Merge pull request #8734 from valeriosetti/issue8564

Add test for driver-only HMAC
This commit is contained in:
Gilles Peskine 2024-02-14 13:43:40 +00:00 committed by GitHub
commit 3ea9450463
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
6 changed files with 133 additions and 4 deletions

View file

@ -105,7 +105,28 @@ provided by a driver or built-in, you should use the following macros:
- for code that uses only the PSA Crypto API: `PSA_WANT_ALG_xxx` from - for code that uses only the PSA Crypto API: `PSA_WANT_ALG_xxx` from
`psa/crypto.h`; `psa/crypto.h`;
- for code that uses non-PSA crypto APIs: `MBEDTLS_MD_CAN_xxx` from - for code that uses non-PSA crypto APIs: `MBEDTLS_MD_CAN_xxx` from
`mbedtls/md.h`. `mbedtls/config_adjust_legacy_crypto.h`.
### HMAC
In addition to accelerated hash operations, it is also possible to accelerate
HMAC by enabling and accelerating:
- HMAC algorithm and key type, i.e. `[PSA_WANT|MBEDTLS_PSA_ACCEL]_ALG_HMAC` and
`[PSA_WANT|MBEDTLS_PSA_ACCEL]KEY_TYPE_HMAC`.
- Required hash algorithm(s) as explained in [Hashes](#hashes) section.
In such a build it is possible to disable legacy HMAC support by disabling
`MBEDTLS_MD_C` and still getting crypto operations, X.509 and TLS to work as
usual. Exceptions are:
- As mentioned in [Hashes](#hashes) direct calls to legacy lo-level hash APIs
(`mbedtls_sha256()` etc.) will not be possible for the legacy modules that
are disabled.
- Legacy HMAC support (`mbedtls_md_hmac_xxx()`) won't be possible.
- `MBEDTLS_PKCS[5|7]_C`, `MBEDTLS_HMAC_DRBG_C` and `MBEDTLS_HKDF_C` since they
depend on the legacy implementation of HMAC.
- disabling HMAC_DRBG_C cause deterministic ECDSA (i.e.
`MBEDTLS_DETERMINISTIC_ECDSA` on the legacy side and
`PSA_WANT_ALG_DETERMINISTIC_ECDSA` on the PSA one) to be not available.
Elliptic-curve cryptography (ECC) Elliptic-curve cryptography (ECC)
--------------------------------- ---------------------------------

View file

@ -14,7 +14,8 @@
#if !defined(MBEDTLS_X509_CSR_WRITE_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \ #if !defined(MBEDTLS_X509_CSR_WRITE_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \
!defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_MD_CAN_SHA256) || \ !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_MD_CAN_SHA256) || \
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
!defined(MBEDTLS_PEM_WRITE_C) || !defined(MBEDTLS_FS_IO) !defined(MBEDTLS_PEM_WRITE_C) || !defined(MBEDTLS_FS_IO) || \
!defined(MBEDTLS_MD_C)
int main(void) int main(void)
{ {
mbedtls_printf("MBEDTLS_X509_CSR_WRITE_C and/or MBEDTLS_FS_IO and/or " mbedtls_printf("MBEDTLS_X509_CSR_WRITE_C and/or MBEDTLS_FS_IO and/or "

View file

@ -15,7 +15,7 @@
!defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
!defined(MBEDTLS_ERROR_C) || !defined(MBEDTLS_MD_CAN_SHA256) || \ !defined(MBEDTLS_ERROR_C) || !defined(MBEDTLS_MD_CAN_SHA256) || \
!defined(MBEDTLS_PEM_WRITE_C) !defined(MBEDTLS_PEM_WRITE_C) || !defined(MBEDTLS_MD_C)
int main(void) int main(void)
{ {
mbedtls_printf("MBEDTLS_X509_CRT_WRITE_C and/or MBEDTLS_X509_CRT_PARSE_C and/or " mbedtls_printf("MBEDTLS_X509_CRT_WRITE_C and/or MBEDTLS_X509_CRT_PARSE_C and/or "

