From 58efe6184ecc32f4fb7f99df45fe99da15a087e2 Mon Sep 17 00:00:00 2001 From: Tom Cosgrove Date: Mon, 15 Nov 2021 09:59:53 +0000 Subject: [PATCH 001/107] Fix builds when config.h only defines MBEDTLS_BIGNUM_C Fixes #4929 Signed-off-by: Tom Cosgrove --- include/mbedtls/entropy.h | 2 +- library/bignum.c | 1 + programs/fuzz/common.c | 1 + 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/entropy.h b/include/mbedtls/entropy.h index d6ad8e73e39..deb3c50300b 100644 --- a/include/mbedtls/entropy.h +++ b/include/mbedtls/entropy.h @@ -130,7 +130,7 @@ typedef struct mbedtls_entropy_context * -1 after free. */ #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) mbedtls_sha512_context accumulator; -#else +#elif defined(MBEDTLS_ENTROPY_SHA256_ACCUMULATOR) mbedtls_sha256_context accumulator; #endif int source_count; /* Number of entries used in source. */ diff --git a/library/bignum.c b/library/bignum.c index 36433266489..b7718e2178a 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -42,6 +42,7 @@ #include "mbedtls/platform_util.h" #include "mbedtls/error.h" +#include #include #if defined(MBEDTLS_PLATFORM_C) diff --git a/programs/fuzz/common.c b/programs/fuzz/common.c index ac39ee22f3b..e12ee3b8a0a 100644 --- a/programs/fuzz/common.c +++ b/programs/fuzz/common.c @@ -1,4 +1,5 @@ #include "common.h" +#include #include #include #include From f5d7eef11ff08603acaa5eea51a23385204de23c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 8 Nov 2021 22:12:47 +0100 Subject: [PATCH 002/107] PSA operation structures: move less-used fields to the end Move fields around to have fewer accesses outside the 128-element Thumb direct access window. In psa_hkdf_key_derivation_t, move the large fields (output_block, prk, hmac) after the state bit-fields. Experimentally, it's slightly better to put hmac last. In aead_operation_t, tag_length was outside the window. The details depend on the sizes of contexts included in ctx. Make the large ctx be the last field. In mbedtls_psa_hmac_operation_t, the opad field is outside the window when SHA-512 is enabled. Moving opad before hash_ctx only saves 4 bytes and made the structure clumsy, so I left it alone. Results (arm-none-eabi-gcc 7.3.1, build_arm_none_eabi_gcc_m0plus build): library/psa_crypto.o: 16246 -> 16166 (diff: 80) library/psa_crypto_aead.o: 952 -> 928 (diff: 24) Signed-off-by: Gilles Peskine --- include/psa/crypto_struct.h | 6 +++--- library/psa_crypto_aead.c | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 94242f897ae..f08fdc8bd1a 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -175,9 +175,6 @@ typedef struct { uint8_t *info; size_t info_length; - psa_mac_operation_t hmac; - uint8_t prk[PSA_HASH_MAX_SIZE]; - uint8_t output_block[PSA_HASH_MAX_SIZE]; #if PSA_HASH_MAX_SIZE > 0xff #error "PSA_HASH_MAX_SIZE does not fit in uint8_t" #endif @@ -185,6 +182,9 @@ typedef struct uint8_t block_number; unsigned int state : 2; unsigned int info_set : 1; + uint8_t output_block[PSA_HASH_MAX_SIZE]; + uint8_t prk[PSA_HASH_MAX_SIZE]; + psa_mac_operation_t hmac; } psa_hkdf_key_derivation_t; #endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */ diff --git a/library/psa_crypto_aead.c b/library/psa_crypto_aead.c index 356679c38fb..2769028d0bd 100644 --- a/library/psa_crypto_aead.c +++ b/library/psa_crypto_aead.c @@ -32,6 +32,8 @@ typedef struct { + psa_algorithm_t core_alg; + uint8_t tag_length; union { unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ @@ -45,11 +47,9 @@ typedef struct mbedtls_chachapoly_context chachapoly; #endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */ } ctx; - psa_algorithm_t core_alg; - uint8_t tag_length; } aead_operation_t; -#define AEAD_OPERATION_INIT {{0}, 0, 0} +#define AEAD_OPERATION_INIT {0, 0, {0}} static void psa_aead_abort_internal( aead_operation_t *operation ) { From b8006a66f243b5d48fc968e3fb0606b6b0fe3f48 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 8 Nov 2021 22:20:03 +0100 Subject: [PATCH 003/107] PSA global data: move fields around to save code size Move fields around to have fewer accesses outside the 128-element Thumb direct access window. In psa_crypto.c's global_data, put the state fields first (-20). In psa_crypto_slot_management.c's global_data, keep the key slots first (otherwise it's +24). In mbedtls_psa_random_context_t, swapping entropy and drbg makes no difference (at least when the DRBG is mbedtls_ctr_drbg_context). Results (arm-none-eabi-gcc 7.3.1, build_arm_none_eabi_gcc_m0plus build): library/psa_crypto.o: 16166 -> 16146 (diff: 20) Signed-off-by: Gilles Peskine --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 406e6c4cfbe..e85bbb8d57c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -108,9 +108,9 @@ static int key_type_is_raw_bytes( psa_key_type_t type ) typedef struct { - mbedtls_psa_random_context_t rng; unsigned initialized : 1; unsigned rng_state : 2; + mbedtls_psa_random_context_t rng; } psa_global_data_t; static psa_global_data_t global_data; From 4a13ebff39a552dfdcf3b209126a5beef1fe0297 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 16 Nov 2021 15:21:44 +0100 Subject: [PATCH 004/107] Tweak whitespace for readability Signed-off-by: Gilles Peskine --- include/mbedtls/ssl_internal.h | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h index 2097a6dd9b2..03807f3a76b 100644 --- a/include/mbedtls/ssl_internal.h +++ b/include/mbedtls/ssl_internal.h @@ -434,9 +434,11 @@ struct mbedtls_ssl_handshake_params defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) mbedtls_ssl_sig_hash_set_t hash_algs; /*!< Set of suitable sig-hash pairs */ #endif + #if defined(MBEDTLS_DHM_C) mbedtls_dhm_context dhm_ctx; /*!< DHM key exchange */ #endif + /* Adding guard for MBEDTLS_ECDSA_C to ensure no compile errors due * to guards also being in ssl_srv.c and ssl_cli.c. There is a gap * in functionality that access to ecdh_ctx structure is needed for @@ -461,10 +463,12 @@ struct mbedtls_ssl_handshake_params size_t ecjpake_cache_len; /*!< Length of cached data */ #endif #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ + +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) const mbedtls_ecp_curve_info **curves; /*!< Supported elliptic curves */ #endif + #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_key_id_t psk_opaque; /*!< Opaque PSK from the callback */ @@ -472,6 +476,7 @@ struct mbedtls_ssl_handshake_params unsigned char *psk; /*!< PSK from the callback */ size_t psk_len; /*!< Length of PSK from callback */ #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ + #if defined(MBEDTLS_X509_CRT_PARSE_C) mbedtls_ssl_key_cert *key_cert; /*!< chosen key/cert pair (server) */ #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) @@ -481,6 +486,7 @@ struct mbedtls_ssl_handshake_params mbedtls_x509_crl *sni_ca_crl; /*!< trusted CAs CRLs from SNI */ #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ #endif /* MBEDTLS_X509_CRT_PARSE_C */ + #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) int ecrs_enabled; /*!< Handshake supports EC restart? */ mbedtls_x509_crt_restart_ctx ecrs_ctx; /*!< restart context */ @@ -494,10 +500,12 @@ struct mbedtls_ssl_handshake_params mbedtls_x509_crt *ecrs_peer_cert; /*!< The peer's CRT chain. */ size_t ecrs_n; /*!< place for saving a length */ #endif -#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ + +#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) mbedtls_pk_context peer_pubkey; /*!< The public key from the peer. */ #endif /* MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + #if defined(MBEDTLS_SSL_PROTO_DTLS) unsigned int out_msg_seq; /*!< Outgoing handshake sequence number */ unsigned int in_msg_seq; /*!< Incoming handshake sequence number */ @@ -565,8 +573,8 @@ struct mbedtls_ssl_handshake_params */ #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_1) - mbedtls_md5_context fin_md5; - mbedtls_sha1_context fin_sha1; + mbedtls_md5_context fin_md5; + mbedtls_sha1_context fin_sha1; #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA256_C) @@ -606,6 +614,7 @@ struct mbedtls_ssl_handshake_params #if defined(MBEDTLS_SSL_SESSION_TICKETS) int new_session_ticket; /*!< use NewSessionTicket? */ #endif /* MBEDTLS_SSL_SESSION_TICKETS */ + #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) int extended_ms; /*!< use Extended Master Secret? */ #endif From 51070849faccc7d3078607dbbbed618d1964bff4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 16 Nov 2021 16:34:14 +0100 Subject: [PATCH 005/107] mbedtls_ssl_handshake_params: use bytes for some small values Replace bitfields mbedtls_ssl_handshake_params by bytes. This saves some code size, and since the bitfields weren't group, this doesn't increase the RAM usage. Replace several ints that only store values in the range 0..255 by uint8_t. This can increase or decrease the code size depending on the architecture and on how the field is used. I chose changes that save code size on Arm Thumb builds and may potentially save more after field reordering. Leave the bitfields in struct mbedtls_ssl_hs_buffer alone: replacing them by uint8_t slightly increases the code size. Results (arm-none-eabi-gcc 7.3.1, build_arm_none_eabi_gcc_m0plus build): library/ssl_srv.o: 22735 -> 22691 (diff: 44) library/ssl_tls.o: 23566 -> 23570 (diff: -4) Signed-off-by: Gilles Peskine --- include/mbedtls/ssl_internal.h | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h index 03807f3a76b..fc268566e1c 100644 --- a/include/mbedtls/ssl_internal.h +++ b/include/mbedtls/ssl_internal.h @@ -480,7 +480,7 @@ struct mbedtls_ssl_handshake_params #if defined(MBEDTLS_X509_CRT_PARSE_C) mbedtls_ssl_key_cert *key_cert; /*!< chosen key/cert pair (server) */ #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - int sni_authmode; /*!< authmode from SNI callback */ + uint8_t sni_authmode; /*!< authmode from SNI callback */ mbedtls_ssl_key_cert *sni_key_cert; /*!< key/cert list from SNI */ mbedtls_x509_crt *sni_ca_chain; /*!< trusted CAs from SNI callback */ mbedtls_x509_crl *sni_ca_crl; /*!< trusted CAs CRLs from SNI */ @@ -488,8 +488,8 @@ struct mbedtls_ssl_handshake_params #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - int ecrs_enabled; /*!< Handshake supports EC restart? */ mbedtls_x509_crt_restart_ctx ecrs_ctx; /*!< restart context */ + uint8_t ecrs_enabled; /*!< Handshake supports EC restart? */ enum { /* this complements ssl->state with info on intra-state operations */ ssl_ecrs_none = 0, /*!< nothing going on (yet) */ ssl_ecrs_crt_verify, /*!< Certificate: crt_verify() */ @@ -606,21 +606,21 @@ struct mbedtls_ssl_handshake_params unsigned char premaster[MBEDTLS_PREMASTER_SIZE]; /*!< premaster secret */ - int resume; /*!< session resume indicator*/ - int max_major_ver; /*!< max. major version client*/ - int max_minor_ver; /*!< max. minor version client*/ - int cli_exts; /*!< client extension presence*/ + uint8_t max_major_ver; /*!< max. major version client*/ + uint8_t max_minor_ver; /*!< max. minor version client*/ + uint8_t resume; /*!< session resume indicator*/ + uint8_t cli_exts; /*!< client extension presence*/ #if defined(MBEDTLS_SSL_SESSION_TICKETS) - int new_session_ticket; /*!< use NewSessionTicket? */ + uint8_t new_session_ticket; /*!< use NewSessionTicket? */ #endif /* MBEDTLS_SSL_SESSION_TICKETS */ #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - int extended_ms; /*!< use Extended Master Secret? */ + uint8_t extended_ms; /*!< use Extended Master Secret? */ #endif #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - unsigned int async_in_progress : 1; /*!< an asynchronous operation is in progress */ + uint8_t async_in_progress; /*!< an asynchronous operation is in progress */ #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) From baccfef741ea9e749a92b84f63575596a3340064 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 16 Nov 2021 17:44:31 +0100 Subject: [PATCH 006/107] mbedtls_ssl_handshake_params: reorder fields to save code size Reorder fields mbedtls_ssl_handshake_params in order to save code on Arm Thumb builds. The general idea is to put often-used fields in the direct access window of 128 elements from the beginning of the structure. The reordering is a human selection based on a report of field offset and use counts, and informed by measuring the code size with various arrangements. Some notes: * I moved most byte-sized fields at the beginning where they're sure to be in the direct access window. * I moved buffering earlier because it can be around the threshold depending on the configuration, and it's accessed in a lot of places. * I moved several fields, including update_checksum and friends, early so that they're guaranteed to be in the early access window. * I tried moving randbytes or premaster to the early access window, but I couldn't find a placement which would save code size, presumably because they're bumping too many other fields, and they're mostly accessed through memcpy and friends which translates to instructions that don't have an offset for free anyway. Results (arm-none-eabi-gcc 7.3.1, build_arm_none_eabi_gcc_m0plus build): library/ssl_cli.o: 20200 -> 20104 (diff: 96) library/ssl_msg.o: 25978 -> 25942 (diff: 36) library/ssl_srv.o: 22691 -> 22467 (diff: 224) library/ssl_tls.o: 23570 -> 23390 (diff: 180) Results (same architecture, config-suite-b.h + MBEDTLS_ECDH_LEGACY_CONTEXT + MBEDTLS_ECP_RESTARTABLE): library/ssl_cli.o: 3012 -> 2928 (diff: 84) library/ssl_msg.o: 2932 -> 2924 (diff: 8) library/ssl_srv.o: 3288 -> 3232 (diff: 56) library/ssl_tls.o: 6032 -> 5904 (diff: 128) Signed-off-by: Gilles Peskine --- include/mbedtls/ssl_internal.h | 140 ++++++++++++++++++--------------- 1 file changed, 75 insertions(+), 65 deletions(-) diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h index fc268566e1c..259d8467794 100644 --- a/include/mbedtls/ssl_internal.h +++ b/include/mbedtls/ssl_internal.h @@ -430,11 +430,59 @@ struct mbedtls_ssl_handshake_params * Handshake specific crypto variables */ -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ + uint8_t max_major_ver; /*!< max. major version client*/ + uint8_t max_minor_ver; /*!< max. minor version client*/ + uint8_t resume; /*!< session resume indicator*/ + uint8_t cli_exts; /*!< client extension presence*/ + +#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ + defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + uint8_t sni_authmode; /*!< authmode from SNI callback */ +#endif + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + uint8_t new_session_ticket; /*!< use NewSessionTicket? */ +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ + +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + uint8_t extended_ms; /*!< use Extended Master Secret? */ +#endif + +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) + uint8_t async_in_progress; /*!< an asynchronous operation is in progress */ +#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + unsigned char retransmit_state; /*!< Retransmission state */ +#endif + +#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) + uint8_t ecrs_enabled; /*!< Handshake supports EC restart? */ + enum { /* this complements ssl->state with info on intra-state operations */ + ssl_ecrs_none = 0, /*!< nothing going on (yet) */ + ssl_ecrs_crt_verify, /*!< Certificate: crt_verify() */ + ssl_ecrs_ske_start_processing, /*!< ServerKeyExchange: pk_verify() */ + ssl_ecrs_cke_ecdh_calc_secret, /*!< ClientKeyExchange: ECDH step 2 */ + ssl_ecrs_crt_vrfy_sign, /*!< CertificateVerify: pk_sign() */ + } ecrs_state; /*!< current (or last) operation */ + mbedtls_x509_crt *ecrs_peer_cert; /*!< The peer's CRT chain. */ + size_t ecrs_n; /*!< place for saving a length */ +#endif + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) mbedtls_ssl_sig_hash_set_t hash_algs; /*!< Set of suitable sig-hash pairs */ #endif + size_t pmslen; /*!< premaster length */ + + mbedtls_ssl_ciphersuite_t const *ciphersuite_info; + + void (*update_checksum)(mbedtls_ssl_context *, const unsigned char *, size_t); + void (*calc_verify)(const mbedtls_ssl_context *, unsigned char *, size_t *); + void (*calc_finished)(mbedtls_ssl_context *, unsigned char *, int); + mbedtls_ssl_tls_prf_cb *tls_prf; + #if defined(MBEDTLS_DHM_C) mbedtls_dhm_context dhm_ctx; /*!< DHM key exchange */ #endif @@ -480,7 +528,6 @@ struct mbedtls_ssl_handshake_params #if defined(MBEDTLS_X509_CRT_PARSE_C) mbedtls_ssl_key_cert *key_cert; /*!< chosen key/cert pair (server) */ #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - uint8_t sni_authmode; /*!< authmode from SNI callback */ mbedtls_ssl_key_cert *sni_key_cert; /*!< key/cert list from SNI */ mbedtls_x509_crt *sni_ca_chain; /*!< trusted CAs from SNI callback */ mbedtls_x509_crl *sni_ca_crl; /*!< trusted CAs CRLs from SNI */ @@ -489,16 +536,6 @@ struct mbedtls_ssl_handshake_params #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) mbedtls_x509_crt_restart_ctx ecrs_ctx; /*!< restart context */ - uint8_t ecrs_enabled; /*!< Handshake supports EC restart? */ - enum { /* this complements ssl->state with info on intra-state operations */ - ssl_ecrs_none = 0, /*!< nothing going on (yet) */ - ssl_ecrs_crt_verify, /*!< Certificate: crt_verify() */ - ssl_ecrs_ske_start_processing, /*!< ServerKeyExchange: pk_verify() */ - ssl_ecrs_cke_ecdh_calc_secret, /*!< ClientKeyExchange: ECDH step 2 */ - ssl_ecrs_crt_vrfy_sign, /*!< CertificateVerify: pk_sign() */ - } ecrs_state; /*!< current (or last) operation */ - mbedtls_x509_crt *ecrs_peer_cert; /*!< The peer's CRT chain. */ - size_t ecrs_n; /*!< place for saving a length */ #endif #if defined(MBEDTLS_X509_CRT_PARSE_C) && \ @@ -507,6 +544,32 @@ struct mbedtls_ssl_handshake_params #endif /* MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ #if defined(MBEDTLS_SSL_PROTO_DTLS) + struct + { + size_t total_bytes_buffered; /*!< Cumulative size of heap allocated + * buffers used for message buffering. */ + + uint8_t seen_ccs; /*!< Indicates if a CCS message has + * been seen in the current flight. */ + + struct mbedtls_ssl_hs_buffer + { + unsigned is_valid : 1; + unsigned is_fragmented : 1; + unsigned is_complete : 1; + unsigned char *data; + size_t data_len; + } hs[MBEDTLS_SSL_MAX_BUFFERED_HS]; + + struct + { + unsigned char *data; + size_t len; + unsigned epoch; + } future_record; + + } buffering; + unsigned int out_msg_seq; /*!< Outgoing handshake sequence number */ unsigned int in_msg_seq; /*!< Incoming handshake sequence number */ @@ -516,7 +579,6 @@ struct mbedtls_ssl_handshake_params Srv: flag for sending a cookie */ uint32_t retransmit_timeout; /*!< Current value of timeout */ - unsigned char retransmit_state; /*!< Retransmission state */ mbedtls_ssl_flight_item *flight; /*!< Current outgoing flight */ mbedtls_ssl_flight_item *cur_msg; /*!< Current message in flight */ unsigned char *cur_msg_p; /*!< Position in current message */ @@ -539,32 +601,6 @@ struct mbedtls_ssl_handshake_params * \c peer_cid. */ #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - struct - { - size_t total_bytes_buffered; /*!< Cumulative size of heap allocated - * buffers used for message buffering. */ - - uint8_t seen_ccs; /*!< Indicates if a CCS message has - * been seen in the current flight. */ - - struct mbedtls_ssl_hs_buffer - { - unsigned is_valid : 1; - unsigned is_fragmented : 1; - unsigned is_complete : 1; - unsigned char *data; - size_t data_len; - } hs[MBEDTLS_SSL_MAX_BUFFERED_HS]; - - struct - { - unsigned char *data; - size_t len; - unsigned epoch; - } future_record; - - } buffering; - uint16_t mtu; /*!< Handshake mtu, used to fragment outgoing messages */ #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -593,36 +629,10 @@ struct mbedtls_ssl_handshake_params #endif #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - void (*update_checksum)(mbedtls_ssl_context *, const unsigned char *, size_t); - void (*calc_verify)(const mbedtls_ssl_context *, unsigned char *, size_t *); - void (*calc_finished)(mbedtls_ssl_context *, unsigned char *, int); - mbedtls_ssl_tls_prf_cb *tls_prf; - - mbedtls_ssl_ciphersuite_t const *ciphersuite_info; - - size_t pmslen; /*!< premaster length */ - unsigned char randbytes[64]; /*!< random bytes */ unsigned char premaster[MBEDTLS_PREMASTER_SIZE]; /*!< premaster secret */ - uint8_t max_major_ver; /*!< max. major version client*/ - uint8_t max_minor_ver; /*!< max. minor version client*/ - uint8_t resume; /*!< session resume indicator*/ - uint8_t cli_exts; /*!< client extension presence*/ - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - uint8_t new_session_ticket; /*!< use NewSessionTicket? */ -#endif /* MBEDTLS_SSL_SESSION_TICKETS */ - -#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - uint8_t extended_ms; /*!< use Extended Master Secret? */ -#endif - -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - uint8_t async_in_progress; /*!< an asynchronous operation is in progress */ -#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) /** Asynchronous operation context. This field is meant for use by the * asynchronous operation callbacks (mbedtls_ssl_config::f_async_sign_start, From 9a0e0affef2277dc3417ed9f8b14891c9dda57c6 Mon Sep 17 00:00:00 2001 From: Lukasz Gniadzik Date: Tue, 17 Aug 2021 17:34:08 +0200 Subject: [PATCH 007/107] mbedtls_ssl_config, mbedtls_ssl_session: reorder fields Move small fields first so that more fields can be within the Arm Thumb 128-element direct access window. The ordering in this commit is not based on field access frequency. Results (arm-none-eabi-gcc 7.3.1, build_arm_none_eabi_gcc_m0plus build): library/ssl_cli.o: 20104 -> 19952 (diff: 152) library/ssl_msg.o: 25942 -> 25810 (diff: 132) library/ssl_srv.o: 22467 -> 22371 (diff: 96) library/ssl_tls.o: 23390 -> 23274 (diff: 116) Results (same architecture, config-suite-b.h + MBEDTLS_ECDH_LEGACY_CONTEXT + MBEDTLS_ECP_RESTARTABLE): library/ssl_cli.o: 2928 -> 2868 (diff: 60) library/ssl_msg.o: 2924 -> 2916 (diff: 8) library/ssl_srv.o: 3232 -> 3204 (diff: 28) library/ssl_tls.o: 5904 -> 5860 (diff: 44) Signed-off-by: Lukasz Gniadzik Signed-off-by: Gilles Peskine --- include/mbedtls/ssl.h | 184 +++++++++++++++++++++--------------------- 1 file changed, 94 insertions(+), 90 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 2ed295a1f6f..ef603798693 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -974,6 +974,10 @@ mbedtls_dtls_srtp_info; */ struct mbedtls_ssl_session { +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + unsigned char mfl_code; /*!< MaxFragmentLength negotiated by peer */ +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ + #if defined(MBEDTLS_HAVE_TIME) mbedtls_time_t start; /*!< starting time */ #endif @@ -1002,10 +1006,6 @@ struct mbedtls_ssl_session uint32_t ticket_lifetime; /*!< ticket lifetime hint */ #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - unsigned char mfl_code; /*!< MaxFragmentLength negotiated by peer */ -#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ - #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) int trunc_hmac; /*!< flag for truncated hmac activation */ #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ @@ -1020,7 +1020,96 @@ struct mbedtls_ssl_session */ struct mbedtls_ssl_config { - /* Group items by size (largest first) to minimize padding overhead */ + /* Group items by size and reorder them to maximize usage of immediate offset access. */ + + /* + * Numerical settings (char) + */ + + unsigned char max_major_ver; /*!< max. major version used */ + unsigned char max_minor_ver; /*!< max. minor version used */ + unsigned char min_major_ver; /*!< min. major version used */ + unsigned char min_minor_ver; /*!< min. minor version used */ + + /* + * Flags (bitfields) + */ + + unsigned int endpoint : 1; /*!< 0: client, 1: server */ + unsigned int transport : 1; /*!< stream (TLS) or datagram (DTLS) */ + unsigned int authmode : 2; /*!< MBEDTLS_SSL_VERIFY_XXX */ + /* needed even with renego disabled for LEGACY_BREAK_HANDSHAKE */ + unsigned int allow_legacy_renegotiation : 2 ; /*!< MBEDTLS_LEGACY_XXX */ +#if defined(MBEDTLS_ARC4_C) + unsigned int arc4_disabled : 1; /*!< blacklist RC4 ciphersuites? */ +#endif +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + unsigned int mfl_code : 3; /*!< desired fragment length */ +#endif +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + unsigned int encrypt_then_mac : 1 ; /*!< negotiate encrypt-then-mac? */ +#endif +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + unsigned int extended_ms : 1; /*!< negotiate extended master secret? */ +#endif +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) + unsigned int anti_replay : 1; /*!< detect and prevent replay? */ +#endif +#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) + unsigned int cbc_record_splitting : 1; /*!< do cbc record splitting */ +#endif +#if defined(MBEDTLS_SSL_RENEGOTIATION) + unsigned int disable_renegotiation : 1; /*!< disable renegotiation? */ +#endif +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) + unsigned int trunc_hmac : 1; /*!< negotiate truncated hmac? */ +#endif +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + unsigned int session_tickets : 1; /*!< use session tickets? */ +#endif +#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C) + unsigned int fallback : 1; /*!< is this a fallback? */ +#endif +#if defined(MBEDTLS_SSL_SRV_C) + unsigned int cert_req_ca_list : 1; /*!< enable sending CA list in + Certificate Request messages? */ +#endif +#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) + unsigned int ignore_unexpected_cid : 1; /*!< Determines whether DTLS + * record with unexpected CID + * should lead to failure. */ +#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ +#if defined(MBEDTLS_SSL_DTLS_SRTP) + unsigned int dtls_srtp_mki_support : 1; /* support having mki_value + in the use_srtp extension */ +#endif + + /* + * Numerical settings (int then char) + */ + + uint32_t read_timeout; /*!< timeout for mbedtls_ssl_read (ms) */ + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + uint32_t hs_timeout_min; /*!< initial value of the handshake + retransmission timeout (ms) */ + uint32_t hs_timeout_max; /*!< maximum value of the handshake + retransmission timeout (ms) */ +#endif + +#if defined(MBEDTLS_SSL_RENEGOTIATION) + int renego_max_records; /*!< grace period for renegotiation */ + unsigned char renego_period[8]; /*!< value of the record counters + that triggers renegotiation */ +#endif + +#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) + unsigned int badmac_limit; /*!< limit of records with a bad MAC */ +#endif + +#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C) + unsigned int dhm_min_bitlen; /*!< min. bit length of the DHM prime */ +#endif /* * Pointers @@ -1174,91 +1263,6 @@ struct mbedtls_ssl_config /*! number of supported profiles */ size_t dtls_srtp_profile_list_len; #endif /* MBEDTLS_SSL_DTLS_SRTP */ - - /* - * Numerical settings (int then char) - */ - - uint32_t read_timeout; /*!< timeout for mbedtls_ssl_read (ms) */ - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - uint32_t hs_timeout_min; /*!< initial value of the handshake - retransmission timeout (ms) */ - uint32_t hs_timeout_max; /*!< maximum value of the handshake - retransmission timeout (ms) */ -#endif - -#if defined(MBEDTLS_SSL_RENEGOTIATION) - int renego_max_records; /*!< grace period for renegotiation */ - unsigned char renego_period[8]; /*!< value of the record counters - that triggers renegotiation */ -#endif - -#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) - unsigned int badmac_limit; /*!< limit of records with a bad MAC */ -#endif - -#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C) - unsigned int dhm_min_bitlen; /*!< min. bit length of the DHM prime */ -#endif - - unsigned char max_major_ver; /*!< max. major version used */ - unsigned char max_minor_ver; /*!< max. minor version used */ - unsigned char min_major_ver; /*!< min. major version used */ - unsigned char min_minor_ver; /*!< min. minor version used */ - - /* - * Flags (bitfields) - */ - - unsigned int endpoint : 1; /*!< 0: client, 1: server */ - unsigned int transport : 1; /*!< stream (TLS) or datagram (DTLS) */ - unsigned int authmode : 2; /*!< MBEDTLS_SSL_VERIFY_XXX */ - /* needed even with renego disabled for LEGACY_BREAK_HANDSHAKE */ - unsigned int allow_legacy_renegotiation : 2 ; /*!< MBEDTLS_LEGACY_XXX */ -#if defined(MBEDTLS_ARC4_C) - unsigned int arc4_disabled : 1; /*!< blacklist RC4 ciphersuites? */ -#endif -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - unsigned int mfl_code : 3; /*!< desired fragment length */ -#endif -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - unsigned int encrypt_then_mac : 1 ; /*!< negotiate encrypt-then-mac? */ -#endif -#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - unsigned int extended_ms : 1; /*!< negotiate extended master secret? */ -#endif -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - unsigned int anti_replay : 1; /*!< detect and prevent replay? */ -#endif -#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - unsigned int cbc_record_splitting : 1; /*!< do cbc record splitting */ -#endif -#if defined(MBEDTLS_SSL_RENEGOTIATION) - unsigned int disable_renegotiation : 1; /*!< disable renegotiation? */ -#endif -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - unsigned int trunc_hmac : 1; /*!< negotiate truncated hmac? */ -#endif -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - unsigned int session_tickets : 1; /*!< use session tickets? */ -#endif -#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C) - unsigned int fallback : 1; /*!< is this a fallback? */ -#endif -#if defined(MBEDTLS_SSL_SRV_C) - unsigned int cert_req_ca_list : 1; /*!< enable sending CA list in - Certificate Request messages? */ -#endif -#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - unsigned int ignore_unexpected_cid : 1; /*!< Determines whether DTLS - * record with unexpected CID - * should lead to failure. */ -#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ -#if defined(MBEDTLS_SSL_DTLS_SRTP) - unsigned int dtls_srtp_mki_support : 1; /* support having mki_value - in the use_srtp extension */ -#endif }; struct mbedtls_ssl_context From 7f03d9ecc6d96edcda9898ea8c2dc8cd7b1815cc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 16 Nov 2021 18:31:46 +0100 Subject: [PATCH 008/107] mbedtls_ssl_config: Replace bit-fields by separate bytes This slightly increases the RAM consumption per context, but saves code size on architectures with an instruction for direct byte access (which is most of them). Although this is technically an API break, in practice, a realistic application won't break: it would have had to bypass API functions and rely on the field size (e.g. relying on -1 == 1 in a 1-bit field). Results (arm-none-eabi-gcc 7.3.1, build_arm_none_eabi_gcc_m0plus build): library/ssl_cli.o: 19952 -> 19900 (diff: 52) library/ssl_msg.o: 25810 -> 25798 (diff: 12) library/ssl_srv.o: 22371 -> 22299 (diff: 72) library/ssl_tls.o: 23274 -> 23038 (diff: 236) Results (same architecture, config-suite-b.h + MBEDTLS_ECDH_LEGACY_CONTEXT + MBEDTLS_ECP_RESTARTABLE): library/ssl_cli.o: 2868 -> 2848 (diff: 20) library/ssl_msg.o: 2916 -> 2924 (diff: -8) library/ssl_srv.o: 3204 -> 3184 (diff: 20) library/ssl_tls.o: 5860 -> 5756 (diff: 104) Signed-off-by: Gilles Peskine --- include/mbedtls/ssl.h | 40 +++++++++++++++++++++------------------- 1 file changed, 21 insertions(+), 19 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index ef603798693..db519fa20ad 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1032,56 +1032,58 @@ struct mbedtls_ssl_config unsigned char min_minor_ver; /*!< min. minor version used */ /* - * Flags (bitfields) + * Flags (could be bit-fields to save RAM, but separate bytes make + * the code smaller on architectures with an instruction for direct + * byte access). */ - unsigned int endpoint : 1; /*!< 0: client, 1: server */ - unsigned int transport : 1; /*!< stream (TLS) or datagram (DTLS) */ - unsigned int authmode : 2; /*!< MBEDTLS_SSL_VERIFY_XXX */ + uint8_t endpoint /*bool*/; /*!< 0: client, 1: server */ + uint8_t transport /*bool*/; /*!< stream (TLS) or datagram (DTLS) */ + uint8_t authmode /*2 bits*/; /*!< MBEDTLS_SSL_VERIFY_XXX */ /* needed even with renego disabled for LEGACY_BREAK_HANDSHAKE */ - unsigned int allow_legacy_renegotiation : 2 ; /*!< MBEDTLS_LEGACY_XXX */ + uint8_t allow_legacy_renegotiation /*2 bits*/; /*!< MBEDTLS_LEGACY_XXX */ #if defined(MBEDTLS_ARC4_C) - unsigned int arc4_disabled : 1; /*!< blacklist RC4 ciphersuites? */ + uint8_t arc4_disabled /*bool*/; /*!< blacklist RC4 ciphersuites? */ #endif #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - unsigned int mfl_code : 3; /*!< desired fragment length */ + uint8_t mfl_code /*3 bits*/; /*!< desired fragment length */ #endif #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - unsigned int encrypt_then_mac : 1 ; /*!< negotiate encrypt-then-mac? */ + uint8_t encrypt_then_mac /*bool*/; /*!< negotiate encrypt-then-mac? */ #endif #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - unsigned int extended_ms : 1; /*!< negotiate extended master secret? */ + uint8_t extended_ms /*bool*/; /*!< negotiate extended master secret? */ #endif #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - unsigned int anti_replay : 1; /*!< detect and prevent replay? */ + uint8_t anti_replay /*bool*/; /*!< detect and prevent replay? */ #endif #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - unsigned int cbc_record_splitting : 1; /*!< do cbc record splitting */ + uint8_t cbc_record_splitting /*bool*/; /*!< do cbc record splitting */ #endif #if defined(MBEDTLS_SSL_RENEGOTIATION) - unsigned int disable_renegotiation : 1; /*!< disable renegotiation? */ + uint8_t disable_renegotiation /*bool*/; /*!< disable renegotiation? */ #endif #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - unsigned int trunc_hmac : 1; /*!< negotiate truncated hmac? */ + uint8_t trunc_hmac /*bool*/; /*!< negotiate truncated hmac? */ #endif #if defined(MBEDTLS_SSL_SESSION_TICKETS) - unsigned int session_tickets : 1; /*!< use session tickets? */ + uint8_t session_tickets /*bool*/; /*!< use session tickets? */ #endif #if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C) - unsigned int fallback : 1; /*!< is this a fallback? */ + uint8_t fallback /*bool*/; /*!< is this a fallback? */ #endif #if defined(MBEDTLS_SSL_SRV_C) - unsigned int cert_req_ca_list : 1; /*!< enable sending CA list in + uint8_t cert_req_ca_list /*bool*/; /*!< enable sending CA list in Certificate Request messages? */ #endif #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - unsigned int ignore_unexpected_cid : 1; /*!< Determines whether DTLS + uint8_t ignore_unexpected_cid /*bool*/; /*!< Determines whether DTLS * record with unexpected CID * should lead to failure. */ #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_SSL_DTLS_SRTP) - unsigned int dtls_srtp_mki_support : 1; /* support having mki_value - in the use_srtp extension */ + uint8_t dtls_srtp_mki_support /*bool*/; /*!< support having mki_value + in the use_srtp extension? */ #endif /* From c0656b43f1e1489f247777be336ae57121efe99f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 16 Nov 2021 18:55:20 +0100 Subject: [PATCH 009/107] Note the reordered fields in SSL structures This is technically an API break according to the unwritten rules of API compatibility for Mbed TLS 2.x. However, it is very unlikely to affect any realistic application, with the possible exception of applications that define a global constant of type mbedtls_ssl_config. Signed-off-by: Gilles Peskine --- ChangeLog.d/semi-public-structure-fields.txt | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 ChangeLog.d/semi-public-structure-fields.txt diff --git a/ChangeLog.d/semi-public-structure-fields.txt b/ChangeLog.d/semi-public-structure-fields.txt new file mode 100644 index 00000000000..802f8de2b7a --- /dev/null +++ b/ChangeLog.d/semi-public-structure-fields.txt @@ -0,0 +1,5 @@ +API changes + * Some fields of mbedtls_ssl_session and mbedtls_ssl_config are in a + different order. This only affects applications that define such + structures directly or serialize them. + From 7493c4017a95d82110a6c05fd331fcae3a56c200 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 16 Nov 2021 20:48:59 +0100 Subject: [PATCH 010/107] Fix comment parsing Fix cases like ``` /*short comment*/ /*long comment */ int mbedtls_foo; ``` where the previous code thought that the second line started outside of a comment and ended inside of a comment. I believe that the new code strips comments correctly. It also strips string literals, just in case. Fixes #5191. Signed-off-by: Gilles Peskine --- tests/scripts/check_names.py | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/tests/scripts/check_names.py b/tests/scripts/check_names.py index cae722e58eb..32eaf2164c6 100755 --- a/tests/scripts/check_names.py +++ b/tests/scripts/check_names.py @@ -509,18 +509,19 @@ def parse_identifiers(self, include, exclude=None): previous_line = "" for line_no, line in enumerate(header): - # Skip parsing this line if a block comment ends on it, - # but don't skip if it has just started -- there is a chance - # it ends on the same line. - if re.search(r"/\*", line): - in_block_comment = not in_block_comment - if re.search(r"\*/", line): - in_block_comment = not in_block_comment - continue - + # Terminate current comment? if in_block_comment: - previous_line = "" - continue + line = re.sub(r".*?\*/", r"", line, 1) + in_block_comment = False + # Remove full comments and string literals + line = re.sub(r'/\*.*?\*/|(")(?:[^\\\"]|\\.)*"', + lambda s: '""' if s.group(1) else ' ', + line) + # Start an unfinished comment? + m = re.match(r"/\*", line) + if m: + in_block_comment = True + line = line[:m.end(0)] if exclusion_lines.search(line): previous_line = "" From b3f4dd5c814de9a7171981c90129f9ac3d403808 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 16 Nov 2021 20:56:47 +0100 Subject: [PATCH 011/107] Lift some code out of parse_identifiers Make parse_identifiers less complex. Pylint was complaining that it had too many local variables, and it had a point. * Lift the constants identifier_regex and exclusion_lines to class constants (renamed to uppercase because they're constants). * Lift the per-file loop into a new function parse_identifiers_in_file. No intended behavior change. Signed-off-by: Gilles Peskine --- tests/scripts/check_names.py | 188 +++++++++++++++++++---------------- 1 file changed, 100 insertions(+), 88 deletions(-) diff --git a/tests/scripts/check_names.py b/tests/scripts/check_names.py index 32eaf2164c6..95dae3645f6 100755 --- a/tests/scripts/check_names.py +++ b/tests/scripts/check_names.py @@ -457,6 +457,105 @@ def parse_enum_consts(self, include, exclude=None): return enum_consts + IDENTIFIER_REGEX = re.compile( + # Match " something(a" or " *something(a". Functions. + # Assumptions: + # - function definition from return type to one of its arguments is + # all on one line + # - function definition line only contains alphanumeric, asterisk, + # underscore, and open bracket + r".* \**(\w+) *\( *\w|" + # Match "(*something)(". + r".*\( *\* *(\w+) *\) *\(|" + # Match names of named data structures. + r"(?:typedef +)?(?:struct|union|enum) +(\w+)(?: *{)?$|" + # Match names of typedef instances, after closing bracket. + r"}? *(\w+)[;[].*" + ) + # The regex below is indented for clarity. + EXCLUSION_LINES = re.compile( + r"^(" + r"extern +\"C\"|" # pylint: disable=bad-continuation + r"(typedef +)?(struct|union|enum)( *{)?$|" + r"} *;?$|" + r"$|" + r"//|" + r"#" + r")" + ) + + def parse_identifiers_in_file(self, header_file, identifiers): + """ + Parse all lines of a header where a function/enum/struct/union/typedef + identifier is declared, based on some regex and heuristics. Highly + dependent on formatting style. + + Append found matches to the list ``identifiers``. + """ + + with open(header_file, "r", encoding="utf-8") as header: + in_block_comment = False + # The previous line variable is used for concatenating lines + # when identifiers are formatted and spread across multiple + # lines. + previous_line = "" + + for line_no, line in enumerate(header): + # Terminate current comment? + if in_block_comment: + line = re.sub(r".*?\*/", r"", line, 1) + in_block_comment = False + # Remove full comments and string literals + line = re.sub(r'/\*.*?\*/|(")(?:[^\\\"]|\\.)*"', + lambda s: '""' if s.group(1) else ' ', + line) + # Start an unfinished comment? + m = re.match(r"/\*", line) + if m: + in_block_comment = True + line = line[:m.end(0)] + + if self.EXCLUSION_LINES.search(line): + previous_line = "" + continue + + # If the line contains only space-separated alphanumeric + # characters (or underscore, asterisk, or, open bracket), + # and nothing else, high chance it's a declaration that + # continues on the next line + if re.search(r"^([\w\*\(]+\s+)+$", line): + previous_line += line + continue + + # If previous line seemed to start an unfinished declaration + # (as above), concat and treat them as one. + if previous_line: + line = previous_line.strip() + " " + line.strip() + "\n" + previous_line = "" + + # Skip parsing if line has a space in front = heuristic to + # skip function argument lines (highly subject to formatting + # changes) + if line[0] == " ": + continue + + identifier = self.IDENTIFIER_REGEX.search(line) + + if not identifier: + continue + + # Find the group that matched, and append it + for group in identifier.groups(): + if not group: + continue + + identifiers.append(Match( + header_file, + line, + line_no, + identifier.span(), + group)) + def parse_identifiers(self, include, exclude=None): """ Parse all lines of a header where a function/enum/struct/union/typedef @@ -469,100 +568,13 @@ def parse_identifiers(self, include, exclude=None): Returns a List of Match objects with identifiers. """ - identifier_regex = re.compile( - # Match " something(a" or " *something(a". Functions. - # Assumptions: - # - function definition from return type to one of its arguments is - # all on one line - # - function definition line only contains alphanumeric, asterisk, - # underscore, and open bracket - r".* \**(\w+) *\( *\w|" - # Match "(*something)(". - r".*\( *\* *(\w+) *\) *\(|" - # Match names of named data structures. - r"(?:typedef +)?(?:struct|union|enum) +(\w+)(?: *{)?$|" - # Match names of typedef instances, after closing bracket. - r"}? *(\w+)[;[].*" - ) - # The regex below is indented for clarity. - exclusion_lines = re.compile( - r"^(" - r"extern +\"C\"|" # pylint: disable=bad-continuation - r"(typedef +)?(struct|union|enum)( *{)?$|" - r"} *;?$|" - r"$|" - r"//|" - r"#" - r")" - ) files = self.get_files(include, exclude) self.log.debug("Looking for identifiers in {} files".format(len(files))) identifiers = [] for header_file in files: - with open(header_file, "r", encoding="utf-8") as header: - in_block_comment = False - # The previous line variable is used for concatenating lines - # when identifiers are formatted and spread across multiple - # lines. - previous_line = "" - - for line_no, line in enumerate(header): - # Terminate current comment? - if in_block_comment: - line = re.sub(r".*?\*/", r"", line, 1) - in_block_comment = False - # Remove full comments and string literals - line = re.sub(r'/\*.*?\*/|(")(?:[^\\\"]|\\.)*"', - lambda s: '""' if s.group(1) else ' ', - line) - # Start an unfinished comment? - m = re.match(r"/\*", line) - if m: - in_block_comment = True - line = line[:m.end(0)] - - if exclusion_lines.search(line): - previous_line = "" - continue - - # If the line contains only space-separated alphanumeric - # characters (or underscore, asterisk, or, open bracket), - # and nothing else, high chance it's a declaration that - # continues on the next line - if re.search(r"^([\w\*\(]+\s+)+$", line): - previous_line += line - continue - - # If previous line seemed to start an unfinished declaration - # (as above), concat and treat them as one. - if previous_line: - line = previous_line.strip() + " " + line.strip() + "\n" - previous_line = "" - - # Skip parsing if line has a space in front = heuristic to - # skip function argument lines (highly subject to formatting - # changes) - if line[0] == " ": - continue - - identifier = identifier_regex.search(line) - - if not identifier: - continue - - # Find the group that matched, and append it - for group in identifier.groups(): - if not group: - continue - - identifiers.append(Match( - header_file, - line, - line_no, - identifier.span(), - group)) + self.parse_identifiers_in_file(header_file, identifiers) return identifiers From e833998b58f1af8c134c036e84ddf30a65f11eac Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 17 Nov 2021 20:00:13 +0100 Subject: [PATCH 012/107] Update comment Signed-off-by: Gilles Peskine --- include/mbedtls/ssl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index db519fa20ad..209dbf6053c 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1087,7 +1087,7 @@ struct mbedtls_ssl_config #endif /* - * Numerical settings (int then char) + * Numerical settings (int or larger) */ uint32_t read_timeout; /*!< timeout for mbedtls_ssl_read (ms) */ From c8fc67f3416cfd4f10d2d8f6685748556203ad3c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 17 Nov 2021 20:23:18 +0100 Subject: [PATCH 013/107] Simplify some regex definitions Use '|'.join([comma-separated list]) rather than r'...|' r'...|'. This way there's less risk of forgetting a '|'. Pylint will yell if we forget a comma between list elements. Use match rather than search + mandatory start anchor for EXCLUSION_LINES. Signed-off-by: Gilles Peskine --- tests/scripts/check_names.py | 32 +++++++++++++++----------------- 1 file changed, 15 insertions(+), 17 deletions(-) diff --git a/tests/scripts/check_names.py b/tests/scripts/check_names.py index 95dae3645f6..5c1cb81f2ca 100755 --- a/tests/scripts/check_names.py +++ b/tests/scripts/check_names.py @@ -457,32 +457,30 @@ def parse_enum_consts(self, include, exclude=None): return enum_consts - IDENTIFIER_REGEX = re.compile( + IDENTIFIER_REGEX = re.compile('|'.join([ # Match " something(a" or " *something(a". Functions. # Assumptions: # - function definition from return type to one of its arguments is # all on one line # - function definition line only contains alphanumeric, asterisk, # underscore, and open bracket - r".* \**(\w+) *\( *\w|" + r".* \**(\w+) *\( *\w", # Match "(*something)(". - r".*\( *\* *(\w+) *\) *\(|" + r".*\( *\* *(\w+) *\) *\(", # Match names of named data structures. - r"(?:typedef +)?(?:struct|union|enum) +(\w+)(?: *{)?$|" + r"(?:typedef +)?(?:struct|union|enum) +(\w+)(?: *{)?$", # Match names of typedef instances, after closing bracket. - r"}? *(\w+)[;[].*" - ) + r"}? *(\w+)[;[].*", + ])) # The regex below is indented for clarity. - EXCLUSION_LINES = re.compile( - r"^(" - r"extern +\"C\"|" # pylint: disable=bad-continuation - r"(typedef +)?(struct|union|enum)( *{)?$|" - r"} *;?$|" - r"$|" - r"//|" - r"#" - r")" - ) + EXCLUSION_LINES = re.compile("|".join([ + r"extern +\"C\"", + r"(typedef +)?(struct|union|enum)( *{)?$", + r"} *;?