Commit graph

6798 commits

Author SHA1 Message Date
Paul Elliott
bb8bf6649e Change function signature indentation
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-20 18:39:58 +01:00
Paul Elliott
e9eeea3290 Formatting fixes
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-20 18:39:58 +01:00
Paul Elliott
5c656cbf99 Fix missed incorrect include guard
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-20 18:39:58 +01:00
Paul Elliott
b91f331fce Correct potential return values in documentation
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-20 18:39:58 +01:00
Paul Elliott
498d3503c4 Misc documentation fixes.
Misnamed function calls, typos and missed changes.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-20 18:39:58 +01:00
Paul Elliott
9622c9aae0 Fix updated size macros in documentation
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-20 18:39:58 +01:00
Paul Elliott
4148a68169 Update documentation for internal implementation
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
b06e1c0d68 Remove unnecessary code
Calls to abort that are now being done by the psa_crypto layer, freeing
of tempory allocations (done by abort) and a couple of checks that had
already been done prior to that point

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
6108ee7c2d Change logic to reduce indentation
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
e2c788d480 Rename badly named variable
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
c10ad21a1b Remove SetLengths() requirement for GCM
Also return NOT_SUPPORTED, rather than BAD_STATE for our current
workarounds for GCM/CCM

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
9e8ccd7e82 Make sure all statuses are initialised
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
ccaea40023 Replace hard coded buffer size with define
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
80acb7ee21 Formatting fixups and spelling mistake fixes
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
cc35859739 Pass key buffer size into psa_aead_setup
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
a559b3ce56 Remove key_set and use id instead
In keeping with the other PSA multipart operations.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
bbe90b5f7f Formatting fixes for psa_crypto.c
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
81231f33f0 Return invalid argument for unsupported algorithm
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
39dc6b8aa5 Add abort call to all failure points
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
ef29e17a94 Add comment to non-obvious code guard
Ad and body lengths can only be too big on builds where size_t is bigger
than 32 bits. This checking code therefore generates always true
comparison warnings on 32 bit platforms, and thus had to be guarded.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
6edb7473db Move safer_memcmp to psa_crypto_core.h
Same change as made by Steven Cooreman, although not yet merged.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
cbbde5f28c Split multipart AEAD contexts into two parts
Split to data required for internal implementation and data required for
driver implementation with data left over for the PSA layer.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
2df40057b3 Fix excessive line lengths
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
a218ceba93 Merge upstream test driver changes locally
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
5d9fa8d675 Add define to allow multipart ccm to work
Add (internal only) define to config.h which allows the temporary
implementation of CCM to work, by removing the buffer zeroization on tag
fail when decrypting. This will obviously be removed when multipart CCM
is properaly implemented

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
fe5480a4c2 Fix transparent driver wrappers
Remove spurious "not supported" returns, and fix same issue that was
encountered with internal implementations - operation needs to be
marked as a type even if the initial call fails, otherwise cleanup won't
get done.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
72baf65819 Ensure operation id gets set even if failure
Although this deviates from the standard "auto-generated" code, the
M-AEAD setup functions set the key and thus allocate memory. If the
failure occurs after this (invalid tag size for example) then not having
the id set to the internal drivers means that abort does not get called,
and this causes the allocated data to leak.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
4bbe82bdcc Add transparent driver tests for M-AEAD
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
fd3ca24e56 Move CCM ouput to update step.
Move CCM to update all data at update step, as final step can only
output at most a block length, so outputting all data at this step
significantly breaks the tests. Had to add unpleasant workaround for the
validate stage, but this is the only way I can do things without
breaking CCM Alt implementations.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
72c10082dd Fix logic issues with state checks
Also fix missing return values.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
c4e1dcf006 Fix incorrect PSA key usage
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
811d8d462f Fix incorrect enums being used
Fix memory leak due to aead_abort() using incorrect enums to identify
algorithm used. Fix incorrect return on failure to check tag on
aead_verify()

