Commit graph

1112 commits

Author SHA1 Message Date
Przemyslaw Stekiel
76960a7217 mbedtls_mpi_read_binary() document that function guarantees to return an MPI with exactly the necessary number of limbs and remove redundant call to mbedtls_mpi_grow()
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel
aeaa4f0651 Code optimization
- fix codding style
- fix comments and descriptions
- add helper function for montgomery curve
- move N-2 calculation outside the loop
- fix access to <data> bytes: *data[x] -> (*data)[x]

Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel
6d3d18b2dc psa_generate_derived_key_internal, psa_generate_derived_ecc_key_weierstrass_helper: optimize the code
Perform the following optimizations:
- fix used flags for conditional compilation
- remove redundant N variable
- move loop used to generate valid k value to helper function
- fix initial value of status
- fix comments

Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel
924815982a Workaround for VS compiler build error
The following error was reported by CI for win32/release builds:

37>Done Building Project "C:\builds\workspace\mbed-tls-pr-head_PR-5139-head\worktrees\tmp_nn5muy8\visualc\VS2010\gen_entropy.vcxproj.metaproj" (Rebuild target(s)).
67>c:\builds\workspace\mbed-tls-pr-head_pr-5139-head\worktrees\tmp_nn5muy8\library\psa_crypto.c(4840): fatal error C1001: An internal error has occurred in the compiler. [C:\builds\workspace\mbed-tls-pr-head_PR-5139-head\worktrees\tmp_nn5muy8\visualc\VS2010\key_ladder_demo.vcxproj]
         (compiler file 'f:\dd\vctools\compiler\utc\src\p2\main.c', line 228)
          To work around this problem, try simplifying or changing the program near the locations listed above.
         Please choose the Technical Support command on the Visual C++
          Help menu, or open the Technical Support help file for more information

Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel
e33ae7186e psa_crypto.c: adapt macros
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel
dc215f4b97 Simplify calculations for clear mask
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel
d80b6ed46d Use loop instead goto and fix misleading variable name
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel
dc8d7d9211 fix mbedtls/psa status code mismatch
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel
871a336028 Remove redundant psa_generate_derived_ecc_key_weierstrass_check_config()
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel
aaa1ada086 psa_generate_derived_ecc_key_weierstrass_check_config: Build only when ECC enabled
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel
50fcc535e5 Add Weierstrass curve/bits consistancy check + negative test vectors
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-22 13:35:26 +01:00
Przemyslaw Stekiel
58ce8d8fb6 Add support for Montgomery curves
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-22 13:35:26 +01:00
Przemyslaw Stekiel
705fb0f918 Only Weierstrass curves supported
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-22 13:35:26 +01:00
Przemyslaw Stekiel
c6e4c512af psa_crypto.c: fix warning on windows compiler
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-22 13:26:46 +01:00
Przemyslaw Stekiel
1dfd1224dc psa_generate_derived_ecc_key_helper: compile only when ECC is supported
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-22 13:26:46 +01:00
Przemyslaw Stekiel
653481632e psa_generate_derived_ecc_key_helper: fix bugs found during testing
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-22 13:26:46 +01:00
Przemyslaw Stekiel
d8cdcba970 Move derivation of ECC private key to helper function and refactor code
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-22 13:26:46 +01:00
Przemyslaw Stekiel
1608e33606 PSA: implement key derivation for ECC keys
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-22 13:26:46 +01:00
Andrzej Kurek
f881601c91 Detect invalid tag lengths in psa_aead_setup
Read tag lengths from the driver and validate against preset values.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-20 07:40:12 -05:00
Bence Szépkúti
aa3a6e4ea7 Fix brace placement
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2022-01-13 16:26:03 +01:00
Bence Szépkúti
39fb9d170b Rename helper function to psa_aead_check_algorithm
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2022-01-13 14:33:45 +01:00
Przemyslaw Stekiel
8d45c00759 psa_asymmetric_decrypt: access the key store and call driver dispatch
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-10 12:55:05 +01:00
Przemyslaw Stekiel
19e6142214 psa_asymmetric_encrypt: access the key store and call driver dispatch
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-10 12:55:05 +01:00
Bence Szépkúti
08f34656cb Return the same error in multipart and single shot AEAD
psa_aead_encrypt_setup() and psa_aead_decrypt_setup() were returning
PSA_ERROR_INVALID_ARGUMENT, while the same failed checks were producing
PSA_ERROR_NOT_SUPPORTED if they happened in psa_aead_encrypt() or
psa_aead_decrypt().

