Moran Peker
406008ab4c
add missing check on output_size in psa_cipher_update func
2018-09-05 12:14:28 +03:00
Moran Peker
bed71a2b17
fix missing check on output_size in psa_cipher_finish func
2018-09-05 12:14:28 +03:00
Moran Peker
0071b873a3
add missing parameter output_size on psa_cipher_finish
2018-09-05 12:14:28 +03:00
Moran Peker
4c80d8331a
adjust indentation per Mbed TLS standards
2018-09-05 12:14:28 +03:00
mohammad1603
b152d4d8b6
add test scenarios to decrypt and encrypt input and compare with given output
2018-09-05 12:14:28 +03:00
mohammad1603
89e0f468bf
style
2018-09-05 12:14:28 +03:00
Moran Peker
41deec4494
partly pr fix
2018-09-05 12:14:28 +03:00
Moran Peker
e1210dcac3
remove unused parameter in psa_cipher_finish.
2018-09-05 12:14:28 +03:00
Moran Peker
3205a6592b
tests fix
2018-09-05 12:14:28 +03:00
mohammad1603
16864af80b
fix static function name
2018-09-05 12:14:28 +03:00
mohammad1603
8481e74ecc
CR fixes
...
more fixes
Compilation fixes
Compilation fixes for PSA crypto code and tests
2018-09-05 12:14:28 +03:00
mohammad1603
efb0107fbe
CR fix, remove exposing ECB
2018-09-05 12:14:27 +03:00
mohammad1603
990a18c2f0
add ecb to cipher algorithms
2018-09-05 12:14:27 +03:00
Gilles Peskine
5100318a92
Merge pull request #18 from ARMmbed/psa-wrapper-apis-export-publickey
...
Export public key implementation (#18 )
2018-09-05 12:13:23 +03:00
mohammad1603
8275961178
warnings fixes
2018-09-05 12:13:23 +03:00
mohammad1603
503973bdf3
initial implementation for PSA symmetric APIs - missing tests and documentations
2018-09-05 12:13:23 +03:00
Moran Peker
8756763cf1
change error check on psa_internal_export_key func
2018-09-05 12:13:23 +03:00
Gilles Peskine
785fd55a39
Whitespace fixes; removed redundant parentheses
...
No semantic change.
2018-09-05 12:13:23 +03:00
Moran Peker
cceea98bfe
adjust indentation per Mbed TLS standards
2018-09-05 12:13:23 +03:00
Moran Peker
d732659867
adjust indentation per Mbed TLS standards
2018-09-05 12:13:23 +03:00
Moran Peker
17e36e1bd9
fix conditions
2018-09-05 12:13:23 +03:00
Moran Peker
6036432617
adjust indentation per Mbed TLS standards
2018-09-05 12:13:23 +03:00
Moran Peker
a998bc6ac9
psa_internal_export_key function for common code.
...
create psa_internal_export_key function for common code in psa_export_key and psa_export_public_key.
2018-09-05 12:13:22 +03:00
Moran Peker
5010828fb6
adjust indentation per Mbed TLS standards
2018-09-05 12:13:22 +03:00
Moran Peker
b4d0ddd2d3
psa_export_public_key
2018-09-05 12:13:20 +03:00
Moran Peker
dd4ea38d58
export public key
2018-09-05 12:10:47 +03:00
itayzafrir
7b30f8b0c9
Added handling for MBEDTLS_ERR_ECP_XXX error codes
...
Added handling for MBEDTLS_ERR_ECP_XXX error codes
2018-09-05 12:10:47 +03:00
itayzafrir
5c7533923a
ECDSA sign and verify implementation and tests
...
ECDSA sign and verify implementation and tests
2018-09-05 12:10:47 +03:00
Gilles Peskine
a0655c3501
Merge remote-tracking branch 'psa/pr/13' into feature-psa
...
Conflicts:
library/psa_crypto.c
tests/suites/test_suite_psa_crypto.data
tests/suites/test_suite_psa_crypto.function
All the conflicts are concurrent additions where the order doesn't
matter. I put the code from feature-psa (key policy) before the code
from PR #13 (key lifetime).
2018-09-05 12:10:43 +03:00
mohammad1603
ea0500936e
Change behavior of psa_get_key_lifetime()
...
psa_get_key_lifetime() behavior changed regarding empty slots, now
it return the lifetime of and empty slots. Documentation in header
file updated accordingly.
2018-09-05 12:01:37 +03:00
mohammad1603
5d7ec2033d
fix key lifetime set implementation , tests accordingly
2018-09-05 12:01:37 +03:00
mohammad1603
ba178511f4
Remove unused and duplicated erros, fix documentation and tests
...
Remove unused and duplicated erros, fix documentation and tests
2018-09-05 12:01:37 +03:00
mohammad1603
060ad8ac34
Compilation and tests fixes
2018-09-05 12:01:37 +03:00
mohammad1603
804cd71bf8
initial key lifetime implementation and tests
2018-09-05 12:01:37 +03:00
Gilles Peskine
c63b6ba754
Merge remote-tracking branch 'psa/pr/14' into feature-psa
...