$", + r"$", + r"//", + r"#", + ])) def parse_identifiers_in_file(self, header_file, identifiers): """ @@ -515,7 +513,7 @@ def parse_identifiers_in_file(self, header_file, identifiers): in_block_comment = True line = line[:m.end(0)] - if self.EXCLUSION_LINES.search(line): + if self.EXCLUSION_LINES.match(line): previous_line = "" continue From df30665a161e26c5c12222ea4f80e78eb2b0e778 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 17 Nov 2021 20:32:31 +0100 Subject: [PATCH 014/107] Move comment and string literal processing to a new function No intended behavior change. Signed-off-by: Gilles Peskine --- tests/scripts/check_names.py | 45 +++++++++++++++++++++++++----------- 1 file changed, 32 insertions(+), 13 deletions(-) diff --git a/tests/scripts/check_names.py b/tests/scripts/check_names.py index 5c1cb81f2ca..acf60db46d7 100755 --- a/tests/scripts/check_names.py +++ b/tests/scripts/check_names.py @@ -457,6 +457,36 @@ def parse_enum_consts(self, include, exclude=None): return enum_consts + def strip_comments_and_literals(self, line, in_block_comment): + """Strip comments and string literals from line. + + Continuation lines are not supported. + + If in_block_comment is true, assume that the line starts inside a + block comment. + + Return updated values of (line, in_block_comment) where: + * Comments in line have been replaced by a space (or nothing at the + start or end of the line). + * String contents have been removed. + * in_block_comment indicates whether the line ends inside a block + comment that continues on the next line. + """ + # Terminate current comment? + if in_block_comment: + line = re.sub(r".*?\*/", r"", line, 1) + in_block_comment = False + # Remove full comments and string literals + line = re.sub(r'/\*.*?\*/|(")(?:[^\\\"]|\\.)*"', + lambda s: '""' if s.group(1) else ' ', + line) + # Start an unfinished comment? + m = re.match(r"/\*", line) + if m: + in_block_comment = True + line = line[:m.end(0)] + return line, in_block_comment + IDENTIFIER_REGEX = re.compile('|'.join([ # Match " something(a" or " *something(a". Functions. # Assumptions: @@ -499,19 +529,8 @@ def parse_identifiers_in_file(self, header_file, identifiers): previous_line = "" for line_no, line in enumerate(header): - # Terminate current comment? - if in_block_comment: - line = re.sub(r".*?\*/", r"", line, 1) - in_block_comment = False - # Remove full comments and string literals - line = re.sub(r'/\*.*?\*/|(")(?:[^\\\"]|\\.)*"', - lambda s: '""' if s.group(1) else ' ', - line) - # Start an unfinished comment? - m = re.match(r"/\*", line) - if m: - in_block_comment = True - line = line[:m.end(0)] + line, in_block_comment = \ + self.strip_comments_and_literals(line, in_block_comment) if self.EXCLUSION_LINES.match(line): previous_line = "" From 4f04d619b5eaacced2878d57cf335cd5275d88f8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 17 Nov 2021 20:39:56 +0100 Subject: [PATCH 015/107] Fix terminology in comment In computing, brackets are []. () are called parentheses. Signed-off-by: Gilles Peskine --- tests/scripts/check_names.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/check_names.py b/tests/scripts/check_names.py index acf60db46d7..e1341107a06 100755 --- a/tests/scripts/check_names.py +++ b/tests/scripts/check_names.py @@ -537,7 +537,7 @@ def parse_identifiers_in_file(self, header_file, identifiers): continue # If the line contains only space-separated alphanumeric - # characters (or underscore, asterisk, or, open bracket), + # characters (or underscore, asterisk, or open parenthesis), # and nothing else, high chance it's a declaration that # continues on the next line if re.search(r"^([\w\*\(]+\s+)+$", line): From 44801627d2a4dd5e7e86f6c164a65f950c667d9d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 17 Nov 2021 20:43:35 +0100 Subject: [PATCH 016/107] Improve comment and string stripping Make that part of the code more readable. Add support for // line comments. Signed-off-by: Gilles Peskine --- tests/scripts/check_names.py | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/tests/scripts/check_names.py b/tests/scripts/check_names.py index e1341107a06..588f72b6d01 100755 --- a/tests/scripts/check_names.py +++ b/tests/scripts/check_names.py @@ -457,6 +457,12 @@ def parse_enum_consts(self, include, exclude=None): return enum_consts + IGNORED_CHUNK_REGEX = re.compile('|'.join([ + r'/\*.*?\*/', # block comment entirely on one line + r'//.*', # line comment + r'(?P")(?:[^\\\"]|\\.)*"', # string literal + ])) + def strip_comments_and_literals(self, line, in_block_comment): """Strip comments and string literals from line. @@ -476,15 +482,21 @@ def strip_comments_and_literals(self, line, in_block_comment): if in_block_comment: line = re.sub(r".*?\*/", r"", line, 1) in_block_comment = False - # Remove full comments and string literals - line = re.sub(r'/\*.*?\*/|(")(?:[^\\\"]|\\.)*"', - lambda s: '""' if s.group(1) else ' ', + + # Remove full comments and string literals. + # Do it all together to handle cases like "/*" correctly. + # Note that continuation lines are not supported. + line = re.sub(self.IGNORED_CHUNK_REGEX, + lambda s: '""' if s.group('string') else ' ', line) + # Start an unfinished comment? + # (If `/*` was part of a complete comment, it's already been removed.) m = re.match(r"/\*", line) if m: in_block_comment = True line = line[:m.end(0)] + return line, in_block_comment IDENTIFIER_REGEX = re.compile('|'.join([ From 23b4096ecfb909ba53d7a81cd635aa729d9760bd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 17 Nov 2021 20:45:39 +0100 Subject: [PATCH 017/107] Fix several bugs with multiline comments Empty the current line if it's entirely inside a comment. Don't incorrectly end a block comment at the second line if it doesn't contain `*/`. Recognize `/*` to start a multiline comment even if it isn't at the start of the line. When stripping off comments, consistently strip off `/*` and `*/`. Signed-off-by: Gilles Peskine --- tests/scripts/check_names.py | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/tests/scripts/check_names.py b/tests/scripts/check_names.py index 588f72b6d01..f4af4c4dddc 100755 --- a/tests/scripts/check_names.py +++ b/tests/scripts/check_names.py @@ -478,10 +478,15 @@ def strip_comments_and_literals(self, line, in_block_comment): * in_block_comment indicates whether the line ends inside a block comment that continues on the next line. """ - # Terminate current comment? + + # Terminate current multiline comment? if in_block_comment: - line = re.sub(r".*?\*/", r"", line, 1) - in_block_comment = False + m = re.search(r"\*/", line) + if m: + in_block_comment = False + line = line[m.end(0):] + else: + return '', True # Remove full comments and string literals. # Do it all together to handle cases like "/*" correctly. @@ -492,10 +497,10 @@ def strip_comments_and_literals(self, line, in_block_comment): # Start an unfinished comment? # (If `/*` was part of a complete comment, it's already been removed.) - m = re.match(r"/\*", line) + m = re.search(r"/\*", line) if m: in_block_comment = True - line = line[:m.end(0)] + line = line[:m.start(0)] return line, in_block_comment From 9501bd7d6e3e796b79ba154f56680b13ef8bfe29 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 25 Nov 2021 20:30:47 +0100 Subject: [PATCH 018/107] Make PSA headers more self-contained Several files among include/psa/crypto_*.h are not meant to be included directly, and are not guaranteed to be valid if included directly. This makes it harder to perform some static analyses. So make these files more self-contained so that at least, if included on their own, there is no missing macro or type definition (excluding the deliberate use of forward declarations of structs and unions). Signed-off-by: Gilles Peskine --- include/psa/crypto_driver_common.h | 3 +++ include/psa/crypto_extra.h | 1 + include/psa/crypto_struct.h | 2 +- 3 files changed, 5 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto_driver_common.h b/include/psa/crypto_driver_common.h index 1b6f3225678..26363c6b2f3 100644 --- a/include/psa/crypto_driver_common.h +++ b/include/psa/crypto_driver_common.h @@ -42,6 +42,9 @@ * of these types. */ #include "crypto_types.h" #include "crypto_values.h" +/* Include size definitions which are used to size some arrays in operation + * structures. */ +#include /** For encrypt-decrypt functions, whether the operation is an encryption * or a decryption. */ diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 1310bb5769d..3ee0482cbda 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -30,6 +30,7 @@ #include "mbedtls/platform_util.h" +#include "crypto_types.h" #include "crypto_compat.h" #ifdef __cplusplus diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index f08fdc8bd1a..23a02a5d8ef 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -184,7 +184,7 @@ typedef struct unsigned int info_set : 1; uint8_t output_block[PSA_HASH_MAX_SIZE]; uint8_t prk[PSA_HASH_MAX_SIZE]; - psa_mac_operation_t hmac; + struct psa_mac_operation_s hmac; } psa_hkdf_key_derivation_t; #endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */ From a2dbe66770b24cb6450c22e3cf8c42d22523813c Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 1 Jul 2021 11:24:02 +0200 Subject: [PATCH 019/107] tests: psa: driver: mac: Remove opaque entry points in library Opaque test entry points will be implemented only in test code. Signed-off-by: Ronald Cron --- library/psa_crypto_mac.c | 102 ---------------------------- library/psa_crypto_mac.h | 44 ------------ tests/src/drivers/test_driver_mac.c | 59 ++++++++++------ 3 files changed, 37 insertions(+), 168 deletions(-) diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c index 7e0a8325df1..cf2f07280bd 100644 --- a/library/psa_crypto_mac.c +++ b/library/psa_crypto_mac.c @@ -667,108 +667,6 @@ psa_status_t mbedtls_transparent_test_driver_mac_abort( return( mac_abort( operation ) ); } -psa_status_t mbedtls_opaque_test_driver_mac_compute( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ) -{ - /* Opaque driver testing is not implemented yet through this mechanism. */ - (void) attributes; - (void) key_buffer; - (void) key_buffer_size; - (void) alg; - (void) input; - (void) input_length; - (void) mac; - (void) mac_size; - (void) mac_length; - return( PSA_ERROR_NOT_SUPPORTED ); -} - -psa_status_t mbedtls_opaque_test_driver_mac_sign_setup( - mbedtls_opaque_test_driver_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg ) -{ - /* Opaque driver testing is not implemented yet through this mechanism. */ - (void) operation; - (void) attributes; - (void) key_buffer; - (void) key_buffer_size; - (void) alg; - return( PSA_ERROR_NOT_SUPPORTED ); -} - -psa_status_t mbedtls_opaque_test_driver_mac_verify_setup( - mbedtls_opaque_test_driver_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg ) -{ - /* Opaque driver testing is not implemented yet through this mechanism. */ - (void) operation; - (void) attributes; - (void) key_buffer; - (void) key_buffer_size; - (void) alg; - return( PSA_ERROR_NOT_SUPPORTED ); -} - -psa_status_t mbedtls_opaque_test_driver_mac_update( - mbedtls_opaque_test_driver_mac_operation_t *operation, - const uint8_t *input, - size_t input_length ) -{ - /* Opaque driver testing is not implemented yet through this mechanism. */ - (void) operation; - (void) input; - (void) input_length; - return( PSA_ERROR_NOT_SUPPORTED ); -} - -psa_status_t mbedtls_opaque_test_driver_mac_sign_finish( - mbedtls_opaque_test_driver_mac_operation_t *operation, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ) -{ - /* Opaque driver testing is not implemented yet through this mechanism. */ - (void) operation; - (void) mac; - (void) mac_size; - (void) mac_length; - return( PSA_ERROR_NOT_SUPPORTED ); -} - -psa_status_t mbedtls_opaque_test_driver_mac_verify_finish( - mbedtls_opaque_test_driver_mac_operation_t *operation, - const uint8_t *mac, - size_t mac_length ) -{ - /* Opaque driver testing is not implemented yet through this mechanism. */ - (void) operation; - (void) mac; - (void) mac_length; - return( PSA_ERROR_NOT_SUPPORTED ); -} - -psa_status_t mbedtls_opaque_test_driver_mac_abort( - mbedtls_opaque_test_driver_mac_operation_t *operation ) -{ - /* Opaque driver testing is not implemented yet through this mechanism. */ - (void) operation; - return( PSA_ERROR_NOT_SUPPORTED ); -} - #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_mac.h b/library/psa_crypto_mac.h index 9b81e73e028..c0948dc2379 100644 --- a/library/psa_crypto_mac.h +++ b/library/psa_crypto_mac.h @@ -323,50 +323,6 @@ psa_status_t mbedtls_transparent_test_driver_mac_verify_finish( psa_status_t mbedtls_transparent_test_driver_mac_abort( mbedtls_transparent_test_driver_mac_operation_t *operation ); -psa_status_t mbedtls_opaque_test_driver_mac_compute( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ); - -psa_status_t mbedtls_opaque_test_driver_mac_sign_setup( - mbedtls_opaque_test_driver_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg ); - -psa_status_t mbedtls_opaque_test_driver_mac_verify_setup( - mbedtls_opaque_test_driver_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg ); - -psa_status_t mbedtls_opaque_test_driver_mac_update( - mbedtls_opaque_test_driver_mac_operation_t *operation, - const uint8_t *input, - size_t input_length ); - -psa_status_t mbedtls_opaque_test_driver_mac_sign_finish( - mbedtls_opaque_test_driver_mac_operation_t *operation, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ); - -psa_status_t mbedtls_opaque_test_driver_mac_verify_finish( - mbedtls_opaque_test_driver_mac_operation_t *operation, - const uint8_t *mac, - size_t mac_length ); - -psa_status_t mbedtls_opaque_test_driver_mac_abort( - mbedtls_opaque_test_driver_mac_operation_t *operation ); - #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_MAC_H */ diff --git a/tests/src/drivers/test_driver_mac.c b/tests/src/drivers/test_driver_mac.c index 69af107809f..2294ecf64f2 100644 --- a/tests/src/drivers/test_driver_mac.c +++ b/tests/src/drivers/test_driver_mac.c @@ -215,11 +215,16 @@ psa_status_t mbedtls_test_opaque_mac_compute( } else { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_opaque_test_driver_mac_compute( - attributes, key_buffer, key_buffer_size, alg, - input, input_length, - mac, mac_size, mac_length ); + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + (void) input; + (void) input_length; + (void) mac; + (void) mac_size; + (void) mac_length; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; } return( mbedtls_test_driver_mac_hooks.driver_status ); @@ -241,9 +246,12 @@ psa_status_t mbedtls_test_opaque_mac_sign_setup( } else { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_opaque_test_driver_mac_sign_setup( - operation, attributes, key_buffer, key_buffer_size, alg ); + (void) operation; + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; } return( mbedtls_test_driver_mac_hooks.driver_status ); @@ -265,9 +273,12 @@ psa_status_t mbedtls_test_opaque_mac_verify_setup( } else { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_opaque_test_driver_mac_verify_setup( - operation, attributes, key_buffer, key_buffer_size, alg ); + (void) operation; + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; } return( mbedtls_test_driver_mac_hooks.driver_status ); @@ -287,9 +298,10 @@ psa_status_t mbedtls_test_opaque_mac_update( } else { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_opaque_test_driver_mac_update( - operation, input, input_length ); + (void) operation; + (void) input; + (void) input_length; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; } return( mbedtls_test_driver_mac_hooks.driver_status ); @@ -310,9 +322,11 @@ psa_status_t mbedtls_test_opaque_mac_sign_finish( } else { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_opaque_test_driver_mac_sign_finish( - operation, mac, mac_size, mac_length ); + (void) operation; + (void) mac; + (void) mac_size; + (void) mac_length; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; } return( mbedtls_test_driver_mac_hooks.driver_status ); @@ -332,9 +346,10 @@ psa_status_t mbedtls_test_opaque_mac_verify_finish( } else { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_opaque_test_driver_mac_verify_finish( - operation, mac, mac_length ); + (void) operation; + (void) mac; + (void) mac_length; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; } return( mbedtls_test_driver_mac_hooks.driver_status ); @@ -352,8 +367,8 @@ psa_status_t mbedtls_test_opaque_mac_abort( } else { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_opaque_test_driver_mac_abort( operation ); + (void) operation; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; } return( mbedtls_test_driver_mac_hooks.driver_status ); From 4bcccc6956e03414339432492420038ac5e8e742 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 9 Apr 2021 15:32:03 +0200 Subject: [PATCH 020/107] tests: psa driver: Align RSA/ECP sign/verify hash dispatch Align RSA/ECP sign/verify hash dispatch with the corresponding code of the library. The library code was modified recently but not the test code one and these modifications ease the following work. Signed-off-by: Ronald Cron --- library/psa_crypto.c | 6 +- tests/src/drivers/test_driver_signature.c | 128 +++++++++++----------- 2 files changed, 67 insertions(+), 67 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 5aed671811d..ffe00c7875d 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2948,8 +2948,7 @@ psa_status_t psa_sign_hash_builtin( return( PSA_ERROR_INVALID_ARGUMENT ); } } - else - if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) ) + else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) ) { if( PSA_ALG_IS_ECDSA( alg ) ) { @@ -3019,8 +3018,7 @@ psa_status_t psa_verify_hash_builtin( return( PSA_ERROR_INVALID_ARGUMENT ); } } - else - if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) ) + else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) ) { if( PSA_ALG_IS_ECDSA( alg ) ) { diff --git a/tests/src/drivers/test_driver_signature.c b/tests/src/drivers/test_driver_signature.c index 14de8318e92..2e43270e53a 100644 --- a/tests/src/drivers/test_driver_signature.c +++ b/tests/src/drivers/test_driver_signature.c @@ -58,58 +58,56 @@ psa_status_t sign_hash( size_t signature_size, size_t *signature_length ) { -#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) if( attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR ) { - return( mbedtls_transparent_test_driver_rsa_sign_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ) ); - } - else + if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) || + PSA_ALG_IS_RSA_PSS( alg) ) + { +#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) + return( mbedtls_transparent_test_driver_rsa_sign_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length ) ); #endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */ - -#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) - if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) ) + } + else + { + return( PSA_ERROR_INVALID_ARGUMENT ); + } + } + else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) ) { - if( -#if defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) - PSA_ALG_IS_ECDSA( alg ) -#else - PSA_ALG_IS_RANDOMIZED_ECDSA( alg ) -#endif - ) + if( PSA_ALG_IS_ECDSA( alg ) ) { +#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) return( mbedtls_transparent_test_driver_ecdsa_sign_hash( attributes, key_buffer, key_buffer_size, alg, hash, hash_length, signature, signature_size, signature_length ) ); +#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || + * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */ } else { return( PSA_ERROR_INVALID_ARGUMENT ); } } - else -#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || - * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */ - { - (void)attributes; - (void)key_buffer; - (void)key_buffer_size; - (void)alg; - (void)hash; - (void)hash_length; - (void)signature; - (void)signature_size; - (void)signature_length; - return( PSA_ERROR_NOT_SUPPORTED ); - } + + (void)attributes; + (void)key_buffer; + (void)key_buffer_size; + (void)alg; + (void)hash; + (void)hash_length; + (void)signature; + (void)signature_size; + (void)signature_length; + return( PSA_ERROR_NOT_SUPPORTED ); } psa_status_t verify_hash( @@ -122,52 +120,56 @@ psa_status_t verify_hash( const uint8_t *signature, size_t signature_length ) { -#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) if( PSA_KEY_TYPE_IS_RSA( attributes->core.type ) ) { - return( mbedtls_transparent_test_driver_rsa_verify_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ) ); - } - else + if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) || + PSA_ALG_IS_RSA_PSS( alg) ) + { +#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) + return( mbedtls_transparent_test_driver_rsa_verify_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length ) ); #endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */ - -#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) - if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) ) + } + else + { + return( PSA_ERROR_INVALID_ARGUMENT ); + } + } + else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) ) { if( PSA_ALG_IS_ECDSA( alg ) ) { +#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) return( mbedtls_transparent_test_driver_ecdsa_verify_hash( attributes, key_buffer, key_buffer_size, alg, hash, hash_length, signature, signature_length ) ); +#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || + * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */ } else { return( PSA_ERROR_INVALID_ARGUMENT ); } } - else -#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || - * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */ - { - (void)attributes; - (void)key_buffer; - (void)key_buffer_size; - (void)alg; - (void)hash; - (void)hash_length; - (void)signature; - (void)signature_length; - - return( PSA_ERROR_NOT_SUPPORTED ); - } + + (void)attributes; + (void)key_buffer; + (void)key_buffer_size; + (void)alg; + (void)hash; + (void)hash_length; + (void)signature; + (void)signature_length; + + return( PSA_ERROR_NOT_SUPPORTED ); } psa_status_t mbedtls_test_transparent_signature_sign_message( From f7e83d5bfbb1bb4a5119c1dfd618778c56ceb657 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 30 Mar 2021 14:57:04 +0200 Subject: [PATCH 021/107] tests: psa: Remove wrong test function dependencies Signed-off-by: Ronald Cron --- tests/suites/test_suite_psa_crypto_driver_wrappers.function | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 6d78ad51a07..ddbb0185f6c 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -312,7 +312,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256 */ +/* BEGIN_CASE */ void validate_key( int force_status_arg, int key_type_arg, data_t *key_input, @@ -348,7 +348,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256 */ +/* BEGIN_CASE */ void export_key( int force_status_arg, data_t *fake_output, int key_in_type_arg, From ae2e4a72253c7cebc1674820aeb4de8fc1b3b215 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 8 Sep 2021 17:24:25 +0200 Subject: [PATCH 022/107] tests: Fix x509parse test dependency Signed-off-by: Ronald Cron --- tests/suites/test_suite_x509parse.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index f60a46b8b28..7ac91f641cc 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -211,7 +211,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD2_C:MBEDTLS_RSA_C mbedtls_x509_crl_info:"data_files/crl_md2.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2009-07-19 19\:56\:37\nnext update \: 2009-09-17 19\:56\:37\nRevoked certificates\:\nserial number\: 01 revocation date\: 2009-02-09 21\:12\:36\nserial number\: 03 revocation date\: 2009-02-09 21\:12\:36\nsigned using \: RSA with MD2\n" X509 CRL Information MD4 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C:MBEDTLS_RSA_C mbedtls_x509_crl_info:"data_files/crl_md4.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with MD4\n" X509 CRL Information MD5 Digest From 92becc665981f8e525e0f75c7611c9150f848431 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 18 Oct 2021 10:18:46 +0200 Subject: [PATCH 023/107] tests: ssl: Add misssing dependencies on SHA-1 Signed-off-by: Ronald Cron --- tests/suites/test_suite_ssl.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index e9501e4d620..fe7d978257d 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -236,7 +236,7 @@ depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_CIPHER_MODE_CBC:MB handshake_cipher:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:0 Handshake, PSK-WITH-AES-128-CBC-SHA -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C handshake_psk_cipher:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_PK_RSA:"abc123":0 DTLS Handshake, tls1_1 @@ -268,7 +268,7 @@ depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_CIPHER_MODE_CBC:MB handshake_cipher:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:1 DTLS Handshake, PSK-WITH-AES-128-CBC-SHA -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SHA1_C handshake_psk_cipher:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_PK_RSA:"abc123":1 DTLS Handshake with serialization, tls1_2 From a23d9bb97db90d4a2c561e796ff2a783d53e0d13 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 18 Oct 2021 10:30:43 +0200 Subject: [PATCH 024/107] tests: psa: Fix MD5 support not available dependencies MD5 should not be supported by the library and any driver. Signed-off-by: Ronald Cron --- tests/suites/test_suite_psa_crypto.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 87b271f33d0..46309a7d296 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1252,11 +1252,11 @@ depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_HMAC mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT PSA MAC setup: algorithm known but not supported, long key -depends_on:!MBEDTLS_MD5_C +depends_on:!PSA_WANT_ALG_MD5 mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED PSA MAC setup: algorithm known but not supported, short key -depends_on:!MBEDTLS_MD5_C +depends_on:!PSA_WANT_ALG_MD5 mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED PSA MAC: bad order function calls From 41f275018a32d82b8dc044ad84297747303b1d6e Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 30 Mar 2021 16:08:38 +0200 Subject: [PATCH 025/107] tests: psa: Fix the dependencies on some driver wrappers fallback tests The driver wrappers fallback tests depend on the builtin support not builtin or driver. Signed-off-by: Ronald Cron --- .../test_suite_psa_crypto_driver_wrappers.data | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/tests/suites/test_suite_psa_crypto_driver_wrappers.data index ead7a699d2f..ea6c9b32c4c 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.data +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.data @@ -90,11 +90,11 @@ depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_ validate_key:PSA_SUCCESS:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS validate key through transparent driver: fallback private key -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 validate_key:PSA_ERROR_NOT_SUPPORTED:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_SUCCESS validate key through transparent driver: fallback public key -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 validate_key:PSA_ERROR_NOT_SUPPORTED:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS validate key through transparent driver: error @@ -110,7 +110,7 @@ depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDT export_key:PSA_SUCCESS:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_SUCCESS export_key private to public through driver: fallback -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 export_key:PSA_ERROR_NOT_SUPPORTED:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_SUCCESS export_key private to public through driver: error @@ -126,11 +126,11 @@ depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317" PSA symmetric encrypt validation: AES-CTR, 16 bytes, fallback -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER +depends_on:MBEDTLS_PSA_BUILTIN_ALG_CTR:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" PSA symmetric encrypt validation: AES-CTR, 15 bytes, fallback -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER +depends_on:MBEDTLS_PSA_BUILTIN_ALG_CTR:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317" PSA symmetric encrypt multipart: AES-CTR, 16 bytes, good @@ -162,7 +162,7 @@ depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric decrypt: AES-CTR, 16 bytes, fallback -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER +depends_on:MBEDTLS_PSA_BUILTIN_ALG_CTR:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS PSA symmetric decrypt: AES-CTR, 16 bytes, fake From fefa4580a584298b6d05d0d410e1c65320163277 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 6 Jul 2021 09:23:06 +0200 Subject: [PATCH 026/107] tests: psa: Fix guards Signed-off-by: Ronald Cron --- tests/src/psa_exercise_key.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/src/psa_exercise_key.c b/tests/src/psa_exercise_key.c index fc58fbd4890..de2c48d6da2 100644 --- a/tests/src/psa_exercise_key.c +++ b/tests/src/psa_exercise_key.c @@ -643,7 +643,7 @@ int mbedtls_test_psa_exported_key_sanity_check( TEST_EQUAL( exported_length, PSA_BITS_TO_BYTES( bits ) ); else -#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) +#if defined(MBEDTLS_ASN1_PARSE_C) if( type == PSA_KEY_TYPE_RSA_KEY_PAIR ) { uint8_t *p = (uint8_t*) exported; @@ -690,7 +690,7 @@ int mbedtls_test_psa_exported_key_sanity_check( TEST_ASSERT( exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE ); } else -#endif /* MBEDTLS_RSA_C */ +#endif /* MBEDTLS_ASN1_PARSE_C */ #if defined(MBEDTLS_ECP_C) if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) ) @@ -703,7 +703,7 @@ int mbedtls_test_psa_exported_key_sanity_check( else #endif /* MBEDTLS_ECP_C */ -#if defined(MBEDTLS_RSA_C) +#if defined(MBEDTLS_ASN1_PARSE_C) if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ) { uint8_t *p = (uint8_t*) exported; @@ -731,7 +731,7 @@ int mbedtls_test_psa_exported_key_sanity_check( PSA_EXPORT_PUBLIC_KEY_MAX_SIZE ); } else -#endif /* MBEDTLS_RSA_C */ +#endif /* MBEDTLS_ASN1_PARSE_C */ #if defined(MBEDTLS_ECP_C) if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ) ) From 0c677c287b955faca4fc6431d15e24843792d01f Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 9 Apr 2021 17:15:06 +0200 Subject: [PATCH 027/107] psa: Fix hash and mac operation type The test entry points defined in psa_crypto_hash.c and psa_crypto_mac.c are supposed to be exact clones of the Mbed TLS driver entry points. Thus the operation type should be the Mbed TLS operation type not a test one. There was no compilation error as the hash and cipher operation test types are currently equal to the Mbed TLS ones. Signed-off-by: Ronald Cron --- library/psa_crypto_hash.c | 12 ++++++------ library/psa_crypto_hash.h | 12 ++++++------ library/psa_crypto_mac.c | 12 ++++++------ library/psa_crypto_mac.h | 12 ++++++------ 4 files changed, 24 insertions(+), 24 deletions(-) diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index a49edd89ea1..6ef6b0709a5 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -644,7 +644,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_compute( } psa_status_t mbedtls_transparent_test_driver_hash_setup( - mbedtls_transparent_test_driver_hash_operation_t *operation, + mbedtls_psa_hash_operation_t *operation, psa_algorithm_t alg ) { if( is_hash_accelerated( alg ) ) @@ -654,8 +654,8 @@ psa_status_t mbedtls_transparent_test_driver_hash_setup( } psa_status_t mbedtls_transparent_test_driver_hash_clone( - const mbedtls_transparent_test_driver_hash_operation_t *source_operation, - mbedtls_transparent_test_driver_hash_operation_t *target_operation ) + const mbedtls_psa_hash_operation_t *source_operation, + mbedtls_psa_hash_operation_t *target_operation ) { if( is_hash_accelerated( source_operation->alg ) ) return( hash_clone( source_operation, target_operation ) ); @@ -664,7 +664,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_clone( } psa_status_t mbedtls_transparent_test_driver_hash_update( - mbedtls_transparent_test_driver_hash_operation_t *operation, + mbedtls_psa_hash_operation_t *operation, const uint8_t *input, size_t input_length ) { @@ -675,7 +675,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_update( } psa_status_t mbedtls_transparent_test_driver_hash_finish( - mbedtls_transparent_test_driver_hash_operation_t *operation, + mbedtls_psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, size_t *hash_length ) @@ -687,7 +687,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_finish( } psa_status_t mbedtls_transparent_test_driver_hash_abort( - mbedtls_transparent_test_driver_hash_operation_t *operation ) + mbedtls_psa_hash_operation_t *operation ) { return( hash_abort( operation ) ); } diff --git a/library/psa_crypto_hash.h b/library/psa_crypto_hash.h index eb705129525..e21905c0b8f 100644 --- a/library/psa_crypto_hash.h +++ b/library/psa_crypto_hash.h @@ -246,26 +246,26 @@ psa_status_t mbedtls_transparent_test_driver_hash_compute( size_t *hash_length); psa_status_t mbedtls_transparent_test_driver_hash_setup( - mbedtls_transparent_test_driver_hash_operation_t *operation, + mbedtls_psa_hash_operation_t *operation, psa_algorithm_t alg ); psa_status_t mbedtls_transparent_test_driver_hash_clone( - const mbedtls_transparent_test_driver_hash_operation_t *source_operation, - mbedtls_transparent_test_driver_hash_operation_t *target_operation ); + const mbedtls_psa_hash_operation_t *source_operation, + mbedtls_psa_hash_operation_t *target_operation ); psa_status_t mbedtls_transparent_test_driver_hash_update( - mbedtls_transparent_test_driver_hash_operation_t *operation, + mbedtls_psa_hash_operation_t *operation, const uint8_t *input, size_t input_length ); psa_status_t mbedtls_transparent_test_driver_hash_finish( - mbedtls_transparent_test_driver_hash_operation_t *operation, + mbedtls_psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, size_t *hash_length ); psa_status_t mbedtls_transparent_test_driver_hash_abort( - mbedtls_transparent_test_driver_hash_operation_t *operation ); + mbedtls_psa_hash_operation_t *operation ); #endif /* PSA_CRYPTO_DRIVER_TEST */ diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c index cf2f07280bd..19671ec8acd 100644 --- a/library/psa_crypto_mac.c +++ b/library/psa_crypto_mac.c @@ -600,7 +600,7 @@ psa_status_t mbedtls_transparent_test_driver_mac_compute( } psa_status_t mbedtls_transparent_test_driver_mac_sign_setup( - mbedtls_transparent_test_driver_mac_operation_t *operation, + mbedtls_psa_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -614,7 +614,7 @@ psa_status_t mbedtls_transparent_test_driver_mac_sign_setup( } psa_status_t mbedtls_transparent_test_driver_mac_verify_setup( - mbedtls_transparent_test_driver_mac_operation_t *operation, + mbedtls_psa_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -628,7 +628,7 @@ psa_status_t mbedtls_transparent_test_driver_mac_verify_setup( } psa_status_t mbedtls_transparent_test_driver_mac_update( - mbedtls_transparent_test_driver_mac_operation_t *operation, + mbedtls_psa_mac_operation_t *operation, const uint8_t *input, size_t input_length ) { @@ -639,7 +639,7 @@ psa_status_t mbedtls_transparent_test_driver_mac_update( } psa_status_t mbedtls_transparent_test_driver_mac_sign_finish( - mbedtls_transparent_test_driver_mac_operation_t *operation, + mbedtls_psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, size_t *mac_length ) @@ -651,7 +651,7 @@ psa_status_t mbedtls_transparent_test_driver_mac_sign_finish( } psa_status_t mbedtls_transparent_test_driver_mac_verify_finish( - mbedtls_transparent_test_driver_mac_operation_t *operation, + mbedtls_psa_mac_operation_t *operation, const uint8_t *mac, size_t mac_length ) { @@ -662,7 +662,7 @@ psa_status_t mbedtls_transparent_test_driver_mac_verify_finish( } psa_status_t mbedtls_transparent_test_driver_mac_abort( - mbedtls_transparent_test_driver_mac_operation_t *operation ) + mbedtls_psa_mac_operation_t *operation ) { return( mac_abort( operation ) ); } diff --git a/library/psa_crypto_mac.h b/library/psa_crypto_mac.h index c0948dc2379..ba32954a722 100644 --- a/library/psa_crypto_mac.h +++ b/library/psa_crypto_mac.h @@ -291,37 +291,37 @@ psa_status_t mbedtls_transparent_test_driver_mac_compute( size_t *mac_length ); psa_status_t mbedtls_transparent_test_driver_mac_sign_setup( - mbedtls_transparent_test_driver_mac_operation_t *operation, + mbedtls_psa_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg ); psa_status_t mbedtls_transparent_test_driver_mac_verify_setup( - mbedtls_transparent_test_driver_mac_operation_t *operation, + mbedtls_psa_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg ); psa_status_t mbedtls_transparent_test_driver_mac_update( - mbedtls_transparent_test_driver_mac_operation_t *operation, + mbedtls_psa_mac_operation_t *operation, const uint8_t *input, size_t input_length ); psa_status_t mbedtls_transparent_test_driver_mac_sign_finish( - mbedtls_transparent_test_driver_mac_operation_t *operation, + mbedtls_psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, size_t *mac_length ); psa_status_t mbedtls_transparent_test_driver_mac_verify_finish( - mbedtls_transparent_test_driver_mac_operation_t *operation, + mbedtls_psa_mac_operation_t *operation, const uint8_t *mac, size_t mac_length ); psa_status_t mbedtls_transparent_test_driver_mac_abort( - mbedtls_transparent_test_driver_mac_operation_t *operation ); + mbedtls_psa_mac_operation_t *operation ); #endif /* PSA_CRYPTO_DRIVER_TEST */ From 0859fe20f614c0da178987ca17b4c272c696483b Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 18 Oct 2021 09:10:31 +0200 Subject: [PATCH 028/107] psa: Fix hash max sizes The PSA max hash size has to be 64 if SHA512 or SHA384 is supported by the library or an accelerator, not just in case of the library. Signed-off-by: Ronald Cron --- include/psa/crypto_sizes.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 2df315ccaba..e2ae5965d4f 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -129,7 +129,7 @@ /* Note: for HMAC-SHA-3, the block size is 144 bytes for HMAC-SHA3-226, * 136 bytes for HMAC-SHA3-256, 104 bytes for SHA3-384, 72 bytes for * HMAC-SHA3-512. */ -#if defined(MBEDTLS_SHA512_C) +#if defined(PSA_WANT_ALG_SHA_512) || defined(PSA_WANT_ALG_SHA_384) #define PSA_HASH_MAX_SIZE 64 #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128 #else From 3a95d2b530f72c63946b2039ed5a653f06a376fe Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 18 Oct 2021 09:47:58 +0200 Subject: [PATCH 029/107] psa: Fix the size of hash buffers Fix the size of hash buffers for PSA hash operations. Signed-off-by: Ronald Cron --- library/psa_crypto.c | 4 ++-- library/psa_crypto_mac.c | 2 +- library/ssl_cli.c | 7 ++++++- library/ssl_srv.c | 4 ++++ library/ssl_tls.c | 2 +- 5 files changed, 14 insertions(+), 5 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ffe00c7875d..8e61b51ee76 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2232,7 +2232,7 @@ psa_status_t psa_hash_verify( psa_hash_operation_t *operation, const uint8_t *hash, size_t hash_length ) { - uint8_t actual_hash[MBEDTLS_MD_MAX_SIZE]; + uint8_t actual_hash[PSA_HASH_MAX_SIZE]; size_t actual_hash_length; psa_status_t status = psa_hash_finish( operation, @@ -2275,7 +2275,7 @@ psa_status_t psa_hash_compare( psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *hash, size_t hash_length ) { - uint8_t actual_hash[MBEDTLS_MD_MAX_SIZE]; + uint8_t actual_hash[PSA_HASH_MAX_SIZE]; size_t actual_hash_length; if( !PSA_ALG_IS_HASH( alg ) ) diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c index 19671ec8acd..cf20a9b63c6 100644 --- a/library/psa_crypto_mac.c +++ b/library/psa_crypto_mac.c @@ -127,7 +127,7 @@ static psa_status_t psa_hmac_finish_internal( uint8_t *mac, size_t mac_size ) { - uint8_t tmp[MBEDTLS_MD_MAX_SIZE]; + uint8_t tmp[PSA_HASH_MAX_SIZE]; psa_algorithm_t hash_alg = hmac->alg; size_t hash_size = 0; size_t block_size = PSA_HASH_BLOCK_LENGTH( hash_alg ); diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 0e802e9ddb0..b87879ce6a6 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -37,6 +37,7 @@ #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "mbedtls/psa_util.h" +#include "psa/crypto.h" #endif /* MBEDTLS_USE_PSA_CRYPTO */ #include @@ -3242,7 +3243,11 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl ) if( mbedtls_ssl_ciphersuite_uses_server_signature( ciphersuite_info ) ) { size_t sig_len, hashlen; - unsigned char hash[64]; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + unsigned char hash[PSA_HASH_MAX_SIZE]; +#else + unsigned char hash[MBEDTLS_MD_MAX_SIZE]; +#endif mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE; mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE; unsigned char *params = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); diff --git a/library/ssl_srv.c b/library/ssl_srv.c index d9f226cd194..1a63173204f 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -3467,7 +3467,11 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, { size_t dig_signed_len = ssl->out_msg + ssl->out_msglen - dig_signed; size_t hashlen = 0; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + unsigned char hash[PSA_HASH_MAX_SIZE]; +#else unsigned char hash[MBEDTLS_MD_MAX_SIZE]; +#endif int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 8195af2f935..9757f86c2c2 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -7529,7 +7529,7 @@ int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl, goto exit; } - if( ( status = psa_hash_finish( &hash_operation, hash, MBEDTLS_MD_MAX_SIZE, + if( ( status = psa_hash_finish( &hash_operation, hash, PSA_HASH_MAX_SIZE, hashlen ) ) != PSA_SUCCESS ) { MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_finish", status ); From 2091eed60991c1b6166bb98d2aa40da4e02b0391 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 9 Apr 2021 11:09:54 +0200 Subject: [PATCH 030/107] psa: driver: Reduce the scope of test driver entry points Define test driver entry points that provide an alternative to Mbed TLS driver entry points only when the PSA configuration is used. Their purpose is only to test the PSA configuration thus there is no good reason to use them out of this scope. Signed-off-by: Ronald Cron --- library/psa_crypto_cipher.c | 22 ++- library/psa_crypto_cipher.h | 4 +- library/psa_crypto_ecp.c | 12 +- library/psa_crypto_ecp.h | 4 +- library/psa_crypto_hash.c | 44 +++-- library/psa_crypto_hash.h | 4 +- library/psa_crypto_mac.c | 12 +- library/psa_crypto_mac.h | 4 +- library/psa_crypto_rsa.c | 12 +- library/psa_crypto_rsa.h | 4 +- tests/src/drivers/hash.c | 62 +++++++ tests/src/drivers/test_driver_cipher.c | 65 ++++++- .../src/drivers/test_driver_key_management.c | 161 ++++++++++-------- tests/src/drivers/test_driver_mac.c | 87 ++++++++++ tests/src/drivers/test_driver_signature.c | 95 ++++++++--- 15 files changed, 453 insertions(+), 139 deletions(-) diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index 713c3d17d19..12e52fa42ce 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -32,25 +32,29 @@ #include #if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES) ) ) #define BUILTIN_KEY_TYPE_DES 1 #endif #if ( defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) ) ) #define BUILTIN_ALG_CBC_NO_PADDING 1 #endif #if ( defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7) ) ) #define BUILTIN_ALG_CBC_PKCS7 1 #endif #if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20) ) ) #define BUILTIN_KEY_TYPE_CHACHA20 1 #endif @@ -150,7 +154,8 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( (int) key_bits, mode ) ); } -#if defined(MBEDTLS_PSA_BUILTIN_CIPHER) || defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(MBEDTLS_PSA_BUILTIN_CIPHER) || \ + ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) ) static psa_status_t cipher_setup( mbedtls_psa_cipher_operation_t *operation, @@ -569,7 +574,8 @@ static psa_status_t cipher_decrypt( const psa_key_attributes_t *attributes, cipher_abort( &operation ); return( status ); } -#endif /* MBEDTLS_PSA_BUILTIN_CIPHER || PSA_CRYPTO_DRIVER_TEST */ +#endif /* MBEDTLS_PSA_BUILTIN_CIPHER || + (PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG) */ #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) psa_status_t mbedtls_psa_cipher_encrypt_setup( @@ -658,7 +664,7 @@ psa_status_t mbedtls_psa_cipher_decrypt( const psa_key_attributes_t *attributes, * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. */ -#if defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) psa_status_t mbedtls_transparent_test_driver_cipher_encrypt_setup( mbedtls_psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, @@ -739,6 +745,6 @@ psa_status_t mbedtls_transparent_test_driver_cipher_decrypt( alg, input, input_length, output, output_size, output_length ) ); } -#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_cipher.h b/library/psa_crypto_cipher.h index 5971e8d3f0c..b0d1939fb40 100644 --- a/library/psa_crypto_cipher.h +++ b/library/psa_crypto_cipher.h @@ -308,7 +308,7 @@ psa_status_t mbedtls_psa_cipher_decrypt( const psa_key_attributes_t *attributes, * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. */ -#if defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) psa_status_t mbedtls_transparent_test_driver_cipher_encrypt_setup( mbedtls_psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, @@ -358,6 +358,6 @@ psa_status_t mbedtls_transparent_test_driver_cipher_decrypt( uint8_t *output, size_t output_size, size_t *output_length ); -#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ #endif /* PSA_CRYPTO_CIPHER_H */ diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c index 3ce232c6b2f..83cc72df3c1 100644 --- a/library/psa_crypto_ecp.c +++ b/library/psa_crypto_ecp.c @@ -42,18 +42,21 @@ #if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) ) ) #define BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1 #endif -#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ +#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \ + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) ) ) #define BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1 #endif #if ( defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) && \ defined(MBEDTLS_ECDSA_C) ) ) #define BUILTIN_ALG_ECDSA 1 @@ -61,6 +64,7 @@ #if ( defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \ ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) && \ defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) ) ) #define BUILTIN_ALG_DETERMINISTIC_ECDSA 1 @@ -567,7 +571,7 @@ psa_status_t mbedtls_psa_ecdsa_verify_hash( * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. */ -#if defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) @@ -663,6 +667,6 @@ psa_status_t mbedtls_transparent_test_driver_ecdsa_verify_hash( #endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */ -#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_ecp.h b/library/psa_crypto_ecp.h index 0c2b92895f9..d1c765af54c 100644 --- a/library/psa_crypto_ecp.h +++ b/library/psa_crypto_ecp.h @@ -222,7 +222,7 @@ psa_status_t mbedtls_psa_ecdsa_verify_hash( * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. */ -#if defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) psa_status_t mbedtls_transparent_test_driver_ecp_import_key( const psa_key_attributes_t *attributes, @@ -251,6 +251,6 @@ psa_status_t mbedtls_transparent_test_driver_ecdsa_verify_hash( psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length ); -#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ #endif /* PSA_CRYPTO_ECP_H */ diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index 6ef6b0709a5..b9f2757ea86 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -32,39 +32,57 @@ /* Use builtin defines specific to this compilation unit, since the test driver * relies on the software driver. */ #if( defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_MD2) ) ) + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ + defined(MBEDTLS_PSA_ACCEL_ALG_MD2) ) ) #define BUILTIN_ALG_MD2 1 #endif #if( defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_MD4) ) ) + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ + defined(MBEDTLS_PSA_ACCEL_ALG_MD4) ) ) #define BUILTIN_ALG_MD4 1 #endif #if( defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_MD5) ) ) + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ + defined(MBEDTLS_PSA_ACCEL_ALG_MD5) ) ) #define BUILTIN_ALG_MD5 1 #endif #if( defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) ) ) + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ + defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) ) ) #define BUILTIN_ALG_RIPEMD160 1 #endif #if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) ) ) + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ + defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) ) ) #define BUILTIN_ALG_SHA_1 1 #endif #if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) ) ) + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ + defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) ) ) #define BUILTIN_ALG_SHA_224 1 #endif #if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) ) ) + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ + defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) ) ) #define BUILTIN_ALG_SHA_256 1 #endif #if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) ) ) + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ + defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) ) ) #define BUILTIN_ALG_SHA_384 1 #endif #if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) ) ) + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ + defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) ) ) #define BUILTIN_ALG_SHA_512 1 #endif @@ -123,7 +141,8 @@ const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ) /* Implement the PSA driver hash interface on top of mbed TLS if either the * software driver or the test driver requires it. */ -#if defined(MBEDTLS_PSA_BUILTIN_HASH) || defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(MBEDTLS_PSA_BUILTIN_HASH) || \ + ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) ) static psa_status_t hash_abort( mbedtls_psa_hash_operation_t *operation ) { @@ -525,7 +544,8 @@ static psa_status_t hash_compute( return( status ); } -#endif /* MBEDTLS_PSA_BUILTIN_HASH || PSA_CRYPTO_DRIVER_TEST */ +#endif /* MBEDTLS_PSA_BUILTIN_HASH || + ( PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG ) */ #if defined(MBEDTLS_PSA_BUILTIN_HASH) psa_status_t mbedtls_psa_hash_compute( @@ -581,7 +601,7 @@ psa_status_t mbedtls_psa_hash_abort( /* * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. */ -#if defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) static int is_hash_accelerated( psa_algorithm_t alg ) { diff --git a/library/psa_crypto_hash.h b/library/psa_crypto_hash.h index e21905c0b8f..7afea4d3bdf 100644 --- a/library/psa_crypto_hash.h +++ b/library/psa_crypto_hash.h @@ -235,7 +235,7 @@ psa_status_t mbedtls_psa_hash_abort( * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. */ -#if defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) psa_status_t mbedtls_transparent_test_driver_hash_compute( psa_algorithm_t alg, @@ -267,6 +267,6 @@ psa_status_t mbedtls_transparent_test_driver_hash_finish( psa_status_t mbedtls_transparent_test_driver_hash_abort( mbedtls_psa_hash_operation_t *operation ); -#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ #endif /* PSA_CRYPTO_HASH_H */ diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c index cf20a9b63c6..d59178ef3e3 100644 --- a/library/psa_crypto_mac.c +++ b/library/psa_crypto_mac.c @@ -33,11 +33,15 @@ /* Use builtin defines specific to this compilation unit, since the test driver * relies on the software driver. */ #if( defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) ) ) + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ + defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) ) ) #define BUILTIN_ALG_CMAC 1 #endif #if( defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_HMAC) ) ) + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ + defined(MBEDTLS_PSA_ACCEL_ALG_HMAC) ) ) #define BUILTIN_ALG_HMAC 1 #endif @@ -560,7 +564,7 @@ psa_status_t mbedtls_psa_mac_abort( /* * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. */ -#if defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) static int is_mac_accelerated( psa_algorithm_t alg ) { @@ -667,6 +671,6 @@ psa_status_t mbedtls_transparent_test_driver_mac_abort( return( mac_abort( operation ) ); } -#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_mac.h b/library/psa_crypto_mac.h index ba32954a722..80a644b5785 100644 --- a/library/psa_crypto_mac.h +++ b/library/psa_crypto_mac.h @@ -277,7 +277,7 @@ psa_status_t mbedtls_psa_mac_abort( * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. */ -#if defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) psa_status_t mbedtls_transparent_test_driver_mac_compute( const psa_key_attributes_t *attributes, @@ -323,6 +323,6 @@ psa_status_t mbedtls_transparent_test_driver_mac_verify_finish( psa_status_t mbedtls_transparent_test_driver_mac_abort( mbedtls_psa_mac_operation_t *operation ); -#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ #endif /* PSA_CRYPTO_MAC_H */ diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index 3b71913188f..705cb413ead 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -43,18 +43,21 @@ #if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) ) ) #define BUILTIN_KEY_TYPE_RSA_KEY_PAIR 1 #endif -#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ +#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) || \ + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) ) ) #define BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1 #endif #if ( defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) && \ defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V15) ) ) #define BUILTIN_ALG_RSA_PKCS1V15_SIGN 1 @@ -62,6 +65,7 @@ #if ( defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \ ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) && \ defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21) ) ) #define BUILTIN_ALG_RSA_PSS 1 @@ -624,7 +628,7 @@ psa_status_t mbedtls_psa_rsa_verify_hash( * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. */ -#if defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) @@ -719,6 +723,6 @@ psa_status_t mbedtls_transparent_test_driver_rsa_verify_hash( #endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */ -#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_rsa.h b/library/psa_crypto_rsa.h index 41a90f78ec9..881746227ce 100644 --- a/library/psa_crypto_rsa.h +++ b/library/psa_crypto_rsa.h @@ -216,7 +216,7 @@ psa_status_t mbedtls_psa_rsa_verify_hash( * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. */ -#if defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) psa_status_t mbedtls_transparent_test_driver_rsa_import_key( const psa_key_attributes_t *attributes, @@ -245,6 +245,6 @@ psa_status_t mbedtls_transparent_test_driver_rsa_verify_hash( psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length ); -#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ #endif /* PSA_CRYPTO_RSA_H */ diff --git a/tests/src/drivers/hash.c b/tests/src/drivers/hash.c index f95aa6b617f..e618660968c 100644 --- a/tests/src/drivers/hash.c +++ b/tests/src/drivers/hash.c @@ -45,10 +45,25 @@ psa_status_t mbedtls_test_transparent_hash_compute( } else { +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_hash_hooks.driver_status = mbedtls_transparent_test_driver_hash_compute( alg, input, input_length, hash, hash_size, hash_length ); +#elif defined(MBEDTLS_PSA_BUILTIN_HASH) + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_psa_hash_compute( + alg, input, input_length, + hash, hash_size, hash_length ); +#else + (void) alg; + (void) input; + (void) input_length; + (void) hash; + (void) hash_size; + (void) hash_length; + mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_hash_hooks.driver_status ); @@ -67,8 +82,17 @@ psa_status_t mbedtls_test_transparent_hash_setup( } else { +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_hash_hooks.driver_status = mbedtls_transparent_test_driver_hash_setup( operation, alg ); +#elif defined(MBEDTLS_PSA_BUILTIN_HASH) + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_psa_hash_setup( operation, alg ); +#else + (void) operation; + (void) alg; + mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_hash_hooks.driver_status ); @@ -87,9 +111,18 @@ psa_status_t mbedtls_test_transparent_hash_clone( } else { +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_hash_hooks.driver_status = mbedtls_transparent_test_driver_hash_clone( source_operation, target_operation ); +#elif defined(MBEDTLS_PSA_BUILTIN_HASH) + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_psa_hash_clone( source_operation, target_operation ); +#else + (void) source_operation; + (void) target_operation; + mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_hash_hooks.driver_status ); @@ -109,9 +142,19 @@ psa_status_t mbedtls_test_transparent_hash_update( } else { +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_hash_hooks.driver_status = mbedtls_transparent_test_driver_hash_update( operation, input, input_length ); +#elif defined(MBEDTLS_PSA_BUILTIN_HASH) + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_psa_hash_update( operation, input, input_length ); +#else + (void) operation; + (void) input; + (void) input_length; + mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_hash_hooks.driver_status ); @@ -132,9 +175,20 @@ psa_status_t mbedtls_test_transparent_hash_finish( } else { +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_hash_hooks.driver_status = mbedtls_transparent_test_driver_hash_finish( operation, hash, hash_size, hash_length ); +#elif defined(MBEDTLS_PSA_BUILTIN_HASH) + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_psa_hash_finish( operation, hash, hash_size, hash_length ); +#else + (void) operation; + (void) hash; + (void) hash_size; + (void) hash_length; + mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_hash_hooks.driver_status ); @@ -152,8 +206,16 @@ psa_status_t mbedtls_test_transparent_hash_abort( } else { +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_hash_hooks.driver_status = mbedtls_transparent_test_driver_hash_abort( operation ); +#elif defined(MBEDTLS_PSA_BUILTIN_HASH) + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_psa_hash_abort( operation ); +#else + (void) operation; + mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_hash_hooks.driver_status ); diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c index 6aca1938cba..03c160de868 100644 --- a/tests/src/drivers/test_driver_cipher.c +++ b/tests/src/drivers/test_driver_cipher.c @@ -70,10 +70,19 @@ psa_status_t mbedtls_test_transparent_cipher_encrypt( psa_generate_random( output, PSA_CIPHER_IV_LENGTH( attributes->core.type, alg ) ); +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) return( mbedtls_transparent_test_driver_cipher_encrypt( attributes, key_buffer, key_buffer_size, alg, input, input_length, output, output_size, output_length ) ); +#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) + return( mbedtls_psa_cipher_encrypt( + attributes, key_buffer, key_buffer_size, + alg, input, input_length, + output, output_size, output_length ) ); +#endif + + return( PSA_ERROR_NOT_SUPPORTED ); } psa_status_t mbedtls_test_transparent_cipher_decrypt( @@ -105,10 +114,19 @@ psa_status_t mbedtls_test_transparent_cipher_decrypt( if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_cipher_hooks.forced_status ); +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) return( mbedtls_transparent_test_driver_cipher_decrypt( attributes, key_buffer, key_buffer_size, alg, input, input_length, output, output_size, output_length ) ); +#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) + return( mbedtls_psa_cipher_decrypt( + attributes, key_buffer, key_buffer_size, + alg, input, input_length, + output, output_size, output_length ) ); +#endif + + return( PSA_ERROR_NOT_SUPPORTED ); } psa_status_t mbedtls_test_transparent_cipher_encrypt_setup( @@ -128,8 +146,15 @@ psa_status_t mbedtls_test_transparent_cipher_encrypt_setup( if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_cipher_hooks.forced_status ); - return ( mbedtls_transparent_test_driver_cipher_encrypt_setup( - operation, attributes, key, key_length, alg ) ); +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) + return( mbedtls_transparent_test_driver_cipher_encrypt_setup( + operation, attributes, key, key_length, alg ) ); +#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) + return( mbedtls_psa_cipher_encrypt_setup( + operation, attributes, key, key_length, alg ) ); +#endif + + return( PSA_ERROR_NOT_SUPPORTED ); } psa_status_t mbedtls_test_transparent_cipher_decrypt_setup( @@ -143,8 +168,15 @@ psa_status_t mbedtls_test_transparent_cipher_decrypt_setup( if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_cipher_hooks.forced_status ); - return ( mbedtls_transparent_test_driver_cipher_decrypt_setup( - operation, attributes, key, key_length, alg ) ); +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) + return( mbedtls_transparent_test_driver_cipher_decrypt_setup( + operation, attributes, key, key_length, alg ) ); +#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) + return( mbedtls_psa_cipher_decrypt_setup( + operation, attributes, key, key_length, alg ) ); +#endif + + return( PSA_ERROR_NOT_SUPPORTED ); } psa_status_t mbedtls_test_transparent_cipher_abort( @@ -155,7 +187,11 @@ psa_status_t mbedtls_test_transparent_cipher_abort( if( operation->alg == 0 ) return( PSA_SUCCESS ); +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_transparent_test_driver_cipher_abort( operation ); +#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) + mbedtls_psa_cipher_abort( operation ); +#endif /* Wiping the entire struct here, instead of member-by-member. This is * useful for the test suite, since it gives a chance of catching memory @@ -176,8 +212,14 @@ psa_status_t mbedtls_test_transparent_cipher_set_iv( if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_cipher_hooks.forced_status ); +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) return( mbedtls_transparent_test_driver_cipher_set_iv( operation, iv, iv_length ) ); +#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) + return( mbedtls_psa_cipher_set_iv( operation, iv, iv_length ) ); +#endif + + return( PSA_ERROR_NOT_SUPPORTED ); } psa_status_t mbedtls_test_transparent_cipher_update( @@ -206,9 +248,17 @@ psa_status_t mbedtls_test_transparent_cipher_update( if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_cipher_hooks.forced_status ); +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) return( mbedtls_transparent_test_driver_cipher_update( operation, input, input_length, output, output_size, output_length ) ); +#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) + return( mbedtls_psa_cipher_update( + operation, input, input_length, + output, output_size, output_length ) ); +#endif + + return( PSA_ERROR_NOT_SUPPORTED ); } psa_status_t mbedtls_test_transparent_cipher_finish( @@ -235,8 +285,15 @@ psa_status_t mbedtls_test_transparent_cipher_finish( if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_cipher_hooks.forced_status ); +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) return( mbedtls_transparent_test_driver_cipher_finish( operation, output, output_size, output_length ) ); +#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) + return( mbedtls_psa_cipher_finish( + operation, output, output_size, output_length ) ); +#endif + + return( PSA_ERROR_NOT_SUPPORTED ); } /* diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c index 19e10333110..73720e9d7a9 100644 --- a/tests/src/drivers/test_driver_key_management.c +++ b/tests/src/drivers/test_driver_key_management.c @@ -80,27 +80,32 @@ psa_status_t mbedtls_test_transparent_generate_key( return( PSA_SUCCESS ); } - /* Copied from psa_crypto.c */ -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) - if ( PSA_KEY_TYPE_IS_ECC( psa_get_key_type( attributes ) ) - && PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) ) + if( PSA_KEY_TYPE_IS_ECC( psa_get_key_type( attributes ) ) + && PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) ) { +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) return( mbedtls_transparent_test_driver_ecp_generate_key( attributes, key, key_size, key_length ) ); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) + return( mbedtls_psa_ecp_generate_key( + attributes, key, key_size, key_length ) ); +#endif } - else -#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) */ - -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) - if ( psa_get_key_type( attributes ) == PSA_KEY_TYPE_RSA_KEY_PAIR ) + else if( psa_get_key_type( attributes ) == PSA_KEY_TYPE_RSA_KEY_PAIR ) + { +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) return( mbedtls_transparent_test_driver_rsa_generate_key( attributes, key, key_size, key_length ) ); - else -#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) */ - { - (void)attributes; - return( PSA_ERROR_NOT_SUPPORTED ); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) + return( mbedtls_psa_rsa_generate_key( + attributes, key, key_size, key_length ) ); +#endif } + + (void)attributes; + return( PSA_ERROR_NOT_SUPPORTED ); } psa_status_t mbedtls_test_opaque_generate_key( @@ -128,45 +133,56 @@ psa_status_t mbedtls_test_transparent_import_key( if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_key_management_hooks.forced_status ); - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_type_t type = psa_get_key_type( attributes ); -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) if( PSA_KEY_TYPE_IS_ECC( type ) ) { - status = mbedtls_transparent_test_driver_ecp_import_key( - attributes, - data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, bits ); - } - else +#if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) ) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) + return( mbedtls_transparent_test_driver_ecp_import_key( + attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits ) ); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) + return( mbedtls_psa_ecp_import_key( + attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits ) ); #endif -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) - if( PSA_KEY_TYPE_IS_RSA( type ) ) - { - status = mbedtls_transparent_test_driver_rsa_import_key( - attributes, - data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, bits ); } - else -#endif + else if( PSA_KEY_TYPE_IS_RSA( type ) ) { - status = PSA_ERROR_NOT_SUPPORTED; - (void)data; - (void)data_length; - (void)key_buffer; - (void)key_buffer_size; - (void)key_buffer_length; - (void)bits; - (void)type; +#if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) ) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) + return( mbedtls_transparent_test_driver_rsa_import_key( + attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits ) ); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) + return( mbedtls_psa_rsa_import_key( + attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits ) ); +#endif } - return( status ); + (void)data; + (void)data_length; + (void)key_buffer; + (void)key_buffer_size; + (void)key_buffer_length; + (void)bits; + (void)type; + + return( PSA_ERROR_NOT_SUPPORTED ); } psa_status_t mbedtls_test_opaque_export_key( @@ -255,39 +271,48 @@ psa_status_t mbedtls_test_transparent_export_public_key( return( PSA_SUCCESS ); } - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_type_t key_type = psa_get_key_type( attributes ); -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) if( PSA_KEY_TYPE_IS_ECC( key_type ) ) { - status = mbedtls_transparent_test_driver_ecp_export_public_key( - attributes, - key_buffer, key_buffer_size, - data, data_size, data_length ); - } - else +#if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) ) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) + return( mbedtls_transparent_test_driver_ecp_export_public_key( + attributes, + key_buffer, key_buffer_size, + data, data_size, data_length ) ); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) + return( mbedtls_psa_ecp_export_public_key( + attributes, + key_buffer, key_buffer_size, + data, data_size, data_length ) ); #endif -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) - if( PSA_KEY_TYPE_IS_RSA( key_type ) ) - { - status = mbedtls_transparent_test_driver_rsa_export_public_key( - attributes, - key_buffer, key_buffer_size, - data, data_size, data_length ); } - else -#endif + else if( PSA_KEY_TYPE_IS_RSA( key_type ) ) { - status = PSA_ERROR_NOT_SUPPORTED; - (void)key_buffer; - (void)key_buffer_size; - (void)key_type; +#if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) ) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) + return( mbedtls_transparent_test_driver_rsa_export_public_key( + attributes, + key_buffer, key_buffer_size, + data, data_size, data_length ) ); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) + return( mbedtls_psa_rsa_export_public_key( + attributes, + key_buffer, key_buffer_size, + data, data_size, data_length ) ); +#endif } - return( status ); + (void)key_buffer; + (void)key_buffer_size; + (void)key_type; + + return( PSA_ERROR_NOT_SUPPORTED ); } psa_status_t mbedtls_test_opaque_export_public_key( diff --git a/tests/src/drivers/test_driver_mac.c b/tests/src/drivers/test_driver_mac.c index 2294ecf64f2..6f8c3c4b956 100644 --- a/tests/src/drivers/test_driver_mac.c +++ b/tests/src/drivers/test_driver_mac.c @@ -51,11 +51,30 @@ psa_status_t mbedtls_test_transparent_mac_compute( } else { +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_transparent_test_driver_mac_compute( attributes, key_buffer, key_buffer_size, alg, input, input_length, mac, mac_size, mac_length ); +#elif defined(MBEDTLS_PSA_BUILTIN_MAC) + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_psa_mac_compute( + attributes, key_buffer, key_buffer_size, alg, + input, input_length, + mac, mac_size, mac_length ); +#else + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + (void) input; + (void) input_length; + (void) mac; + (void) mac_size; + (void) mac_length; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_mac_hooks.driver_status ); @@ -77,9 +96,22 @@ psa_status_t mbedtls_test_transparent_mac_sign_setup( } else { +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_transparent_test_driver_mac_sign_setup( operation, attributes, key_buffer, key_buffer_size, alg ); +#elif defined(MBEDTLS_PSA_BUILTIN_MAC) + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_psa_mac_sign_setup( + operation, attributes, key_buffer, key_buffer_size, alg ); +#else + (void) operation; + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_mac_hooks.driver_status ); @@ -101,9 +133,22 @@ psa_status_t mbedtls_test_transparent_mac_verify_setup( } else { +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_transparent_test_driver_mac_verify_setup( operation, attributes, key_buffer, key_buffer_size, alg ); +#elif defined(MBEDTLS_PSA_BUILTIN_MAC) + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_psa_mac_verify_setup( + operation, attributes, key_buffer, key_buffer_size, alg ); +#else + (void) operation; + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_mac_hooks.driver_status ); @@ -123,9 +168,20 @@ psa_status_t mbedtls_test_transparent_mac_update( } else { +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_transparent_test_driver_mac_update( operation, input, input_length ); +#elif defined(MBEDTLS_PSA_BUILTIN_MAC) + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_psa_mac_update( + operation, input, input_length ); +#else + (void) operation; + (void) input; + (void) input_length; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_mac_hooks.driver_status ); @@ -146,9 +202,21 @@ psa_status_t mbedtls_test_transparent_mac_sign_finish( } else { +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_transparent_test_driver_mac_sign_finish( operation, mac, mac_size, mac_length ); +#elif defined(MBEDTLS_PSA_BUILTIN_MAC) + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_psa_mac_sign_finish( + operation, mac, mac_size, mac_length ); +#else + (void) operation; + (void) mac; + (void) mac_size; + (void) mac_length; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_mac_hooks.driver_status ); @@ -168,9 +236,20 @@ psa_status_t mbedtls_test_transparent_mac_verify_finish( } else { +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_transparent_test_driver_mac_verify_finish( operation, mac, mac_length ); +#elif defined(MBEDTLS_PSA_BUILTIN_MAC) + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_psa_mac_verify_finish( + operation, mac, mac_length ); +#else + (void) operation; + (void) mac; + (void) mac_length; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_mac_hooks.driver_status ); @@ -188,8 +267,16 @@ psa_status_t mbedtls_test_transparent_mac_abort( } else { +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_transparent_test_driver_mac_abort( operation ); +#elif defined(MBEDTLS_PSA_BUILTIN_MAC) + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_psa_mac_abort( operation ); +#else + (void) operation; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_mac_hooks.driver_status ); diff --git a/tests/src/drivers/test_driver_signature.c b/tests/src/drivers/test_driver_signature.c index 2e43270e53a..cf7edc935d2 100644 --- a/tests/src/drivers/test_driver_signature.c +++ b/tests/src/drivers/test_driver_signature.c @@ -63,15 +63,22 @@ psa_status_t sign_hash( if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) || PSA_ALG_IS_RSA_PSS( alg) ) { -#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) +#if ( defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) ) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) return( mbedtls_transparent_test_driver_rsa_sign_hash( attributes, key_buffer, key_buffer_size, alg, hash, hash_length, signature, signature_size, signature_length ) ); -#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || - * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */ +#elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) + return( mbedtls_psa_rsa_sign_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length ) ); +#endif } else { @@ -82,15 +89,22 @@ psa_status_t sign_hash( { if( PSA_ALG_IS_ECDSA( alg ) ) { -#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) +#if ( defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) ) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) return( mbedtls_transparent_test_driver_ecdsa_sign_hash( attributes, key_buffer, key_buffer_size, alg, hash, hash_length, signature, signature_size, signature_length ) ); -#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || - * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */ +#elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) + return( mbedtls_psa_ecdsa_sign_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length ) ); +#endif } else { @@ -125,15 +139,22 @@ psa_status_t verify_hash( if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) || PSA_ALG_IS_RSA_PSS( alg) ) { -#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) +#if ( defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) ) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) return( mbedtls_transparent_test_driver_rsa_verify_hash( attributes, key_buffer, key_buffer_size, alg, hash, hash_length, signature, signature_length ) ); -#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || - * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */ +#elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) + return( mbedtls_psa_rsa_verify_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length ) ); +#endif } else { @@ -144,15 +165,22 @@ psa_status_t verify_hash( { if( PSA_ALG_IS_ECDSA( alg ) ) { -#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) +#if ( defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) ) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) return( mbedtls_transparent_test_driver_ecdsa_verify_hash( attributes, key_buffer, key_buffer_size, alg, hash, hash_length, signature, signature_length ) ); -#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || - * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */ +#elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) + return( mbedtls_psa_ecdsa_verify_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length ) ); +#endif } else { @@ -168,7 +196,6 @@ psa_status_t verify_hash( (void)hash_length; (void)signature; (void)signature_length; - return( PSA_ERROR_NOT_SUPPORTED ); } @@ -204,16 +231,25 @@ psa_status_t mbedtls_test_transparent_signature_sign_message( return( PSA_SUCCESS ); } +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) status = mbedtls_transparent_test_driver_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), input, input_length, hash, sizeof( hash ), &hash_length ); - +#elif defined(MBEDTLS_PSA_BUILTIN_HASH) + status = mbedtls_psa_hash_compute( + PSA_ALG_SIGN_GET_HASH( alg ), input, input_length, + hash, sizeof( hash ), &hash_length ); +#else + (void) input; + (void) input_length; + status = PSA_ERROR_NOT_SUPPORTED; +#endif if( status != PSA_SUCCESS ) return status; - return sign_hash( attributes, key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ); + return( sign_hash( attributes, key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length ) ); } psa_status_t mbedtls_test_opaque_signature_sign_message( @@ -259,16 +295,25 @@ psa_status_t mbedtls_test_transparent_signature_verify_message( if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_signature_verify_hooks.forced_status ); +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) status = mbedtls_transparent_test_driver_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), input, input_length, hash, sizeof( hash ), &hash_length ); - +#elif defined(MBEDTLS_PSA_BUILTIN_HASH) + status = mbedtls_psa_hash_compute( + PSA_ALG_SIGN_GET_HASH( alg ), input, input_length, + hash, sizeof( hash ), &hash_length ); +#else + (void) input; + (void) input_length; + status = PSA_ERROR_NOT_SUPPORTED; +#endif if( status != PSA_SUCCESS ) return status; - return verify_hash( attributes, key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ); + return( verify_hash( attributes, key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length ) ); } psa_status_t mbedtls_test_opaque_signature_verify_message( From 7207d574ab593c9e0f76e66c5592702ac2fb04da Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 8 Sep 2021 14:28:35 +0200 Subject: [PATCH 031/107] psa: asymmetric_encrypt/decrypt: Improve error code consistency In psa_asymmetric_encrypt/decrypt(), always return PSA_ERROR_INVALID_ARGUMENT if the key is a PSA key and the algorithm is not a PSA algorithm we know about, whether RSA is supported or not. Signed-off-by: Ronald Cron --- library/psa_crypto.c | 49 +++++++++++++++++++++++++++++--------------- 1 file changed, 32 insertions(+), 17 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 8e61b51ee76..706e0a7b888 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3107,10 +3107,10 @@ psa_status_t psa_asymmetric_encrypt( mbedtls_svc_key_id_t key, goto exit; } -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ) { +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) mbedtls_rsa_context *rsa = NULL; status = mbedtls_psa_rsa_load_representation( slot->attr.type, slot->key.data, @@ -3124,9 +3124,11 @@ psa_status_t psa_asymmetric_encrypt( mbedtls_svc_key_id_t key, status = PSA_ERROR_BUFFER_TOO_SMALL; goto rsa_exit; } -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) +#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || + * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */ if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT ) { +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) status = mbedtls_to_psa_error( mbedtls_rsa_pkcs1_encrypt( rsa, mbedtls_psa_get_random, @@ -3135,12 +3137,14 @@ psa_status_t psa_asymmetric_encrypt( mbedtls_svc_key_id_t key, input_length, input, output ) ); +#else + status = PSA_ERROR_NOT_SUPPORTED; +#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT */ } else -#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT */ -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) if( PSA_ALG_IS_RSA_OAEP( alg ) ) { +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) psa_rsa_oaep_set_padding_mode( alg, rsa ); status = mbedtls_to_psa_error( mbedtls_rsa_rsaes_oaep_encrypt( rsa, @@ -3151,23 +3155,26 @@ psa_status_t psa_asymmetric_encrypt( mbedtls_svc_key_id_t key, input_length, input, output ) ); +#else + status = PSA_ERROR_NOT_SUPPORTED; +#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP */ } else -#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP */ { status = PSA_ERROR_INVALID_ARGUMENT; - goto rsa_exit; } +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) rsa_exit: if( status == PSA_SUCCESS ) *output_length = mbedtls_rsa_get_len( rsa ); mbedtls_rsa_free( rsa ); mbedtls_free( rsa ); - } - else #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */ + } + else { status = PSA_ERROR_NOT_SUPPORTED; } @@ -3213,10 +3220,10 @@ psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key, goto exit; } -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) if( slot->attr.type == PSA_KEY_TYPE_RSA_KEY_PAIR ) { +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) mbedtls_rsa_context *rsa = NULL; status = mbedtls_psa_rsa_load_representation( slot->attr.type, slot->key.data, @@ -3230,10 +3237,12 @@ psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key, status = PSA_ERROR_INVALID_ARGUMENT; goto rsa_exit; } +#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || + * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */ -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT ) { +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) status = mbedtls_to_psa_error( mbedtls_rsa_pkcs1_decrypt( rsa, mbedtls_psa_get_random, @@ -3243,12 +3252,14 @@ psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key, input, output, output_size ) ); +#else + status = PSA_ERROR_NOT_SUPPORTED; +#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT */ } else -#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT */ -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) if( PSA_ALG_IS_RSA_OAEP( alg ) ) { +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) psa_rsa_oaep_set_padding_mode( alg, rsa ); status = mbedtls_to_psa_error( mbedtls_rsa_rsaes_oaep_decrypt( rsa, @@ -3260,20 +3271,24 @@ psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key, input, output, output_size ) ); +#else + status = PSA_ERROR_NOT_SUPPORTED; +#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP */ } else -#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP */ { status = PSA_ERROR_INVALID_ARGUMENT; } +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) rsa_exit: mbedtls_rsa_free( rsa ); mbedtls_free( rsa ); - } - else #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */ + } + else { status = PSA_ERROR_NOT_SUPPORTED; } From 485559eeb56980c067a805cc657adce73a8c2cc8 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 28 Apr 2021 14:29:00 +0200 Subject: [PATCH 032/107] psa: Fix unused variable warnings Signed-off-by: Ronald Cron --- library/psa_crypto_aead.c | 12 ++++++++++++ library/psa_crypto_driver_wrappers.c | 4 ++++ library/psa_crypto_mac.c | 1 + 3 files changed, 17 insertions(+) diff --git a/library/psa_crypto_aead.c b/library/psa_crypto_aead.c index 99f2e4d3ae3..b43287b3574 100644 --- a/library/psa_crypto_aead.c +++ b/library/psa_crypto_aead.c @@ -151,6 +151,8 @@ static psa_status_t psa_aead_setup( #endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */ default: + (void) status; + (void) key_buffer; return( PSA_ERROR_NOT_SUPPORTED ); } @@ -252,6 +254,11 @@ psa_status_t mbedtls_psa_aead_encrypt( #endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */ { (void) tag; + (void) nonce; + (void) nonce_length; + (void) additional_data; + (void) additional_data_length; + (void) plaintext; return( PSA_ERROR_NOT_SUPPORTED ); } @@ -367,6 +374,11 @@ psa_status_t mbedtls_psa_aead_decrypt( else #endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */ { + (void) nonce; + (void) nonce_length; + (void) additional_data; + (void) additional_data_length; + (void) plaintext; return( PSA_ERROR_NOT_SUPPORTED ); } diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index f7240ceacc7..7ba24500706 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -964,6 +964,7 @@ psa_status_t psa_driver_wrapper_cipher_encrypt_setup( default: /* Key is declared with a lifetime not known to us */ (void)status; + (void)operation; (void)key_buffer; (void)key_buffer_size; (void)alg; @@ -1035,6 +1036,7 @@ psa_status_t psa_driver_wrapper_cipher_decrypt_setup( default: /* Key is declared with a lifetime not known to us */ (void)status; + (void)operation; (void)key_buffer; (void)key_buffer_size; (void)alg; @@ -1606,6 +1608,7 @@ psa_status_t psa_driver_wrapper_mac_sign_setup( default: /* Key is declared with a lifetime not known to us */ (void) status; + (void) operation; (void) key_buffer; (void) key_buffer_size; (void) alg; @@ -1677,6 +1680,7 @@ psa_status_t psa_driver_wrapper_mac_verify_setup( default: /* Key is declared with a lifetime not known to us */ (void) status; + (void) operation; (void) key_buffer; (void) key_buffer_size; (void) alg; diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c index d59178ef3e3..421d12e033f 100644 --- a/library/psa_crypto_mac.c +++ b/library/psa_crypto_mac.c @@ -236,6 +236,7 @@ static psa_status_t mac_init( else #endif /* BUILTIN_ALG_HMAC */ { + (void) operation; status = PSA_ERROR_NOT_SUPPORTED; } From 088d5d0c1b070faaae39444de9cde1b4e83bd697 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Sat, 10 Apr 2021 16:57:30 +0200 Subject: [PATCH 033/107] psa: Add driver initialization and termination Signed-off-by: Ronald Cron --- library/psa_crypto.c | 13 +++---- library/psa_crypto_driver_wrappers.c | 38 +++++++++++++++++++ library/psa_crypto_driver_wrappers.h | 6 +++ tests/include/test/drivers/key_management.h | 5 +++ .../src/drivers/test_driver_key_management.c | 20 ++++++++++ 5 files changed, 74 insertions(+), 8 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 706e0a7b888..b08235c747a 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -5320,11 +5320,9 @@ void mbedtls_psa_crypto_free( void ) * In particular, this sets all state indicator to the value * indicating "uninitialized". */ mbedtls_platform_zeroize( &global_data, sizeof( global_data ) ); -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) - /* Unregister all secure element drivers, so that we restart from - * a pristine state. */ - psa_unregister_all_se_drivers( ); -#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + + /* Terminate drivers */ + psa_driver_wrapper_free( ); } #if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS) @@ -5373,11 +5371,10 @@ psa_status_t psa_crypto_init( void ) if( status != PSA_SUCCESS ) goto exit; -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) - status = psa_init_all_se_drivers( ); + /* Init drivers */ + status = psa_driver_wrapper_init( ); if( status != PSA_SUCCESS ) goto exit; -#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ #if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS) status = psa_crypto_load_transaction( ); diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 7ba24500706..cc826df1ec4 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -66,6 +66,44 @@ #include "psa_crypto_se.h" #endif +psa_status_t psa_driver_wrapper_init( void ) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + status = psa_init_all_se_drivers( ); + if( status != PSA_SUCCESS ) + return( status ); +#endif + +#if defined(PSA_CRYPTO_DRIVER_TEST) + status = mbedtls_test_transparent_init( ); + if( status != PSA_SUCCESS ) + return( status ); + + status = mbedtls_test_opaque_init( ); + if( status != PSA_SUCCESS ) + return( status ); +#endif + + (void) status; + return( PSA_SUCCESS ); +} + +void psa_driver_wrapper_free( void ) +{ +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + /* Unregister all secure element drivers, so that we restart from + * a pristine state. */ + psa_unregister_all_se_drivers( ); +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + +#if defined(PSA_CRYPTO_DRIVER_TEST) + mbedtls_test_transparent_free( ); + mbedtls_test_opaque_free( ); +#endif +} + /* Start delegation functions */ psa_status_t psa_driver_wrapper_sign_message( const psa_key_attributes_t *attributes, diff --git a/library/psa_crypto_driver_wrappers.h b/library/psa_crypto_driver_wrappers.h index 38a6ee82a71..3ba96d9a583 100644 --- a/library/psa_crypto_driver_wrappers.h +++ b/library/psa_crypto_driver_wrappers.h @@ -25,6 +25,12 @@ #include "psa/crypto.h" #include "psa/crypto_driver_common.h" +/* + * Initialization and termination functions + */ +psa_status_t psa_driver_wrapper_init( void ); +void psa_driver_wrapper_free( void ); + /* * Signature functions */ diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h index 45814fd034b..bb08bf6b894 100644 --- a/tests/include/test/drivers/key_management.h +++ b/tests/include/test/drivers/key_management.h @@ -56,6 +56,11 @@ static inline mbedtls_test_driver_key_management_hooks_t extern mbedtls_test_driver_key_management_hooks_t mbedtls_test_driver_key_management_hooks; +psa_status_t mbedtls_test_transparent_init( void ); +void mbedtls_test_transparent_free( void ); +psa_status_t mbedtls_test_opaque_init( void ); +void mbedtls_test_opaque_free( void ); + psa_status_t mbedtls_test_transparent_generate_key( const psa_key_attributes_t *attributes, uint8_t *key, size_t key_size, size_t *key_length ); diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c index 73720e9d7a9..3d882854923 100644 --- a/tests/src/drivers/test_driver_key_management.c +++ b/tests/src/drivers/test_driver_key_management.c @@ -60,6 +60,26 @@ const uint8_t mbedtls_test_driver_ecdsa_pubkey[65] = 0xbc, 0x25, 0x16, 0xc3, 0xd2, 0x70, 0x2d, 0x79, 0x2f, 0x13, 0x1a, 0x92, 0x20, 0x95, 0xfd, 0x6c }; +psa_status_t mbedtls_test_transparent_init( void ) +{ + return( PSA_SUCCESS ); +} + +void mbedtls_test_transparent_free( void ) +{ + return; +} + +psa_status_t mbedtls_test_opaque_init( void ) +{ + return( PSA_SUCCESS ); +} + +void mbedtls_test_opaque_free( void ) +{ + return; +} + psa_status_t mbedtls_test_transparent_generate_key( const psa_key_attributes_t *attributes, uint8_t *key, size_t key_size, size_t *key_length ) From d54303da7c3efc47a429b3e20845a8e857e7ed81 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Sat, 10 Apr 2021 15:12:00 +0200 Subject: [PATCH 034/107] psa: test driver: Move driver test entry points prototypes In preparation of the driver test entry points to be provided by a test driver library, move their prototypes to tests directory. Signed-off-by: Ronald Cron --- library/psa_crypto_cipher.h | 56 --------------------- library/psa_crypto_ecp.h | 34 ------------- library/psa_crypto_hash.h | 38 -------------- library/psa_crypto_mac.h | 52 ------------------- library/psa_crypto_rsa.h | 35 ------------- tests/include/test/drivers/cipher.h | 52 +++++++++++++++++++ tests/include/test/drivers/hash.h | 34 +++++++++++++ tests/include/test/drivers/key_management.h | 34 +++++++++++++ tests/include/test/drivers/mac.h | 48 ++++++++++++++++++ tests/include/test/drivers/signature.h | 29 +++++++++++ tests/src/drivers/test_driver_signature.c | 1 + 11 files changed, 198 insertions(+), 215 deletions(-) diff --git a/library/psa_crypto_cipher.h b/library/psa_crypto_cipher.h index b0d1939fb40..bb4657dcd14 100644 --- a/library/psa_crypto_cipher.h +++ b/library/psa_crypto_cipher.h @@ -304,60 +304,4 @@ psa_status_t mbedtls_psa_cipher_decrypt( const psa_key_attributes_t *attributes, size_t output_size, size_t *output_length ); -/* - * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. - */ - -#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) -psa_status_t mbedtls_transparent_test_driver_cipher_encrypt_setup( - mbedtls_psa_cipher_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ); - -psa_status_t mbedtls_transparent_test_driver_cipher_decrypt_setup( - mbedtls_psa_cipher_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ); - -psa_status_t mbedtls_transparent_test_driver_cipher_set_iv( - mbedtls_psa_cipher_operation_t *operation, - const uint8_t *iv, size_t iv_length ); - -psa_status_t mbedtls_transparent_test_driver_cipher_update( - mbedtls_psa_cipher_operation_t *operation, - const uint8_t *input, size_t input_length, - uint8_t *output, size_t output_size, size_t *output_length ); - -psa_status_t mbedtls_transparent_test_driver_cipher_finish( - mbedtls_psa_cipher_operation_t *operation, - uint8_t *output, size_t output_size, size_t *output_length ); - -psa_status_t mbedtls_transparent_test_driver_cipher_abort( - mbedtls_psa_cipher_operation_t *operation ); - -psa_status_t mbedtls_transparent_test_driver_cipher_encrypt( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ); - -psa_status_t mbedtls_transparent_test_driver_cipher_decrypt( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ); -#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ - #endif /* PSA_CRYPTO_CIPHER_H */ diff --git a/library/psa_crypto_ecp.h b/library/psa_crypto_ecp.h index d1c765af54c..feddd8a1ed0 100644 --- a/library/psa_crypto_ecp.h +++ b/library/psa_crypto_ecp.h @@ -218,39 +218,5 @@ psa_status_t mbedtls_psa_ecdsa_verify_hash( const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length ); -/* - * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. - */ - -#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) - -psa_status_t mbedtls_transparent_test_driver_ecp_import_key( - const psa_key_attributes_t *attributes, - const uint8_t *data, size_t data_length, - uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ); - -psa_status_t mbedtls_transparent_test_driver_ecp_export_public_key( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ); - -psa_status_t mbedtls_transparent_test_driver_ecp_generate_key( - const psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); - -psa_status_t mbedtls_transparent_test_driver_ecdsa_sign_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ); - -psa_status_t mbedtls_transparent_test_driver_ecdsa_verify_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ); - -#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ #endif /* PSA_CRYPTO_ECP_H */ diff --git a/library/psa_crypto_hash.h b/library/psa_crypto_hash.h index 7afea4d3bdf..6b27c9b820a 100644 --- a/library/psa_crypto_hash.h +++ b/library/psa_crypto_hash.h @@ -231,42 +231,4 @@ psa_status_t mbedtls_psa_hash_finish( psa_status_t mbedtls_psa_hash_abort( mbedtls_psa_hash_operation_t *operation ); -/* - * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. - */ - -#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) - -psa_status_t mbedtls_transparent_test_driver_hash_compute( - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *hash, - size_t hash_size, - size_t *hash_length); - -psa_status_t mbedtls_transparent_test_driver_hash_setup( - mbedtls_psa_hash_operation_t *operation, - psa_algorithm_t alg ); - -psa_status_t mbedtls_transparent_test_driver_hash_clone( - const mbedtls_psa_hash_operation_t *source_operation, - mbedtls_psa_hash_operation_t *target_operation ); - -psa_status_t mbedtls_transparent_test_driver_hash_update( - mbedtls_psa_hash_operation_t *operation, - const uint8_t *input, - size_t input_length ); - -psa_status_t mbedtls_transparent_test_driver_hash_finish( - mbedtls_psa_hash_operation_t *operation, - uint8_t *hash, - size_t hash_size, - size_t *hash_length ); - -psa_status_t mbedtls_transparent_test_driver_hash_abort( - mbedtls_psa_hash_operation_t *operation ); - -#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ - #endif /* PSA_CRYPTO_HASH_H */ diff --git a/library/psa_crypto_mac.h b/library/psa_crypto_mac.h index 80a644b5785..a821e741164 100644 --- a/library/psa_crypto_mac.h +++ b/library/psa_crypto_mac.h @@ -273,56 +273,4 @@ psa_status_t mbedtls_psa_mac_verify_finish( psa_status_t mbedtls_psa_mac_abort( mbedtls_psa_mac_operation_t *operation ); -/* - * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. - */ - -#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) - -psa_status_t mbedtls_transparent_test_driver_mac_compute( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ); - -psa_status_t mbedtls_transparent_test_driver_mac_sign_setup( - mbedtls_psa_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg ); - -psa_status_t mbedtls_transparent_test_driver_mac_verify_setup( - mbedtls_psa_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg ); - -psa_status_t mbedtls_transparent_test_driver_mac_update( - mbedtls_psa_mac_operation_t *operation, - const uint8_t *input, - size_t input_length ); - -psa_status_t mbedtls_transparent_test_driver_mac_sign_finish( - mbedtls_psa_mac_operation_t *operation, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ); - -psa_status_t mbedtls_transparent_test_driver_mac_verify_finish( - mbedtls_psa_mac_operation_t *operation, - const uint8_t *mac, - size_t mac_length ); - -psa_status_t mbedtls_transparent_test_driver_mac_abort( - mbedtls_psa_mac_operation_t *operation ); - -#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ - #endif /* PSA_CRYPTO_MAC_H */ diff --git a/library/psa_crypto_rsa.h b/library/psa_crypto_rsa.h index 881746227ce..b76613e6c17 100644 --- a/library/psa_crypto_rsa.h +++ b/library/psa_crypto_rsa.h @@ -212,39 +212,4 @@ psa_status_t mbedtls_psa_rsa_verify_hash( psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length ); -/* - * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. - */ - -#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) - -psa_status_t mbedtls_transparent_test_driver_rsa_import_key( - const psa_key_attributes_t *attributes, - const uint8_t *data, size_t data_length, - uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ); - -psa_status_t mbedtls_transparent_test_driver_rsa_export_public_key( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ); - -psa_status_t mbedtls_transparent_test_driver_rsa_generate_key( - const psa_key_attributes_t *attributes, - uint8_t *key, size_t key_size, size_t *key_length ); - -psa_status_t mbedtls_transparent_test_driver_rsa_sign_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ); - -psa_status_t mbedtls_transparent_test_driver_rsa_verify_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ); - -#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ - #endif /* PSA_CRYPTO_RSA_H */ diff --git a/tests/include/test/drivers/cipher.h b/tests/include/test/drivers/cipher.h index 4fe559618f8..053b0c34cb1 100644 --- a/tests/include/test/drivers/cipher.h +++ b/tests/include/test/drivers/cipher.h @@ -140,5 +140,57 @@ psa_status_t mbedtls_test_opaque_cipher_finish( mbedtls_opaque_test_driver_cipher_operation_t *operation, uint8_t *output, size_t output_size, size_t *output_length); +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +psa_status_t mbedtls_transparent_test_driver_cipher_encrypt_setup( + mbedtls_psa_cipher_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + psa_algorithm_t alg ); + +psa_status_t mbedtls_transparent_test_driver_cipher_decrypt_setup( + mbedtls_psa_cipher_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + psa_algorithm_t alg ); + +psa_status_t mbedtls_transparent_test_driver_cipher_set_iv( + mbedtls_psa_cipher_operation_t *operation, + const uint8_t *iv, size_t iv_length ); + +psa_status_t mbedtls_transparent_test_driver_cipher_update( + mbedtls_psa_cipher_operation_t *operation, + const uint8_t *input, size_t input_length, + uint8_t *output, size_t output_size, size_t *output_length ); + +psa_status_t mbedtls_transparent_test_driver_cipher_finish( + mbedtls_psa_cipher_operation_t *operation, + uint8_t *output, size_t output_size, size_t *output_length ); + +psa_status_t mbedtls_transparent_test_driver_cipher_abort( + mbedtls_psa_cipher_operation_t *operation ); + +psa_status_t mbedtls_transparent_test_driver_cipher_encrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ); + +psa_status_t mbedtls_transparent_test_driver_cipher_decrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ); +#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ + #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_CIPHER_H */ diff --git a/tests/include/test/drivers/hash.h b/tests/include/test/drivers/hash.h index ebe83dee4e0..e0de79a28ce 100644 --- a/tests/include/test/drivers/hash.h +++ b/tests/include/test/drivers/hash.h @@ -76,5 +76,39 @@ psa_status_t mbedtls_test_transparent_hash_finish( psa_status_t mbedtls_test_transparent_hash_abort( mbedtls_psa_hash_operation_t *operation ); +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) + +psa_status_t mbedtls_transparent_test_driver_hash_compute( + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *hash, + size_t hash_size, + size_t *hash_length); + +psa_status_t mbedtls_transparent_test_driver_hash_setup( + mbedtls_psa_hash_operation_t *operation, + psa_algorithm_t alg ); + +psa_status_t mbedtls_transparent_test_driver_hash_clone( + const mbedtls_psa_hash_operation_t *source_operation, + mbedtls_psa_hash_operation_t *target_operation ); + +psa_status_t mbedtls_transparent_test_driver_hash_update( + mbedtls_psa_hash_operation_t *operation, + const uint8_t *input, + size_t input_length ); + +psa_status_t mbedtls_transparent_test_driver_hash_finish( + mbedtls_psa_hash_operation_t *operation, + uint8_t *hash, + size_t hash_size, + size_t *hash_length ); + +psa_status_t mbedtls_transparent_test_driver_hash_abort( + mbedtls_psa_hash_operation_t *operation ); + +#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ + #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_HASH_H */ diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h index bb08bf6b894..79572ad5d28 100644 --- a/tests/include/test/drivers/key_management.h +++ b/tests/include/test/drivers/key_management.h @@ -98,5 +98,39 @@ psa_status_t mbedtls_test_opaque_get_builtin_key( psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) + +psa_status_t mbedtls_transparent_test_driver_ecp_import_key( + const psa_key_attributes_t *attributes, + const uint8_t *data, size_t data_length, + uint8_t *key_buffer, size_t key_buffer_size, + size_t *key_buffer_length, size_t *bits ); + +psa_status_t mbedtls_transparent_test_driver_ecp_export_public_key( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + uint8_t *data, size_t data_size, size_t *data_length ); + +psa_status_t mbedtls_transparent_test_driver_ecp_generate_key( + const psa_key_attributes_t *attributes, + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); + +psa_status_t mbedtls_transparent_test_driver_rsa_import_key( + const psa_key_attributes_t *attributes, + const uint8_t *data, size_t data_length, + uint8_t *key_buffer, size_t key_buffer_size, + size_t *key_buffer_length, size_t *bits ); + +psa_status_t mbedtls_transparent_test_driver_rsa_export_public_key( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + uint8_t *data, size_t data_size, size_t *data_length ); + +psa_status_t mbedtls_transparent_test_driver_rsa_generate_key( + const psa_key_attributes_t *attributes, + uint8_t *key, size_t key_size, size_t *key_length ); + +#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ + #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H */ diff --git a/tests/include/test/drivers/mac.h b/tests/include/test/drivers/mac.h index 7733dd341c9..f8e7a1191d8 100644 --- a/tests/include/test/drivers/mac.h +++ b/tests/include/test/drivers/mac.h @@ -137,5 +137,53 @@ psa_status_t mbedtls_test_opaque_mac_verify_finish( psa_status_t mbedtls_test_opaque_mac_abort( mbedtls_opaque_test_driver_mac_operation_t *operation ); +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) + +psa_status_t mbedtls_transparent_test_driver_mac_compute( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *mac, + size_t mac_size, + size_t *mac_length ); + +psa_status_t mbedtls_transparent_test_driver_mac_sign_setup( + mbedtls_psa_mac_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg ); + +psa_status_t mbedtls_transparent_test_driver_mac_verify_setup( + mbedtls_psa_mac_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg ); + +psa_status_t mbedtls_transparent_test_driver_mac_update( + mbedtls_psa_mac_operation_t *operation, + const uint8_t *input, + size_t input_length ); + +psa_status_t mbedtls_transparent_test_driver_mac_sign_finish( + mbedtls_psa_mac_operation_t *operation, + uint8_t *mac, + size_t mac_size, + size_t *mac_length ); + +psa_status_t mbedtls_transparent_test_driver_mac_verify_finish( + mbedtls_psa_mac_operation_t *operation, + const uint8_t *mac, + size_t mac_length ); + +psa_status_t mbedtls_transparent_test_driver_mac_abort( + mbedtls_psa_mac_operation_t *operation ); + +#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ + #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_MAC_H */ diff --git a/tests/include/test/drivers/signature.h b/tests/include/test/drivers/signature.h index 5e64edc3c80..d2321ba094f 100644 --- a/tests/include/test/drivers/signature.h +++ b/tests/include/test/drivers/signature.h @@ -124,5 +124,34 @@ psa_status_t mbedtls_test_opaque_signature_verify_hash( const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length ); + +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) + +psa_status_t mbedtls_transparent_test_driver_ecdsa_sign_hash( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, + uint8_t *signature, size_t signature_size, size_t *signature_length ); + +psa_status_t mbedtls_transparent_test_driver_ecdsa_verify_hash( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, + const uint8_t *signature, size_t signature_length ); + +psa_status_t mbedtls_transparent_test_driver_rsa_sign_hash( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, + uint8_t *signature, size_t signature_size, size_t *signature_length ); + +psa_status_t mbedtls_transparent_test_driver_rsa_verify_hash( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, + const uint8_t *signature, size_t signature_length ); + +#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ + #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_SIGNATURE_H */ diff --git a/tests/src/drivers/test_driver_signature.c b/tests/src/drivers/test_driver_signature.c index cf7edc935d2..443b52eefc0 100644 --- a/tests/src/drivers/test_driver_signature.c +++ b/tests/src/drivers/test_driver_signature.c @@ -33,6 +33,7 @@ #include "psa_crypto_rsa.h" #include "mbedtls/ecp.h" +#include "test/drivers/hash.h" #include "test/drivers/signature.h" #include "mbedtls/md.h" From 7b7854ed4bccb051b25e397f5db8e4f110eae055 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Sat, 13 Mar 2021 18:19:08 +0100 Subject: [PATCH 035/107] tests: Rename test driver entry points Rename test driver entry points to libtestdriver1_. This aligns with the renaming of all Mbed TLS APIs for the test driver library (that will be put in place in the following commits) to avoid name conflicts when linking it with the Mbed TLS library. Signed-off-by: Ronald Cron --- library/psa_crypto_cipher.c | 17 +++++---- library/psa_crypto_ecp.c | 10 ++--- library/psa_crypto_hash.c | 12 +++--- library/psa_crypto_mac.c | 14 +++---- library/psa_crypto_rsa.c | 10 ++--- tests/include/test/drivers/cipher.h | 16 ++++---- tests/include/test/drivers/hash.h | 12 +++--- tests/include/test/drivers/key_management.h | 12 +++--- tests/include/test/drivers/mac.h | 14 +++---- tests/include/test/drivers/signature.h | 8 ++-- tests/src/drivers/hash.c | 14 +++---- tests/src/drivers/test_driver_cipher.c | 16 ++++---- .../src/drivers/test_driver_key_management.c | 12 +++--- tests/src/drivers/test_driver_mac.c | 14 +++---- tests/src/drivers/test_driver_signature.c | 37 ++++++++++--------- 15 files changed, 110 insertions(+), 108 deletions(-) diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index 12e52fa42ce..71dee2bd165 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -665,7 +665,7 @@ psa_status_t mbedtls_psa_cipher_decrypt( const psa_key_attributes_t *attributes, */ #if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) -psa_status_t mbedtls_transparent_test_driver_cipher_encrypt_setup( +psa_status_t libtestdriver1_mbedtls_psa_cipher_encrypt_setup( mbedtls_psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -675,7 +675,7 @@ psa_status_t mbedtls_transparent_test_driver_cipher_encrypt_setup( operation, attributes, key_buffer, key_buffer_size, alg ) ); } -psa_status_t mbedtls_transparent_test_driver_cipher_decrypt_setup( +psa_status_t libtestdriver1_mbedtls_psa_cipher_decrypt_setup( mbedtls_psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -685,14 +685,14 @@ psa_status_t mbedtls_transparent_test_driver_cipher_decrypt_setup( operation, attributes, key_buffer, key_buffer_size, alg ) ); } -psa_status_t mbedtls_transparent_test_driver_cipher_set_iv( +psa_status_t libtestdriver1_mbedtls_psa_cipher_set_iv( mbedtls_psa_cipher_operation_t *operation, const uint8_t *iv, size_t iv_length ) { return( cipher_set_iv( operation, iv, iv_length ) ); } -psa_status_t mbedtls_transparent_test_driver_cipher_update( +psa_status_t libtestdriver1_mbedtls_psa_cipher_update( mbedtls_psa_cipher_operation_t *operation, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length ) @@ -701,20 +701,20 @@ psa_status_t mbedtls_transparent_test_driver_cipher_update( output, output_size, output_length ) ); } -psa_status_t mbedtls_transparent_test_driver_cipher_finish( +psa_status_t libtestdriver1_mbedtls_psa_cipher_finish( mbedtls_psa_cipher_operation_t *operation, uint8_t *output, size_t output_size, size_t *output_length ) { return( cipher_finish( operation, output, output_size, output_length ) ); } -psa_status_t mbedtls_transparent_test_driver_cipher_abort( +psa_status_t libtestdriver1_mbedtls_psa_cipher_abort( mbedtls_psa_cipher_operation_t *operation ) { return( cipher_abort( operation ) ); } -psa_status_t mbedtls_transparent_test_driver_cipher_encrypt( +psa_status_t libtestdriver1_mbedtls_psa_cipher_encrypt( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -730,7 +730,7 @@ psa_status_t mbedtls_transparent_test_driver_cipher_encrypt( output, output_size, output_length ) ); } -psa_status_t mbedtls_transparent_test_driver_cipher_decrypt( +psa_status_t libtestdriver1_mbedtls_psa_cipher_decrypt( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -745,6 +745,7 @@ psa_status_t mbedtls_transparent_test_driver_cipher_decrypt( alg, input, input_length, output, output_size, output_length ) ); } + #endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c index 83cc72df3c1..3fdcdb26789 100644 --- a/library/psa_crypto_ecp.c +++ b/library/psa_crypto_ecp.c @@ -576,7 +576,7 @@ psa_status_t mbedtls_psa_ecdsa_verify_hash( #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) -psa_status_t mbedtls_transparent_test_driver_ecp_import_key( +psa_status_t libtestdriver1_mbedtls_psa_ecp_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, @@ -587,7 +587,7 @@ psa_status_t mbedtls_transparent_test_driver_ecp_import_key( key_buffer_length, bits ) ); } -psa_status_t mbedtls_transparent_test_driver_ecp_export_public_key( +psa_status_t libtestdriver1_mbedtls_psa_ecp_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, uint8_t *data, size_t data_size, size_t *data_length ) @@ -601,7 +601,7 @@ psa_status_t mbedtls_transparent_test_driver_ecp_export_public_key( #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) && \ defined(MBEDTLS_GENPRIME) -psa_status_t mbedtls_transparent_test_driver_ecp_generate_key( +psa_status_t libtestdriver1_mbedtls_psa_ecp_generate_key( const psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) { @@ -614,7 +614,7 @@ psa_status_t mbedtls_transparent_test_driver_ecp_generate_key( #if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) -psa_status_t mbedtls_transparent_test_driver_ecdsa_sign_hash( +psa_status_t libtestdriver1_mbedtls_psa_ecdsa_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, @@ -640,7 +640,7 @@ psa_status_t mbedtls_transparent_test_driver_ecdsa_sign_hash( #endif } -psa_status_t mbedtls_transparent_test_driver_ecdsa_verify_hash( +psa_status_t libtestdriver1_mbedtls_psa_ecdsa_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index b9f2757ea86..84ba8412580 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -648,7 +648,7 @@ static int is_hash_accelerated( psa_algorithm_t alg ) } } -psa_status_t mbedtls_transparent_test_driver_hash_compute( +psa_status_t libtestdriver1_mbedtls_psa_hash_compute( psa_algorithm_t alg, const uint8_t *input, size_t input_length, @@ -663,7 +663,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_compute( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t mbedtls_transparent_test_driver_hash_setup( +psa_status_t libtestdriver1_mbedtls_psa_hash_setup( mbedtls_psa_hash_operation_t *operation, psa_algorithm_t alg ) { @@ -673,7 +673,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_setup( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t mbedtls_transparent_test_driver_hash_clone( +psa_status_t libtestdriver1_mbedtls_psa_hash_clone( const mbedtls_psa_hash_operation_t *source_operation, mbedtls_psa_hash_operation_t *target_operation ) { @@ -683,7 +683,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_clone( return( PSA_ERROR_BAD_STATE ); } -psa_status_t mbedtls_transparent_test_driver_hash_update( +psa_status_t libtestdriver1_mbedtls_psa_hash_update( mbedtls_psa_hash_operation_t *operation, const uint8_t *input, size_t input_length ) @@ -694,7 +694,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_update( return( PSA_ERROR_BAD_STATE ); } -psa_status_t mbedtls_transparent_test_driver_hash_finish( +psa_status_t libtestdriver1_mbedtls_psa_hash_finish( mbedtls_psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, @@ -706,7 +706,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_finish( return( PSA_ERROR_BAD_STATE ); } -psa_status_t mbedtls_transparent_test_driver_hash_abort( +psa_status_t libtestdriver1_mbedtls_psa_hash_abort( mbedtls_psa_hash_operation_t *operation ) { return( hash_abort( operation ) ); diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c index 421d12e033f..fe15e9f6b02 100644 --- a/library/psa_crypto_mac.c +++ b/library/psa_crypto_mac.c @@ -585,7 +585,7 @@ static int is_mac_accelerated( psa_algorithm_t alg ) } } -psa_status_t mbedtls_transparent_test_driver_mac_compute( +psa_status_t libtestdriver1_mbedtls_psa_mac_compute( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -604,7 +604,7 @@ psa_status_t mbedtls_transparent_test_driver_mac_compute( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t mbedtls_transparent_test_driver_mac_sign_setup( +psa_status_t libtestdriver1_mbedtls_psa_mac_sign_setup( mbedtls_psa_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, @@ -618,7 +618,7 @@ psa_status_t mbedtls_transparent_test_driver_mac_sign_setup( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t mbedtls_transparent_test_driver_mac_verify_setup( +psa_status_t libtestdriver1_mbedtls_psa_mac_verify_setup( mbedtls_psa_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, @@ -632,7 +632,7 @@ psa_status_t mbedtls_transparent_test_driver_mac_verify_setup( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t mbedtls_transparent_test_driver_mac_update( +psa_status_t libtestdriver1_mbedtls_psa_mac_update( mbedtls_psa_mac_operation_t *operation, const uint8_t *input, size_t input_length ) @@ -643,7 +643,7 @@ psa_status_t mbedtls_transparent_test_driver_mac_update( return( PSA_ERROR_BAD_STATE ); } -psa_status_t mbedtls_transparent_test_driver_mac_sign_finish( +psa_status_t libtestdriver1_mbedtls_psa_mac_sign_finish( mbedtls_psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, @@ -655,7 +655,7 @@ psa_status_t mbedtls_transparent_test_driver_mac_sign_finish( return( PSA_ERROR_BAD_STATE ); } -psa_status_t mbedtls_transparent_test_driver_mac_verify_finish( +psa_status_t libtestdriver1_mbedtls_psa_mac_verify_finish( mbedtls_psa_mac_operation_t *operation, const uint8_t *mac, size_t mac_length ) @@ -666,7 +666,7 @@ psa_status_t mbedtls_transparent_test_driver_mac_verify_finish( return( PSA_ERROR_BAD_STATE ); } -psa_status_t mbedtls_transparent_test_driver_mac_abort( +psa_status_t libtestdriver1_mbedtls_psa_mac_abort( mbedtls_psa_mac_operation_t *operation ) { return( mac_abort( operation ) ); diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index 705cb413ead..4ee0adf9ef4 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -633,7 +633,7 @@ psa_status_t mbedtls_psa_rsa_verify_hash( #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) -psa_status_t mbedtls_transparent_test_driver_rsa_import_key( +psa_status_t libtestdriver1_mbedtls_psa_rsa_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, @@ -644,7 +644,7 @@ psa_status_t mbedtls_transparent_test_driver_rsa_import_key( key_buffer_length, bits ) ); } -psa_status_t mbedtls_transparent_test_driver_rsa_export_public_key( +psa_status_t libtestdriver1_mbedtls_psa_rsa_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, uint8_t *data, size_t data_size, size_t *data_length ) @@ -657,7 +657,7 @@ psa_status_t mbedtls_transparent_test_driver_rsa_export_public_key( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) */ #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) -psa_status_t mbedtls_transparent_test_driver_rsa_generate_key( +psa_status_t libtestdriver1_mbedtls_psa_rsa_generate_key( const psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) { @@ -668,7 +668,7 @@ psa_status_t mbedtls_transparent_test_driver_rsa_generate_key( #if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) -psa_status_t mbedtls_transparent_test_driver_rsa_sign_hash( +psa_status_t libtestdriver1_mbedtls_psa_rsa_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, @@ -695,7 +695,7 @@ psa_status_t mbedtls_transparent_test_driver_rsa_sign_hash( #endif } -psa_status_t mbedtls_transparent_test_driver_rsa_verify_hash( +psa_status_t libtestdriver1_mbedtls_psa_rsa_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, diff --git a/tests/include/test/drivers/cipher.h b/tests/include/test/drivers/cipher.h index 053b0c34cb1..cf24bbdcb0a 100644 --- a/tests/include/test/drivers/cipher.h +++ b/tests/include/test/drivers/cipher.h @@ -141,35 +141,35 @@ psa_status_t mbedtls_test_opaque_cipher_finish( uint8_t *output, size_t output_size, size_t *output_length); #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) -psa_status_t mbedtls_transparent_test_driver_cipher_encrypt_setup( +psa_status_t libtestdriver1_mbedtls_psa_cipher_encrypt_setup( mbedtls_psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg ); -psa_status_t mbedtls_transparent_test_driver_cipher_decrypt_setup( +psa_status_t libtestdriver1_mbedtls_psa_cipher_decrypt_setup( mbedtls_psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg ); -psa_status_t mbedtls_transparent_test_driver_cipher_set_iv( +psa_status_t libtestdriver1_mbedtls_psa_cipher_set_iv( mbedtls_psa_cipher_operation_t *operation, const uint8_t *iv, size_t iv_length ); -psa_status_t mbedtls_transparent_test_driver_cipher_update( +psa_status_t libtestdriver1_mbedtls_psa_cipher_update( mbedtls_psa_cipher_operation_t *operation, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length ); -psa_status_t mbedtls_transparent_test_driver_cipher_finish( +psa_status_t libtestdriver1_mbedtls_psa_cipher_finish( mbedtls_psa_cipher_operation_t *operation, uint8_t *output, size_t output_size, size_t *output_length ); -psa_status_t mbedtls_transparent_test_driver_cipher_abort( +psa_status_t libtestdriver1_mbedtls_psa_cipher_abort( mbedtls_psa_cipher_operation_t *operation ); -psa_status_t mbedtls_transparent_test_driver_cipher_encrypt( +psa_status_t libtestdriver1_mbedtls_psa_cipher_encrypt( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -180,7 +180,7 @@ psa_status_t mbedtls_transparent_test_driver_cipher_encrypt( size_t output_size, size_t *output_length ); -psa_status_t mbedtls_transparent_test_driver_cipher_decrypt( +psa_status_t libtestdriver1_mbedtls_psa_cipher_decrypt( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, diff --git a/tests/include/test/drivers/hash.h b/tests/include/test/drivers/hash.h index e0de79a28ce..2226841f18c 100644 --- a/tests/include/test/drivers/hash.h +++ b/tests/include/test/drivers/hash.h @@ -78,7 +78,7 @@ psa_status_t mbedtls_test_transparent_hash_abort( #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) -psa_status_t mbedtls_transparent_test_driver_hash_compute( +psa_status_t libtestdriver1_mbedtls_psa_hash_compute( psa_algorithm_t alg, const uint8_t *input, size_t input_length, @@ -86,26 +86,26 @@ psa_status_t mbedtls_transparent_test_driver_hash_compute( size_t hash_size, size_t *hash_length); -psa_status_t mbedtls_transparent_test_driver_hash_setup( +psa_status_t libtestdriver1_mbedtls_psa_hash_setup( mbedtls_psa_hash_operation_t *operation, psa_algorithm_t alg ); -psa_status_t mbedtls_transparent_test_driver_hash_clone( +psa_status_t libtestdriver1_mbedtls_psa_hash_clone( const mbedtls_psa_hash_operation_t *source_operation, mbedtls_psa_hash_operation_t *target_operation ); -psa_status_t mbedtls_transparent_test_driver_hash_update( +psa_status_t libtestdriver1_mbedtls_psa_hash_update( mbedtls_psa_hash_operation_t *operation, const uint8_t *input, size_t input_length ); -psa_status_t mbedtls_transparent_test_driver_hash_finish( +psa_status_t libtestdriver1_mbedtls_psa_hash_finish( mbedtls_psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, size_t *hash_length ); -psa_status_t mbedtls_transparent_test_driver_hash_abort( +psa_status_t libtestdriver1_mbedtls_psa_hash_abort( mbedtls_psa_hash_operation_t *operation ); #endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h index 79572ad5d28..cff86f54231 100644 --- a/tests/include/test/drivers/key_management.h +++ b/tests/include/test/drivers/key_management.h @@ -100,33 +100,33 @@ psa_status_t mbedtls_test_opaque_get_builtin_key( #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) -psa_status_t mbedtls_transparent_test_driver_ecp_import_key( +psa_status_t libtestdriver1_mbedtls_psa_ecp_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length, size_t *bits ); -psa_status_t mbedtls_transparent_test_driver_ecp_export_public_key( +psa_status_t libtestdriver1_mbedtls_psa_ecp_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, uint8_t *data, size_t data_size, size_t *data_length ); -psa_status_t mbedtls_transparent_test_driver_ecp_generate_key( +psa_status_t libtestdriver1_mbedtls_psa_ecp_generate_key( const psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); -psa_status_t mbedtls_transparent_test_driver_rsa_import_key( +psa_status_t libtestdriver1_mbedtls_psa_rsa_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length, size_t *bits ); -psa_status_t mbedtls_transparent_test_driver_rsa_export_public_key( +psa_status_t libtestdriver1_mbedtls_psa_rsa_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, uint8_t *data, size_t data_size, size_t *data_length ); -psa_status_t mbedtls_transparent_test_driver_rsa_generate_key( +psa_status_t libtestdriver1_mbedtls_psa_rsa_generate_key( const psa_key_attributes_t *attributes, uint8_t *key, size_t key_size, size_t *key_length ); diff --git a/tests/include/test/drivers/mac.h b/tests/include/test/drivers/mac.h index f8e7a1191d8..b49a16b9042 100644 --- a/tests/include/test/drivers/mac.h +++ b/tests/include/test/drivers/mac.h @@ -139,7 +139,7 @@ psa_status_t mbedtls_test_opaque_mac_abort( #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) -psa_status_t mbedtls_transparent_test_driver_mac_compute( +psa_status_t libtestdriver1_mbedtls_psa_mac_compute( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -150,37 +150,37 @@ psa_status_t mbedtls_transparent_test_driver_mac_compute( size_t mac_size, size_t *mac_length ); -psa_status_t mbedtls_transparent_test_driver_mac_sign_setup( +psa_status_t libtestdriver1_mbedtls_psa_mac_sign_setup( mbedtls_psa_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg ); -psa_status_t mbedtls_transparent_test_driver_mac_verify_setup( +psa_status_t libtestdriver1_mbedtls_psa_mac_verify_setup( mbedtls_psa_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg ); -psa_status_t mbedtls_transparent_test_driver_mac_update( +psa_status_t libtestdriver1_mbedtls_psa_mac_update( mbedtls_psa_mac_operation_t *operation, const uint8_t *input, size_t input_length ); -psa_status_t mbedtls_transparent_test_driver_mac_sign_finish( +psa_status_t libtestdriver1_mbedtls_psa_mac_sign_finish( mbedtls_psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, size_t *mac_length ); -psa_status_t mbedtls_transparent_test_driver_mac_verify_finish( +psa_status_t libtestdriver1_mbedtls_psa_mac_verify_finish( mbedtls_psa_mac_operation_t *operation, const uint8_t *mac, size_t mac_length ); -psa_status_t mbedtls_transparent_test_driver_mac_abort( +psa_status_t libtestdriver1_mbedtls_psa_mac_abort( mbedtls_psa_mac_operation_t *operation ); #endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ diff --git a/tests/include/test/drivers/signature.h b/tests/include/test/drivers/signature.h index d2321ba094f..8ea2cfafe5b 100644 --- a/tests/include/test/drivers/signature.h +++ b/tests/include/test/drivers/signature.h @@ -127,25 +127,25 @@ psa_status_t mbedtls_test_opaque_signature_verify_hash( #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) -psa_status_t mbedtls_transparent_test_driver_ecdsa_sign_hash( +psa_status_t libtestdriver1_mbedtls_psa_ecdsa_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, uint8_t *signature, size_t signature_size, size_t *signature_length ); -psa_status_t mbedtls_transparent_test_driver_ecdsa_verify_hash( +psa_status_t libtestdriver1_mbedtls_psa_ecdsa_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length ); -psa_status_t mbedtls_transparent_test_driver_rsa_sign_hash( +psa_status_t libtestdriver1_mbedtls_psa_rsa_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, uint8_t *signature, size_t signature_size, size_t *signature_length ); -psa_status_t mbedtls_transparent_test_driver_rsa_verify_hash( +psa_status_t libtestdriver1_mbedtls_psa_rsa_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, diff --git a/tests/src/drivers/hash.c b/tests/src/drivers/hash.c index e618660968c..99de56f1cb7 100644 --- a/tests/src/drivers/hash.c +++ b/tests/src/drivers/hash.c @@ -47,7 +47,7 @@ psa_status_t mbedtls_test_transparent_hash_compute( { #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_transparent_test_driver_hash_compute( + libtestdriver1_mbedtls_psa_hash_compute( alg, input, input_length, hash, hash_size, hash_length ); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) @@ -84,7 +84,7 @@ psa_status_t mbedtls_test_transparent_hash_setup( { #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_transparent_test_driver_hash_setup( operation, alg ); + libtestdriver1_mbedtls_psa_hash_setup( operation, alg ); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = mbedtls_psa_hash_setup( operation, alg ); @@ -113,8 +113,8 @@ psa_status_t mbedtls_test_transparent_hash_clone( { #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_transparent_test_driver_hash_clone( source_operation, - target_operation ); + libtestdriver1_mbedtls_psa_hash_clone( source_operation, + target_operation ); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = mbedtls_psa_hash_clone( source_operation, target_operation ); @@ -144,7 +144,7 @@ psa_status_t mbedtls_test_transparent_hash_update( { #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_transparent_test_driver_hash_update( + libtestdriver1_mbedtls_psa_hash_update( operation, input, input_length ); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = @@ -177,7 +177,7 @@ psa_status_t mbedtls_test_transparent_hash_finish( { #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_transparent_test_driver_hash_finish( + libtestdriver1_mbedtls_psa_hash_finish( operation, hash, hash_size, hash_length ); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = @@ -208,7 +208,7 @@ psa_status_t mbedtls_test_transparent_hash_abort( { #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_transparent_test_driver_hash_abort( operation ); + libtestdriver1_mbedtls_psa_hash_abort( operation ); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = mbedtls_psa_hash_abort( operation ); diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c index 03c160de868..b70ef61fc08 100644 --- a/tests/src/drivers/test_driver_cipher.c +++ b/tests/src/drivers/test_driver_cipher.c @@ -71,7 +71,7 @@ psa_status_t mbedtls_test_transparent_cipher_encrypt( psa_generate_random( output, PSA_CIPHER_IV_LENGTH( attributes->core.type, alg ) ); #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_cipher_encrypt( + return( libtestdriver1_mbedtls_psa_cipher_encrypt( attributes, key_buffer, key_buffer_size, alg, input, input_length, output, output_size, output_length ) ); @@ -115,7 +115,7 @@ psa_status_t mbedtls_test_transparent_cipher_decrypt( return( mbedtls_test_driver_cipher_hooks.forced_status ); #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_cipher_decrypt( + return( libtestdriver1_mbedtls_psa_cipher_decrypt( attributes, key_buffer, key_buffer_size, alg, input, input_length, output, output_size, output_length ) ); @@ -147,7 +147,7 @@ psa_status_t mbedtls_test_transparent_cipher_encrypt_setup( return( mbedtls_test_driver_cipher_hooks.forced_status ); #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_cipher_encrypt_setup( + return( libtestdriver1_mbedtls_psa_cipher_encrypt_setup( operation, attributes, key, key_length, alg ) ); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) return( mbedtls_psa_cipher_encrypt_setup( @@ -169,7 +169,7 @@ psa_status_t mbedtls_test_transparent_cipher_decrypt_setup( return( mbedtls_test_driver_cipher_hooks.forced_status ); #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_cipher_decrypt_setup( + return( libtestdriver1_mbedtls_psa_cipher_decrypt_setup( operation, attributes, key, key_length, alg ) ); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) return( mbedtls_psa_cipher_decrypt_setup( @@ -188,7 +188,7 @@ psa_status_t mbedtls_test_transparent_cipher_abort( return( PSA_SUCCESS ); #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - mbedtls_transparent_test_driver_cipher_abort( operation ); + libtestdriver1_mbedtls_psa_cipher_abort( operation ); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) mbedtls_psa_cipher_abort( operation ); #endif @@ -213,7 +213,7 @@ psa_status_t mbedtls_test_transparent_cipher_set_iv( return( mbedtls_test_driver_cipher_hooks.forced_status ); #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_cipher_set_iv( + return( libtestdriver1_mbedtls_psa_cipher_set_iv( operation, iv, iv_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) return( mbedtls_psa_cipher_set_iv( operation, iv, iv_length ) ); @@ -249,7 +249,7 @@ psa_status_t mbedtls_test_transparent_cipher_update( return( mbedtls_test_driver_cipher_hooks.forced_status ); #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_cipher_update( + return( libtestdriver1_mbedtls_psa_cipher_update( operation, input, input_length, output, output_size, output_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) @@ -286,7 +286,7 @@ psa_status_t mbedtls_test_transparent_cipher_finish( return( mbedtls_test_driver_cipher_hooks.forced_status ); #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_cipher_finish( + return( libtestdriver1_mbedtls_psa_cipher_finish( operation, output, output_size, output_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) return( mbedtls_psa_cipher_finish( diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c index 3d882854923..ce646bad78e 100644 --- a/tests/src/drivers/test_driver_key_management.c +++ b/tests/src/drivers/test_driver_key_management.c @@ -105,7 +105,7 @@ psa_status_t mbedtls_test_transparent_generate_key( { #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) && \ defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_ecp_generate_key( + return( libtestdriver1_mbedtls_psa_ecp_generate_key( attributes, key, key_size, key_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) return( mbedtls_psa_ecp_generate_key( @@ -116,7 +116,7 @@ psa_status_t mbedtls_test_transparent_generate_key( { #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) && \ defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_rsa_generate_key( + return( libtestdriver1_mbedtls_psa_rsa_generate_key( attributes, key, key_size, key_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) return( mbedtls_psa_rsa_generate_key( @@ -160,7 +160,7 @@ psa_status_t mbedtls_test_transparent_import_key( #if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) ) && \ defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_ecp_import_key( + return( libtestdriver1_mbedtls_psa_ecp_import_key( attributes, data, data_length, key_buffer, key_buffer_size, @@ -179,7 +179,7 @@ psa_status_t mbedtls_test_transparent_import_key( #if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) ) && \ defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_rsa_import_key( + return( libtestdriver1_mbedtls_psa_rsa_import_key( attributes, data, data_length, key_buffer, key_buffer_size, @@ -298,7 +298,7 @@ psa_status_t mbedtls_test_transparent_export_public_key( #if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) ) && \ defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_ecp_export_public_key( + return( libtestdriver1_mbedtls_psa_ecp_export_public_key( attributes, key_buffer, key_buffer_size, data, data_size, data_length ) ); @@ -315,7 +315,7 @@ psa_status_t mbedtls_test_transparent_export_public_key( #if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) ) && \ defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_rsa_export_public_key( + return( libtestdriver1_mbedtls_psa_rsa_export_public_key( attributes, key_buffer, key_buffer_size, data, data_size, data_length ) ); diff --git a/tests/src/drivers/test_driver_mac.c b/tests/src/drivers/test_driver_mac.c index 6f8c3c4b956..a6c2c88a6c9 100644 --- a/tests/src/drivers/test_driver_mac.c +++ b/tests/src/drivers/test_driver_mac.c @@ -53,7 +53,7 @@ psa_status_t mbedtls_test_transparent_mac_compute( { #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_transparent_test_driver_mac_compute( + libtestdriver1_mbedtls_psa_mac_compute( attributes, key_buffer, key_buffer_size, alg, input, input_length, mac, mac_size, mac_length ); @@ -98,7 +98,7 @@ psa_status_t mbedtls_test_transparent_mac_sign_setup( { #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_transparent_test_driver_mac_sign_setup( + libtestdriver1_mbedtls_psa_mac_sign_setup( operation, attributes, key_buffer, key_buffer_size, alg ); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = @@ -135,7 +135,7 @@ psa_status_t mbedtls_test_transparent_mac_verify_setup( { #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_transparent_test_driver_mac_verify_setup( + libtestdriver1_mbedtls_psa_mac_verify_setup( operation, attributes, key_buffer, key_buffer_size, alg ); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = @@ -170,7 +170,7 @@ psa_status_t mbedtls_test_transparent_mac_update( { #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_transparent_test_driver_mac_update( + libtestdriver1_mbedtls_psa_mac_update( operation, input, input_length ); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = @@ -204,7 +204,7 @@ psa_status_t mbedtls_test_transparent_mac_sign_finish( { #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_transparent_test_driver_mac_sign_finish( + libtestdriver1_mbedtls_psa_mac_sign_finish( operation, mac, mac_size, mac_length ); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = @@ -238,7 +238,7 @@ psa_status_t mbedtls_test_transparent_mac_verify_finish( { #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_transparent_test_driver_mac_verify_finish( + libtestdriver1_mbedtls_psa_mac_verify_finish( operation, mac, mac_length ); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = @@ -269,7 +269,7 @@ psa_status_t mbedtls_test_transparent_mac_abort( { #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_transparent_test_driver_mac_abort( operation ); + libtestdriver1_mbedtls_psa_mac_abort( operation ); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_psa_mac_abort( operation ); diff --git a/tests/src/drivers/test_driver_signature.c b/tests/src/drivers/test_driver_signature.c index 443b52eefc0..a656287b67d 100644 --- a/tests/src/drivers/test_driver_signature.c +++ b/tests/src/drivers/test_driver_signature.c @@ -35,6 +35,7 @@ #include "test/drivers/hash.h" #include "test/drivers/signature.h" +#include "test/drivers/hash.h" #include "mbedtls/md.h" #include "mbedtls/ecdsa.h" @@ -67,18 +68,18 @@ psa_status_t sign_hash( #if ( defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) ) && \ defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_rsa_sign_hash( + return( libtestdriver1_mbedtls_psa_rsa_sign_hash( attributes, key_buffer, key_buffer_size, alg, hash, hash_length, signature, signature_size, signature_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) - return( mbedtls_psa_rsa_sign_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ) ); + return( mbedtls_psa_rsa_sign_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length ) ); #endif } else @@ -93,7 +94,7 @@ psa_status_t sign_hash( #if ( defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) ) && \ defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_ecdsa_sign_hash( + return( libtestdriver1_mbedtls_psa_ecdsa_sign_hash( attributes, key_buffer, key_buffer_size, alg, hash, hash_length, @@ -143,18 +144,18 @@ psa_status_t verify_hash( #if ( defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) ) && \ defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_rsa_verify_hash( + return( libtestdriver1_mbedtls_psa_rsa_verify_hash( attributes, key_buffer, key_buffer_size, alg, hash, hash_length, signature, signature_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) - return( mbedtls_psa_rsa_verify_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ) ); + return( mbedtls_psa_rsa_verify_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length ) ); #endif } else @@ -169,7 +170,7 @@ psa_status_t verify_hash( #if ( defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) ) && \ defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_ecdsa_verify_hash( + return( libtestdriver1_mbedtls_psa_ecdsa_verify_hash( attributes, key_buffer, key_buffer_size, alg, hash, hash_length, @@ -233,7 +234,7 @@ psa_status_t mbedtls_test_transparent_signature_sign_message( } #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - status = mbedtls_transparent_test_driver_hash_compute( + status = libtestdriver1_mbedtls_psa_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), input, input_length, hash, sizeof( hash ), &hash_length ); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) @@ -297,7 +298,7 @@ psa_status_t mbedtls_test_transparent_signature_verify_message( return( mbedtls_test_driver_signature_verify_hooks.forced_status ); #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - status = mbedtls_transparent_test_driver_hash_compute( + status = libtestdriver1_mbedtls_psa_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), input, input_length, hash, sizeof( hash ), &hash_length ); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) @@ -361,9 +362,9 @@ psa_status_t mbedtls_test_transparent_signature_sign_hash( return( PSA_SUCCESS ); } - return sign_hash( attributes, key_buffer, key_buffer_size, + return( sign_hash( attributes, key_buffer, key_buffer_size, alg, hash, hash_length, - signature, signature_size, signature_length ); + signature, signature_size, signature_length ) ); } psa_status_t mbedtls_test_opaque_signature_sign_hash( From df885c052c701b89c24ad5f305114f8f8b39d750 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 28 Apr 2021 18:29:24 +0200 Subject: [PATCH 036/107] tests: Add build of a PSA test driver library PR #3959 has proven that by adding a prefix (LIBTESTDRIVER1/libtestdriver1_ in this commit) to all MBEDTLS/PSA_* and mbedtls/psa_* symbols of a copy of the Mbed TLS library, we can build a library that can be linked with the Mbed TLS library. This commit leverages this to build a PSA test driver library based on the Mbed TLS library code. The cryptographic features supported by the test library are defined by: . a minimal configuration (in the sense of config.h), see config_test_driver.h . PSA_WANT_* and PSA_ACCEL_* defined macros. The PSA_WANT_* macros have to be the same as the ones used to build the Mbed TLS library the test driver library is supposed to be linked to as the PSA_WANT_* macros are used in the definition of structures and macros that are shared by the PSA crypto core, Mbed TLS drivers and the driver test library. The PSA_ACCEL_* macros are intended to define the cryptographic features that have to be removed from the Mbed TLS library and thus supported by the test library in test scenarios. The PSA_ACCEL_* macros to build the test library are thus mirrored from the ones to build the Mbed TLS library by extended the crypto_config.h: see crypto_config_test_driver_entension.h. Signed-off-by: Ronald Cron --- tests/.gitignore | 2 + tests/Makefile | 45 ++++ .../include/test/drivers/config_test_driver.h | 57 +++++ .../crypto_config_test_driver_extension.h | 229 ++++++++++++++++++ visualc/VS2010/mbedTLS.vcxproj | 2 + 5 files changed, 335 insertions(+) create mode 100644 tests/include/test/drivers/config_test_driver.h create mode 100644 tests/include/test/drivers/crypto_config_test_driver_extension.h diff --git a/tests/.gitignore b/tests/.gitignore index d9f4b517871..8f7315d4f23 100644 --- a/tests/.gitignore +++ b/tests/.gitignore @@ -13,3 +13,5 @@ include/test/instrument_record_status.h src/*.o src/drivers/*.o src/libmbed* + +libtestdriver1/* diff --git a/tests/Makefile b/tests/Makefile index 5c59607d435..6e232c974ea 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -144,6 +144,7 @@ ifndef WINDOWS rm -rf $(BINARIES) *.c *.datax rm -f src/*.o src/drivers/*.o src/libmbed* rm -f include/test/instrument_record_status.h + rm -rf libtestdriver1 else if exist *.c del /Q /F *.c if exist *.exe del /Q /F *.exe @@ -160,6 +161,50 @@ check: $(BINARIES) test: check +# Generate test library + +# Perl code that is executed to transform each original line from a library +# source file into the corresponding line in the test driver copy of the +# library. Add a LIBTESTDRIVER1_/libtestdriver1_ to mbedtls_xxx and psa_xxx +# symbols. +define libtestdriver1_rewrite := + s!