From 98083c6a173ecdcd2eb9ffc03275f22dc46b4811 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sun, 25 Jun 2023 23:27:45 +0100 Subject: [PATCH 01/31] Add support for SHA-3 in PSA Signed-off-by: Dave Rodgman --- include/mbedtls/config_psa.h | 14 +++++++ include/psa/crypto_builtin_primitives.h | 7 +++- include/psa/crypto_config.h | 1 + library/psa_crypto_hash.c | 52 +++++++++++++++++++++++++ 4 files changed, 73 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h index b7e89472f..b1d386236 100644 --- a/include/mbedtls/config_psa.h +++ b/include/mbedtls/config_psa.h @@ -113,6 +113,10 @@ extern "C" { #define PSA_WANT_ALG_SHA_512 1 #endif +#if defined(MBEDTLS_SHA3_C) +#define PSA_WANT_ALG_SHA_3 1 +#endif + /****************************************************************/ /* Require built-in implementations based on PSA requirements */ @@ -270,6 +274,11 @@ extern "C" { #define MBEDTLS_SHA512_C #endif +#if defined(PSA_WANT_ALG_SHA_3) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_3) +#define MBEDTLS_PSA_BUILTIN_ALG_SHA_3 1 +#define MBEDTLS_SHA3_C +#endif + #if defined(PSA_WANT_ALG_PBKDF2_HMAC) #if !defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_HMAC) #define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC 1 @@ -865,6 +874,11 @@ extern "C" { #define PSA_WANT_ALG_SHA_512 1 #endif +#if defined(MBEDTLS_SHA3_C) +#define MBEDTLS_PSA_BUILTIN_ALG_SHA_3 1 +#define PSA_WANT_ALG_SHA_3 1 +#endif + #if defined(MBEDTLS_AES_C) #define PSA_WANT_KEY_TYPE_AES 1 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1 diff --git a/include/psa/crypto_builtin_primitives.h b/include/psa/crypto_builtin_primitives.h index f3e438dd7..ea7da9a1d 100644 --- a/include/psa/crypto_builtin_primitives.h +++ b/include/psa/crypto_builtin_primitives.h @@ -45,6 +45,7 @@ #include "mbedtls/sha1.h" #include "mbedtls/sha256.h" #include "mbedtls/sha512.h" +#include "mbedtls/sha3.h" #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) || \ @@ -52,7 +53,8 @@ defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_3) #define MBEDTLS_PSA_BUILTIN_HASH #endif @@ -76,6 +78,9 @@ typedef struct { #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) mbedtls_sha512_context sha512; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_3) + mbedtls_sha3_context sha3; #endif } MBEDTLS_PRIVATE(ctx); } mbedtls_psa_hash_operation_t; diff --git a/include/psa/crypto_config.h b/include/psa/crypto_config.h index 9da28de8b..e79f21775 100644 --- a/include/psa/crypto_config.h +++ b/include/psa/crypto_config.h @@ -86,6 +86,7 @@ #define PSA_WANT_ALG_SHA_256 1 #define PSA_WANT_ALG_SHA_384 1 #define PSA_WANT_ALG_SHA_512 1 +#define PSA_WANT_ALG_SHA_3 1 #define PSA_WANT_ALG_STREAM_CIPHER 1 #define PSA_WANT_ALG_TLS12_PRF 1 #define PSA_WANT_ALG_TLS12_PSK_TO_MS 1 diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index ddf70949c..44df5526f 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -73,6 +73,14 @@ psa_status_t mbedtls_psa_hash_abort( case PSA_ALG_SHA_512: mbedtls_sha512_free(&operation->ctx.sha512); break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_3) + case PSA_ALG_SHA3_224: + case PSA_ALG_SHA3_256: + case PSA_ALG_SHA3_384: + case PSA_ALG_SHA3_512: + mbedtls_sha3_free(&operation->ctx.sha3); + break; #endif default: return PSA_ERROR_BAD_STATE; @@ -134,6 +142,24 @@ psa_status_t mbedtls_psa_hash_setup( mbedtls_sha512_init(&operation->ctx.sha512); ret = mbedtls_sha512_starts(&operation->ctx.sha512, 0); break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_3) + case PSA_ALG_SHA3_224: + mbedtls_sha3_init(&operation->ctx.sha3); + ret = mbedtls_sha3_starts(&operation->ctx.sha3, MBEDTLS_SHA3_224); + break; + case PSA_ALG_SHA3_256: + mbedtls_sha3_init(&operation->ctx.sha3); + ret = mbedtls_sha3_starts(&operation->ctx.sha3, MBEDTLS_SHA3_256); + break; + case PSA_ALG_SHA3_384: + mbedtls_sha3_init(&operation->ctx.sha3); + ret = mbedtls_sha3_starts(&operation->ctx.sha3, MBEDTLS_SHA3_384); + break; + case PSA_ALG_SHA3_512: + mbedtls_sha3_init(&operation->ctx.sha3); + ret = mbedtls_sha3_starts(&operation->ctx.sha3, MBEDTLS_SHA3_512); + break; #endif default: return PSA_ALG_IS_HASH(alg) ? @@ -196,6 +222,15 @@ psa_status_t mbedtls_psa_hash_clone( mbedtls_sha512_clone(&target_operation->ctx.sha512, &source_operation->ctx.sha512); break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_3) + case PSA_ALG_SHA3_224: + case PSA_ALG_SHA3_256: + case PSA_ALG_SHA3_384: + case PSA_ALG_SHA3_512: + mbedtls_sha3_clone(&target_operation->ctx.sha3, + &source_operation->ctx.sha3); + break; #endif default: (void) source_operation; @@ -256,6 +291,15 @@ psa_status_t mbedtls_psa_hash_update( ret = mbedtls_sha512_update(&operation->ctx.sha512, input, input_length); break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_3) + case PSA_ALG_SHA3_224: + case PSA_ALG_SHA3_256: + case PSA_ALG_SHA3_384: + case PSA_ALG_SHA3_512: + ret = mbedtls_sha3_update(&operation->ctx.sha3, + input, input_length); + break; #endif default: (void) input; @@ -326,6 +370,14 @@ psa_status_t mbedtls_psa_hash_finish( case PSA_ALG_SHA_512: ret = mbedtls_sha512_finish(&operation->ctx.sha512, hash); break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_3) + case PSA_ALG_SHA3_224: + case PSA_ALG_SHA3_256: + case PSA_ALG_SHA3_384: + case PSA_ALG_SHA3_512: + ret = mbedtls_sha3_finish(&operation->ctx.sha3, hash, hash_size); + break; #endif default: (void) hash; From e43076700e877523207204e2918563a9311a47df Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sun, 25 Jun 2023 23:27:53 +0100 Subject: [PATCH 02/31] Add PSA SHA-3 tests Signed-off-by: Dave Rodgman --- tests/suites/test_suite_psa_crypto_hash.data | 64 +++++++++++++++++++ .../test_suite_psa_crypto_metadata.data | 16 +++++ 2 files changed, 80 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_hash.data b/tests/suites/test_suite_psa_crypto_hash.data index 9f5133988..90af79668 100644 --- a/tests/suites/test_suite_psa_crypto_hash.data +++ b/tests/suites/test_suite_psa_crypto_hash.data @@ -158,6 +158,70 @@ PSA hash finish: SHA-512 Test Vector NIST CAVS #8 depends_on:PSA_WANT_ALG_SHA_512 hash_finish:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9" +PSA hash finish: SHA3-224 Test Vector NIST "" +depends_on:PSA_WANT_ALG_SHA_3 +hash_finish:PSA_ALG_SHA3_224:"":"6b4e03423667dbb73b6e15454f0eb1abd4597f9a1b078e3f5b5a6bc7" + +PSA hash finish: SHA3-256 Test Vector NIST "" +depends_on:PSA_WANT_ALG_SHA_3 +hash_finish:PSA_ALG_SHA3_256:"616263":"3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532" + +PSA hash finish: SHA3-384 Test Vector NIST "" +depends_on:PSA_WANT_ALG_SHA_3 +hash_finish:PSA_ALG_SHA3_384:"":"0c63a75b845e4f7d01107d852e4c2485c51a50aaaa94fc61995e71bbee983a2ac3713831264adb47fb6bd1e058d5f004" + +PSA hash finish: SHA3-512 Test Vector NIST "" +depends_on:PSA_WANT_ALG_SHA_3 +hash_finish:PSA_ALG_SHA3_512:"":"a69f73cca23a9ac5c8b567dc185a756e97c982164fe25859e0d1dcc1475c80a615b2123af1f5f94c11e3e9402c3ac558f500199d95b6d3e301758586281dcd26" + +PSA hash finish: SHA3-224 Test Vector NIST "abc" +depends_on:PSA_WANT_ALG_SHA_3 +hash_finish:PSA_ALG_SHA3_224:"616263":"e642824c3f8cf24ad09234ee7d3c766fc9a3a5168d0c94ad73b46fdf" + +PSA hash finish: SHA3-256 Test Vector NIST "abc" +depends_on:PSA_WANT_ALG_SHA_3 +hash_finish:PSA_ALG_SHA3_256:"616263":"3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532" + +PSA hash finish: SHA3-384 Test Vector NIST "abc" +depends_on:PSA_WANT_ALG_SHA_3 +hash_finish:PSA_ALG_SHA3_384:"616263":"ec01498288516fc926459f58e2c6ad8df9b473cb0fc08c2596da7cf0e49be4b298d88cea927ac7f539f1edf228376d25" + +PSA hash finish: SHA3-512 Test Vector NIST "abc" +depends_on:PSA_WANT_ALG_SHA_3 +hash_finish:PSA_ALG_SHA3_512:"616263":"b751850b1a57168a5693cd924b6b096e08f621827444f70d884f5d0240d2712e10e116e9192af3c91a7ec57647e3934057340b4cf408d5a56592f8274eec53f0" + +PSA hash finish: SHA3-224 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" +depends_on:PSA_WANT_ALG_SHA_3 +hash_finish:PSA_ALG_SHA3_224:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"8a24108b154ada21c9fd5574494479ba5c7e7ab76ef264ead0fcce33" + +PSA hash finish: SHA3-256 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" +depends_on:PSA_WANT_ALG_SHA_3 +hash_finish:PSA_ALG_SHA3_256:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"41c0dba2a9d6240849100376a8235e2c82e1b9998a999e21db32dd97496d3376" + +PSA hash finish: SHA3-384 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" +depends_on:PSA_WANT_ALG_SHA_3 +hash_finish:PSA_ALG_SHA3_384:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"991c665755eb3a4b6bbdfb75c78a492e8c56a22c5c4d7e429bfdbc32b9d4ad5aa04a1f076e62fea19eef51acd0657c22" + +PSA hash finish: SHA3-512 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" +depends_on:PSA_WANT_ALG_SHA_3 +hash_finish:PSA_ALG_SHA3_512:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"04a371e84ecfb5b8b77cb48610fca8182dd457ce6f326a0fd3d7ec2f1e91636dee691fbe0c985302ba1b0d8dc78c086346b533b49c030d99a27daf1139d6e75e" + +PSA hash finish: SHA3-224 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" +depends_on:PSA_WANT_ALG_SHA_3 +hash_finish:PSA_ALG_SHA3_224:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"543e6868e1666c1a643630df77367ae5a62a85070a51c14cbf665cbc" + +PSA hash finish: SHA3-256 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" +depends_on:PSA_WANT_ALG_SHA_3 +hash_finish:PSA_ALG_SHA3_256:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"916f6061fe879741ca6469b43971dfdb28b1a32dc36cb3254e812be27aad1d18" + +PSA hash finish: SHA3-384 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" +depends_on:PSA_WANT_ALG_SHA_3 +hash_finish:PSA_ALG_SHA3_384:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"79407d3b5916b59c3e30b09822974791c313fb9ecc849e406f23592d04f625dc8c709b98b43b3852b337216179aa7fc7" + +PSA hash finish: SHA3-512 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" +depends_on:PSA_WANT_ALG_SHA_3 +hash_finish:PSA_ALG_SHA3_512:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"afebb2ef542e6579c50cad06d2e578f9f8dd6881d7dc824d26360feebf18a4fa73e3261122948efcfd492e74e82e2189ed0fb440d187f382270cb455f21dd185" + PSA