Commit Graph

11344 Commits

Author SHA1 Message Date
Gilles Peskine
1801740a7c SE driver: report the bit size on key import
Add a parameter to the key import method of a secure element driver to
make it report the key size in bits. This is necessary (otherwise the
core has no idea what the bit-size is), and making import report it is
easier than adding a separate method (for other key creation methods,
this information is an input, not an output).
2019-07-29 18:07:09 +02:00
Gilles Peskine
dc5bfe9784 SE keys: implement and test psa_get_key_attributes 2019-07-29 18:07:03 +02:00
Gilles Peskine
424f89453b SE keys: store the bit size internally (partial implementation)
This commit blindingly copies the size from the attributes. This is
not correct for copy and import.
2019-07-29 17:06:06 +02:00
Gilles Peskine
adb1c52149
Merge pull request #157 from gilles-peskine-arm/psa-se_driver-create_key
Secure element key creation foundation
2019-07-26 14:39:55 +02:00
Gilles Peskine
66be51c35d If starting a transaction fails, wipe the transaction data
Nothing has been saved to disk yet, but there is stale data in
psa_crypto_transaction. This stale data should not be reused, but do
wipe it to reduce the risk of it mattering somehow in the future.
2019-07-26 13:23:51 +02:00
Gilles Peskine
2ea06fd48d Improve documentation of transaction storage 2019-07-26 13:23:51 +02:00
Gilles Peskine
f9bb29ec26 Add boilerplate to recover a transaction during init 2019-07-25 17:52:59 +02:00
Gilles Peskine
4aea1036c6 Bug fix: don't start a transaction for non-SE keys 2019-07-25 17:38:34 +02:00
Gilles Peskine
340b127ed1 psa_destroy_se_key: explain why the error is NOT_PERMITTED 2019-07-25 14:13:24 +02:00
Gilles Peskine
0c3ae1f0b4 Improve documentation of SE driver persistent state
Explain what it can be used for and when it is saved to storage.
2019-07-25 14:04:38 +02:00
Gilles Peskine
2e0f388d2a Don't explicitly dereference function pointers
Be stylistically consistent.
2019-07-25 11:42:19 +02:00
Gilles Peskine
60450a4812 Improve comments 2019-07-25 11:32:45 +02:00
Gilles Peskine
725f22a545 Bug fix: save the driver's persistent data in destroy_key 2019-07-25 11:32:27 +02:00
Gilles Peskine
adad813d7b psa_key_slot_is_external exists. Use it. 2019-07-25 11:32:27 +02:00
Gilles Peskine
6a3dd89a64 Improve alignment in comments 2019-07-25 10:56:39 +02:00
Gilles Peskine
f77a6acf83 Fix indentation 2019-07-25 10:51:03 +02:00
Jaeden Amero
456674d585
Merge pull request #186 from simonqhughes/psa-storage-and-cmake-fix
Add CMake option for explicitly link library to trusted_storage
2019-07-24 15:52:21 +01:00
Gilles Peskine
4b73422318 Transaction support: be more future-proof
If there's ever a non-SE-related transaction, make sure it gets
handled during init.
2019-07-24 15:56:31 +02:00
Gilles Peskine
75c126b958 Explain some non-obvious parts of the code
Comment changes only.
2019-07-24 15:56:01 +02:00
Gilles Peskine
f96aefe3ad Test with secure element support
Test with default config + SE with Clang and with full config + SE
with GCC, for variety. Full+Clang+Asan has known issues so don't do
that.
2019-07-24 14:58:38 +02:00
Gilles Peskine
d0e66b00fb Turn off secure element support by default
Secure element support is not yet usable in the real world. Only part
of the feature is implemented and the part that's implemented is not
sufficient for real-world uses. A lot of error handling is missing,
and there are no tests.

This commit should be reverted once the feature has stabilized.
2019-07-24 13:52:51 +02:00
Gilles Peskine
105736653f SE keys: test that no function goes crazy
Run all functions that take a key handle as input with a key that is
in a secure element. All calls are expected to error out one way or
another (not permitted by policy, invalid key type, method not
implemented in the secure element, ...). The goal of this test is to
ensure that nothing bad happens (e.g. invalid pointer dereference).

