Commit Graph

2382 Commits

Author SHA1 Message Date
Gilles Peskine
ea4469f8d1 Fix parameter name in Doxygen documentation 2018-09-12 16:24:50 +03:00
Gilles Peskine
7ed29c56f1 Rename PSA_ALG_RSA_GET_HASH to PSA_ALG_SIGN_GET_HASH
And don't use it for HMAC when there's a perfectly serviceable
PSA_ALG_HMAC_HASH. HMAC isn't hash-and-sign.
2018-09-12 16:24:50 +03:00
Jaeden Amero
7baf0d5702 psa: doxygen: Fix parameters reference
Doxygen interprets `\param` as starting documentation for a new param, or
to extend a previously started `\param` documentation when the same
reference is used. The intention here was to reference the function
parameter, not extend the previous documentation. Use `\p` to refer to
function parameters.
2018-09-12 16:24:50 +03:00
Gilles Peskine
e584ccb6fd Merge remote-tracking branch 'psa/pr/57' into feature-psa 2018-09-12 16:24:50 +03:00
Gilles Peskine
e9a0a9d74d Update documentation of psa_success_t
Now that the type is not an enum, explain what values are valid.

Also add a comment to explain the #if defined(PSA_SUCCESS) temporary hack.
2018-09-12 16:24:50 +03:00
itayzafrir
c2a7976886 PSA Crypto error code definitions
Removed the psa_status_t enum and defined error codes as defines.
Conditionally defining PSA_SUCCESS and psa_status_t.
2018-09-12 16:24:50 +03:00
Gilles Peskine
48c0ea14c6 Remove PSA_KEY_TYPE_IS_RAW_BYTES from crypto.h
It isn't used to define other macros and it doesn't seem that useful
for users. Remove it, we can reintroduce it if needed.

Define a similar function key_type_is_raw_bytes in the implementation
with a clear semantics: it's a key that's represented as a struct
raw_data.
2018-09-12 16:24:50 +03:00
Gilles Peskine
4e69d7a9a7 psa_generate_key: pass parameters_size argument
When calling psa_generate_key, pass the size of the parameters buffer
explicitly. This makes calls more verbose but less error-prone. This
also has the benefit that in an implementation with separation, the
frontend knows how many bytes to send to the backend without needing
to know about each key type.
2018-09-12 16:22:51 +03:00
Gilles Peskine
9a9e19f3fb Switch default config back to the upstream one + PSA + CMAC
Switch the default config.h back to the upstream version, plus the new
feature from this branch MBEDTLS_PSA_CRYPTO_C, plus MBEDTLS_CMAC_C
because it's a features we're using to explore the API design but
that's off by default in Mbed TLS.

Having a crypto-only version saved a bit of developer time, and it's
something we want to ship, but we also need a full build with TLS to
work, and the CI scripts assume that the default build includes TLS.

As a consequence, list-macros.sh no longer needs a special case to
pass check-names.sh.
2018-09-12 16:22:51 +03:00
Gilles Peskine
1672d1d2e4 Remove features with missing dependencies from config.h
The default config.h omits non-crypto features. Remove some features
that had been accidentally left in but have dependencies that had been
removed.

Also update configs/config-psa-crypto.h to match
include/mbedtls/config.h. They were historically identical but started
diverging when the feature-psa branch was rebased on top of a more
recent upstream.

