Merge pull request #7196 from mprse/ecjpake-driver-dispatch-peer-user
EC J-PAKE: partial fix for role vs user+peer
This commit is contained in:
commit
18336dace2
9 changed files with 497 additions and 91 deletions
3
ChangeLog.d/ec_jpake_driver_dispatch.txt
Normal file
3
ChangeLog.d/ec_jpake_driver_dispatch.txt
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
Features
|
||||||
|
* Add a driver dispatch layer for EC J-PAKE, enabling alternative
|
||||||
|
implementations of EC J-PAKE through the driver entry points.
|
4
ChangeLog.d/fix-jpake-user-peer.txt
Normal file
4
ChangeLog.d/fix-jpake-user-peer.txt
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
Bugfix
|
||||||
|
* Allow setting user and peer identifiers for EC J-PAKE operation
|
||||||
|
instead of role in PAKE PSA Crypto API as described in the specification.
|
||||||
|
This is a partial fix that allows only "client" and "server" identifiers.
|
|
@ -374,6 +374,22 @@ psa_status_t psa_crypto_driver_pake_get_password_key(
|
||||||
uint8_t** p_key_buffer, size_t *key_buffer_size,
|
uint8_t** p_key_buffer, size_t *key_buffer_size,
|
||||||
const psa_key_attributes_t *attributes);
|
const psa_key_attributes_t *attributes);
|
||||||
|
|
||||||
|
psa_status_t psa_crypto_driver_pake_get_user_len(
|
||||||
|
const psa_crypto_driver_pake_inputs_t *inputs,
|
||||||
|
size_t *user_len);
|
||||||
|
|
||||||
|
psa_status_t psa_crypto_driver_pake_get_user(
|
||||||
|
const psa_crypto_driver_pake_inputs_t *inputs,
|
||||||
|
uint8_t *user_id, size_t user_id_size, size_t *user_id_len);
|
||||||
|
|
||||||
|
psa_status_t psa_crypto_driver_pake_get_peer_len(
|
||||||
|
const psa_crypto_driver_pake_inputs_t *inputs,
|
||||||
|
size_t *peer_len);
|
||||||
|
|
||||||
|
psa_status_t psa_crypto_driver_pake_get_peer(
|
||||||
|
const psa_crypto_driver_pake_inputs_t *inputs,
|
||||||
|
uint8_t *peer_id, size_t peer_id_size, size_t *peer_id_length);
|
||||||
|
|
||||||
psa_status_t psa_crypto_driver_pake_get_role(
|
psa_status_t psa_crypto_driver_pake_get_role(
|
||||||
const psa_crypto_driver_pake_inputs_t *inputs,
|
const psa_crypto_driver_pake_inputs_t *inputs,
|
||||||
psa_pake_role_t *role);
|
psa_pake_role_t *role);
|
||||||
|
|
|
@ -1300,10 +1300,10 @@ typedef struct psa_jpake_computation_stage_s psa_jpake_computation_stage_t;
|
||||||
*/
|
*/
|
||||||
static psa_pake_operation_t psa_pake_operation_init(void);
|
static psa_pake_operation_t psa_pake_operation_init(void);
|
||||||
|
|
||||||
/** Get the lengths of the password in bytes from given inputs.
|
/** Get the length of the password in bytes from given inputs.
|
||||||
*
|
*
|
||||||
* \param[in] inputs Operation inputs.
|
* \param[in] inputs Operation inputs.
|
||||||
* \param[out] password_len Return buffer for password length.
|
* \param[out] password_len Password length.
|
||||||
*
|
*
|
||||||
* \retval #PSA_SUCCESS
|
* \retval #PSA_SUCCESS
|
||||||
* Success.
|
* Success.
|
||||||
|
@ -1344,6 +1344,70 @@ psa_status_t psa_crypto_driver_pake_get_role(
|
||||||
const psa_crypto_driver_pake_inputs_t *inputs,
|
const psa_crypto_driver_pake_inputs_t *inputs,
|
||||||
psa_pake_role_t *role);
|
psa_pake_role_t *role);
|
||||||
|
|
||||||
|
/** Get the length of the user id in bytes from given inputs.
|
||||||
|
*
|
||||||
|
* \param[in] inputs Operation inputs.
|
||||||
|
* \param[out] user_len User id length.
|
||||||
|
*
|
||||||
|
* \retval #PSA_SUCCESS
|
||||||
|
* Success.
|
||||||
|
* \retval #PSA_ERROR_BAD_STATE
|
||||||
|
* User id hasn't been set yet.
|
||||||
|
*/
|
||||||
|
psa_status_t psa_crypto_driver_pake_get_user_len(
|
||||||
|
const psa_crypto_driver_pake_inputs_t *inputs,
|
||||||
|
size_t *user_len);
|
||||||
|
|
||||||
|
/** Get the length of the peer id in bytes from given inputs.
|
||||||
|
*
|
||||||
|
* \param[in] inputs Operation inputs.
|
||||||
|
* \param[out] peer_len Peer id length.
|
||||||
|
*
|
||||||
|
* \retval #PSA_SUCCESS
|
||||||
|
* Success.
|
||||||
|
* \retval #PSA_ERROR_BAD_STATE
|
||||||
|
* Peer id hasn't been set yet.
|
||||||
|
*/
|
||||||
|
psa_status_t psa_crypto_driver_pake_get_peer_len(
|
||||||
|
const psa_crypto_driver_pake_inputs_t *inputs,
|
||||||
|
size_t *peer_len);
|
||||||
|
|
||||||
|
/** Get the user id from given inputs.
|
||||||
|
*
|
||||||
|
* \param[in] inputs Operation inputs.
|
||||||
|
* \param[out] user_id User id.
|
||||||
|
* \param user_id_size Size of \p user_id in bytes.
|
||||||
|
* \param[out] user_id_len Size of the user id in bytes.
|
||||||
|
*
|
||||||
|
* \retval #PSA_SUCCESS
|
||||||
|
* Success.
|
||||||
|
* \retval #PSA_ERROR_BAD_STATE
|
||||||
|
* User id hasn't been set yet.
|
||||||
|
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
|
||||||
|
* The size of the \p user_id is too small.
|
||||||
|
*/
|
||||||
|
psa_status_t psa_crypto_driver_pake_get_user(
|
||||||
|
const psa_crypto_driver_pake_inputs_t *inputs,
|
||||||
|
uint8_t *user_id, size_t user_id_size, size_t *user_id_len);
|
||||||
|
|
||||||
|
/** Get the peer id from given inputs.
|
||||||
|
*
|
||||||
|
* \param[in] inputs Operation inputs.
|
||||||
|
* \param[out] peer_id Peer id.
|
||||||
|
* \param peer_id_size Size of \p peer_id in bytes.
|
||||||
|
* \param[out] peer_id_length Size of the peer id in bytes.
|
||||||
|
*
|
||||||
|
* \retval #PSA_SUCCESS
|
||||||
|
* Success.
|
||||||
|
* \retval #PSA_ERROR_BAD_STATE
|
||||||
|
* Peer id hasn't been set yet.
|
||||||
|
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
|
||||||
|
* The size of the \p peer_id is too small.
|
||||||
|
*/
|
||||||
|
psa_status_t psa_crypto_driver_pake_get_peer(
|
||||||
|
const psa_crypto_driver_pake_inputs_t *inputs,
|
||||||
|
uint8_t *peer_id, size_t peer_id_size, size_t *peer_id_length);
|
||||||
|
|
||||||
/** Get the cipher suite from given inputs.
|
/** Get the cipher suite from given inputs.
|
||||||
*
|
*
|
||||||
* \param[in] inputs Operation inputs.
|
* \param[in] inputs Operation inputs.
|
||||||
|
@ -1498,6 +1562,7 @@ psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation,
|
||||||
* been set (psa_pake_set_user() hasn't been
|
* been set (psa_pake_set_user() hasn't been
|
||||||
* called yet).
|
* called yet).
|
||||||
* \param[in] user_id The user ID to authenticate with.
|
* \param[in] user_id The user ID to authenticate with.