Run with various key types and algorithms to get good coverage.
2019-07-24 13:45:36 +02:00
Gilles Peskine
d1cd766e96 SE keys: test NOT_SUPPORTED error from generate_key 2019-07-24 13:45:02 +02:00
Gilles Peskine
f4ee662868 SE keys: error out in key creation function that lack support 2019-07-24 13:44:30 +02:00
Gilles Peskine
89870eb123 Cosmetic improvements in SE driver tests 2019-07-24 13:44:03 +02:00
Gilles Peskine
28f8f3068f SE keys: ensure that functions that lack support properly error out
Introduce a new function psa_get_transparent_key which returns
NOT_SUPPORTED if the key is in a secure element. Use this function in
functions that don't support keys in a secure element.

After this commit, all functions that access a key slot directly via
psa_get_key_slot or psa_get_key_from_slot rather than via
psa_get_transparent_key have at least enough support for secure
elements not to crash or otherwise cause undefined behavior. Lesser
bad behavior such as wrong results or resource leakage is still
possible in error cases.
2019-07-24 13:30:31 +02:00
Moshe Shahar
6763fe4a12 Change LINK_WITH_TRUSTED_STORAGE option to OFF 2019-07-24 14:19:35 +03:00
Moshe Shahar
7e36765945 Add CMake option for explicitly link library to trusted_storage (#2)
option name: LINK_WITH_TRUSTED_STORAGE
default value: ON
2019-07-24 13:32:13 +03:00
Jaeden Amero
b992313f47
Merge pull request #180 from simonqhughes/feature-psa-storage
PSA Storage: Add psa_trusted_storage_linux persistent storage support for v1.0.0 APIs
2019-07-24 11:19:32 +01:00
Gilles Peskine
573bbc1b4e Error out if a driver tries to store more than ITS can handle
Cast explicitly for the sake of MSVC which otherwise (usefully!) warns
about the truncation.
2019-07-23 20:23:16 +02:00
Gilles Peskine
831ac72338 Add transaction file and driver storage; new key file format
Update the storage architecture with the new features introduced for
secure element support:

* Lifetime field in key files.
* Slot number in key files for keys in a secure element.
* Transaction file (name and format).
* Persistent storage for secure element drivers (name and format).

The version number is not determined yet.
2019-07-23 19:32:21 +02:00
Gilles Peskine
105f67f0fa Move the definition of psa_key_attributes_t to crypto_types.h
psa_key_attributes_t is used in the SE driver HAL, so it must be
defined in a common header, not in the API-only header crypto.h.
2019-07-23 18:43:28 +02:00
Gilles Peskine
9dd125d8bb Fix overly complex Doxygen markup 2019-07-23 18:43:28 +02:00
Simon D Hughes
bda5a21112 Add psa_trusted_storage_linux persistent storage support for v1.0.0 APIs
The following provides more information on this PR:
- PSA stands for Platform Security Architecture.
- Add support for use of psa_trusted_storage_api internal_trusted_storage.h v1.0.0
  as the interface to the psa_trusted_storage_linux backend (i.e. for persistent
  storage when MBEDTLS_PSA_ITS_FILE_C is not defined). This requires changes
  to psa_crypto_its.h and psa_crypto_storage.c to migrate to the new API.
2019-07-23 17:30:37 +01:00
Gilles Peskine
1d04b05fae Dear check-names, where you accept struct, also accept union. 2019-07-23 17:38:41 +02:00
Gilles Peskine
8b96cad204 SE drivers: implement persistent storage
Store the persistent data of secure element drivers.

This is fully implemented, but not at all tested.
2019-07-23 17:38:08 +02:00
Gilles Peskine
1df83d4f5b SE keys: implement persistent storage
For a key in a secure element, persist the key slot.

