Commit Graph

432 Commits

Author SHA1 Message Date
Andrew Thoelke
5ae24ec7af Add missing error case to psa_aead_verify 2019-09-12 09:44:33 +01:00
Adrian L. Shaw
4c61c1a736 Move psa_destroy_key and psa_copy_key to Key Management section 2019-09-11 14:40:51 +01:00
Jaeden Amero
4badc92438
Merge pull request #117 from gilles-peskine-arm/psa_error_code_coverage
PSA return status coverage script
2019-09-10 16:39:23 +01:00
Jaeden Amero
4864eb5bec
Merge pull request #247 from athoelke/at-key-handles
Update the behavior of key handles
2019-09-10 14:38:56 +01:00
Andrew Thoelke
970629fc9a Fix grammar. 2019-09-09 09:56:34 +01:00
Gilles Peskine
be061337c1 Document more error codes 2019-09-06 19:29:52 +02:00
Adrian L. Shaw
8619f8cd07 Remove storage errors from psa_generate_random 2019-09-05 10:37:22 +01:00
Andrew Thoelke
de183416f8 Update the behavior of key handles
* open output distinct key handles
* each handle must be closed
* destroying a key does not invalidate other handles
* closing a key can/might fail an active operation (but not required)
2019-09-05 09:38:06 +01:00
Adrian L. Shaw
3b5975641e Fix return code warnings
- Remove STORAGE_FAILURE from hash and abort functions
- Remove BUFFER_TOO_SMALL from psa_mac_verify
2019-09-04 19:20:32 +01:00
Adrian L. Shaw
fa2cefa001 Fix warnings 2019-09-04 11:36:15 +01:00
Adrian L. Shaw
f483973c37 Add PSA_ERROR_STORAGE_FAILURE to psa_cipher_generate_iv 2019-09-04 11:35:32 +01:00
Adrian L. Shaw
599c712668 Remove errorneous insert 2019-09-04 11:35:32 +01:00
Adrian L. Shaw
1505b2108a Add STORAGE_FAILURE everywhere + add missing codes 2019-09-04 11:35:32 +01:00
Adrian L. Shaw
1f1e1a5253 Add storage failure to psa_mac_verify_finish 2019-09-04 11:35:32 +01:00
Adrian L. Shaw
56b32b126c Add storage failure to psa_mac_sign_finish 2019-09-04 11:35:32 +01:00
Adrian L. Shaw
22bc8fff0c Add PSA_ERROR_STORAGE_FAILURE to psa_aead_*_setup functions 2019-09-04 11:35:06 +01:00
Adrian L. Shaw
8f7cd1ee55 Added PSA_ERROR_BAD_STATE to functions with operations
In the case that the operation object has not been initialized
appropriately.
2019-09-04 11:34:22 +01:00
Adrian L. Shaw
97d3bc3674 Added extra bad state case to psa_hash_setup 2019-09-04 11:34:22 +01:00
Adrian L. Shaw
2364924619 Add missing return codes to psa_generate_key 2019-09-04 11:34:22 +01:00
Adrian L. Shaw
1f42a84a13 Add PSA_ERROR_BUFFER_TOO_SMALL to psa_mac_compute 2019-09-04 11:33:32 +01:00
Adrian L. Shaw
650229ba38 Added PSA_ERROR_STORAGE_FAILURE to psa_mac_compute
In case the key could not be retrieved from
storage.
2019-09-04 11:31:14 +01:00
Adrian L. Shaw
2a889781c5 Add PSA_ERROR_STORAGE_FAILURE to psa_export_public_key
The same reason that it is included in psa_export_key
2019-09-04 11:31:14 +01:00
Adrian L. Shaw
11638b99a0 Added PSA_ERROR_INSUFFICIENT_MEMORY to psa_export_public_key
For the same reasons that psa_export_key can fail with this error
2019-09-04 11:31:14 +01:00
Adrian L. Shaw
7f1863c905 Add PSA_ERROR_INSUFFICIENT_MEMORY to psa_export_key
It may be possible that the implementation runs out of
memory when exporting a key from storage or a secure
element. For example, it may not be possible to directly
move the data from storage to the caller, so the implementation
will have to buffer the material temporarily (an issue if dynamic
memory allocation scheme is used). For a large key
this is more likely to return.
2019-09-04 11:31:14 +01:00