^(\s*#\s*include\s*[\"<])(mbedtls|psa)/!$${1}libtestdriver1/include/$${2}/!; \ + next if /^\s*#\s*include/; \ + s/\b(?=MBEDTLS_|PSA_)/LIBTESTDRIVER1_/g; \ + s/\b(?=mbedtls_|psa_)/libtestdriver1_/g; +endef + +libtestdriver1.a: + # Copy the library and fake a 3rdparty Makefile include. + rm -Rf ./libtestdriver1 + mkdir ./libtestdriver1 + cp -Rf ../library ./libtestdriver1 + cp -Rf ../include ./libtestdriver1 + mkdir ./libtestdriver1/3rdparty + touch ./libtestdriver1/3rdparty/Makefile.inc + + # Set the test driver base (minimal) configuration. + cp ./include/test/drivers/config_test_driver.h ./libtestdriver1/include/mbedtls/config.h + + # Set the PSA cryptography configuration for the test library. + # It is set from the copied include/psa/crypto_config.h of the Mbed TLS + # library the test library is intended to be linked with extended by + # ./include/test/drivers/crypto_config_test_driver_extension.h to + # mirror the PSA_ACCEL_* macros. + mv ./libtestdriver1/include/psa/crypto_config.h ./libtestdriver1/include/psa/crypto_config.h.bak + head -n -1 ./libtestdriver1/include/psa/crypto_config.h.bak > ./libtestdriver1/include/psa/crypto_config.h + cat ./include/test/drivers/crypto_config_test_driver_extension.h >> ./libtestdriver1/include/psa/crypto_config.h + echo "#endif /* PSA_CRYPTO_CONFIG_H */" >> ./libtestdriver1/include/psa/crypto_config.h + + # Prefix MBEDTLS_* PSA_* symbols with LIBTESTDRIVER1_ as well as + # mbedtls_* psa_* symbols with libtestdriver1_ to avoid symbol clash + # when this test driver library is linked with the Mbed TLS library. + perl -pi -e '$(libtestdriver1_rewrite)' ./libtestdriver1/library/*.[ch] + perl -pi -e '$(libtestdriver1_rewrite)' ./libtestdriver1/include/*/*.h + + $(MAKE) -C ./libtestdriver1/library CFLAGS="-I../../ $(CFLAGS)" LDFLAGS="$(LDFLAGS)" libmbedcrypto.a + cp ./libtestdriver1/library/libmbedcrypto.a ../library/libtestdriver1.a + ifdef RECORD_PSA_STATUS_COVERAGE_LOG include/test/instrument_record_status.h: ../include/psa/crypto.h Makefile echo " Gen $@" diff --git a/tests/include/test/drivers/config_test_driver.h b/tests/include/test/drivers/config_test_driver.h new file mode 100644 index 00000000000..0b5a6499a86 --- /dev/null +++ b/tests/include/test/drivers/config_test_driver.h @@ -0,0 +1,57 @@ +/** + * \file config.h + * + * \brief Configuration options (set of defines) + * + * This set of compile-time options may be used to enable + * or disable features selectively, and reduce the global + * memory footprint. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef MBEDTLS_CONFIG_H +#define MBEDTLS_CONFIG_H + +#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) +#define _CRT_SECURE_NO_DEPRECATE 1 +#endif + +#define MBEDTLS_PSA_CRYPTO_C +#define MBEDTLS_PSA_CRYPTO_CONFIG + +/* PSA core mandatory configuration options */ +#define MBEDTLS_CIPHER_C +#define MBEDTLS_AES_C +#define MBEDTLS_SHA256_C +#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1 +#define MBEDTLS_CTR_DRBG_C +#define MBEDTLS_ENTROPY_C + +/* + * Configuration options that may need to be additionally enabled for the + * purpose of a specific set of tests. + */ +//#define MBEDTLS_SHA1_C +//#define MBEDTLS_SHA512_C +//#define MBEDTLS_PEM_PARSE_C +//#define MBEDTLS_BASE64_C + +#include "mbedtls/config_psa.h" +#include "mbedtls/check_config.h" + +#endif /* MBEDTLS_CONFIG_H */ diff --git a/tests/include/test/drivers/crypto_config_test_driver_extension.h b/tests/include/test/drivers/crypto_config_test_driver_extension.h new file mode 100644 index 00000000000..f4f95dcfc2c --- /dev/null +++ b/tests/include/test/drivers/crypto_config_test_driver_extension.h @@ -0,0 +1,229 @@ +/** + * \file psa/crypto_config.h + * \brief PSA crypto configuration options (set of defines) + * + */ + +#if defined(PSA_WANT_ALG_CBC_NO_PADDING) +#if defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) +#undef MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING +#else +#define MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_CBC_PKCS7) +#if defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7) +#undef MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7 +#else +#define MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_CFB) +#if defined(MBEDTLS_PSA_ACCEL_ALG_CFB) +#undef MBEDTLS_PSA_ACCEL_ALG_CFB +#else +#define MBEDTLS_PSA_ACCEL_ALG_CFB 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_CTR) +#if defined(MBEDTLS_PSA_ACCEL_ALG_CTR) +#undef MBEDTLS_PSA_ACCEL_ALG_CTR +#else +#define MBEDTLS_PSA_ACCEL_ALG_CTR 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) +#if defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) +#undef MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA +#else +#define MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_ECDSA) +#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) +#undef MBEDTLS_PSA_ACCEL_ALG_ECDSA +#else +#define MBEDTLS_PSA_ACCEL_ALG_ECDSA 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_MD2) +#if defined(MBEDTLS_PSA_ACCEL_ALG_MD2) +#undef MBEDTLS_PSA_ACCEL_ALG_MD2 +#else +#define MBEDTLS_PSA_ACCEL_ALG_MD2 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_MD4) +#if defined(MBEDTLS_PSA_ACCEL_ALG_MD4) +#undef MBEDTLS_PSA_ACCEL_ALG_MD4 +#else +#define MBEDTLS_PSA_ACCEL_ALG_MD4 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_MD5) +#if defined(MBEDTLS_PSA_ACCEL_ALG_MD5) +#undef MBEDTLS_PSA_ACCEL_ALG_MD5 +#else +#define MBEDTLS_PSA_ACCEL_ALG_MD5 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_OFB) +#if defined(MBEDTLS_PSA_ACCEL_ALG_OFB) +#undef MBEDTLS_PSA_ACCEL_ALG_OFB +#else +#define MBEDTLS_PSA_ACCEL_ALG_OFB 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_RIPEMD160) +#if defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) +#undef MBEDTLS_PSA_ACCEL_ALG_RIPEMD160 +#else +#define MBEDTLS_PSA_ACCEL_ALG_RIPEMD160 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) +#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) +#undef MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN +#else +#define MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_RSA_PSS) +#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) +#undef MBEDTLS_PSA_ACCEL_ALG_RSA_PSS +#else +#define MBEDTLS_PSA_ACCEL_ALG_RSA_PSS 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_SHA_1) +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) +#undef MBEDTLS_PSA_ACCEL_ALG_SHA_1 +#else +#define MBEDTLS_PSA_ACCEL_ALG_SHA_1 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_SHA_224) +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) +#undef MBEDTLS_PSA_ACCEL_ALG_SHA_224 +#else +#define MBEDTLS_PSA_ACCEL_ALG_SHA_224 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_SHA_256) +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) +#undef MBEDTLS_PSA_ACCEL_ALG_SHA_256 +#else +#define MBEDTLS_PSA_ACCEL_ALG_SHA_256 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_SHA_384) +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) +#undef MBEDTLS_PSA_ACCEL_ALG_SHA_384 +#else +#define MBEDTLS_PSA_ACCEL_ALG_SHA_384 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_SHA_512) +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) +#undef MBEDTLS_PSA_ACCEL_ALG_SHA_512 +#else +#define MBEDTLS_PSA_ACCEL_ALG_SHA_512 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_XTS) +#if defined(MBEDTLS_PSA_ACCEL_ALG_XTS) +#undef MBEDTLS_PSA_ACCEL_ALG_XTS +#else +#define MBEDTLS_PSA_ACCEL_ALG_XTS 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_AES) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_AES +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_AES 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_CAMELLIA) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR 1 +#endif +#endif + +#define MBEDTLS_PSA_ACCEL_ALG_CBC_MAC 1 +#define MBEDTLS_PSA_ACCEL_ALG_CCM 1 +#define MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 1 +#define MBEDTLS_PSA_ACCEL_ALG_CMAC 1 +#define MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING 1 +#define MBEDTLS_PSA_ACCEL_ALG_ECDH 1 +#define MBEDTLS_PSA_ACCEL_ALG_GCM 1 +#define MBEDTLS_PSA_ACCEL_ALG_HKDF 1 +#define MBEDTLS_PSA_ACCEL_ALG_HMAC 1 +#define MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP 1 +#define MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT 1 +#define MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER 1 +#define MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF 1 +#define MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS 1 + +#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) +#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256 1 +#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384 1 +#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512 1 +#define MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255 1 +#define MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448 1 +#define MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192 1 +#define MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224 1 +#define MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256 1 +#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192 1 +#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224 1 +#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256 1 +#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384 1 +#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521 1 +#endif + +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DERIVE 1 +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_HMAC 1 +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ARC4 1 +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20 1 +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DES 1 +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY 1 +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RAW_DATA 1 +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY 1 diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 962e8680cba..08972c3f872 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -248,6 +248,8 @@ + + From b814bdabe48d0297a7780739e99c70d966e75455 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 13 Sep 2021 14:50:42 +0200 Subject: [PATCH 037/107] Move to separately compiled PSA test driver library This commit removes the test_psa_crypto_config_basic all.sh component that can no longer work without adapting it to the separately compiled test driver library. This component is replaced by several components in the following commits to test various type of acceleration independently. Signed-off-by: Ronald Cron --- include/psa/crypto_builtin_composites.h | 13 ----- include/psa/crypto_builtin_primitives.h | 25 --------- .../psa/crypto_driver_contexts_composites.h | 35 ++++++++++++- .../psa/crypto_driver_contexts_primitives.h | 52 ++++++++++++++++++- tests/include/test/drivers/cipher.h | 52 ------------------- tests/include/test/drivers/hash.h | 34 ------------ tests/include/test/drivers/key_management.h | 34 ------------ tests/include/test/drivers/mac.h | 48 ----------------- tests/include/test/drivers/signature.h | 29 ----------- tests/scripts/all.sh | 40 -------------- tests/scripts/check_names.py | 3 +- tests/src/drivers/hash.c | 22 +++++--- tests/src/drivers/test_driver_cipher.c | 42 ++++++++++----- .../src/drivers/test_driver_key_management.c | 52 +++++++++++-------- tests/src/drivers/test_driver_mac.c | 36 +++++++++---- tests/src/drivers/test_driver_signature.c | 44 +++++++++------- 16 files changed, 212 insertions(+), 349 deletions(-) diff --git a/include/psa/crypto_builtin_composites.h b/include/psa/crypto_builtin_composites.h index 1d11b003e4c..a875b237041 100644 --- a/include/psa/crypto_builtin_composites.h +++ b/include/psa/crypto_builtin_composites.h @@ -76,17 +76,4 @@ typedef struct #define MBEDTLS_PSA_MAC_OPERATION_INIT {0, {0}} -/* - * BEYOND THIS POINT, TEST DRIVER DECLARATIONS ONLY. - */ -#if defined(PSA_CRYPTO_DRIVER_TEST) - -typedef mbedtls_psa_mac_operation_t mbedtls_transparent_test_driver_mac_operation_t; -typedef mbedtls_psa_mac_operation_t mbedtls_opaque_test_driver_mac_operation_t; - -#define MBEDTLS_TRANSPARENT_TEST_DRIVER_MAC_OPERATION_INIT MBEDTLS_PSA_MAC_OPERATION_INIT -#define MBEDTLS_OPAQUE_TEST_DRIVER_MAC_OPERATION_INIT MBEDTLS_PSA_MAC_OPERATION_INIT - -#endif /* PSA_CRYPTO_DRIVER_TEST */ - #endif /* PSA_CRYPTO_BUILTIN_COMPOSITES_H */ diff --git a/include/psa/crypto_builtin_primitives.h b/include/psa/crypto_builtin_primitives.h index d7a69e54ede..a268e536969 100644 --- a/include/psa/crypto_builtin_primitives.h +++ b/include/psa/crypto_builtin_primitives.h @@ -121,29 +121,4 @@ typedef struct { #define MBEDTLS_PSA_CIPHER_OPERATION_INIT {0, 0, 0, {0}} -/* - * BEYOND THIS POINT, TEST DRIVER DECLARATIONS ONLY. - */ -#if defined(PSA_CRYPTO_DRIVER_TEST) - -typedef mbedtls_psa_hash_operation_t mbedtls_transparent_test_driver_hash_operation_t; - -#define MBEDTLS_TRANSPARENT_TEST_DRIVER_HASH_OPERATION_INIT MBEDTLS_PSA_HASH_OPERATION_INIT - -typedef mbedtls_psa_cipher_operation_t - mbedtls_transparent_test_driver_cipher_operation_t; - -typedef struct { - unsigned int initialised : 1; - mbedtls_transparent_test_driver_cipher_operation_t ctx; -} mbedtls_opaque_test_driver_cipher_operation_t; - -#define MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT \ - MBEDTLS_PSA_CIPHER_OPERATION_INIT - -#define MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT \ - { 0, MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT } - -#endif /* PSA_CRYPTO_DRIVER_TEST */ - #endif /* PSA_CRYPTO_BUILTIN_PRIMITIVES_H */ diff --git a/include/psa/crypto_driver_contexts_composites.h b/include/psa/crypto_driver_contexts_composites.h index 239fdcb3374..a7220091ea3 100644 --- a/include/psa/crypto_driver_contexts_composites.h +++ b/include/psa/crypto_driver_contexts_composites.h @@ -36,11 +36,42 @@ #include "psa/crypto_driver_common.h" +/* Include the context structure definitions for the Mbed TLS software drivers */ +#include "psa/crypto_builtin_composites.h" + /* Include the context structure definitions for those drivers that were * declared during the autogeneration process. */ -/* Include the context structure definitions for the Mbed TLS software drivers */ -#include "psa/crypto_builtin_composites.h" +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#include +#endif + +#if defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) +typedef libtestdriver1_mbedtls_psa_mac_operation_t + mbedtls_transparent_test_driver_mac_operation_t; +typedef libtestdriver1_mbedtls_psa_mac_operation_t + mbedtls_opaque_test_driver_mac_operation_t; + +#define MBEDTLS_TRANSPARENT_TEST_DRIVER_MAC_OPERATION_INIT \ + LIBTESTDRIVER1_MBEDTLS_PSA_MAC_OPERATION_INIT +#define MBEDTLS_OPAQUE_TEST_DRIVER_MAC_OPERATION_INIT \ + LIBTESTDRIVER1_MBEDTLS_PSA_MAC_OPERATION_INIT + +#else +typedef mbedtls_psa_mac_operation_t + mbedtls_transparent_test_driver_mac_operation_t; +typedef mbedtls_psa_mac_operation_t + mbedtls_opaque_test_driver_mac_operation_t; + +#define MBEDTLS_TRANSPARENT_TEST_DRIVER_MAC_OPERATION_INIT \ + MBEDTLS_PSA_MAC_OPERATION_INIT +#define MBEDTLS_OPAQUE_TEST_DRIVER_MAC_OPERATION_INIT \ + MBEDTLS_PSA_MAC_OPERATION_INIT + +#endif /* MBEDTLS_TEST_LIBTESTDRIVER1 */ +#endif /* PSA_CRYPTO_DRIVER_TEST */ /* Define the context to be used for an operation that is executed through the * PSA Driver wrapper layer as the union of all possible driver's contexts. diff --git a/include/psa/crypto_driver_contexts_primitives.h b/include/psa/crypto_driver_contexts_primitives.h index 104d4bdb6d6..2bb01ed432f 100644 --- a/include/psa/crypto_driver_contexts_primitives.h +++ b/include/psa/crypto_driver_contexts_primitives.h @@ -35,11 +35,59 @@ #include "psa/crypto_driver_common.h" +/* Include the context structure definitions for the Mbed TLS software drivers */ +#include "psa/crypto_builtin_primitives.h" + /* Include the context structure definitions for those drivers that were * declared during the autogeneration process. */ -/* Include the context structure definitions for the Mbed TLS software drivers */ -#include "psa/crypto_builtin_primitives.h" +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#include +#endif + +#if defined(PSA_CRYPTO_DRIVER_TEST) + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) +typedef libtestdriver1_mbedtls_psa_cipher_operation_t + mbedtls_transparent_test_driver_cipher_operation_t; + +#define MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT \ + LIBTESTDRIVER1_MBEDTLS_PSA_CIPHER_OPERATION_INIT +#else +typedef mbedtls_psa_cipher_operation_t + mbedtls_transparent_test_driver_cipher_operation_t; + +#define MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT \ + MBEDTLS_PSA_CIPHER_OPERATION_INIT +#endif /* MBEDTLS_TEST_LIBTESTDRIVER1 && + LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER */ + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) +typedef libtestdriver1_mbedtls_psa_hash_operation_t + mbedtls_transparent_test_driver_hash_operation_t; + +#define MBEDTLS_TRANSPARENT_TEST_DRIVER_HASH_OPERATION_INIT \ + LIBTESTDRIVER1_MBEDTLS_PSA_HASH_OPERATION_INIT +#else +typedef mbedtls_psa_hash_operation_t + mbedtls_transparent_test_driver_hash_operation_t; + +#define MBEDTLS_TRANSPARENT_TEST_DRIVER_HASH_OPERATION_INIT \ + MBEDTLS_PSA_HASH_OPERATION_INIT +#endif /* MBEDTLS_TEST_LIBTESTDRIVER1 && + LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH */ + +typedef struct { + unsigned int initialised : 1; + mbedtls_transparent_test_driver_cipher_operation_t ctx; +} mbedtls_opaque_test_driver_cipher_operation_t; + +#define MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT \ + { 0, MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT } + +#endif /* PSA_CRYPTO_DRIVER_TEST */ /* Define the context to be used for an operation that is executed through the * PSA Driver wrapper layer as the union of all possible driver's contexts. diff --git a/tests/include/test/drivers/cipher.h b/tests/include/test/drivers/cipher.h index cf24bbdcb0a..4fe559618f8 100644 --- a/tests/include/test/drivers/cipher.h +++ b/tests/include/test/drivers/cipher.h @@ -140,57 +140,5 @@ psa_status_t mbedtls_test_opaque_cipher_finish( mbedtls_opaque_test_driver_cipher_operation_t *operation, uint8_t *output, size_t output_size, size_t *output_length); -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) -psa_status_t libtestdriver1_mbedtls_psa_cipher_encrypt_setup( - mbedtls_psa_cipher_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ); - -psa_status_t libtestdriver1_mbedtls_psa_cipher_decrypt_setup( - mbedtls_psa_cipher_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ); - -psa_status_t libtestdriver1_mbedtls_psa_cipher_set_iv( - mbedtls_psa_cipher_operation_t *operation, - const uint8_t *iv, size_t iv_length ); - -psa_status_t libtestdriver1_mbedtls_psa_cipher_update( - mbedtls_psa_cipher_operation_t *operation, - const uint8_t *input, size_t input_length, - uint8_t *output, size_t output_size, size_t *output_length ); - -psa_status_t libtestdriver1_mbedtls_psa_cipher_finish( - mbedtls_psa_cipher_operation_t *operation, - uint8_t *output, size_t output_size, size_t *output_length ); - -psa_status_t libtestdriver1_mbedtls_psa_cipher_abort( - mbedtls_psa_cipher_operation_t *operation ); - -psa_status_t libtestdriver1_mbedtls_psa_cipher_encrypt( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ); - -psa_status_t libtestdriver1_mbedtls_psa_cipher_decrypt( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ); -#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ - #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_CIPHER_H */ diff --git a/tests/include/test/drivers/hash.h b/tests/include/test/drivers/hash.h index 2226841f18c..ebe83dee4e0 100644 --- a/tests/include/test/drivers/hash.h +++ b/tests/include/test/drivers/hash.h @@ -76,39 +76,5 @@ psa_status_t mbedtls_test_transparent_hash_finish( psa_status_t mbedtls_test_transparent_hash_abort( mbedtls_psa_hash_operation_t *operation ); -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - -psa_status_t libtestdriver1_mbedtls_psa_hash_compute( - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *hash, - size_t hash_size, - size_t *hash_length); - -psa_status_t libtestdriver1_mbedtls_psa_hash_setup( - mbedtls_psa_hash_operation_t *operation, - psa_algorithm_t alg ); - -psa_status_t libtestdriver1_mbedtls_psa_hash_clone( - const mbedtls_psa_hash_operation_t *source_operation, - mbedtls_psa_hash_operation_t *target_operation ); - -psa_status_t libtestdriver1_mbedtls_psa_hash_update( - mbedtls_psa_hash_operation_t *operation, - const uint8_t *input, - size_t input_length ); - -psa_status_t libtestdriver1_mbedtls_psa_hash_finish( - mbedtls_psa_hash_operation_t *operation, - uint8_t *hash, - size_t hash_size, - size_t *hash_length ); - -psa_status_t libtestdriver1_mbedtls_psa_hash_abort( - mbedtls_psa_hash_operation_t *operation ); - -#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ - #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_HASH_H */ diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h index cff86f54231..bb08bf6b894 100644 --- a/tests/include/test/drivers/key_management.h +++ b/tests/include/test/drivers/key_management.h @@ -98,39 +98,5 @@ psa_status_t mbedtls_test_opaque_get_builtin_key( psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - -psa_status_t libtestdriver1_mbedtls_psa_ecp_import_key( - const psa_key_attributes_t *attributes, - const uint8_t *data, size_t data_length, - uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ); - -psa_status_t libtestdriver1_mbedtls_psa_ecp_export_public_key( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ); - -psa_status_t libtestdriver1_mbedtls_psa_ecp_generate_key( - const psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); - -psa_status_t libtestdriver1_mbedtls_psa_rsa_import_key( - const psa_key_attributes_t *attributes, - const uint8_t *data, size_t data_length, - uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ); - -psa_status_t libtestdriver1_mbedtls_psa_rsa_export_public_key( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ); - -psa_status_t libtestdriver1_mbedtls_psa_rsa_generate_key( - const psa_key_attributes_t *attributes, - uint8_t *key, size_t key_size, size_t *key_length ); - -#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ - #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H */ diff --git a/tests/include/test/drivers/mac.h b/tests/include/test/drivers/mac.h index b49a16b9042..7733dd341c9 100644 --- a/tests/include/test/drivers/mac.h +++ b/tests/include/test/drivers/mac.h @@ -137,53 +137,5 @@ psa_status_t mbedtls_test_opaque_mac_verify_finish( psa_status_t mbedtls_test_opaque_mac_abort( mbedtls_opaque_test_driver_mac_operation_t *operation ); -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - -psa_status_t libtestdriver1_mbedtls_psa_mac_compute( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ); - -psa_status_t libtestdriver1_mbedtls_psa_mac_sign_setup( - mbedtls_psa_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg ); - -psa_status_t libtestdriver1_mbedtls_psa_mac_verify_setup( - mbedtls_psa_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg ); - -psa_status_t libtestdriver1_mbedtls_psa_mac_update( - mbedtls_psa_mac_operation_t *operation, - const uint8_t *input, - size_t input_length ); - -psa_status_t libtestdriver1_mbedtls_psa_mac_sign_finish( - mbedtls_psa_mac_operation_t *operation, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ); - -psa_status_t libtestdriver1_mbedtls_psa_mac_verify_finish( - mbedtls_psa_mac_operation_t *operation, - const uint8_t *mac, - size_t mac_length ); - -psa_status_t libtestdriver1_mbedtls_psa_mac_abort( - mbedtls_psa_mac_operation_t *operation ); - -#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ - #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_MAC_H */ diff --git a/tests/include/test/drivers/signature.h b/tests/include/test/drivers/signature.h index 8ea2cfafe5b..5e64edc3c80 100644 --- a/tests/include/test/drivers/signature.h +++ b/tests/include/test/drivers/signature.h @@ -124,34 +124,5 @@ psa_status_t mbedtls_test_opaque_signature_verify_hash( const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length ); - -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - -psa_status_t libtestdriver1_mbedtls_psa_ecdsa_sign_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ); - -psa_status_t libtestdriver1_mbedtls_psa_ecdsa_verify_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ); - -psa_status_t libtestdriver1_mbedtls_psa_rsa_sign_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ); - -psa_status_t libtestdriver1_mbedtls_psa_rsa_verify_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ); - -#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ - #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_SIGNATURE_H */ diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index b10dc6eef4a..b1caf6e99a0 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1591,46 +1591,6 @@ component_test_no_use_psa_crypto_full_cmake_asan() { env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' } -component_test_psa_crypto_config_basic() { - # Test the library excluding all Mbed TLS cryptographic support for which - # we have an accelerator support. Acceleration is faked with the - # transparent test driver. - msg "test: full + MBEDTLS_PSA_CRYPTO_CONFIG + as much acceleration as supported" - scripts/config.py full - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS - scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO - - # There is no intended accelerator support for ALG STREAM_CIPHER and - # ALG_ECB_NO_PADDING. Therefore, asking for them in the build implies the - # inclusion of the Mbed TLS cipher operations. As we want to test here with - # cipher operations solely supported by accelerators, disabled those - # PSA configuration options. - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING - - # Don't test DES encryption as: - # 1) It is not an issue if we don't test all cipher types here. - # 2) That way we don't have to modify in psa_crypto.c the compilation - # guards MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES for the code they guard to be - # available to the test driver. Modifications that we would need to - # revert when we move to compile the test driver separately. - # We also disable MBEDTLS_DES_C as the dependencies on DES in PSA test - # suites are still based on MBEDTLS_DES_C and not PSA_WANT_KEY_TYPE_DES. - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_DES - scripts/config.py unset MBEDTLS_DES_C - - loc_cflags="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST_ALL" - loc_cflags="${loc_cflags} '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" - loc_cflags="${loc_cflags} -I../tests/include -O2" - - make CC=gcc CFLAGS="$loc_cflags" LDFLAGS="$ASAN_CFLAGS" - unset loc_cflags - - msg "test: full + MBEDTLS_PSA_CRYPTO_CONFIG" - make test -} - component_test_psa_crypto_config_no_driver() { # full plus MBEDTLS_PSA_CRYPTO_CONFIG msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG minus MBEDTLS_PSA_CRYPTO_DRIVERS" diff --git a/tests/scripts/check_names.py b/tests/scripts/check_names.py index cae722e58eb..4e078e32168 100755 --- a/tests/scripts/check_names.py +++ b/tests/scripts/check_names.py @@ -779,7 +779,8 @@ def check_for_typos(self): match.name for match in self.parse_result["macros"] + self.parse_result["enum_consts"]} - typo_exclusion = re.compile(r"XXX|__|_$|^MBEDTLS_.*CONFIG_FILE$") + typo_exclusion = re.compile(r"XXX|__|_$|^MBEDTLS_.*CONFIG_FILE$|" + r"MBEDTLS_TEST_LIBTESTDRIVER*") for name_match in self.parse_result["mbed_words"]: found = name_match.name in all_caps_names diff --git a/tests/src/drivers/hash.c b/tests/src/drivers/hash.c index 99de56f1cb7..0d59bee405d 100644 --- a/tests/src/drivers/hash.c +++ b/tests/src/drivers/hash.c @@ -28,6 +28,10 @@ #include "test/drivers/hash.h" +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#include "libtestdriver1/library/psa_crypto_hash.h" +#endif + mbedtls_test_driver_hash_hooks_t mbedtls_test_driver_hash_hooks = MBEDTLS_TEST_DRIVER_HASH_INIT; @@ -45,7 +49,8 @@ psa_status_t mbedtls_test_transparent_hash_compute( } else { -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = libtestdriver1_mbedtls_psa_hash_compute( alg, input, input_length, @@ -82,7 +87,8 @@ psa_status_t mbedtls_test_transparent_hash_setup( } else { -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = libtestdriver1_mbedtls_psa_hash_setup( operation, alg ); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) @@ -111,7 +117,8 @@ psa_status_t mbedtls_test_transparent_hash_clone( } else { -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = libtestdriver1_mbedtls_psa_hash_clone( source_operation, target_operation ); @@ -142,7 +149,8 @@ psa_status_t mbedtls_test_transparent_hash_update( } else { -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = libtestdriver1_mbedtls_psa_hash_update( operation, input, input_length ); @@ -175,7 +183,8 @@ psa_status_t mbedtls_test_transparent_hash_finish( } else { -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = libtestdriver1_mbedtls_psa_hash_finish( operation, hash, hash_size, hash_length ); @@ -206,7 +215,8 @@ psa_status_t mbedtls_test_transparent_hash_abort( } else { -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = libtestdriver1_mbedtls_psa_hash_abort( operation ); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c index b70ef61fc08..4f651b93773 100644 --- a/tests/src/drivers/test_driver_cipher.c +++ b/tests/src/drivers/test_driver_cipher.c @@ -34,6 +34,10 @@ #include "test/random.h" +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#include "libtestdriver1/library/psa_crypto_cipher.h" +#endif + #include mbedtls_test_driver_cipher_hooks_t mbedtls_test_driver_cipher_hooks = @@ -70,9 +74,11 @@ psa_status_t mbedtls_test_transparent_cipher_encrypt( psa_generate_random( output, PSA_CIPHER_IV_LENGTH( attributes->core.type, alg ) ); -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) return( libtestdriver1_mbedtls_psa_cipher_encrypt( - attributes, key_buffer, key_buffer_size, + (const libtestdriver1_psa_key_attributes_t *)attributes, + key_buffer, key_buffer_size, alg, input, input_length, output, output_size, output_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) @@ -114,9 +120,11 @@ psa_status_t mbedtls_test_transparent_cipher_decrypt( if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_cipher_hooks.forced_status ); -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) return( libtestdriver1_mbedtls_psa_cipher_decrypt( - attributes, key_buffer, key_buffer_size, + (const libtestdriver1_psa_key_attributes_t *)attributes, + key_buffer, key_buffer_size, alg, input, input_length, output, output_size, output_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) @@ -146,9 +154,12 @@ psa_status_t mbedtls_test_transparent_cipher_encrypt_setup( if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_cipher_hooks.forced_status ); -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) return( libtestdriver1_mbedtls_psa_cipher_encrypt_setup( - operation, attributes, key, key_length, alg ) ); + operation, + (const libtestdriver1_psa_key_attributes_t *)attributes, + key, key_length, alg ) ); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) return( mbedtls_psa_cipher_encrypt_setup( operation, attributes, key, key_length, alg ) ); @@ -168,9 +179,12 @@ psa_status_t mbedtls_test_transparent_cipher_decrypt_setup( if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_cipher_hooks.forced_status ); -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) return( libtestdriver1_mbedtls_psa_cipher_decrypt_setup( - operation, attributes, key, key_length, alg ) ); + operation, + (const libtestdriver1_psa_key_attributes_t *)attributes, + key, key_length, alg ) ); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) return( mbedtls_psa_cipher_decrypt_setup( operation, attributes, key, key_length, alg ) ); @@ -187,7 +201,8 @@ psa_status_t mbedtls_test_transparent_cipher_abort( if( operation->alg == 0 ) return( PSA_SUCCESS ); -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) libtestdriver1_mbedtls_psa_cipher_abort( operation ); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) mbedtls_psa_cipher_abort( operation ); @@ -212,7 +227,8 @@ psa_status_t mbedtls_test_transparent_cipher_set_iv( if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_cipher_hooks.forced_status ); -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) return( libtestdriver1_mbedtls_psa_cipher_set_iv( operation, iv, iv_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) @@ -248,7 +264,8 @@ psa_status_t mbedtls_test_transparent_cipher_update( if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_cipher_hooks.forced_status ); -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) return( libtestdriver1_mbedtls_psa_cipher_update( operation, input, input_length, output, output_size, output_length ) ); @@ -285,7 +302,8 @@ psa_status_t mbedtls_test_transparent_cipher_finish( if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_cipher_hooks.forced_status ); -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) return( libtestdriver1_mbedtls_psa_cipher_finish( operation, output, output_size, output_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c index ce646bad78e..1cff3cb59ef 100644 --- a/tests/src/drivers/test_driver_key_management.c +++ b/tests/src/drivers/test_driver_key_management.c @@ -33,9 +33,13 @@ #include "mbedtls/error.h" #include "test/drivers/key_management.h" - #include "test/random.h" +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#include "libtestdriver1/library/psa_crypto_ecp.h" +#include "libtestdriver1/library/psa_crypto_rsa.h" +#endif + #include mbedtls_test_driver_key_management_hooks_t @@ -103,10 +107,11 @@ psa_status_t mbedtls_test_transparent_generate_key( if( PSA_KEY_TYPE_IS_ECC( psa_get_key_type( attributes ) ) && PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) ) { -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) return( libtestdriver1_mbedtls_psa_ecp_generate_key( - attributes, key, key_size, key_length ) ); + (const libtestdriver1_psa_key_attributes_t *)attributes, + key, key_size, key_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) return( mbedtls_psa_ecp_generate_key( attributes, key, key_size, key_length ) ); @@ -114,10 +119,11 @@ psa_status_t mbedtls_test_transparent_generate_key( } else if( psa_get_key_type( attributes ) == PSA_KEY_TYPE_RSA_KEY_PAIR ) { -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) return( libtestdriver1_mbedtls_psa_rsa_generate_key( - attributes, key, key_size, key_length ) ); + (const libtestdriver1_psa_key_attributes_t *)attributes, + key, key_size, key_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) return( mbedtls_psa_rsa_generate_key( attributes, key, key_size, key_length ) ); @@ -157,11 +163,11 @@ psa_status_t mbedtls_test_transparent_import_key( if( PSA_KEY_TYPE_IS_ECC( type ) ) { -#if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) ) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) ) return( libtestdriver1_mbedtls_psa_ecp_import_key( - attributes, + (const libtestdriver1_psa_key_attributes_t *)attributes, data, data_length, key_buffer, key_buffer_size, key_buffer_length, bits ) ); @@ -176,11 +182,11 @@ psa_status_t mbedtls_test_transparent_import_key( } else if( PSA_KEY_TYPE_IS_RSA( type ) ) { -#if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) ) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) ) return( libtestdriver1_mbedtls_psa_rsa_import_key( - attributes, + (const libtestdriver1_psa_key_attributes_t *)attributes, data, data_length, key_buffer, key_buffer_size, key_buffer_length, bits ) ); @@ -295,11 +301,11 @@ psa_status_t mbedtls_test_transparent_export_public_key( if( PSA_KEY_TYPE_IS_ECC( key_type ) ) { -#if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) ) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) ) return( libtestdriver1_mbedtls_psa_ecp_export_public_key( - attributes, + (const libtestdriver1_psa_key_attributes_t *)attributes, key_buffer, key_buffer_size, data, data_size, data_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ @@ -312,11 +318,11 @@ psa_status_t mbedtls_test_transparent_export_public_key( } else if( PSA_KEY_TYPE_IS_RSA( key_type ) ) { -#if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) ) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) ) return( libtestdriver1_mbedtls_psa_rsa_export_public_key( - attributes, + (const libtestdriver1_psa_key_attributes_t *)attributes, key_buffer, key_buffer_size, data, data_size, data_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ diff --git a/tests/src/drivers/test_driver_mac.c b/tests/src/drivers/test_driver_mac.c index a6c2c88a6c9..06b6eb77ab7 100644 --- a/tests/src/drivers/test_driver_mac.c +++ b/tests/src/drivers/test_driver_mac.c @@ -28,6 +28,10 @@ #include "test/drivers/mac.h" +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#include "libtestdriver1/library/psa_crypto_mac.h" +#endif + mbedtls_test_driver_mac_hooks_t mbedtls_test_driver_mac_hooks = MBEDTLS_TEST_DRIVER_MAC_INIT; @@ -51,10 +55,12 @@ psa_status_t mbedtls_test_transparent_mac_compute( } else { -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = libtestdriver1_mbedtls_psa_mac_compute( - attributes, key_buffer, key_buffer_size, alg, + (const libtestdriver1_psa_key_attributes_t *)attributes, + key_buffer, key_buffer_size, alg, input, input_length, mac, mac_size, mac_length ); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) @@ -96,10 +102,13 @@ psa_status_t mbedtls_test_transparent_mac_sign_setup( } else { -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = libtestdriver1_mbedtls_psa_mac_sign_setup( - operation, attributes, key_buffer, key_buffer_size, alg ); + operation, + (const libtestdriver1_psa_key_attributes_t *)attributes, + key_buffer, key_buffer_size, alg ); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_psa_mac_sign_setup( @@ -133,10 +142,13 @@ psa_status_t mbedtls_test_transparent_mac_verify_setup( } else { -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = libtestdriver1_mbedtls_psa_mac_verify_setup( - operation, attributes, key_buffer, key_buffer_size, alg ); + operation, + (const libtestdriver1_psa_key_attributes_t *)attributes, + key_buffer, key_buffer_size, alg ); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_psa_mac_verify_setup( @@ -168,7 +180,8 @@ psa_status_t mbedtls_test_transparent_mac_update( } else { -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = libtestdriver1_mbedtls_psa_mac_update( operation, input, input_length ); @@ -202,7 +215,8 @@ psa_status_t mbedtls_test_transparent_mac_sign_finish( } else { -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = libtestdriver1_mbedtls_psa_mac_sign_finish( operation, mac, mac_size, mac_length ); @@ -236,7 +250,8 @@ psa_status_t mbedtls_test_transparent_mac_verify_finish( } else { -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = libtestdriver1_mbedtls_psa_mac_verify_finish( operation, mac, mac_length ); @@ -267,7 +282,8 @@ psa_status_t mbedtls_test_transparent_mac_abort( } else { -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = libtestdriver1_mbedtls_psa_mac_abort( operation ); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) diff --git a/tests/src/drivers/test_driver_signature.c b/tests/src/drivers/test_driver_signature.c index a656287b67d..3de43a8adec 100644 --- a/tests/src/drivers/test_driver_signature.c +++ b/tests/src/drivers/test_driver_signature.c @@ -42,6 +42,12 @@ #include "test/random.h" +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#include "libtestdriver1/library/psa_crypto_ecp.h" +#include "libtestdriver1/library/psa_crypto_hash.h" +#include "libtestdriver1/library/psa_crypto_rsa.h" +#endif + #include mbedtls_test_driver_signature_hooks_t @@ -65,11 +71,11 @@ psa_status_t sign_hash( if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) || PSA_ALG_IS_RSA_PSS( alg) ) { -#if ( defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) ) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) ) return( libtestdriver1_mbedtls_psa_rsa_sign_hash( - attributes, + (const libtestdriver1_psa_key_attributes_t *) attributes, key_buffer, key_buffer_size, alg, hash, hash_length, signature, signature_size, signature_length ) ); @@ -91,11 +97,11 @@ psa_status_t sign_hash( { if( PSA_ALG_IS_ECDSA( alg ) ) { -#if ( defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) ) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) ) return( libtestdriver1_mbedtls_psa_ecdsa_sign_hash( - attributes, + (const libtestdriver1_psa_key_attributes_t *) attributes, key_buffer, key_buffer_size, alg, hash, hash_length, signature, signature_size, signature_length ) ); @@ -141,11 +147,11 @@ psa_status_t verify_hash( if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) || PSA_ALG_IS_RSA_PSS( alg) ) { -#if ( defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) ) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) ) return( libtestdriver1_mbedtls_psa_rsa_verify_hash( - attributes, + (const libtestdriver1_psa_key_attributes_t *) attributes, key_buffer, key_buffer_size, alg, hash, hash_length, signature, signature_length ) ); @@ -167,11 +173,11 @@ psa_status_t verify_hash( { if( PSA_ALG_IS_ECDSA( alg ) ) { -#if ( defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) ) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) ) return( libtestdriver1_mbedtls_psa_ecdsa_verify_hash( - attributes, + (const libtestdriver1_psa_key_attributes_t *) attributes, key_buffer, key_buffer_size, alg, hash, hash_length, signature, signature_length ) ); @@ -233,7 +239,8 @@ psa_status_t mbedtls_test_transparent_signature_sign_message( return( PSA_SUCCESS ); } -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) status = libtestdriver1_mbedtls_psa_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), input, input_length, hash, sizeof( hash ), &hash_length ); @@ -297,7 +304,8 @@ psa_status_t mbedtls_test_transparent_signature_verify_message( if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_signature_verify_hooks.forced_status ); -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) status = libtestdriver1_mbedtls_psa_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), input, input_length, hash, sizeof( hash ), &hash_length ); From cfc3c7b593d1a1cd49d3984d8b2a6f3adca36436 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Sat, 13 Mar 2021 18:50:11 +0100 Subject: [PATCH 038/107] psa: Remove test code in the library The current testing of the PSA configuration is based on test code located in the library itself. Remove this code as we are moving to using a test library instead. Signed-off-by: Ronald Cron --- library/psa_crypto_cipher.c | 343 ++++-------------- library/psa_crypto_ecp.c | 248 ++----------- library/psa_crypto_hash.c | 340 +++-------------- library/psa_crypto_mac.c | 318 ++++------------ library/psa_crypto_rsa.c | 260 ++----------- tests/include/test/drivers/hash.h | 2 +- .../src/drivers/test_driver_key_management.c | 13 + 7 files changed, 273 insertions(+), 1251 deletions(-) diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index 71dee2bd165..6dfaae990e7 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -31,34 +31,6 @@ #include -#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES) ) ) -#define BUILTIN_KEY_TYPE_DES 1 -#endif - -#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) ) ) -#define BUILTIN_ALG_CBC_NO_PADDING 1 -#endif - -#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7) ) ) -#define BUILTIN_ALG_CBC_PKCS7 1 -#endif - -#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20) ) ) -#define BUILTIN_KEY_TYPE_CHACHA20 1 -#endif - const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( psa_algorithm_t alg, psa_key_type_t key_type, @@ -154,10 +126,9 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( (int) key_bits, mode ) ); } -#if defined(MBEDTLS_PSA_BUILTIN_CIPHER) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) ) +#if defined(MBEDTLS_PSA_BUILTIN_CIPHER) -static psa_status_t cipher_setup( +static psa_status_t psa_cipher_setup( mbedtls_psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -184,7 +155,7 @@ static psa_status_t cipher_setup( if( ret != 0 ) goto exit; -#if defined(BUILTIN_KEY_TYPE_DES) +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES) if( key_type == PSA_KEY_TYPE_DES && key_bits == 128 ) { /* Two-key Triple-DES is 3-key Triple-DES with K1=K3 */ @@ -204,8 +175,8 @@ static psa_status_t cipher_setup( if( ret != 0 ) goto exit; -#if defined(BUILTIN_ALG_CBC_NO_PADDING) || \ - defined(BUILTIN_ALG_CBC_PKCS7) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7) switch( alg ) { case PSA_ALG_CBC_NO_PADDING: @@ -223,7 +194,8 @@ static psa_status_t cipher_setup( } if( ret != 0 ) goto exit; -#endif /* BUILTIN_ALG_CBC_NO_PADDING || BUILTIN_ALG_CBC_PKCS7 */ +#endif /* MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING || + MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 */ operation->block_length = ( PSA_ALG_IS_STREAM_CIPHER( alg ) ? 