mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-07-29 11:41:15 +03:00
Merge pull request #4317 from yanesca/psa-jpake-interface
J-PAKE interface definition for PSA Crypto
This commit is contained in:
Janos Follath
GitHub
@ -112,12 +112,6 @@ psa_status_t psa_crypto_init(void);
|
||||
* This macro returns a suitable initializer for a key attribute structure
|
||||
* of type #psa_key_attributes_t.
|
||||
*/
|
||||
#ifdef __DOXYGEN_ONLY__
|
||||
/* This is an example definition for documentation purposes.
|
||||
* Implementations should define a suitable value in `crypto_struct.h`.
|
||||
*/
|
||||
#define PSA_KEY_ATTRIBUTES_INIT {0}
|
||||
#endif
|
||||
|
||||
/** Return an initial value for a key attributes structure.
|
||||
*/
|
||||
@ -938,8 +932,8 @@ psa_status_t psa_hash_compare(psa_algorithm_t alg,
|
||||
* \endcode
|
||||
*
|
||||
* This is an implementation-defined \c struct. Applications should not
|
||||
* make any assumptions about the content of this structure except
|
||||
* as directed by the documentation of a specific implementation. */
|
||||
* make any assumptions about the content of this structure.
|
||||
* Implementation details can change in future versions without notice. */
|
||||
typedef struct psa_hash_operation_s psa_hash_operation_t;
|
||||
|
||||
/** \def PSA_HASH_OPERATION_INIT
|
||||
@ -947,12 +941,6 @@ typedef struct psa_hash_operation_s psa_hash_operation_t;
|
||||
* This macro returns a suitable initializer for a hash operation object
|
||||
* of type #psa_hash_operation_t.
|
||||
*/
|
||||
#ifdef __DOXYGEN_ONLY__
|
||||
/* This is an example definition for documentation purposes.
|
||||
* Implementations should define a suitable value in `crypto_struct.h`.
|
||||
*/
|
||||
#define PSA_HASH_OPERATION_INIT {0}
|
||||
#endif
|
||||
|
||||
/** Return an initial value for a hash operation object.
|
||||
*/
|
||||
@ -1307,9 +1295,10 @@ psa_status_t psa_mac_verify(mbedtls_svc_key_id_t key,
|
||||
* operation = psa_mac_operation_init();
|
||||
* \endcode
|
||||
*
|
||||
*
|
||||
* This is an implementation-defined \c struct. Applications should not
|
||||
* make any assumptions about the content of this structure except
|
||||
* as directed by the documentation of a specific implementation. */
|
||||
* make any assumptions about the content of this structure.
|
||||
* Implementation details can change in future versions without notice. */
|
||||
typedef struct psa_mac_operation_s psa_mac_operation_t;
|
||||
|
||||
/** \def PSA_MAC_OPERATION_INIT
|
||||
@ -1317,12 +1306,6 @@ typedef struct psa_mac_operation_s psa_mac_operation_t;
|
||||
* This macro returns a suitable initializer for a MAC operation object of type
|
||||
* #psa_mac_operation_t.
|
||||
*/
|
||||
#ifdef __DOXYGEN_ONLY__
|
||||
/* This is an example definition for documentation purposes.
|
||||
* Implementations should define a suitable value in `crypto_struct.h`.
|
||||
*/
|
||||
#define PSA_MAC_OPERATION_INIT {0}
|
||||
#endif
|
||||
|
||||
/** Return an initial value for a MAC operation object.
|
||||
*/
|
||||
@ -1732,8 +1715,8 @@ psa_status_t psa_cipher_decrypt(mbedtls_svc_key_id_t key,
|
||||
* \endcode
|
||||
*
|
||||
* This is an implementation-defined \c struct. Applications should not
|
||||
* make any assumptions about the content of this structure except
|
||||
* as directed by the documentation of a specific implementation. */
|
||||
* make any assumptions about the content of this structure.
|
||||
* Implementation details can change in future versions without notice. */
|
||||
typedef struct psa_cipher_operation_s psa_cipher_operation_t;
|
||||
|
||||
/** \def PSA_CIPHER_OPERATION_INIT
|
||||
@ -1741,12 +1724,6 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t;
|
||||
* This macro returns a suitable initializer for a cipher operation object of
|
||||
* type #psa_cipher_operation_t.
|
||||
*/
|
||||
#ifdef __DOXYGEN_ONLY__
|
||||
/* This is an example definition for documentation purposes.
|
||||
* Implementations should define a suitable value in `crypto_struct.h`.
|
||||
*/
|
||||
#define PSA_CIPHER_OPERATION_INIT {0}
|
||||
#endif
|
||||
|
||||
/** Return an initial value for a cipher operation object.
|
||||
*/
|
||||
@ -2261,8 +2238,8 @@ psa_status_t psa_aead_decrypt(mbedtls_svc_key_id_t key,
|
||||
* \endcode
|
||||
*
|
||||
* This is an implementation-defined \c struct. Applications should not
|
||||
* make any assumptions about the content of this structure except
|
||||
* as directed by the documentation of a specific implementation. */
|
||||
* make any assumptions about the content of this structure.