Adrian L. Shaw
15731c1422 Added PSA_ERROR_STORAGE_FAILURE to psa_export_key
It may be possible that an implementation does not
fetch key material until a command like
this is called and such an error may occur if an
off-chip secure storage dependency may have been wiped.
2019-09-04 11:31:14 +01:00
Adrian L. Shaw
23c006f45e Added missing return codes to get_key_attributes
Note that PSA_ERROR_NOT_PERMITTED is not included
because I can't think of a scenario where you have
a valid key handle but aren't allowed to read the
attributes
2019-09-04 11:31:14 +01:00
Adrian L. Shaw
39797aa34c Fix erroneous cut and paste 2019-09-04 11:30:18 +01:00
Adrian L. Shaw
fbf7f121f9 Separate return codes for unsupported and invalid algorithms 2019-09-04 11:30:18 +01:00
Adrian L. Shaw
66200c4e98 Add PSA_ERROR_STORAGE_FAILURE to psa_cipher_generate_iv 2019-09-04 11:30:18 +01:00
Adrian L. Shaw
f97c8523ee Add CORRUPTION_DETECTED to psa_close_key 2019-09-04 11:30:18 +01:00
Adrian L. Shaw
6725757cec Remove errorneous insert 2019-09-04 11:30:18 +01:00
Adrian L. Shaw
484ba88a0f Add STORAGE_FAILURE everywhere + add missing codes 2019-09-04 11:30:18 +01:00
Adrian L. Shaw
dc5bf5c8e7 Add storage failure to (encrypt/decrypt)_setup 2019-09-04 11:30:18 +01:00
Adrian L. Shaw
d9e9024885 Add storage failure to psa_mac_verify_finish 2019-09-04 11:30:18 +01:00
Adrian L. Shaw
263223689f Add storage failure to psa_mac_sign_finish 2019-09-04 11:30:18 +01:00
Adrian L. Shaw
8d0bcf27ec Add PSA_ERROR_INVALID_ARGUMENT to psa_hash_compare 2019-09-04 11:30:17 +01:00
Adrian L. Shaw
df3c7ac645 Remove trailing whitespace 2019-09-04 11:30:17 +01:00
Adrian L. Shaw
d789dc13da Added a few more return codes 2019-09-04 11:30:17 +01:00
Adrian L. Shaw
3e41249417 Add PSA_ERROR_STORAGE_FAILURE to psa_aead_*_setup functions 2019-09-04 11:30:17 +01:00
Adrian L. Shaw
71b33ffcf8 Add missing error codes to psa_generate_random 2019-09-04 11:30:17 +01:00
Adrian L. Shaw
0d280b9873 Add missing error codes for psa_raw_key_agreement 2019-09-04 11:30:17 +01:00
Adrian L. Shaw
a3f6ba5843 Added PSA_ERROR_STORAGE_FAILURE to psa_cipher_(encrypt/decrypt) 2019-09-04 11:30:17 +01:00
Adrian L. Shaw
320659b54c Added PSA_ERROR_BAD_STATE to functions with operations
In the case that the operation object has not been initialized
appropriately.
2019-09-04 11:30:17 +01:00
Adrian L. Shaw
e970d65273 Added extra bad state case to psa_hash_setup 2019-09-04 11:30:17 +01:00
Adrian L. Shaw
6e758c9bb8 Add missing return codes to psa_asymmetric_verify 2019-09-04 11:30:17 +01:00
Adrian L. Shaw
27c121574b Add missing parameters to psa_asymmetric_sign 2019-09-04 11:30:17 +01:00
Adrian L. Shaw
d21c6e6566 Add missing return codes to psa_generate_key 2019-09-04 11:30:17 +01:00
Adrian L. Shaw
c207ba376e Added missing return codes to psa_aead_decrypt 2019-09-04 11:30:17 +01:00
Adrian L. Shaw
96f31ada18 Add missing return codes to psa_asymmetric_decrypt 2019-09-04 11:30:17 +01:00
Adrian L. Shaw
f961d5c9e6 Add missing return codes to psa_asymmetric_encrypt 2019-09-04 11:30:17 +01:00
Adrian L. Shaw
53d90c5199 Only return PSA_ERROR_DOES_NOT_EXIST from psa_open_key 2019-09-04 11:30:17 +01:00
Adrian L. Shaw
9770d0e0f8 Add PSA_ERROR_STORAGE_FAILURE to psa_mac_verify_setup 2019-09-04 11:30:17 +01:00
Adrian L. Shaw
2409ba0429 Added PSA_ERROR_STORAGE_FAILURE to psa_mac_sign_setup 2019-09-04 11:30:17 +01:00
Adrian L. Shaw
