Commit graph

64 commits

Author SHA1 Message Date
Ronald Cron
de82281541 psa: aead: Add driver delegation
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-04-07 16:03:31 +02:00
Ronald Cron
5618a39fcf psa: cipher: Remove cipher_generate_iv driver entry point
Remove cipher_generate_iv driver entry point as there
is no known use case to delegate this to a driver.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-26 15:58:25 +01:00
Ronald Cron
7b4154df0f psa: wrapper: Fix potential unreachable statement warning
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-26 15:48:13 +01:00
Ronald Cron
5d9b00dddb psa: cipher: Include Mbed TLS cipher driver only if necessary
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-26 15:48:07 +01:00
Ronald Cron
7cb9c3d360 psa: cipher: Move to driver operation context application allocation
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-26 11:38:40 +01:00
Ronald Cron
6e412a71ee psa: cipher: Pass Mbed TLS implementation its operation ctx
As per drivers, pass to the Mbed TLS implementation of
the cipher multi-part operation its operation context
and not the PSA operation context.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-26 11:38:40 +01:00
Ronald Cron
49fafa98b1 psa: cipher: Dispatch based on driver identifier
For cipher multi-part operations, dispatch based on
the driver identifier even in the case of the
Mbed TLS software implementation (viewed as a driver).
Also use the driver identifier to check that an
cipher operation context is active or not.

This aligns the way hash and cipher multi-part
operations are dispatched.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-26 11:38:40 +01:00
Ronald Cron
dd24c9bbd9 psa: Call cipher operations software implementations as a driver
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-26 11:38:40 +01:00
Ronald Cron
6056fe8a81 psa: driver wrapper: Change cipher_xyz signature
Change the operation context to the PSA one to be
able to call the software implementation from
the driver wrapper later on.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-26 11:38:40 +01:00
Ronald Cron
0b80559827 psa: Call cipher setup implementation as a driver
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-26 11:38:40 +01:00
Ronald Cron
a4af55f14f psa: driver wrapper: Change cipher_*_setup signatures
Change the signature of
psa_driver_wrapper_cipher_encrypt/decrypt_setup to
that of a PSA driver cipher_encrypt/decrypt_setup
entry point.

Change the operation context to the PSA one to be
able to call the software implementation from
the driver wrapper later on.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-26 11:38:40 +01:00
Ronald Cron
c45b4afc63 Fix PSA SE driver tests
Fix PSA SE driver tests in configuration
full + MBEDTLS_PSA_CRYPTO_DRIVERS.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-26 11:38:40 +01:00
Steven Cooreman
f8e45a4e98 Simplify compilation guards around hash driver testing
The hash driver entry points (and consequentially the hash driver core)
are now always compiled on when PSA_CRYPTO_DRIVER_TEST is turned on.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-16 11:07:55 +01:00
Steven Cooreman
aa87fd0012 Make driver IDs always visible
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-15 18:54:03 +01:00
Steven Cooreman
5e4c18f6d9 Reorder the driver wrapper switch-case content
Reordered the cases to be in numeric order.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-15 12:26:07 +01:00
Steven Cooreman
fa952958a5 Don't void actually used arguments
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-15 12:16:25 +01:00
Steven Cooreman
0f8ffa806b Rename and retype hash test driver context structure
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-15 12:14:40 +01:00
Steven Cooreman
a85e2f835e Guard hash test functions as a block
Replicate the way the internal hash functions are guarded

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-15 12:14:40 +01:00
Steven Cooreman
830aff2a98 Restructure the way driver contexts are declared
Drivers (both built-in and external) need to declare their context
structures in a way such that they are accessible by the
to-be-autogenerated crypto_driver_contexts.h file. That file lives in
include/psa, which means all builtin driver context structure
declarations also need to live in include/psa.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-15 12:14:32 +01:00
Steven Cooreman
25555227e5 Rename hash test driver functions to match auto-naming scheme
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
0eeb794a2e Initialize status with CORRUPTION_DETECTED and update fallthrough
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
f763810e58 Add test driver for hash operations
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
dbf8ceda54 Change the way driver context structures are used
Apparently there's a goal to make the PSA Crypto core free from
dynamic memory allocations. Therefore, all driver context structures
need to be known at compile time in order for the core to know their
final size.

This change defines & implements for hashing operations how the context
structures get defined.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
1e58235d8b Dispatch hashing calls through the driver wrapper layer
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Ronald Cron
cbc135599e psa: wrapper: Remove unnecessary compiler warning workarounds
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-04 09:46:45 +01:00
Ronald Cron
fce9df2cad psa: Call sign/verify hash software implementation as a driver
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-17 10:52:24 +01:00
Ronald Cron
9f17aa48c2 psa: Change psa_driver_wrapper_sign/verify_hash signature
Change psa_driver_wrapper_sign/verify_hash signature
to that of a sign/verify_hash driver entry point.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-17 10:51:43 +01:00
Ronald Cron
977c247048 Call software implementation as a driver
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-16 09:04:50 +01:00
Ronald Cron
9df74beea7 psa: driver wrapper: Rename and export get_key_buffer_size
Rename and export get_key_buffer_size to be able to call
it from psa_crypto.c to compute the size of buffers to
contain keys generated by an opaque driver without
storage.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-16 09:04:50 +01:00
Ronald Cron
31216284e1 psa: driver wrapper: Clarify the scope of and rename get_expected_key_size
Restrict the scope of get_expected_key_size to
generation of key in a secure element or
cryptoprocessor without storage.