|
||||||
|
* (temporary limitation: "client" or "server" only)
|
||||||
* \param user_id_len Size of the \p user_id buffer in bytes.
|
* \param user_id_len Size of the \p user_id buffer in bytes.
|
||||||
*
|
*
|
||||||
* \retval #PSA_SUCCESS
|
* \retval #PSA_SUCCESS
|
||||||
|
@ -1539,6 +1604,7 @@ psa_status_t psa_pake_set_user(psa_pake_operation_t *operation,
|
||||||
* been set (psa_pake_set_peer() hasn't been
|
* been set (psa_pake_set_peer() hasn't been
|
||||||
* called yet).
|
* called yet).
|
||||||
* \param[in] peer_id The peer's ID to authenticate.
|
* \param[in] peer_id The peer's ID to authenticate.
|
||||||
|
* (temporary limitation: "client" or "server" only)
|
||||||
* \param peer_id_len Size of the \p peer_id buffer in bytes.
|
* \param peer_id_len Size of the \p peer_id buffer in bytes.
|
||||||
*
|
*
|
||||||
* \retval #PSA_SUCCESS
|
* \retval #PSA_SUCCESS
|
||||||
|
@ -1970,6 +2036,10 @@ struct psa_crypto_driver_pake_inputs_s {
|
||||||
uint8_t *MBEDTLS_PRIVATE(password);
|
uint8_t *MBEDTLS_PRIVATE(password);
|
||||||
size_t MBEDTLS_PRIVATE(password_len);
|
size_t MBEDTLS_PRIVATE(password_len);
|
||||||
psa_pake_role_t MBEDTLS_PRIVATE(role);
|
psa_pake_role_t MBEDTLS_PRIVATE(role);
|
||||||
|
uint8_t *MBEDTLS_PRIVATE(user);
|
||||||
|
size_t MBEDTLS_PRIVATE(user_len);
|
||||||
|
uint8_t *MBEDTLS_PRIVATE(peer);
|
||||||
|
size_t MBEDTLS_PRIVATE(peer_len);
|
||||||
psa_key_attributes_t MBEDTLS_PRIVATE(attributes);
|
psa_key_attributes_t MBEDTLS_PRIVATE(attributes);
|
||||||
psa_pake_cipher_suite_t MBEDTLS_PRIVATE(cipher_suite);
|
psa_pake_cipher_suite_t MBEDTLS_PRIVATE(cipher_suite);
|
||||||
};
|
};
|
||||||
|
|
|
@ -90,6 +90,10 @@
|
||||||
#define BUILTIN_ALG_ANY_HKDF 1
|
#define BUILTIN_ALG_ANY_HKDF 1
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* The only two JPAKE user/peer identifiers supported for the time being. */
|
||||||
|
static const uint8_t jpake_server_id[] = { 's', 'e', 'r', 'v', 'e', 'r' };
|
||||||
|
static const uint8_t jpake_client_id[] = { 'c', 'l', 'i', 'e', 'n', 't' };
|
||||||
|
|
||||||
/****************************************************************/
|
/****************************************************************/
|
||||||
/* Global data, support functions and library management */
|
/* Global data, support functions and library management */
|
||||||
/****************************************************************/
|
/****************************************************************/
|
||||||
|
@ -7208,6 +7212,68 @@ psa_status_t psa_crypto_driver_pake_get_role(
|
||||||
return PSA_SUCCESS;
|
return PSA_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
psa_status_t psa_crypto_driver_pake_get_user_len(
|
||||||
|
const psa_crypto_driver_pake_inputs_t *inputs,
|
||||||
|
size_t *user_len)
|
||||||
|
{
|
||||||
|
if (inputs->user_len == 0) {
|
||||||
|
return PSA_ERROR_BAD_STATE;
|
||||||
|
}
|
||||||
|
|
||||||
|
*user_len = inputs->user_len;
|
||||||
|
|
||||||
|
return PSA_SUCCESS;
|
||||||
|
}
|
||||||
|
|
||||||
|
psa_status_t psa_crypto_driver_pake_get_user(
|
||||||
|
const psa_crypto_driver_pake_inputs_t *inputs,
|
||||||
|
uint8_t *user_id, size_t user_id_size, size_t *user_id_len)
|
||||||
|
{
|
||||||
|
if (inputs->user_len == 0) {
|
||||||
|
return PSA_ERROR_BAD_STATE;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (user_id_size < inputs->user_len) {
|
||||||
|
return PSA_ERROR_BUFFER_TOO_SMALL;
|
||||||
|
}
|
||||||
|
|
||||||
|
memcpy(user_id, inputs->user, inputs->user_len);
|
||||||
|
*user_id_len = inputs->user_len;
|
||||||
|
|
||||||
|
return PSA_SUCCESS;
|
||||||
|
}
|
||||||
|
|
||||||
|
psa_status_t psa_crypto_driver_pake_get_peer_len(
|
||||||
|
const psa_crypto_driver_pake_inputs_t *inputs,
|
||||||
|
size_t *peer_len)
|
||||||
|
{
|
||||||
|
if (inputs->peer_len == 0) {
|
||||||
|
return PSA_ERROR_BAD_STATE;
|
||||||
|
}
|
||||||
|
|
||||||
|
*peer_len = inputs->peer_len;
|
||||||
|
|
||||||
|
return PSA_SUCCESS;
|
||||||
|
}
|
||||||
|
|
||||||
|
psa_status_t psa_crypto_driver_pake_get_peer(
|
||||||
|
const psa_crypto_driver_pake_inputs_t *inputs,
|
||||||
|
uint8_t *peer_id, size_t peer_id_size, size_t *peer_id_length)
|
||||||
|
{
|
||||||
|
if (inputs->peer_len == 0) {
|
||||||
|
return PSA_ERROR_BAD_STATE;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (peer_id_size < inputs->peer_len) {
|
||||||
|
return PSA_ERROR_BUFFER_TOO_SMALL;
|
||||||
|
}
|
||||||
|
|
||||||
|
memcpy(peer_id, inputs->peer, inputs->peer_len);
|
||||||
|
*peer_id_length = inputs->peer_len;
|
||||||
|
|
||||||
|
return PSA_SUCCESS;
|
||||||
|
}
|
||||||
|
|
||||||
psa_status_t psa_crypto_driver_pake_get_cipher_suite(
|
psa_status_t psa_crypto_driver_pake_get_cipher_suite(
|
||||||
const psa_crypto_driver_pake_inputs_t *inputs,
|
const psa_crypto_driver_pake_inputs_t *inputs,
|
||||||
psa_pake_cipher_suite_t *cipher_suite)
|
psa_pake_cipher_suite_t *cipher_suite)
|
||||||
|
@ -7322,7 +7388,6 @@ psa_status_t psa_pake_set_user(
|
||||||
size_t user_id_len)
|
size_t user_id_len)
|
||||||
{
|
{
|
||||||
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||||
(void) user_id;
|
|
||||||
|
|
||||||
if (operation->stage != PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) {
|
if (operation->stage != PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) {
|
||||||
status = PSA_ERROR_BAD_STATE;
|
status = PSA_ERROR_BAD_STATE;
|
||||||
|
@ -7334,7 +7399,30 @@ psa_status_t psa_pake_set_user(
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
return PSA_ERROR_NOT_SUPPORTED;
|
if (operation->data.inputs.user_len != 0) {
|
||||||
|
status = PSA_ERROR_BAD_STATE;
|
||||||
|
goto exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Allow only "client" or "server" values (temporary restriction). */
|
||||||
|
if ((user_id_len != sizeof(jpake_server_id) ||
|
||||||
|
memcmp(user_id, jpake_server_id, user_id_len) != 0) &&
|
||||||
|
(user_id_len != sizeof(jpake_client_id) ||
|
||||||
|
memcmp(user_id, jpake_client_id, user_id_len) != 0)) {
|
||||||
|
status = PSA_ERROR_NOT_SUPPORTED;
|
||||||
|
goto exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