7563ed17ab Remove PSA_ERROR_DOES_NOT_EXIST from psa_mac_sign_setup 2019-09-04 11:30:17 +01:00
Adrian L. Shaw
d5ae06b1e3 Add PSA_ERROR_BUFFER_TOO_SMALL to psa_mac_compute 2019-09-04 11:30:17 +01:00
Adrian L. Shaw
dec47b6f9d Added the possibility of PSA_ERROR_BAD_STATE to all functions 2019-09-04 11:30:17 +01:00
Adrian L. Shaw
fa591c44af Added PSA_ERROR_STORAGE_FAILURE to psa_mac_compute
In case the key could not be retrieved from
storage.
2019-09-04 11:30:17 +01:00
Adrian L. Shaw
f7d852a9d5 Added PSA_ERROR_BUFFER_TOO_SMALL to psa_hash_compute 2019-09-04 11:30:17 +01:00
Adrian L. Shaw
60b0320af0 Add PSA_ERROR_STORAGE_FAILURE to psa_copy_key 2019-09-04 11:30:17 +01:00
Adrian L. Shaw
398b3c27e0 Add PSA_ERROR_STORAGE_FAILURE to psa_export_public_key
The same reason that it is included in psa_export_key
2019-09-04 11:30:17 +01:00
Adrian L. Shaw
e926e7370f Removed PSA_DOES_NOT_EXIST from psa_export_public_key
The implementation should return PSA_ERROR_INVALID_HANDLE instead.
2019-09-04 11:30:17 +01:00
Adrian L. Shaw
88c51adfc0 Added PSA_ERROR_INSUFFICIENT_MEMORY to psa_export_public_key
For the same reasons that psa_export_key can fail with this error
2019-09-04 11:30:17 +01:00
Adrian L. Shaw
742084ea25 Removed PSA_ERROR_DOES_NOT_EXIST from psa_export_key
If the key doesn't exist by the time this call is made
then the handle is invalid,
which means that PSA_ERROR_INVALID_HANDLE should be
returned rather than "does not exist"
2019-09-04 11:30:17 +01:00
Adrian L. Shaw
0542d595ce Add PSA_ERROR_INSUFFICIENT_MEMORY to psa_export_key
It may be possible that the implementation runs out of
memory when exporting a key from storage or a secure
element. For example, it may not be possible to directly
move the data from storage to the caller, so the implementation
will have to buffer the material temporarily (an issue if dynamic
memory allocation scheme is used). For a large key
this is more likely to return.
2019-09-04 11:30:17 +01:00
Adrian L. Shaw
89b7152ed0 Added PSA_ERROR_STORAGE_FAILURE to psa_export_key
It may be possible that an implementation does not
fetch key material until a command like
this is called and such an error may occur if an
off-chip secure storage dependency may have been wiped.
2019-09-04 11:30:17 +01:00
Adrian L. Shaw
29b64073af Added missing return codes to get_key_attributes
Note that PSA_ERROR_NOT_PERMITTED is not included
because I can't think of a scenario where you have
a valid key handle but aren't allowed to read the
attributes
2019-09-04 11:30:17 +01:00
Jaeden Amero
21db2a94a4
Merge pull request #229 from k-stachowiak/IOTCRYPT-791-remove-legacy-psa-key-derivation
Remove legacy psa key derivation
2019-08-29 11:31:23 +01:00
Andrew Thoelke
8824daec6f Editorial fixes. 2019-08-22 15:52:32 +01:00
Andrew Thoelke
07f16b78ff Update documentation for psa_destroy_key
Define the affect on handles to the key and on active multipart 
operations.
2019-08-22 15:52:32 +01:00
Andrew Thoelke
3daba812d7 Update documentation for psa_close_key
Adjust the wording to permit multiple handles to a single key - closing
a handle does not necessarily release volatile memory associated with
the key, that only occurs when the last handle is closed.
2019-08-22 15:52:32 +01:00
Andrew Thoelke
9741b11440 Update psa_open_key documentation
- Describe the implementation defined behavior for opening multiple 
keys, and provide a reference to the relevant section.

