lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Key derivation: allow both keys and direct inputs

Browse Source 
Allow a direct input as the SECRET input step in a key derivation, in
addition to allowing DERIVE keys. This makes it easier for
applications to run a key derivation where the "secret" input is
obtained from somewhere else. This makes it possible for the "secret"
input to be empty (keys cannot be empty), which some protocols do (for
example the IV derivation in EAP-TLS).

Conversely, allow a RAW_DATA key as the INFO/LABEL/SALT/SEED input to a key
derivation, in addition to allowing direct inputs. This doesn't
improve security, but removes a step when a personalization parameter
is stored in the key store, and allows this personalization parameter
to remain opaque.

Add test cases that explore step/key-type-and-keyhood combinations.
This commit is contained in:
Gilles Peskine
2019-09-23 18:13:17 +02:00
parent 6842ba4d7a
commit 224b0d656a
4 changed files with 97 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
include/psa/crypto_values.h
View File

@ -1618,31 +1618,39 @@
/** A secret input for key derivation.
*
* This must be a key of type #PSA_KEY_TYPE_DERIVE.
* This should be a key of type #PSA_KEY_TYPE_DERIVE
* (passed to psa_key_derivation_input_key())
* or the shared secret resulting from a key agreement
* (obtained via psa_key_derivation_key_agreement()).
* It can also be a direct input (passed to key_derivation_input_bytes()).
*/
#define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t)0x0101)
/** A label for key derivation.
*
* This must be a direct input.
* This should be a direct input.
* It can also be a key of type #PSA_KEY_TYPE_RAW_DATA.
*/
#define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t)0x0201)
/** A salt for key derivation.
*
* This must be a direct input.
* This should be a direct input.
* It can also be a key of type #PSA_KEY_TYPE_RAW_DATA.
*/
#define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t)0x0202)
/** An information string for key derivation.
*
* This must be a direct input.
* This should be a direct input.
* It can also be a key of type #PSA_KEY_TYPE_RAW_DATA.
*/
#define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t)0x0203)
/** A seed for key derivation.
*
* This must be a direct input.
* This should be a direct input.
* It can also be a key of type #PSA_KEY_TYPE_RAW_DATA.
*/
#define PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t)0x0204)