f3f9e450b6
Merge pull request #6115 from AndrzejKurek/ecjpake-kdf-tls-1-2
...
Ad-hoc KDF for EC J-PAKE in TLS 1.2
2022-09-28 09:47:32 +02:00
b510cd2c50
Fix a copy-paste error - wrong macro used
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2022-09-26 10:50:22 -04:00
5603efd525
Improve readability and formatting
...
Also use a sizeof instead of a constant for zeroization, as
requested in review.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2022-09-26 10:49:16 -04:00
7763829c5c
Add missing ifdef when calculating operation capacity
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2022-09-16 12:24:52 -04:00
3c4c514302
Remove PSA_ALG_IS_TLS12_ECJPAKE_TO_PMS
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2022-09-16 07:24:14 -04:00
b093650033
Add proper capacity calculation for EC J-PAKE to PMS KDF
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2022-09-16 07:13:00 -04:00
702776f7cc
Restrict the EC J-PAKE to PMS input type to secret
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2022-09-16 06:22:44 -04:00
08d34b8693
Add an EC J-PAKE KDF to transform K -> SHA256(K.X) for TLS 1.2
...
TLS uses it to derive the session secret. The algorithm takes a serialized
point in an uncompressed form, extracts the X coordinate and computes
SHA256 of it. It is only expected to work with P-256.
Fixes #5978 .
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2022-09-14 08:39:26 -04:00
4b5710f8a0
Allow KEY_TYPE_PASSWORD/KEY_TYPE_PASSWORD_HASH to be imported
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com >
2022-08-31 10:49:18 +02:00
36aeb7f163
Merge pull request #5834 from mprse/HKDF_1
...
HKDF 1: PSA: implement HKDF_Expand and HKDF_Extract algorithms
2022-06-20 15:27:46 +02:00
69c4679b22
Adapt macro name to meet requested criteria: MBEDTLS_PSA_BUILTIN_ALG_ANY_HKDF->BUILTIN_ALG_ANY_HKDF
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-06-14 11:13:32 +02:00
75fe3fb1d7
psa_crypto.c: add MBEDTLS_PSA_BUILTIN_ALG_ANY_HKDF macro to limit number of #if conditions
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-06-09 14:44:55 +02:00
b57a44bf9b
is_kdf_alg_supported: Adapt impl to new build flags for HKDF EXTRACT/EXPAND
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-06-06 11:26:43 +02:00
cde3f783f5
Make info valid only after secret for HKDF-EXPAND + adapt tests
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-06-06 11:26:02 +02:00
0586f4c4ea
Make salt mandatory for HKDF-EXTRACT + adapt tests
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-06-06 11:25:43 +02:00
3e8249cde0
Add PSA_WANT_ALG_HKDF_EXPAND, PSA_WANT_ALG_HKDF_EXTRACT, adapt code and dependencies
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-06-03 16:18:15 +02:00
a29b488296
Optimize code by adding PSA_ALG_IS_ANY_HKDF macro
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-06-03 16:18:09 +02:00
459ee35062
Fix typo and style
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-06-02 11:16:52 +02:00
03d948c47f
Refacor code for HKDF-Extract algorithm
...
Solution provided by @mpg.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-05-19 11:45:20 +02:00
2fb0dcd403
psa_hkdf_input: use more suitable condition and add comments
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-05-19 10:34:37 +02:00
b398d8693f
Update descryption of HKDF-Extract/Expand algs and fix comment
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-05-18 15:43:54 +02:00
3e56130fb9
psa_raw_key_agreement: return BUFFER_TOO_SMALL when warranted
...
psa_raw_key_agreement() returned PSA_ERROR_INVALID_ARGUMENT instead of
PSA_ERROR_BUFFER_TOO_SMALL when the output buffer was too small for ECDH,
the only algorithm that is currently implemented. Make it return the correct
error code.
The reason for the wrong error code is that ecdh.c returns
MBEDTLS_ERR_ECP_BAD_INPUT_DATA, presumably for similarith with dhm.c. It
might make sense to change ecdh.c to use MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL,
but dhm.c doesn't have an existing BUFFER_TOO_SMALL error. To minimize the
impact of the fix, handle this in the PSA layer.
Fixes #5735 .
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-05-16 19:37:54 +02:00
5c65c5781f
Fix additional misspellings found by codespell
...
Remaining hits seem to be hex data, certificates,
and other miscellaneous exceptions.
List generated by running codespell -w -L
keypair,Keypair,KeyPair,keyPair,ciph,nd
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2022-05-11 21:25:54 +01:00
8b0ecbccf4
Redo of PR#5345. Fixed spelling and typographical errors found by CodeSpell.
...