hash finish: MD5 Test vector RFC1321 #1 depends_on:PSA_WANT_ALG_MD5 hash_finish:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e" diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index a41d83ad8..2f3fe3270 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -26,6 +26,22 @@ Hash: SHA-2 SHA-512 depends_on:PSA_WANT_ALG_SHA_512 hash_algorithm:PSA_ALG_SHA_512:64 +Hash: SHA-3 SHA3-224 +depends_on:PSA_WANT_ALG_SHA_3 +hash_algorithm:PSA_ALG_SHA3_224:28 + +Hash: SHA-3 SHA3-256 +depends_on:PSA_WANT_ALG_SHA_3 +hash_algorithm:PSA_ALG_SHA3_256:32 + +Hash: SHA-3 SHA3-384 +depends_on:PSA_WANT_ALG_SHA_3 +hash_algorithm:PSA_ALG_SHA3_384:48 + +Hash: SHA-3 SHA3-512 +depends_on:PSA_WANT_ALG_SHA_3 +hash_algorithm:PSA_ALG_SHA3_512:64 + MAC: HMAC-MD5 depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5 hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD5 ):16:64 From f66cd61daa4bc37dadb519108663780457867adc Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 26 Jun 2023 11:02:12 +0100 Subject: [PATCH 03/31] Use more standard PSA macro names Signed-off-by: Dave Rodgman --- include/mbedtls/config_psa.h | 34 +++++++++++--- include/psa/crypto_builtin_primitives.h | 10 ++++- include/psa/crypto_config.h | 5 ++- library/psa_crypto_hash.c | 60 ++++++++++++++++++++++--- 4 files changed, 96 insertions(+), 13 deletions(-) diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h index b1d386236..4a05318a7 100644 --- a/include/mbedtls/config_psa.h +++ b/include/mbedtls/config_psa.h @@ -114,7 +114,10 @@ extern "C" { #endif #if defined(MBEDTLS_SHA3_C) -#define PSA_WANT_ALG_SHA_3 1 +#define PSA_WANT_ALG_SHA3_224 1 +#define PSA_WANT_ALG_SHA3_256 1 +#define PSA_WANT_ALG_SHA3_384 1 +#define PSA_WANT_ALG_SHA3_512 1 #endif @@ -274,8 +277,23 @@ extern "C" { #define MBEDTLS_SHA512_C #endif -#if defined(PSA_WANT_ALG_SHA_3) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_3) -#define MBEDTLS_PSA_BUILTIN_ALG_SHA_3 1 +#if defined(PSA_WANT_ALG_SHA3_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_3_224) +#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_224 1 +#define MBEDTLS_SHA3_C +#endif + +#if defined(PSA_WANT_ALG_SHA3_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_3_256) +#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_256 1 +#define MBEDTLS_SHA3_C +#endif + +#if defined(PSA_WANT_ALG_SHA3_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_3_384) +#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_384 1 +#define MBEDTLS_SHA3_C +#endif + +#if defined(PSA_WANT_ALG_SHA3_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_3_512) +#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_512 1 #define MBEDTLS_SHA3_C #endif @@ -875,8 +893,14 @@ extern "C" { #endif #if defined(MBEDTLS_SHA3_C) -#define MBEDTLS_PSA_BUILTIN_ALG_SHA_3 1 -#define PSA_WANT_ALG_SHA_3 1 +#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_224 1 +#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_256 1 +#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_384 1 +#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_512 1 +#define PSA_WANT_ALG_SHA3_224 1 +#define PSA_WANT_ALG_SHA3_256 1 +#define PSA_WANT_ALG_SHA3_384 1 +#define PSA_WANT_ALG_SHA3_512 1 #endif #if defined(MBEDTLS_AES_C) diff --git a/include/psa/crypto_builtin_primitives.h b/include/psa/crypto_builtin_primitives.h index ea7da9a1d..b6bd484b9 100644 --- a/include/psa/crypto_builtin_primitives.h +++ b/include/psa/crypto_builtin_primitives.h @@ -54,7 +54,10 @@ defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_3) + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) #define MBEDTLS_PSA_BUILTIN_HASH #endif @@ -79,7 +82,10 @@ typedef struct { defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) mbedtls_sha512_context sha512; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_3) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) mbedtls_sha3_context sha3; #endif } MBEDTLS_PRIVATE(ctx); diff --git a/include/psa/crypto_config.h b/include/psa/crypto_config.h index e79f21775..cc15fe79f 100644 --- a/include/psa/crypto_config.h +++ b/include/psa/crypto_config.h @@ -86,7 +86,10 @@ #define PSA_WANT_ALG_SHA_256 1 #define PSA_WANT_ALG_SHA_384 1 #define PSA_WANT_ALG_SHA_512 1 -#define PSA_WANT_ALG_SHA_3 1 +#define PSA_WANT_ALG_SHA3_224 1 +#define PSA_WANT_ALG_SHA3_256 1 +#define PSA_WANT_ALG_SHA3_384 1 +#define PSA_WANT_ALG_SHA3_512 1 #define PSA_WANT_ALG_STREAM_CIPHER 1 #define PSA_WANT_ALG_TLS12_PRF 1 #define PSA_WANT_ALG_TLS12_PSK_TO_MS 1 diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index 44df5526f..ed933c00b 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -74,11 +74,22 @@ psa_status_t mbedtls_psa_hash_abort( mbedtls_sha512_free(&operation->ctx.sha512); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_3) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) case PSA_ALG_SHA3_224: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) case PSA_ALG_SHA3_256: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) case PSA_ALG_SHA3_384: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) case PSA_ALG_SHA3_512: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) mbedtls_sha3_free(&operation->ctx.sha3); break; #endif @@ -143,19 +154,25 @@ psa_status_t mbedtls_psa_hash_setup( ret = mbedtls_sha512_starts(&operation->ctx.sha512, 0); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_3) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) case PSA_ALG_SHA3_224: mbedtls_sha3_init(&operation->ctx.sha3); ret = mbedtls_sha3_starts(&operation->ctx.sha3, MBEDTLS_SHA3_224); break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) case PSA_ALG_SHA3_256: mbedtls_sha3_init(&operation->ctx.sha3); ret = mbedtls_sha3_starts(&operation->ctx.sha3, MBEDTLS_SHA3_256); break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) case PSA_ALG_SHA3_384: mbedtls_sha3_init(&operation->ctx.sha3); ret = mbedtls_sha3_starts(&operation->ctx.sha3, MBEDTLS_SHA3_384); break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) case PSA_ALG_SHA3_512: mbedtls_sha3_init(&operation->ctx.sha3); ret = mbedtls_sha3_starts(&operation->ctx.sha3, MBEDTLS_SHA3_512); @@ -223,11 +240,22 @@ psa_status_t mbedtls_psa_hash_clone( &source_operation->ctx.sha512); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_3) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) case PSA_ALG_SHA3_224: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) case PSA_ALG_SHA3_256: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) case PSA_ALG_SHA3_384: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) case PSA_ALG_SHA3_512: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) mbedtls_sha3_clone(&target_operation->ctx.sha3, &source_operation->ctx.sha3); break; @@ -292,11 +320,22 @@ psa_status_t mbedtls_psa_hash_update( input, input_length); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_3) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) case PSA_ALG_SHA3_224: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) case PSA_ALG_SHA3_256: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) case PSA_ALG_SHA3_384: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) case PSA_ALG_SHA3_512: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) ret = mbedtls_sha3_update(&operation->ctx.sha3, input, input_length); break; @@ -371,11 +410,22 @@ psa_status_t mbedtls_psa_hash_finish( ret = mbedtls_sha512_finish(&operation->ctx.sha512, hash); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_3) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) case PSA_ALG_SHA3_224: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) case PSA_ALG_SHA3_256: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) case PSA_ALG_SHA3_384: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) case PSA_ALG_SHA3_512: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) ret = mbedtls_sha3_finish(&operation->ctx.sha3, hash, hash_size); break; #endif From 09822a35f55dbc15729b17dcf0ae5f853a48182b Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 26 Jun 2023 11:11:23 +0100 Subject: [PATCH 04/31] code style Signed-off-by: Dave Rodgman --- include/psa/crypto_builtin_primitives.h | 6 +++--- include/psa/crypto_config.h | 6 +++--- library/psa_crypto_hash.c | 22 +++++++++++----------- 3 files changed, 17 insertions(+), 17 deletions(-) diff --git a/include/psa/crypto_builtin_primitives.h b/include/psa/crypto_builtin_primitives.h index b6bd484b9..00363e439 100644 --- a/include/psa/crypto_builtin_primitives.h +++ b/include/psa/crypto_builtin_primitives.h @@ -83,9 +83,9 @@ typedef struct { mbedtls_sha512_context sha512; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) mbedtls_sha3_context sha3; #endif } MBEDTLS_PRIVATE(ctx); diff --git a/include/psa/crypto_config.h b/include/psa/crypto_config.h index cc15fe79f..4e7aba5d0 100644 --- a/include/psa/crypto_config.h +++ b/include/psa/crypto_config.h @@ -86,10 +86,10 @@ #define PSA_WANT_ALG_SHA_256 1 #define PSA_WANT_ALG_SHA_384 1 #define PSA_WANT_ALG_SHA_512 1 -#define PSA_WANT_ALG_SHA3_224 1 +#define PSA_WANT_ALG_SHA3_224 1 #define PSA_WANT_ALG_SHA3_256 1 -#define PSA_WANT_ALG_SHA3_384 1 -#define PSA_WANT_ALG_SHA3_512 1 +#define PSA_WANT_ALG_SHA3_384 1 +#define PSA_WANT_ALG_SHA3_512 1 #define PSA_WANT_ALG_STREAM_CIPHER 1 #define PSA_WANT_ALG_TLS12_PRF 1 #define PSA_WANT_ALG_TLS12_PSK_TO_MS 1 diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index ed933c00b..dad182616 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -87,9 +87,9 @@ psa_status_t mbedtls_psa_hash_abort( case PSA_ALG_SHA3_512: #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) mbedtls_sha3_free(&operation->ctx.sha3); break; #endif @@ -253,9 +253,9 @@ psa_status_t mbedtls_psa_hash_clone( case PSA_ALG_SHA3_512: #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) mbedtls_sha3_clone(&target_operation->ctx.sha3, &source_operation->ctx.sha3); break; @@ -336,9 +336,9 @@ psa_status_t mbedtls_psa_hash_update( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) - ret = mbedtls_sha3_update(&operation->ctx.sha3, - input, input_length); - break; + ret = mbedtls_sha3_update(&operation->ctx.sha3, + input, input_length); + break; #endif default: (void) input; @@ -426,8 +426,8 @@ psa_status_t mbedtls_psa_hash_finish( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) - ret = mbedtls_sha3_finish(&operation->ctx.sha3, hash, hash_size); - break; + ret = mbedtls_sha3_finish(&operation->ctx.sha3, hash, hash_size); + break; #endif default: (void) hash; From 12cd44b9b3ef09b1a3bf65771d222ec6c9f79fa9 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 26 Jun 2023 11:27:37 +0100 Subject: [PATCH 05/31] Fix test dependencies Signed-off-by: Dave Rodgman --- tests/suites/test_suite_psa_crypto_hash.data | 32 +++++++++---------- .../test_suite_psa_crypto_metadata.data | 8 ++--- 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_hash.data b/tests/suites/test_suite_psa_crypto_hash.data index 90af79668..75689c962 100644 --- a/tests/suites/test_suite_psa_crypto_hash.data +++ b/tests/suites/test_suite_psa_crypto_hash.data @@ -159,67 +159,67 @@ depends_on:PSA_WANT_ALG_SHA_512 hash_finish:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9" PSA hash finish: SHA3-224 Test Vector NIST "" -depends_on:PSA_WANT_ALG_SHA_3 +depends_on:PSA_WANT_ALG_SHA_3_224 hash_finish:PSA_ALG_SHA3_224:"":"6b4e03423667dbb73b6e15454f0eb1abd4597f9a1b078e3f5b5a6bc7" PSA hash finish: SHA3-256 Test Vector NIST "" -depends_on:PSA_WANT_ALG_SHA_3 +depends_on:PSA_WANT_ALG_SHA_3_256 hash_finish:PSA_ALG_SHA3_256:"616263":"3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532" PSA hash finish: SHA3-384 Test Vector NIST "" -depends_on:PSA_WANT_ALG_SHA_3 +depends_on:PSA_WANT_ALG_SHA_3_384 hash_finish:PSA_ALG_SHA3_384:"":"0c63a75b845e4f7d01107d852e4c2485c51a50aaaa94fc61995e71bbee983a2ac3713831264adb47fb6bd1e058d5f004" PSA hash finish: SHA3-512 Test Vector NIST "" -depends_on:PSA_WANT_ALG_SHA_3 +depends_on:PSA_WANT_ALG_SHA_3_512 hash_finish:PSA_ALG_SHA3_512:"":"a69f73cca23a9ac5c8b567dc185a756e97c982164fe25859e0d1dcc1475c80a615b2123af1f5f94c11e3e9402c3ac558f500199d95b6d3e301758586281dcd26" PSA hash finish: SHA3-224 Test Vector NIST "abc" -depends_on:PSA_WANT_ALG_SHA_3 +depends_on:PSA_WANT_ALG_SHA_3_224 hash_finish:PSA_ALG_SHA3_224:"616263":"e642824c3f8cf24ad09234ee7d3c766fc9a3a5168d0c94ad73b46fdf" PSA hash finish: SHA3-256 Test Vector NIST "abc" -depends_on:PSA_WANT_ALG_SHA_3 +depends_on:PSA_WANT_ALG_SHA_3_256 hash_finish:PSA_ALG_SHA3_256:"616263":"3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532" PSA hash finish: SHA3-384 Test Vector NIST "abc" -depends_on:PSA_WANT_ALG_SHA_3 +depends_on:PSA_WANT_ALG_SHA_3_384 hash_finish:PSA_ALG_SHA3_384:"616263":"ec01498288516fc926459f58e2c6ad8df9b473cb0fc08c2596da7cf0e49be4b298d88cea927ac7f539f1edf228376d25" PSA hash finish: SHA3-512 Test Vector NIST "abc" -depends_on:PSA_WANT_ALG_SHA_3 +depends_on:PSA_WANT_ALG_SHA_3_512 hash_finish:PSA_ALG_SHA3_512:"616263":"b751850b1a57168a5693cd924b6b096e08f621827444f70d884f5d0240d2712e10e116e9192af3c91a7ec57647e3934057340b4cf408d5a56592f8274eec53f0" PSA hash finish: SHA3-224 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" -depends_on:PSA_WANT_ALG_SHA_3 +depends_on:PSA_WANT_ALG_SHA_3_224 hash_finish:PSA_ALG_SHA3_224:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"8a24108b154ada21c9fd5574494479ba5c7e7ab76ef264ead0fcce33" PSA hash finish: SHA3-256 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" -depends_on:PSA_WANT_ALG_SHA_3 +depends_on:PSA_WANT_ALG_SHA_3_256 hash_finish:PSA_ALG_SHA3_256:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"41c0dba2a9d6240849100376a8235e2c82e1b9998a999e21db32dd97496d3376" PSA hash finish: SHA3-384 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" -depends_on:PSA_WANT_ALG_SHA_3 +depends_on:PSA_WANT_ALG_SHA_3_384 hash_finish:PSA_ALG_SHA3_384:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"991c665755eb3a4b6bbdfb75c78a492e8c56a22c5c4d7e429bfdbc32b9d4ad5aa04a1f076e62fea19eef51acd0657c22" PSA hash finish: SHA3-512 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" -depends_on:PSA_WANT_ALG_SHA_3 +depends_on:PSA_WANT_ALG_SHA_3_512 hash_finish:PSA_ALG_SHA3_512:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"04a371e84ecfb5b8b77cb48610fca8182dd457ce6f326a0fd3d7ec2f1e91636dee691fbe0c985302ba1b0d8dc78c086346b533b49c030d99a27daf1139d6e75e" PSA hash finish: SHA3-224 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" -depends_on:PSA_WANT_ALG_SHA_3 +depends_on:PSA_WANT_ALG_SHA_3_224 hash_finish:PSA_ALG_SHA3_224:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"543e6868e1666c1a643630df77367ae5a62a85070a51c14cbf665cbc" PSA hash finish: SHA3-256 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" -depends_on:PSA_WANT_ALG_SHA_3 +depends_on:PSA_WANT_ALG_SHA_3_256 hash_finish:PSA_ALG_SHA3_256:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"916f6061fe879741ca6469b43971dfdb28b1a32dc36cb3254e812be27aad1d18" PSA hash finish: SHA3-384 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" -depends_on:PSA_WANT_ALG_SHA_3 +depends_on:PSA_WANT_ALG_SHA_3_384 hash_finish:PSA_ALG_SHA3_384:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"79407d3b5916b59c3e30b09822974791c313fb9ecc849e406f23592d04f625dc8c709b98b43b3852b337216179aa7fc7" PSA hash finish: SHA3-512 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" -depends_on:PSA_WANT_ALG_SHA_3 +depends_on:PSA_WANT_ALG_SHA_3_512 hash_finish:PSA_ALG_SHA3_512:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"afebb2ef542e6579c50cad06d2e578f9f8dd6881d7dc824d26360feebf18a4fa73e3261122948efcfd492e74e82e2189ed0fb440d187f382270cb455f21dd185" PSA hash finish: MD5 Test vector RFC1321 #1 diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index 2f3fe3270..b461dc48e 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -27,19 +27,19 @@ depends_on:PSA_WANT_ALG_SHA_512 hash_algorithm:PSA_ALG_SHA_512:64 Hash: SHA-3 SHA3-224 -depends_on:PSA_WANT_ALG_SHA_3 +depends_on:PSA_WANT_ALG_SHA_3_224 hash_algorithm:PSA_ALG_SHA3_224:28 Hash: SHA-3 SHA3-256 -depends_on:PSA_WANT_ALG_SHA_3 +depends_on:PSA_WANT_ALG_SHA_3_256 hash_algorithm:PSA_ALG_SHA3_256:32 Hash: SHA-3 SHA3-384 -depends_on:PSA_WANT_ALG_SHA_3 +depends_on:PSA_WANT_ALG_SHA_3_384 hash_algorithm:PSA_ALG_SHA3_384:48 Hash: SHA-3 SHA3-512 -depends_on:PSA_WANT_ALG_SHA_3 +depends_on:PSA_WANT_ALG_SHA_3_512 hash_algorithm:PSA_ALG_SHA3_512:64 MAC: HMAC-MD5 From 16985d5f9813f3ffdfa48425becf3b42255f1a4b Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 26 Jun 2023 11:28:33 +0100 Subject: [PATCH 06/31] Fix test dependencies Signed-off-by: Dave Rodgman --- tests/suites/test_suite_psa_crypto_hash.data | 32 +++++++++---------- .../test_suite_psa_crypto_metadata.data | 8 ++--- 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_hash.data b/tests/suites/test_suite_psa_crypto_hash.data index 75689c962..1133c398d 100644 --- a/tests/suites/test_suite_psa_crypto_hash.data +++ b/tests/suites/test_suite_psa_crypto_hash.data @@ -159,67 +159,67 @@ depends_on:PSA_WANT_ALG_SHA_512 hash_finish:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9" PSA hash finish: SHA3-224 Test Vector NIST "" -depends_on:PSA_WANT_ALG_SHA_3_224 +depends_on:PSA_WANT_ALG_SHA3_224 hash_finish:PSA_ALG_SHA3_224:"":"6b4e03423667dbb73b6e15454f0eb1abd4597f9a1b078e3f5b5a6bc7" PSA hash finish: SHA3-256 Test Vector NIST "" -depends_on:PSA_WANT_ALG_SHA_3_256 +depends_on:PSA_WANT_ALG_SHA3_256 hash_finish:PSA_ALG_SHA3_256:"616263":"3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532" PSA hash finish: SHA3-384 Test Vector NIST "" -depends_on:PSA_WANT_ALG_SHA_3_384 +depends_on:PSA_WANT_ALG_SHA3_384 hash_finish:PSA_ALG_SHA3_384:"":"0c63a75b845e4f7d01107d852e4c2485c51a50aaaa94fc61995e71bbee983a2ac3713831264adb47fb6bd1e058d5f004" PSA hash finish: SHA3-512 Test Vector NIST "" -depends_on:PSA_WANT_ALG_SHA_3_512 +depends_on:PSA_WANT_ALG_SHA3_512 hash_finish:PSA_ALG_SHA3_512:"":"a69f73cca23a9ac5c8b567dc185a756e97c982164fe25859e0d1dcc1475c80a615b2123af1f5f94c11e3e9402c3ac558f500199d95b6d3e301758586281dcd26" PSA hash finish: SHA3-224 Test Vector NIST "abc" -depends_on:PSA_WANT_ALG_SHA_3_224 +depends_on:PSA_WANT_ALG_SHA3_224 hash_finish:PSA_ALG_SHA3_224:"616263":"e642824c3f8cf24ad09234ee7d3c766fc9a3a5168d0c94ad73b46fdf" PSA hash finish: SHA3-256 Test Vector NIST "abc" -depends_on:PSA_WANT_ALG_SHA_3_256 +depends_on:PSA_WANT_ALG_SHA3_256 hash_finish:PSA_ALG_SHA3_256:"616263":"3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532" PSA hash finish: SHA3-384 Test Vector NIST "abc" -depends_on:PSA_WANT_ALG_SHA_3_384 +depends_on:PSA_WANT_ALG_SHA3_384 hash_finish:PSA_ALG_SHA3_384:"616263":"ec01498288516fc926459f58e2c6ad8df9b473cb0fc08c2596da7cf0e49be4b298d88cea927ac7f539f1edf228376d25" PSA hash finish: SHA3-512 Test Vector NIST "abc" -depends_on:PSA_WANT_ALG_SHA_3_512 +depends_on:PSA_WANT_ALG_SHA3_512 hash_finish:PSA_ALG_SHA3_512:"616263":"b751850b1a57168a5693cd924b6b096e08f621827444f70d884f5d0240d2712e10e116e9192af3c91a7ec57647e3934057340b4cf408d5a56592f8274eec53f0" PSA hash finish: SHA3-224 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" -depends_on:PSA_WANT_ALG_SHA_3_224 +depends_on:PSA_WANT_ALG_SHA3_224 hash_finish:PSA_ALG_SHA3_224:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"8a24108b154ada21c9fd5574494479ba5c7e7ab76ef264ead0fcce33" PSA hash finish: SHA3-256 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" -depends_on:PSA_WANT_ALG_SHA_3_256 +depends_on:PSA_WANT_ALG_SHA3_256 hash_finish:PSA_ALG_SHA3_256:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"41c0dba2a9d6240849100376a8235e2c82e1b9998a999e21db32dd97496d3376" PSA hash finish: SHA3-384 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" -depends_on:PSA_WANT_ALG_SHA_3_384 +depends_on:PSA_WANT_ALG_SHA3_384 hash_finish:PSA_ALG_SHA3_384:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"991c665755eb3a4b6bbdfb75c78a492e8c56a22c5c4d7e429bfdbc32b9d4ad5aa04a1f076e62fea19eef51acd0657c22" PSA hash finish: SHA3-512 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" -depends_on:PSA_WANT_ALG_SHA_3_512 +depends_on:PSA_WANT_ALG_SHA3_512 