View file

@ -3691,6 +3691,75 @@ component_test_psa_crypto_config_reference_hash_use_psa() {
tests/ssl-opt.sh tests/ssl-opt.sh
} }
# Auxiliary function to build config for hashes with and without drivers
config_psa_crypto_hmac_use_psa () {
driver_only="$1"
# start with config full for maximum coverage (also enables USE_PSA)
helper_libtestdriver1_adjust_config "full"
if [ "$driver_only" -eq 1 ]; then
# Disable MD_C in order to disable the builtin support for HMAC. MD_LIGHT
# is still enabled though (for ENTROPY_C among others).
scripts/config.py unset MBEDTLS_MD_C
# Disable also the builtin hashes since they are supported by the driver
# and MD module is able to perform PSA dispathing.
scripts/config.py unset-all MBEDTLS_SHA
scripts/config.py unset MBEDTLS_MD5_C
scripts/config.py unset MBEDTLS_RIPEMD160_C
fi
# Direct dependencies of MD_C. We disable them also in the reference
# component to work with the same set of features.
scripts/config.py unset MBEDTLS_PKCS7_C
scripts/config.py unset MBEDTLS_PKCS5_C
scripts/config.py unset MBEDTLS_HMAC_DRBG_C
scripts/config.py unset MBEDTLS_HKDF_C
# Dependencies of HMAC_DRBG
scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_DETERMINISTIC_ECDSA
}
component_test_psa_crypto_config_accel_hmac() {
msg "test: full with accelerated hmac"
loc_accel_list="ALG_HMAC KEY_TYPE_HMAC \
ALG_MD5 ALG_RIPEMD160 ALG_SHA_1 \
ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512 \
ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512"
# Configure
# ---------
config_psa_crypto_hmac_use_psa 1
# Build
# -----
helper_libtestdriver1_make_drivers "$loc_accel_list"
helper_libtestdriver1_make_main "$loc_accel_list"
# Ensure that built-in support for HMAC is disabled.
not grep mbedtls_md_hmac library/md.o
# Run the tests
# -------------
msg "test: full with accelerated hmac"
make test
}
component_test_psa_crypto_config_reference_hmac() {
msg "test: full without accelerated hmac"
config_psa_crypto_hmac_use_psa 0
make
msg "test: full without accelerated hmac"
make test
}
component_test_psa_crypto_config_accel_des () { component_test_psa_crypto_config_accel_des () {
msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated DES" msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated DES"

View file

@ -240,6 +240,44 @@ KNOWN_TASKS = {
} }
} }
}, },
'analyze_driver_vs_reference_hmac': {
'test_function': do_analyze_driver_vs_reference,
'args': {
'component_ref': 'test_psa_crypto_config_reference_hmac',
'component_driver': 'test_psa_crypto_config_accel_hmac',
'ignored_suites': [
# These suites require legacy hash support, which is disabled
# in the accelerated component.
'shax', 'mdx',
# This suite tests builtins directly, but these are missing
# in the accelerated case.
'psa_crypto_low_hash.generated',
],
'ignored_tests': {
'test_suite_md': [
# Builtin HMAC is not supported in the accelerate component.
re.compile('.*HMAC.*'),
# Following tests make use of functions which are not available
# when MD_C is disabled, as it happens in the accelerated
# test component.
re.compile('generic .* Hash file .*'),
'MD list',
],
'test_suite_md.psa': [
# "legacy only" tests require hash algorithms to be NOT
# accelerated, but this of course false for the accelerated
# test component.
re.compile('PSA dispatch .* legacy only'),
],
'test_suite_platform': [
# Incompatible with sanitizers (e.g. ASan). If the driver
# component uses a sanitizer but the reference component
# doesn't, we have a PASS vs SKIP mismatch.
'Check mbedtls_calloc overallocation',
],
}
}
},
'analyze_driver_vs_reference_cipher_aead_cmac': { 'analyze_driver_vs_reference_cipher_aead_cmac': {
'test_function': do_analyze_driver_vs_reference, 'test_function': do_analyze_driver_vs_reference,
'args': { 'args': {

View file

@ -447,7 +447,7 @@ void entropy_nv_seed_std_io()
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_MD_C:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_PLATFORM_NV_SEED_ALT */ /* BEGIN_CASE depends_on:MBEDTLS_MD_LIGHT:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_PLATFORM_NV_SEED_ALT */
void entropy_nv_seed(data_t *read_seed) void entropy_nv_seed(data_t *read_seed)
{ {
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)