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
5653da0201 Fix errors with missing tests
Return not supported for the time being whilst we don't have the
transparent driver tests done.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
302ff6bdd6 Implement multipart AEAD PSA interface
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
6504aa6451 First pass addition of driver wrappers
Transparent driver test functions not yet implemented.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
adb8b16b16 Add internal implementation of multipart AEAD
For the time being CCM and GCM are not entirely implemented correctly
due to issues with their underlying implentations, which would be
difficult to fix in 2.x, and thus require all the AD and data to be
passed in in one go.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
07a30c4c00 Convert oneshot AEAD over to multipart struct
Multipart AEAD operation struct has to be public as it's allocated by
the caller, so to save duplication of code, switch oneshot AEAD over to
using the multipart operation struct.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Gilles Peskine
5d1f747d85
Merge pull request #4377 from mpg/psa-pbkdf2-api
PSA API for PBKDF2-HMAC
2021-05-12 18:00:30 +02:00
Ronald Cron
7dbcc3c794
Merge pull request #4470 from d3zd3z/fix-posix-define
Check if feature macro is defined before define it
2021-05-12 15:47:12 +02:00
Ronald Cron
eb3e463380
Merge pull request #4247 from stevew817/dispatch_mac_operations
Dispatch MAC operations through the driver interface
Only API-ABI checking job failing which is expected thus CI OK.
2021-05-11 17:56:50 +02:00
Steven Cooreman
9e15fb783c Refactor out mac_sign_setup and mac_verify_setup
Since they became equivalent after moving the is_sign checking back to
the PSA core, they're now redundant, and the generic mac_setup function
can just be called directly.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-05-11 11:10:34 +02:00
Steven Cooreman
8af5c5c7de Be explicit about why the zero-length check is there
Since a valid mac operation context would guarantee that the stored
mac size is >= 4, it wasn't immediately obvious that the zero-length
check is meant for static analyzers and a bit of robustness.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-05-11 11:09:13 +02:00
Steven Cooreman
d1a68f10c0 Supply actual key bits to PSA_MAC_LENGTH during MAC setup
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-05-10 11:29:14 +02:00
Steven Cooreman
b29902ac9f Correctly mark unused arguments when MAC algorithms are compiled out
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-05-10 11:29:14 +02:00
Steven Cooreman
0c23965977 Add sanity tests for CMAC-(3)DES through PSA Crypto
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-05-10 11:29:13 +02:00
Steven Cooreman
02865f5cbb Use the proper define guards in the MAC driver
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-05-10 11:29:13 +02:00
Steven Cooreman
2f60f20884 Remove superfluous checking from MAC driver
The PSA core checks the key type and algorithm combination before
calling the driver, so the driver doesn't have to do this once more.

The PSA core will also not start an operation with a requested length
which is larger than the full MAC output size, so the output length check
in the driver isn't needed as long as the driver returns an error on
mac_setup if it doesn't support the underlying hash algorithm.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-05-10 11:29:13 +02:00
Steven Cooreman
72f736a191 Move is_sign and mac_size checking back to PSA core scope
It makes sense to do the length checking in the core rather than expect
each driver to deal with it themselves. This puts the onus on the core to
dictate which algorithm/key combinations are valid before calling a driver.

Additionally, this commit also updates the psa_mac_sign_finish function
to better deal with output buffer sanitation, as per the review comments
on #4247.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-05-10 11:29:13 +02:00
Steven Cooreman
f45f071f01 Minor documentation and language fixes
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-05-07 23:33:50 +02:00
Steven Cooreman
3409b02b27 Remove superfluous check
As psa_mac_sign_finish / psa_mac_verify_finish already checks that the
operation structure is valid (id is non-zero), the driver itself doesn't
have to check for that anymore. If the operation has a driver ID assigned,
it means that driver has returned success from its setup function, so the
algorithm value will be set correctly.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-05-07 23:33:50 +02:00