Now the code builds with the "full" config.
2018-09-12 16:22:51 +03:00
Gilles Peskine
e1fed0de18 Define elliptic curve identifiers from TLS
Instead of rolling our own list of elliptic curve identifiers, use one
from somewhere. Pick TLS because it's the right size (16 bits) and
it's as good as any.
2018-09-12 16:19:04 +03:00
Gilles Peskine
b3e6e5deeb Rename hash max sizes for consistency
Use "hash" throughout the library, not "md" as in Mbed TLS.
2018-09-12 16:19:04 +03:00
Gilles Peskine
2d2778650b Normalize whitespace
Normalize whitespace to Mbed TLS standards. There are only whitespace
changes in this commit.
2018-09-12 16:15:52 +03:00
Gilles Peskine
6de7a179c8 Fix file permissions
Some files were marked as executable but shouldn't have been.
2018-09-12 16:13:49 +03:00
Nir Sonnenschein
5ca6547b77 Renamed hmac_ctx to opad and removed null check.
this array is now part of the struct and not dynamically allocated
so it can't be null.
2018-09-12 16:13:49 +03:00
Nir Sonnenschein
9e2ffe83ac change type of hash block to uint8_t 2018-09-12 16:13:49 +03:00
Nir Sonnenschein
35dfbf4601 change hmac context to use statically allocated memory
1. removed dynamic allocation of stack context
2. moved ipad to stack
3. added defines for maximal sizes
2018-09-12 16:13:49 +03:00
Nir Sonnenschein
dcd636a73f Commit changes to hmac to not use MD abstraction
this PR is part of efforts to use "lower level" mbedTLS APIs vs "higher level" abstract APIs.
2018-09-12 16:13:49 +03:00
Gilles Peskine
8605428dcf Merge remote-tracking branch 'psa/pr/27' into feature-psa 2018-09-05 12:46:19 +03:00
Gilles Peskine
625b01c9c3 Add OAEP placeholders in asymmetric encrypt/decrypt
Replace PSS placeholders by OAEP placeholders. PSS is a signature
algorithm, not an encryption algorithm.

Fix typo in PSA_ALG_IS_RSA_OAEP_MGF1.
2018-09-05 12:44:17 +03:00
Gilles Peskine
723feffe15 Fix some errors in PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE
A call to PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE wouldn't even have
compiled. Fix some obvious errors. This is still untested.
2018-09-05 12:44:17 +03:00
Gilles Peskine
d6125ca63b Merge remote-tracking branch 'psa/pr/24' into feature-psa 2018-09-05 12:41:53 +03:00
Gilles Peskine
3585596aec Document a few more macros 2018-09-05 12:41:52 +03:00
Gilles Peskine
84861a95ca Merge remote-tracking branch 'psa/psa-wrapper-apis-aead' into feature-psa 2018-09-05 12:41:52 +03:00
Gilles Peskine
154bd95131 psa_destroy_key: return SUCCESS on an empty slot
Do wipe the slot even if it doesn't contain a key, to erase any metadata.
2018-09-05 12:41:52 +03:00
Gilles Peskine
5e39dc96e0 New macro PSA_AEAD_TAG_SIZE, use it for PSA_AEAD_xxx_OUTPUT_SIZE 2018-09-05 12:41:52 +03:00
Gilles Peskine
71bb7b77f0 Switch PSA_HASH_FINAL_SIZE to PSA_HASH_SIZE
Make this macro work on derived algorithms as well (HMAC,
hash-and-sign, etc.).
2018-09-05 12:41:52 +03:00
Gilles Peskine
212e4d8f7c Improve documentation of PSA_AEAD_xxx_OUTPUT_SIZE 2018-09-05 12:41:52 +03:00
Gilles Peskine
65eb8588fe Expand the description of error codes 2018-09-05 12:41:52 +03:00
mohammad1603
1347a73fbe fix macros documentation style. 2018-09-05 12:41:52 +03:00
mohammad1603
fb5b9cbb8d add missing documentations 2018-09-05 12:41:52 +03:00
mohammad1603
22898ba0bd remove duplicated definition 2018-09-05 12:41:51 +03:00
Gilles Peskine
36a74b71a0 Fix Doxygen comments to pass clang -Wdocumentation 2018-09-05 12:41:51 +03:00
Gilles Peskine
1e7d8f1b09 Document AEAD functions
Write documentation for psa_aead_encrypt and psa_aead_decrypt. Define
macros PSA_AEAD_ENCRYPT_OUTPUT_SIZE and PSA_AEAD_DECRYPT_OUTPUT_SIZE
(untested).
2018-09-05 12:41:51 +03:00
mohammad1603
dad36fa855 add Key and Algorithm validation 2018-09-05 12:38:18 +03:00
mohammad1603
579d359007 remove psa_aead_encrypt_setup from header file
remove psa_aead_encrypt_setup from header file
2018-09-05 12:38:18 +03:00
Gilles Peskine
3aa8efb230 Merge remote-tracking branch 'psa/psa-wrapper-apis-march-12' into feature-psa 2018-09-05 12:38:17 +03:00
mohammad1603
39ee871d3f Change AEAD APIs to integrated AEAD APIs.
Change AEAD APIs to integrated AEAD APIs, this will allow t support CCM and
GCM algorithms.
2018-09-05 12:38:17 +03:00
Moran Peker
ad9d82cc0e add iv_required field to psa_cipher_operation_s and fix relevant functions 2018-09-05 12:14:28 +03:00
Moran Peker
bed71a2b17 fix missing check on output_size in psa_cipher_finish func 2018-09-05 12:14:28 +03:00
Moran Peker
0071b873a3 add missing parameter output_size on psa_cipher_finish 2018-09-05 12:14:28 +03:00
Moran Peker
e1210dcac3 remove unused parameter in psa_cipher_finish. 2018-09-05 12:14:28 +03:00
mohammad1603
8481e74ecc CR fixes
more fixes