- Describe the use of INSUFFICENT_MEMORY error to indicate additional 
implementation resource constaints.

- Clarify the distinction between DOES_NOT_EXIST and INVALID_HANDLE 
error conditions.
2019-08-22 15:52:32 +01:00
Andrew Thoelke
203491c65d Remove duplicated information in psa_open_key
The information about implmementation keys is duplicated.
2019-08-22 15:52:31 +01:00
k-stachowiak
b9b4f09c47 Document new error type returned from the key derivation API 2019-08-15 19:01:59 +02:00
Gilles Peskine
adb1c52149
Merge pull request #157 from gilles-peskine-arm/psa-se_driver-create_key
Secure element key creation foundation
2019-07-26 14:39:55 +02:00
Gilles Peskine
105f67f0fa Move the definition of psa_key_attributes_t to crypto_types.h
psa_key_attributes_t is used in the SE driver HAL, so it must be
defined in a common header, not in the API-only header crypto.h.
2019-07-23 18:43:28 +02:00
Andrew Thoelke
d16bdac9b5 Use stdint.h types in multipart AEAD functions
No implementation yet.
2019-07-15 11:14:56 +02:00
Andrew Thoelke
47629d076e Use stdint.h types
Follow MISRA C 2012 rules by using exact width types from stdint.h.
2019-07-15 11:14:56 +02:00
Gilles Peskine
6a21123619 Remove obsolete mentions of PSA_ERROR_EMPTY_SLOT
There are no more "empty slots", so finish removing the corresponding
error.
2019-05-21 19:11:07 +02:00
Gilles Peskine
4754cdeef8 Improve description of psa_open_key()
Remove obsolete reference to psa_make_key_persistent().
2019-05-21 18:43:18 +02:00
Gilles Peskine
a0c0655c91 Add missing declarations to the API document
PSA_KEY_ATTRIBUTES_INIT and psa_key_attributes_init weren't declared
in the API document, only defined in our implementation, but they are
referenced in the API document.
2019-05-21 15:54:54 +02:00
Jaeden Amero
fba7539ad7
Merge pull request #269 from ARMmbed/psa-slots_to_handles
Update API documentation to refer to handles and key ids, not slots
2019-05-17 10:18:34 +01:00
Gilles Peskine
eff4942202
Merge pull request #268 from ARMmbed/psa-error_tampering_detected
Rename PSA_ERROR_TAMPERING_DETECTED to PSA_ERROR_CORRUPTION_DETECTED
2019-05-17 11:06:09 +02:00
Gilles Peskine
35ef36b62f Rename psa_generate_random_key back to psa_generate_key
generate_key is a more classical name. The longer name was only
introduced to avoid confusion with getting a key from a generator,
which is key derivation, but we no longer use the generator
terminology so this reason no longer applies.

perl -i -pe 's/psa_generate_random_key/psa_generate_key/g' $(git ls-files)
2019-05-17 10:56:57 +02:00
Gilles Peskine
c93b80c350 Rename *KEYPAIR* to *KEY_PAIR*
Be consistent with PUBLIC_KEY.

perl -i -pe 's/KEYPAIR/KEY_PAIR/g' $(git ls-files)
2019-05-17 10:56:57 +02:00
Adrian L. Shaw
0a695bd13e Simplify description of psa_copy_key 2019-05-16 22:11:18 +02:00
Adrian L. Shaw
52d83dabd6 Mention psa_close_key in the description of psa_open_key 2019-05-16 22:11:17 +02:00
Adrian L. Shaw
d56456cbe8 Improve descriptions that mention handles and fix incorrect mention of psa_create_key 2019-05-16 22:10:51 +02:00
Adrian L. Shaw
67e1c7ac80 Remove remaining mentions of slots 2019-05-16 22:10:49 +02:00
Gilles Peskine
4b3eb69271 Rename PSA_ERROR_TAMPERING_DETECTED to ..._CORRUPTION_DETECTED
“Tampering detected” was misleading because in the real world it can
also arise due to a software bug. “Corruption detected” is neutral and
more precisely reflects what can trigger the error.

perl -i -pe 's/PSA_ERROR_TAMPERING_DETECTED/PSA_ERROR_CORRUPTION_DETECTED/gi' $(git ls-files)
2019-05-16 21:35:18 +02:00
Gilles Peskine
20a77aeac7 RSA key generation: require e=65537 2019-05-16 19:51:10 +02:00
Gilles Peskine
a130219ac0 Move remaining text about DSA out of the specification 2019-05-16 19:51:10 +02:00
Gilles Peskine
dcaefae849 Parametrize Diffie-Hellman keys by a group identifier
Parametrize finite-field Diffie-Hellman key types with a DH group
identifier, in the same way elliptic curve keys are parametrized with
an EC curve identifier.