Signed-off-by: Shaun Case <warmsocks@gmail.com >
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2022-05-11 21:25:51 +01:00
17520fe2c5
PSA: Add support for HKDF-Extend and HKDF-Expand algs
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-05-11 12:17:03 +02:00
b743d95051
Do not erase input key in psa_tls12_prf_psk_to_ms_set_key()
...
When ALG_TLS12_PSK_TO_MS() is used, first derivation is correct
but the following derivations output data is incorrect.
This is because input key is erased in psa_tls12_prf_psk_to_ms_set_key()
since commit 03faf5d2c103faf5d2c1narmstrong@baylibre.com >
2022-05-04 11:06:22 +02:00
70701e39b5
Merge pull request #5726 from mprse/mixed_psk_1_v2
...
Mixed PSK 1: Extend PSK-to-MS algorithm in PSA (v.2)
2022-04-21 17:11:52 +02:00
4e47a91d2e
Fix indentation issues
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-04-21 11:53:57 +02:00
03faf5d2c1
psa_tls12_prf_psk_to_ms_set_key: clear buffers after usage
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-04-21 11:53:57 +02:00
937b90febf
Add null check for pms allocation
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-04-21 11:53:57 +02:00
e47201b34a
rename: psa_tls12_prf_set_other_key->psa_tls12_prf_psk_to_ms_set_other_key and adapt code
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-04-21 11:53:57 +02:00
2503f7e4cb
Handle empty other secret when passed with input bytes
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-04-21 11:53:57 +02:00
d7a28646bc
psa_tls12_prf_set_key(): add PSA_TLS12_PRF_STATE_OTHER_KEY_SET as a valid state
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-04-12 11:27:00 +02:00
a7695a2d76
psa_key_derivation_check_input_type(): handle PSA_KEY_DERIVATION_INPUT_OTHER_SECRET
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-04-12 11:27:00 +02:00
c8fa5a1bdd
psa_tls12_prf_psk_to_ms_set_key(): add support for other secret input
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-04-12 11:26:47 +02:00
e3ee221893
Free other secret in tls12_prf context
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-04-07 15:41:56 +02:00
23650286ac
Add psa_tls12_prf_set_other_key() function to store other secret input
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-04-07 15:41:46 +02:00
a9b6c8074a
Fix psa_mac_verify() returning BUFFER_TOO_SMALL
...
It doesn't make sense for psa_mac_verify() to return
PSA_ERROR_BUFFER_TOO_SMALL since it doesn't have an output buffer. But this
was happening when requesting the verification of an unsupported algorithm
whose output size is larger than the maximum supported MAC size, e.g.
HMAC-SHA-512 when building with only SHA-256 support. Arrange to return
PSA_ERROR_NOT_SUPPORTED instead.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-04-05 15:03:39 +02:00
0c3a071300
Make psa_key_derivation_setup return early if the key agreement is not supported
...
Otherwise the systematically generated algorithm-not-supported tests
complain when they try to start an operation and succeed.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-04-05 15:00:01 +02:00
0cc417d34b
Make psa_key_derivation_setup return early if the hash is not supported
...
Otherwise the systematically generated algorithm-not-supported tests
complain when they try to start an operation and succeed.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-04-05 14:58:39 +02:00
9efde4f2ec
Simplify is_kdf_alg_supported in psa_key_derivation_setup_kdf
...
No behavior change.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-04-05 14:57:20 +02:00
c11bffe989
Merge pull request #5139 from mprse/key_der_ecc
...
PSA: implement key derivation for ECC keys
2022-03-14 09:17:13 +01:00
afb482897b
Merge pull request #5292 from mprse/asym_encrypt
...
Driver dispatch for PSA asymmetric encryption + RSA tests
2022-03-10 20:07:38 +01:00
c85f0912c4
psa_crypto.c, test_suite_psa_crypto.function: fix style
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-03-08 11:37:54 +01:00
7fc0751f78
Restore build options for mbedtls_ecc_group_of_psa() and related functions
...
Additional issue created to simplifiy usage of BUILTIN_KEY_TYPE_xxx && BUILTIN_ALG_yy macros https://github.com/ARMmbed/mbedtls/issues/5596
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-03-06 20:43:46 +01:00
15565eeb59
Move publick key check out of MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-03-01 17:01:39 +01:00
a81aed2dae
Clean up init values of psa crypto status and fix switch default case
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-03-01 15:13:30 +01:00
f110dc05be
Clenup conditional compilation flags.
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-03-01 14:48:05 +01:00
dcab6ccb3b
Return PSA_ERROR_INVALID_ARGUMENT for a public key, and PSA_ERROR_NOT_SUPPORTED for a type that is not handled.
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-03-01 14:29:49 +01:00
91ebfc0402
Adapt compilation flags for ECC key derivation
...
Use conditional compilation flags for building ECC key derivation code consistent with flags used for mbedtls_ecc_group_of_psa().
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com >
2022-02-22 15:50:30 +01:00