The PSA Crypto API 1.1 spec will specify PSA_ERROR_INVALID_ARGUMENT
in the case that the supplied algorithm is not an AEAD one.

Also move these shared checks to a helper function, to reduce code
duplication and ensure that the functions remain in sync.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2022-01-07 19:36:07 +01:00
Ronald Cron
8188d19b0e Merge branch 'development-restricted' into mbedtls-3.1.0rc-pr 2021-12-14 10:58:18 +01:00
Gilles Peskine
60aebec47e PSA hash verification: zeroize expected hash on hash mismatch
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-12-13 12:33:18 +01:00
Gilles Peskine
d5b2a59826
Merge pull request #5047 from paul-elliott-arm/psa-m-aead-ccm
PSA Multipart AEAD CCM Internal implementation and tests.
2021-12-09 14:49:42 +01:00
Manuel Pégourié-Gonnard
c38c1f2411
Merge pull request #5268 from gilles-peskine-arm/struct_reordering_3.0
Reorder structure fields to maximize usage of immediate offset access
2021-12-09 12:54:09 +01:00
Manuel Pégourié-Gonnard
5d9f42200f
Merge pull request #861 from ronald-cron-arm/fix-aead-nonce
psa: aead: Fix invalid output buffer usage in generate_nonce()
2021-12-08 13:30:21 +01:00
Manuel Pégourié-Gonnard
39c2aba920
Merge pull request #849 from ronald-cron-arm/fix-cipher-iv
Avoid using encryption output buffer to pass generated IV to PSA driver
2021-12-08 13:30:06 +01:00
Ronald Cron
0b4d12313a Remove assertion on local nonce buffer size
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-07 10:45:00 +01:00
Ronald Cron
a393619dc2 Change test on local nonce buffer size to an assertion
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-07 09:25:20 +01:00
Ronald Cron
f467d6306c psa: Fix obsolete code guard
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-06 07:50:27 +01:00
Ronald Cron
9ba7691bf7 psa: Add driver initialization and termination
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-06 07:50:27 +01:00
Ronald Cron
89b4aa7efc psa: asymmetric_encrypt/decrypt: Improve error code consistency
In psa_asymmetric_encrypt/decrypt(), always return
PSA_ERROR_INVALID_ARGUMENT if the key is a PSA key
and the algorithm is not a PSA algorithm we know
about, whether RSA is supported or not.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-06 07:50:27 +01:00
Ronald Cron
69a63426af psa: Fix the size of hash buffers
Fix the size of hash buffers for PSA hash
operations.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-03 18:55:33 +01:00
Ronald Cron
81ca97e080 tests: psa driver: Align RSA/ECP sign/verify hash dispatch
Align RSA/ECP sign/verify hash dispatch with the
corresponding code of the library. The library
code was modified recently but not the test code
one and these modifications ease the following work.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-03 18:55:33 +01:00
Ronald Cron
cae5909053 psa: aead: Fix invalid output buffer usage in generate_nonce()
Don't use the output buffer in psa_aead_generate_nonce()
to pass the generated nonce to the driver as a local
attacker could potentially control it.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-11-29 08:43:15 +01:00
Ronald Cron
c6e6f50d47 psa: cipher: Fix invalid output buffer usage in psa_cipher_encrypt()
Don't use the output buffer in psa_cipher_encrypt()
to pass the generated IV to the driver as local
attacker could potentially control it.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-11-26 15:46:20 +01:00
Ronald Cron
9b67428e22 psa: cipher: Add IV parameters to cipher_encrypt entry point
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-11-26 15:46:20 +01:00
Ronald Cron
2391952a4c psa: cipher: Align APIs execution flow
Align the execution of cipher one-shot APIs with
that of cipher multi-part APIs: always exit
through the exit-labelled section.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-11-26 15:46:20 +01:00
Ronald Cron
2fb9052838 psa: cipher: Fix invalid output buffer usage in psa_cipher_generate_iv()
Don't use the output buffer in psa_cipher_generate_iv()
to pass the generated IV to the driver as local
attacker could potentially control it.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-11-26 15:46:20 +01:00
Gilles Peskine
2d8a182407 PSA global data: move fields around to save code size
Move fields around to have fewer accesses outside the 128-element Thumb
direct access window.

Make the same change as in 2.27+, for the same small benefit.