This is implemented in the nominal case. Failures may not be handled
properly.
2019-07-23 16:13:14 +02:00
Gilles Peskine
0e8d495bd9 Add the lifetime to the key storage format
Stored keys must contain lifetime information. The lifetime used to be
implied by the location of the key, back when applications supplied
the lifetime value when opening the key. Now that all keys' metadata
are stored in a central location, this location needs to store the
lifetime explicitly.
2019-07-23 14:46:52 +02:00
Gilles Peskine
bfd322ff34 Use a key attribute structure in the internal storage interface
Pass information via a key attribute structure rather than as separate
parameters to psa_crypto_storage functions. This makes it easier to
maintain the code when the metadata of a key evolves.

This has negligible impact on code size (+4B with "gcc -Os" on x86_64).
2019-07-23 13:31:54 +02:00
Gilles Peskine
274a2637f2 Make whitespace consistent 2019-07-23 11:29:06 +02:00
Gilles Peskine
6032673b39 Fix Doxygen reference
Pass doxygen.sh
2019-07-22 20:10:36 +02:00
Gilles Peskine
fc76265385 Do secure element key creation and destruction in a transaction
Key creation and key destruction for a key in a secure element both
require updating three pieces of data: the key data in the secure
element, the key metadata in internal storage, and the SE driver's
persistent data. Perform these actions in a transaction so that
recovery is possible if the action is interrupted midway.
2019-07-22 19:46:22 +02:00
Gilles Peskine
c8336cb8f9 Implement a transaction record storage for resilience
Implement a transaction record that can be used for actions that
modify more than one piece of persistent data (whether in the
persistent storage or elsewhere such as in a secure element).

While performing a transaction, the transaction file is present in
storage. If the system starts with an ongoing transaction, it must
complete the transaction (not implemented yet).
2019-07-22 19:46:22 +02:00
Jaeden Amero
9565a9732b
Merge pull request #173 from Patater/prep-remove-crypto-from-tls
Prepare for removing crypto from mbedtls
2019-07-19 16:11:46 +01:00
Jaeden Amero
f7dca86522 Allow building with the -Wunused flag
Make some functions non-static, to avoid Wunused function warnings. Make
a function scoped variable block scoped instead, to avoid Wunused
variable warnings in some configurations.
2019-07-15 15:52:25 +01:00
Jaeden Amero
3a0f08d911 Revert "cpp_dummy_build: Remove dependency on compat-1.3.h"
There is now a test that ensures all headers are included in the
cpp_dummy_build test, so we can't remove compat-1.3.h from the
cpp_dummy_build test until we remove compat-1.3.h.

This reverts commit 2b725ef727.
2019-07-15 15:52:25 +01:00
Jaeden Amero
b8e4ae18cf Remove certs.h
certs.h is not needed in Mbed Crypto. No programs or other library code
use it.
2019-07-15 15:52:25 +01:00
Jaeden Amero
8045cfbaa8 Enable ALT implementations of ripemd160
In configurations wanting an alternative ripemd160 implementation, We
were including the ordinary Mbed Crypto ripemd160.h instead of the
user-provided ripemd160_alt.h. Use the user-provided header instead.
2019-07-15 15:52:25 +01:00
Jaeden Amero
c49fbbf3eb Use mbedtls-based path for includes
To help the build system find the correct include files, paths starting
with "mbedtls/" or "psa/" must be used. Otherwise, you can run into
build failures like the following when building Mbed Crypto as a
submodule.

    In file included from chachapoly.c:31:0:
    ../../include/mbedtls/chachapoly.h:43:10: fatal error: poly1305.h: No such file or directory
     #include "poly1305.h"
              ^~~~~~~~~~~~
    compilation terminated.

Includes for ALT implementations are not modified, as the alt headers
are provided by system integrators and not Mbed TLS or Mbed Crypto.
2019-07-15 15:52:25 +01:00
Gilles Peskine
f61bf9c13b
Merge pull request #170 from gilles-peskine-arm/at-misra-2012
Use stdint.h types
2019-07-15 14:42:15 +02:00