Compilation fixes

Compilation fixes for PSA crypto code and tests
2018-09-05 12:14:28 +03:00
mohammad1603
efb0107fbe CR fix, remove exposing ECB 2018-09-05 12:14:27 +03:00
mohammad1603
990a18c2f0 add ecb to cipher algorithms 2018-09-05 12:14:27 +03:00
Gilles Peskine
d1e8e41737 Adapt older import_export test data to the new function signature 2018-09-05 12:13:23 +03:00
Gilles Peskine
5100318a92 Merge pull request #18 from ARMmbed/psa-wrapper-apis-export-publickey
Export public key implementation (#18)
2018-09-05 12:13:23 +03:00
mohammad1603
8275961178 warnings fixes 2018-09-05 12:13:23 +03:00
mohammad1603
503973bdf3 initial implementation for PSA symmetric APIs - missing tests and documentations 2018-09-05 12:13:23 +03:00
Moran Peker
b4d0ddd2d3 psa_export_public_key 2018-09-05 12:13:20 +03:00
Moran Peker
dd4ea38d58 export public key 2018-09-05 12:10:47 +03:00
itayzafrir
5c7533923a ECDSA sign and verify implementation and tests
ECDSA sign and verify implementation and tests
2018-09-05 12:10:47 +03:00
Gilles Peskine
a0655c3501 Merge remote-tracking branch 'psa/pr/13' into feature-psa
Conflicts:
	library/psa_crypto.c
	tests/suites/test_suite_psa_crypto.data
	tests/suites/test_suite_psa_crypto.function

All the conflicts are concurrent additions where the order doesn't
matter. I put the code from feature-psa (key policy) before the code
from PR #13 (key lifetime).
2018-09-05 12:10:43 +03:00
Gilles Peskine
f0c9dd37d2 Added possible error codes for lifetime functions 2018-09-05 12:01:38 +03:00
Gilles Peskine
9bb53d7aff Fix copypasta in lifetime function descriptions 2018-09-05 12:01:38 +03:00
Gilles Peskine
8ca560293b Whitespace fixes 2018-09-05 12:01:37 +03:00
mohammad1603
a7d245a4a2 Fix return error values description
Fix return PSA_ERROR_INVALID_ARGUMENT description for psa_set_key_lifetime()
and psa_get_key_lifetime()
2018-09-05 12:01:37 +03:00
mohammad1603
ea0500936e Change behavior of psa_get_key_lifetime()
psa_get_key_lifetime() behavior changed regarding empty slots, now
it return the lifetime of and empty slots. Documentation in header
file updated accordingly.
2018-09-05 12:01:37 +03:00
mohammad1603
1c34545cfe Remove usage of PSA_KEY_LIFETIME_NONE
Remove usage of PSA_KEY_LIFETIME_NONE, initiate all key slot to
PSA_KEY_LIFETIME_VOLATILE ini psa_crypto_init()
2018-09-05 12:01:37 +03:00
mohammad1603
ba178511f4 Remove unused and duplicated erros, fix documentation and tests
Remove unused and duplicated erros, fix documentation and tests
2018-09-05 12:01:37 +03:00
mohammad1603
804cd71bf8 initial key lifetime implementation and tests 2018-09-05 12:01:37 +03:00
Gilles Peskine
c63b6ba754 Merge remote-tracking branch 'psa/pr/14' into feature-psa
Conflict resolution:

* `tests/suites/test_suite_psa_crypto.data`: in the new tests from PR #14,
  rename `PSA_ALG_RSA_PKCS1V15_RAW` to `PSA_ALG_RSA_PKCS1V15_SIGN_RAW` as
  was done in PR #15 in the other branch.
2018-09-05 12:01:34 +03:00
Gilles Peskine
f48af7fe76 psa_generate_key: specify what the extra parameters mean 2018-09-05 11:53:26 +03:00
Gilles Peskine
9e7dc717b0 New function: generate key/random 2018-09-05 11:53:26 +03:00
Gilles Peskine
06297936f2 More precise bounds for PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE 2018-09-05 11:53:26 +03:00
mohammad1603
5feda72d7a Remove usage of PSA_ERROR_INVALID_KEY_POLICY
use PSA_ERROR_INVALID_ARGUMENT instead of INVALID_KEY_POLICY error
2018-09-05 11:53:26 +03:00
Gilles Peskine
6944f9a831 New functions: asymmetric encrypt/decrypt 2018-09-05 11:53:26 +03:00
Gilles Peskine
9673cc8255 Define PSA_ALG_RSA_OAEP_MGF1(hash) 2018-09-05 11:53:26 +03:00
Gilles Peskine
8484565f85 Minor errors in documentation around asymmetric signature 2018-09-05 11:53:26 +03:00
mohammad1603
6df908f234 Add static internal MAC finish function
add new psa_mac_finish_internal() to be called by psa_mac_finish() and
psa_mac_verify() in order to be able to check key usage separatly.
2018-09-05 11:53:26 +03:00
Gilles Peskine
a59262338a Rename PKCS1V15 to PKCS1V15_SIGN
There's PKCS1V15_CRYPT as well (to be added soon).
2018-09-05 11:53:26 +03:00
Gilles Peskine
058e0b9963 Avoid empty unions
When no algorithms are present in a category (e.g. no AEAD algorithm),
the union in the corresponding operation structure was empty, which is
not valid C. Add a dummy field to avoid this.
2018-09-05 11:53:26 +03:00
Gilles Peskine
9a1ba0dd3f Typo in the documentation of psa_get_key_information 2018-09-05 11:53:26 +03:00
mohammad1603
8cc1ceec3e Key Policy APIs implementation 2018-09-05 11:53:26 +03:00
Gilles Peskine
1906798d4c Fix some typos and copypasta 2018-09-05 11:53:25 +03:00
Gilles Peskine
ed522974bd Clarify how multipart operations get terminated 2018-09-05 11:53:25 +03:00
Gilles Peskine
971f7064e9 More precise reference for the RSA public key format 2018-09-05 11:53:25 +03:00
Gilles Peskine
7e19853722 More documentation 2018-09-05 11:53:25 +03:00
Gilles Peskine
d393e18f90 Add psa_set_key_lifetime
It is likely that most implementations won't support this function.
But in case an implementation wants to provide it, standardize its
interface.
2018-09-05 11:53:25 +03:00
Gilles Peskine
e3f694f49a Remove non-standard hash algorithms 2018-09-05 11:53:25 +03:00
Gilles Peskine
06dc26350e Fix macro definitions for ECC keys
Public keys and key pairs have different types.
2018-09-05 11:53:25 +03:00
Gilles Peskine
03182e99b6 Fix parameter name in PSA_BLOCK_CIPHER_BLOCK_SIZE 2018-09-05 11:53:25 +03:00
Gilles Peskine
f5b9fa13e0 Documentation clarifications
Clarify or add the documentation of some functions and constants.