Results (arm-none-eabi-gcc 7.3.1, build_arm_none_eabi_gcc_m0plus build):
library/psa_crypto.o: 16434 -> 16414 (diff: 20)

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-11-26 12:46:28 +01:00
Bence Szépkúti
6d48e20d4b Indicate nonce sizes invalid for ChaCha20-Poly1305
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-11-17 18:06:11 +01:00
Bence Szépkúti
357b78e42c Indicate if we know that a nonce length is invalid
This restores the behaviour found in the previously released versions
and development_2.x.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-11-17 18:06:04 +01:00
Dave Rodgman
d69da6c3c3 Improve PSA error return code
psa_key_derivation_output_key: prioritize BAD_STATE over NOT_PERMITTED

If psa_key_derivation_output_key() is called on an operation which hasn't been
set up or which has been aborted, return PSA_ERROR_BAD_STATE. Only return
PSA_ERROR_NOT_PERMITTED if the operation state is ok for
psa_key_derivation_input_bytes() or psa_key_derivation_output_bytes() but not
ok to output a key.

Ideally psa_key_derivation_output_key() would return PSA_ERROR_NOT_PERMITTED
only when psa_key_derivation_output_bytes() is possible, but this is clumsier
to implement.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-11-16 16:03:31 +00:00
Manuel Pégourié-Gonnard
087f04783d
Merge pull request #5076 from mstarzyk-mobica/psa_ccm_no_tag
PSA CCM*-no-tag
2021-11-10 10:18:55 +01:00
Gilles Peskine
f7b4137e69 Untangle PSA_ALG_IS_HASH_AND_SIGN and PSA_ALG_IS_SIGN_HASH
The current definition of PSA_ALG_IS_HASH_AND_SIGN includes
PSA_ALG_RSA_PKCS1V15_SIGN_RAW and PSA_ALG_ECDSA_ANY, which don't strictly
follow the hash-and-sign paradigm: the algorithm does not encode a hash
algorithm that is applied prior to the signature step. The definition in
fact encompasses what can be used with psa_sign_hash/psa_verify_hash, so
it's the correct definition for PSA_ALG_IS_SIGN_HASH. Therefore this commit
moves definition of PSA_ALG_IS_HASH_AND_SIGN to PSA_ALG_IS_SIGN_HASH, and
replace the definition of PSA_ALG_IS_HASH_AND_SIGN by a correct one (based
on PSA_ALG_IS_SIGN_HASH, excluding the algorithms where the pre-signature
step isn't to apply the hash encoded in the algorithm).

In the definition of PSA_ALG_SIGN_GET_HASH, keep the condition for a nonzero
output to be PSA_ALG_IS_HASH_AND_SIGN.

Everywhere else in the code base (definition of PSA_ALG_IS_SIGN_MESSAGE, and
every use of PSA_ALG_IS_HASH_AND_SIGN outside of crypto_values.h), we meant
PSA_ALG_IS_SIGN_HASH where we wrote PSA_ALG_IS_HASH_AND_SIGN, so do a
global replacement.
```
git grep -l IS_HASH_AND_SIGN ':!include/psa/crypto_values.h' | xargs perl -i -pe 's/ALG_IS_HASH_AND_SIGN/ALG_IS_SIGN_HASH/g'
```

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-11-03 15:48:15 +01:00
Mateusz Starzyk
e6d3edaf32 Add missing PSA_ALG_IS_SIGN_HASH macro.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-11-03 15:47:03 +01:00
Manuel Pégourié-Gonnard
136819fe6e
Merge pull request #4959 from gilles-peskine-arm/psa-add-aria
Add ARIA to the PSA API
2021-10-29 09:38:06 +02:00
Gilles Peskine
4fa0725936
Merge pull request #5002 from mstarzyk-mobica/psa_output_buffer_limitation
Remove output buffer limitation for PSA with GCM.
2021-10-25 19:37:33 +02:00
Mateusz Starzyk
594215be6e Add support for CCM*-no-tag to PSA.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-10-21 11:33:41 +02:00
Gilles Peskine
bf21c07923
Merge pull request #5072 from mprse/issue_5065
Use switch statement instead if-else in psa_aead_check_nonce_length() and psa_aead_set_lengths(). Fixes #5065
2021-10-18 17:51:50 +02:00
Przemyslaw Stekiel
4cad4fc8a9 psa_crypto.c: use switch instead if-else in psa_aead_check_nonce_length and psa_aead_set_lengths (fixes #5065)
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2021-10-13 14:04:36 +02:00
Paul Elliott
e193ea8cb9 Add Multipart AEAD CCM internal implementation
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-10-07 18:06:03 +01:00
Przemyslaw Stekiel
c0fe820dc9 psa_generate_key(): return PSA_ERROR_INVALID_ARGUMENT for public key
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2021-10-07 11:08:56 +02:00
Mateusz Starzyk
f28261fc14 Remove output buffer limitation for PSA with GCM.
The requirement of minimum 15 bytes for output buffer in
psa_aead_finish() and psa_aead_verify() does not apply
to the built-in implementation of the GCM.

