Manuel Pégourié-Gonnard
f3f9e450b6
Merge pull request #6115 from AndrzejKurek/ecjpake-kdf-tls-1-2
...
Ad-hoc KDF for EC J-PAKE in TLS 1.2
2022-09-28 09:47:32 +02:00
Andrzej Kurek
b510cd2c50
Fix a copy-paste error - wrong macro used
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-26 10:50:22 -04:00
Andrzej Kurek
5603efd525
Improve readability and formatting
...
Also use a sizeof instead of a constant for zeroization, as
requested in review.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-26 10:49:16 -04:00
Andrzej Kurek
7763829c5c
Add missing ifdef when calculating operation capacity
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-16 12:24:52 -04:00
Andrzej Kurek
3c4c514302
Remove PSA_ALG_IS_TLS12_ECJPAKE_TO_PMS
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-16 07:24:14 -04:00
Andrzej Kurek
b093650033
Add proper capacity calculation for EC J-PAKE to PMS KDF
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-16 07:13:00 -04:00
Andrzej Kurek
702776f7cc
Restrict the EC J-PAKE to PMS input type to secret
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-16 06:22:44 -04:00
Andrzej Kurek
08d34b8693
Add an EC J-PAKE KDF to transform K -> SHA256(K.X) for TLS 1.2
...
TLS uses it to derive the session secret. The algorithm takes a serialized
point in an uncompressed form, extracts the X coordinate and computes
SHA256 of it. It is only expected to work with P-256.
Fixes #5978 .
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-14 08:39:26 -04:00
Neil Armstrong
4b5710f8a0
Allow KEY_TYPE_PASSWORD/KEY_TYPE_PASSWORD_HASH to be imported
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Gilles Peskine
36aeb7f163
Merge pull request #5834 from mprse/HKDF_1
...
HKDF 1: PSA: implement HKDF_Expand and HKDF_Extract algorithms
2022-06-20 15:27:46 +02:00
Przemek Stekiel
69c4679b22
Adapt macro name to meet requested criteria: MBEDTLS_PSA_BUILTIN_ALG_ANY_HKDF->BUILTIN_ALG_ANY_HKDF
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-06-14 11:13:32 +02:00
Przemek Stekiel
75fe3fb1d7
psa_crypto.c: add MBEDTLS_PSA_BUILTIN_ALG_ANY_HKDF macro to limit number of #if conditions
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-06-09 14:44:55 +02:00
Przemek Stekiel
b57a44bf9b
is_kdf_alg_supported: Adapt impl to new build flags for HKDF EXTRACT/EXPAND
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-06-06 11:26:43 +02:00
Przemek Stekiel
cde3f783f5
Make info valid only after secret for HKDF-EXPAND + adapt tests
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-06-06 11:26:02 +02:00
Przemek Stekiel
0586f4c4ea
Make salt mandatory for HKDF-EXTRACT + adapt tests
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-06-06 11:25:43 +02:00
Przemek Stekiel
3e8249cde0
Add PSA_WANT_ALG_HKDF_EXPAND, PSA_WANT_ALG_HKDF_EXTRACT, adapt code and dependencies
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-06-03 16:18:15 +02:00
Przemek Stekiel
a29b488296
Optimize code by adding PSA_ALG_IS_ANY_HKDF macro
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-06-03 16:18:09 +02:00
Przemek Stekiel
459ee35062
Fix typo and style
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-06-02 11:16:52 +02:00
Przemek Stekiel
03d948c47f
Refacor code for HKDF-Extract algorithm
...
Solution provided by @mpg.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-05-19 11:45:20 +02:00
Przemek Stekiel
2fb0dcd403
psa_hkdf_input: use more suitable condition and add comments
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-05-19 10:34:37 +02:00
Przemek Stekiel
b398d8693f
Update descryption of HKDF-Extract/Expand algs and fix comment
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-05-18 15:43:54 +02:00
Gilles Peskine
3e56130fb9
psa_raw_key_agreement: return BUFFER_TOO_SMALL when warranted
...
psa_raw_key_agreement() returned PSA_ERROR_INVALID_ARGUMENT instead of
PSA_ERROR_BUFFER_TOO_SMALL when the output buffer was too small for ECDH,
the only algorithm that is currently implemented. Make it return the correct
error code.
The reason for the wrong error code is that ecdh.c returns
MBEDTLS_ERR_ECP_BAD_INPUT_DATA, presumably for similarith with dhm.c. It
might make sense to change ecdh.c to use MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL,
but dhm.c doesn't have an existing BUFFER_TOO_SMALL error. To minimize the
impact of the fix, handle this in the PSA layer.
Fixes #5735 .
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-05-16 19:37:54 +02:00
Andrzej Kurek
5c65c5781f
Fix additional misspellings found by codespell
...
Remaining hits seem to be hex data, certificates,
and other miscellaneous exceptions.
List generated by running codespell -w -L
keypair,Keypair,KeyPair,keyPair,ciph,nd
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-05-11 21:25:54 +01:00
Shaun Case
8b0ecbccf4
Redo of PR#5345. Fixed spelling and typographical errors found by CodeSpell.
...
Signed-off-by: Shaun Case <warmsocks@gmail.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-05-11 21:25:51 +01:00
Przemek Stekiel
17520fe2c5
PSA: Add support for HKDF-Extend and HKDF-Expand algs
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-05-11 12:17:03 +02:00
Neil Armstrong
b743d95051
Do not erase input key in psa_tls12_prf_psk_to_ms_set_key()
...