1 : PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); @@ -233,30 +205,31 @@ static psa_status_t cipher_setup( return( mbedtls_to_psa_error( ret ) ); } -static psa_status_t cipher_encrypt_setup( +psa_status_t mbedtls_psa_cipher_encrypt_setup( mbedtls_psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg ) { - return( cipher_setup( operation, attributes, - key_buffer, key_buffer_size, - alg, MBEDTLS_ENCRYPT ) ); + return( psa_cipher_setup( operation, attributes, + key_buffer, key_buffer_size, + alg, MBEDTLS_ENCRYPT ) ); } -static psa_status_t cipher_decrypt_setup( +psa_status_t mbedtls_psa_cipher_decrypt_setup( mbedtls_psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg ) { - return( cipher_setup( operation, attributes, - key_buffer, key_buffer_size, - alg, MBEDTLS_DECRYPT ) ); + return( psa_cipher_setup( operation, attributes, + key_buffer, key_buffer_size, + alg, MBEDTLS_DECRYPT ) ); } -static psa_status_t cipher_set_iv( mbedtls_psa_cipher_operation_t *operation, - const uint8_t *iv, size_t iv_length ) +psa_status_t mbedtls_psa_cipher_set_iv( + mbedtls_psa_cipher_operation_t *operation, + const uint8_t *iv, size_t iv_length ) { if( iv_length != operation->iv_length ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -370,12 +343,10 @@ static psa_status_t psa_cipher_update_ecb( return( status ); } -static psa_status_t cipher_update( mbedtls_psa_cipher_operation_t *operation, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) +psa_status_t mbedtls_psa_cipher_update( + mbedtls_psa_cipher_operation_t *operation, + const uint8_t *input, size_t input_length, + uint8_t *output, size_t output_size, size_t *output_length ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; size_t expected_output_size; @@ -422,10 +393,9 @@ static psa_status_t cipher_update( mbedtls_psa_cipher_operation_t *operation, return( status ); } -static psa_status_t cipher_finish( mbedtls_psa_cipher_operation_t *operation, - uint8_t *output, - size_t output_size, - size_t *output_length ) +psa_status_t mbedtls_psa_cipher_finish( + mbedtls_psa_cipher_operation_t *operation, + uint8_t *output, size_t output_size, size_t *output_length ) { psa_status_t status = PSA_ERROR_GENERIC_ERROR; uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH]; @@ -461,7 +431,8 @@ static psa_status_t cipher_finish( mbedtls_psa_cipher_operation_t *operation, return( status ); } -static psa_status_t cipher_abort( mbedtls_psa_cipher_operation_t *operation ) +psa_status_t mbedtls_psa_cipher_abort( + mbedtls_psa_cipher_operation_t *operation ) { /* Sanity check (shouldn't happen: operation->alg should * always have been initialized to a valid value). */ @@ -473,46 +444,50 @@ static psa_status_t cipher_abort( mbedtls_psa_cipher_operation_t *operation ) return( PSA_SUCCESS ); } -static psa_status_t cipher_encrypt( const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) +psa_status_t mbedtls_psa_cipher_encrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT; size_t olength, accumulated_length; - status = cipher_encrypt_setup( &operation, attributes, - key_buffer, key_buffer_size, alg ); + status = mbedtls_psa_cipher_encrypt_setup( &operation, attributes, + key_buffer, key_buffer_size, + alg ); if( status != PSA_SUCCESS ) goto exit; accumulated_length = 0; if( operation.iv_length > 0 ) { - status = cipher_set_iv( &operation, output, operation.iv_length ); + status = mbedtls_psa_cipher_set_iv( &operation, + output, operation.iv_length ); if( status != PSA_SUCCESS ) goto exit; accumulated_length = operation.iv_length; } - status = cipher_update( &operation, input, input_length, - output + operation.iv_length, - output_size - operation.iv_length, - &olength ); + status = mbedtls_psa_cipher_update( &operation, input, input_length, + output + operation.iv_length, + output_size - operation.iv_length, + &olength ); if( status != PSA_SUCCESS ) goto exit; accumulated_length += olength; - status = cipher_finish( &operation, output + accumulated_length, - output_size - accumulated_length, &olength ); + status = mbedtls_psa_cipher_finish( &operation, output + accumulated_length, + output_size - accumulated_length, + &olength ); if( status != PSA_SUCCESS ) goto exit; @@ -520,48 +495,53 @@ static psa_status_t cipher_encrypt( const psa_key_attributes_t *attributes, exit: if( status == PSA_SUCCESS ) - status = cipher_abort( &operation ); + status = mbedtls_psa_cipher_abort( &operation ); else - cipher_abort( &operation ); + mbedtls_psa_cipher_abort( &operation ); + return( status ); } -static psa_status_t cipher_decrypt( const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) +psa_status_t mbedtls_psa_cipher_decrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT; size_t olength, accumulated_length; - status = cipher_decrypt_setup( &operation, attributes, - key_buffer, key_buffer_size, alg ); + status = mbedtls_psa_cipher_decrypt_setup( &operation, attributes, + key_buffer, key_buffer_size, + alg ); if( status != PSA_SUCCESS ) goto exit; if( operation.iv_length > 0 ) { - status = cipher_set_iv( &operation, input, operation.iv_length ); + status = mbedtls_psa_cipher_set_iv( &operation, + input, operation.iv_length ); if( status != PSA_SUCCESS ) goto exit; } - status = cipher_update( &operation, input + operation.iv_length, - input_length - operation.iv_length, - output, output_size, &olength ); + status = mbedtls_psa_cipher_update( &operation, input + operation.iv_length, + input_length - operation.iv_length, + output, output_size, &olength ); if( status != PSA_SUCCESS ) goto exit; accumulated_length = olength; - status = cipher_finish( &operation, output + accumulated_length, - output_size - accumulated_length, &olength ); + status = mbedtls_psa_cipher_finish( &operation, output + accumulated_length, + output_size - accumulated_length, + &olength ); if( status != PSA_SUCCESS ) goto exit; @@ -569,183 +549,12 @@ static psa_status_t cipher_decrypt( const psa_key_attributes_t *attributes, exit: if ( status == PSA_SUCCESS ) - status = cipher_abort( &operation ); + status = mbedtls_psa_cipher_abort( &operation ); else - cipher_abort( &operation ); - return( status ); -} -#endif /* MBEDTLS_PSA_BUILTIN_CIPHER || - (PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG) */ - -#if defined(MBEDTLS_PSA_BUILTIN_CIPHER) -psa_status_t mbedtls_psa_cipher_encrypt_setup( - mbedtls_psa_cipher_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) -{ - return( cipher_encrypt_setup( - operation, attributes, key_buffer, key_buffer_size, alg ) ); -} - -psa_status_t mbedtls_psa_cipher_decrypt_setup( - mbedtls_psa_cipher_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) -{ - return( cipher_decrypt_setup( - operation, attributes, key_buffer, key_buffer_size, alg ) ); -} - -psa_status_t mbedtls_psa_cipher_set_iv( mbedtls_psa_cipher_operation_t *operation, - const uint8_t *iv, - size_t iv_length ) -{ - return( cipher_set_iv( operation, iv, iv_length ) ); -} - -psa_status_t mbedtls_psa_cipher_update( mbedtls_psa_cipher_operation_t *operation, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) -{ - return( cipher_update( operation, input, input_length, - output, output_size, output_length ) ); -} - -psa_status_t mbedtls_psa_cipher_finish( mbedtls_psa_cipher_operation_t *operation, - uint8_t *output, - size_t output_size, - size_t *output_length ) -{ - return( cipher_finish( operation, output, output_size, output_length ) ); -} - -psa_status_t mbedtls_psa_cipher_abort( mbedtls_psa_cipher_operation_t *operation ) -{ - return( cipher_abort( operation ) ); -} + mbedtls_psa_cipher_abort( &operation ); -psa_status_t mbedtls_psa_cipher_encrypt( const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) -{ - return( cipher_encrypt( attributes, key_buffer, key_buffer_size, - alg, input, input_length, - output, output_size, output_length ) ); -} - -psa_status_t mbedtls_psa_cipher_decrypt( const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) -{ - return( cipher_decrypt( attributes, key_buffer, key_buffer_size, - alg, input, input_length, - output, output_size, output_length ) ); + return( status ); } #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ -/* - * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. - */ - -#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) -psa_status_t libtestdriver1_mbedtls_psa_cipher_encrypt_setup( - mbedtls_psa_cipher_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) -{ - return( cipher_encrypt_setup( - operation, attributes, key_buffer, key_buffer_size, alg ) ); -} - -psa_status_t libtestdriver1_mbedtls_psa_cipher_decrypt_setup( - mbedtls_psa_cipher_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) -{ - return( cipher_decrypt_setup( - operation, attributes, key_buffer, key_buffer_size, alg ) ); -} - -psa_status_t libtestdriver1_mbedtls_psa_cipher_set_iv( - mbedtls_psa_cipher_operation_t *operation, - const uint8_t *iv, size_t iv_length ) -{ - return( cipher_set_iv( operation, iv, iv_length ) ); -} - -psa_status_t libtestdriver1_mbedtls_psa_cipher_update( - mbedtls_psa_cipher_operation_t *operation, - const uint8_t *input, size_t input_length, - uint8_t *output, size_t output_size, size_t *output_length ) -{ - return( cipher_update( operation, input, input_length, - output, output_size, output_length ) ); -} - -psa_status_t libtestdriver1_mbedtls_psa_cipher_finish( - mbedtls_psa_cipher_operation_t *operation, - uint8_t *output, size_t output_size, size_t *output_length ) -{ - return( cipher_finish( operation, output, output_size, output_length ) ); -} - -psa_status_t libtestdriver1_mbedtls_psa_cipher_abort( - mbedtls_psa_cipher_operation_t *operation ) -{ - return( cipher_abort( operation ) ); -} - -psa_status_t libtestdriver1_mbedtls_psa_cipher_encrypt( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) -{ - return( cipher_encrypt( attributes, key_buffer, key_buffer_size, - alg, input, input_length, - output, output_size, output_length ) ); -} - -psa_status_t libtestdriver1_mbedtls_psa_cipher_decrypt( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) -{ - return( cipher_decrypt( attributes, key_buffer, key_buffer_size, - alg, input, input_length, - output, output_size, output_length ) ); -} - -#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ - #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c index 3fdcdb26789..db6682c6dce 100644 --- a/library/psa_crypto_ecp.c +++ b/library/psa_crypto_ecp.c @@ -40,40 +40,10 @@ #include #include -#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) ) ) -#define BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1 -#endif - -#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) ) ) -#define BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1 -#endif - -#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) && \ - defined(MBEDTLS_ECDSA_C) ) ) -#define BUILTIN_ALG_ECDSA 1 -#endif - -#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) && \ - defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) ) ) -#define BUILTIN_ALG_DETERMINISTIC_ECDSA 1 -#endif - -#if defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \ - defined(BUILTIN_ALG_ECDSA) || \ - defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) || \ +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) psa_status_t mbedtls_psa_ecp_load_representation( psa_key_type_t type, size_t curve_bits, @@ -185,16 +155,16 @@ psa_status_t mbedtls_psa_ecp_load_representation( return( status ); } -#endif /* defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || - * defined(BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || - * defined(BUILTIN_ALG_ECDSA) || - * defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) || +#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || + * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || + * defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || + * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || * defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) */ -#if defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) -static psa_status_t ecp_import_key( +psa_status_t mbedtls_psa_ecp_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, @@ -285,7 +255,7 @@ psa_status_t mbedtls_psa_ecp_export_key( psa_key_type_t type, } } -static psa_status_t ecp_export_public_key( +psa_status_t mbedtls_psa_ecp_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, uint8_t *data, size_t data_size, size_t *data_length ) @@ -309,11 +279,11 @@ static psa_status_t ecp_export_public_key( return( status ); } -#endif /* defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || - * defined(BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */ +#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || + * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */ -#if defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) -static psa_status_t ecp_generate_key( +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) +psa_status_t mbedtls_psa_ecp_generate_key( const psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) { @@ -355,15 +325,15 @@ static psa_status_t ecp_generate_key( return( status ); } -#endif /* defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) */ +#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) */ /****************************************************************/ /* ECDSA sign/verify */ /****************************************************************/ -#if defined(BUILTIN_ALG_ECDSA) || \ - defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) -static psa_status_t ecdsa_sign_hash( +#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) +psa_status_t mbedtls_psa_ecdsa_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, @@ -395,7 +365,7 @@ static psa_status_t ecdsa_sign_hash( if( PSA_ALG_ECDSA_IS_DETERMINISTIC( alg ) ) { -#if defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg ); const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg ); mbedtls_md_type_t md_alg = mbedtls_md_get_type( md_info ); @@ -408,7 +378,7 @@ static psa_status_t ecdsa_sign_hash( #else ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; goto cleanup; -#endif /* defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) */ +#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */ } else { @@ -437,7 +407,7 @@ static psa_status_t ecdsa_sign_hash( return( mbedtls_to_psa_error( ret ) ); } -static psa_status_t ecdsa_verify_hash( +psa_status_t mbedtls_psa_ecdsa_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, @@ -496,177 +466,7 @@ static psa_status_t ecdsa_verify_hash( return( mbedtls_to_psa_error( ret ) ); } -#endif /* defined(BUILTIN_ALG_ECDSA) || \ - * defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) */ - -#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) - -psa_status_t mbedtls_psa_ecp_import_key( - const psa_key_attributes_t *attributes, - const uint8_t *data, size_t data_length, - uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ) -{ - return( ecp_import_key( attributes, data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, bits ) ); -} - -psa_status_t mbedtls_psa_ecp_export_public_key( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ) -{ - return( ecp_export_public_key( attributes, key_buffer, key_buffer_size, - data, data_size, data_length ) ); -} - -#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || - * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */ - -#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) -psa_status_t mbedtls_psa_ecp_generate_key( - const psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) -{ - return( ecp_generate_key( attributes, key_buffer, key_buffer_size, - key_buffer_length ) ); -} -#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) */ - - -#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) - -psa_status_t mbedtls_psa_ecdsa_sign_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ) -{ - - return( ecdsa_sign_hash( attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ) ); -} - -psa_status_t mbedtls_psa_ecdsa_verify_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ) -{ - return( ecdsa_verify_hash( attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ) ); -} - -#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || +#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */ -/* - * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. - */ - -#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) - -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) - -psa_status_t libtestdriver1_mbedtls_psa_ecp_import_key( - const psa_key_attributes_t *attributes, - const uint8_t *data, size_t data_length, - uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ) -{ - return( ecp_import_key( attributes, data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, bits ) ); -} - -psa_status_t libtestdriver1_mbedtls_psa_ecp_export_public_key( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ) -{ - return( ecp_export_public_key( attributes, key_buffer, key_buffer_size, - data, data_size, data_length ) ); -} - -#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) */ - -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) && \ - defined(MBEDTLS_GENPRIME) -psa_status_t libtestdriver1_mbedtls_psa_ecp_generate_key( - const psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) -{ - return( ecp_generate_key( attributes, key_buffer, key_buffer_size, - key_buffer_length ) ); -} -#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) && - defined(MBEDTLS_GENPRIME) */ - -#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) - -psa_status_t libtestdriver1_mbedtls_psa_ecdsa_sign_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ) -{ - -#if defined(MBEDTLS_ECDSA_C) - return( ecdsa_sign_hash( attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ) ); -#else - (void)attributes; - (void)key_buffer; - (void)key_buffer_size; - (void)alg; - (void)hash; - (void)hash_length; - (void)signature; - (void)signature_size; - (void)signature_length; - return( PSA_ERROR_NOT_SUPPORTED ); -#endif -} - -psa_status_t libtestdriver1_mbedtls_psa_ecdsa_verify_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ) -{ -#if defined(MBEDTLS_ECDSA_C) - return( ecdsa_verify_hash( attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ) ); -#else - (void)attributes; - (void)key_buffer; - (void)key_buffer_size; - (void)alg; - (void)hash; - (void)hash_length; - (void)signature; - (void)signature_length; - return( PSA_ERROR_NOT_SUPPORTED ); -#endif -} - -#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || - * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */ - -#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ - #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index 84ba8412580..9c50ca8db39 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -29,63 +29,6 @@ #include #include -/* Use builtin defines specific to this compilation unit, since the test driver - * relies on the software driver. */ -#if( defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_MD2) ) ) -#define BUILTIN_ALG_MD2 1 -#endif -#if( defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_MD4) ) ) -#define BUILTIN_ALG_MD4 1 -#endif -#if( defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_MD5) ) ) -#define BUILTIN_ALG_MD5 1 -#endif -#if( defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) ) ) -#define BUILTIN_ALG_RIPEMD160 1 -#endif -#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) ) ) -#define BUILTIN_ALG_SHA_1 1 -#endif -#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) ) ) -#define BUILTIN_ALG_SHA_224 1 -#endif -#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) ) ) -#define BUILTIN_ALG_SHA_256 1 -#endif -#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) ) ) -#define BUILTIN_ALG_SHA_384 1 -#endif -#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) ) ) -#define BUILTIN_ALG_SHA_512 1 -#endif - #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \ @@ -141,9 +84,8 @@ const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ) /* Implement the PSA driver hash interface on top of mbed TLS if either the * software driver or the test driver requires it. */ -#if defined(MBEDTLS_PSA_BUILTIN_HASH) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) ) -static psa_status_t hash_abort( +#if defined(MBEDTLS_PSA_BUILTIN_HASH) +psa_status_t mbedtls_psa_hash_abort( mbedtls_psa_hash_operation_t *operation ) { switch( operation->alg ) @@ -153,47 +95,47 @@ static psa_status_t hash_abort( * in use. It's ok to call abort on such an object, and there's * nothing to do. */ break; -#if defined(BUILTIN_ALG_MD2) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) case PSA_ALG_MD2: mbedtls_md2_free( &operation->ctx.md2 ); break; #endif -#if defined(BUILTIN_ALG_MD4) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) case PSA_ALG_MD4: mbedtls_md4_free( &operation->ctx.md4 ); break; #endif -#if defined(BUILTIN_ALG_MD5) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) case PSA_ALG_MD5: mbedtls_md5_free( &operation->ctx.md5 ); break; #endif -#if defined(BUILTIN_ALG_RIPEMD160) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: mbedtls_ripemd160_free( &operation->ctx.ripemd160 ); break; #endif -#if defined(BUILTIN_ALG_SHA_1) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: mbedtls_sha1_free( &operation->ctx.sha1 ); break; #endif -#if defined(BUILTIN_ALG_SHA_224) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: mbedtls_sha256_free( &operation->ctx.sha256 ); break; #endif -#if defined(BUILTIN_ALG_SHA_256) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: mbedtls_sha256_free( &operation->ctx.sha256 ); break; #endif -#if defined(BUILTIN_ALG_SHA_384) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: mbedtls_sha512_free( &operation->ctx.sha512 ); break; #endif -#if defined(BUILTIN_ALG_SHA_512) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: mbedtls_sha512_free( &operation->ctx.sha512 ); break; @@ -205,7 +147,7 @@ static psa_status_t hash_abort( return( PSA_SUCCESS ); } -static psa_status_t hash_setup( +psa_status_t mbedtls_psa_hash_setup( mbedtls_psa_hash_operation_t *operation, psa_algorithm_t alg ) { @@ -219,55 +161,55 @@ static psa_status_t hash_setup( switch( alg ) { -#if defined(BUILTIN_ALG_MD2) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) case PSA_ALG_MD2: mbedtls_md2_init( &operation->ctx.md2 ); ret = mbedtls_md2_starts_ret( &operation->ctx.md2 ); break; #endif -#if defined(BUILTIN_ALG_MD4) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) case PSA_ALG_MD4: mbedtls_md4_init( &operation->ctx.md4 ); ret = mbedtls_md4_starts_ret( &operation->ctx.md4 ); break; #endif -#if defined(BUILTIN_ALG_MD5) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) case PSA_ALG_MD5: mbedtls_md5_init( &operation->ctx.md5 ); ret = mbedtls_md5_starts_ret( &operation->ctx.md5 ); break; #endif -#if defined(BUILTIN_ALG_RIPEMD160) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: mbedtls_ripemd160_init( &operation->ctx.ripemd160 ); ret = mbedtls_ripemd160_starts_ret( &operation->ctx.ripemd160 ); break; #endif -#if defined(BUILTIN_ALG_SHA_1) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: mbedtls_sha1_init( &operation->ctx.sha1 ); ret = mbedtls_sha1_starts_ret( &operation->ctx.sha1 ); break; #endif -#if defined(BUILTIN_ALG_SHA_224) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: mbedtls_sha256_init( &operation->ctx.sha256 ); ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 1 ); break; #endif -#if defined(BUILTIN_ALG_SHA_256) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: mbedtls_sha256_init( &operation->ctx.sha256 ); ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 0 ); break; #endif -#if defined(BUILTIN_ALG_SHA_384) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: mbedtls_sha512_init( &operation->ctx.sha512 ); ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 1 ); break; #endif -#if defined(BUILTIN_ALG_SHA_512) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: mbedtls_sha512_init( &operation->ctx.sha512 ); ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 0 ); @@ -281,11 +223,11 @@ static psa_status_t hash_setup( if( ret == 0 ) operation->alg = alg; else - hash_abort( operation ); + mbedtls_psa_hash_abort( operation ); return( mbedtls_to_psa_error( ret ) ); } -static psa_status_t hash_clone( +psa_status_t mbedtls_psa_hash_clone( const mbedtls_psa_hash_operation_t *source_operation, mbedtls_psa_hash_operation_t *target_operation ) { @@ -293,55 +235,55 @@ static psa_status_t hash_clone( { case 0: return( PSA_ERROR_BAD_STATE ); -#if defined(BUILTIN_ALG_MD2) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) case PSA_ALG_MD2: mbedtls_md2_clone( &target_operation->ctx.md2, &source_operation->ctx.md2 ); break; #endif -#if defined(BUILTIN_ALG_MD4) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) case PSA_ALG_MD4: mbedtls_md4_clone( &target_operation->ctx.md4, &source_operation->ctx.md4 ); break; #endif -#if defined(BUILTIN_ALG_MD5) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) case PSA_ALG_MD5: mbedtls_md5_clone( &target_operation->ctx.md5, &source_operation->ctx.md5 ); break; #endif -#if defined(BUILTIN_ALG_RIPEMD160) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: mbedtls_ripemd160_clone( &target_operation->ctx.ripemd160, &source_operation->ctx.ripemd160 ); break; #endif -#if defined(BUILTIN_ALG_SHA_1) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: mbedtls_sha1_clone( &target_operation->ctx.sha1, &source_operation->ctx.sha1 ); break; #endif -#if defined(BUILTIN_ALG_SHA_224) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: mbedtls_sha256_clone( &target_operation->ctx.sha256, &source_operation->ctx.sha256 ); break; #endif -#if defined(BUILTIN_ALG_SHA_256) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: mbedtls_sha256_clone( &target_operation->ctx.sha256, &source_operation->ctx.sha256 ); break; #endif -#if defined(BUILTIN_ALG_SHA_384) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: mbedtls_sha512_clone( &target_operation->ctx.sha512, &source_operation->ctx.sha512 ); break; #endif -#if defined(BUILTIN_ALG_SHA_512) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: mbedtls_sha512_clone( &target_operation->ctx.sha512, &source_operation->ctx.sha512 ); @@ -357,7 +299,7 @@ static psa_status_t hash_clone( return( PSA_SUCCESS ); } -static psa_status_t hash_update( +psa_status_t mbedtls_psa_hash_update( mbedtls_psa_hash_operation_t *operation, const uint8_t *input, size_t input_length ) @@ -366,55 +308,55 @@ static psa_status_t hash_update( switch( operation->alg ) { -#if defined(BUILTIN_ALG_MD2) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) case PSA_ALG_MD2: ret = mbedtls_md2_update_ret( &operation->ctx.md2, input, input_length ); break; #endif -#if defined(BUILTIN_ALG_MD4) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) case PSA_ALG_MD4: ret = mbedtls_md4_update_ret( &operation->ctx.md4, input, input_length ); break; #endif -#if defined(BUILTIN_ALG_MD5) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) case PSA_ALG_MD5: ret = mbedtls_md5_update_ret( &operation->ctx.md5, input, input_length ); break; #endif -#if defined(BUILTIN_ALG_RIPEMD160) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: ret = mbedtls_ripemd160_update_ret( &operation->ctx.ripemd160, input, input_length ); break; #endif -#if defined(BUILTIN_ALG_SHA_1) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: ret = mbedtls_sha1_update_ret( &operation->ctx.sha1, input, input_length ); break; #endif -#if defined(BUILTIN_ALG_SHA_224) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: ret = mbedtls_sha256_update_ret( &operation->ctx.sha256, input, input_length ); break; #endif -#if defined(BUILTIN_ALG_SHA_256) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: ret = mbedtls_sha256_update_ret( &operation->ctx.sha256, input, input_length ); break; #endif -#if defined(BUILTIN_ALG_SHA_384) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: ret = mbedtls_sha512_update_ret( &operation->ctx.sha512, input, input_length ); break; #endif -#if defined(BUILTIN_ALG_SHA_512) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: ret = mbedtls_sha512_update_ret( &operation->ctx.sha512, input, input_length ); @@ -429,7 +371,7 @@ static psa_status_t hash_update( return( mbedtls_to_psa_error( ret ) ); } -static psa_status_t hash_finish( +psa_status_t mbedtls_psa_hash_finish( mbedtls_psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, @@ -456,47 +398,47 @@ static psa_status_t hash_finish( switch( operation->alg ) { -#if defined(BUILTIN_ALG_MD2) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) case PSA_ALG_MD2: ret = mbedtls_md2_finish_ret( &operation->ctx.md2, hash ); break; #endif -#if defined(BUILTIN_ALG_MD4) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) case PSA_ALG_MD4: ret = mbedtls_md4_finish_ret( &operation->ctx.md4, hash ); break; #endif -#if defined(BUILTIN_ALG_MD5) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) case PSA_ALG_MD5: ret = mbedtls_md5_finish_ret( &operation->ctx.md5, hash ); break; #endif -#if defined(BUILTIN_ALG_RIPEMD160) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: ret = mbedtls_ripemd160_finish_ret( &operation->ctx.ripemd160, hash ); break; #endif -#if defined(BUILTIN_ALG_SHA_1) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: ret = mbedtls_sha1_finish_ret( &operation->ctx.sha1, hash ); break; #endif -#if defined(BUILTIN_ALG_SHA_224) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash ); break; #endif -#if defined(BUILTIN_ALG_SHA_256) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash ); break; #endif -#if defined(BUILTIN_ALG_SHA_384) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash ); break; #endif -#if defined(BUILTIN_ALG_SHA_512) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash ); break; @@ -513,7 +455,7 @@ static psa_status_t hash_finish( return( status ); } -static psa_status_t hash_compute( +psa_status_t mbedtls_psa_hash_compute( psa_algorithm_t alg, const uint8_t *input, size_t input_length, @@ -526,192 +468,24 @@ static psa_status_t hash_compute( psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED; *hash_length = hash_size; - status = hash_setup( &operation, alg ); + status = mbedtls_psa_hash_setup( &operation, alg ); if( status != PSA_SUCCESS ) goto exit; - status = hash_update( &operation, input, input_length ); + status = mbedtls_psa_hash_update( &operation, input, input_length ); if( status != PSA_SUCCESS ) goto exit; - status = hash_finish( &operation, hash, hash_size, hash_length ); + status = mbedtls_psa_hash_finish( &operation, hash, hash_size, hash_length ); if( status != PSA_SUCCESS ) goto exit; exit: - abort_status = hash_abort( &operation ); + abort_status = mbedtls_psa_hash_abort( &operation ); if( status == PSA_SUCCESS ) return( abort_status ); else return( status ); } -#endif /* MBEDTLS_PSA_BUILTIN_HASH || - ( PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG ) */ - -#if defined(MBEDTLS_PSA_BUILTIN_HASH) -psa_status_t mbedtls_psa_hash_compute( - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *hash, - size_t hash_size, - size_t *hash_length) -{ - return( hash_compute( alg, input, input_length, - hash, hash_size, hash_length ) ); -} - -psa_status_t mbedtls_psa_hash_setup( - mbedtls_psa_hash_operation_t *operation, - psa_algorithm_t alg ) -{ - return( hash_setup( operation, alg ) ); -} - -psa_status_t mbedtls_psa_hash_clone( - const mbedtls_psa_hash_operation_t *source_operation, - mbedtls_psa_hash_operation_t *target_operation ) -{ - return( hash_clone( source_operation, target_operation ) ); -} - -psa_status_t mbedtls_psa_hash_update( - mbedtls_psa_hash_operation_t *operation, - const uint8_t *input, - size_t input_length ) -{ - return( hash_update( operation, input, input_length ) ); -} - -psa_status_t mbedtls_psa_hash_finish( - mbedtls_psa_hash_operation_t *operation, - uint8_t *hash, - size_t hash_size, - size_t *hash_length ) -{ - return( hash_finish( operation, hash, hash_size, hash_length ) ); -} - -psa_status_t mbedtls_psa_hash_abort( - mbedtls_psa_hash_operation_t *operation ) -{ - return( hash_abort( operation ) ); -} #endif /* MBEDTLS_PSA_BUILTIN_HASH */ - /* - * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. - */ -#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) - -static int is_hash_accelerated( psa_algorithm_t alg ) -{ - switch( alg ) - { -#if defined(MBEDTLS_PSA_ACCEL_ALG_MD2) - case PSA_ALG_MD2: - return( 1 ); -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_MD4) - case PSA_ALG_MD4: - return( 1 ); -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_MD5) - case PSA_ALG_MD5: - return( 1 ); -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) - case PSA_ALG_RIPEMD160: - return( 1 ); -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) - case PSA_ALG_SHA_1: - return( 1 ); -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) - case PSA_ALG_SHA_224: - return( 1 ); -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) - case PSA_ALG_SHA_256: - return( 1 ); -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) - case PSA_ALG_SHA_384: - return( 1 ); -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) - case PSA_ALG_SHA_512: - return( 1 ); -#endif - default: - return( 0 ); - } -} - -psa_status_t libtestdriver1_mbedtls_psa_hash_compute( - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *hash, - size_t hash_size, - size_t *hash_length) -{ - if( is_hash_accelerated( alg ) ) - return( hash_compute( alg, input, input_length, - hash, hash_size, hash_length ) ); - else - return( PSA_ERROR_NOT_SUPPORTED ); -} - -psa_status_t libtestdriver1_mbedtls_psa_hash_setup( - mbedtls_psa_hash_operation_t *operation, - psa_algorithm_t alg ) -{ - if( is_hash_accelerated( alg ) ) - return( hash_setup( operation, alg ) ); - else - return( PSA_ERROR_NOT_SUPPORTED ); -} - -psa_status_t libtestdriver1_mbedtls_psa_hash_clone( - const mbedtls_psa_hash_operation_t *source_operation, - mbedtls_psa_hash_operation_t *target_operation ) -{ - if( is_hash_accelerated( source_operation->alg ) ) - return( hash_clone( source_operation, target_operation ) ); - else - return( PSA_ERROR_BAD_STATE ); -} - -psa_status_t libtestdriver1_mbedtls_psa_hash_update( - mbedtls_psa_hash_operation_t *operation, - const uint8_t *input, - size_t input_length ) -{ - if( is_hash_accelerated( operation->alg ) ) - return( hash_update( operation, input, input_length ) ); - else - return( PSA_ERROR_BAD_STATE ); -} - -psa_status_t libtestdriver1_mbedtls_psa_hash_finish( - mbedtls_psa_hash_operation_t *operation, - uint8_t *hash, - size_t hash_size, - size_t *hash_length ) -{ - if( is_hash_accelerated( operation->alg ) ) - return( hash_finish( operation, hash, hash_size, hash_length ) ); - else - return( PSA_ERROR_BAD_STATE ); -} - -psa_status_t libtestdriver1_mbedtls_psa_hash_abort( - mbedtls_psa_hash_operation_t *operation ) -{ - return( hash_abort( operation ) ); -} - -#endif /* PSA_CRYPTO_DRIVER_TEST */ - #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c index fe15e9f6b02..5e78d65a611 100644 --- a/library/psa_crypto_mac.c +++ b/library/psa_crypto_mac.c @@ -30,22 +30,7 @@ #include #include -/* Use builtin defines specific to this compilation unit, since the test driver - * relies on the software driver. */ -#if( defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) ) ) -#define BUILTIN_ALG_CMAC 1 -#endif -#if( defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_HMAC) ) ) -#define BUILTIN_ALG_HMAC 1 -#endif - -#if defined(BUILTIN_ALG_HMAC) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) static psa_status_t psa_hmac_abort_internal( mbedtls_psa_hmac_operation_t *hmac ) { @@ -164,9 +149,9 @@ static psa_status_t psa_hmac_finish_internal( mbedtls_platform_zeroize( tmp, hash_size ); return( status ); } -#endif /* BUILTIN_ALG_HMAC */ +#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ -#if defined(BUILTIN_ALG_CMAC) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) static psa_status_t cmac_setup( mbedtls_psa_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer ) @@ -202,11 +187,12 @@ static psa_status_t cmac_setup( mbedtls_psa_mac_operation_t *operation, exit: return( mbedtls_to_psa_error( ret ) ); } -#endif /* BUILTIN_ALG_CMAC */ +#endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */ /* Implement the PSA driver MAC interface on top of mbed TLS if either the * software driver or the test driver requires it. */ -#if defined(BUILTIN_ALG_HMAC) || defined(BUILTIN_ALG_CMAC) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) /* Initialize this driver's MAC operation structure. Once this function has been * called, mbedtls_psa_mac_abort can run and will do the right thing. */ @@ -218,15 +204,15 @@ static psa_status_t mac_init( operation->alg = alg; -#if defined(BUILTIN_ALG_CMAC) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC ) { mbedtls_cipher_init( &operation->ctx.cmac ); status = PSA_SUCCESS; } else -#endif /* BUILTIN_ALG_CMAC */ -#if defined(BUILTIN_ALG_HMAC) +#endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */ +#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) if( PSA_ALG_IS_HMAC( operation->alg ) ) { /* We'll set up the hash operation later in psa_hmac_setup_internal. */ @@ -234,7 +220,7 @@ static psa_status_t mac_init( status = PSA_SUCCESS; } else -#endif /* BUILTIN_ALG_HMAC */ +#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ { (void) operation; status = PSA_ERROR_NOT_SUPPORTED; @@ -245,7 +231,7 @@ static psa_status_t mac_init( return( status ); } -static psa_status_t mac_abort( mbedtls_psa_mac_operation_t *operation ) +psa_status_t mbedtls_psa_mac_abort( mbedtls_psa_mac_operation_t *operation ) { if( operation->alg == 0 ) { @@ -255,20 +241,20 @@ static psa_status_t mac_abort( mbedtls_psa_mac_operation_t *operation ) return( PSA_SUCCESS ); } else -#if defined(BUILTIN_ALG_CMAC) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC ) { mbedtls_cipher_free( &operation->ctx.cmac ); } else -#endif /* BUILTIN_ALG_CMAC */ -#if defined(BUILTIN_ALG_HMAC) +#endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */ +#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) if( PSA_ALG_IS_HMAC( operation->alg ) ) { psa_hmac_abort_internal( &operation->ctx.hmac ); } else -#endif /* BUILTIN_ALG_HMAC */ +#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ { /* Sanity check (shouldn't happen: operation->alg should * always have been initialized to a valid value). */ @@ -288,11 +274,11 @@ static psa_status_t mac_abort( mbedtls_psa_mac_operation_t *operation ) return( PSA_ERROR_BAD_STATE ); } -static psa_status_t mac_setup( mbedtls_psa_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg ) +static psa_status_t psa_mac_setup( mbedtls_psa_mac_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; @@ -304,7 +290,7 @@ static psa_status_t mac_setup( mbedtls_psa_mac_operation_t *operation, if( status != PSA_SUCCESS ) return( status ); -#if defined(BUILTIN_ALG_CMAC) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) if( PSA_ALG_FULL_LENGTH_MAC( alg ) == PSA_ALG_CMAC ) { /* Key buffer size for CMAC is dictated by the key bits set on the @@ -313,8 +299,8 @@ static psa_status_t mac_setup( mbedtls_psa_mac_operation_t *operation, status = cmac_setup( operation, attributes, key_buffer ); } else -#endif /* BUILTIN_ALG_CMAC */ -#if defined(BUILTIN_ALG_HMAC) +#endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */ +#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) if( PSA_ALG_IS_HMAC( alg ) ) { status = psa_hmac_setup_internal( &operation->ctx.hmac, @@ -323,7 +309,7 @@ static psa_status_t mac_setup( mbedtls_psa_mac_operation_t *operation, PSA_ALG_HMAC_GET_HASH( alg ) ); } else -#endif /* BUILTIN_ALG_HMAC */ +#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ { (void) attributes; (void) key_buffer; @@ -332,12 +318,34 @@ static psa_status_t mac_setup( mbedtls_psa_mac_operation_t *operation, } if( status != PSA_SUCCESS ) - mac_abort( operation ); + mbedtls_psa_mac_abort( operation ); return( status ); } -static psa_status_t mac_update( +psa_status_t mbedtls_psa_mac_sign_setup( + mbedtls_psa_mac_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg ) +{ + return( psa_mac_setup( operation, attributes, + key_buffer, key_buffer_size, alg ) ); +} + +psa_status_t mbedtls_psa_mac_verify_setup( + mbedtls_psa_mac_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg ) +{ + return( psa_mac_setup( operation, attributes, + key_buffer, key_buffer_size, alg ) ); +} + +psa_status_t mbedtls_psa_mac_update( mbedtls_psa_mac_operation_t *operation, const uint8_t *input, size_t input_length ) @@ -345,7 +353,7 @@ static psa_status_t mac_update( if( operation->alg == 0 ) return( PSA_ERROR_BAD_STATE ); -#if defined(BUILTIN_ALG_CMAC) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC ) { return( mbedtls_to_psa_error( @@ -353,15 +361,15 @@ static psa_status_t mac_update( input, input_length ) ) ); } else -#endif /* BUILTIN_ALG_CMAC */ -#if defined(BUILTIN_ALG_HMAC) +#endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */ +#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) if( PSA_ALG_IS_HMAC( operation->alg ) ) { return( psa_hmac_update_internal( &operation->ctx.hmac, input, input_length ) ); } else -#endif /* BUILTIN_ALG_HMAC */ +#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ { /* This shouldn't happen if `operation` was initialized by * a setup function. */ @@ -371,11 +379,11 @@ static psa_status_t mac_update( } } -static psa_status_t mac_finish_internal( mbedtls_psa_mac_operation_t *operation, - uint8_t *mac, - size_t mac_size ) +static psa_status_t psa_mac_finish_internal( + mbedtls_psa_mac_operation_t *operation, + uint8_t *mac, size_t mac_size ) { -#if defined(BUILTIN_ALG_CMAC) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC ) { uint8_t tmp[PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE]; @@ -386,15 +394,15 @@ static psa_status_t mac_finish_internal( mbedtls_psa_mac_operation_t *operation, return( mbedtls_to_psa_error( ret ) ); } else -#endif /* BUILTIN_ALG_CMAC */ -#if defined(BUILTIN_ALG_HMAC) +#endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */ +#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) if( PSA_ALG_IS_HMAC( operation->alg ) ) { return( psa_hmac_finish_internal( &operation->ctx.hmac, mac, mac_size ) ); } else -#endif /* BUILTIN_ALG_HMAC */ +#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ { /* This shouldn't happen if `operation` was initialized by * a setup function. */ @@ -405,7 +413,7 @@ static psa_status_t mac_finish_internal( mbedtls_psa_mac_operation_t *operation, } } -static psa_status_t mac_sign_finish( +psa_status_t mbedtls_psa_mac_sign_finish( mbedtls_psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, @@ -416,15 +424,14 @@ static psa_status_t mac_sign_finish( if( operation->alg == 0 ) return( PSA_ERROR_BAD_STATE ); - status = mac_finish_internal( operation, mac, mac_size ); - + status = psa_mac_finish_internal( operation, mac, mac_size ); if( status == PSA_SUCCESS ) *mac_length = mac_size; return( status ); } -static psa_status_t mac_verify_finish( +psa_status_t mbedtls_psa_mac_verify_finish( mbedtls_psa_mac_operation_t *operation, const uint8_t *mac, size_t mac_length ) @@ -439,7 +446,7 @@ static psa_status_t mac_verify_finish( if( mac_length > sizeof( actual_mac ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - status = mac_finish_internal( operation, actual_mac, mac_length ); + status = psa_mac_finish_internal( operation, actual_mac, mac_length ); if( status != PSA_SUCCESS ) goto cleanup; @@ -452,7 +459,7 @@ static psa_status_t mac_verify_finish( return( status ); } -static psa_status_t mac_compute( +psa_status_t mbedtls_psa_mac_compute( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -466,212 +473,29 @@ static psa_status_t mac_compute( psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_psa_mac_operation_t operation = MBEDTLS_PSA_MAC_OPERATION_INIT; - status = mac_setup( &operation, - attributes, key_buffer, key_buffer_size, - alg ); + status = psa_mac_setup( &operation, + attributes, key_buffer, key_buffer_size, + alg ); if( status != PSA_SUCCESS ) goto exit; if( input_length > 0 ) { - status = mac_update( &operation, input, input_length ); + status = mbedtls_psa_mac_update( &operation, input, input_length ); if( status != PSA_SUCCESS ) goto exit; } - status = mac_finish_internal( &operation, mac, mac_size ); + status = psa_mac_finish_internal( &operation, mac, mac_size ); if( status == PSA_SUCCESS ) *mac_length = mac_size; exit: - mac_abort( &operation ); + mbedtls_psa_mac_abort( &operation ); return( status ); } -#endif /* BUILTIN_ALG_HMAC || BUILTIN_ALG_CMAC */ - -#if defined(MBEDTLS_PSA_BUILTIN_MAC) -psa_status_t mbedtls_psa_mac_compute( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ) -{ - return( mac_compute( attributes, key_buffer, key_buffer_size, alg, - input, input_length, - mac, mac_size, mac_length ) ); -} - -psa_status_t mbedtls_psa_mac_sign_setup( - mbedtls_psa_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg ) -{ - return( mac_setup( operation, attributes, - key_buffer, key_buffer_size, alg ) ); -} - -psa_status_t mbedtls_psa_mac_verify_setup( - mbedtls_psa_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg ) -{ - return( mac_setup( operation, attributes, - key_buffer, key_buffer_size, alg ) ); -} - -psa_status_t mbedtls_psa_mac_update( - mbedtls_psa_mac_operation_t *operation, - const uint8_t *input, - size_t input_length ) -{ - return( mac_update( operation, input, input_length ) ); -} - -psa_status_t mbedtls_psa_mac_sign_finish( - mbedtls_psa_mac_operation_t *operation, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ) -{ - return( mac_sign_finish( operation, mac, mac_size, mac_length ) ); -} - -psa_status_t mbedtls_psa_mac_verify_finish( - mbedtls_psa_mac_operation_t *operation, - const uint8_t *mac, - size_t mac_length ) -{ - return( mac_verify_finish( operation, mac, mac_length ) ); -} - -psa_status_t mbedtls_psa_mac_abort( - mbedtls_psa_mac_operation_t *operation ) -{ - return( mac_abort( operation ) ); -} -#endif /* MBEDTLS_PSA_BUILTIN_MAC */ - - /* - * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. - */ -#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) - -static int is_mac_accelerated( psa_algorithm_t alg ) -{ -#if defined(MBEDTLS_PSA_ACCEL_ALG_HMAC) - if( PSA_ALG_IS_HMAC( alg ) ) - return( 1 ); -#endif - - switch( PSA_ALG_FULL_LENGTH_MAC( alg ) ) - { -#if defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) - case PSA_ALG_CMAC: - return( 1 ); -#endif - default: - return( 0 ); - } -} - -psa_status_t libtestdriver1_mbedtls_psa_mac_compute( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ) -{ - if( is_mac_accelerated( alg ) ) - return( mac_compute( attributes, key_buffer, key_buffer_size, alg, - input, input_length, - mac, mac_size, mac_length ) ); - else - return( PSA_ERROR_NOT_SUPPORTED ); -} - -psa_status_t libtestdriver1_mbedtls_psa_mac_sign_setup( - mbedtls_psa_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg ) -{ - if( is_mac_accelerated( alg ) ) - return( mac_setup( operation, attributes, - key_buffer, key_buffer_size, alg ) ); - else - return( PSA_ERROR_NOT_SUPPORTED ); -} - -psa_status_t libtestdriver1_mbedtls_psa_mac_verify_setup( - mbedtls_psa_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg ) -{ - if( is_mac_accelerated( alg ) ) - return( mac_setup( operation, attributes, - key_buffer, key_buffer_size, alg ) ); - else - return( PSA_ERROR_NOT_SUPPORTED ); -} - -psa_status_t libtestdriver1_mbedtls_psa_mac_update( - mbedtls_psa_mac_operation_t *operation, - const uint8_t *input, - size_t input_length ) -{ - if( is_mac_accelerated( operation->alg ) ) - return( mac_update( operation, input, input_length ) ); - else - return( PSA_ERROR_BAD_STATE ); -} - -psa_status_t libtestdriver1_mbedtls_psa_mac_sign_finish( - mbedtls_psa_mac_operation_t *operation, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ) -{ - if( is_mac_accelerated( operation->alg ) ) - return( mac_sign_finish( operation, mac, mac_size, mac_length ) ); - else - return( PSA_ERROR_BAD_STATE ); -} - -psa_status_t libtestdriver1_mbedtls_psa_mac_verify_finish( - mbedtls_psa_mac_operation_t *operation, - const uint8_t *mac, - size_t mac_length ) -{ - if( is_mac_accelerated( operation->alg ) ) - return( mac_verify_finish( operation, mac, mac_length ) ); - else - return( PSA_ERROR_BAD_STATE ); -} - -psa_status_t libtestdriver1_mbedtls_psa_mac_abort( - mbedtls_psa_mac_operation_t *operation ) -{ - return( mac_abort( operation ) ); -} - -#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ +#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC || MBEDTLS_PSA_BUILTIN_ALG_CMAC */ #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index 4ee0adf9ef4..bafb55c7d4f 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -41,42 +41,12 @@ #include #include -#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) ) ) -#define