operation->data.inputs.user = mbedtls_calloc(1, user_id_len);
|
||||||
|
if (operation->data.inputs.user == NULL) {
|
||||||
|
status = PSA_ERROR_INSUFFICIENT_MEMORY;
|
||||||
|
goto exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
memcpy(operation->data.inputs.user, user_id, user_id_len);
|
||||||
|
operation->data.inputs.user_len = user_id_len;
|
||||||
|
|
||||||
|
return PSA_SUCCESS;
|
||||||
exit:
|
exit:
|
||||||
psa_pake_abort(operation);
|
psa_pake_abort(operation);
|
||||||
return status;
|
return status;
|
||||||
|
@ -7346,7 +7434,6 @@ psa_status_t psa_pake_set_peer(
|
||||||
size_t peer_id_len)
|
size_t peer_id_len)
|
||||||
{
|
{
|
||||||
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||||
(void) peer_id;
|
|
||||||
|
|
||||||
if (operation->stage != PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) {
|
if (operation->stage != PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) {
|
||||||
status = PSA_ERROR_BAD_STATE;
|
status = PSA_ERROR_BAD_STATE;
|
||||||
|
@ -7358,7 +7445,30 @@ psa_status_t psa_pake_set_peer(
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
return PSA_ERROR_NOT_SUPPORTED;
|
if (operation->data.inputs.peer_len != 0) {
|
||||||
|
status = PSA_ERROR_BAD_STATE;
|
||||||
|
goto exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Allow only "client" or "server" values (temporary restriction). */
|
||||||
|
if ((peer_id_len != sizeof(jpake_server_id) ||
|
||||||
|
memcmp(peer_id, jpake_server_id, peer_id_len) != 0) &&
|
||||||
|
(peer_id_len != sizeof(jpake_client_id) ||
|
||||||
|
memcmp(peer_id, jpake_client_id, peer_id_len) != 0)) {
|
||||||
|
status = PSA_ERROR_NOT_SUPPORTED;
|
||||||
|
goto exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
operation->data.inputs.peer = mbedtls_calloc(1, peer_id_len);
|
||||||
|
if (operation->data.inputs.peer == NULL) {
|
||||||
|
status = PSA_ERROR_INSUFFICIENT_MEMORY;
|
||||||
|
goto exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
memcpy(operation->data.inputs.peer, peer_id, peer_id_len);
|
||||||
|
operation->data.inputs.peer_len = peer_id_len;
|
||||||
|
|
||||||
|
return PSA_SUCCESS;
|
||||||
exit:
|
exit:
|
||||||
psa_pake_abort(operation);
|
psa_pake_abort(operation);
|
||||||
return status;
|
return status;
|
||||||
|
@ -7371,22 +7481,24 @@ psa_status_t psa_pake_set_role(
|
||||||
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||||
|
|
||||||
if (operation->stage != PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) {
|
if (operation->stage != PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) {
|
||||||
status = PSA_ERROR_BAD_STATE;
|
status = PSA_ERROR_BAD_STATE;
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (role != PSA_PAKE_ROLE_NONE &&
|
switch (operation->alg) {
|
||||||
role != PSA_PAKE_ROLE_FIRST &&
|
#if defined(PSA_WANT_ALG_JPAKE)
|
||||||
role != PSA_PAKE_ROLE_SECOND &&
|
case PSA_ALG_JPAKE:
|
||||||
role != PSA_PAKE_ROLE_CLIENT &&
|
if (role == PSA_PAKE_ROLE_NONE) {
|
||||||
role != PSA_PAKE_ROLE_SERVER) {
|
return PSA_SUCCESS;
|
||||||
status = PSA_ERROR_INVALID_ARGUMENT;
|
}
|
||||||
goto exit;
|
status = PSA_ERROR_INVALID_ARGUMENT;
|
||||||
|
break;
|
||||||
|
#endif
|
||||||
|
default:
|
||||||
|
(void) role;
|
||||||
|
status = PSA_ERROR_NOT_SUPPORTED;
|
||||||
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
operation->data.inputs.role = role;
|
|
||||||
|
|
||||||
return PSA_SUCCESS;
|
|
||||||
exit:
|
exit:
|
||||||
psa_pake_abort(operation);
|
psa_pake_abort(operation);
|
||||||
return status;
|
return status;
|
||||||
|
@ -7456,15 +7568,27 @@ static psa_status_t psa_pake_complete_inputs(
|
||||||
with the driver context which will be setup by the driver. */
|
with the driver context which will be setup by the driver. */
|
||||||
psa_crypto_driver_pake_inputs_t inputs = operation->data.inputs;
|
psa_crypto_driver_pake_inputs_t inputs = operation->data.inputs;
|
||||||
|
|
||||||
if (inputs.password_len == 0 ||
|
if (inputs.password_len == 0) {
|
||||||
inputs.role == PSA_PAKE_ROLE_NONE) {
|
|
||||||
return PSA_ERROR_BAD_STATE;
|
return PSA_ERROR_BAD_STATE;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (operation->alg == PSA_ALG_JPAKE &&
|
if (operation->alg == PSA_ALG_JPAKE) {
|
||||||
inputs.role != PSA_PAKE_ROLE_CLIENT &&
|
if (inputs.user_len == 0 || inputs.peer_len == 0) {
|
||||||
inputs.role != PSA_PAKE_ROLE_SERVER) {
|
return PSA_ERROR_BAD_STATE;
|
||||||
return PSA_ERROR_NOT_SUPPORTED;
|
}
|
||||||
|
if (memcmp(inputs.user, jpake_client_id, inputs.user_len) == 0 &&
|
||||||
|
memcmp(inputs.peer, jpake_server_id, inputs.peer_len) == 0) {
|
||||||
|
inputs.role = PSA_PAKE_ROLE_CLIENT;
|
||||||
|
} else
|
||||||
|
if (memcmp(inputs.user, jpake_server_id, inputs.user_len) == 0 &&
|
||||||
|
memcmp(inputs.peer, jpake_client_id, inputs.peer_len) == 0) {
|
||||||
|
inputs.role = PSA_PAKE_ROLE_SERVER;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (inputs.role != PSA_PAKE_ROLE_CLIENT &&
|
||||||
|
inputs.role != PSA_PAKE_ROLE_SERVER) {
|
||||||
|
return PSA_ERROR_NOT_SUPPORTED;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Clear driver context */
|
/* Clear driver context */
|
||||||
|
@ -7476,6 +7600,10 @@ static psa_status_t psa_pake_complete_inputs(
|
||||||
mbedtls_platform_zeroize(inputs.password, inputs.password_len);
|
mbedtls_platform_zeroize(inputs.password, inputs.password_len);
|
||||||
mbedtls_free(inputs.password);
|
mbedtls_free(inputs.password);
|
||||||
|
|
||||||
|
/* User and peer are translated to role. */
|
||||||
|
mbedtls_free(inputs.user);
|
||||||
|
mbedtls_free(inputs.peer);
|
||||||
|
|
||||||
if (status == PSA_SUCCESS) {
|
if (status == PSA_SUCCESS) {
|
||||||
#if defined(PSA_WANT_ALG_JPAKE)
|
#if defined(PSA_WANT_ALG_JPAKE)
|
||||||
if (operation->alg == PSA_ALG_JPAKE) {
|
if (operation->alg == PSA_ALG_JPAKE) {
|
||||||
|
@ -7884,13 +8012,19 @@ psa_status_t psa_pake_abort(
|
||||||
status = psa_driver_wrapper_pake_abort(operation);
|
status = psa_driver_wrapper_pake_abort(operation);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (operation->stage == PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS &&
|
