Commit Graph

2691 Commits

Author SHA1 Message Date
Jaeden Amero
0b6b871056
Merge pull request #22 from ARMmbed/iotssl-2697-psa-key-allocation-crypto
Adapting to the new PSA key slot allocation mechanism
2019-01-23 15:00:19 +00:00
Andrzej Kurek
54c139f141 Remove unnecessary "#" sign from PSA macros 2019-01-23 06:23:53 -05:00
Andrzej Kurek
e1a8187df9 pk_wrap: pass curve size instead of a larger size of the exported key
Whitespace fixes
2019-01-23 06:23:21 -05:00
Andrzej Kurek
1ec0fee458 pk: wrap curve_id before passing it to PSA
Add a helper function in PSA utils
2019-01-23 06:23:12 -05:00
Andrzej Kurek
c750932f2c Adapt to the new key allocation mechanism 2019-01-23 06:22:32 -05:00
Jaeden Amero
494624d299
Merge pull request #18 from gilles-peskine-arm/psa-hash_clone
New function psa_hash_clone
2019-01-22 17:35:25 +00:00
Gilles Peskine
e43aa39397 hash_clone: Fix copypasta and add a functional description 2019-01-21 14:50:37 +01:00
Gilles Peskine
d40c1fbd50 Don't require a type and size when creating a key slot
Remove the type and bits arguments to psa_allocate_key() and
psa_create_key(). They can be useful if the implementation wants to
know exactly how much space to allocate for the slot, but many
implementations (including ours) don't care, and it's possible to work
around their lack by deferring size-dependent actions to the time when
the key material is created. They are a burden to applications and
make the API more complex, and the benefits aren't worth it.

Change the API and adapt the implementation, the units test and the
sample code accordingly.
2019-01-19 12:20:52 +01:00
Gilles Peskine
ebb2c3e419 New function psa_hash_clone
Clone a hash operation.

Test good cases as part as multipart tests. Add new test functions for
the state machine.
2019-01-19 12:03:41 +01:00
Jaeden Amero
9e919c636f psa: Document generator requirements consistently
We've added documentation for how context objects for multi-part
operations must be initialized consistently for key policy, hash,
cipher, and MAC. Update the generator documentation to be consistent
with how we've documented the other operations.
2019-01-08 14:28:04 +00:00
Jaeden Amero
5bae227da0 psa: Add initializers for cipher operation objects
Add new initializers for cipher operation objects and use them in our
tests and library code. Prefer using the macro initializers due to their
straightforwardness.
2019-01-08 14:28:04 +00:00
Jaeden Amero
5a5dc77696 psa: Enable easier initialization of cipher operations
The struct psa_cipher_operation_s is built with a
mbedtls_cipher_context_t. The shape of mbedtls_cipher_context_t and an
initializer that works with Clang 5.0 and its
-Wmissing-field-initializers varies based on the configuration of the
library. Instead of making multiple initializers based on a maze of
ifdefs for all combinations of MBEDTLS_CIPHER_MODE_WITH_PADDING,
MBEDTLS_CMAC_C, and MBEDTLS_USE_PSA_CRYPTO, add a dummy variable to
psa_cipher_operation_s's union that encloses mbedtls_cipher_context_t.
This allows us to initialize the dummy with a Clang-approved initializer
and have it properly initialize the entire object.
2019-01-08 14:28:04 +00:00
Jaeden Amero
769ce27f12 psa: Add initializers for MAC operation objects
Add new initializers for MAC operation objects and use them in our tests
and library code. Prefer using the macro initializers due to their
straightforwardness.
2019-01-08 14:28:04 +00:00
Jaeden Amero
6a25b41ac3 psa: Add initializers for hash operation objects
Add new initializers for hash operation objects and use them in our
tests and library code. Prefer using the macro initializers due to their
straightforwardness.
2019-01-08 14:28:04 +00:00
Jaeden Amero
70261c513a psa: Add initializers for key policies
Add new initializers for key policies and use them in our docs, example
programs, tests, and library code. Prefer using the macro initializers
due to their straightforwardness.
2019-01-08 14:28:04 +00:00
Gilles Peskine
75976895c6 Split crypto_driver.h into one for each driver type
Split crypto_driver.h into 4:
* crypto_driver_common.h for common definitions, not meant to be
  included directly by driver code.
* crypto_accel_driver.h for drivers that work with transparent
  key material.
* crypto_se_driver.h for drivers that work with opaque key
  material.
* crypto_entropy_driver.h for drivers of entropy sources.