Alternative implementations are expected to verify the
length of the provided output buffers and to return
the MBEDTLS_ERR_GCM_BUFFER_TOO_SMALL in case the
buffer length is too small.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-10-04 13:54:54 +02:00
Paul Elliott
60116aee9e Invert logic on nonce length tests
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-29 14:40:16 +01:00
Paul Elliott
355f59edbe Fix formatting issues
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-29 14:40:16 +01:00
Paul Elliott
e716e6c00b Switch cipher enabled macros
Switch from using MBEDTLS_PSA_BUILTIN_ macros over to using PSA_WANT_
macros, as code was moved from the internal drivers to the PSA Core.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-29 14:40:16 +01:00
Paul Elliott
baff51c8b7 Make sure nonce length checks use base algorithm
Nonce length checks are now being used in the oneshot AEAD code as well,
which passes variant algorithms, not the base version, so need to
convert to base if necessary.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-28 17:47:24 +01:00
Paul Elliott
bb0f9e1740 Move all nonce length checks to PSA Core
Remove duplicated code from oneshot API

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-28 11:16:27 +01:00
Paul Elliott
4ed1ed18d2 Move nonce size checking to PSA Core
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-27 18:24:11 +01:00
Paul Elliott
325d374e3d Move set lengths checking to PSA Core
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-27 18:24:11 +01:00
Paul Elliott
71b0567c87 Merge remote-tracking branch 'upstream/development' into psa-m-aead-merge
Also fiixed the following merge problems:

crypto_struct.h   : Added MBEDTLS_PRIVATE to psa_aead_operation_s
                    members (merge conflict)
psa_crypto_aead.c : Added ciphertext_length to mbedtls_gcm_finish
                    call (change of API during development)

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-24 11:18:13 +01:00
Paul Elliott
90fdc117dd Make NULL tag check more explicit
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-22 22:34:17 +01:00
Paul Elliott
70618b22a9 Change sizeof to variable rather than struct
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-22 22:34:17 +01:00
Gilles Peskine
6c12a1e9f2 Add ARIA to the PSA API
Use the encoding from an upcoming version of the specification.

Add as much (or as little) testing as is currently present for Camellia.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-09-21 11:59:39 +02:00
Paul Elliott
ec95cc9489 Add safety for NULL tag being passed to finish
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 22:39:06 +01:00
Paul Elliott
4c916e8d74 Improve comment on buffer clearing
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:17 +01:00
Paul Elliott
69bf5fc901 Const correctness
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:17 +01:00
Paul Elliott
70f447dfe5 Replace individual zeroization with memset
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:17 +01:00
Archana
9d17bf4215
Styling and refactoring
Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-09-10 07:16:08 +05:30
Archana
374fe5b8d2
Handle zeroed attributes key bits and type in copy
The target attributes for key copy could have key bits and
type zeroed. If so, they need to be overwritten/ inherited
from the source key.
This is now forcefully overwritten after validating the
optional attributes. As a result assigning attributes type
and bits after copy are no longer necessary.

Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-09-09 10:09:19 +05:30
Archana
449608bc61
Code style improvements
Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-09-08 22:04:13 +05:30
Archana
8a180368fb
Add opaque test driver support for copy key
A minimal test driver extension is added to support
copy of opaque keys within the same location.
Test vector support is extended to cover opaque keys.

Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-09-08 22:04:07 +05:30
Archana
6ed4bda2c6
pre-existing validation extended
The validation against key width and max key bits is extended to
all key types from the existing validation for only symmetric keys.

Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-09-08 22:04:00 +05:30
Archana
4d7ae1d8cf
Add test driver support for opaque key import
-Add test driver support to import/export while wrapping keys
 meant to be stored in the PSA core as opaque( emulating an
 SE without storage ).
-Export validate_unstructured_key_bit_size as
 psa_validate_unstructured_key_bit_size, thereby changing its scope.
-Improve the import/export test cases in test_suite_psa_crypto to also
 cover opaque keys, thereby avoiding duplication.

Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-09-08 22:03:54 +05:30
Archana
d8a83dc172
Sizing of key buffer for opaque keys
Create a new sizing function for determining the size required for key
storage based on the input key data.
This is required for key imports where the key length might need to be
derived from the data.

Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-09-08 22:03:48 +05:30
Ronald Cron
3b097eb68f
psa: Remove psa_key_slot_is_external()
Remove psa_key_slot_is_external() that is not used anymore.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-09-08 22:03:41 +05:30
Ronald Cron
9b8b69c30a
psa: Remove buggy report of RSA public exponent for opaque keys
The report of RSA public exponent for opaque keys is not
supported. Do not attempt to compute the RSA public
exponent of an RSA opaque key associated to a driver
implementing the new driver interface when
MBEDTLS_PSA_CRYPTO_SE_C is disabled.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-09-08 22:03:32 +05:30
Ronald Cron
512ad81318
psa: Fix slot number key attribute
Slot number key attribute is specific of dynamically
registered drivers and should thus not be computed/
returned in case of keys associated to drivers
implementing the new unified driver interface.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-09-08 22:03:26 +05:30
Ronald Cron
ddae0f5642
Clarify psa_get_and_lock_transparent_key_slot_with_policy() purpose
Clarify the purpose of
psa_get_and_lock_transparent_key_slot_with_policy() and
define it even when MBEDTLS_PSA_CRYPTO_SE_C is disabled
for the purpose of static drivers.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-09-08 22:03:20 +05:30
Paul Elliott
3d7d52c2ed Formatting fixes
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-01 15:09:15 +01:00
Manuel Pégourié-Gonnard
5a8abb144c
Merge pull request #4883 from mstarzyk-mobica/fix_psa_sign_msg
PSA MAC computation with _HASH flag implies _MESSAGE.
2021-09-01 12:23:20 +02:00
Paul Elliott
3242f6c8ef Fix formatting issue
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-08-25 17:40:40 +01:00
Paul Elliott
b8db2c5726 Remove extra blank lines
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-08-25 17:40:40 +01:00
Paul Elliott
daf5c8954c Remove extraneous state checks
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-08-25 17:40:40 +01:00
Paul Elliott
d9343f2f0f Refactor is_encrypt into aead setup arguments
Avoid touching the operation until later.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-08-25 17:40:40 +01:00
Mateusz Starzyk
ce0e6a9dea Require MESSAGE flag in PSA MAC setup.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-08-20 11:33:51 +02:00
Paul Elliott
e0a12bd852 Refactor aead setup functions into single function
Move common encrypt / decrypt code into common function, and roll in
previously refactored setup checks function, as this is now the only
place it is called.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-08-19 19:18:28 +01:00
Joe Subbiani
5ecac217f0 Prefixed macros with MBEDTLS
As per tests/scripts/check-names.sh, macros in
library/ header files should be prefixed with
MBEDTLS_
The macro functions in common.h where also indented
to comply with the same test

Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
2021-08-19 09:31:54 +01:00
Joe Subbiani
50dde56543 Implement byte reading macros into library/
To improve readability by saving horizontal and vertical space.
Removed unecessary & 0xFF.
Byte reading macros implemented in library/common.h, All files
containing "& 0xff" were modified.
Comments/Documentation not yet added to the macro definitions.

Fixes #4274

Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
2021-08-19 09:31:53 +01:00
Paul Elliott
814fffbd72 Remove overly strict final checks
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-08-16 18:44:42 +01:00
Paul Elliott
32925b9e5b Make sure unused parts of tag buffer are cleared
We already did this on failure, but make sure the buffer does not leak
what was in it previously on success

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-07-21 18:51:23 +01:00
Paul Elliott
a561444561 Add missing space
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-07-21 18:51:23 +01:00
TRodziewicz
c9890e9a8c Rewording comments
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-07-14 10:16:26 +02:00
TRodziewicz
18cddc08c7 Reverting comments deleted in previous PR
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-07-13 12:19:15 +02:00
TRodziewicz
7871c2e736 Adding new macro for tests failing
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-07-09 14:27:04 +02:00
TRodziewicz
d9be65277d Corrections to the new functions names and error message wording
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-07-05 15:16:00 +02:00