01:00
Ronald Cron
97c8ad5fee Merge search of loaded volatile and persistent keys
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-10 16:18:07 +01:00
Ronald Cron
fc9c556127 Forbid volatile key identifiers for non volatile keys
Volatile key identifiers in the vendor range are
reserved to volatile keys thus don't allow them
for persistent keys when creating a key.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-10 16:18:07 +01:00
Ronald Cron
277a85f1ef Add psa_purge_key API
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-10 16:00:41 +01:00
Ronald Cron
cf56a0a320 psa: Move from key handle to key identifier
Move all the PSA crypto APIs using key handles
to use key identifiers but psa_key_open() and
psa_key_close(). This is done without modifying
any test as key handles and key identifiers are
now the same.

Update the library modules using PSA crypto APIs
to get rid of key handles.

Programs and unit tests are updated to not use
key handles in subsequent commits, not in this
one.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-10 16:00:41 +01:00
Ronald Cron
c4d1b514ab Define handles as key identifiers
Define psa_key_handle_t to be equal to
mbedtls_svc_key_id_t. Make the handle of a persistent
key be equal to its key identifier. For volatile keys,
make the key handle equal to the volatile key
identifier of the created volatile key.

The unit tests are modified just to make them compile
not to make them run successfully. They are fixed in
the subsequent commits.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-10 16:00:41 +01:00
Ronald Cron
c26f8d467a Introduce psa_key_handle_is_null inline function
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-10 16:00:41 +01:00
Ronald Cron
91e9515424 Introduce PSA_KEY_HANDLE_INIT macro
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-10 16:00:41 +01:00
Ronald Cron
98a54ddbd6 psa: slot mgmt: Don't use handles to loop through slot array
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-10 16:00:41 +01:00
Ronald Cron
2a99315cc5 Add volatile key identifiers
Volatile key identifiers are introduced in
PSA Crypto API v1.0.0. They are returned by the APIs
when importing or generating or deriving a volatile key.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-10 16:00:31 +01:00
John Durkop
9814fa2b08 Minor updates from review comments
Updated macros in config_psa.h that used ECC_xxx to use KEY_TYPE_ECC_xxx
per comments from review. Implemented a check_config_psa.h to help with
dependency checking of features enabled in config_psa.h. Added
check_config_psa.h to visual studio project.

Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
2020-11-10 06:11:41 -08:00
John Durkop
0e00519711 Add feature support for RSA for PSA crypto config
In the original attempt to add RSA support to PSA crypto config was too
generic. This set of changes adds support for the following RSA features:
PSA_WANT_ALG_RSA_PKCS1V15_CRYPT, PSA_WANT_ALG_RSA_PKCS1V15_SIGN,
PSA_WANT_ALG_RSA_OAEP, PSA_WANT_ALG_RSA_PSS, PSA_WANT_KEY_TYPE_RSA_KEY_PAIR,
and PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY.

There were also some updates to ensure the proper inclusion of PSA crypto
library code when certain features are enabled. These updates were made to
address warnings and errors in builds from the new tests for these
features being added for PSA crypto configuration.

Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
2020-11-10 06:11:41 -08:00
John Durkop
f4c4cb008c Added additional support for ECP for PSA_CRYPTO_CONFIG
The KEY_TYPE_ECC_KEY_PAIR and KEY_TYPE_ECC_PUBLIC_KEY were previously
being guarded by MBEDTLS_ECP_C in the PSA crypto library code. This change
moves it to the new MBEDTLS_PSA_BUILTIN_xxx and separates KEY_PAIR
and PUBLIC_KEY as needed. Tests have also been added to validate the new
settings.

Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
2020-11-10 06:11:35 -08:00