From 78b9e40662bca1b594537433594dc130fffbc507 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 13 May 2021 11:45:14 +0100 Subject: [PATCH] PSA PAKE: reintroduce psa_pake_primitive_t If PSA_PAKE_OUTPUT_SIZE takes cipher_suite as a parameter and it is a structure it can't be a compile-time constant anymore. Reintroducing psa_pake_primitive_t, because it can be constructed as an integral type and holds enough information to allow PSA_PAKE_OUTPUT_SIZE calculating accurate estimates on the output size in compile time. Signed-off-by: Janos Follath --- include/psa/crypto.h | 93 ++++--------------------------------- include/psa/crypto_sizes.h | 4 +- include/psa/crypto_struct.h | 53 ++++++--------------- include/psa/crypto_types.h | 6 +++ include/psa/crypto_values.h | 24 ++++++++++ 5 files changed, 55 insertions(+), 125 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index a2f34cab0..ec5c16c48 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4145,107 +4145,30 @@ static void psa_pake_cs_set_algorithm( * This function may be provided as a function-like macro, but in this case it * must evaluate its argument exactly once. * - * Refer to the documentation of individual PAKE algorithm types (`PSA_ALG_XXX` - * values of type ::psa_algorithm_t such that #PSA_ALG_IS_PAKE(\c alg) is true) - * for more information. - * * \param[in] cipher_suite The cipher suite structure to query. * - * \return The primitive type stored in the cipher suite structure. + * \return The primitive stored in the cipher suite structure. */ -static psa_pake_primitive_type_t psa_pake_cs_get_type( +static psa_pake_primitive_t psa_pake_cs_get_primitive( const psa_pake_cipher_suite_t* cipher_suite ); /** Declare the primitive type for a PAKE cipher suite. * - * This function overwrites any primitive type - * previously set in \p cipher_suite. + * This function overwrites any primitive previously set in \p cipher_suite. * * This function may be declared as `static` (i.e. without external * linkage). This function may be provided as a function-like macro, * but in this case it must evaluate each of its arguments exactly once. * * \param[out] cipher_suite The cipher suite structure to write to. - * \param type The primitive type to write. - * If this is 0, the primitive type in - * \p cipher_suite becomes unspecified. + * \param primitive The primitive to write. If this is 0, the + * primitive type in \p cipher_suite becomes + * unspecified. */ -static void psa_pake_cs_set_type( +static void psa_pake_cs_set_primitive( psa_pake_cipher_suite_t* cipher_suite, - psa_pake_primitive_type_t type - ); - -/** Retrieve the primitive family from a PAKE cipher suite. - * - * This function may be declared as `static` (i.e. without external - * linkage). This function may be provided as a function-like macro, - * but in this case it must evaluate its argument exactly once. - * - * \param[in] cipher_suite The cipher suite structure to query. - * - * \return The primitive family stored in the cipher suite structure. - */ -static psa_pake_family_t psa_pake_cs_get_family( - const psa_pake_cipher_suite_t* cipher_suite - ); - -/** Declare the primitive family for a PAKE cipher suite. - * - * This function overwrites any primitive family - * previously set in \p cipher_suite. - * - * This function may be declared as `static` (i.e. without external - * linkage). This function may be provided as a function-like macro, - * but in this case it must evaluate each of its arguments exactly once. - * - * \param[out] cipher_suite The cipher suite structure to write to. - * \param family The primitive family to write. - * If this is 0, the primitive family in - * \p cipher_suite becomes unspecified. The - * interpretation of this parameter depends on - * the primitive type. For more information - * consult the documentation of individual - * ::psa_pake_primitive_type_t constants). - */ -static void psa_pake_cs_set_family( - psa_pake_cipher_suite_t* cipher_suite, - psa_pake_family_t family - ); - -/** Retrieve the size associated with the primitive from a PAKE cipher suite. - * - * This function may be declared as `static` (i.e. without external - * linkage). This function may be provided as a function-like macro, - * but in this case it must evaluate its argument exactly once. - * - * \param[in] cipher_suite The cipher suite structure to query. - * - * \return The primitive bits stored in the cipher suite structure. - */ -static size_t psa_pake_cs_get_bits(const psa_pake_cipher_suite_t* cipher_suite); - -/** Declare the primitive bits for a PAKE cipher suite. - * - * This function overwrites any primitive bits - * previously set in \p cipher_suite. - * - * This function may be declared as `static` (i.e. without external - * linkage). This function may be provided as a function-like macro, - * but in this case it must evaluate each of its arguments exactly once. - * - * \param[out] cipher_suite The cipher suite structure to write to. - * \param bits The primitive bits to write. - * If this is 0, the primitive bits in - * \p cipher_suite becomes unspecified. The - * interpretation of this parameter depends on - * the family, for more information consult the - * documentation of individual - * ::psa_pake_primitive_type_t