We copy the key from a slot to the operation object in _start.
_complete and _abort do not access any key slots, instead using
the local copy.
Concurrently using the same operation object is not thread-safe.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
We copy the key from a slot to the operation object in _start.
_complete and _abort do not access any key slots, instead using
the local copy.
Concurrently using the same operation object is not thread-safe.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
Within setup we create a copy of the key and put it in the operation field.
After setup, we only ever use the new copy - and do not interact with any key slots.
Therefore we need only register as a reader of the key during setup,
then unregister after we stop accessing the key.
Simultaneous API calls on the same operation object are not thread-safe.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
Return MBEDTLS_ERR_PEM_PASSWORD_MISMATCH instead of
MBEDTLS_ERR_PEM_BAD_INPUT_DATA in case of errors.
This commit also fix related failures in test pkparse and
pem test suites.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Now that we have padding verification after decryption and since
this can be used to validate the password as well there is no
need to parse ASN1 content any more, so we can simplify/remove
that dependency.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Remove exception warnings about PKCS1v1.5, since now both padding
formats are treated properly no matter if USE_PSA_CRYPTO is
defined or not.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
MBEDTLS_PK_WRITE_C requires MBEDTLS_ASN1_WRITE_C, but there is no
corresponding check in check_config.h. In addition, corresponding
documentation for `Requires` is updated in mbedtls_config.h.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
- check_config.h: combine separate check for MBEDTLS_PK_PARSE_C
- mbedtls_config.h: update documentation for `Requires`
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
In pk.h, MBEDTLS_PK_HAVE_ECC_KEYS is enabled if ECP_C is defined or
USE_PSA_CRYPTO && PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY are defined.
But this logic is duplicate with its definition in
config_adjust_legacy_crypto.h.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
In valid_parameters_pkwrite, we first parse a public key then test
with mbedtls_pk_write_xxx functions. So valid_parameters_pkwrite
should depend on both MBEDTLS_PK_WRITE_C and MBEDTLS_PK_PARSE_C.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
When PK_HAVE_ECC_KEYS is set with PK_[PARSE/WRITE]_C, it needs OID_C
to be enabled. This commit adds proper checks in check_config.h
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
This means we can hold the mutex around the call to reserve_free_key_slot
in get_and_lock_key_slot, avoiding inefficient rework.
(Changes to get_and_lock_key_slot are not in scope in this PR)
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
Hold the mutex for the entirety of the call.
We need the mutex for the wipe, also hold it for aborting driver transactions as this
may have side effects.
We can't use the macros here as this function returns void.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
Hold mutex for the entirety of the call.
We are writing to storage and writing to the slot state here.
If we didn't keep the mutex for the whole duration then we may end up with
another thread seeing that a persistent key is in storage before
our slot is set to FULL; this would be unlinearizable behaviour.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
Everything needs to be done under the mutex here, we operate directly on FULL/EMPTY
slots, and we can't let key_slots_initialized change before we operate on slots.
Refactor to use an exit label.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