BUILTIN_KEY_TYPE_RSA_KEY_PAIR 1 -#endif - -#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) ) ) -#define BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1 -#endif - -#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) && \ - defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V15) ) ) -#define BUILTIN_ALG_RSA_PKCS1V15_SIGN 1 -#endif - -#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) && \ - defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21) ) ) -#define BUILTIN_ALG_RSA_PSS 1 -#endif - #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \ - defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ - defined(BUILTIN_ALG_RSA_PSS) || \ - defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) /* Mbed TLS doesn't support non-byte-aligned key sizes (i.e. key sizes * that are not a multiple of 8) well. For example, there is only @@ -151,15 +121,15 @@ psa_status_t mbedtls_psa_rsa_load_representation( } #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || - * defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) || - * defined(BUILTIN_ALG_RSA_PSS) || - * defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || - * defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ + * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || + * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || + * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || + * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ -#if defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) -static psa_status_t rsa_import_key( +psa_status_t mbedtls_psa_rsa_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, @@ -251,7 +221,7 @@ psa_status_t mbedtls_psa_rsa_export_key( psa_key_type_t type, #endif /* MBEDTLS_PK_WRITE_C */ } -static psa_status_t rsa_export_public_key( +psa_status_t mbedtls_psa_rsa_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, uint8_t *data, size_t data_size, size_t *data_length ) @@ -275,10 +245,10 @@ static psa_status_t rsa_export_public_key( return( status ); } -#endif /* defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || - * defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ +#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || + * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ -#if defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) && \ +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) && \ defined(MBEDTLS_GENPRIME) static psa_status_t psa_rsa_read_exponent( const uint8_t *domain_parameters, size_t domain_parameters_size, @@ -306,7 +276,7 @@ static psa_status_t psa_rsa_read_exponent( const uint8_t *domain_parameters, return( PSA_SUCCESS ); } -static psa_status_t rsa_generate_key( +psa_status_t mbedtls_psa_rsa_generate_key( const psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) { @@ -337,14 +307,15 @@ static psa_status_t rsa_generate_key( return( status ); } -#endif /* defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) +#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) * defined(MBEDTLS_GENPRIME) */ /****************************************************************/ /* Sign/verify hashes */ /****************************************************************/ -#if defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) || defined(BUILTIN_ALG_RSA_PSS) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) /* Decode the hash algorithm from alg and store the mbedtls encoding in * md_alg. Verify that the hash length is acceptable. */ @@ -376,7 +347,7 @@ static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg, return( PSA_SUCCESS ); } -static psa_status_t rsa_sign_hash( +psa_status_t mbedtls_psa_rsa_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, @@ -404,7 +375,7 @@ static psa_status_t rsa_sign_hash( goto exit; } -#if defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ) { mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15, @@ -419,8 +390,8 @@ static psa_status_t rsa_sign_hash( signature ); } else -#endif /* BUILTIN_ALG_RSA_PKCS1V15_SIGN */ -#if defined(BUILTIN_ALG_RSA_PSS) +#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN */ +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) if( PSA_ALG_IS_RSA_PSS( alg ) ) { mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ); @@ -434,7 +405,7 @@ static psa_status_t rsa_sign_hash( signature ); } else -#endif /* BUILTIN_ALG_RSA_PSS */ +#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */ { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; @@ -451,7 +422,7 @@ static psa_status_t rsa_sign_hash( return( status ); } -#if defined(BUILTIN_ALG_RSA_PSS) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) static int rsa_pss_expected_salt_len( psa_algorithm_t alg, const mbedtls_rsa_context *rsa, size_t hash_length ) @@ -470,9 +441,9 @@ static int rsa_pss_expected_salt_len( psa_algorithm_t alg, else return( room ); } -#endif +#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */ -static psa_status_t rsa_verify_hash( +psa_status_t mbedtls_psa_rsa_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, @@ -500,7 +471,7 @@ static psa_status_t rsa_verify_hash( goto exit; } -#if defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ) { mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15, @@ -515,8 +486,8 @@ static psa_status_t rsa_verify_hash( signature ); } else -#endif /* BUILTIN_ALG_RSA_PKCS1V15_SIGN */ -#if defined(BUILTIN_ALG_RSA_PSS) +#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN */ +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) if( PSA_ALG_IS_RSA_PSS( alg ) ) { int slen = rsa_pss_expected_salt_len( alg, rsa, hash_length ); @@ -533,7 +504,7 @@ static psa_status_t rsa_verify_hash( signature ); } else -#endif /* BUILTIN_ALG_RSA_PSS */ +#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */ { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; @@ -553,176 +524,7 @@ static psa_status_t rsa_verify_hash( return( status ); } -#endif /* defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) || - * defined(BUILTIN_ALG_RSA_PSS) */ - -#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) - -psa_status_t mbedtls_psa_rsa_import_key( - const psa_key_attributes_t *attributes, - const uint8_t *data, size_t data_length, - uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ) -{ - return( rsa_import_key( attributes, data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, bits ) ); -} - -psa_status_t mbedtls_psa_rsa_export_public_key( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ) -{ - return( rsa_export_public_key( attributes, key_buffer, key_buffer_size, - data, data_size, data_length ) ); -} - -#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || - * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ - -#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) && \ - defined(MBEDTLS_GENPRIME) -psa_status_t mbedtls_psa_rsa_generate_key( - const psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) -{ - return( rsa_generate_key( attributes, key_buffer, key_buffer_size, - key_buffer_length ) ); -} -#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) - * defined(MBEDTLS_GENPRIME) */ - -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) -psa_status_t mbedtls_psa_rsa_sign_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ) -{ - return( rsa_sign_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ) ); -} - -psa_status_t mbedtls_psa_rsa_verify_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ) -{ - return( rsa_verify_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ) ); -} #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) */ -/* - * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. - */ - -#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) - -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) - -psa_status_t libtestdriver1_mbedtls_psa_rsa_import_key( - const psa_key_attributes_t *attributes, - const uint8_t *data, size_t data_length, - uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ) -{ - return( rsa_import_key( attributes, data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, bits ) ); -} - -psa_status_t libtestdriver1_mbedtls_psa_rsa_export_public_key( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ) -{ - return( rsa_export_public_key( attributes, key_buffer, key_buffer_size, - data, data_size, data_length ) ); -} - -#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) */ - -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) -psa_status_t libtestdriver1_mbedtls_psa_rsa_generate_key( - const psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) -{ - return( rsa_generate_key( attributes, key_buffer, key_buffer_size, - key_buffer_length ) ); -} -#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) */ - -#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) -psa_status_t libtestdriver1_mbedtls_psa_rsa_sign_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ) -{ -#if defined(MBEDTLS_RSA_C) && \ - (defined(MBEDTLS_PKCS1_V15) || defined(MBEDTLS_PKCS1_V21)) - return( rsa_sign_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ) ); -#else - (void)attributes; - (void)key_buffer; - (void)key_buffer_size; - (void)alg; - (void)hash; - (void)hash_length; - (void)signature; - (void)signature_size; - (void)signature_length; - return( PSA_ERROR_NOT_SUPPORTED ); -#endif -} - -psa_status_t libtestdriver1_mbedtls_psa_rsa_verify_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ) -{ -#if defined(MBEDTLS_RSA_C) && \ - (defined(MBEDTLS_PKCS1_V15) || defined(MBEDTLS_PKCS1_V21)) - return( rsa_verify_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ) ); -#else - (void)attributes; - (void)key_buffer; - (void)key_buffer_size; - (void)alg; - (void)hash; - (void)hash_length; - (void)signature; - (void)signature_length; - return( PSA_ERROR_NOT_SUPPORTED ); -#endif -} -#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || - * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */ - -#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ - #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/tests/include/test/drivers/hash.h b/tests/include/test/drivers/hash.h index ebe83dee4e0..865cd743306 100644 --- a/tests/include/test/drivers/hash.h +++ b/tests/include/test/drivers/hash.h @@ -74,7 +74,7 @@ psa_status_t mbedtls_test_transparent_hash_finish( size_t *hash_length ); psa_status_t mbedtls_test_transparent_hash_abort( - mbedtls_psa_hash_operation_t *operation ); + mbedtls_transparent_test_driver_hash_operation_t *operation ); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_HASH_H */ diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c index 1cff3cb59ef..029fcdd9aa8 100644 --- a/tests/src/drivers/test_driver_key_management.c +++ b/tests/src/drivers/test_driver_key_management.c @@ -66,11 +66,24 @@ const uint8_t mbedtls_test_driver_ecdsa_pubkey[65] = psa_status_t mbedtls_test_transparent_init( void ) { +psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) + status = libtestdriver1_psa_crypto_init( ); + if( status != PSA_SUCCESS ) + return( status ); +#endif + + (void)status; return( PSA_SUCCESS ); } void mbedtls_test_transparent_free( void ) { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) + libtestdriver1_mbedtls_psa_crypto_free( ); +#endif + return; } From 0d5a27b195dff3eeac704fa15090054e2eda91ed Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 18 Oct 2021 10:12:20 +0200 Subject: [PATCH 039/107] psa: Fix Mbed TLS hash operation definition Use PSA_BUILTIN macros instead of the Mbed TLS ones as in the hash operation contexts the context for a given hash is needed only if the support for it through PSA is enabled. Signed-off-by: Ronald Cron --- include/psa/crypto_builtin_primitives.h | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/include/psa/crypto_builtin_primitives.h b/include/psa/crypto_builtin_primitives.h index a268e536969..62a0e6f3704 100644 --- a/include/psa/crypto_builtin_primitives.h +++ b/include/psa/crypto_builtin_primitives.h @@ -65,25 +65,27 @@ typedef struct union { unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ -#if defined(MBEDTLS_MD2_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) mbedtls_md2_context md2; #endif -#if defined(MBEDTLS_MD4_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) mbedtls_md4_context md4; #endif -#if defined(MBEDTLS_MD5_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) mbedtls_md5_context md5; #endif -#if defined(MBEDTLS_RIPEMD160_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) mbedtls_ripemd160_context ripemd160; #endif -#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) mbedtls_sha1_context sha1; #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) mbedtls_sha256_context sha256; #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) mbedtls_sha512_context sha512; #endif } ctx; From d98ec4b1e761a5774b4ece4b69f2e41495da2ddb Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 28 Apr 2021 18:28:46 +0200 Subject: [PATCH 040/107] psa: Fix some dependencies in config_psa.h Signed-off-by: Ronald Cron --- include/mbedtls/config_psa.h | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h index 976b4d34256..189f6c21734 100644 --- a/include/mbedtls/config_psa.h +++ b/include/mbedtls/config_psa.h @@ -93,6 +93,10 @@ extern "C" { #if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) #define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1 #define MBEDTLS_ECDSA_C +#define MBEDTLS_ECP_C +#define MBEDTLS_BIGNUM_C +#define MBEDTLS_ASN1_PARSE_C +#define MBEDTLS_ASN1_WRITE_C #endif /* !MBEDTLS_PSA_ACCEL_ALG_ECDSA */ #endif /* PSA_WANT_ALG_ECDSA */ @@ -235,6 +239,8 @@ extern "C" { #define MBEDTLS_PK_PARSE_C #define MBEDTLS_PK_WRITE_C #define MBEDTLS_PK_C +#define MBEDTLS_ASN1_PARSE_C +#define MBEDTLS_ASN1_WRITE_C #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR */ #endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR */ @@ -247,6 +253,8 @@ extern "C" { #define MBEDTLS_PK_PARSE_C #define MBEDTLS_PK_WRITE_C #define MBEDTLS_PK_C +#define MBEDTLS_ASN1_PARSE_C +#define MBEDTLS_ASN1_WRITE_C #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY */ #endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY */ @@ -435,10 +443,12 @@ extern "C" { #endif /* PSA_WANT_ALG_GCM */ #if defined(PSA_WANT_ALG_CHACHA20_POLY1305) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305) #if defined(PSA_WANT_KEY_TYPE_CHACHA20) #define MBEDTLS_CHACHAPOLY_C #define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1 #endif /* PSA_WANT_KEY_TYPE_CHACHA20 */ +#endif /* !MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 */ #endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */ #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) From d2c53e60ca69eb0c061333fe1556e6fba72e96bb Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 13 Sep 2021 09:38:05 +0200 Subject: [PATCH 041/107] all.sh: psa: Add ECDSA and RSA signature acceleration component Add ECDSA and RSA signature acceleration testing with signature capabilitites removed from the Mbed TLS library. Signed-off-by: Ronald Cron --- tests/scripts/all.sh | 124 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 124 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index b1caf6e99a0..fec97cb5e68 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1591,6 +1591,130 @@ component_test_no_use_psa_crypto_full_cmake_asan() { env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' } +component_test_psa_crypto_config_accel_ecdsa () { + msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA" + + # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having + # partial support for cipher operations in the driver test library. + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING + + # SHA384 needed for some ECDSA signature tests. + scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA512_C + + loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA KEY_TYPE_ECC_KEY_PAIR KEY_TYPE_ECC_PUBLIC_KEY" + loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) + make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" + + # Restore test driver base configuration + scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA512_C + + scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS + scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG + scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO + scripts/config.py unset MBEDTLS_ECDSA_C + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED + + loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" + make CFLAGS="$ASAN_CFLAGS -O -Werror -I../tests/include -I../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" + + unset loc_accel_flags + unset loc_accel_list + + if_build_succeeded not grep mbedtls_ecdsa_ library/ecdsa.o + + msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA" + make test +} + +component_test_psa_crypto_config_accel_rsa_signature () { + msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated RSA signature" + + # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having + # partial support for cipher operations in the driver test library. + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING + + # It seems it is not possible to remove only the support for RSA signature + # in the library. Thus we have to remove all RSA support (signature and + # encryption/decryption). AS there is no driver support for asymmetric + # encryption/decryption so far remove RSA encryption/decryption from the + # application algorithm list. + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_OAEP + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT + + # Make sure both the library and the test library support the SHA hash + # algorithms and only those ones (SHA256 is included by default). That way: + # - the test library can compute the RSA signatures even in the case of a + # composite RSA signature algorithm based on a SHA hash (no other hash + # used in the unit tests). + # - the dependency of RSA signature tests on PSA_WANT_ALG_SHA_xyz is + # fulfilled as the hash SHA algorithm is supported by the library, and + # thus the tests are run, not skipped. + # - when testing a signature key with an algorithm wildcard built from + # PSA_ALG_ANY_HASH as algorithm to test with the key, the chosen hash + # algorithm based on the hashes supported by the library is also + # supported by the test library. + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2 + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4 + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5 + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160_C + + scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA1_C + scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA512_C + # We need PEM parsing in the test library as well to support the import + # of PEM encoded RSA keys. + scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_PEM_PARSE_C + scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_BASE64_C + + loc_accel_list="ALG_RSA_PKCS1V15_SIGN ALG_RSA_PSS KEY_TYPE_RSA_KEY_PAIR KEY_TYPE_RSA_PUBLIC_KEY" + loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) + make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" + + # Restore test driver base configuration + scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA1_C + scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA512_C + scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_PEM_PARSE_C + scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_BASE64_C + + + # Mbed TLS library build + scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS + scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG + + # Remove RSA support and its dependencies + scripts/config.py unset MBEDTLS_PKCS1_V15 + scripts/config.py unset MBEDTLS_PKCS1_V21 + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_ENABLED + scripts/config.py unset MBEDTLS_RSA_C + scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT + + scripts/config.py unset MBEDTLS_MD2_C + scripts/config.py unset MBEDTLS_MD4_C + scripts/config.py unset MBEDTLS_MD5_C + scripts/config.py unset MBEDTLS_RIPEMD160_C + scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1 + scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_1 + scripts/config.py unset MBEDTLS_SSL_CBC_RECORD_SPLITTING + + loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" + make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" + + unset loc_accel_flags + unset loc_accel_list + + if_build_succeeded not grep mbedtls_rsa_rsassa_pkcs1_v15_sign library/rsa.o + if_build_succeeded not grep mbedtls_rsa_rsassa_pss_sign_ext library/rsa.o + + msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated RSA signature" + make test +} + component_test_psa_crypto_config_no_driver() { # full plus MBEDTLS_PSA_CRYPTO_CONFIG msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG minus MBEDTLS_PSA_CRYPTO_DRIVERS" From ef14af04c75cd6e84ecc277b3b3291e9cae1ad6a Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 31 Aug 2021 19:08:55 +0200 Subject: [PATCH 042/107] tests: psa: Refine choice of default hash algorithm for signature As PSA signatures rely on built-in hash implementations (cannot take an advantage of an accelerator for the time being), chose an available built-in hash for tests exercising a signature key. Signed-off-by: Ronald Cron --- tests/include/test/psa_exercise_key.h | 28 +++++++++++++++++++++++++++ tests/src/psa_exercise_key.c | 4 ++-- 2 files changed, 30 insertions(+), 2 deletions(-) diff --git a/tests/include/test/psa_exercise_key.h b/tests/include/test/psa_exercise_key.h index 57eae58911f..e67f515aab3 100644 --- a/tests/include/test/psa_exercise_key.h +++ b/tests/include/test/psa_exercise_key.h @@ -56,6 +56,34 @@ #undef KNOWN_SUPPORTED_HASH_ALG #endif +/** \def KNOWN_MBEDTLS_SUPPORTED_HASH_ALG + * + * A hash algorithm that is known to be supported by Mbed TLS APIs. + * + * This is used in some smoke tests where the hash algorithm is used as + * part of another algorithm like a signature algorithm and the hashing is + * completed through an Mbed TLS hash API, not the PSA one. + */ +#if defined(MBEDTLS_MD2_C) +#define KNOWN_MBEDTLS_SUPPORTED_HASH_ALG PSA_ALG_MD2 +#elif defined(MBEDTLS_MD4_C) +#define KNOWN_MBEDTLS_SUPPORTED_HASH_ALG PSA_ALG_MD4 +#elif defined(MBEDTLS_MD5_C) +#define KNOWN_MBEDTLS_SUPPORTED_HASH_ALG PSA_ALG_MD5 +/* MBEDTLS_RIPEMD160_C omitted. This is necessary for the sake of + * exercise_signature_key() because Mbed TLS doesn't support RIPEMD160 + * in RSA PKCS#1v1.5 signatures. A RIPEMD160-only configuration would be + * implausible anyway. */ +#elif defined(MBEDTLS_SHA1_C) +#define KNOWN_MBEDTLS_SUPPORTED_HASH_ALG PSA_ALG_SHA_1 +#elif defined(MBEDTLS_SHA256_C) +#define KNOWN_MBEDTLS_SUPPORTED_HASH_ALG PSA_ALG_SHA_256 +#elif defined(MBEDTLS_SHA512_C) +#define KNOWN_MBEDTLS_SUPPORTED_HASH_ALG PSA_ALG_SHA_512 +#else +#undef KNOWN_MBEDLTS_SUPPORTED_HASH_ALG +#endif + /** \def KNOWN_SUPPORTED_BLOCK_CIPHER * * A block cipher that is known to be supported. diff --git a/tests/src/psa_exercise_key.c b/tests/src/psa_exercise_key.c index de2c48d6da2..c1e76c85ef6 100644 --- a/tests/src/psa_exercise_key.c +++ b/tests/src/psa_exercise_key.c @@ -309,8 +309,8 @@ static int exercise_signature_key( mbedtls_svc_key_id_t key, /* If the policy allows signing with any hash, just pick one. */ if( PSA_ALG_IS_SIGN_HASH( alg ) && hash_alg == PSA_ALG_ANY_HASH ) { - #if defined(KNOWN_SUPPORTED_HASH_ALG) - hash_alg = KNOWN_SUPPORTED_HASH_ALG; + #if defined(KNOWN_MBEDTLS_SUPPORTED_HASH_ALG) + hash_alg = KNOWN_MBEDTLS_SUPPORTED_HASH_ALG; alg ^= PSA_ALG_ANY_HASH ^ hash_alg; #else TEST_ASSERT( ! "No hash algorithm for hash-and-sign testing" ); From 9130eadde86287a238673cab1c1bf24082da8118 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 18 Oct 2021 11:10:05 +0200 Subject: [PATCH 043/107] tests: psa: Add dependencies on built-in hash Add dependencies on built-in hash of signature/ signature verification and asymmetric encryption/decryption tests. The dependency is not added for tests based on SHA-256 as SHA-256 is always present when PSA is involved (necessary to the PSA core) and that way most of PSA signature /verification tests are still run when PSA hash operations are accelerated. Signed-off-by: Ronald Cron --- tests/suites/test_suite_psa_crypto.data | 38 ++++++++++++------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 46309a7d296..c666d4a14f0 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2512,7 +2512,7 @@ depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TY sign_hash_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA sign hash: deterministic ECDSA SECP256R1 SHA-384 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C:MBEDLTS_PSA_BUILTIN_ALG_SHA_384 sign_hash_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f":"cd40ba1b555ca5994d30ddffc4ad734b1f5c604675b0f249814aa5de3992ef3ddf4d5dc5d2aab1979ce210b560754df671363d99795475882894c048e3b986ca" PSA sign hash: deterministic ECDSA SECP384R1 SHA-256 @@ -2608,11 +2608,11 @@ depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TY sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" PSA sign/verify hash: randomized ECDSA SECP256R1 SHA-384 -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_BUILTIN_ALG_SHA_384 sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f" PSA sign/verify hash: deterministic ECDSA SECP256R1 SHA-384 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384 sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f" PSA sign/verify hash: randomized ECDSA SECP384R1 SHA-256 @@ -2632,7 +2632,7 @@ depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong hash length -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_1 verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong signature (same size) @@ -2688,35 +2688,35 @@ depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLI verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"44a09fa66f1b2e790474960e90517e418747cfcd18423dff957516a598569d74f26ef1eae4a200d12d801e16fc6fde375330c79c0d8430825e0a7f69c664faefccfa25e7fbfc68af02af0f67fe4c49f68f6abc68c8f66d3fd77fc838961f4415827340c66e39c79ed7dae0738c08ce8272aebe50c72e31994b9b6db640b51800" PSA verify hash: RSA-1024 PSS SHA-512, slen=61 (bad) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512 verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"23f5b30c8d612d8f31206c177ac2023c4f44754d03c7ff67daff99f24fa369b3e5f7c15b228a4417a1ff1c93fb8d645d619c2f4f559ac6c7f7bac20ba9df32353d19941265a4e74261adaf45d48682c0bc86cea6128f11ad172ff461fb1d97bded615861843996e2a98e7b8313b695519d001ae35305d6cbf3c0ee6c7ab06d1a":PSA_ERROR_INVALID_SIGNATURE PSA verify hash: RSA-1024 PSS-any-salt SHA-512, slen=61 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512 verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"23f5b30c8d612d8f31206c177ac2023c4f44754d03c7ff67daff99f24fa369b3e5f7c15b228a4417a1ff1c93fb8d645d619c2f4f559ac6c7f7bac20ba9df32353d19941265a4e74261adaf45d48682c0bc86cea6128f11ad172ff461fb1d97bded615861843996e2a98e7b8313b695519d001ae35305d6cbf3c0ee6c7ab06d1a" PSA verify hash: RSA-1024 PSS SHA-512, slen=62 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512 verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"6b215d77cf88b2d08be53b4f3ac6e72ebfbf7e0dc6c1e77b238cfb661c247a011b8746709fbefe4bc05d37343391683e9489d720ecbb7df37f4e36967918958996939461703465c2014a4c12faf875f8def70070e55b765b165c7e9c6f2eb05c98351b1e82219c31a2fb3ddce05f8988f552ff92f0b3471f63c0e53824c550a4" PSA verify hash: RSA-1024 PSS-any-salt SHA-512, slen=62 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512 verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"6b215d77cf88b2d08be53b4f3ac6e72ebfbf7e0dc6c1e77b238cfb661c247a011b8746709fbefe4bc05d37343391683e9489d720ecbb7df37f4e36967918958996939461703465c2014a4c12faf875f8def70070e55b765b165c7e9c6f2eb05c98351b1e82219c31a2fb3ddce05f8988f552ff92f0b3471f63c0e53824c550a4" PSA verify hash: RSA-528 PSS SHA-512, slen=0 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512 verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"304a024300e31c246d46485984261fd174cab3d4357344602ecd793c47dbe54252d37bb350bc634359b19515542080e4724a4b672291be57c7648f51629eaef234e847d99cc65f0203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"a14ad0fef77d36c28658a66129ee632e40e1032003eefe7fcda8e52b06675a051c80b2ca1cb99ed0762e90c9a48c434cd1063638eed7895a9c770e5435af750a1955" PSA verify hash: RSA-528 PSS-any-salt SHA-512, slen=0 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512 verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"304a024300e31c246d46485984261fd174cab3d4357344602ecd793c47dbe54252d37bb350bc634359b19515542080e4724a4b672291be57c7648f51629eaef234e847d99cc65f0203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"a14ad0fef77d36c28658a66129ee632e40e1032003eefe7fcda8e52b06675a051c80b2ca1cb99ed0762e90c9a48c434cd1063638eed7895a9c770e5435af750a1955" PSA verify hash: RSA-520 PSS SHA-512 (hash too large) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512 verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"3049024200d5a06f86e5b9d87428540165ca966fa8893a62e2a59d0bfd7617780bb039f9165a373a8e119d0766f8de556710f33f67019153bad8223775e797d451d48206f3bf0203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"deaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddead42":PSA_ERROR_INVALID_ARGUMENT PSA verify hash: RSA-520 PSS-any-salt SHA-512 (hash too large) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512 verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"3049024200d5a06f86e5b9d87428540165ca966fa8893a62e2a59d0bfd7617780bb039f9165a373a8e119d0766f8de556710f33f67019153bad8223775e797d451d48206f3bf0203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"deaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddead42":PSA_ERROR_INVALID_ARGUMENT PSA verify hash: RSA PSS SHA-256, wrong hash length (0 bytes) @@ -2780,7 +2780,7 @@ depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TY sign_message_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548" PSA sign message: deterministic ECDSA SECP256R1 SHA-384 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C:MBEDLTS_PSA_BUILTIN_ALG_SHA_384 sign_message_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"616263":"7ea712a20e3a8cbe0c6e64195362ba7635bbe78af51ddedd7a5fd858395250c592654c35d3b0614ae0e3b329c25cf5b4a5fcb243af3e3ad15c8446fe401be066" PSA sign message: deterministic ECDSA SECP384R1 SHA-256 @@ -2900,7 +2900,7 @@ depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAI sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_384):"616263" PSA sign/verify message: deterministic ECDSA SECP256R1 SHA-384 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C:MBEDLTS_PSA_BUILTIN_ALG_SHA_384 sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"616263" PSA sign/verify message: randomized ECDSA SECP384R1 SHA-256 @@ -3036,11 +3036,11 @@ depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBL asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00":128:PSA_SUCCESS PSA encrypt: RSA OAEP-SHA-384, good -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"":128:PSA_SUCCESS PSA encrypt: RSA OAEP-SHA-384, good, with label -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"746869730069730061006c6162656c00":128:PSA_SUCCESS PSA encrypt: RSA PKCS#1 v1.5, key pair @@ -3060,7 +3060,7 @@ depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBED asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee":0:PSA_ERROR_INVALID_ARGUMENT PSA encrypt: RSA OAEP-SHA-384, input too large -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"":0:PSA_ERROR_INVALID_ARGUMENT PSA encrypt: invalid algorithm @@ -3088,7 +3088,7 @@ depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_ asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00" PSA encrypt-decrypt: RSA OAEP-SHA-384 -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384 asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"" PSA decrypt: RSA PKCS#1 v1.5: good #1 @@ -3124,7 +3124,7 @@ depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_ asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"746869730069730061006c6162656c00":"74686973206973206e6f2073717565616d697368206f7373696672616765" PSA decrypt: RSA OAEP-SHA-384, 30 bytes -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384 asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0df6750b8fed749359c016887d2cf097cc512c065526a91a7ee9b345a1bfff833737e7326e54d03f6bb65971962885a7661a16858d53ea55821052f4c7798d395b5c5495332fd4174451a1a437f36c27f446b96f309ff1cb6837274aa8ae2b51a8a479d736d25b8d2ca8ab96fe589553a3e52818b7df75544eb5469977b29aa4":"":"74686973206973206e6f2073717565616d697368206f7373696672616765" PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (should be empty) From f7e483c0b432b589715548c794607778c0a7a52a Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Sat, 8 May 2021 14:32:59 +0200 Subject: [PATCH 044/107] all.sh: psa: Add hash acceleration test component Signed-off-by: Ronald Cron --- tests/scripts/all.sh | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index fec97cb5e68..41cb46d03ec 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1715,6 +1715,46 @@ component_test_psa_crypto_config_accel_rsa_signature () { make test } +component_test_psa_crypto_config_accel_hash () { + msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated hash" + + # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having + # partial support for cipher operations in the driver test library. + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING + + loc_accel_list="ALG_MD4 ALG_MD5 ALG_RIPEMD160 ALG_SHA_1 ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512" + loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) + make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" + + scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS + scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG + scripts/config.py unset MBEDTLS_MD2_C + scripts/config.py unset MBEDTLS_MD4_C + scripts/config.py unset MBEDTLS_MD5_C + scripts/config.py unset MBEDTLS_RIPEMD160_C + scripts/config.py unset MBEDTLS_SHA1_C + # Don't unset MBEDTLS_SHA256_C as it is needed by PSA crypto core. + scripts/config.py unset MBEDTLS_SHA512_C + # Unset MBEDTLS_SSL_PROTO_SSL3, MBEDTLS_SSL_PROTO_TLS1 and MBEDTLS_SSL_PROTO_TLS1_1 as they depend on MBEDTLS_SHA1_C + scripts/config.py unset MBEDTLS_SSL_PROTO_SSL3 + scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1 + scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_1 + # Unset MBEDTLS_SSL_CBC_RECORD_SPLITTING as it depends on MBEDTLS_SSL_PROTO_TLS1 in the default configuration. + scripts/config.py unset MBEDTLS_SSL_CBC_RECORD_SPLITTING + loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" + make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" + + unset loc_accel_flags + unset loc_accel_list + + if_build_succeeded not grep mbedtls_sha512_init library/sha512.o + if_build_succeeded not grep mbedtls_sha1_init library/sha1.o + + msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated hash" + make test +} + component_test_psa_crypto_config_no_driver() { # full plus MBEDTLS_PSA_CRYPTO_CONFIG msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG minus MBEDTLS_PSA_CRYPTO_DRIVERS" From 0962370acf3b7137ae0d74641769239f1a5414ce Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 18 Oct 2021 11:26:01 +0200 Subject: [PATCH 045/107] all.sh: psa: Add cipher acceleration test component Signed-off-by: Ronald Cron --- tests/scripts/all.sh | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 41cb46d03ec..65a5dca8be1 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1755,6 +1755,45 @@ component_test_psa_crypto_config_accel_hash () { make test } +component_test_psa_crypto_config_accel_cipher () { + msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated cipher" + + loc_accel_list="ALG_CBC_NO_PADDING ALG_CBC_PKCS7 ALG_CTR ALG_CFB ALG_OFB ALG_XTS KEY_TYPE_DES" + loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) + make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" + + scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS + scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG + + # There is no intended accelerator support for ALG STREAM_CIPHER and + # ALG_ECB_NO_PADDING. Therefore, asking for them in the build implies the + # inclusion of the Mbed TLS cipher operations. As we want to test here with + # cipher operations solely supported by accelerators, disabled those + # PSA configuration options. + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_CMAC + + scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC + scripts/config.py unset MBEDTLS_CIPHER_PADDING_PKCS7 + scripts/config.py unset MBEDTLS_CIPHER_MODE_CTR + scripts/config.py unset MBEDTLS_CIPHER_MODE_CFB + scripts/config.py unset MBEDTLS_CIPHER_MODE_OFB + scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS + scripts/config.py unset MBEDTLS_DES_C + + loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" + make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" + + unset loc_accel_flags + unset loc_accel_list + + if_build_succeeded not grep mbedtls_des* library/des.o + + msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated hash" + make test +} + component_test_psa_crypto_config_no_driver() { # full plus MBEDTLS_PSA_CRYPTO_CONFIG msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG minus MBEDTLS_PSA_CRYPTO_DRIVERS" From bdea4d4d8b649ecc1415813fe4151b287c201235 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 19 Nov 2021 18:01:40 +0100 Subject: [PATCH 046/107] psa: Fix and improve comments Signed-off-by: Ronald Cron --- library/psa_crypto_hash.c | 2 -- library/psa_crypto_mac.c | 2 -- tests/include/test/drivers/config_test_driver.h | 14 ++++++-------- .../drivers/crypto_config_test_driver_extension.h | 8 +++++--- 4 files changed, 11 insertions(+), 15 deletions(-) diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index 9c50ca8db39..337e557b078 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -82,8 +82,6 @@ const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ) * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */ -/* Implement the PSA driver hash interface on top of mbed TLS if either the - * software driver or the test driver requires it. */ #if defined(MBEDTLS_PSA_BUILTIN_HASH) psa_status_t mbedtls_psa_hash_abort( mbedtls_psa_hash_operation_t *operation ) diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c index 5e78d65a611..dcf065a6726 100644 --- a/library/psa_crypto_mac.c +++ b/library/psa_crypto_mac.c @@ -189,8 +189,6 @@ static psa_status_t cmac_setup( mbedtls_psa_mac_operation_t *operation, } #endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */ -/* Implement the PSA driver MAC interface on top of mbed TLS if either the - * software driver or the test driver requires it. */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) diff --git a/tests/include/test/drivers/config_test_driver.h b/tests/include/test/drivers/config_test_driver.h index 0b5a6499a86..97be72d2fbe 100644 --- a/tests/include/test/drivers/config_test_driver.h +++ b/tests/include/test/drivers/config_test_driver.h @@ -1,11 +1,9 @@ -/** - * \file config.h - * - * \brief Configuration options (set of defines) - * - * This set of compile-time options may be used to enable - * or disable features selectively, and reduce the global - * memory footprint. +/* + * Mbed TLS configuration for PSA test driver libraries. It includes: + * . the minimum set of modules needed by the PSA core. + * . the Mbed TLS configuration options that may need to be additionally + * enabled for the purpose of a specific test. + * . the PSA configuration file for the Mbed TLS library and its test drivers. */ /* * Copyright The Mbed TLS Contributors diff --git a/tests/include/test/drivers/crypto_config_test_driver_extension.h b/tests/include/test/drivers/crypto_config_test_driver_extension.h index f4f95dcfc2c..f5be7b38504 100644 --- a/tests/include/test/drivers/crypto_config_test_driver_extension.h +++ b/tests/include/test/drivers/crypto_config_test_driver_extension.h @@ -1,7 +1,9 @@ /** - * \file psa/crypto_config.h - * \brief PSA crypto configuration options (set of defines) - * + * This file is intended to be used to build PSA test driver libraries. It is + * intended to be appended by the test build system to the crypto_config.h file + * of the Mbed TLS library the test library will be linked to. It mirrors the + * PSA_ACCEL_* macros defining the cryptographic operations the test library + * supports. */ #if defined(PSA_WANT_ALG_CBC_NO_PADDING) From 9ecdd970d039cbab076d85742b625071855c497e Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 19 Nov 2021 18:02:34 +0100 Subject: [PATCH 047/107] psa: Fix obsolete code guard Signed-off-by: Ronald Cron --- library/psa_crypto.c | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b08235c747a..9bcdb7f6b5f 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -385,15 +385,11 @@ psa_status_t mbedtls_to_psa_error( int ret ) /* Key management */ /****************************************************************/ -/* For now the MBEDTLS_PSA_ACCEL_ guards are also used here since the - * current test driver in key_management.c is using this function - * when accelerators are used for ECC key pair and public key. - * Once that dependency is resolved these guards can be removed. - */ #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) + defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_family_t curve, size_t bits, int bits_is_sloppy ) @@ -489,9 +485,10 @@ mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_family_t curve, return( MBEDTLS_ECP_DP_NONE ); } #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || - * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || - * defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || - * defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) */ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || + defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || + defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) */ static psa_status_t validate_unstructured_key_bit_size( psa_key_type_t type, size_t bits ) From bf672336ae48d5a7ab3f9d2d0abefb5456d7db42 Mon Sep 17 00:00:00 2001 From: Antonio de Angelis Date: Tue, 30 Nov 2021 12:21:44 +0000 Subject: [PATCH 048/107] Align function parameter names for mbedtls_set_key_owner_id in PSA headers static function mbedtls_set_key_owner() is declared in psa/crypto.h and defined in psa/crypto_struct.h with different parameter name for the mbedtls_key_owner_id_t parameter and that may trigger errors from static code analysis tool as cppcheck. Signed-off-by: Antonio de Angelis --- include/psa/crypto.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 877c19bfaa1..b0b57c3a6ba 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -159,10 +159,10 @@ static void psa_set_key_id( psa_key_attributes_t *attributes, * the owner of a key. * * \param[out] attributes The attribute structure to write to. - * \param owner_id The key owner identifier. + * \param owner The key owner identifier. */ static void mbedtls_set_key_owner_id( psa_key_attributes_t *attributes, - mbedtls_key_owner_id_t owner_id ); + mbedtls_key_owner_id_t owner ); #endif /** Set the location of a persistent key. From 12fe74e3609d20a85556ddf236562c501c1082c4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 17 Nov 2021 19:13:34 +0100 Subject: [PATCH 049/107] Declare which Python packages we use Add pip requirements files. We'll have separate requirements files for different target audiences. Each file can use `-r` lines to include other files. This commit adds two requirement files: one with everything that's needed to pass the CI, and one with additional tools that are suggested for Mbed TLS maintainers to install locally. Signed-off-by: Gilles Peskine --- scripts/ci.requirements.txt | 10 ++++++++++ scripts/maintainer.requirements.txt | 6 ++++++ 2 files changed, 16 insertions(+) create mode 100644 scripts/ci.requirements.txt create mode 100644 scripts/maintainer.requirements.txt diff --git a/scripts/ci.requirements.txt b/scripts/ci.requirements.txt new file mode 100644 index 00000000000..18b40ec173f --- /dev/null +++ b/scripts/ci.requirements.txt @@ -0,0 +1,10 @@ +# Python package requirements for Mbed TLS testing. + +# Use a known version of Pylint, because new versions tend to add warnings +# that could start rejecting our code. +# 2.4.4 is the version in Ubuntu 20.04. It supports Python >=3.5. +pylint == 2.4.4 + +# Use the earliest version of mypy that works with our code base. +# See https://github.com/ARMmbed/mbedtls/pull/3953 . +mypy >= 0.780 diff --git a/scripts/maintainer.requirements.txt b/scripts/maintainer.requirements.txt new file mode 100644 index 00000000000..670617ba7b2 --- /dev/null +++ b/scripts/maintainer.requirements.txt @@ -0,0 +1,6 @@ +# Python packages that are only useful to Mbed TLS maintainers. + +-r ci.requirements.txt + +# For source code analyses +clang From e4d142f1e7aab9fab6bd18687e3137d1d222abfe Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 17 Nov 2021 19:25:43 +0100 Subject: [PATCH 050/107] Script to install minimum versions of the requirements Wherever we have a requirement on foo>=N, install foo==N. This is for testing, to ensure that we don't accidentally depend on features that are not present in the minimum version we declare support for. Signed-off-by: Gilles Peskine --- scripts/min_requirements.py | 106 ++++++++++++++++++++++++++++++++++++ 1 file changed, 106 insertions(+) create mode 100755 scripts/min_requirements.py diff --git a/scripts/min_requirements.py b/scripts/min_requirements.py new file mode 100755 index 00000000000..3b156a36ab4 --- /dev/null +++ b/scripts/min_requirements.py @@ -0,0 +1,106 @@ +#!/usr/bin/env python3 +"""Install all the required Python packages, with the minimum Python version. +""" + +# Copyright The Mbed TLS Contributors +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import argparse +import os +import re +import sys +import typing + +from typing import List +from mbedtls_dev import typing_util + +def pylint_doesn_t_notice_that_certain_types_are_used_in_annotations( + _list: List[typing.Any], +) -> None: + pass + + +class Requirements: + """Collect and massage Python requirements.""" + + def __init__(self) -> None: + self.requirements = [] #type: List[str] + + def adjust_requirement(self, req: str) -> str: + """Adjust a requirement to the minimum specified version.""" + # allow inheritance #pylint: disable=no-self-use + # If a requirement specifies a minimum version, impose that version. + req = re.sub(r'>=|~=', r'==', req) + return req + + def add_file(self, filename: str) -> None: + """Add requirements from the specified file. + + This method supports a subset of pip's requirement file syntax: + * One requirement specifier per line, which is passed to + `adjust_requirement`. + * Comments (``#`` at the beginning of the line or after whitespace). + * ``-r FILENAME`` to include another file. + """ + for line in open(filename): + line = line.strip() + line = re.sub(r'(\A|\s+)#.