There is no code change in this commit, I only moved some code around.
2018-12-21 18:17:10 +01:00
Gilles Peskine
5e9c9cca03 Document macros that were referenced
Macros that are referenced need to be documented, otherwise Doxygen
has nothing to link to.
2018-12-21 17:53:12 +01:00
Gilles Peskine
2d59b2cd6b crypto_driver.h: get type definitions from crypto_enum.h
Now that the type definitions that are useful for driver are in a
separate header file from the application interface function
declarations, include that header file in crypto_driver.h.
2018-12-21 17:53:12 +01:00
Gilles Peskine
a7c26db335 Move remaining size macros from crypto.h to crypto_sizes.h
No functional changes, code was only moved from crypto.h to crypto_sizes.h.
2018-12-21 17:53:12 +01:00
Gilles Peskine
f3b731e817 Move integral types and associated macros to their own header
Some parts of the library, and crypto drivers, need to see key types,
algorithms, policies, etc. but not API functions. Move portable
integral types and macros to build and analyze values of these types
to a separate headers crypto_types.h and crypto_values.h.

No functional changes, code was only moved from crypto.h to the new headers.
2018-12-21 17:53:09 +01:00
Gilles Peskine
0344d8171d Simplify the SPM compatibility hack
Define psa_status_t to int32_t unconditionally. There's no reason to
refer to psa_error_t here: psa_error_t is int32_t if it's present. We
would only need a conditional definition if psa_defs.h and
psa_crypto.h used the same type name.

Keep the conditional definition of PSA_SUCCESS. Although the C
preprocessor allows a duplicate definition for a macro, it has to be
the exact same token sequence, not merely an equivalent way to build
the same value.
2018-12-20 20:09:04 +01:00
Gilles Peskine
23fd2bdb94 Update some documentation related to key slots
Some of the documentation is obsolete in its reference to key slots
when it should discuss key handles. This may require a further pass,
possibly with some reorganization of error codes.

Update the documentation of functions that modify key slots (key
material creation and psa_set_key_policy()) to discuss how they affect
storage.
2018-12-11 16:48:14 +01:00
Gilles Peskine
b77a6b25c0 Remove psa_set_key_lifetime
This function is no longer relevant. Use psa_create_key instead.
2018-12-11 16:48:13 +01:00
Gilles Peskine
f6cc435a8a Remove psa_key_slot_t from public headers
This commit marks the beginning of the removal of support for direct
access to key slots. From this commit on, programs that use
psa_key_slot_t will no longer compile.

Subsequent commits will remove the now-unused legacy support in
psa_crypto.c.
2018-12-11 16:48:13 +01:00
Gilles Peskine
ae32aac48e Switch function declarations from key slots to key handles
Replace `psa_key_slot_t key` by `psa_key_handle_t` in function
declarations.

This is a transition period during which handles are key slot numbers
and the whole library can still be used by accessing a key slot number
without allocating a handle.
2018-12-11 16:48:10 +01:00
Gilles Peskine
644cd5fd89 Linkify some macros that were just typeset as text 2018-12-11 16:47:35 +01:00
Gilles Peskine
f535eb2e61 Declare the new slot management functions in crypto.h
No changes to existing functions.
2018-12-11 16:06:51 +01:00
Gilles Peskine
3cac8c4d78 Move declarations related to lifetimes further up in crypto.h
No content change. This is in preparation for declaring the slot
management functions, which need the type psa_key_lifetime_t.
2018-12-05 09:40:07 +01:00
Hanno Becker
6b01a9fa7c Merge branch 'psa_cipher_CRYPTO' into feature-psa-tls-integration-proposed 2018-11-23 15:53:27 +00:00
Hanno Becker
e322d3edd5 Merge branch 'opaque_psk_implementation_CRYPTO' into feature-psa-tls-integration-proposed 2018-11-23 15:53:24 +00:00
Hanno Becker
7fde035ddc Merge branch 'iotssl-2580-pk-opaque-psa_CRYPTO' into feature-psa-tls-integration-proposed 2018-11-23 15:47:20 +00:00
Jaeden Amero
565e0bf49d
Merge pull request #212 from ARMmbed/psa-integration-utilities_CRYPTO
Mbed TLS integration: Shared code between module-specific integration work
2018-11-23 09:00:22 +00:00
Netanel Gonen
596e65e1a5 Fix indentation 2018-11-22 18:41:43 +02:00
Manuel Pégourié-Gonnard
2614562212 Add test utility function: wrap_as_opaque()
The new function is not tested here, but will be in a subsequent PR.
2018-11-22 16:39:39 +00:00
Manuel Pégourié-Gonnard
fe8607350c Add new macro to detemine ECDSA signature length
Revived from a previous PR by Gilles, see:
https://github.com/ARMmbed/mbedtls/pull/1293/files#diff-568ef321d275f2035b8b26a70ee9af0bR71