For transparent driver, the key buffer size calculation is
for the time being moved to psa_driver_wrapper_generate_key
and will eventually be done by psa_get_key_buffer_size.

Rename the function to get_key_buffer_size to
align its naming with that of psa_get_key_buffer_size.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-16 09:04:50 +01:00
Ronald Cron
9cca31654c psa: driver wrapper: Fix buffer allocation in case of key generation
In case of a secure element or cryptoprocessor with
storage, when generating a key, the key material is
not exported from the secure element or cryptoprocessor
thus there is no need to allocate a buffer in that case.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-16 09:04:50 +01:00
Ronald Cron
9cfdf6ebe7 Fix coding style issues
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-02 11:38:50 +01:00
Ronald Cron
fb2ed5bb05 psa: import: Move registered SE support to the driver wrapper
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-02 11:29:08 +01:00
Ronald Cron
bf33c93717 psa: Call import software implementation as a driver
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-02 11:29:08 +01:00
Ronald Cron
152e3f82e7 psa: export: Move registered SE support to the driver wrapper
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-02 11:29:08 +01:00
Ronald Cron
672279829a psa: Call export software implementation as a driver
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-02 11:29:08 +01:00
Ronald Cron
84cc99420c psa: Change psa_driver_wrapper_export_public_key() signature
Change psa_driver_wrapper_export_public_key() signature
to the signature of an export_public_key driver entry point.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-02 11:29:07 +01:00
Ronald Cron
8328287956 psa: Move from validate_key to import_key entry point
In the course of the development of the PSA unified
driver interface, the validate_key entry point for
opaque drivers has been removed and replaced by an
import_key entry point. This commit takes into account
this change of specification.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-02 11:29:07 +01:00
Ronald Cron
ea0f8a6d1a psa: se: Create key context in SE key slots
In key slots containing the description of a key of a
dynamically registered Secure Element (SE), store the
key slot number in a key context as defined in the
PSA driver interface for opaque drivers.

That way transparent key data and slot numbers are
, in a key slot, both stored in a dynamically allocated
buffer. The `data` union in structures of type
psa_key_slot_t to distinguish between the storage of
transparent key data and slot numbers is consequently
not necessary anymore and thus removed.

This alignement of some part of the code dedicated to
dynamically registered SE with the PSA driver interface
specification is done to ease the support of both
dynamically registered and statically defined secure
elements.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-02 11:29:07 +01:00
gabor-mezei-arm
cbcec21684
Rename output buffer size macros
Rename existing support macros for output buffer sizes for PSA Crypto API 1.0.0

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-01-21 13:17:25 +01:00
Steven Cooreman
b9b844220b Plug in the entry point for public key export through driver
Including test.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-11-20 17:31:24 +01:00
Gilles Peskine
a455e71588
Merge pull request #3780 from stevew817/feature/validate_key_in_driver
Add validate_key hooks and tests
2020-11-02 11:37:42 +01:00
Gilles Peskine
2d0b7231f7
Merge pull request #3712 from jdurkop/psa-crypto-config-ecdsa-3670
Introduce MBEDTLS_PSA_CRYPTO_CONFIG and use it for ECDSA
2020-10-27 17:40:04 +01:00
Steven Cooreman
0452476eac Implement, plug in and test validate_key driver entry point
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-10-26 16:41:37 +01:00
John Durkop
135ce69361 Updated value of expected key size when not using test_size_function
The calculation of the expected key size when not using the test_size_function
was not correct. The function has now been updated to handle all cases
properly to ensure the expected key size is correct for key pairs, public
keys, and symmetric keys.

Cleaned up some comments and removed unused includes.

Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
2020-10-19 07:12:28 -07:00
John Durkop
ac93e3b43c Fix guard for test_size_function()
Previous guard was using original naming and did not
get updated to the new name. Guard is now using correct
definition of TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION.

Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
2020-10-16 06:48:55 -07:00
John Durkop
750d0e4b72 Remove obsolete comment
Removed TBD comment that is no longer relevant since
that portion of the code has been updated.

Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
2020-10-15 12:16:42 -07:00
John Durkop
2c61835ec8 Add support for PSA crypto driver size_function
Updated get_expected_key_size in psa_crypto_driver_wrappers to properly
handle using the new size_function from PSA crypto drivers. Created
initial infrastructure to support size_function for the PSA crypto
drivers.

Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
2020-10-15 12:15:20 -07:00
John Durkop
814dca7069 Fix unit tests when MBEDTLS_PSA_CRYPTO_CONFIG is enabled
This change fixes the decrypt cipher setup function to return the
appropriate error code of PSA_ERROR_NOT_SUPPORTED instead of
PSA_ERROR_BAD_STATE for invalid locations when the setup call is made.

Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
2020-10-05 06:31:12 -07:00
John Durkop
714e3a1318 Minor cleanup to fix errors with some unit tests
With the new feature MBEDTLS_PSA_CRYPTO_CONFIG, needed to
add support that when the feature is disabled, if there
are defines like MBEDTLS_ECDSA_C defined, then the PSA_WANT_
equivalent define is also enabled. This ensures the guards in
the library psa_crypto will work properly.

Also fixed an error return code in the driver wrapper for cipher
encrypt setup so it will properly pass unit tests.

Ensured config.py full works properly with the new
MBEDTLS_PSA_CRYPTO_CONFIG, it should not be set when the full
option is used.

Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
2020-09-29 22:07:04 -07:00