|
||||
* Implementation details can change in future versions without notice. */
|
||||
typedef struct psa_aead_operation_s psa_aead_operation_t;
|
||||
|
||||
/** \def PSA_AEAD_OPERATION_INIT
|
||||
@ -2270,12 +2247,6 @@ typedef struct psa_aead_operation_s psa_aead_operation_t;
|
||||
* This macro returns a suitable initializer for an AEAD operation object of
|
||||
* type #psa_aead_operation_t.
|
||||
*/
|
||||
#ifdef __DOXYGEN_ONLY__
|
||||
/* This is an example definition for documentation purposes.
|
||||
* Implementations should define a suitable value in `crypto_struct.h`.
|
||||
*/
|
||||
#define PSA_AEAD_OPERATION_INIT {0}
|
||||
#endif
|
||||
|
||||
/** Return an initial value for an AEAD operation object.
|
||||
*/
|
||||
@ -3260,8 +3231,8 @@ psa_status_t psa_asymmetric_decrypt(mbedtls_svc_key_id_t key,
|
||||
* \endcode
|
||||
*
|
||||
* This is an implementation-defined \c struct. Applications should not
|
||||
* make any assumptions about the content of this structure except
|
||||
* as directed by the documentation of a specific implementation.
|
||||
* make any assumptions about the content of this structure.
|
||||
* Implementation details can change in future versions without notice.
|
||||
*/
|
||||
typedef struct psa_key_derivation_s psa_key_derivation_operation_t;
|
||||
|
||||
@ -3270,12 +3241,6 @@ typedef struct psa_key_derivation_s psa_key_derivation_operation_t;
|
||||
* This macro returns a suitable initializer for a key derivation operation
|
||||
* object of type #psa_key_derivation_operation_t.
|
||||
*/
|
||||
#ifdef __DOXYGEN_ONLY__
|
||||
/* This is an example definition for documentation purposes.
|
||||
* Implementations should define a suitable value in `crypto_struct.h`.
|
||||
*/
|
||||
#define PSA_KEY_DERIVATION_OPERATION_INIT {0}
|
||||
#endif
|
||||
|
||||
/** Return an initial value for a key derivation operation object.
|
||||
*/
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@ -250,7 +250,8 @@ struct psa_key_derivation_s
|
||||
|
||||
/* This only zeroes out the first byte in the union, the rest is unspecified. */
|
||||
#define PSA_KEY_DERIVATION_OPERATION_INIT { 0, 0, 0, { 0 } }
|
||||
static inline struct psa_key_derivation_s psa_key_derivation_operation_init( void )
|
||||
static inline struct psa_key_derivation_s psa_key_derivation_operation_init(
|
||||
void )
|
||||
{
|
||||
const struct psa_key_derivation_s v = PSA_KEY_DERIVATION_OPERATION_INIT;
|
||||
return( v );
|
||||
@ -276,7 +277,7 @@ static inline struct psa_key_policy_s psa_key_policy_init( void )
|
||||
typedef uint16_t psa_key_bits_t;
|
||||
/* The maximum value of the type used to represent bit-sizes.
|
||||
* This is used to mark an invalid key size. */
|
||||
#define PSA_KEY_BITS_TOO_LARGE ( (psa_key_bits_t) ( -1 ) )
|
||||
#define PSA_KEY_BITS_TOO_LARGE ( ( psa_key_bits_t ) -1 )
|
||||
/* The maximum size of a key in bits.
|
||||
* Currently defined as the maximum that can be represented, rounded down
|
||||
* to a whole number of bytes.
|
||||
@ -317,7 +318,10 @@ typedef struct
|
||||
psa_key_attributes_flag_t flags;
|
||||
} psa_core_key_attributes_t;
|
||||
|
||||
#define PSA_CORE_KEY_ATTRIBUTES_INIT {PSA_KEY_TYPE_NONE, 0, PSA_KEY_LIFETIME_VOLATILE, MBEDTLS_SVC_KEY_ID_INIT, PSA_KEY_POLICY_INIT, 0}
|
||||
#define PSA_CORE_KEY_ATTRIBUTES_INIT { PSA_KEY_TYPE_NONE, 0, \
|
||||
PSA_KEY_LIFETIME_VOLATILE, \
|
||||
MBEDTLS_SVC_KEY_ID_INIT, \
|
||||
PSA_KEY_POLICY_INIT, 0 }
|
||||
|
||||
struct psa_key_attributes_s
|
||||
{
|
||||
|
||||
@ -95,6 +95,7 @@ class PSAMacroEnumerator:
|
||||
self.mac_algorithms = set() #type: Set[str]
|
||||
self.ka_algorithms = set() #type: Set[str]
|
||||
self.kdf_algorithms = set() #type: Set[str]
|
||||
self.pake_algorithms = set() #type: Set[str]
|
||||
self.aead_algorithms = set() #type: Set[str]
|
||||
# macro name -> list of argument names
|
||||
self.argspecs = {} #type: Dict[str, List[str]]
|
||||
@ -364,6 +365,7 @@ enumerate
|
||||
'asymmetric_signature_algorithm': [],
|
||||
'asymmetric_signature_wildcard': [self.algorithms],
|
||||
'asymmetric_encryption_algorithm': [],
|
||||
'pake_algorithm': [self.pake_algorithms],
|
||||
'other_algorithm': [],
|
||||
} #type: Dict[str, List[Set[str]]]
|
||||
self.arguments_for['mac_length'] += ['1', '63']
|
||||
@ -389,6 +391,7 @@ enumerate
|
||||
self.mac_algorithms.add('0x03007fff')
|
||||
self.ka_algorithms.add('0x09fc0000')
|
||||
self.kdf_algorithms.add('0x080000ff')
|
||||
self.pake_algorithms.add('0x0a0000ff')