Define the DH groups from the TLS registry (these are the groups from
RFC 7919).

Replicate the macro definitions and the metadata tests from elliptic
curve identifiers to DH group identifiers.

Define PSA_DH_GROUP_CUSTOM as an implementation-specific extension for
which domain parameters are used to specify the group.
2019-05-16 19:51:10 +02:00
Gilles Peskine
24f10f85e2 Remove domain parameters from the official API
Move psa_get_key_domain_parameters() and
psa_set_key_domain_parameters() out of the official API and declare
them to be implementation-specific extensions.

Expand the documentation of psa_set_key_domain_parameters() a bit to
explain how domain parameters are used.

Remove all mentions of domain parameters from the documentation of API
functions. This leaves DH and DSA effectively unusable.
2019-05-16 19:27:05 +02:00
Gilles Peskine
58fe9e8afe Correct the description of psa_raw_key_agreement
There was some copypasta from the KA+KDF function's description.
2019-05-16 18:55:25 +02:00
Gilles Peskine
be697d8324 Shorten the name of psa_key_agreement_raw_shared_secret
There is less of a risk of confusion with the KA+KDF function now.
2019-05-16 18:55:25 +02:00
Gilles Peskine
1cb9a08d6a Reorder key derivation functions in the header file
Present key derivation functions in a more logical order,
corresponding roughly to the order in which an application would call
them.
2019-05-16 18:55:25 +02:00
Gilles Peskine
cf7292e257 Wrap and reindent some lines
After renaming several identifiers, re-wrap and re-indent some lines
to make the code prettier.
2019-05-16 18:55:25 +02:00
Gilles Peskine
35675b6b26 Terminology: say "key derivation operation", not "generator"
Generators are mostly about key derivation (currently: only about key
derivation). "Generator" is not a commonly used term in cryptography.
So favor "derivation" as terminology.

This commit updates the function descriptions.
2019-05-16 18:55:25 +02:00
Gilles Peskine
cbe6650394 Rename generator-related internal identifiers
perl -pe 's/crypto_generator/key_derivation/gi' $(git ls-files)
    perl -pe 's/_generator/_key_derivation/gi' $(git ls-files)
2019-05-16 18:55:25 +02:00
Gilles Peskine
a99d3fbd05 Rename generator functions to psa_key_derivation_xxx
Generators are mostly about key derivation (currently: only about key
derivation). "Generator" is not a commonly used term in cryptography.
So favor "derivation" as terminology. Call a generator a key
derivation operation structure, since it behaves like other multipart
operation structures. Furthermore, the function names are not fully
consistent.

In this commit, I rename the functions to consistently have the prefix
"psa_key_derivation_". I used the following command:

    perl -i -pe '%t = (
        psa_crypto_generator_t => "psa_key_derivation_operation_t",
        psa_crypto_generator_init => "psa_key_derivation_init",
        psa_key_derivation_setup => "psa_key_derivation_setup",
        psa_key_derivation_input_key => "psa_key_derivation_input_key",
        psa_key_derivation_input_bytes => "psa_key_derivation_input_bytes",
        psa_key_agreement => "psa_key_derivation_key_agreement",
        psa_set_generator_capacity => "psa_key_derivation_set_capacity",
        psa_get_generator_capacity => "psa_key_derivation_get_capacity",
        psa_generator_read => "psa_key_derivation_output_bytes",
        psa_generate_derived_key => "psa_key_derivation_output_key",
        psa_generator_abort => "psa_key_derivation_abort",
        PSA_CRYPTO_GENERATOR_INIT => "PSA_KEY_DERIVATION_OPERATION_INIT",
        PSA_GENERATOR_UNBRIDLED_CAPACITY => "PSA_KEY_DERIVATION_UNLIMITED_CAPACITY",
        ); s/\b(@{[join("|", keys %t)]})\b/$t{$1}/ge' $(git ls-files)
2019-05-16 18:55:21 +02:00