if (operation->stage == PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) {
|
||||||
operation->data.inputs.password != NULL) {
|
if (operation->data.inputs.password != NULL) {
|
||||||
mbedtls_platform_zeroize(operation->data.inputs.password,
|
mbedtls_platform_zeroize(operation->data.inputs.password,
|
||||||
operation->data.inputs.password_len);
|
operation->data.inputs.password_len);
|
||||||
mbedtls_free(operation->data.inputs.password);
|
mbedtls_free(operation->data.inputs.password);
|
||||||
|
}
|
||||||
|
if (operation->data.inputs.user != NULL) {
|
||||||
|
mbedtls_free(operation->data.inputs.user);
|
||||||
|
}
|
||||||
|
if (operation->data.inputs.peer != NULL) {
|
||||||
|
mbedtls_free(operation->data.inputs.peer);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
memset(operation, 0, sizeof(psa_pake_operation_t));
|
memset(operation, 0, sizeof(psa_pake_operation_t));
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
|
|
|
@ -1945,14 +1945,19 @@ void mbedtls_ssl_set_verify(mbedtls_ssl_context *ssl,
|
||||||
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
|
||||||
|
|
||||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||||
|
static const uint8_t jpake_server_id[] = { 's', 'e', 'r', 'v', 'e', 'r' };
|
||||||
|
static const uint8_t jpake_client_id[] = { 'c', 'l', 'i', 'e', 'n', 't' };
|
||||||
|
|
||||||
static psa_status_t mbedtls_ssl_set_hs_ecjpake_password_common(
|
static psa_status_t mbedtls_ssl_set_hs_ecjpake_password_common(
|
||||||
mbedtls_ssl_context *ssl,
|
mbedtls_ssl_context *ssl,
|
||||||
mbedtls_svc_key_id_t pwd)
|
mbedtls_svc_key_id_t pwd)
|
||||||
{
|
{
|
||||||
psa_status_t status;
|
psa_status_t status;
|
||||||
psa_pake_role_t psa_role;
|
|
||||||
psa_pake_cipher_suite_t cipher_suite = psa_pake_cipher_suite_init();
|
psa_pake_cipher_suite_t cipher_suite = psa_pake_cipher_suite_init();
|
||||||
|
const uint8_t *user = NULL;
|
||||||
|
size_t user_len = 0;
|
||||||
|
const uint8_t *peer = NULL;
|
||||||
|
size_t peer_len = 0;
|
||||||
psa_pake_cs_set_algorithm(&cipher_suite, PSA_ALG_JPAKE);
|
psa_pake_cs_set_algorithm(&cipher_suite, PSA_ALG_JPAKE);
|
||||||
psa_pake_cs_set_primitive(&cipher_suite,
|
psa_pake_cs_set_primitive(&cipher_suite,
|
||||||
PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC,
|
PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC,
|
||||||
|
@ -1966,12 +1971,23 @@ static psa_status_t mbedtls_ssl_set_hs_ecjpake_password_common(
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) {
|
if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) {
|
||||||
psa_role = PSA_PAKE_ROLE_SERVER;
|
user = jpake_server_id;
|
||||||
|
user_len = sizeof(jpake_server_id);
|
||||||
|
peer = jpake_client_id;
|
||||||
|
peer_len = sizeof(jpake_client_id);
|
||||||
} else {
|
} else {
|
||||||
psa_role = PSA_PAKE_ROLE_CLIENT;
|
user = jpake_client_id;
|
||||||
|
user_len = sizeof(jpake_client_id);
|
||||||
|
peer = jpake_server_id;
|
||||||
|
peer_len = sizeof(jpake_server_id);
|
||||||
}
|
}
|
||||||
|
|
||||||
status = psa_pake_set_role(&ssl->handshake->psa_pake_ctx, psa_role);
|
status = psa_pake_set_user(&ssl->handshake->psa_pake_ctx, user, user_len);
|
||||||
|
if (status != PSA_SUCCESS) {
|
||||||
|
return status;
|
||||||
|
}
|
||||||
|
|
||||||
|
status = psa_pake_set_peer(&ssl->handshake->psa_pake_ctx, peer, peer_len);
|
||||||
if (status != PSA_SUCCESS) {
|
if (status != PSA_SUCCESS) {
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,6 +5,11 @@
|
||||||
Global to silent the compiler when unused. */
|
Global to silent the compiler when unused. */
|
||||||
size_t pake_expected_hit_count = 0;
|
size_t pake_expected_hit_count = 0;
|
||||||
int pake_in_driver = 0;
|
int pake_in_driver = 0;
|
||||||
|
|
||||||
|
/* The only two JPAKE user/peer identifiers supported for the time being. */
|
||||||
|
static const uint8_t jpake_server_id[] = { 's', 'e', 'r', 'v', 'e', 'r' };
|
||||||
|
static const uint8_t jpake_client_id[] = { 'c', 'l', 'i', 'e', 'n', 't' };
|
||||||
|
|
||||||
#if defined(PSA_WANT_ALG_JPAKE) && defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) && \
|
#if defined(PSA_WANT_ALG_JPAKE) && defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) && \
|
||||||
defined(PSA_WANT_ECC_SECP_R1_256) && defined(PSA_WANT_ALG_SHA_256)
|
defined(PSA_WANT_ECC_SECP_R1_256) && defined(PSA_WANT_ALG_SHA_256)
|
||||||
static void ecjpake_do_round(psa_algorithm_t alg, unsigned int primitive,
|
static void ecjpake_do_round(psa_algorithm_t alg, unsigned int primitive,
|
||||||
|
@ -3035,8 +3040,8 @@ void pake_operations(data_t *pw_data, int forced_status_setup_arg, int forced_st
|
||||||
TEST_EQUAL(psa_pake_setup(&operation, &cipher_suite),
|
TEST_EQUAL(psa_pake_setup(&operation, &cipher_suite),
|
||||||
PSA_SUCCESS);
|
PSA_SUCCESS);
|
||||||
|
|
||||||
TEST_EQUAL(psa_pake_set_role(&operation, PSA_PAKE_ROLE_SERVER),
|
PSA_ASSERT(psa_pake_set_user(&operation, jpake_server_id, sizeof(jpake_server_id)));
|
||||||
PSA_SUCCESS);
|
PSA_ASSERT(psa_pake_set_peer(&operation, jpake_client_id, sizeof(jpake_client_id)));
|
||||||
|
|
||||||
TEST_EQUAL(psa_pake_set_password_key(&operation, key),
|
TEST_EQUAL(psa_pake_set_password_key(&operation, key),
|
||||||
PSA_SUCCESS);
|
PSA_SUCCESS);
|
||||||
|
@ -3229,9 +3234,11 @@ void ecjpake_rounds(int alg_arg, int primitive_arg, int hash_arg,
|
||||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 0);
|
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 0);
|
||||||
|
|
||||||
|
|
||||||
PSA_ASSERT(psa_pake_set_role(&server, PSA_PAKE_ROLE_SERVER));
|
PSA_ASSERT(psa_pake_set_user(&server, jpake_server_id, sizeof(jpake_server_id)));
|
||||||
|
PSA_ASSERT(psa_pake_set_peer(&server, jpake_client_id, sizeof(jpake_client_id)));
|
||||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 0);
|
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 0);
|
||||||
PSA_ASSERT(psa_pake_set_role(&client, PSA_PAKE_ROLE_CLIENT));
|
PSA_ASSERT(psa_pake_set_user(&client, jpake_client_id, sizeof(jpake_client_id)));
|
||||||
|
PSA_ASSERT(psa_pake_set_peer(&client, jpake_server_id, sizeof(jpake_server_id)));
|