|
||||
# For AEAD algorithms, the only variability is over the tag length,
|
||||
# and this only applies to known algorithms, so don't test an
|
||||
# unknown algorithm.
|
||||
|
||||
@ -294,6 +294,9 @@ Key agreement: ECDH, HKDF using SHA-384
|
||||
depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384
|
||||
key_agreement_algorithm:PSA_ALG_KEY_AGREEMENT( PSA_ALG_ECDH, PSA_ALG_HKDF( PSA_ALG_SHA_384 ) ):ALG_IS_ECDH:PSA_ALG_ECDH:PSA_ALG_HKDF( PSA_ALG_SHA_384 )
|
||||
|
||||
PAKE: J-PAKE
|
||||
pake_algorithm:PSA_ALG_JPAKE
|
||||
|
||||
Key type: raw data
|
||||
key_type:PSA_KEY_TYPE_RAW_DATA:KEY_TYPE_IS_UNSTRUCTURED
|
||||
|
||||
|
||||
@ -156,6 +156,7 @@ void mac_algorithm_core( psa_algorithm_t alg, int classification_flags,
|
||||
TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_PAKE( alg ) );
|
||||
algorithm_classification( alg, classification_flags );
|
||||
|
||||
/* Length */
|
||||
@ -181,6 +182,7 @@ void aead_algorithm_core( psa_algorithm_t alg, int classification_flags,
|
||||
TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_PAKE( alg ) );
|
||||
algorithm_classification( alg, classification_flags );
|
||||
|
||||
/* Tag length */
|
||||
@ -220,6 +222,7 @@ void hash_algorithm( int alg_arg, int length_arg )
|
||||
TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_PAKE( alg ) );
|
||||
algorithm_classification( alg, 0 );
|
||||
|
||||
/* Dependent algorithms */
|
||||
@ -362,6 +365,7 @@ void cipher_algorithm( int alg_arg, int classification_flags )
|
||||
TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_PAKE( alg ) );
|
||||
algorithm_classification( alg, classification_flags );
|
||||
}
|
||||
/* END_CASE */
|
||||
@ -462,6 +466,7 @@ void asymmetric_signature_algorithm( int alg_arg, int classification_flags )
|
||||
TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_PAKE( alg ) );
|
||||
algorithm_classification( alg, classification_flags );
|
||||
}
|
||||
/* END_CASE */
|
||||
@ -491,6 +496,7 @@ void asymmetric_encryption_algorithm( int alg_arg, int classification_flags )
|
||||
TEST_ASSERT( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_PAKE( alg ) );
|
||||
algorithm_classification( alg, classification_flags );
|
||||
}
|
||||
/* END_CASE */
|
||||
@ -511,6 +517,7 @@ void key_derivation_algorithm( int alg_arg, int classification_flags )
|
||||
TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
|
||||
TEST_ASSERT( PSA_ALG_IS_KEY_DERIVATION( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_PAKE( alg ) );
|
||||
algorithm_classification( alg, classification_flags );
|
||||
|
||||
/* Check combinations with key agreements */
|
||||
@ -540,6 +547,7 @@ void key_agreement_algorithm( int alg_arg, int classification_flags,
|
||||
TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
|
||||
TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_PAKE( alg ) );
|
||||
algorithm_classification( alg, classification_flags );
|
||||
|
||||
/* Shared secret derivation properties */
|
||||
@ -548,6 +556,24 @@ void key_agreement_algorithm( int alg_arg, int classification_flags,
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void pake_algorithm( int alg_arg )
|
||||
{
|
||||
psa_algorithm_t alg = alg_arg;
|
||||
|
||||
/* Algorithm classification */
|
||||
TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
|
||||
TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
|
||||
TEST_ASSERT( PSA_ALG_IS_PAKE( alg ) );
|
||||
}
|
||||
|
||||
/* END_CASE */
|
||||
/* BEGIN_CASE */
|
||||
void key_type( int type_arg, int classification_flags )
|
||||
{
|
||||
|
||||
Reference in New Issue
Block a user