If any of the software block ciphers are selected, define an internal
macro to indicate this. This eliminates some redundancy that needs to
check for this.
Signed-off-by: David Brown <david.brown@linaro.org>
Add checks for PSA_WANT_KEY_TYPE_CHACHA20, both with and without
MBEDTLS_PSA_CRYPTO_CONFIG. This only adds support for the ciphers
itself, presumably as a stream cipher (and not yet AEAD).
Signed-off-by: David Brown <david.brown@linaro.org>
Even if there is an accelerated version of a (block) key type, enable
the SW implementation if there are block modes that don't have
acceleration.
Signed-off-by: David Brown <david.brown@linaro.org>
There are a few instances of MBEDTLS_*_C (specifically for DES) in
psa_crypto.c. Change to the PSA_WANT_KEY_TYPE_DES macros to reflect the
new PSA crypto config.
Signed-off-by: David Brown <david.brown@linaro.org>
Add additional ifdef checks in the PSA config to detect when an
algorithm is entirely implemented in hardware. If there is any
combination of cipher and padding type that is not supported by the HW
acceleration, enable the SW acceleration.
Signed-off-by: David Brown <david.brown@linaro.org>
Ensure that the builtin definitions are defined when selected by the
traditional configuration options.
Signed-off-by: David Brown <david.brown@linaro.org>
This file will always be used with the PSA configurations, so use the
MBEDTLS_PSA_BUILTIN... definitions for the symmetric cyphers.
Signed-off-by: David Brown <david.brown@linaro.org>
PSA defines CBC with no padding, and CBC with PKCS7 padding. The bare
"ALG_CBC" is not defined, so remove this definition.
Signed-off-by: David Brown <david.brown@linaro.org>
For the new features conditionalized on MBEDTLS_PSA_ACCEL_..., define a
correlated MBEDTLS_PSA_BUILTIN_... if it is not defined. This prevents
check_names from considering these new defines as typos.
Signed-off-by: David Brown <david.brown@linaro.org>
Add support for supported block modes using the PSA crypto config.
These are mapped to Mbed TLS config options as best as possible.
Signed-off-by: David Brown <david.brown@linaro.org>
Update the psa/crypto_config.h with the newly defined PSA_WANT_
definitions for symmetric ciphers and block modes.
Signed-off-by: David Brown <david.brown@linaro.org>
Use PSA_EXPORT_KEY_OUTPUT_SIZE macro to compute the
size of the buffer to contain the generated key
instead of computing it alongside the key type and
size validation.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Extend import/export/generate key through a PSA
transparent driver without software fallback
testing to RSA keys.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Now that the support for key generation in the transparent
test driver is at the same level as the support in the
Mbed TLS library, remove the restriction on the generate
key test case that was introduced by the work on key
import and export through the PSA driver interface.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Add a test in test_suite_psa_crypto_driver_wrappers that
when accelerators do not support the generation of a key
and there is no software fallback, the key generation
fails with the PSA_ERROR_NOT_SUPPORTED error code.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
When generating transparent keys, we need to be able
to compute the size of the key buffer whether the
key is generated by the Mbed TLS library or by an
accelerator. Thus, change the RSA/ECP
MBEDTLS_PSA_BUILTIN_... compilation guards with
their PSA_WANT_... counterparts.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Change psa_generate_key_internal() signature to
that of a PSA driver generate_key entry point.
That way, this function can be called by the
driver wrapper when a software fallback is
necessary.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Rename and export get_key_buffer_size to be able to call
it from psa_crypto.c to compute the size of buffers to
contain keys generated by an opaque driver without
storage.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Restrict the scope of get_expected_key_size to
generation of key in a secure element or
cryptoprocessor without storage.
For transparent driver, the key buffer size calculation is
for the time being moved to psa_driver_wrapper_generate_key
and will eventually be done by psa_get_key_buffer_size.
Rename the function to get_key_buffer_size to
align its naming with that of psa_get_key_buffer_size.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
In case of a secure element or cryptoprocessor with
storage, when generating a key, the key material is
not exported from the secure element or cryptoprocessor
thus there is no need to allocate a buffer in that case.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Preparatory commit to eventually change
psa_generate_key_internal() signature to that of
a PSA driver generate_key entry point.
To be able to change the signature, the buffer to
store the generated key has to be allocated before
the call to psa_generate_key_internal().
This commit moves the allocation and clean-up in
case of error of the buffer to store the generated
key from psa_generate_key_internal() to
psa_generate_key().
This has the nice benefit of factorizing the key
buffer allocation and clean-up.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Preparatory commit to eventually change
psa_generate_key_internal() signature to that of
a PSA driver generate_key entry point.
To be able to change the signature, the buffer to
store the key has to be allocated before the call
to psa_generate_key_internal() thus its size has
to be calculed beforehand as well.
This is the purpose of this commit: to move the
computation of the key size in bytes out of
psa_generate_key_internal().
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Small improvements to psa_generate_key_internal()
implementation:
. declare only once the status local variable and
initialize it to PSA_ERROR_CORRUPTION_DETECTED
to improve robustness against FI attacks.
. remove an unnecessary assignment.
. use type local variable instead of its global
variable equivalent.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>