Add flag for removing deprecated API

Add the compile time option PSA_PRE_1_0_KEY_DERIVATION. If this is not
turned on, then the function `psa_key_derivation()` is removed.

Most of the tests regarding key derivation haven't been adapted to the
new API yet and some of them have only been adapted partially. When this
new option is turned off, the tests using the old API and test cases
using the old API of partially adapted tests are skipped.

The sole purpose of this option is to make the transition to the new API
smoother. Once the transition is complete it can and should be removed
along with the old API and its implementation.
This commit is contained in:
Janos Follath 2019-06-11 09:14:47 +01:00
parent ed87d31d7d
commit 71a4c9125b
5 changed files with 54 additions and 23 deletions

View file

@ -224,6 +224,17 @@ void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats );
psa_status_t mbedtls_psa_inject_entropy(const unsigned char *seed,
size_t seed_size);
/*
* If this option is not turned on, then the function `psa_key_derivation()`
* is removed.
*
* The sole purpose of this option is to make the transition to the new API
* smoother. Once the transition is complete it can and should be removed
* along with the old API and its implementation.
*/
#define PSA_PRE_1_0_KEY_DERIVATION
#if defined(PSA_PRE_1_0_KEY_DERIVATION)
/** Set up a key derivation operation.
*
* FIMXE This function is no longer part of the official API. Its prototype
@ -280,6 +291,7 @@ psa_status_t psa_key_derivation(psa_key_derivation_operation_t *operation,
const uint8_t *label,
size_t label_length,
size_t capacity);
#endif /* PSA_PRE_1_0_KEY_DERIVATION */
/* FIXME Deprecated. Remove this as soon as all the tests are updated. */
#define PSA_ALG_SELECT_RAW ((psa_algorithm_t)0x31000001)

View file

@ -4311,6 +4311,7 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut
/****************************************************************/
#if defined(MBEDTLS_MD_C)
#if defined(PSA_PRE_1_0_KEY_DERIVATION)
/* Set up an HKDF-based operation. This is exactly the extract phase
* of the HKDF algorithm.
*
@ -4354,9 +4355,11 @@ static psa_status_t psa_key_derivation_hkdf_setup( psa_hkdf_key_derivation_t *hk
hkdf->info_set = 1;
return( PSA_SUCCESS );
}
#endif /* PSA_PRE_1_0_KEY_DERIVATION */
#endif /* MBEDTLS_MD_C */
#if defined(MBEDTLS_MD_C)
#if defined(PSA_PRE_1_0_KEY_DERIVATION)
/* Set up a TLS-1.2-prf-based operation (see RFC 5246, Section 5).
*
* Note that if this function fails, you must call psa_key_derivation_abort()
@ -4413,7 +4416,9 @@ static psa_status_t psa_key_derivation_tls12_prf_setup(
return( PSA_SUCCESS );
}
#endif /* PSA_PRE_1_0_KEY_DERIVATION */
#if defined(PSA_PRE_1_0_KEY_DERIVATION)
/* Set up a TLS-1.2-PSK-to-MS-based operation. */
static psa_status_t psa_key_derivation_tls12_psk_to_ms_setup(
psa_tls12_prf_key_derivation_t *tls12_prf,
@ -4454,8 +4459,10 @@ static psa_status_t psa_key_derivation_tls12_psk_to_ms_setup(
mbedtls_platform_zeroize( pms, sizeof( pms ) );
return( status );
}
#endif /* PSA_PRE_1_0_KEY_DERIVATION */
#endif /* MBEDTLS_MD_C */
#if defined(PSA_PRE_1_0_KEY_DERIVATION)
/* Note that if this function fails, you must call psa_key_derivation_abort()
* to potentially free embedded data structures and wipe confidential data.
*/
@ -4554,7 +4561,9 @@ static psa_status_t psa_key_derivation_internal(
return( PSA_SUCCESS );
}
#endif /* PSA_PRE_1_0_KEY_DERIVATION */
#if defined(PSA_PRE_1_0_KEY_DERIVATION)
psa_status_t psa_key_derivation( psa_key_derivation_operation_t *operation,
psa_key_handle_t handle,
psa_algorithm_t alg,
@ -4594,6 +4603,7 @@ psa_status_t psa_key_derivation( psa_key_derivation_operation_t *operation,
psa_key_derivation_abort( operation );
return( status );
}
#endif /* PSA_PRE_1_0_KEY_DERIVATION */
static psa_status_t psa_key_derivation_setup_kdf(
psa_key_derivation_operation_t *operation,

View file

@ -66,12 +66,14 @@
/* If the build options we need are not enabled, compile a placeholder. */
#if !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \
!defined(MBEDTLS_AES_C) || !defined(MBEDTLS_CCM_C) || \
!defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_FS_IO)
!defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_FS_IO) ||\
!defined(PSA_PRE_1_0_KEY_DERIVATION)
int main( void )
{
printf("MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or "
"MBEDTLS_AES_C and/or MBEDTLS_CCM_C and/or "
"MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_FS_IO not defined.\n");
"MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_FS_IO and/or "
"PSA_PRE_1_0_KEY_DERIVATION not defined.\n");
return( 0 );
}
#else