This will be useful in eliminating temporary stack buffers for transcoding the
signature: in order to do that in place we need to be able to make assumptions
about the size of the output buffer, which this macro will provide. (See next
commit.)
2018-11-22 16:39:39 +00:00
Manuel Pégourié-Gonnard
35a7ff9366 Improve documentation of mbedtls_pk_setup_opaque() 2018-11-22 16:39:39 +00:00
Manuel Pégourié-Gonnard
276cb64e6c Align names to use "opaque" only everywhere
It's better for names in the API to describe the "what" (opaque keys) rather
than the "how" (using PSA), at least since we don't intend to have multiple
function doing the same "what" in different ways in the foreseeable future.
2018-11-22 16:39:39 +00:00
Manuel Pégourié-Gonnard
07b103fe07 Implement can_do for opaque ECC keypairs
Unfortunately the can_do wrapper does not receive the key context as an
argument, so it cannot check psa_get_key_information(). Later we might want to
change our internal structures to fix this, but for now we'll just restrict
opaque PSA keys to be ECDSA keypairs, as this is the only thing we need for
now. It also simplifies testing a bit (no need to test each key type).
2018-11-22 16:39:39 +00:00
Manuel Pégourié-Gonnard
06c631859c Add key generation to opaque test function
While at it, clarify who's responsible for destroying the underlying key. That
can't be us because some keys cannot be destroyed and we wouldn't know. So
let's leave that up to the caller.
2018-11-22 16:39:39 +00:00
Manuel Pégourié-Gonnard
3bc2029a33 Clarify return value of pk_check_pair() 2018-11-22 16:39:39 +00:00
Manuel Pégourié-Gonnard
1ecf92c364 Skeleton for PK_OPAQUE_PSA 2018-11-22 16:39:39 +00:00
Hanno Becker
432084d3f8 Improve doc wording of PSA status field of mbedtls_cipher_context_t 2018-11-22 16:33:01 +00:00
Hanno Becker
9de97d7773 Don't use multiline comments in enums to silence check-names.sh
The sanity checking script tests/scripts/check-names.sh uses a
simple state machine paired with a sequence of `sed` commands to
extract enumeration constants from the code. This code, however,
doesn't work properly when using multiline comments in enumerations
such as recently done in the constants MBEDTLS_CIPHER_PSA_KEY_XXX.

This commit doesn't attempt to make check-names.sh more robust
but instead uses /* ... */ comment indicators in each comment line,
while silences check-names.sh.

Increasing the robustness of check-names.sh is instead tracked
in #2210.
2018-11-22 16:33:01 +00:00
Hanno Becker
fea4915459 Minor rewording in documentation of PSA-based cipher context 2018-11-22 16:33:01 +00:00
Hanno Becker
1908655231 Use enum for slot state in PSA-based cipher context 2018-11-22 16:33:01 +00:00
Hanno Becker
20120b373e Add AEAD tag length to new mbedtls_cipher_setup_psa()
For AEAD ciphers, the information contained in mbedtls_cipher_info
is not enough to deduce a PSA algorithm value of type psa_algorithm_t.
This is because mbedtls_cipher_info doesn't contain the AEAD tag
length, while values of type psa_algorithm_t do.

This commit adds the AEAD tag length as a separate parameter
to mbedtls_cipher_setup_psa(). For Non-AEAD ciphers, the value
must be 0.

This approach is preferred over passing psa_algorithm_t directly
in order to keep the changes in existing code using the cipher layer
small.
2018-11-22 16:33:01 +00:00
Hanno Becker
edda8b8830 Implement mbedtls_cipher_setkey() for PSA-based cipher contexts
This commit implements the internal key slot management performed
by PSA-based cipher contexts. Specifically, `mbedtls_cipher_setkey()`
wraps the provided raw key material into a key slot, and
`mbedtls_cipher_free()` destroys that key slot.
2018-11-22 16:33:01 +00:00
Hanno Becker
6118e43d15 Add PSA-specific cipher context 2018-11-22 16:33:01 +00:00
Hanno Becker
ce1ddee13a Add psa_enabled field to cipher ctx and add dummy implementations
This field determines whether a cipher context should
use an external implementation of the PSA Crypto API for
cryptographic operations, or Mbed TLS' own crypto library.

The commit also adds dummy implementations for the cipher API.
2018-11-22 16:33:01 +00:00
Hanno Becker
4ccfc40aef Add declaration and dummy-definition of mbedtls_cipher_setup_psa() 2018-11-22 16:33:01 +00:00