hash_finish:PSA_ALG_SHA3_512:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"04a371e84ecfb5b8b77cb48610fca8182dd457ce6f326a0fd3d7ec2f1e91636dee691fbe0c985302ba1b0d8dc78c086346b533b49c030d99a27daf1139d6e75e" PSA hash finish: SHA3-224 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" -depends_on:PSA_WANT_ALG_SHA_3_224 +depends_on:PSA_WANT_ALG_SHA3_224 hash_finish:PSA_ALG_SHA3_224:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"543e6868e1666c1a643630df77367ae5a62a85070a51c14cbf665cbc" PSA hash finish: SHA3-256 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" -depends_on:PSA_WANT_ALG_SHA_3_256 +depends_on:PSA_WANT_ALG_SHA3_256 hash_finish:PSA_ALG_SHA3_256:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"916f6061fe879741ca6469b43971dfdb28b1a32dc36cb3254e812be27aad1d18" PSA hash finish: SHA3-384 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" -depends_on:PSA_WANT_ALG_SHA_3_384 +depends_on:PSA_WANT_ALG_SHA3_384 hash_finish:PSA_ALG_SHA3_384:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"79407d3b5916b59c3e30b09822974791c313fb9ecc849e406f23592d04f625dc8c709b98b43b3852b337216179aa7fc7" PSA hash finish: SHA3-512 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" -depends_on:PSA_WANT_ALG_SHA_3_512 +depends_on:PSA_WANT_ALG_SHA3_512 hash_finish:PSA_ALG_SHA3_512:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"afebb2ef542e6579c50cad06d2e578f9f8dd6881d7dc824d26360feebf18a4fa73e3261122948efcfd492e74e82e2189ed0fb440d187f382270cb455f21dd185" PSA hash finish: MD5 Test vector RFC1321 #1 diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index b461dc48e..2bc559c6b 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -27,19 +27,19 @@ depends_on:PSA_WANT_ALG_SHA_512 hash_algorithm:PSA_ALG_SHA_512:64 Hash: SHA-3 SHA3-224 -depends_on:PSA_WANT_ALG_SHA_3_224 +depends_on:PSA_WANT_ALG_SHA3_224 hash_algorithm:PSA_ALG_SHA3_224:28 Hash: SHA-3 SHA3-256 -depends_on:PSA_WANT_ALG_SHA_3_256 +depends_on:PSA_WANT_ALG_SHA3_256 hash_algorithm:PSA_ALG_SHA3_256:32 Hash: SHA-3 SHA3-384 -depends_on:PSA_WANT_ALG_SHA_3_384 +depends_on:PSA_WANT_ALG_SHA3_384 hash_algorithm:PSA_ALG_SHA3_384:48 Hash: SHA-3 SHA3-512 -depends_on:PSA_WANT_ALG_SHA_3_512 +depends_on:PSA_WANT_ALG_SHA3_512 hash_algorithm:PSA_ALG_SHA3_512:64 MAC: HMAC-MD5 From 5734bb99cc18a0db9b31f67f87c299d2f5cbbda0 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 26 Jun 2023 18:23:08 +0100 Subject: [PATCH 07/31] Fix PSA_HMAC_MAX_HASH_BLOCK_SIZE and PSA_HASH_MAX_SIZE definitions Signed-off-by: Dave Rodgman --- include/psa/crypto_sizes.h | 29 ++++++++++++++++++++++------- 1 file changed, 22 insertions(+), 7 deletions(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 8cc965b09..dd99c0d92 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -125,28 +125,43 @@ * This macro expands to a compile-time constant integer. This value * is the maximum size of a hash in bytes. */ -/* Note: for HMAC-SHA-3, the block size is 144 bytes for HMAC-SHA3-226, +/* Note: for HMAC-SHA-3, the block size is 144 bytes for HMAC-SHA3-224, * 136 bytes for HMAC-SHA3-256, 104 bytes for SHA3-384, 72 bytes for * HMAC-SHA3-512. */ /* Note: PSA_HASH_MAX_SIZE should be kept in sync with MBEDTLS_MD_MAX_SIZE, * see the note on MBEDTLS_MD_MAX_SIZE for details. */ -#if defined(PSA_WANT_ALG_SHA_512) -#define PSA_HASH_MAX_SIZE 64 +#if defined(PSA_WANT_ALG_SHA3_224) +#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 144 +#elif defined(PSA_WANT_ALG_SHA3_256) +#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 136 +#elif defined(PSA_WANT_ALG_SHA_512) #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128 #elif defined(PSA_WANT_ALG_SHA_384) -#define PSA_HASH_MAX_SIZE 48 #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128 +#elif defined(PSA_WANT_ALG_SHA3_384) +#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 104 +#elif defined(PSA_WANT_ALG_SHA3_512) +#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 72 #elif defined(PSA_WANT_ALG_SHA_256) -#define PSA_HASH_MAX_SIZE 32 #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64 #elif defined(PSA_WANT_ALG_SHA_224) -#define PSA_HASH_MAX_SIZE 28 #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64 #else /* SHA-1 or smaller */ -#define PSA_HASH_MAX_SIZE 20 #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64 #endif +#if defined(PSA_WANT_ALG_SHA_512) || defined(PSA_WANT_ALG_SHA3_512) +#define PSA_HASH_MAX_SIZE 64 +#elif defined(PSA_WANT_ALG_SHA_384) || defined(PSA_WANT_ALG_SHA3_384) +#define PSA_HASH_MAX_SIZE 48 +#elif defined(PSA_WANT_ALG_SHA_256) || defined(PSA_WANT_ALG_SHA3_256) +#define PSA_HASH_MAX_SIZE 32 +#elif defined(PSA_WANT_ALG_SHA_224) || defined(PSA_WANT_ALG_SHA3_224) +#define PSA_HASH_MAX_SIZE 28 +#else /* SHA-1 or smaller */ +#define PSA_HASH_MAX_SIZE 20 +#endif + /** \def PSA_MAC_MAX_SIZE * * Maximum size of a MAC. From 47a2ac1c253b90f9c57b9ba5cf3ae110a4068042 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 26 Jun 2023 18:39:42 +0100 Subject: [PATCH 08/31] Fix incorrectly named macro Signed-off-by: Dave Rodgman --- include/mbedtls/config_psa.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h index 4a05318a7..45fcddf3d 100644 --- a/include/mbedtls/config_psa.h +++ b/include/mbedtls/config_psa.h @@ -277,22 +277,22 @@ extern "C" { #define MBEDTLS_SHA512_C #endif -#if defined(PSA_WANT_ALG_SHA3_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_3_224) +#if defined(PSA_WANT_ALG_SHA3_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_224) #define MBEDTLS_PSA_BUILTIN_ALG_SHA3_224 1 #define MBEDTLS_SHA3_C #endif -#if defined(PSA_WANT_ALG_SHA3_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_3_256) +#if defined(PSA_WANT_ALG_SHA3_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_256) #define MBEDTLS_PSA_BUILTIN_ALG_SHA3_256 1 #define MBEDTLS_SHA3_C #endif -#if defined(PSA_WANT_ALG_SHA3_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_3_384) +#if defined(PSA_WANT_ALG_SHA3_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_384) #define MBEDTLS_PSA_BUILTIN_ALG_SHA3_384 1 #define MBEDTLS_SHA3_C #endif -#if defined(PSA_WANT_ALG_SHA3_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_3_512) +#if defined(PSA_WANT_ALG_SHA3_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_512) #define MBEDTLS_PSA_BUILTIN_ALG_SHA3_512 1 #define MBEDTLS_SHA3_C #endif From 527f48f14d8b11f674903cb4b02e172771593f9a Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 5 Jul 2023 18:57:30 +0100 Subject: [PATCH 09/31] Add OID definitions for SHA3 Signed-off-by: Dave Rodgman --- include/mbedtls/oid.h | 9 +++++++++ library/oid.c | 24 ++++++++++++++++++++++++ 2 files changed, 33 insertions(+) diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h index e333ba11b..f89420589 100644 --- a/include/mbedtls/oid.h +++ b/include/mbedtls/oid.h @@ -270,6 +270,15 @@ #define MBEDTLS_OID_DIGEST_ALG_RIPEMD160 MBEDTLS_OID_TELETRUST "\x03\x02\x01" /**< id-ripemd160 OBJECT IDENTIFIER :: { iso(1) identified-organization(3) teletrust(36) algorithm(3) hashAlgorithm(2) ripemd160(1) } */ +#define MBEDTLS_OID_DIGEST_ALG_SHA3_224 MBEDTLS_OID_NIST_ALG "\x02\x07" /**< id-sha3-224 OBJECT IDENTIFIER ::= joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-224(7) } */ + +#define MBEDTLS_OID_DIGEST_ALG_SHA3_256 MBEDTLS_OID_NIST_ALG "\x02\x08" /**< id-sha3-256 OBJECT IDENTIFIER ::= joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-256(8) } */ + +#define MBEDTLS_OID_DIGEST_ALG_SHA3_384 MBEDTLS_OID_NIST_ALG "\x02\x09" /**< id-sha3-384 OBJECT IDENTIFIER ::= joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-384(9) } */ + +#define MBEDTLS_OID_DIGEST_ALG_SHA3_512 MBEDTLS_OID_NIST_ALG "\x02\x0a" /**< id-sha3-512 OBJECT IDENTIFIER ::= joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-512(10) } */ + + #define MBEDTLS_OID_HMAC_SHA1 MBEDTLS_OID_RSA_COMPANY "\x02\x07" /**< id-hmacWithSHA1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 7 } */ #define MBEDTLS_OID_HMAC_SHA224 MBEDTLS_OID_RSA_COMPANY "\x02\x08" /**< id-hmacWithSHA224 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 8 } */ diff --git a/library/oid.c b/library/oid.c index 47a311b94..9ea41cbae 100644 --- a/library/oid.c +++ b/library/oid.c @@ -760,6 +760,30 @@ static const oid_md_alg_t oid_md_alg[] = OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_RIPEMD160, "id-ripemd160", "RIPEMD-160"), MBEDTLS_MD_RIPEMD160, }, +#endif +#if defined(MBEDTLS_MD_CAN_SHA3_224) + { + OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA3_224, "id-sha3-224", "SHA-3-224"), + MBEDTLS_MD_SHA3_224, + }, +#endif +#if defined(MBEDTLS_MD_CAN_SHA3_256) + { + OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA3_256, "id-sha3-256", "SHA-3-256"), + MBEDTLS_MD_SHA3_256, + }, +#endif +#if defined(MBEDTLS_MD_CAN_SHA3_384) + { + OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA3_384, "id-sha3-384", "SHA-3-384"), + MBEDTLS_MD_SHA3_384, + }, +#endif +#if defined(MBEDTLS_MD_CAN_SHA3_512) + { + OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA3_512, "id-sha3-512", "SHA-3-512"), + MBEDTLS_MD_SHA3_512, + }, #endif { NULL_OID_DESCRIPTOR, From 3a498a6ccbe7b821012ba2404b03ccd45fa14628 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 5 Jul 2023 18:58:04 +0100 Subject: [PATCH 10/31] Add SHA-3 cases in mbedtls_md_type_from_psa_alg, mbedtls_md_psa_alg_from_type Signed-off-by: Dave Rodgman --- library/md.c | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/library/md.c b/library/md.c index a29d876e9..b04e36445 100644 --- a/library/md.c +++ b/library/md.c @@ -816,6 +816,22 @@ psa_algorithm_t mbedtls_md_psa_alg_from_type(mbedtls_md_type_t md_type) #if defined(MBEDTLS_MD_CAN_SHA512) case MBEDTLS_MD_SHA512: return PSA_ALG_SHA_512; +#endif +#if defined(MBEDTLS_MD_CAN_SHA3_224) + case MBEDTLS_MD_SHA3_224: + return PSA_ALG_SHA3_224; +#endif +#if defined(MBEDTLS_MD_CAN_SHA3_256) + case MBEDTLS_MD_SHA3_256: + return PSA_ALG_SHA3_256; +#endif +#if defined(MBEDTLS_MD_CAN_SHA3_384) + case MBEDTLS_MD_SHA3_384: + return PSA_ALG_SHA3_384; +#endif +#if defined(MBEDTLS_MD_CAN_SHA3_512) + case MBEDTLS_MD_SHA3_512: + return PSA_ALG_SHA3_512; #endif default: return PSA_ALG_NONE; @@ -852,6 +868,22 @@ mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa_alg) #if defined(MBEDTLS_MD_CAN_SHA512) case PSA_ALG_SHA_512: return MBEDTLS_MD_SHA512; +#endif +#if defined(MBEDTLS_MD_CAN_SHA3_224) + case PSA_ALG_SHA3_224: + return MBEDTLS_MD_SHA3_224; +#endif +#if defined(MBEDTLS_MD_CAN_SHA3_256) + case PSA_ALG_SHA3_256: + return MBEDTLS_MD_SHA3_256; +#endif +#if defined(MBEDTLS_MD_CAN_SHA3_384) + case PSA_ALG_SHA3_384: + return MBEDTLS_MD_SHA3_384; +#endif +#if defined(MBEDTLS_MD_CAN_SHA3_512) + case PSA_ALG_SHA3_512: + return MBEDTLS_MD_SHA3_512; #endif default: return MBEDTLS_MD_NONE; From 7bb7602a6630d2e33b6d6cdcfff95befb28e6fc3 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 5 Jul 2023 19:03:21 +0100 Subject: [PATCH 11/31] Add OID tests for SHA-3 Signed-off-by: Dave Rodgman --- tests/suites/test_suite_oid.data | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/tests/suites/test_suite_oid.data b/tests/suites/test_suite_oid.data index 00f6e0b4d..cc23c5b66 100644 --- a/tests/suites/test_suite_oid.data +++ b/tests/suites/test_suite_oid.data @@ -82,6 +82,22 @@ OID hash id - id-sha512 depends_on:MBEDTLS_MD_CAN_SHA512 oid_get_md_alg_id:"608648016503040203":MBEDTLS_MD_SHA512 +OID hash id - id-sha3-224 +depends_on:MBEDTLS_MD_CAN_SHA3_224 +oid_get_md_alg_id:"608648016503040207":MBEDTLS_MD_SHA3_224 + +OID hash id - id-sha3-256 +depends_on:MBEDTLS_MD_CAN_SHA3_256 +oid_get_md_alg_id:"608648016503040208":MBEDTLS_MD_SHA3_256 + +OID hash id - id-sha3-384 +depends_on:MBEDTLS_MD_CAN_SHA3_384 +oid_get_md_alg_id:"608648016503040209":MBEDTLS_MD_SHA3_384 + +OID hash id - id-sha3-512 +depends_on:MBEDTLS_MD_CAN_SHA3_512 +oid_get_md_alg_id:"60864801650304020a":MBEDTLS_MD_SHA3_512 + OID hash id - id-ripemd160 depends_on:MBEDTLS_MD_CAN_RIPEMD160 oid_get_md_alg_id:"2b24030201":MBEDTLS_MD_RIPEMD160 From c0a0990b6e176ff0d7efd90424242662a6597d0a Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 5 Jul 2023 19:15:53 +0100 Subject: [PATCH 12/31] Improve testing of md/PSA alg identifier macro conversions Signed-off-by: Dave Rodgman --- tests/suites/test_suite_md.function | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/tests/suites/test_suite_md.function b/tests/suites/test_suite_md.function index ac9516ab8..2768707e9 100644 --- a/tests/suites/test_suite_md.function +++ b/tests/suites/test_suite_md.function @@ -28,6 +28,11 @@ void mbedtls_md_list() TEST_EQUAL(0, mbedtls_md_starts(&ctx)); TEST_EQUAL(0, mbedtls_md_finish(&ctx, out)); mbedtls_md_free(&ctx); + + /* Ensure that we can convert to and from a psa_algorithm_t */ + psa_algorithm_t p = mbedtls_md_psa_alg_from_type(*md_type_ptr); + TEST_ASSERT(p != PSA_ALG_NONE); + TEST_EQUAL(*md_type_ptr, mbedtls_md_type_from_psa_alg(p)); } exit: From 76814b6207b141de1137a5c77b372ede829e1858 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 5 Jul 2023 19:38:21 +0100 Subject: [PATCH 13/31] fix missing include Signed-off-by: Dave Rodgman --- tests/suites/test_suite_md.function | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/suites/test_suite_md.function b/tests/suites/test_suite_md.function index 2768707e9..75087e7ee 100644 --- a/tests/suites/test_suite_md.function +++ b/tests/suites/test_suite_md.function @@ -1,5 +1,6 @@ /* BEGIN_HEADER */ #include "mbedtls/md.h" +#include "../library/md_psa.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES From 852b6c30b787f28a1fc085b7ccf3b776b0fa09f5 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 5 Jul 2023 19:47:08 +0100 Subject: [PATCH 14/31] Support MBEDTLS_MD_SHA3_xxx_VIA_PSA Signed-off-by: Dave Rodgman --- include/mbedtls/md.h | 21 +++++++++++++++++++++ library/md.c | 16 ++++++++++++++++ 2 files changed, 37 insertions(+) diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index f717618d2..de4f8758e 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -85,6 +85,26 @@ #define MBEDTLS_MD_RIPEMD160_VIA_PSA #define MBEDTLS_MD_SOME_PSA #endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_224) +#define MBEDTLS_MD_CAN_SHA3_224 +#define MBEDTLS_MD_SHA3_224_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_256) +#define MBEDTLS_MD_CAN_SHA3_256 +#define MBEDTLS_MD_SHA3_256_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_384) +#define MBEDTLS_MD_CAN_SHA3_384 +#define MBEDTLS_MD_SHA3_384_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_512) +#define MBEDTLS_MD_CAN_SHA3_512 +#define MBEDTLS_MD_SHA3_512_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif #endif /* MBEDTLS_PSA_CRYPTO_C */ /* Built-in implementations */ @@ -117,6 +137,7 @@ #define MBEDTLS_MD_CAN_SHA3_256 #define MBEDTLS_MD_CAN_SHA3_384 #define MBEDTLS_MD_CAN_SHA3_512 +#define MBEDTLS_MD_SOME_LEGACY #endif #if defined(MBEDTLS_RIPEMD160_C) #define MBEDTLS_MD_CAN_RIPEMD160 diff --git a/library/md.c b/library/md.c index b04e36445..4223c865b 100644 --- a/library/md.c +++ b/library/md.c @@ -258,6 +258,22 @@ static psa_algorithm_t psa_alg_of_md(const mbedtls_md_info_t *info) #if defined(MBEDTLS_MD_SHA512_VIA_PSA) case MBEDTLS_MD_SHA512: return PSA_ALG_SHA_512; +#endif +#if defined(MBEDTLS_MD_SHA3_224_VIA_PSA) + case MBEDTLS_MD_SHA3_224: + return PSA_ALG_SHA3_224; +#endif +#if defined(MBEDTLS_MD_SHA3_256_VIA_PSA) + case MBEDTLS_MD_SHA3_256: + return PSA_ALG_SHA3_256; +#endif +#if defined(MBEDTLS_MD_SHA3_384_VIA_PSA) + case MBEDTLS_MD_SHA3_384: + return PSA_ALG_SHA3_384; +#endif +#if defined(MBEDTLS_MD_SHA3_512_VIA_PSA) + case MBEDTLS_MD_SHA3_512: + return PSA_ALG_SHA3_512; #endif default: return PSA_ALG_NONE; From f324a74fab4969f1037d715bb3f9905a40aa0b73 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 5 Jul 2023 19:55:15 +0100 Subject: [PATCH 15/31] Add tests for MBEDTLS_MD_SHA3_xxx_VIA_PSA Signed-off-by: Dave Rodgman --- tests/suites/test_suite_md.psa.data | 48 +++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) diff --git a/tests/suites/test_suite_md.psa.data b/tests/suites/test_suite_md.psa.data index 5266f187f..cd24add46 100644 --- a/tests/suites/test_suite_md.psa.data +++ b/tests/suites/test_suite_md.psa.data @@ -85,3 +85,51 @@ md_psa_dynamic_dispatch:MBEDTLS_MD_SHA512:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_ PSA dispatch SHA512 legacy+driver depends_on:MBEDTLS_SHA512_C:MBEDTLS_MD_SHA512_VIA_PSA md_psa_dynamic_dispatch:MBEDTLS_MD_SHA512:0:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA3-224 legacy only +depends_on:MBEDTLS_SHA3_224_C:!MBEDTLS_MD_SHA3_224_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_224:0:MBEDTLS_MD_ENGINE_LEGACY + +PSA dispatch SHA3-224 driver only +depends_on:!MBEDTLS_SHA3_224_C:MBEDTLS_MD_SHA3_224_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_224:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA3-224 legacy+driver +depends_on:MBEDTLS_SHA3_224_C:MBEDTLS_MD_SHA3_224_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_224:0:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA3-256 legacy only +depends_on:MBEDTLS_SHA3_256_C:!MBEDTLS_MD_SHA3_256_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_256:0:MBEDTLS_MD_ENGINE_LEGACY + +PSA dispatch SHA3-256 driver only +depends_on:!MBEDTLS_SHA3_256_C:MBEDTLS_MD_SHA3_256_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_256:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA3-256 legacy+driver +depends_on:MBEDTLS_SHA3_256_C:MBEDTLS_MD_SHA3_256_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_256:0:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA3-384 legacy only +depends_on:MBEDTLS_SHA3_384_C:!MBEDTLS_MD_SHA3_384_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_384:0:MBEDTLS_MD_ENGINE_LEGACY + +PSA dispatch SHA3-384 driver only +depends_on:!MBEDTLS_SHA3_384_C:MBEDTLS_MD_SHA3_384_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_384:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA3-384 legacy+driver +depends_on:MBEDTLS_SHA3_384_C:MBEDTLS_MD_SHA3_384_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_384:0:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA3-512 legacy only +depends_on:MBEDTLS_SHA3_512_C:!MBEDTLS_MD_SHA3_512_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_512:0:MBEDTLS_MD_ENGINE_LEGACY + +PSA dispatch SHA3-512 driver only +depends_on:!MBEDTLS_SHA3_512_C:MBEDTLS_MD_SHA3_512_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_512:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA3-512 legacy+driver +depends_on:MBEDTLS_SHA3_512_C:MBEDTLS_MD_SHA3_512_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_512:0:MBEDTLS_MD_ENGINE_PSA From 0c2d1afaf328f840959db099b7d668474e948db8 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 5 Jul 2023 20:23:09 +0100 Subject: [PATCH 16/31] Fix free before pointers initialised Signed-off-by: Dave Rodgman --- tests/suites/test_suite_md.function | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_md.function b/tests/suites/test_suite_md.function index 75087e7ee..03b18640b 100644 --- a/tests/suites/test_suite_md.function +++ b/tests/suites/test_suite_md.function @@ -386,7 +386,6 @@ exit: void md_psa_dynamic_dispatch(int md_type, int pre_psa_ret, int post_psa_engine) { const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_type); - TEST_ASSERT(md_info != NULL); mbedtls_md_context_t ctx1, ctx2; /* Intentionally no PSA init here! (Will be done later.) */ @@ -394,6 +393,8 @@ void md_psa_dynamic_dispatch(int md_type, int pre_psa_ret, int post_psa_engine) mbedtls_md_init(&ctx1); mbedtls_md_init(&ctx2); + TEST_ASSERT(md_info != NULL); + /* Before PSA crypto init */ TEST_EQUAL(pre_psa_ret, mbedtls_md_setup(&ctx1, md_info, 0)); TEST_EQUAL(pre_psa_ret, mbedtls_md_setup(&ctx2, md_info, 0)); From 6cc1734f3e7ac9e1de336937d41cfa6ec308873f Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 5 Jul 2023 20:27:45 +0100 Subject: [PATCH 17/31] Fix test dependency Signed-off-by: Dave Rodgman --- tests/suites/test_suite_md.function | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/suites/test_suite_md.function b/tests/suites/test_suite_md.function index 03b18640b..384b408c8 100644 --- a/tests/suites/test_suite_md.function +++ b/tests/suites/test_suite_md.function @@ -30,10 +30,12 @@ void mbedtls_md_list() TEST_EQUAL(0, mbedtls_md_finish(&ctx, out)); mbedtls_md_free(&ctx); +#if defined MBEDTLS_PSA_CRYPTO_C /* Ensure that we can convert to and from a psa_algorithm_t */ psa_algorithm_t p = mbedtls_md_psa_alg_from_type(*md_type_ptr); TEST_ASSERT(p != PSA_ALG_NONE); TEST_EQUAL(*md_type_ptr, mbedtls_md_type_from_psa_alg(p)); +#endif } exit: From 8dda131a0ad44805f56ea8e6ddb7e5f68f4279bb Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 6 Jul 2023 09:30:37 +0100 Subject: [PATCH 18/31] Test OID lookup for every hash algorithm Signed-off-by: Dave Rodgman --- tests/suites/test_suite_md.function | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_md.function b/tests/suites/test_suite_md.function index 384b408c8..7a1089123 100644 --- a/tests/suites/test_suite_md.function +++ b/tests/suites/test_suite_md.function @@ -1,6 +1,8 @@ /* BEGIN_HEADER */ #include "mbedtls/md.h" #include "../library/md_psa.h" +#include "mbedtls/oid.h" +#include "mbedtls/asn1.