View file

@ -1849,70 +1849,70 @@ derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0
# Test vectors taken from https://www.ietf.org/mail-archive/web/tls/current/msg03416.html
PSA key derivation: TLS 1.2 PRF SHA-256, output 100+0
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:PSA_PRE_1_0_KEY_DERIVATION
derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66":""
PSA key derivation: TLS 1.2 PRF SHA-256, output 99+1
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:PSA_PRE_1_0_KEY_DERIVATION
derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b":"66"
PSA key derivation: TLS 1.2 PRF SHA-256, output 1+99
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:PSA_PRE_1_0_KEY_DERIVATION
derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3":"f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66"
PSA key derivation: TLS 1.2 PRF SHA-256, output 50+50
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:PSA_PRE_1_0_KEY_DERIVATION
derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa0":"22f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66"
PSA key derivation: TLS 1.2 PRF SHA-256, output 50+49
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:PSA_PRE_1_0_KEY_DERIVATION
derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa0":"22f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b"
PSA key derivation: TLS 1.2 PRF SHA-384, output 148+0
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:PSA_PRE_1_0_KEY_DERIVATION
derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f":""
PSA key derivation: TLS 1.2 PRF SHA-384, output 147+1
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:PSA_PRE_1_0_KEY_DERIVATION
derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e5":"6f"
PSA key derivation: TLS 1.2 PRF SHA-384, output 1+147
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:PSA_PRE_1_0_KEY_DERIVATION
derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b":"0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f"
PSA key derivation: TLS 1.2 PRF SHA-384, output 74+74
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:PSA_PRE_1_0_KEY_DERIVATION
derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792ec":"a722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f"
PSA key derivation: TLS 1.2 PRF SHA-384, output 74+73
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:PSA_PRE_1_0_KEY_DERIVATION
derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792ec":"a722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e5"
# Test case manually extracted from debug output of TLS-PSK run
# Label: "master secret"
# Salt: Concatenation of ClientHello.Random and ServerHello.Random
PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 48+0
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:PSA_PRE_1_0_KEY_DERIVATION
derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48:"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32ca43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710":""
PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 24+24
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:PSA_PRE_1_0_KEY_DERIVATION
derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48:"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32c":"a43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710"
PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 0+48
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:PSA_PRE_1_0_KEY_DERIVATION
derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48:"":"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32ca43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710"
PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 48+0
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:PSA_PRE_1_0_KEY_DERIVATION
derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"01020304":"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":"6d617374657220736563726574":48:"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c85ca71689301f9f4d875128c87608b75250b20a9550e4fe18":""
PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 24+24
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:PSA_PRE_1_0_KEY_DERIVATION
derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"01020304":"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":"6d617374657220736563726574":48:"":"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c85ca71689301f9f4d875128c87608b75250b20a9550e4fe18"
PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 0+48
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C:PSA_PRE_1_0_KEY_DERIVATION
derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"01020304":"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":"6d617374657220736563726574":48:"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c8":"5ca71689301f9f4d875128c87608b75250b20a9550e4fe18"
PSA key derivation: HKDF SHA-256, request maximum capacity

View file

@ -545,6 +545,7 @@ static int exercise_key_derivation_key( psa_key_handle_t handle,
seed,
seed_length ) );
}
#if defined(PSA_PRE_1_0_KEY_DERIVATION)
else
{
// legacy
@ -554,6 +555,7 @@ static int exercise_key_derivation_key( psa_key_handle_t handle,
seed, seed_length,
sizeof( output ) ) );
}
#endif
PSA_ASSERT( psa_key_derivation_output_bytes( &operation,
output,
sizeof( output ) ) );
@ -1776,7 +1778,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE */
/* BEGIN_CASE depends_on:PSA_PRE_1_0_KEY_DERIVATION */
void derive_key_policy( int policy_usage,
int policy_alg,
int key_type,
@ -4024,7 +4026,7 @@ void key_derivation_init( )
}
/* END_CASE */
/* BEGIN_CASE */
/* BEGIN_CASE depends_on:PSA_PRE_1_0_KEY_DERIVATION */
void derive_setup( int key_type_arg,
data_t *key_data,
int alg_arg,
@ -4063,7 +4065,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE */
/* BEGIN_CASE depends_on:PSA_PRE_1_0_KEY_DERIVATION */
void test_derive_invalid_key_derivation_state( )
{
psa_key_handle_t handle = 0;
@ -4199,6 +4201,7 @@ void derive_output( int alg_arg,
PSA_KEY_DERIVATION_INPUT_INFO,
label->x, label->len ) );
}
#if defined(PSA_PRE_1_0_KEY_DERIVATION)
else
{
// legacy
@ -4207,6 +4210,7 @@ void derive_output( int alg_arg,
label->x, label->len,
requested_capacity ) );
}
#endif
PSA_ASSERT( psa_key_derivation_get_capacity( &operation,
&current_capacity ) );
TEST_EQUAL( current_capacity, requested_capacity );
@ -4295,6 +4299,8 @@ void derive_full( int alg_arg,
PSA_KEY_DERIVATION_INPUT_INFO,
label->x, label->len ) );
}
#if defined(PSA_PRE_1_0_KEY_DERIVATION)
else
{
// legacy
@ -4303,6 +4309,7 @@ void derive_full( int alg_arg,
label->x, label->len,
requested_capacity ) );
}
#endif
PSA_ASSERT( psa_key_derivation_get_capacity( &operation,
&current_capacity ) );
TEST_EQUAL( current_capacity, expected_capacity );
@ -4335,7 +4342,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE */
/* BEGIN_CASE depends_on:PSA_PRE_1_0_KEY_DERIVATION */
void derive_key_exercise( int alg_arg,
data_t *key_data,
data_t *salt,
@ -4395,7 +4402,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE */
/* BEGIN_CASE depends_on:PSA_PRE_1_0_KEY_DERIVATION */
void derive_key_export( int alg_arg,
data_t *key_data,
data_t *salt,