||||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 0);
|
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 0);
|
||||||
PSA_ASSERT(psa_pake_set_password_key(&server, key));
|
PSA_ASSERT(psa_pake_set_password_key(&server, key));
|
||||||
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 0);
|
TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 0);
|
||||||
|
|
|
@ -1,90 +1,106 @@
|
||||||
PSA PAKE: uninitialized access to psa_pake_operation_t
|
PSA PAKE: uninitialized access to psa_pake_operation_t
|
||||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_INJECT_UNINITIALIZED_ACCESS:PSA_ERROR_BAD_STATE
|
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":0:ERR_INJECT_UNINITIALIZED_ACCESS:PSA_ERROR_BAD_STATE
|
||||||
|
|
||||||
PSA PAKE: invalid alg
|
PSA PAKE: invalid alg
|
||||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||||
ecjpake_setup:PSA_ALG_SHA_256:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_IN_SETUP:PSA_ERROR_INVALID_ARGUMENT
|
ecjpake_setup:PSA_ALG_SHA_256:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":0:ERR_IN_SETUP:PSA_ERROR_INVALID_ARGUMENT
|
||||||
|
|
||||||
PSA PAKE: invalid primitive type
|
PSA PAKE: invalid primitive type
|
||||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_DH, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_IN_OUTPUT:PSA_ERROR_NOT_SUPPORTED
|
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_DH, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":0:ERR_IN_OUTPUT:PSA_ERROR_NOT_SUPPORTED
|
||||||
|
|
||||||
PSA PAKE: invalid primitive family
|
PSA PAKE: invalid primitive family
|
||||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_K1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_IN_OUTPUT:PSA_ERROR_NOT_SUPPORTED
|
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_K1, 256):PSA_ALG_SHA_256:"client":"server":0:ERR_IN_OUTPUT:PSA_ERROR_NOT_SUPPORTED
|
||||||
|
|
||||||
PSA PAKE: invalid primitive bits
|
PSA PAKE: invalid primitive bits
|
||||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 128):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_IN_OUTPUT:PSA_ERROR_NOT_SUPPORTED
|
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 128):PSA_ALG_SHA_256:"client":"server":0:ERR_IN_OUTPUT:PSA_ERROR_NOT_SUPPORTED
|
||||||
|
|
||||||
PSA PAKE: invalid hash
|
PSA PAKE: invalid hash
|
||||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_1:PSA_PAKE_ROLE_SERVER:0:ERR_IN_OUTPUT:PSA_ERROR_NOT_SUPPORTED
|
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_1:"client":"server":0:ERR_IN_OUTPUT:PSA_ERROR_NOT_SUPPORTED
|
||||||
|
|
||||||
PSA PAKE: duplicate a valid setup
|
PSA PAKE: duplicate a valid setup
|
||||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_INJECT_DUPLICATE_SETUP:PSA_ERROR_BAD_STATE
|
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":0:ERR_INJECT_DUPLICATE_SETUP:PSA_ERROR_BAD_STATE
|
||||||
|
|
||||||
PSA PAKE: ecjpake setup invalid role NONE
|
PSA PAKE: ecjpake setup role
|
||||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_NONE:0:ERR_IN_OUTPUT:PSA_ERROR_BAD_STATE
|
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":0:ERR_INJECT_SET_ROLE:PSA_ERROR_INVALID_ARGUMENT
|
||||||
|
|
||||||
PSA PAKE: wrong password key type
|
PSA PAKE: wrong password key type
|
||||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_HMAC:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_IN_SET_PASSWORD_KEY:PSA_ERROR_INVALID_ARGUMENT
|
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_HMAC:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":0:ERR_IN_SET_PASSWORD_KEY:PSA_ERROR_INVALID_ARGUMENT
|
||||||
|
|
||||||
PSA PAKE: wrong password key usage
|
PSA PAKE: wrong password key usage
|
||||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_ENCRYPT:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_IN_SET_PASSWORD_KEY:PSA_ERROR_NOT_PERMITTED
|
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_ENCRYPT:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":0:ERR_IN_SET_PASSWORD_KEY:PSA_ERROR_NOT_PERMITTED
|
||||||
|
|
||||||
|
PSA PAKE: set empty user
|
||||||
|
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||||
|
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"":"server":0:ERR_IN_SET_USER:PSA_ERROR_INVALID_ARGUMENT
|
||||||
|
|
||||||
|
PSA PAKE: set empty peer
|
||||||
|
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||||
|
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"":0:ERR_IN_SET_PEER:PSA_ERROR_INVALID_ARGUMENT
|
||||||
|
|
||||||
PSA PAKE: set invalid user
|
PSA PAKE: set invalid user
|
||||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_INJECT_INVALID_USER:PSA_ERROR_INVALID_ARGUMENT
|
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"aaaa":"server":0:ERR_IN_SET_USER:PSA_ERROR_NOT_SUPPORTED
|
||||||
|
|
||||||
PSA PAKE: set invalid peer
|
PSA PAKE: set invalid peer
|
||||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_INJECT_INVALID_PEER:PSA_ERROR_INVALID_ARGUMENT
|
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"aaaa":0:ERR_IN_SET_PEER:PSA_ERROR_NOT_SUPPORTED
|
||||||
|
|
||||||
PSA PAKE: set user
|
PSA PAKE: user already set
|
||||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_INJECT_SET_USER:PSA_ERROR_NOT_SUPPORTED
|
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":0:ERR_DUPLICATE_SET_USER:PSA_ERROR_BAD_STATE
|
||||||
|
|
||||||
PSA PAKE: set peer
|
PSA PAKE: peer already set
|
||||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_INJECT_SET_PEER:PSA_ERROR_NOT_SUPPORTED
|
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":0:ERR_DUPLICATE_SET_PEER:PSA_ERROR_BAD_STATE
|
||||||
|
|
||||||
|
PSA PAKE: user and peer both servers
|
||||||
|
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||||
|
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"server":"server":0:ERR_IN_OUTPUT:PSA_ERROR_NOT_SUPPORTED
|
||||||
|
|
||||||
|
PSA PAKE: user and peer both clients
|
||||||
|
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||||
|
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"client":0:ERR_IN_OUTPUT:PSA_ERROR_NOT_SUPPORTED
|
||||||
|
|
||||||
PSA PAKE: invalid input
|
PSA PAKE: invalid input
|
