From 2a634602481b040c16068214320183321d6b3e4e Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 22 Jun 2023 13:09:36 +0200 Subject: [PATCH] psa: fix guards for EC key derivation Signed-off-by: Valerio Setti --- library/psa_crypto.c | 28 ++++--------------------- tests/suites/test_suite_psa_crypto.data | 16 +++++++------- 2 files changed, 12 insertions(+), 32 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 08c304e828..44797f8f23 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -5776,10 +5776,7 @@ static void psa_des_set_key_parity(uint8_t *data, size_t data_size) * always NULL. */ #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE) || \ - defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) + defined(MBEDTLS_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE) static psa_status_t psa_generate_derived_ecc_key_weierstrass_helper( psa_key_slot_t *slot, size_t bits, @@ -5787,7 +5784,6 @@ static psa_status_t psa_generate_derived_ecc_key_weierstrass_helper( uint8_t **data ) { -#if defined(MBEDTLS_ECP_LIGHT) unsigned key_out_of_range = 1; mbedtls_mpi k; mbedtls_mpi diff_N_2; @@ -5871,13 +5867,6 @@ cleanup: mbedtls_mpi_free(&k); mbedtls_mpi_free(&diff_N_2); return status; -#else /* MBEDTLS_ECP_LIGHT */ - (void) slot; - (void) bits; - (void) operation; - (void) data; - return PSA_ERROR_NOT_SUPPORTED; -#endif /* MBEDTLS_ECP_LIGHT */ } /* ECC keys on a Montgomery elliptic curve draws a byte string whose length @@ -5945,10 +5934,7 @@ static psa_status_t psa_generate_derived_ecc_key_montgomery_helper( return status; } #endif /* defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE) || - defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) || - defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || - defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || - defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) */ + defined(MBEDTLS_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE) */ static psa_status_t psa_generate_derived_key_internal( psa_key_slot_t *slot, @@ -5965,10 +5951,7 @@ static psa_status_t psa_generate_derived_key_internal( } #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE) || \ - defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) + defined(MBEDTLS_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE) if (PSA_KEY_TYPE_IS_ECC(slot->attr.type)) { psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY(slot->attr.type); if (PSA_ECC_FAMILY_IS_WEIERSTRASS(curve)) { @@ -5986,10 +5969,7 @@ static psa_status_t psa_generate_derived_key_internal( } } else #endif /* defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE) || - defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) || - defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || - defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || - defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) */ + defined(MBEDTLS_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE) */ if (key_type_is_raw_bytes(slot->attr.type)) { if (bits % 8 != 0) { return PSA_ERROR_INVALID_ARGUMENT; diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 02eb6a3426..b26b3deaf8 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -6589,7 +6589,7 @@ derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b PSA key derivation: bits=7 invalid for ECC SECP_R1 (ECC disabled) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED -derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):7:PSA_ERROR_INVALID_ARGUMENT:0 +derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):7:PSA_ERROR_NOT_SUPPORTED:0 PSA key derivation: bits=0 invalid for ECC SECP_K1 depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 @@ -6604,7 +6604,7 @@ derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b PSA key derivation: bits=7 invalid for ECC SECP_K1 (ECC disabled) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED -derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):7:PSA_ERROR_INVALID_ARGUMENT:0 +derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):7:PSA_ERROR_NOT_SUPPORTED:0 PSA key derivation: bits=0 invalid for ECC SECP_R2 depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 @@ -6619,7 +6619,7 @@ derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b PSA key derivation: bits=7 invalid for ECC SECP_R2 (ECC disabled) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED -derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):7:PSA_ERROR_INVALID_ARGUMENT:0 +derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):7:PSA_ERROR_NOT_SUPPORTED:0 PSA key derivation: bits=0 invalid for ECC SECT_K1 depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 @@ -6634,7 +6634,7 @@ derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b PSA key derivation: bits=7 invalid for ECC SECT_K1 (ECC disabled) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED -derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):7:PSA_ERROR_INVALID_ARGUMENT:0 +derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):7:PSA_ERROR_NOT_SUPPORTED:0 PSA key derivation: bits=0 invalid for ECC SECT_R1 depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 @@ -6649,7 +6649,7 @@ derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b PSA key derivation: bits=7 invalid for ECC SECT_R1 (ECC disabled) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED -derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):7:PSA_ERROR_INVALID_ARGUMENT:0 +derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):7:PSA_ERROR_NOT_SUPPORTED:0 PSA key derivation: bits=0 invalid for ECC SECT_R2 depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 @@ -6664,7 +6664,7 @@ derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b PSA key derivation: bits=7 invalid for ECC SECT_R2 (ECC disabled) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED -derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):7:PSA_ERROR_INVALID_ARGUMENT:0 +derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):7:PSA_ERROR_NOT_SUPPORTED:0 PSA key derivation: bits=0 invalid for ECC BRAINPOOL_P_R1 depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 @@ -6679,7 +6679,7 @@ derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b PSA key derivation: bits=7 invalid for ECC BRAINPOOL_P_R1 (ECC disabled) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED -derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):7:PSA_ERROR_INVALID_ARGUMENT:0 +derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):7:PSA_ERROR_NOT_SUPPORTED:0 PSA key derivation: bits=0 invalid for ECC MONTGOMERY depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 @@ -6694,7 +6694,7 @@ derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b PSA key derivation: bits=7 invalid for ECC MONTGOMERY (ECC disabled) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED -derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):7:PSA_ERROR_INVALID_ARGUMENT:0 +derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):7:PSA_ERROR_NOT_SUPPORTED:0 PSA key derivation: raw data, 8 bits