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -30,12 +32,23 @@ void mbedtls_md_list() TEST_EQUAL(0, mbedtls_md_finish(&ctx, out)); mbedtls_md_free(&ctx); -#if defined MBEDTLS_PSA_CRYPTO_C +#if defined(MBEDTLS_PSA_CRYPTO_C) /* Ensure that we can convert to and from a psa_algorithm_t */ psa_algorithm_t p = mbedtls_md_psa_alg_from_type(*md_type_ptr); TEST_ASSERT(p != PSA_ALG_NONE); TEST_EQUAL(*md_type_ptr, mbedtls_md_type_from_psa_alg(p)); #endif + +#if defined(MBEDTLS_OID_C) + mbedtls_asn1_buf asn1; + /* Check that we have an OID definition */ + TEST_EQUAL(mbedtls_oid_get_oid_by_md((mbedtls_md_type_t) *md_type_ptr, + (const char **) &asn1.p, &asn1.len), 0); + /* Check that this OID definition maps back to the correct mbedtls_md_type_t */ + mbedtls_md_type_t m; + TEST_EQUAL(mbedtls_oid_get_md_alg(&asn1, &m), 0); + TEST_EQUAL(m, *md_type_ptr); +#endif } exit: From e3268afb117bc4e66bce2107cf6058fc7e10b633 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 25 Jul 2023 17:33:55 +0100 Subject: [PATCH 19/31] Add PSA SHA3 tests for hash_verify and multipart Signed-off-by: Dave Rodgman --- tests/suites/test_suite_psa_crypto_hash.data | 80 ++++++++++++++++++++ 1 file changed, 80 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_hash.data b/tests/suites/test_suite_psa_crypto_hash.data index 1133c398d..769df58e1 100644 --- a/tests/suites/test_suite_psa_crypto_hash.data +++ b/tests/suites/test_suite_psa_crypto_hash.data @@ -310,6 +310,22 @@ PSA hash verify: RIPEMD160 depends_on:PSA_WANT_ALG_RIPEMD160 hash_verify:PSA_ALG_RIPEMD160:"bd":"5089265ee5d9af75d12dbf7ea2f27dbdee435b37" +PSA hash verify: SHA3-224 +depends_on:PSA_WANT_ALG_SHA3_224 +hash_verify:PSA_ALG_SHA3_224:"bd":"79bd1a58a357d1a0ac15b43400bc396d17bdc6d3d90369f16f650b25" + +PSA hash verify: SHA3-256 +depends_on:PSA_WANT_ALG_SHA3_256 +hash_verify:PSA_ALG_SHA3_256:"bd":"b389fa0f45f21196cc2736e8de396497a2414be31e7a500a499918b8cf3257b2" + +PSA hash verify: SHA3-384 +depends_on:PSA_WANT_ALG_SHA3_384 +hash_verify:PSA_ALG_SHA3_384:"bd":"5a337b67965736040c5b1f2d4df7f9ca76cf01866c7d64ed8dd812b97995da9b14ef07f9c4d9190888e4b15c4df2203d" + +PSA hash verify: SHA3-512 +depends_on:PSA_WANT_ALG_SHA3_512 +hash_verify:PSA_ALG_SHA3_512:"bd":"72bacd82495cb72a44523cda462f0f02c9f33b6312e24e44f5c40deed2bbc37854b606cb2f62cce6a394b4157d8e6e89b22682380dc129dddd402693ffa98a6c" + PSA hash multi part: SHA-1 Test Vector NIST CAVS #1 depends_on:PSA_WANT_ALG_SHA_1 hash_multi_part:PSA_ALG_SHA_1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709" @@ -529,3 +545,67 @@ hash_multi_part:PSA_ALG_RIPEMD160:"4142434445464748494a4b4c4d4e4f505152535455565 PSA hash multi part: RIPEMD160 Test vector from paper #8 depends_on:PSA_WANT_ALG_RIPEMD160 hash_multi_part:PSA_ALG_RIPEMD160:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"9b752e45573d4b39f4dbd3323cab82bf63326bfb" + +PSA hash multi part: SHA3-224 Test Vector NIST "" +depends_on:PSA_WANT_ALG_SHA3_224 +hash_multi_part:PSA_ALG_SHA3_224:"":"6b4e03423667dbb73b6e15454f0eb1abd4597f9a1b078e3f5b5a6bc7" + +PSA hash multi part: SHA3-256 Test Vector NIST "" +depends_on:PSA_WANT_ALG_SHA3_256 +hash_multi_part:PSA_ALG_SHA3_256:"616263":"3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532" + +PSA hash multi part: SHA3-384 Test Vector NIST "" +depends_on:PSA_WANT_ALG_SHA3_384 +hash_multi_part:PSA_ALG_SHA3_384:"":"0c63a75b845e4f7d01107d852e4c2485c51a50aaaa94fc61995e71bbee983a2ac3713831264adb47fb6bd1e058d5f004" + +PSA hash multi part: SHA3-512 Test Vector NIST "" +depends_on:PSA_WANT_ALG_SHA3_512 +hash_multi_part:PSA_ALG_SHA3_512:"":"a69f73cca23a9ac5c8b567dc185a756e97c982164fe25859e0d1dcc1475c80a615b2123af1f5f94c11e3e9402c3ac558f500199d95b6d3e301758586281dcd26" + +PSA hash multi part: SHA3-224 Test Vector NIST "abc" +depends_on:PSA_WANT_ALG_SHA3_224 +hash_multi_part:PSA_ALG_SHA3_224:"616263":"e642824c3f8cf24ad09234ee7d3c766fc9a3a5168d0c94ad73b46fdf" + +PSA hash multi part: SHA3-256 Test Vector NIST "abc" +depends_on:PSA_WANT_ALG_SHA3_256 +hash_multi_part:PSA_ALG_SHA3_256:"616263":"3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532" + +PSA hash multi part: SHA3-384 Test Vector NIST "abc" +depends_on:PSA_WANT_ALG_SHA3_384 +hash_multi_part:PSA_ALG_SHA3_384:"616263":"ec01498288516fc926459f58e2c6ad8df9b473cb0fc08c2596da7cf0e49be4b298d88cea927ac7f539f1edf228376d25" + +PSA hash multi part: SHA3-512 Test Vector NIST "abc" +depends_on:PSA_WANT_ALG_SHA3_512 +hash_multi_part:PSA_ALG_SHA3_512:"616263":"b751850b1a57168a5693cd924b6b096e08f621827444f70d884f5d0240d2712e10e116e9192af3c91a7ec57647e3934057340b4cf408d5a56592f8274eec53f0" + +PSA hash multi part: SHA3-224 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" +depends_on:PSA_WANT_ALG_SHA3_224 +hash_multi_part:PSA_ALG_SHA3_224:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"8a24108b154ada21c9fd5574494479ba5c7e7ab76ef264ead0fcce33" + +PSA hash multi part: SHA3-256 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" +depends_on:PSA_WANT_ALG_SHA3_256 +hash_multi_part:PSA_ALG_SHA3_256:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"41c0dba2a9d6240849100376a8235e2c82e1b9998a999e21db32dd97496d3376" + +PSA hash multi part: SHA3-384 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" +depends_on:PSA_WANT_ALG_SHA3_384 +hash_multi_part:PSA_ALG_SHA3_384:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"991c665755eb3a4b6bbdfb75c78a492e8c56a22c5c4d7e429bfdbc32b9d4ad5aa04a1f076e62fea19eef51acd0657c22" + +PSA hash multi part: SHA3-512 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" +depends_on:PSA_WANT_ALG_SHA3_512 +hash_multi_part:PSA_ALG_SHA3_512:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"04a371e84ecfb5b8b77cb48610fca8182dd457ce6f326a0fd3d7ec2f1e91636dee691fbe0c985302ba1b0d8dc78c086346b533b49c030d99a27daf1139d6e75e" + +PSA hash multi part: SHA3-224 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" +depends_on:PSA_WANT_ALG_SHA3_224 +hash_multi_part:PSA_ALG_SHA3_224:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"543e6868e1666c1a643630df77367ae5a62a85070a51c14cbf665cbc" + +PSA hash multi part: SHA3-256 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" +depends_on:PSA_WANT_ALG_SHA3_256 +hash_multi_part:PSA_ALG_SHA3_256:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"916f6061fe879741ca6469b43971dfdb28b1a32dc36cb3254e812be27aad1d18" + +PSA hash multi part: SHA3-384 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" +depends_on:PSA_WANT_ALG_SHA3_384 +hash_multi_part:PSA_ALG_SHA3_384:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"79407d3b5916b59c3e30b09822974791c313fb9ecc849e406f23592d04f625dc8c709b98b43b3852b337216179aa7fc7" + +PSA hash multi part: SHA3-512 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" +depends_on:PSA_WANT_ALG_SHA3_512 +hash_multi_part:PSA_ALG_SHA3_512:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"afebb2ef542e6579c50cad06d2e578f9f8dd6881d7dc824d26360feebf18a4fa73e3261122948efcfd492e74e82e2189ed0fb440d187f382270cb455f21dd185" From fe5adfe54708b146ddda295961c635bb5472f27f Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 26 Jul 2023 17:58:48 +0100 Subject: [PATCH 20/31] Add HMAC test-cases for SHA3 Signed-off-by: Dave Rodgman --- tests/suites/test_suite_psa_crypto_hash.data | 19 ++++++++++ .../test_suite_psa_crypto_hash.function | 35 +++++++++++++++++++ 2 files changed, 54 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_hash.data b/tests/suites/test_suite_psa_crypto_hash.data index 769df58e1..58bf0cf50 100644 --- a/tests/suites/test_suite_psa_crypto_hash.data +++ b/tests/suites/test_suite_psa_crypto_hash.data @@ -609,3 +609,22 @@ hash_multi_part:PSA_ALG_SHA3_384:"6162636465666768626364656667686963646566676869 PSA hash multi part: SHA3-512 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" depends_on:PSA_WANT_ALG_SHA3_512 hash_multi_part:PSA_ALG_SHA3_512:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"afebb2ef542e6579c50cad06d2e578f9f8dd6881d7dc824d26360feebf18a4fa73e3261122948efcfd492e74e82e2189ed0fb440d187f382270cb455f21dd185" + +# HMAC test vectors generated in python with e.g. +# import hmac; hmac.new(bytes([0xaa]*32), b'abc', 'SHA3-224').hexdigest() + +PSA HMAC SHA3-224 +depends_on:PSA_WANT_ALG_SHA3_224 +hmac:PSA_ALG_SHA3_224:"abc":"bf0905154ad610b6a3d6d0b9a1c692494e987337d956624a066d7a1f" + +PSA HMAC SHA3-256 +depends_on:PSA_WANT_ALG_SHA3_256 +hmac:PSA_ALG_SHA3_256:"abc":"a986419a162b6d4731a8e96e44a2c6e784d50137907b457c9fb77c62705dc4d9" + +PSA HMAC SHA3-384 +depends_on:PSA_WANT_ALG_SHA3_384 +hmac:PSA_ALG_SHA3_384:"abc":"87b864ee25f8bfebd516eddd7cdd400d3c368a09e4b1fabaee5636da8a9c876c3f802c366537663910f2e6c5a8426381" + +PSA HMAC SHA3-512 +depends_on:PSA_WANT_ALG_SHA3_512 +hmac:PSA_ALG_SHA3_512:"abc":"2cef45b6950e41a70bc85cb431b2161d47c9e2932187fa15d80e3b7af1da38aa8fe823a72efd7e536e5236a5b0798418d8c8f08b0de5fc262867bb3752b6482d" diff --git a/tests/suites/test_suite_psa_crypto_hash.function b/tests/suites/test_suite_psa_crypto_hash.function index f12541d68..75dde5530 100644 --- a/tests/suites/test_suite_psa_crypto_hash.function +++ b/tests/suites/test_suite_psa_crypto_hash.function @@ -1,6 +1,7 @@ /* BEGIN_HEADER */ #include +#include "psa/crypto.h" /* END_HEADER */ @@ -34,6 +35,40 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void hmac(int alg_arg, char *input, data_t *expected_mac) +{ + psa_algorithm_t alg = PSA_ALG_HMAC(alg_arg); + + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_type_t key_type = PSA_KEY_TYPE_HMAC; + const uint8_t key_data[] = { // 32 bytes of 0xaa + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa + }; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + PSA_ASSERT(psa_crypto_init()); + + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); + PSA_ASSERT(psa_import_key(&attributes, key_data, sizeof(key_data), &key)); + + uint8_t mac[PSA_MAC_MAX_SIZE + 10] = { 0 }; + size_t mac_length = 0; + + PSA_ASSERT(psa_mac_compute(key, alg, (uint8_t const *) input, strlen(input), mac, sizeof(mac), &mac_length)); + + ASSERT_COMPARE(expected_mac->x, expected_mac->len, mac, mac_length); + + PSA_ASSERT(psa_destroy_key(key)); +exit: + PSA_DONE(); +} +/* END_CASE */ + /* BEGIN_CASE */ void hash_verify(int alg_arg, data_t *input, data_t *expected_hash) { From faff45c917fee85ea3d624c07d2044f7c3c4fb27 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 26 Jul 2023 18:13:58 +0100 Subject: [PATCH 21/31] Add HMAC tests for other digest algorithms Signed-off-by: Dave Rodgman --- tests/suites/test_suite_psa_crypto_hash.data | 24 ++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_hash.data b/tests/suites/test_suite_psa_crypto_hash.data index 58bf0cf50..5f4313a15 100644 --- a/tests/suites/test_suite_psa_crypto_hash.data +++ b/tests/suites/test_suite_psa_crypto_hash.data @@ -628,3 +628,27 @@ hmac:PSA_ALG_SHA3_384:"abc":"87b864ee25f8bfebd516eddd7cdd400d3c368a09e4b1fabaee5 PSA HMAC SHA3-512 depends_on:PSA_WANT_ALG_SHA3_512 hmac:PSA_ALG_SHA3_512:"abc":"2cef45b6950e41a70bc85cb431b2161d47c9e2932187fa15d80e3b7af1da38aa8fe823a72efd7e536e5236a5b0798418d8c8f08b0de5fc262867bb3752b6482d" + +PSA HMAC SHA-1 +depends_on:PSA_WANT_ALG_SHA_1 +hmac:PSA_ALG_SHA_1:"abc":"0b3a7f96afea3e14a0835f7c9468a24649f85596" + +PSA HMAC SHA-224 +depends_on:PSA_WANT_ALG_SHA_224 +hmac:PSA_ALG_SHA_224:"abc":"249c405cef8bcd3ceeafdb9a933179739fb9b1d7f174df4667ec82f3" + +PSA HMAC SHA-256 +depends_on:PSA_WANT_ALG_SHA_256 +hmac:PSA_ALG_SHA_256:"abc":"b89a1b878289c739595104da55b6f7a8afec3e0757fc166080dc267c09c46841" + +PSA HMAC SHA-384 +depends_on:PSA_WANT_ALG_SHA_384 +hmac:PSA_ALG_SHA_384:"abc":"25a8b55c884bc38286305f76332631726498f5586280b88bc6179cd00c6878fb7d1bb3ee1643fcd2fb02b95823ff1af2" + +PSA HMAC SHA-512 +depends_on:PSA_WANT_ALG_SHA_512 +hmac:PSA_ALG_SHA_512:"abc":"d6e5eebb5cf27f5b686fefc416ee8c431bb10770216aa3c6ba13897ef3fc040b98abc53b95039f2c50622473f958af64a3cae1afbea8ffffa8d35ca24f31e222" + +PSA HMAC RIPEMD160 +depends_on:PSA_WANT_ALG_RIPEMD160 +hmac:PSA_ALG_RIPEMD160:"abc":"114a5cf4637f57c044472e1a0b87cce9137190b2" From 44fae4908d8fed4b07f73f33ebc1b88184b2dc7c Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 26 Jul 2023 18:45:19 +0100 Subject: [PATCH 22/31] Add PSA HMAC MD5 test Signed-off-by: Dave Rodgman --- tests/suites/test_suite_psa_crypto_hash.data | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_hash.data b/tests/suites/test_suite_psa_crypto_hash.data index 5f4313a15..33ced8239 100644 --- a/tests/suites/test_suite_psa_crypto_hash.data +++ b/tests/suites/test_suite_psa_crypto_hash.data @@ -652,3 +652,7 @@ hmac:PSA_ALG_SHA_512:"abc":"d6e5eebb5cf27f5b686fefc416ee8c431bb10770216aa3c6ba13 PSA HMAC RIPEMD160 depends_on:PSA_WANT_ALG_RIPEMD160 hmac:PSA_ALG_RIPEMD160:"abc":"114a5cf4637f57c044472e1a0b87cce9137190b2" + +PSA HMAC MD5 +depends_on:PSA_WANT_ALG_MD5 +hmac:PSA_ALG_MD5:"abc":"39677b12b80118927387aa4a65d16a5e" From 0c383858580d24888e57377f9946b97972fb5c43 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 27 Jul 2023 12:54:09 +0100 Subject: [PATCH 23/31] Use psa_mac_compare in tests; add some HMAC edge-cases Signed-off-by: Dave Rodgman --- tests/suites/test_suite_psa_crypto_hash.data | 12 ++++++++++++ tests/suites/test_suite_psa_crypto_hash.function | 7 +++++-- 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_hash.data b/tests/suites/test_suite_psa_crypto_hash.data index 33ced8239..f957bf16d 100644 --- a/tests/suites/test_suite_psa_crypto_hash.data +++ b/tests/suites/test_suite_psa_crypto_hash.data @@ -656,3 +656,15 @@ hmac:PSA_ALG_RIPEMD160:"abc":"114a5cf4637f57c044472e1a0b87cce9137190b2" PSA HMAC MD5 depends_on:PSA_WANT_ALG_MD5 hmac:PSA_ALG_MD5:"abc":"39677b12b80118927387aa4a65d16a5e" + +PSA HMAC input length 0 +depends_on:PSA_WANT_ALG_SHA_256 +hmac:PSA_ALG_SHA_256:"":"63210aee265762634fa3db8c1aa920dcd07d31ec297309580394a21412f83372" + +PSA HMAC input length 1 +depends_on:PSA_WANT_ALG_SHA_256 +hmac:PSA_ALG_SHA_256:"x":"f61c11d66441e3c0b9902a8491caa2da5a0d0d95ef0fc61d8a3b5ea5e0416f5c" + +PSA HMAC input length 2890 +depends_on:PSA_WANT_ALG_SHA_256 +hmac:PSA_ALG_SHA_256:"0123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999":"dd2e08786029097be5f634fda74a7e20e3e1638e71282892c4fd21d9a71ae418" diff --git a/tests/suites/test_suite_psa_crypto_hash.function b/tests/suites/test_suite_psa_crypto_hash.function index 75dde5530..8ee459e43 100644 --- a/tests/suites/test_suite_psa_crypto_hash.function +++ b/tests/suites/test_suite_psa_crypto_hash.function @@ -51,7 +51,7 @@ void hmac(int alg_arg, char *input, data_t *expected_mac) PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE); psa_set_key_algorithm(&attributes, alg); psa_set_key_type(&attributes, key_type); PSA_ASSERT(psa_import_key(&attributes, key_data, sizeof(key_data), &key)); @@ -59,10 +59,13 @@ void hmac(int alg_arg, char *input, data_t *expected_mac) uint8_t mac[PSA_MAC_MAX_SIZE + 10] = { 0 }; size_t mac_length = 0; - PSA_ASSERT(psa_mac_compute(key, alg, (uint8_t const *) input, strlen(input), mac, sizeof(mac), &mac_length)); + size_t input_len = strlen(input); + PSA_ASSERT(psa_mac_compute(key, alg, (uint8_t const *) input, input_len, mac, sizeof(mac), &mac_length)); ASSERT_COMPARE(expected_mac->x, expected_mac->len, mac, mac_length); + PSA_ASSERT(psa_mac_verify(key, alg, (uint8_t const *) input, input_len, expected_mac->x, expected_mac->len)); + PSA_ASSERT(psa_destroy_key(key)); exit: PSA_DONE(); From d2c9f6d256990628f8179ad6e3006f38f6db166d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 27 Jul 2023 13:00:02 +0100 Subject: [PATCH 24/31] Strengthen psa_mac_verify testing Signed-off-by: Dave Rodgman --- tests/suites/test_suite_psa_crypto_hash.function | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_hash.function b/tests/suites/test_suite_psa_crypto_hash.function index 8ee459e43..bd3012c4d 100644 --- a/tests/suites/test_suite_psa_crypto_hash.function +++ b/tests/suites/test_suite_psa_crypto_hash.function @@ -62,10 +62,16 @@ void hmac(int alg_arg, char *input, data_t *expected_mac) size_t input_len = strlen(input); PSA_ASSERT(psa_mac_compute(key, alg, (uint8_t const *) input, input_len, mac, sizeof(mac), &mac_length)); + // manual comparison against expected MAC ASSERT_COMPARE(expected_mac->x, expected_mac->len, mac, mac_length); + // use psa_mac_verify to compare to expected MAC PSA_ASSERT(psa_mac_verify(key, alg, (uint8_t const *) input, input_len, expected_mac->x, expected_mac->len)); + // corrupt the MAC and check that psa_mac_verify fails + expected_mac->x[0] ^= 0x7f; + TEST_EQUAL(psa_mac_verify(key, alg, (uint8_t const *) input, input_len, expected_mac->x, expected_mac->len), PSA_ERROR_INVALID_SIGNATURE); + PSA_ASSERT(psa_destroy_key(key)); exit: PSA_DONE(); From 5c603822011b726498f52e914109bd351c50b008 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 27 Jul 2023 13:28:41 +0100 Subject: [PATCH 25/31] code style Signed-off-by: Dave Rodgman --- tests/suites/test_suite_psa_crypto_hash.function | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_hash.function b/tests/suites/test_suite_psa_crypto_hash.function index bd3012c4d..de009a3ad 100644 --- a/tests/suites/test_suite_psa_crypto_hash.function +++ b/tests/suites/test_suite_psa_crypto_hash.function @@ -60,17 +60,20 @@ void hmac(int alg_arg, char *input, data_t *expected_mac) size_t mac_length = 0; size_t input_len = strlen(input); - PSA_ASSERT(psa_mac_compute(key, alg, (uint8_t const *) input, input_len, mac, sizeof(mac), &mac_length)); + PSA_ASSERT(psa_mac_compute(key, alg, (uint8_t const *) input, input_len, mac, sizeof(mac), + &mac_length)); // manual comparison against expected MAC ASSERT_COMPARE(expected_mac->x, expected_mac->len, mac, mac_length); // use psa_mac_verify to compare to expected MAC - PSA_ASSERT(psa_mac_verify(key, alg, (uint8_t const *) input, input_len, expected_mac->x, expected_mac->len)); + PSA_ASSERT(psa_mac_verify(key, alg, (uint8_t const *) input, input_len, expected_mac->x, + expected_mac->len)); // corrupt the MAC and check that psa_mac_verify fails expected_mac->x[0] ^= 0x7f; - TEST_EQUAL(psa_mac_verify(key, alg, (uint8_t const *) input, input_len, expected_mac->x, expected_mac->len), PSA_ERROR_INVALID_SIGNATURE); + TEST_EQUAL(psa_mac_verify(key, alg, (uint8_t const *) input, input_len, expected_mac->x, + expected_mac->len), PSA_ERROR_INVALID_SIGNATURE); PSA_ASSERT(psa_destroy_key(key)); exit: From 2d626cc44fc32112d1e95160f6fd28d32ed8535a Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 27 Jul 2023 14:43:55 +0100 Subject: [PATCH 26/31] Fix missing opening brace in comments Signed-off-by: Dave Rodgman --- include/mbedtls/oid.