||||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:1:ERR_INJECT_EMPTY_IO_BUFFER:PSA_ERROR_INVALID_ARGUMENT
|
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":1:ERR_INJECT_EMPTY_IO_BUFFER:PSA_ERROR_INVALID_ARGUMENT
|
||||||
|
|
||||||
PSA PAKE: unkown input step
|
PSA PAKE: unkown input step
|
||||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:1:ERR_INJECT_UNKNOWN_STEP:PSA_ERROR_INVALID_ARGUMENT
|
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":1:ERR_INJECT_UNKNOWN_STEP:PSA_ERROR_INVALID_ARGUMENT
|
||||||
|
|
||||||
PSA PAKE: invalid first input step
|
PSA PAKE: invalid first input step
|
||||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:1:ERR_INJECT_INVALID_FIRST_STEP:PSA_ERROR_BAD_STATE
|
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":1:ERR_INJECT_INVALID_FIRST_STEP:PSA_ERROR_BAD_STATE
|
||||||
|
|
||||||
PSA PAKE: input buffer too large
|
PSA PAKE: input buffer too large
|
||||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:1:ERR_INJECT_WRONG_BUFFER_SIZE:PSA_ERROR_INVALID_ARGUMENT
|
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":1:ERR_INJECT_WRONG_BUFFER_SIZE:PSA_ERROR_INVALID_ARGUMENT
|
||||||
|
|
||||||
PSA PAKE: invalid output
|
PSA PAKE: invalid output
|
||||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_INJECT_EMPTY_IO_BUFFER:PSA_ERROR_INVALID_ARGUMENT
|
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":0:ERR_INJECT_EMPTY_IO_BUFFER:PSA_ERROR_INVALID_ARGUMENT
|
||||||
|
|
||||||
PSA PAKE: unkown output step
|
PSA PAKE: unkown output step
|
||||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_INJECT_UNKNOWN_STEP:PSA_ERROR_INVALID_ARGUMENT
|
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":0:ERR_INJECT_UNKNOWN_STEP:PSA_ERROR_INVALID_ARGUMENT
|
||||||
|
|
||||||
PSA PAKE: invalid first output step
|
PSA PAKE: invalid first output step
|
||||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_INJECT_INVALID_FIRST_STEP:PSA_ERROR_BAD_STATE
|
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":0:ERR_INJECT_INVALID_FIRST_STEP:PSA_ERROR_BAD_STATE
|
||||||
|
|
||||||
PSA PAKE: output buffer too small
|
PSA PAKE: output buffer too small
|
||||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256
|
||||||
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_INJECT_WRONG_BUFFER_SIZE:PSA_ERROR_BUFFER_TOO_SMALL
|
ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":0:ERR_INJECT_WRONG_BUFFER_SIZE:PSA_ERROR_BUFFER_TOO_SMALL
|
||||||
|
|
||||||
PSA PAKE: check rounds w/o forced errors
|
PSA PAKE: check rounds w/o forced errors
|
||||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS
|
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS
|
||||||
|
@ -202,3 +218,9 @@ pake_input_getters_cipher_suite
|
||||||
|
|
||||||
PSA PAKE: input getters: role
|
PSA PAKE: input getters: role
|
||||||
pake_input_getters_role
|
pake_input_getters_role
|
||||||
|
|
||||||
|
PSA PAKE: input getters: user
|
||||||
|
pake_input_getters_user
|
||||||
|
|
||||||
|
PSA PAKE: input getters: peer
|
||||||
|
pake_input_getters_peer
|
||||||
|
|
|
@ -8,10 +8,11 @@ typedef enum {
|
||||||
/* errors forced internally in the code */
|
/* errors forced internally in the code */
|
||||||
ERR_INJECT_UNINITIALIZED_ACCESS,
|
ERR_INJECT_UNINITIALIZED_ACCESS,
|
||||||
ERR_INJECT_DUPLICATE_SETUP,
|
ERR_INJECT_DUPLICATE_SETUP,
|
||||||
ERR_INJECT_INVALID_USER,
|
|
||||||
ERR_INJECT_INVALID_PEER,
|
|
||||||
ERR_INJECT_SET_USER,
|
ERR_INJECT_SET_USER,
|
||||||
ERR_INJECT_SET_PEER,
|
ERR_INJECT_SET_PEER,
|
||||||
|
ERR_INJECT_SET_ROLE,
|
||||||
|
ERR_DUPLICATE_SET_USER,
|
||||||
|
ERR_DUPLICATE_SET_PEER,
|
||||||
ERR_INJECT_EMPTY_IO_BUFFER,
|
ERR_INJECT_EMPTY_IO_BUFFER,
|
||||||
ERR_INJECT_UNKNOWN_STEP,
|
ERR_INJECT_UNKNOWN_STEP,
|
||||||
ERR_INJECT_INVALID_FIRST_STEP,
|
ERR_INJECT_INVALID_FIRST_STEP,
|
||||||
|
@ -39,6 +40,8 @@ typedef enum {
|
||||||
ERR_INJECT_ROUND2_SERVER_ZK_PROOF,
|
ERR_INJECT_ROUND2_SERVER_ZK_PROOF,
|
||||||
/* erros issued from the .data file */
|
/* erros issued from the .data file */
|
||||||
ERR_IN_SETUP,
|
ERR_IN_SETUP,
|
||||||
|
ERR_IN_SET_USER,
|
||||||
|
ERR_IN_SET_PEER,
|
||||||
ERR_IN_SET_ROLE,
|
ERR_IN_SET_ROLE,
|
||||||
ERR_IN_SET_PASSWORD_KEY,
|
ERR_IN_SET_PASSWORD_KEY,
|
||||||
ERR_IN_INPUT,
|
ERR_IN_INPUT,
|
||||||
|
@ -50,6 +53,10 @@ typedef enum {
|
||||||
PAKE_ROUND_TWO
|
PAKE_ROUND_TWO
|
||||||
} pake_round_t;
|
} pake_round_t;
|
||||||
|
|
||||||
|
/* The only two JPAKE user/peer identifiers supported for the time being. */
|
||||||
|
static const uint8_t jpake_server_id[] = { 's', 'e', 'r', 'v', 'e', 'r' };
|
||||||
|
static const uint8_t jpake_client_id[] = { 'c', 'l', 'i', 'e', 'n', 't' };
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Inject an error on the specified buffer ONLY it this is the correct stage.
|
* Inject an error on the specified buffer ONLY it this is the correct stage.
|
||||||
* Offset 7 is arbitrary, but chosen because it's "in the middle" of the part
|
* Offset 7 is arbitrary, but chosen because it's "in the middle" of the part
|
||||||
|
@ -537,7 +544,7 @@ exit:
|
||||||
|
|
||||||
/* BEGIN_CASE depends_on:PSA_WANT_ALG_JPAKE */
|
/* BEGIN_CASE depends_on:PSA_WANT_ALG_JPAKE */
|
||||||
void ecjpake_setup(int alg_arg, int key_type_pw_arg, int key_usage_pw_arg,
|
void ecjpake_setup(int alg_arg, int key_type_pw_arg, int key_usage_pw_arg,
|
||||||
int primitive_arg, int hash_arg, int role_arg,
|
int primitive_arg, int hash_arg, char *user_arg, char *peer_arg,
|
||||||
int test_input,
|
int test_input,
|
||||||
int err_stage_arg,
|
int err_stage_arg,
|
||||||
int expected_error_arg)
|
int expected_error_arg)
|
||||||
|
@ -549,7 +556,6 @@ void ecjpake_setup(int alg_arg, int key_type_pw_arg, int key_usage_pw_arg,
|
||||||
psa_key_type_t key_type_pw = key_type_pw_arg;
|
psa_key_type_t key_type_pw = key_type_pw_arg;
|
||||||
psa_key_usage_t key_usage_pw = key_usage_pw_arg;
|
psa_key_usage_t key_usage_pw = key_usage_pw_arg;
|
||||||
psa_algorithm_t hash_alg = hash_arg;
|
psa_algorithm_t hash_alg = hash_arg;
|
||||||
psa_pake_role_t role = role_arg;
|
|
||||||
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
|