When ALG_TLS12_PSK_TO_MS() is used, first derivation is correct
but the following derivations output data is incorrect.
This is because input key is erased in psa_tls12_prf_psk_to_ms_set_key()
since commit 03faf5d2c1
.
Fixes: 03faf5d2c1
("psa_tls12_prf_psk_to_ms_set_key: clear buffers after usage")
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-04 11:06:22 +02:00
Manuel Pégourié-Gonnard
70701e39b5
Merge pull request #5726 from mprse/mixed_psk_1_v2
...
Mixed PSK 1: Extend PSK-to-MS algorithm in PSA (v.2)
2022-04-21 17:11:52 +02:00
Przemek Stekiel
4e47a91d2e
Fix indentation issues
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-21 11:53:57 +02:00
Przemek Stekiel
03faf5d2c1
psa_tls12_prf_psk_to_ms_set_key: clear buffers after usage
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-21 11:53:57 +02:00
Przemek Stekiel
937b90febf
Add null check for pms allocation
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-21 11:53:57 +02:00
Przemek Stekiel
e47201b34a
rename: psa_tls12_prf_set_other_key->psa_tls12_prf_psk_to_ms_set_other_key and adapt code
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-21 11:53:57 +02:00
Przemek Stekiel
2503f7e4cb
Handle empty other secret when passed with input bytes
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-21 11:53:57 +02:00
Przemek Stekiel
d7a28646bc
psa_tls12_prf_set_key(): add PSA_TLS12_PRF_STATE_OTHER_KEY_SET as a valid state
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-12 11:27:00 +02:00
Przemek Stekiel
a7695a2d76
psa_key_derivation_check_input_type(): handle PSA_KEY_DERIVATION_INPUT_OTHER_SECRET
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-12 11:27:00 +02:00
Przemek Stekiel
c8fa5a1bdd
psa_tls12_prf_psk_to_ms_set_key(): add support for other secret input
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-12 11:26:47 +02:00
Przemek Stekiel
e3ee221893
Free other secret in tls12_prf context
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-07 15:41:56 +02:00
Przemek Stekiel
23650286ac
Add psa_tls12_prf_set_other_key() function to store other secret input
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-07 15:41:46 +02:00
Gilles Peskine
a9b6c8074a
Fix psa_mac_verify() returning BUFFER_TOO_SMALL
...
It doesn't make sense for psa_mac_verify() to return
PSA_ERROR_BUFFER_TOO_SMALL since it doesn't have an output buffer. But this
was happening when requesting the verification of an unsupported algorithm
whose output size is larger than the maximum supported MAC size, e.g.
HMAC-SHA-512 when building with only SHA-256 support. Arrange to return
PSA_ERROR_NOT_SUPPORTED instead.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 15:03:39 +02:00
Gilles Peskine
0c3a071300
Make psa_key_derivation_setup return early if the key agreement is not supported
...
Otherwise the systematically generated algorithm-not-supported tests
complain when they try to start an operation and succeed.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 15:00:01 +02:00
Gilles Peskine
0cc417d34b
Make psa_key_derivation_setup return early if the hash is not supported
...
Otherwise the systematically generated algorithm-not-supported tests
complain when they try to start an operation and succeed.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 14:58:39 +02:00
Gilles Peskine
9efde4f2ec
Simplify is_kdf_alg_supported in psa_key_derivation_setup_kdf
...
No behavior change.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 14:57:20 +02:00
Manuel Pégourié-Gonnard
c11bffe989
Merge pull request #5139 from mprse/key_der_ecc
...
PSA: implement key derivation for ECC keys
2022-03-14 09:17:13 +01:00
Gilles Peskine
afb482897b
Merge pull request #5292 from mprse/asym_encrypt
...
Driver dispatch for PSA asymmetric encryption + RSA tests
2022-03-10 20:07:38 +01:00
Przemek Stekiel
c85f0912c4
psa_crypto.c, test_suite_psa_crypto.function: fix style
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-08 11:37:54 +01:00
Przemek Stekiel
7fc0751f78
Restore build options for mbedtls_ecc_group_of_psa() and related functions
...
Additional issue created to simplifiy usage of BUILTIN_KEY_TYPE_xxx && BUILTIN_ALG_yy macros https://github.com/ARMmbed/mbedtls/issues/5596
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-06 20:43:46 +01:00
Przemek Stekiel
15565eeb59
Move publick key check out of MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-01 17:01:39 +01:00
Przemek Stekiel
a81aed2dae
Clean up init values of psa crypto status and fix switch default case
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-01 15:13:30 +01:00
Przemek Stekiel
f110dc05be
Clenup conditional compilation flags.
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-01 14:48:05 +01:00
Przemek Stekiel
dcab6ccb3b
Return PSA_ERROR_INVALID_ARGUMENT for a public key, and PSA_ERROR_NOT_SUPPORTED for a type that is not handled.
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-01 14:29:49 +01:00
Przemyslaw Stekiel
91ebfc0402
Adapt compilation flags for ECC key derivation
...
Use conditional compilation flags for building ECC key derivation code consistent with flags used for mbedtls_ecc_group_of_psa().
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-22 15:50:30 +01:00