Add a note about what the __DOXYGEN_ONLY__ section is for.
2018-09-05 11:53:25 +03:00
Gilles Peskine
2905a7adcc Fix namespace violation 2018-09-05 11:53:25 +03:00
Gilles Peskine
609b6a5b67 Get the lifetime of a key slot 2018-09-05 11:53:25 +03:00
Gilles Peskine
7698bcf338 Basic interface for key policies
Get/set the policy of a key slot.

Opaque structure for key policies and field access functions.
2018-09-05 11:53:25 +03:00
Gilles Peskine
92b3073e36 Minor documentation fixes 2018-09-05 11:53:25 +03:00
Gilles Peskine
3b555710e2 Prototypes for AEAD functions
This is still tentative.
2018-09-05 11:53:25 +03:00
Gilles Peskine
428dc5aef1 Prototypes for symmetric cipher functions 2018-09-05 11:53:25 +03:00
Gilles Peskine
7e4acc5ef8 Document some MAC functions: psa_mac_start
Adapt the documentation of hash functions.

State that the key object does not need to remain valid throughout the
operation.
2018-09-05 11:53:25 +03:00
Gilles Peskine
8c9def3e7f PSA: Implement MAC functions
Implement psa_mac_start, psa_mac_update and psa_mac_final.

Implement HMAC anc CMAC.

Smoke tests.
2018-09-05 11:53:25 +03:00
Gilles Peskine
308b91d7db Wrote documentation for several functions, macros and types
Document key import/export functions, hash functions, and asymmetric
sign/verify, as well as some related macros and types.

Nicer formatting for return values: use \retval.
2018-09-05 11:53:25 +03:00
Gilles Peskine
9ef733faa0 Implement hash functions
New header file crypto_struct.h. The main file crypto.sh declares
structures which are implementation-defined. These structures must be
defined in crypto_struct.h, which is included at the end so that the
structures can use types defined in crypto.h.

Implement psa_hash_start, psa_hash_update and psa_hash_final. This
should work for all hash algorithms supported by Mbed TLS, but has
only been smoke-tested for SHA-256, and only in the nominal case.
2018-09-05 11:53:25 +03:00
Gilles Peskine
a590529938 Greatly expanded mbedtls_to_psa_error
It now covers most cryptography algorithm modules (missing: bignum,
DHM, everything ECC, HMAC_DRBG).
2018-09-05 11:53:24 +03:00
Gilles Peskine
98f0a24255 Improve key type and algorithm encodings
Refine the encoding of key types and algorithms so that ranges of bits
make more sense.

Define a few symmetric cipher algorithms.
2018-09-05 11:53:24 +03:00
Gilles Peskine
0189e7512d PSA crypto: PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE macro
Test it for RSA.
2018-09-05 11:53:24 +03:00
Gilles Peskine
20035e3579 PSA crypto: asymmetric signature (RSA PKCS#1v1.5 only)
Define hash algorithms and RSA signature algorithms.

New function psa_asymmetric_sign.

Implement psa_asymmetric_sign for RSA PKCS#1 v1.5.
2018-09-05 11:53:24 +03:00
Gilles Peskine
c66ea6a921 PSA key import: support RSA public keys
Use different key types for private keys and public keys.
2018-09-05 11:53:24 +03:00
Gilles Peskine
2f9c4dc5ad Add key management functions
Define psa_key_type_t and a first stab at a few values.

New functions psa_import_key, psa_export_key, psa_destroy_key,
psa_get_key_information. Implement them for raw data and RSA.

Under the hood, create an in-memory, fixed-size keystore with room
for MBEDTLS_PSA_KEY_SLOT_COUNT - 1 keys.
2018-09-05 11:53:24 +03:00
Gilles Peskine
1d26709dbd New function mbedtls_rsa_get_bitlen
Add a new function mbedtls_rsa_get_bitlen which returns the RSA key
size, i.e. the bit size of the modulus. In the pk module, call
mbedtls_rsa_get_bitlen instead of mbedtls_rsa_get_len, which gave the
wrong result for key sizes that are not a multiple of 8.

This commit adds one non-regression test in the pk suite. More tests
are needed for RSA key sizes that are a multiple of 8.

This commit does not address RSA alternative implementations, which
only provide an interface that return the modulus size in bytes.
2018-09-05 11:53:24 +03:00