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
|
||||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||||
ecjpake_error_stage_t err_stage = err_stage_arg;
|
ecjpake_error_stage_t err_stage = err_stage_arg;
|
||||||
|
@ -557,8 +563,12 @@ void ecjpake_setup(int alg_arg, int key_type_pw_arg, int key_usage_pw_arg,
|
||||||
psa_status_t status;
|
psa_status_t status;
|
||||||
unsigned char *output_buffer = NULL;
|
unsigned char *output_buffer = NULL;
|
||||||
size_t output_len = 0;
|
size_t output_len = 0;
|
||||||
const uint8_t unsupp_id[] = "abcd";
|
|
||||||
const uint8_t password[] = "abcd";
|
const uint8_t password[] = "abcd";
|
||||||
|
uint8_t *user = (uint8_t *) user_arg;
|
||||||
|
uint8_t *peer = (uint8_t *) peer_arg;
|
||||||
|
size_t user_len = strlen(user_arg);
|
||||||
|
size_t peer_len = strlen(peer_arg);
|
||||||
|
|
||||||
psa_key_derivation_operation_t key_derivation =
|
psa_key_derivation_operation_t key_derivation =
|
||||||
PSA_KEY_DERIVATION_OPERATION_INIT;
|
PSA_KEY_DERIVATION_OPERATION_INIT;
|
||||||
|
|
||||||
|
@ -581,13 +591,13 @@ void ecjpake_setup(int alg_arg, int key_type_pw_arg, int key_usage_pw_arg,
|
||||||
PSA_ASSERT(psa_pake_abort(&operation));
|
PSA_ASSERT(psa_pake_abort(&operation));
|
||||||
|
|
||||||
if (err_stage == ERR_INJECT_UNINITIALIZED_ACCESS) {
|
if (err_stage == ERR_INJECT_UNINITIALIZED_ACCESS) {
|
||||||
TEST_EQUAL(psa_pake_set_user(&operation, NULL, 0),
|
TEST_EQUAL(psa_pake_set_user(&operation, user, user_len),
|
||||||
expected_error);
|
expected_error);
|
||||||
TEST_EQUAL(psa_pake_set_peer(&operation, NULL, 0),
|
TEST_EQUAL(psa_pake_set_peer(&operation, peer, peer_len),
|
||||||
expected_error);
|
expected_error);
|
||||||
TEST_EQUAL(psa_pake_set_password_key(&operation, key),
|
TEST_EQUAL(psa_pake_set_password_key(&operation, key),
|
||||||
expected_error);
|
expected_error);
|
||||||
TEST_EQUAL(psa_pake_set_role(&operation, role),
|
TEST_EQUAL(psa_pake_set_role(&operation, PSA_PAKE_ROLE_SERVER),
|
||||||
expected_error);
|
expected_error);
|
||||||
TEST_EQUAL(psa_pake_output(&operation, PSA_PAKE_STEP_KEY_SHARE,
|
TEST_EQUAL(psa_pake_output(&operation, PSA_PAKE_STEP_KEY_SHARE,
|
||||||
output_buffer, 0, &output_len),
|
output_buffer, 0, &output_len),
|
||||||
|
@ -606,24 +616,27 @@ void ecjpake_setup(int alg_arg, int key_type_pw_arg, int key_usage_pw_arg,
|
||||||
SETUP_CONDITIONAL_CHECK_STEP(psa_pake_setup(&operation, &cipher_suite),
|
SETUP_CONDITIONAL_CHECK_STEP(psa_pake_setup(&operation, &cipher_suite),
|
||||||
ERR_INJECT_DUPLICATE_SETUP);
|
ERR_INJECT_DUPLICATE_SETUP);
|
||||||
|
|
||||||
SETUP_ALWAYS_CHECK_STEP(psa_pake_set_role(&operation, role),
|
SETUP_CONDITIONAL_CHECK_STEP(psa_pake_set_role(&operation, PSA_PAKE_ROLE_SERVER),
|
||||||
|
ERR_INJECT_SET_ROLE);
|
||||||
|
|
||||||
|
SETUP_ALWAYS_CHECK_STEP(psa_pake_set_role(&operation, PSA_PAKE_ROLE_NONE),
|
||||||
ERR_IN_SET_ROLE);
|
ERR_IN_SET_ROLE);
|
||||||
|
|
||||||
|
SETUP_ALWAYS_CHECK_STEP(psa_pake_set_user(&operation, user, user_len),
|
||||||
|
ERR_IN_SET_USER);
|
||||||
|
|
||||||
|
SETUP_ALWAYS_CHECK_STEP(psa_pake_set_peer(&operation, peer, peer_len),
|
||||||
|
ERR_IN_SET_PEER);
|
||||||
|
|
||||||
|
SETUP_CONDITIONAL_CHECK_STEP(psa_pake_set_user(&operation, user, user_len),
|
||||||
|
ERR_DUPLICATE_SET_USER);
|
||||||
|
|
||||||
|
SETUP_CONDITIONAL_CHECK_STEP(psa_pake_set_peer(&operation, peer, peer_len),
|
||||||
|
ERR_DUPLICATE_SET_PEER);
|
||||||
|
|
||||||
SETUP_ALWAYS_CHECK_STEP(psa_pake_set_password_key(&operation, key),
|
SETUP_ALWAYS_CHECK_STEP(psa_pake_set_password_key(&operation, key),
|
||||||
ERR_IN_SET_PASSWORD_KEY);
|
ERR_IN_SET_PASSWORD_KEY);
|
||||||
|
|
||||||
SETUP_CONDITIONAL_CHECK_STEP(psa_pake_set_user(&operation, NULL, 0),
|
|
||||||
ERR_INJECT_INVALID_USER);
|
|
||||||
|
|
||||||
SETUP_CONDITIONAL_CHECK_STEP(psa_pake_set_peer(&operation, NULL, 0),
|
|
||||||
ERR_INJECT_INVALID_PEER);
|
|
||||||
|
|
||||||
SETUP_CONDITIONAL_CHECK_STEP(psa_pake_set_user(&operation, unsupp_id, 4),
|
|
||||||
ERR_INJECT_SET_USER);
|
|
||||||
|
|
||||||
SETUP_CONDITIONAL_CHECK_STEP(psa_pake_set_peer(&operation, unsupp_id, 4),
|
|
||||||
ERR_INJECT_SET_PEER);
|
|
||||||
|
|
||||||
const size_t size_key_share = PSA_PAKE_INPUT_SIZE(alg, primitive,
|
const size_t size_key_share = PSA_PAKE_INPUT_SIZE(alg, primitive,
|
||||||
PSA_PAKE_STEP_KEY_SHARE);
|
PSA_PAKE_STEP_KEY_SHARE);
|
||||||
const size_t size_zk_public = PSA_PAKE_INPUT_SIZE(alg, primitive,
|
const size_t size_zk_public = PSA_PAKE_INPUT_SIZE(alg, primitive,
|
||||||
|
@ -741,8 +754,10 @@ void ecjpake_rounds_inject(int alg_arg, int primitive_arg, int hash_arg,
|
||||||
PSA_ASSERT(psa_pake_setup(&server, &cipher_suite));
|
PSA_ASSERT(psa_pake_setup(&server, &cipher_suite));
|
||||||
PSA_ASSERT(psa_pake_setup(&client, &cipher_suite));
|
PSA_ASSERT(psa_pake_setup(&client, &cipher_suite));
|
||||||
|
|
||||||
PSA_ASSERT(psa_pake_set_role(&server, PSA_PAKE_ROLE_SERVER));
|
PSA_ASSERT(psa_pake_set_user(&server, jpake_server_id, sizeof(jpake_server_id)));
|
||||||
PSA_ASSERT(psa_pake_set_role(&client, PSA_PAKE_ROLE_CLIENT));
|
PSA_ASSERT(psa_pake_set_peer(&server, jpake_client_id, sizeof(jpake_client_id)));
|
||||||
|
PSA_ASSERT(psa_pake_set_user(&client, jpake_client_id, sizeof(jpake_client_id)));
|
||||||
|
PSA_ASSERT(psa_pake_set_peer(&client, jpake_server_id, sizeof(jpake_server_id)));
|
||||||
|
|
||||||
PSA_ASSERT(psa_pake_set_password_key(&server, key));
|
PSA_ASSERT(psa_pake_set_password_key(&server, key));
|
||||||
PSA_ASSERT(psa_pake_set_password_key(&client, key));
|
PSA_ASSERT(psa_pake_set_password_key(&client, key));
|
||||||
|
@ -816,8 +831,10 @@ void ecjpake_rounds(int alg_arg, int primitive_arg, int hash_arg,
|
||||||
PSA_ASSERT(psa_pake_setup(&server, &cipher_suite));
|
PSA_ASSERT(psa_pake_setup(&server, &cipher_suite));
|
||||||
PSA_ASSERT(psa_pake_setup(&client, &cipher_suite));
|
PSA_ASSERT(psa_pake_setup(&client, &cipher_suite));
|
||||||
|
|
||||||
PSA_ASSERT(psa_pake_set_role(&server, PSA_PAKE_ROLE_SERVER));
|
PSA_ASSERT(psa_pake_set_user(&server, jpake_server_id, sizeof(jpake_server_id)));
|
||||||