Conflict resolution:
* `tests/suites/test_suite_psa_crypto.data`: in the new tests from PR #14 ,
rename `PSA_ALG_RSA_PKCS1V15_RAW` to `PSA_ALG_RSA_PKCS1V15_SIGN_RAW` as
was done in PR #15 in the other branch.
2018-09-05 12:01:34 +03:00
Gilles Peskine
47c1bc0458
Correct some return codes
2018-09-05 11:53:26 +03:00
mohammad1603
38a622b68b
Function psa_get_key_policy() now return policy value for empty slots
...
Function psa_get_key_policy() now return policy value for empty slots
2018-09-05 11:53:26 +03:00
mohammad1603
5feda72d7a
Remove usage of PSA_ERROR_INVALID_KEY_POLICY
...
use PSA_ERROR_INVALID_ARGUMENT instead of INVALID_KEY_POLICY error
2018-09-05 11:53:26 +03:00
mohammad1603
6df908f234
Add static internal MAC finish function
...
add new psa_mac_finish_internal() to be called by psa_mac_finish() and
psa_mac_verify() in order to be able to check key usage separatly.
2018-09-05 11:53:26 +03:00
Gilles Peskine
a59262338a
Rename PKCS1V15 to PKCS1V15_SIGN
...
There's PKCS1V15_CRYPT as well (to be added soon).
2018-09-05 11:53:26 +03:00
mohammad1603
4eed757901
add new test scenarios
2018-09-05 11:53:26 +03:00
mohammad1603
06e7920be5
integrate policy key usage in export and asymmetric sign functions
2018-09-05 11:53:26 +03:00
mohammad1603
8cc1ceec3e
Key Policy APIs implementation
2018-09-05 11:53:26 +03:00
Gilles Peskine
dc2fc8443f
Rename xxx_of_psa functions to xxx_from_psa
...
Be consistent with how similar functions are named in Mbed TLS.
2018-09-05 11:53:25 +03:00
Gilles Peskine
3c6e970752
Fix memory leak in psa_destroy_key
2018-09-05 11:53:25 +03:00
Gilles Peskine
6d9121381a
Add some comments to document some non-obvious coding choices
2018-09-05 11:53:25 +03:00
Gilles Peskine
e4ebc12fcd
psa_crypto_init: set the global initialized flag
2018-09-05 11:53:25 +03:00
Gilles Peskine
8c9def3e7f
PSA: Implement MAC functions
...
Implement psa_mac_start, psa_mac_update and psa_mac_final.
Implement HMAC anc CMAC.
Smoke tests.
2018-09-05 11:53:25 +03:00
Gilles Peskine
9ef733faa0
Implement hash functions
...
New header file crypto_struct.h. The main file crypto.sh declares
structures which are implementation-defined. These structures must be
defined in crypto_struct.h, which is included at the end so that the
structures can use types defined in crypto.h.
Implement psa_hash_start, psa_hash_update and psa_hash_final. This
should work for all hash algorithms supported by Mbed TLS, but has
only been smoke-tested for SHA-256, and only in the nominal case.
2018-09-05 11:53:25 +03:00
Gilles Peskine
a590529938
Greatly expanded mbedtls_to_psa_error
...
It now covers most cryptography algorithm modules (missing: bignum,
DHM, everything ECC, HMAC_DRBG).
2018-09-05 11:53:24 +03:00
Gilles Peskine
93aa0334d9
PSA asymmetric signature: set *signature_length = 0 on failure
2018-09-05 11:53:24 +03:00
Gilles Peskine
20035e3579
PSA crypto: asymmetric signature (RSA PKCS#1v1.5 only)
...
Define hash algorithms and RSA signature algorithms.
New function psa_asymmetric_sign.
Implement psa_asymmetric_sign for RSA PKCS#1 v1.5.
2018-09-05 11:53:24 +03:00
Gilles Peskine
c66ea6a921
PSA key import: support RSA public keys
...
Use different key types for private keys and public keys.
2018-09-05 11:53:24 +03:00
Gilles Peskine
969ac726d9
PSA RSA key import: don't rely on pk so much
...
Don't use the pk module except as required for pkparse/pkwrite. The
PSA crypto layer is meant to work alongside pk, not on top of it.
Fix the compile-time dependencies on RSA/ECP handling in
psa_export_key, psa_destroy_key and psa_get_key_information.
2018-09-05 11:53:24 +03:00
Gilles Peskine
2f9c4dc5ad
Add key management functions
...
Define psa_key_type_t and a first stab at a few values.
New functions psa_import_key, psa_export_key, psa_destroy_key,
psa_get_key_information. Implement them for raw data and RSA.
Under the hood, create an in-memory, fixed-size keystore with room
for MBEDTLS_PSA_KEY_SLOT_COUNT - 1 keys.
2018-09-05 11:53:24 +03:00
Gilles Peskine
e59236fc17
Add PSA crypto module
...
New module psa_crypto.c (MBEDTLS_PSA_CRYPTO_C):
Platform Security Architecture compatibility layer on top of
libmedcrypto.
Implement psa_crypto_init function which sets up a RNG.
Add a mbedtls_psa_crypto_free function which deinitializes the
library.
Define a first batch of error codes.
2018-09-05 10:59:00 +03:00