constants). - */ -static void psa_pake_cs_set_bits( - psa_pake_cipher_suite_t* cipher_suite, - size_t bits + psa_pake_primitive_t primitive ); /** Retrieve the hash algorithm from a PAKE cipher suite. diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 9d2f6c49c..d8fc9979b 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -1143,7 +1143,7 @@ * * \param alg A PAKE algorithm (PSA_ALG_XXX value such that * #PSA_ALG_IS_PAKE(\p alg) is true). - * \param cipher_suite A cipher suite that is compatible with algorithm \p alg. + * \param primitive A primitive that is compatible with algorithm \p alg. * \param output_step A value of type ::psa_pake_step_t that is valid for the * algorithm \p alg. * \return A sufficient output buffer size for the specified @@ -1151,7 +1151,7 @@ * the output type or PAKE algorithm is not recognized, or * the parameters are incompatible, return 0. */ -#define PSA_PAKE_OUTPUT_SIZE(alg, cipher_suite, output_step) +#define PSA_PAKE_OUTPUT_SIZE(alg, primitive, output_step) /** Output buffer size for psa_pake_output() for any of the supported cipher * suites and PAKE algorithms. diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 97d5d2b41..a5f35cb9c 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -466,10 +466,16 @@ struct psa_pake_cipher_suite_s psa_algorithm_t algorithm; psa_pake_primitive_type_t type; psa_pake_family_t family; - size_t bits; + uint16_t bits; psa_algorithm_t hash; }; +static inline psa_algorithm_t psa_pake_cs_get_algorithm( + const psa_pake_cipher_suite_t *cipher_suite) +{ + return( cipher_suite->algorithm ); +} + static inline void psa_pake_cs_set_algorithm( psa_pake_cipher_suite_t *cipher_suite, psa_algorithm_t algorithm) @@ -480,49 +486,20 @@ static inline void psa_pake_cs_set_algorithm( cipher_suite->algorithm = algorithm; } -static inline psa_algorithm_t psa_pake_cs_get_algorithm( +static inline psa_pake_primitive_t psa_pake_cs_get_primitive( const psa_pake_cipher_suite_t *cipher_suite) { - return( cipher_suite->algorithm ); + return( PSA_PAKE_PRIMITIVE( cipher_suite->type, cipher_suite->family, + cipher_suite->bits) ); } -static inline psa_pake_primitive_type_t psa_pake_cs_get_type( - const psa_pake_cipher_suite_t *cipher_suite) -{ - return( cipher_suite->type ); -} - -static inline void psa_pake_cs_set_type( +static inline void psa_pake_cs_set_primitive( psa_pake_cipher_suite_t *cipher_suite, - psa_pake_primitive_type_t type) + psa_pake_primitive_t primitive) { - cipher_suite->type = type; -} - -static inline psa_pake_family_t psa_pake_cs_get_family( - const psa_pake_cipher_suite_t *cipher_suite) -{ - return( cipher_suite->family ); -} - -static inline void psa_pake_cs_set_family( - psa_pake_cipher_suite_t *cipher_suite, - psa_pake_family_t family) -{ - cipher_suite->family = family; -} - -static inline size_t psa_pake_cs_get_bits( - const psa_pake_cipher_suite_t *cipher_suite) -{ - return( cipher_suite->bits ); -} - -static inline void psa_pake_cs_set_bits( - psa_pake_cipher_suite_t *cipher_suite, - size_t bits) -{ - cipher_suite->bits = bits; + cipher_suite->type = (psa_pake_primitive_type_t) primitive >> 24; + cipher_suite->family = (psa_pake_family_t) ( 0xFF & (primitive >> 16) ); + cipher_suite->bits = (uint16_t) ( 0xFFFF & primitive ); } static inline psa_algorithm_t psa_pake_cs_get_hash( diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index bf8ab15a7..5418bd76e 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -415,5 +415,11 @@ typedef uint8_t psa_pake_primitive_type_t; * PSA_PAKE_PRIMITIVE_TYPE_XXX constants. */ typedef uint8_t psa_pake_family_t; + +/** \brief Encoding of the primitive associated with the PAKE. + * + * For more information see the documentation of the #PSA_PAKE_PRIMITIVE macro. + */ +typedef uint32_t psa_pake_primitive_t; /**@}*/ #endif /* PSA_CRYPTO_TYPES_H */ diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index a92002304..cb4c604a6 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -2546,6 +2546,30 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) */ #define PSA_PAKE_PRIMITIVE_TYPE_DH ((psa_pake_primitive_type_t)0x02) +/** Construct a PAKE primitive from type, family and bitsize. + * + * \param pake_type The type of the primitive + * (value of type ::psa_pake_primitive_type_t). + * \param pake_family The family of the primitive + * (the type and interpretation of this parameter depends + * on \p type, for more information consult the + * documentation of individual ::psa_pake_primitive_type_t + * constants). + * \param pake_bits The bitsize of the primitive + * (Value of type \c size_t. The interpretation + * of this parameter depends on \p family, for more + * information consult the documentation of individual + * ::psa_pake_primitive_type_t constants). + * + * \return The constructed primitive value of type ::psa_pake_primitive_t. + * Return 0 if the requested primitive can't be encoded as + * ::psa_pake_primitive_t. + */ +#define PSA_PAKE_PRIMITIVE(pake_type, pake_family, pake_bits) \ + (pake_bits > 0xFFFF) ? 0 : \ + ((psa_pake_primitive_t) (((pake_type) << 24 | \ + (pake_family) << 16) | (pake_bits))) + /** The key share being sent to or received from the peer. * * Unless the documentation of the PAKE algorithm says otherwise this is a