PSA_ASSERT(psa_pake_set_role(&client, PSA_PAKE_ROLE_CLIENT));
|
PSA_ASSERT(psa_pake_set_peer(&server, jpake_client_id, sizeof(jpake_client_id)));
|
||||||
|
PSA_ASSERT(psa_pake_set_user(&client, jpake_client_id, sizeof(jpake_client_id)));
|
||||||
|
PSA_ASSERT(psa_pake_set_peer(&client, jpake_server_id, sizeof(jpake_server_id)));
|
||||||
|
|
||||||
PSA_ASSERT(psa_pake_set_password_key(&server, key));
|
PSA_ASSERT(psa_pake_set_password_key(&server, key));
|
||||||
PSA_ASSERT(psa_pake_set_password_key(&client, key));
|
PSA_ASSERT(psa_pake_set_password_key(&client, key));
|
||||||
|
@ -1030,8 +1047,9 @@ void pake_input_getters_role()
|
||||||
TEST_EQUAL(psa_crypto_driver_pake_get_role(&operation.data.inputs, &role_ret),
|
TEST_EQUAL(psa_crypto_driver_pake_get_role(&operation.data.inputs, &role_ret),
|
||||||
PSA_ERROR_BAD_STATE);
|
PSA_ERROR_BAD_STATE);
|
||||||
|
|
||||||
PSA_ASSERT(psa_pake_set_role(&operation, PSA_PAKE_ROLE_SERVER));
|
/* Role can not be set directly using psa_pake_set_role(). It is set by the core
|
||||||
|
based on given user/peer identifiers. Simulate that Role is already set. */
|
||||||
|
operation.data.inputs.role = PSA_PAKE_ROLE_SERVER;
|
||||||
TEST_EQUAL(psa_crypto_driver_pake_get_role(&operation.data.inputs, &role_ret),
|
TEST_EQUAL(psa_crypto_driver_pake_get_role(&operation.data.inputs, &role_ret),
|
||||||
PSA_SUCCESS);
|
PSA_SUCCESS);
|
||||||
|
|
||||||
|
@ -1041,3 +1059,119 @@ exit:
|
||||||
PSA_DONE();
|
PSA_DONE();
|
||||||
}
|
}
|
||||||
/* END_CASE */
|
/* END_CASE */
|
||||||
|
|
||||||
|
/* BEGIN_CASE depends_on:PSA_WANT_ALG_JPAKE */
|
||||||
|
void pake_input_getters_user()
|
||||||
|
{
|
||||||
|
psa_pake_cipher_suite_t cipher_suite = psa_pake_cipher_suite_init();
|
||||||
|
psa_pake_operation_t operation = psa_pake_operation_init();
|
||||||
|
const uint8_t user[] = { 's', 'e', 'r', 'v', 'e', 'r' };
|
||||||
|
const size_t user_len = sizeof(user);
|
||||||
|
uint8_t user_ret[20] = { 0 }; // max user length is 20 bytes
|
||||||
|
size_t user_len_ret = 0;
|
||||||
|
size_t buffer_len_ret = 0;
|
||||||
|
|
||||||
|
psa_pake_primitive_t primitive = PSA_PAKE_PRIMITIVE(
|
||||||
|
PSA_PAKE_PRIMITIVE_TYPE_ECC,
|
||||||
|
PSA_ECC_FAMILY_SECP_R1, 256);
|
||||||
|
|
||||||
|
PSA_INIT();
|
||||||
|
|
||||||
|
psa_pake_cs_set_algorithm(&cipher_suite, PSA_ALG_JPAKE);
|
||||||
|
psa_pake_cs_set_primitive(&cipher_suite, primitive);
|
||||||
|
psa_pake_cs_set_hash(&cipher_suite, PSA_ALG_SHA_256);
|
||||||
|
|
||||||
|
PSA_ASSERT(psa_pake_setup(&operation, &cipher_suite));
|
||||||
|
|
||||||
|
TEST_EQUAL(psa_crypto_driver_pake_get_user(&operation.data.inputs,
|
||||||
|
(uint8_t *) &user_ret,
|
||||||
|
10, &buffer_len_ret),
|
||||||
|
PSA_ERROR_BAD_STATE);
|
||||||
|
|
||||||
|
TEST_EQUAL(psa_crypto_driver_pake_get_user_len(&operation.data.inputs, &user_len_ret),
|
||||||
|
PSA_ERROR_BAD_STATE);
|
||||||
|
|
||||||
|
PSA_ASSERT(psa_pake_set_user(&operation, user, user_len));
|
||||||
|
|
||||||
|
TEST_EQUAL(psa_crypto_driver_pake_get_user_len(&operation.data.inputs, &user_len_ret),
|
||||||
|
PSA_SUCCESS);
|
||||||
|
|
||||||
|
TEST_EQUAL(user_len_ret, user_len);
|
||||||
|
|
||||||
|
TEST_EQUAL(psa_crypto_driver_pake_get_user(&operation.data.inputs,
|
||||||
|
(uint8_t *) &user_ret,
|
||||||
|
user_len_ret - 1,
|
||||||
|
&buffer_len_ret),
|
||||||
|
PSA_ERROR_BUFFER_TOO_SMALL);
|
||||||
|
|
||||||
|
TEST_EQUAL(psa_crypto_driver_pake_get_user(&operation.data.inputs,
|
||||||
|
(uint8_t *) &user_ret,
|
||||||
|
user_len_ret,
|
||||||
|
&buffer_len_ret),
|
||||||
|
PSA_SUCCESS);
|
||||||
|
|
||||||
|
TEST_EQUAL(buffer_len_ret, user_len);
|
||||||
|
PSA_ASSERT(memcmp(user_ret, user, buffer_len_ret));
|
||||||
|
exit:
|
||||||
|
PSA_ASSERT(psa_pake_abort(&operation));
|
||||||
|
PSA_DONE();
|
||||||
|
}
|
||||||
|
/* END_CASE */
|
||||||
|
|
||||||
|
/* BEGIN_CASE depends_on:PSA_WANT_ALG_JPAKE */
|
||||||
|
void pake_input_getters_peer()
|
||||||
|
{
|
||||||
|
psa_pake_cipher_suite_t cipher_suite = psa_pake_cipher_suite_init();
|
||||||
|
psa_pake_operation_t operation = psa_pake_operation_init();
|
||||||
|
const uint8_t peer[] = { 's', 'e', 'r', 'v', 'e', 'r' };
|
||||||
|
const size_t peer_len = sizeof(peer);
|
||||||
|
uint8_t peer_ret[20] = { 0 }; // max peer length is 20 bytes
|
||||||
|
size_t peer_len_ret = 0;
|
||||||
|
size_t buffer_len_ret = 0;
|
||||||
|
|
||||||
|
psa_pake_primitive_t primitive = PSA_PAKE_PRIMITIVE(
|
||||||
|
PSA_PAKE_PRIMITIVE_TYPE_ECC,
|
||||||
|
PSA_ECC_FAMILY_SECP_R1, 256);
|
||||||
|
|
||||||
|
PSA_INIT();
|
||||||
|
|
||||||
|
psa_pake_cs_set_algorithm(&cipher_suite, PSA_ALG_JPAKE);
|
||||||
|
psa_pake_cs_set_primitive(&cipher_suite, primitive);
|
||||||
|
psa_pake_cs_set_hash(&cipher_suite, PSA_ALG_SHA_256);
|
||||||
|
|
||||||
|
PSA_ASSERT(psa_pake_setup(&operation, &cipher_suite));
|
||||||
|
|
||||||
|
TEST_EQUAL(psa_crypto_driver_pake_get_peer(&operation.data.inputs,
|
||||||
|
(uint8_t *) &peer_ret,
|
||||||
|
10, &buffer_len_ret),
|
||||||
|
PSA_ERROR_BAD_STATE);
|
||||||
|
|
||||||
|
TEST_EQUAL(psa_crypto_driver_pake_get_peer_len(&operation.data.inputs, &peer_len_ret),
|
||||||
|
PSA_ERROR_BAD_STATE);
|
||||||
|
|
||||||
|
PSA_ASSERT(psa_pake_set_peer(&operation, peer, peer_len));
|
||||||
|
|
||||||
|
TEST_EQUAL(psa_crypto_driver_pake_get_peer_len(&operation.data.inputs, &peer_len_ret),
|
||||||
|
PSA_SUCCESS);
|
||||||
|
|
||||||
|
TEST_EQUAL(peer_len_ret, peer_len);
|
||||||
|
|
||||||
|
TEST_EQUAL(psa_crypto_driver_pake_get_peer(&operation.data.inputs,
|
||||||
|
(uint8_t *) &peer_ret,
|
||||||
|
peer_len_ret - 1,
|
||||||
|
&buffer_len_ret),
|
||||||
|
PSA_ERROR_BUFFER_TOO_SMALL);
|
||||||
|
|
||||||
|
TEST_EQUAL(psa_crypto_driver_pake_get_peer(&operation.data.inputs,
|
||||||
|
(uint8_t *) &peer_ret,
|
||||||
|
peer_len_ret,
|
||||||
|
&buffer_len_ret),
|
||||||
|
PSA_SUCCESS);
|
||||||
|
|
||||||
|
TEST_EQUAL(buffer_len_ret, peer_len);
|
||||||
|
PSA_ASSERT(memcmp(peer_ret, peer, buffer_len_ret));
|
||||||
|
exit:
|
||||||
|
PSA_ASSERT(psa_pake_abort(&operation));
|
||||||
|
PSA_DONE();
|
||||||
|
}
|
||||||
|
/* END_CASE */
|
||||||
|
|
Loading…
Reference in a new issue