Commit graph

65 commits

Author SHA1 Message Date
Gilles Peskine
5a68056755 Rename internal macro to pass check-names.sh
check-names.sh rejects MBEDTLS_XXX identifiers that are not defined in
a public header.
2019-08-08 10:58:09 +02:00
Gilles Peskine
74f3352b05 Add missing guard around a union field 2019-08-08 10:58:09 +02:00
Gilles Peskine
91e8c33f48 Add infrastructure for key attribute flags
Add infrastructure for internal, external and dual-use flags, with a
compile-time check (if static_assert is available) to ensure that the
same numerical value doesn't get declared for two different purposes
in crypto_struct.h (external or dual-use) and
psa_crypto_core.h (internal).
2019-08-08 10:58:09 +02:00
Gilles Peskine
41e50d26ea Remove "allocated" flag from key slots
The flag to mark key slots as allocated was introduced to mark slots
that are claimed and in use, but do not have key material yet, at a
time when creating a key used several API functions: allocate a slot,
then progressively set its metadata, and finally create the key
material. Now that all of these steps are combined into a single
API function call, the notion of allocated-but-not-filled slot is no
longer relevant. So remove the corresponding flag.

A slot is occupied iff there is a key in it. (For a key in a secure
element, the key material is not present, but the slot contains the
key metadata.) This key must have a type which is nonzero, so use this
as an indicator that a slot is in use.
2019-07-31 16:54:38 +02:00
Gilles Peskine
b46bef2f76 Store the key size in the slot in memory
There is now a field for the key size in the key slot in memory. Use
it.

This makes psa_get_key_attributes() marginally faster at the expense
of memory that is available anyway in the current memory layout (16
bits for the size, 16 bits for flags). That's not the goal, though:
the goal is to simplify the code, in particular to make it more
uniform between transparent keys (whose size can be recomputed) and
keys in secure elements (whose size cannot be recomputed).

For keys in a secure element, the bit size is now saved by serializing
the type psa_key_bits_t (which is an alias for uint16_t) rather than
size_t.
2019-07-31 14:16:50 +02:00
Gilles Peskine
8e3387029d Use psa_core_key_attributes_t in key slots in memory
Change the type of key slots in memory to use
psa_core_key_attributes_t rather than separate fields. The goal is to
simplify some parts of the code. This commit only does the mechanical
replacement, not the substitution.

The bit-field `allocate` is now a flag `PSA_KEY_SLOT_FLAG_ALLOCATED`
in the `flags` field.

Write accessor functions for flags.

Key slots now contain a bit size field which is currently unused.
Subsequent commits will make use of it.
2019-07-31 14:15:27 +02:00
Gilles Peskine
7e0cff90b9 Move attribute fields to a substructure
Move the "core attributes" to a substructure of psa_key_attribute_t.
The motivation is to be able to use the new structure
psa_core_key_attributes_t internally.
2019-07-30 20:58:27 +02:00
Gilles Peskine
424f89453b SE keys: store the bit size internally (partial implementation)
This commit blindingly copies the size from the attributes. This is
not correct for copy and import.
2019-07-29 17:06:06 +02:00
Gilles Peskine
73167e128f SE keys: store the slot number in the memory slot 2019-07-12 23:44:37 +02:00
Gilles Peskine
4b3eb69271 Rename PSA_ERROR_TAMPERING_DETECTED to ..._CORRUPTION_DETECTED
“Tampering detected” was misleading because in the real world it can
also arise due to a software bug. “Corruption detected” is neutral and
more precisely reflects what can trigger the error.

perl -i -pe 's/PSA_ERROR_TAMPERING_DETECTED/PSA_ERROR_CORRUPTION_DETECTED/gi' $(git ls-files)
2019-05-16 21:35:18 +02:00
Gilles Peskine
5b229a06f4 Support encoding an owner in key file IDs
Differentiate between _key identifiers_, which are always `uint32_t`,
and _key file identifiers_, which are platform-dependent. Normally,
the two are the same.

In `psa/crypto_platform.h`, define `psa_app_key_id_t` (which is always
32 bits, the standard key identifier type) and
`psa_key_file_id_t` (which will be different in some service builds).
A subsequent commit will introduce a platform where the two are different.

It would make sense for the function declarations in `psa/crypto.h` to
use `psa_key_file_id_t`. However this file is currently part of the
PSA Crypto API specification, so it must stick to the standard type
`psa_key_id_t`. Hence, as long as the specification and Mbed Crypto
are not separate, use the implementation-specific file
`psa/crypto_platform.h` to define `psa_key_id_t` as `psa_key_file_id_t`.

In the library, systematically use `psa_key_file_id_t`.

    perl -i -pe 's/psa_key_id_t/psa_key_file_id_t/g' library/*.[hc]
2019-02-20 12:52:07 +01:00
Gilles Peskine
09829036ab Document some functions in internal headers 2018-12-11 16:48:14 +01:00
Gilles Peskine
fa4135b135 Move more slot management functions to the proper module
Move psa_load_persistent_key_into_slot,
psa_internal_make_key_persistent and psa_internal_release_key_slot to
the slot management module.

Expose psa_import_key_into_slot from the core.

After this commit, there are no longer any functions declared in
psa_crypto_slot_management.h and defined in psa_crypto.c. There are
still function calls in both directions between psa_crypto.c and
psa_crypto_slot_management.c.
2018-12-11 16:48:14 +01:00
Gilles Peskine
66fb126e87 Move the key slot array to the slot management module
Move the key slot array and its initialization and wiping to the slot
management module.

Also move the lowest-level key slot access function psa_get_key_slot
and the auxiliary function for slot allocation
psa_internal_allocate_key_slot to the slot management module.
2018-12-11 16:48:14 +01:00
Gilles Peskine
039b90cf5b Expose the PSA key slot structure to internal modules
Move psa_key_slot_t to a new header psa_crypto_core.h, to prepare for
moving the responsibility for some fields to
psa_crypto_slot_management.c.
2018-12-11 16:48:14 +01:00