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h index f89420589..133e5d41b 100644 --- a/include/mbedtls/oid.h +++ b/include/mbedtls/oid.h @@ -270,13 +270,13 @@ #define MBEDTLS_OID_DIGEST_ALG_RIPEMD160 MBEDTLS_OID_TELETRUST "\x03\x02\x01" /**< id-ripemd160 OBJECT IDENTIFIER :: { iso(1) identified-organization(3) teletrust(36) algorithm(3) hashAlgorithm(2) ripemd160(1) } */ -#define MBEDTLS_OID_DIGEST_ALG_SHA3_224 MBEDTLS_OID_NIST_ALG "\x02\x07" /**< id-sha3-224 OBJECT IDENTIFIER ::= joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-224(7) } */ +#define MBEDTLS_OID_DIGEST_ALG_SHA3_224 MBEDTLS_OID_NIST_ALG "\x02\x07" /**< id-sha3-224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-224(7) } */ -#define MBEDTLS_OID_DIGEST_ALG_SHA3_256 MBEDTLS_OID_NIST_ALG "\x02\x08" /**< id-sha3-256 OBJECT IDENTIFIER ::= joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-256(8) } */ +#define MBEDTLS_OID_DIGEST_ALG_SHA3_256 MBEDTLS_OID_NIST_ALG "\x02\x08" /**< id-sha3-256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-256(8) } */ -#define MBEDTLS_OID_DIGEST_ALG_SHA3_384 MBEDTLS_OID_NIST_ALG "\x02\x09" /**< id-sha3-384 OBJECT IDENTIFIER ::= joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-384(9) } */ +#define MBEDTLS_OID_DIGEST_ALG_SHA3_384 MBEDTLS_OID_NIST_ALG "\x02\x09" /**< id-sha3-384 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-384(9) } */ -#define MBEDTLS_OID_DIGEST_ALG_SHA3_512 MBEDTLS_OID_NIST_ALG "\x02\x0a" /**< id-sha3-512 OBJECT IDENTIFIER ::= joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-512(10) } */ +#define MBEDTLS_OID_DIGEST_ALG_SHA3_512 MBEDTLS_OID_NIST_ALG "\x02\x0a" /**< id-sha3-512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-512(10) } */ #define MBEDTLS_OID_HMAC_SHA1 MBEDTLS_OID_RSA_COMPANY "\x02\x07" /**< id-hmacWithSHA1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 7 } */ From a2cdc840de5aa0363d45ce9ebbba95cdda8ed7a9 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 27 Jul 2023 14:44:13 +0100 Subject: [PATCH 27/31] Fix pre-existing missing closing #endif comment Signed-off-by: Dave Rodgman --- library/oid.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/oid.c b/library/oid.c index 9ea41cbae..43fa0003d 100644 --- a/library/oid.c +++ b/library/oid.c @@ -820,7 +820,7 @@ static const oid_md_hmac_t oid_md_hmac[] = OID_DESCRIPTOR(MBEDTLS_OID_HMAC_SHA224, "hmacSHA224", "HMAC-SHA-224"), MBEDTLS_MD_SHA224, }, -#endif +#endif /* MBEDTLS_MD_CAN_SHA224 */ #if defined(MBEDTLS_MD_CAN_SHA256) { OID_DESCRIPTOR(MBEDTLS_OID_HMAC_SHA256, "hmacSHA256", "HMAC-SHA-256"), From 5cc67a3ee2fc2676d84b71dfc5bbaad6caec01eb Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 27 Jul 2023 14:44:35 +0100 Subject: [PATCH 28/31] Add OIDs for HMAC-SHA3 Signed-off-by: Dave Rodgman --- include/mbedtls/oid.h | 8 ++++++++ library/oid.c | 24 ++++++++++++++++++++++++ 2 files changed, 32 insertions(+) diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h index 133e5d41b..3c9831be5 100644 --- a/include/mbedtls/oid.h +++ b/include/mbedtls/oid.h @@ -289,6 +289,14 @@ #define MBEDTLS_OID_HMAC_SHA512 MBEDTLS_OID_RSA_COMPANY "\x02\x0B" /**< id-hmacWithSHA512 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 11 } */ +#define MBEDTLS_OID_HMAC_SHA3_224 MBEDTLS_OID_NIST_ALG "\x02\x0d" /**< id-hmacWithSHA3-512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) hmacWithSHA3-224(13) } */ + +#define MBEDTLS_OID_HMAC_SHA3_256 MBEDTLS_OID_NIST_ALG "\x02\x0e" /**< id-hmacWithSHA3-512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) hmacWithSHA3-256(14) } */ + +#define MBEDTLS_OID_HMAC_SHA3_384 MBEDTLS_OID_NIST_ALG "\x02\x0f" /**< id-hmacWithSHA3-512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) hmacWithSHA3-384(15) } */ + +#define MBEDTLS_OID_HMAC_SHA3_512 MBEDTLS_OID_NIST_ALG "\x02\x10" /**< id-hmacWithSHA3-512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) hmacWithSHA3-512(16) } */ + /* * Encryption algorithms */ diff --git a/library/oid.c b/library/oid.c index 43fa0003d..e12f92485 100644 --- a/library/oid.c +++ b/library/oid.c @@ -839,6 +839,30 @@ static const oid_md_hmac_t oid_md_hmac[] = MBEDTLS_MD_SHA512, }, #endif /* MBEDTLS_MD_CAN_SHA512 */ +#if defined(MBEDTLS_MD_CAN_SHA3_224) + { + OID_DESCRIPTOR(MBEDTLS_OID_HMAC_SHA3_224, "hmacSHA3-224", "HMAC-SHA3-224"), + MBEDTLS_MD_SHA3_224, + }, +#endif /* MBEDTLS_MD_CAN_SHA3_224 */ +#if defined(MBEDTLS_MD_CAN_SHA3_256) + { + OID_DESCRIPTOR(MBEDTLS_OID_HMAC_SHA3_256, "hmacSHA3-256", "HMAC-SHA3-256"), + MBEDTLS_MD_SHA3_256, + }, +#endif /* MBEDTLS_MD_CAN_SHA3_256 */ +#if defined(MBEDTLS_MD_CAN_SHA3_384) + { + OID_DESCRIPTOR(MBEDTLS_OID_HMAC_SHA3_384, "hmacSHA3-384", "HMAC-SHA3-384"), + MBEDTLS_MD_SHA3_384, + }, +#endif /* MBEDTLS_MD_CAN_SHA3_384 */ +#if defined(MBEDTLS_MD_CAN_SHA3_512) + { + OID_DESCRIPTOR(MBEDTLS_OID_HMAC_SHA3_512, "hmacSHA3-512", "HMAC-SHA3-512"), + MBEDTLS_MD_SHA3_512, + }, +#endif /* MBEDTLS_MD_CAN_SHA3_512 */ { NULL_OID_DESCRIPTOR, MBEDTLS_MD_NONE, From f2e3eb8bd9f4c5bde788076e2cb6a42979295822 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 27 Jul 2023 15:46:05 +0100 Subject: [PATCH 29/31] Add OID for HMAC-RIPEMD160 Signed-off-by: Dave Rodgman --- include/mbedtls/oid.h | 2 ++ library/oid.c | 6 ++++++ 2 files changed, 8 insertions(+) diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h index 3c9831be5..954507229 100644 --- a/include/mbedtls/oid.h +++ b/include/mbedtls/oid.h @@ -297,6 +297,8 @@ #define MBEDTLS_OID_HMAC_SHA3_512 MBEDTLS_OID_NIST_ALG "\x02\x10" /**< id-hmacWithSHA3-512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) hmacWithSHA3-512(16) } */ +#define MBEDTLS_OID_HMAC_RIPEMD160 MBEDTLS_OID_INTERNET "\x05\x05\x08\x01\x04" /**< id-hmacWithSHA1 OBJECT IDENTIFIER ::= {iso(1) iso-identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) ipsec(8) isakmpOakley(1) hmacRIPEMD160(4)} */ + /* * Encryption algorithms */ diff --git a/library/oid.c b/library/oid.c index e12f92485..608b6c8ca 100644 --- a/library/oid.c +++ b/library/oid.c @@ -863,6 +863,12 @@ static const oid_md_hmac_t oid_md_hmac[] = MBEDTLS_MD_SHA3_512, }, #endif /* MBEDTLS_MD_CAN_SHA3_512 */ +#if defined(MBEDTLS_MD_CAN_RIPEMD160) + { + OID_DESCRIPTOR(MBEDTLS_OID_HMAC_RIPEMD160, "hmacRIPEMD160", "HMAC-RIPEMD160"), + MBEDTLS_MD_RIPEMD160, + }, +#endif /* MBEDTLS_MD_CAN_RIPEMD160 */ { NULL_OID_DESCRIPTOR, MBEDTLS_MD_NONE, From a0f81e8ef853f4dfef1e6f776b722fbb073a5e82 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 27 Jul 2023 15:46:33 +0100 Subject: [PATCH 30/31] Add OID tests for HMAC-xxx Signed-off-by: Dave Rodgman --- tests/suites/test_suite_oid.data | 40 ++++++++++++++++++++++++++++ tests/suites/test_suite_oid.function | 23 ++++++++++++++++ 2 files changed, 63 insertions(+) diff --git a/tests/suites/test_suite_oid.data b/tests/suites/test_suite_oid.data index cc23c5b66..f8f1d43aa 100644 --- a/tests/suites/test_suite_oid.data +++ b/tests/suites/test_suite_oid.data @@ -201,3 +201,43 @@ oid_from_numeric_string:"2.4294967215":0:"8FFFFFFF7F" OID from numeric string - OID with overflowing subidentifier oid_from_numeric_string:"2.4294967216":MBEDTLS_ERR_ASN1_INVALID_DATA:"" + +mbedtls_oid_get_md_hmac - RIPEMD160 +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +mbedtls_oid_get_md_hmac:"2B06010505080104":MBEDTLS_MD_RIPEMD160 + +mbedtls_oid_get_md_hmac - SHA1 +depends_on:MBEDTLS_MD_CAN_SHA1 +mbedtls_oid_get_md_hmac:"2A864886F70D0207":MBEDTLS_MD_SHA1 + +mbedtls_oid_get_md_hmac - SHA224 +depends_on:MBEDTLS_MD_CAN_SHA224 +mbedtls_oid_get_md_hmac:"2A864886F70D0208":MBEDTLS_MD_SHA224 + +mbedtls_oid_get_md_hmac - SHA256 +depends_on:MBEDTLS_MD_CAN_SHA256 +mbedtls_oid_get_md_hmac:"2A864886F70D0209":MBEDTLS_MD_SHA256 + +mbedtls_oid_get_md_hmac - SHA384 +depends_on:MBEDTLS_MD_CAN_SHA384 +mbedtls_oid_get_md_hmac:"2A864886F70D020A":MBEDTLS_MD_SHA384 + +mbedtls_oid_get_md_hmac - SHA512 +depends_on:MBEDTLS_MD_CAN_SHA512 +mbedtls_oid_get_md_hmac:"2A864886F70D020B":MBEDTLS_MD_SHA512 + +mbedtls_oid_get_md_hmac - SHA3_224 +depends_on:MBEDTLS_MD_CAN_SHA3_224 +mbedtls_oid_get_md_hmac:"60864801650304020D":MBEDTLS_MD_SHA3_224 + +mbedtls_oid_get_md_hmac - SHA3_256 +depends_on:MBEDTLS_MD_CAN_SHA3_256 +mbedtls_oid_get_md_hmac:"60864801650304020E":MBEDTLS_MD_SHA3_256 + +mbedtls_oid_get_md_hmac - SHA3_384 +depends_on:MBEDTLS_MD_CAN_SHA3_384 +mbedtls_oid_get_md_hmac:"60864801650304020F":MBEDTLS_MD_SHA3_384 + +mbedtls_oid_get_md_hmac - SHA3_512 +depends_on:MBEDTLS_MD_CAN_SHA3_512 +mbedtls_oid_get_md_hmac:"608648016503040210":MBEDTLS_MD_SHA3_512 diff --git a/tests/suites/test_suite_oid.function b/tests/suites/test_suite_oid.function index 3adc6af0b..337f84310 100644 --- a/tests/suites/test_suite_oid.function +++ b/tests/suites/test_suite_oid.function @@ -96,6 +96,29 @@ void oid_get_md_alg_id(data_t *oid, int exp_md_id) } /* END_CASE */ +/* BEGIN_CASE */ +void mbedtls_oid_get_md_hmac(data_t *oid, int exp_md_id) +{ + mbedtls_asn1_buf md_oid = { 0, 0, NULL }; + int ret; + mbedtls_md_type_t md_id = 0; + + md_oid.tag = MBEDTLS_ASN1_OID; + md_oid.p = oid->x; + md_oid.len = oid->len; + + ret = mbedtls_oid_get_md_hmac(&md_oid, &md_id); + + if (exp_md_id < 0) { + TEST_ASSERT(ret == MBEDTLS_ERR_OID_NOT_FOUND); + TEST_ASSERT(md_id == 0); + } else { + TEST_ASSERT(ret == 0); + TEST_ASSERT((mbedtls_md_type_t) exp_md_id == md_id); + } +} +/* END_CASE */ + /* BEGIN_CASE */ void oid_get_numeric_string(data_t *oid, int error_ret, char *result_str) { From c2ad3ad62a10d7ed5eda8f8be074b0c2723b7f27 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 28 Jul 2023 16:44:18 +0100 Subject: [PATCH 31/31] Fix error in test vectors Signed-off-by: Dave Rodgman --- tests/suites/test_suite_psa_crypto_hash.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_hash.data b/tests/suites/test_suite_psa_crypto_hash.data index f957bf16d..0a5f8765f 100644 --- a/tests/suites/test_suite_psa_crypto_hash.data +++ b/tests/suites/test_suite_psa_crypto_hash.data @@ -164,7 +164,7 @@ hash_finish:PSA_ALG_SHA3_224:"":"6b4e03423667dbb73b6e15454f0eb1abd4597f9a1b078e3 PSA hash finish: SHA3-256 Test Vector NIST "" depends_on:PSA_WANT_ALG_SHA3_256 -hash_finish:PSA_ALG_SHA3_256:"616263":"3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532" +hash_finish:PSA_ALG_SHA3_256:"":"a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a" PSA hash finish: SHA3-384 Test Vector NIST "" depends_on:PSA_WANT_ALG_SHA3_384 @@ -552,7 +552,7 @@ hash_multi_part:PSA_ALG_SHA3_224:"":"6b4e03423667dbb73b6e15454f0eb1abd4597f9a1b0 PSA hash multi part: SHA3-256 Test Vector NIST "" depends_on:PSA_WANT_ALG_SHA3_256 -hash_multi_part:PSA_ALG_SHA3_256:"616263":"3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532" +hash_multi_part:PSA_ALG_SHA3_256:"":"a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a" PSA hash multi part: SHA3-384 Test Vector NIST "" depends_on:PSA_WANT_ALG_SHA3_384