*', r'', line) + if not line: + continue + m = re.match(r'-r\s+', line) + if m: + nested_file = os.path.join(os.path.dirname(filename), + line[m.end(0):]) + self.add_file(nested_file) + continue + self.requirements.append(self.adjust_requirement(line)) + + def write(self, out: typing_util.Writable) -> None: + """List the gathered requirements.""" + for req in self.requirements: + out.write(req + '\n') + + def install(self) -> None: + """Call pip to install the requirements.""" + if not self.requirements: + return + ret = os.spawnl(os.P_WAIT, sys.executable, 'python', '-m', 'pip', + 'install', *self.requirements) + if ret != 0: + sys.exit(ret) + + +def main() -> None: + """Command line entry point.""" + parser = argparse.ArgumentParser(description=__doc__) + parser.add_argument('--no-act', '-n', + action='store_true', + help="Don't act, just print what will be done") + parser.add_argument('files', nargs='*', metavar='FILE', + help="Requirement files" + "(default: requirements.txt in the script's directory)") + options = parser.parse_args() + if not options.files: + options.files = [os.path.join(os.path.dirname(__file__), + 'ci.requirements.txt')] + reqs = Requirements() + for filename in options.files: + reqs.add_file(filename) + reqs.write(sys.stdout) + if not options.no_act: + reqs.install() + +if __name__ == '__main__': + main() From ce8ccaf55bc2ffeb84252addf5e9637580291bdd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 17 Nov 2021 19:48:21 +0100 Subject: [PATCH 051/107] Docker: Python requirements are now managed in-tree Neither mbed-host-tests nor mock are currently used. Signed-off-by: Gilles Peskine --- tests/docker/bionic/Dockerfile | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/tests/docker/bionic/Dockerfile b/tests/docker/bionic/Dockerfile index 1d24aa32683..69662f40ff1 100644 --- a/tests/docker/bionic/Dockerfile +++ b/tests/docker/bionic/Dockerfile @@ -161,6 +161,4 @@ RUN cd /tmp \ ENV GNUTLS_NEXT_CLI=/usr/local/gnutls-3.6.5/bin/gnutls-cli ENV GNUTLS_NEXT_SERV=/usr/local/gnutls-3.6.5/bin/gnutls-serv -RUN pip3 install --no-cache-dir \ - mbed-host-tests \ - mock +RUN scripts/min_requirements.py From 6d253cc4fc1c8467076a12173cfa4bd7d632dae5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 17 Nov 2021 19:29:38 +0100 Subject: [PATCH 052/107] Travis: use the in-tree Python package requirements Signed-off-by: Gilles Peskine --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 56e145649f8..33546073bf7 100644 --- a/.travis.yml +++ b/.travis.yml @@ -19,7 +19,7 @@ jobs: language: python # Needed to get pip for Python 3 python: 3.5 # version from Ubuntu 16.04 install: - - pip install mypy==0.780 pylint==2.4.4 + - scripts/min_requirements.py script: - tests/scripts/all.sh -k 'check_*' - tests/scripts/all.sh -k test_default_out_of_box From c31780f62f8d0369dc4294a5ff1d815c24f8aa82 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 18 Nov 2021 18:18:35 +0100 Subject: [PATCH 053/107] Use a method to invoke pip that works on Windows Passing arguments on the command line apparently didn't work due to quoting issues. Use a temporary file instead. Signed-off-by: Gilles Peskine --- scripts/min_requirements.py | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/scripts/min_requirements.py b/scripts/min_requirements.py index 3b156a36ab4..ef6c42bf613 100755 --- a/scripts/min_requirements.py +++ b/scripts/min_requirements.py @@ -20,7 +20,9 @@ import argparse import os import re +import subprocess import sys +import tempfile import typing from typing import List @@ -74,12 +76,18 @@ def write(self, out: typing_util.Writable) -> None: def install(self) -> None: """Call pip to install the requirements.""" - if not self.requirements: - return - ret = os.spawnl(os.P_WAIT, sys.executable, 'python', '-m', 'pip', - 'install', *self.requirements) - if ret != 0: - sys.exit(ret) + with tempfile.TemporaryDirectory() as temp_dir: + # This is more complicated than it needs to be for the sake + # of Windows. Use a temporary file rather than the command line + # to avoid quoting issues. Use a temporary directory rather + # than NamedTemporaryFile because with a NamedTemporaryFile on + # Windows, the subprocess can't open the file because this process + # has an exclusive lock on it. + req_file_name = os.path.join(temp_dir, 'requirements.txt') + with open(req_file_name, 'w') as req_file: + self.write(req_file) + subprocess.check_call([sys.executable, '-m', 'pip', + 'install', '-r', req_file_name]) def main() -> None: From ca07ea08020eb59ab3a9e8495aabd48349352aae Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 22 Nov 2021 12:52:24 +0000 Subject: [PATCH 054/107] Allow passing options to pip Signed-off-by: Gilles Peskine --- scripts/min_requirements.py | 34 ++++++++++++++++++++++++++++------ 1 file changed, 28 insertions(+), 6 deletions(-) diff --git a/scripts/min_requirements.py b/scripts/min_requirements.py index ef6c42bf613..db301e89135 100755 --- a/scripts/min_requirements.py +++ b/scripts/min_requirements.py @@ -25,7 +25,7 @@ import tempfile import typing -from typing import List +from typing import List, Optional from mbedtls_dev import typing_util def pylint_doesn_t_notice_that_certain_types_are_used_in_annotations( @@ -74,8 +74,16 @@ def write(self, out: typing_util.Writable) -> None: for req in self.requirements: out.write(req + '\n') - def install(self) -> None: + def install( + self, + pip_general_options: Optional[List[str]] = None, + pip_install_options: Optional[List[str]] = None, + ) -> None: """Call pip to install the requirements.""" + if pip_general_options is None: + pip_general_options = [] + if pip_install_options is None: + pip_install_options = [] with tempfile.TemporaryDirectory() as temp_dir: # This is more complicated than it needs to be for the sake # of Windows. Use a temporary file rather than the command line @@ -86,8 +94,10 @@ def install(self) -> None: req_file_name = os.path.join(temp_dir, 'requirements.txt') with open(req_file_name, 'w') as req_file: self.write(req_file) - subprocess.check_call([sys.executable, '-m', 'pip', - 'install', '-r', req_file_name]) + subprocess.check_call([sys.executable, '-m', 'pip'] + + pip_general_options + + ['install'] + pip_install_options + + ['-r', req_file_name]) def main() -> None: @@ -96,9 +106,20 @@ def main() -> None: parser.add_argument('--no-act', '-n', action='store_true', help="Don't act, just print what will be done") + parser.add_argument('--pip-install-option', + action='append', dest='pip_install_options', + help="Pass this option to pip install") + parser.add_argument('--pip-option', + action='append', dest='pip_general_options', + help="Pass this general option to pip") + parser.add_argument('--user', + action='append_const', dest='pip_install_options', + const='--user', + help="Install to the Python user install directory" + " (short for --pip-install-option --user)") parser.add_argument('files', nargs='*', metavar='FILE', help="Requirement files" - "(default: requirements.txt in the script's directory)") + " (default: requirements.txt in the script's directory)") options = parser.parse_args() if not options.files: options.files = [os.path.join(os.path.dirname(__file__), @@ -108,7 +129,8 @@ def main() -> None: reqs.add_file(filename) reqs.write(sys.stdout) if not options.no_act: - reqs.install() + reqs.install(pip_general_options=options.pip_general_options, + pip_install_options=options.pip_install_options) if __name__ == '__main__': main() From 3f5f7df75ba3e224f1ff2595d94fe094dac7615d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 2 Dec 2021 12:44:50 +0100 Subject: [PATCH 055/107] Remove accidental requirement on the worktree content This made the build impossible since mbedtls isn't available when building the container. Signed-off-by: Gilles Peskine --- tests/docker/bionic/Dockerfile | 2 -- 1 file changed, 2 deletions(-) diff --git a/tests/docker/bionic/Dockerfile b/tests/docker/bionic/Dockerfile index 69662f40ff1..3132be9ca05 100644 --- a/tests/docker/bionic/Dockerfile +++ b/tests/docker/bionic/Dockerfile @@ -160,5 +160,3 @@ RUN cd /tmp \ ENV GNUTLS_NEXT_CLI=/usr/local/gnutls-3.6.5/bin/gnutls-cli ENV GNUTLS_NEXT_SERV=/usr/local/gnutls-3.6.5/bin/gnutls-serv - -RUN scripts/min_requirements.py From f3564bfe990b5f2934fab9c61ba9106b7e4453dd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 2 Dec 2021 12:50:06 +0100 Subject: [PATCH 056/107] Add Cryptodome to maintainer requirements See e.g. https://github.com/ARMmbed/mbedtls/pull/5218 Signed-off-by: Gilles Peskine --- scripts/maintainer.requirements.txt | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/scripts/maintainer.requirements.txt b/scripts/maintainer.requirements.txt index 670617ba7b2..b149921a242 100644 --- a/scripts/maintainer.requirements.txt +++ b/scripts/maintainer.requirements.txt @@ -4,3 +4,7 @@ # For source code analyses clang + +# For building some test vectors +pycryptodomex +pycryptodome-test-vectors From f40545d919ab5c8e692cb3fefe8a04fac52853ba Mon Sep 17 00:00:00 2001 From: Xiaofei Bai Date: Thu, 2 Dec 2021 08:43:35 +0000 Subject: [PATCH 057/107] Fix (d)tls1_2 into (d)tls12 in version options Signed-off-by: Xiaofei Bai --- programs/ssl/ssl_client2.c | 16 +-- programs/ssl/ssl_server2.c | 18 +-- tests/compat.sh | 10 +- tests/scripts/all.sh | 10 +- tests/scripts/test-ref-configs.pl | 4 +- tests/ssl-opt.sh | 206 +++++++++++++++--------------- 6 files changed, 132 insertions(+), 132 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 574caa61156..8e62dbe88f7 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -426,9 +426,9 @@ int main( void ) " arc4=%%d default: (library default: 0)\n" \ " allow_sha1=%%d default: 0\n" \ " min_version=%%s default: (library default: tls1)\n" \ - " max_version=%%s default: (library default: tls1_2)\n" \ + " max_version=%%s default: (library default: tls12)\n" \ " force_version=%%s default: \"\" (none)\n" \ - " options: ssl3, tls1, tls1_1, tls1_2, dtls1, dtls1_2\n" \ + " options: ssl3, tls1, tls1_1, tls12, dtls1, dtls12\n" \ "\n" \ " force_ciphersuite= default: all enabled\n"\ " query_config= return 0 if the specified\n" \ @@ -1107,8 +1107,8 @@ int main( int argc, char *argv[] ) else if( strcmp( q, "tls1_1" ) == 0 || strcmp( q, "dtls1" ) == 0 ) opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; - else if( strcmp( q, "tls1_2" ) == 0 || - strcmp( q, "dtls1_2" ) == 0 ) + else if( strcmp( q, "tls12" ) == 0 || + strcmp( q, "dtls12" ) == 0 ) opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; else goto usage; @@ -1122,8 +1122,8 @@ int main( int argc, char *argv[] ) else if( strcmp( q, "tls1_1" ) == 0 || strcmp( q, "dtls1" ) == 0 ) opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; - else if( strcmp( q, "tls1_2" ) == 0 || - strcmp( q, "dtls1_2" ) == 0 ) + else if( strcmp( q, "tls12" ) == 0 || + strcmp( q, "dtls12" ) == 0 ) opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; else goto usage; @@ -1163,7 +1163,7 @@ int main( int argc, char *argv[] ) opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; } - else if( strcmp( q, "tls1_2" ) == 0 ) + else if( strcmp( q, "tls12" ) == 0 ) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; @@ -1174,7 +1174,7 @@ int main( int argc, char *argv[] ) opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; } - else if( strcmp( q, "dtls1_2" ) == 0 ) + else if( strcmp( q, "dtls12" ) == 0 ) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 329305ea17d..ee45312bab3 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -507,12 +507,12 @@ int main( void ) " arc4=%%d default: (library default: 0)\n" \ " allow_sha1=%%d default: 0\n" \ " min_version=%%s default: (library default: tls1)\n" \ - " max_version=%%s default: (library default: tls1_2)\n" \ + " max_version=%%s default: (library default: tls12)\n" \ " force_version=%%s default: \"\" (none)\n" \ - " options: ssl3, tls1, tls1_1, tls1_2, dtls1, dtls1_2\n" \ + " options: ssl3, tls1, tls1_1, tls12, dtls1, dtls12\n" \ "\n" \ " version_suites=a,b,c,d per-version ciphersuites\n" \ - " in order from ssl3 to tls1_2\n" \ + " in order from ssl3 to tls12\n" \ " default: all enabled\n" \ " force_ciphersuite= default: all enabled\n" \ " query_config= return 0 if the specified\n" \ @@ -1741,8 +1741,8 @@ int main( int argc, char *argv[] ) else if( strcmp( q, "tls1_1" ) == 0 || strcmp( q, "dtls1" ) == 0 ) opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; - else if( strcmp( q, "tls1_2" ) == 0 || - strcmp( q, "dtls1_2" ) == 0 ) + else if( strcmp( q, "tls12" ) == 0 || + strcmp( q, "dtls12" ) == 0 ) opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; else goto usage; @@ -1756,8 +1756,8 @@ int main( int argc, char *argv[] ) else if( strcmp( q, "tls1_1" ) == 0 || strcmp( q, "dtls1" ) == 0 ) opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; - else if( strcmp( q, "tls1_2" ) == 0 || - strcmp( q, "dtls1_2" ) == 0 ) + else if( strcmp( q, "tls12" ) == 0 || + strcmp( q, "dtls12" ) == 0 ) opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; else goto usage; @@ -1797,7 +1797,7 @@ int main( int argc, char *argv[] ) opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; } - else if( strcmp( q, "tls1_2" ) == 0 ) + else if( strcmp( q, "tls12" ) == 0 ) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; @@ -1808,7 +1808,7 @@ int main( int argc, char *argv[] ) opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; } - else if( strcmp( q, "dtls1_2" ) == 0 ) + else if( strcmp( q, "dtls12" ) == 0 ) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; diff --git a/tests/compat.sh b/tests/compat.sh index 29aa686f604..444c80cb302 100755 --- a/tests/compat.sh +++ b/tests/compat.sh @@ -67,7 +67,7 @@ else fi # default values for options -MODES="tls1 tls1_1 tls1_2 dtls1 dtls1_2" +MODES="tls1 tls1_1 tls12 dtls1 dtls12" VERIFIES="NO YES" TYPES="ECDSA RSA PSK" FILTER="" @@ -156,7 +156,7 @@ log() { # is_dtls is_dtls() { - test "$1" = "dtls1" -o "$1" = "dtls1_2" + test "$1" = "dtls1" -o "$1" = "dtls12" } # minor_ver @@ -172,7 +172,7 @@ minor_ver() tls1_1|dtls1) echo 2 ;; - tls1_2|dtls1_2) + tls12|dtls12) echo 3 ;; *) @@ -881,14 +881,14 @@ setup_arguments() "tls1_1") G_PRIO_MODE="+VERS-TLS1.1" ;; - "tls1_2") + "tls12") G_PRIO_MODE="+VERS-TLS1.2" ;; "dtls1") G_PRIO_MODE="+VERS-DTLS1.0" G_MODE="-u" ;; - "dtls1_2") + "dtls12") G_PRIO_MODE="+VERS-DTLS1.2" G_MODE="-u" ;; diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 65a5dca8be1..2d6538552c2 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1015,7 +1015,7 @@ component_test_sslv3 () { make test msg "build: SSLv3 - compat.sh (ASan build)" # ~ 6 min - tests/compat.sh -m 'tls1 tls1_1 tls1_2 dtls1 dtls1_2' + tests/compat.sh -m 'tls1 tls1_1 tls12 dtls1 dtls12' env OPENSSL_CMD="$OPENSSL_LEGACY" tests/compat.sh -m 'ssl3' msg "build: SSLv3 - ssl-opt.sh (ASan build)" # ~ 6 min @@ -1092,7 +1092,7 @@ component_test_no_ctr_drbg_classic () { tests/ssl-opt.sh -f 'Default\|SSL async private.*delay=\|tickets enabled on server' msg "test: Full minus CTR_DRBG, classic crypto - compat.sh (subset)" - tests/compat.sh -m tls1_2 -t 'ECDSA PSK' -V NO -p OpenSSL + tests/compat.sh -m tls12 -t 'ECDSA PSK' -V NO -p OpenSSL } component_test_no_ctr_drbg_use_psa () { @@ -1114,7 +1114,7 @@ component_test_no_ctr_drbg_use_psa () { tests/ssl-opt.sh -f 'Default\|SSL async private.*delay=\|tickets enabled on server' msg "test: Full minus CTR_DRBG, USE_PSA_CRYPTO - compat.sh (subset)" - tests/compat.sh -m tls1_2 -t 'ECDSA PSK' -V NO -p OpenSSL + tests/compat.sh -m tls12 -t 'ECDSA PSK' -V NO -p OpenSSL } component_test_no_hmac_drbg_classic () { @@ -1141,7 +1141,7 @@ component_test_no_hmac_drbg_classic () { # To save time, only test one protocol version, since this part of # the protocol is identical in (D)TLS up to 1.2. msg "test: Full minus HMAC_DRBG, classic crypto - compat.sh (ECDSA)" - tests/compat.sh -m tls1_2 -t 'ECDSA' + tests/compat.sh -m tls12 -t 'ECDSA' } component_test_no_hmac_drbg_use_psa () { @@ -1168,7 +1168,7 @@ component_test_no_hmac_drbg_use_psa () { # To save time, only test one protocol version, since this part of # the protocol is identical in (D)TLS up to 1.2. msg "test: Full minus HMAC_DRBG, USE_PSA_CRYPTO - compat.sh (ECDSA)" - tests/compat.sh -m tls1_2 -t 'ECDSA' + tests/compat.sh -m tls12 -t 'ECDSA' } component_test_psa_external_rng_no_drbg_classic () { diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl index 57263a334e0..d34bbdef531 100755 --- a/tests/scripts/test-ref-configs.pl +++ b/tests/scripts/test-ref-configs.pl @@ -29,7 +29,7 @@ my %configs = ( 'config-ccm-psk-tls1_2.h' => { - 'compat' => '-m tls1_2 -f \'^TLS-PSK-WITH-AES-...-CCM-8\'', + 'compat' => '-m tls12 -f \'^TLS-PSK-WITH-AES-...-CCM-8\'', }, 'config-mini-tls1_1.h' => { 'compat' => '-m tls1_1 -f \'^DES-CBC3-SHA$\|^TLS-RSA-WITH-3DES-EDE-CBC-SHA$\'', #' @@ -37,7 +37,7 @@ 'config-no-entropy.h' => { }, 'config-suite-b.h' => { - 'compat' => "-m tls1_2 -f 'ECDHE-ECDSA.*AES.*GCM' -p mbedTLS", + 'compat' => "-m tls12 -f 'ECDHE-ECDSA.*AES.*GCM' -p mbedTLS", }, 'config-symmetric-only.h' => { }, diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 6f25cffffbe..43b6d0444e6 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1114,8 +1114,8 @@ run_test() { run_test_psa() { requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSA-supported ciphersuite: $1" \ - "$P_SRV debug_level=3 force_version=tls1_2" \ - "$P_CLI debug_level=3 force_version=tls1_2 force_ciphersuite=$1" \ + "$P_SRV debug_level=3 force_version=tls12" \ + "$P_CLI debug_level=3 force_version=tls12 force_ciphersuite=$1" \ 0 \ -c "Successfully setup PSA-based decryption cipher context" \ -c "Successfully setup PSA-based encryption cipher context" \ @@ -1137,8 +1137,8 @@ run_test_psa() { run_test_psa_force_curve() { requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSA - ECDH with $1" \ - "$P_SRV debug_level=4 force_version=tls1_2" \ - "$P_CLI debug_level=4 force_version=tls1_2 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 curves=$1" \ + "$P_SRV debug_level=4 force_version=tls12" \ + "$P_CLI debug_level=4 force_version=tls12 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 curves=$1" \ 0 \ -c "Successfully setup PSA-based decryption cipher context" \ -c "Successfully setup PSA-based encryption cipher context" \ @@ -1170,8 +1170,8 @@ run_test_memory_after_hanshake_with_mfl() MEMORY_USAGE_LIMIT="$(( ( MEMORY_USAGE_LIMIT * 110 ) / 100 ))" run_test "Handshake memory usage (MFL $1)" \ - "$P_SRV debug_level=3 auth_mode=required force_version=tls1_2" \ - "$P_CLI debug_level=3 force_version=tls1_2 \ + "$P_SRV debug_level=3 auth_mode=required force_version=tls12" \ + "$P_CLI debug_level=3 force_version=tls12 \ crt_file=data_files/server5.crt key_file=data_files/server5.key \ force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM max_frag_len=$1" \ 0 \ @@ -1189,8 +1189,8 @@ run_tests_memory_after_hanshake() # first test with default MFU is to get reference memory usage MEMORY_USAGE_MFL_16K=0 run_test "Handshake memory usage initial (MFL 16384 - default)" \ - "$P_SRV debug_level=3 auth_mode=required force_version=tls1_2" \ - "$P_CLI debug_level=3 force_version=tls1_2 \ + "$P_SRV debug_level=3 auth_mode=required force_version=tls12" \ + "$P_CLI debug_level=3 force_version=tls12 \ crt_file=data_files/server5.crt key_file=data_files/server5.key \ force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM" \ 0 \ @@ -2849,7 +2849,7 @@ run_test "Fallback SCSV: not in list" \ run_test "CBC Record splitting: TLS 1.2, no splitting" \ "$P_SRV" \ "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ - request_size=123 force_version=tls1_2" \ + request_size=123 force_version=tls12" \ 0 \ -s "Read from client: 123 bytes read" \ -S "Read from client: 1 bytes read" \ @@ -4774,7 +4774,7 @@ run_test "Certificate hash: client TLS 1.2 -> SHA-2" \ key_file=data_files/server5.key \ crt_file2=data_files/server5-sha1.crt \ key_file2=data_files/server5.key" \ - "$P_CLI force_version=tls1_2" \ + "$P_CLI force_version=tls12" \ 0 \ -c "signed using.*ECDSA with SHA256" \ -C "signed using.*ECDSA with SHA1" @@ -5321,14 +5321,14 @@ run_test "Version check: cli min 1.1, srv max 1.1 -> 1.1" \ run_test "Version check: cli min 1.2, srv max 1.1 -> fail" \ "$P_SRV max_version=tls1_1" \ - "$P_CLI min_version=tls1_2" \ + "$P_CLI min_version=tls12" \ 1 \ -s "mbedtls_ssl_handshake returned" \ -c "mbedtls_ssl_handshake returned" \ -c "SSL - Handshake protocol not within min/max boundaries" run_test "Version check: srv min 1.2, cli max 1.1 -> fail" \ - "$P_SRV min_version=tls1_2" \ + "$P_SRV min_version=tls12" \ "$P_CLI max_version=tls1_1" \ 1 \ -s "mbedtls_ssl_handshake returned" \ @@ -5807,7 +5807,7 @@ run_test "PSK callback: psk, no callback" \ requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: opaque psk on client, no callback" \ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \ - "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=foo psk=abc123 psk_opaque=1" \ 0 \ -c "skip PMS generation for opaque PSK"\ @@ -5821,7 +5821,7 @@ run_test "PSK callback: opaque psk on client, no callback" \ requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: opaque psk on client, no callback, SHA-384" \ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \ - "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ + "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ psk_identity=foo psk=abc123 psk_opaque=1" \ 0 \ -c "skip PMS generation for opaque PSK"\ @@ -5835,7 +5835,7 @@ run_test "PSK callback: opaque psk on client, no callback, SHA-384" \ requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: opaque psk on client, no callback, EMS" \ "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \ - "$P_CLI extended_ms=1 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=foo psk=abc123 psk_opaque=1" \ 0 \ -c "skip PMS generation for opaque PSK"\ @@ -5849,7 +5849,7 @@ run_test "PSK callback: opaque psk on client, no callback, EMS" \ requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: opaque psk on client, no callback, SHA-384, EMS" \ "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \ - "$P_CLI extended_ms=1 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ + "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ psk_identity=foo psk=abc123 psk_opaque=1" \ 0 \ -c "skip PMS generation for opaque PSK"\ @@ -5862,8 +5862,8 @@ run_test "PSK callback: opaque psk on client, no callback, SHA-384, EMS" \ requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, static opaque on server, no callback" \ - "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ - "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ + "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=foo psk=abc123" \ 0 \ -C "skip PMS generation for opaque PSK"\ @@ -5876,8 +5876,8 @@ run_test "PSK callback: raw psk on client, static opaque on server, no callba requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, static opaque on server, no callback, SHA-384" \ - "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \ - "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ + "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \ + "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ psk_identity=foo psk=abc123" \ 0 \ -C "skip PMS generation for opaque PSK"\ @@ -5890,9 +5890,9 @@ run_test "PSK callback: raw psk on client, static opaque on server, no callba requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, static opaque on server, no callback, EMS" \ - "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 \ + "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ - "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=foo psk=abc123 extended_ms=1" \ 0 \ -c "session hash for extended master secret"\ @@ -5905,9 +5905,9 @@ run_test "PSK callback: raw psk on client, static opaque on server, no callba requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, static opaque on server, no callback, EMS, SHA384" \ - "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 \ + "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ - "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ + "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ psk_identity=foo psk=abc123 extended_ms=1" \ 0 \ -c "session hash for extended master secret"\ @@ -5920,8 +5920,8 @@ run_test "PSK callback: raw psk on client, static opaque on server, no callba requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback" \ - "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ - "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ + "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=def psk=beef" \ 0 \ -C "skip PMS generation for opaque PSK"\ @@ -5934,8 +5934,8 @@ run_test "PSK callback: raw psk on client, no static PSK on server, opaque PS requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, SHA-384" \ - "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \ - "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ + "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \ + "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ psk_identity=def psk=beef" \ 0 \ -C "skip PMS generation for opaque PSK"\ @@ -5948,9 +5948,9 @@ run_test "PSK callback: raw psk on client, no static PSK on server, opaque PS requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS" \ - "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 \ + "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ - "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=abc psk=dead extended_ms=1" \ 0 \ -c "session hash for extended master secret"\ @@ -5963,9 +5963,9 @@ run_test "PSK callback: raw psk on client, no static PSK on server, opaque PS requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS, SHA384" \ - "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 \ + "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ - "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ + "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ psk_identity=abc psk=dead extended_ms=1" \ 0 \ -c "session hash for extended master secret"\ @@ -5978,8 +5978,8 @@ run_test "PSK callback: raw psk on client, no static PSK on server, opaque PS requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, mismatching static raw PSK on server, opaque PSK from callback" \ - "$P_SRV extended_ms=0 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ - "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + "$P_SRV extended_ms=0 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ + "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=def psk=beef" \ 0 \ -C "skip PMS generation for opaque PSK"\ @@ -5992,8 +5992,8 @@ run_test "PSK callback: raw psk on client, mismatching static raw PSK on serv requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, mismatching static opaque PSK on server, opaque PSK from callback" \ - "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ - "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ + "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=def psk=beef" \ 0 \ -C "skip PMS generation for opaque PSK"\ @@ -6006,8 +6006,8 @@ run_test "PSK callback: raw psk on client, mismatching static opaque PSK on s requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, mismatching static opaque PSK on server, raw PSK from callback" \ - "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ - "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ + "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=def psk=beef" \ 0 \ -C "skip PMS generation for opaque PSK"\ @@ -6019,8 +6019,8 @@ run_test "PSK callback: raw psk on client, mismatching static opaque PSK on s requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, id-matching but wrong raw PSK on server, opaque PSK from callback" \ - "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ - "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ + "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=def psk=beef" \ 0 \ -C "skip PMS generation for opaque PSK"\ @@ -6032,8 +6032,8 @@ run_test "PSK callback: raw psk on client, id-matching but wrong raw PSK on s requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, matching opaque PSK on server, wrong opaque PSK from callback" \ - "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=beef debug_level=3 psk_list=abc,dead,def,abc123 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ - "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=beef debug_level=3 psk_list=abc,dead,def,abc123 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ + "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=def psk=beef" \ 1 \ -s "SSL - Verification of the message MAC failed" @@ -6220,7 +6220,7 @@ requires_config_enabled MBEDTLS_CAMELLIA_C requires_config_enabled MBEDTLS_AES_C run_test "Per-version suites: TLS 1.2" \ "$P_SRV version_suites=TLS-RSA-WITH-CAMELLIA-128-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \ - "$P_CLI force_version=tls1_2" \ + "$P_CLI force_version=tls12" \ 0 \ -c "Ciphersuite is TLS-RSA-WITH-AES-128-GCM-SHA256" @@ -6387,21 +6387,21 @@ run_test "Small client packet TLS 1.1 StreamCipher, without EtM, truncated MA run_test "Small client packet TLS 1.2 BlockCipher" \ "$P_SRV" \ - "$P_CLI request_size=1 force_version=tls1_2 \ + "$P_CLI request_size=1 force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 0 \ -s "Read from client: 1 bytes read" run_test "Small client packet TLS 1.2 BlockCipher, without EtM" \ "$P_SRV" \ - "$P_CLI request_size=1 force_version=tls1_2 \ + "$P_CLI request_size=1 force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \ 0 \ -s "Read from client: 1 bytes read" run_test "Small client packet TLS 1.2 BlockCipher larger MAC" \ "$P_SRV" \ - "$P_CLI request_size=1 force_version=tls1_2 \ + "$P_CLI request_size=1 force_version=tls12 \ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \ 0 \ -s "Read from client: 1 bytes read" @@ -6409,7 +6409,7 @@ run_test "Small client packet TLS 1.2 BlockCipher larger MAC" \ requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC run_test "Small client packet TLS 1.2 BlockCipher, truncated MAC" \ "$P_SRV trunc_hmac=1" \ - "$P_CLI request_size=1 force_version=tls1_2 \ + "$P_CLI request_size=1 force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ 0 \ -s "Read from client: 1 bytes read" @@ -6417,21 +6417,21 @@ run_test "Small client packet TLS 1.2 BlockCipher, truncated MAC" \ requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC run_test "Small client packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \ "$P_SRV trunc_hmac=1" \ - "$P_CLI request_size=1 force_version=tls1_2 \ + "$P_CLI request_size=1 force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ 0 \ -s "Read from client: 1 bytes read" run_test "Small client packet TLS 1.2 StreamCipher" \ "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI request_size=1 force_version=tls1_2 \ + "$P_CLI request_size=1 force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 0 \ -s "Read from client: 1 bytes read" run_test "Small client packet TLS 1.2 StreamCipher, without EtM" \ "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI request_size=1 force_version=tls1_2 \ + "$P_CLI request_size=1 force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \ 0 \ -s "Read from client: 1 bytes read" @@ -6439,7 +6439,7 @@ run_test "Small client packet TLS 1.2 StreamCipher, without EtM" \ requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC run_test "Small client packet TLS 1.2 StreamCipher, truncated MAC" \ "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - "$P_CLI request_size=1 force_version=tls1_2 \ + "$P_CLI request_size=1 force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ 0 \ -s "Read from client: 1 bytes read" @@ -6447,21 +6447,21 @@ run_test "Small client packet TLS 1.2 StreamCipher, truncated MAC" \ requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC run_test "Small client packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \ "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - "$P_CLI request_size=1 force_version=tls1_2 \ + "$P_CLI request_size=1 force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \ 0 \ -s "Read from client: 1 bytes read" run_test "Small client packet TLS 1.2 AEAD" \ "$P_SRV" \ - "$P_CLI request_size=1 force_version=tls1_2 \ + "$P_CLI request_size=1 force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \ 0 \ -s "Read from client: 1 bytes read" run_test "Small client packet TLS 1.2 AEAD shorter tag" \ "$P_SRV" \ - "$P_CLI request_size=1 force_version=tls1_2 \ + "$P_CLI request_size=1 force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \ 0 \ -s "Read from client: 1 bytes read" @@ -6504,7 +6504,7 @@ run_test "Small client packet DTLS 1.0, without EtM, truncated MAC" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS run_test "Small client packet DTLS 1.2" \ - "$P_SRV dtls=1 force_version=dtls1_2" \ + "$P_SRV dtls=1 force_version=dtls12" \ "$P_CLI dtls=1 request_size=1 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 0 \ @@ -6512,7 +6512,7 @@ run_test "Small client packet DTLS 1.2" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS run_test "Small client packet DTLS 1.2, without EtM" \ - "$P_SRV dtls=1 force_version=dtls1_2 etm=0" \ + "$P_SRV dtls=1 force_version=dtls12 etm=0" \ "$P_CLI dtls=1 request_size=1 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 0 \ @@ -6521,7 +6521,7 @@ run_test "Small client packet DTLS 1.2, without EtM" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC run_test "Small client packet DTLS 1.2, truncated hmac" \ - "$P_SRV dtls=1 force_version=dtls1_2 trunc_hmac=1" \ + "$P_SRV dtls=1 force_version=dtls12 trunc_hmac=1" \ "$P_CLI dtls=1 request_size=1 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ 0 \ @@ -6530,7 +6530,7 @@ run_test "Small client packet DTLS 1.2, truncated hmac" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC run_test "Small client packet DTLS 1.2, without EtM, truncated MAC" \ - "$P_SRV dtls=1 force_version=dtls1_2 trunc_hmac=1 etm=0" \ + "$P_SRV dtls=1 force_version=dtls12 trunc_hmac=1 etm=0" \ "$P_CLI dtls=1 request_size=1 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\ 0 \ @@ -6676,21 +6676,21 @@ run_test "Small server packet TLS 1.1 StreamCipher, without EtM, truncated MA run_test "Small server packet TLS 1.2 BlockCipher" \ "$P_SRV response_size=1" \ - "$P_CLI force_version=tls1_2 \ + "$P_CLI force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 0 \ -c "Read from server: 1 bytes read" run_test "Small server packet TLS 1.2 BlockCipher, without EtM" \ "$P_SRV response_size=1" \ - "$P_CLI force_version=tls1_2 \ + "$P_CLI force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \ 0 \ -c "Read from server: 1 bytes read" run_test "Small server packet TLS 1.2 BlockCipher larger MAC" \ "$P_SRV response_size=1" \ - "$P_CLI force_version=tls1_2 \ + "$P_CLI force_version=tls12 \ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \ 0 \ -c "Read from server: 1 bytes read" @@ -6698,7 +6698,7 @@ run_test "Small server packet TLS 1.2 BlockCipher larger MAC" \ requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC run_test "Small server packet TLS 1.2 BlockCipher, truncated MAC" \ "$P_SRV response_size=1 trunc_hmac=1" \ - "$P_CLI force_version=tls1_2 \ + "$P_CLI force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ 0 \ -c "Read from server: 1 bytes read" @@ -6706,21 +6706,21 @@ run_test "Small server packet TLS 1.2 BlockCipher, truncated MAC" \ requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC run_test "Small server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \ "$P_SRV response_size=1 trunc_hmac=1" \ - "$P_CLI force_version=tls1_2 \ + "$P_CLI force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ 0 \ -c "Read from server: 1 bytes read" run_test "Small server packet TLS 1.2 StreamCipher" \ "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI force_version=tls1_2 \ + "$P_CLI force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 0 \ -c "Read from server: 1 bytes read" run_test "Small server packet TLS 1.2 StreamCipher, without EtM" \ "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI force_version=tls1_2 \ + "$P_CLI force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \ 0 \ -c "Read from server: 1 bytes read" @@ -6728,7 +6728,7 @@ run_test "Small server packet TLS 1.2 StreamCipher, without EtM" \ requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC run_test "Small server packet TLS 1.2 StreamCipher, truncated MAC" \ "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - "$P_CLI force_version=tls1_2 \ + "$P_CLI force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ 0 \ -c "Read from server: 1 bytes read" @@ -6736,21 +6736,21 @@ run_test "Small server packet TLS 1.2 StreamCipher, truncated MAC" \ requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC run_test "Small server packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \ "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - "$P_CLI force_version=tls1_2 \ + "$P_CLI force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \ 0 \ -c "Read from server: 1 bytes read" run_test "Small server packet TLS 1.2 AEAD" \ "$P_SRV response_size=1" \ - "$P_CLI force_version=tls1_2 \ + "$P_CLI force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \ 0 \ -c "Read from server: 1 bytes read" run_test "Small server packet TLS 1.2 AEAD shorter tag" \ "$P_SRV response_size=1" \ - "$P_CLI force_version=tls1_2 \ + "$P_CLI force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \ 0 \ -c "Read from server: 1 bytes read" @@ -6793,7 +6793,7 @@ run_test "Small server packet DTLS 1.0, without EtM, truncated MAC" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS run_test "Small server packet DTLS 1.2" \ - "$P_SRV dtls=1 response_size=1 force_version=dtls1_2" \ + "$P_SRV dtls=1 response_size=1 force_version=dtls12" \ "$P_CLI dtls=1 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 0 \ @@ -6801,7 +6801,7 @@ run_test "Small server packet DTLS 1.2" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS run_test "Small server packet DTLS 1.2, without EtM" \ - "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 etm=0" \ + "$P_SRV dtls=1 response_size=1 force_version=dtls12 etm=0" \ "$P_CLI dtls=1 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 0 \ @@ -6810,7 +6810,7 @@ run_test "Small server packet DTLS 1.2, without EtM" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC run_test "Small server packet DTLS 1.2, truncated hmac" \ - "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 trunc_hmac=1" \ + "$P_SRV dtls=1 response_size=1 force_version=dtls12 trunc_hmac=1" \ "$P_CLI dtls=1 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ 0 \ @@ -6819,7 +6819,7 @@ run_test "Small server packet DTLS 1.2, truncated hmac" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC run_test "Small server packet DTLS 1.2, without EtM, truncated MAC" \ - "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 trunc_hmac=1 etm=0" \ + "$P_SRV dtls=1 response_size=1 force_version=dtls12 trunc_hmac=1 etm=0" \ "$P_CLI dtls=1 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\ 0 \ @@ -6989,7 +6989,7 @@ run_test "Large client packet TLS 1.1 StreamCipher, without EtM, truncated MA run_test "Large client packet TLS 1.2 BlockCipher" \ "$P_SRV" \ - "$P_CLI request_size=16384 force_version=tls1_2 \ + "$P_CLI request_size=16384 force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 0 \ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ @@ -6997,14 +6997,14 @@ run_test "Large client packet TLS 1.2 BlockCipher" \ run_test "Large client packet TLS 1.2 BlockCipher, without EtM" \ "$P_SRV" \ - "$P_CLI request_size=16384 force_version=tls1_2 etm=0 \ + "$P_CLI request_size=16384 force_version=tls12 etm=0 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 0 \ -s "Read from client: $MAX_CONTENT_LEN bytes read" run_test "Large client packet TLS 1.2 BlockCipher larger MAC" \ "$P_SRV" \ - "$P_CLI request_size=16384 force_version=tls1_2 \ + "$P_CLI request_size=16384 force_version=tls12 \ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \ 0 \ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ @@ -7013,7 +7013,7 @@ run_test "Large client packet TLS 1.2 BlockCipher larger MAC" \ requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC run_test "Large client packet TLS 1.2 BlockCipher, truncated MAC" \ "$P_SRV trunc_hmac=1" \ - "$P_CLI request_size=16384 force_version=tls1_2 \ + "$P_CLI request_size=16384 force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ 0 \ -s "Read from client: $MAX_CONTENT_LEN bytes read" @@ -7021,7 +7021,7 @@ run_test "Large client packet TLS 1.2 BlockCipher, truncated MAC" \ requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC run_test "Large client packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \ "$P_SRV trunc_hmac=1" \ - "$P_CLI request_size=16384 force_version=tls1_2 \ + "$P_CLI request_size=16384 force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ 0 \ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ @@ -7029,7 +7029,7 @@ run_test "Large client packet TLS 1.2 BlockCipher, without EtM, truncated MAC run_test "Large client packet TLS 1.2 StreamCipher" \ "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI request_size=16384 force_version=tls1_2 \ + "$P_CLI request_size=16384 force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 0 \ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ @@ -7037,7 +7037,7 @@ run_test "Large client packet TLS 1.2 StreamCipher" \ run_test "Large client packet TLS 1.2 StreamCipher, without EtM" \ "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI request_size=16384 force_version=tls1_2 \ + "$P_CLI request_size=16384 force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \ 0 \ -s "Read from client: $MAX_CONTENT_LEN bytes read" @@ -7045,7 +7045,7 @@ run_test "Large client packet TLS 1.2 StreamCipher, without EtM" \ requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC run_test "Large client packet TLS 1.2 StreamCipher, truncated MAC" \ "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - "$P_CLI request_size=16384 force_version=tls1_2 \ + "$P_CLI request_size=16384 force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ 0 \ -s "Read from client: $MAX_CONTENT_LEN bytes read" @@ -7053,7 +7053,7 @@ run_test "Large client packet TLS 1.2 StreamCipher, truncated MAC" \ requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC run_test "Large client packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \ "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - "$P_CLI request_size=16384 force_version=tls1_2 \ + "$P_CLI request_size=16384 force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \ 0 \ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ @@ -7061,7 +7061,7 @@ run_test "Large client packet TLS 1.2 StreamCipher, without EtM, truncated MA run_test "Large client packet TLS 1.2 AEAD" \ "$P_SRV" \ - "$P_CLI request_size=16384 force_version=tls1_2 \ + "$P_CLI request_size=16384 force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \ 0 \ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ @@ -7069,7 +7069,7 @@ run_test "Large client packet TLS 1.2 AEAD" \ run_test "Large client packet TLS 1.2 AEAD shorter tag" \ "$P_SRV" \ - "$P_CLI request_size=16384 force_version=tls1_2 \ + "$P_CLI request_size=16384 force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \ 0 \ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ @@ -7236,14 +7236,14 @@ run_test "Large server packet TLS 1.1 StreamCipher, without EtM, truncated MA run_test "Large server packet TLS 1.2 BlockCipher" \ "$P_SRV response_size=16384" \ - "$P_CLI force_version=tls1_2 \ + "$P_CLI force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 0 \ -c "Read from server: 16384 bytes read" run_test "Large server packet TLS 1.2 BlockCipher, without EtM" \ "$P_SRV response_size=16384" \ - "$P_CLI force_version=tls1_2 etm=0 \ + "$P_CLI force_version=tls12 etm=0 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 0 \ -s "16384 bytes written in 1 fragments" \ @@ -7251,7 +7251,7 @@ run_test "Large server packet TLS 1.2 BlockCipher, without EtM" \ run_test "Large server packet TLS 1.2 BlockCipher larger MAC" \ "$P_SRV response_size=16384" \ - "$P_CLI force_version=tls1_2 \ + "$P_CLI force_version=tls12 \ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \ 0 \ -c "Read from server: 16384 bytes read" @@ -7259,7 +7259,7 @@ run_test "Large server packet TLS 1.2 BlockCipher larger MAC" \ requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC run_test "Large server packet TLS 1.2 BlockCipher truncated MAC" \ "$P_SRV response_size=16384" \ - "$P_CLI force_version=tls1_2 \ + "$P_CLI force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \ trunc_hmac=1" \ 0 \ @@ -7267,7 +7267,7 @@ run_test "Large server packet TLS 1.2 BlockCipher truncated MAC" \ run_test "Large server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \ "$P_SRV response_size=16384 trunc_hmac=1" \ - "$P_CLI force_version=tls1_2 \ + "$P_CLI force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ 0 \ -s "16384 bytes written in 1 fragments" \ @@ -7275,7 +7275,7 @@ run_test "Large server packet TLS 1.2 BlockCipher, without EtM, truncated MAC run_test "Large server packet TLS 1.2 StreamCipher" \ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI force_version=tls1_2 \ + "$P_CLI force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 0 \ -s "16384 bytes written in 1 fragments" \ @@ -7283,7 +7283,7 @@ run_test "Large server packet TLS 1.2 StreamCipher" \ run_test "Large server packet TLS 1.2 StreamCipher, without EtM" \ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI force_version=tls1_2 \ + "$P_CLI force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \ 0 \ -s "16384 bytes written in 1 fragments" \ @@ -7292,7 +7292,7 @@ run_test "Large server packet TLS 1.2 StreamCipher, without EtM" \ requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC run_test "Large server packet TLS 1.2 StreamCipher truncated MAC" \ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI force_version=tls1_2 \ + "$P_CLI force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \ trunc_hmac=1" \ 0 \ @@ -7301,7 +7301,7 @@ run_test "Large server packet TLS 1.2 StreamCipher truncated MAC" \ requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC run_test "Large server packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \ - "$P_CLI force_version=tls1_2 \ + "$P_CLI force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \ 0 \ -s "16384 bytes written in 1 fragments" \ @@ -7309,14 +7309,14 @@ run_test "Large server packet TLS 1.2 StreamCipher, without EtM, truncated MA run_test "Large server packet TLS 1.2 AEAD" \ "$P_SRV response_size=16384" \ - "$P_CLI force_version=tls1_2 \ + "$P_CLI force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \ 0 \ -c "Read from server: 16384 bytes read" run_test "Large server packet TLS 1.2 AEAD shorter tag" \ "$P_SRV response_size=16384" \ - "$P_CLI force_version=tls1_2 \ + "$P_CLI force_version=tls12 \ force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \ 0 \ -c "Read from server: 16384 bytes read" @@ -8799,7 +8799,7 @@ run_test "DTLS fragmenting: gnutls server, DTLS 1.2" \ "$P_CLI dtls=1 debug_level=2 \ crt_file=data_files/server8_int-ca2.crt \ key_file=data_files/server8.key \ - mtu=512 force_version=dtls1_2" \ + mtu=512 force_version=dtls12" \ 0 \ -c "fragmenting handshake message" \ -C "error" @@ -8838,7 +8838,7 @@ run_test "DTLS fragmenting: gnutls client, DTLS 1.2" \ "$P_SRV dtls=1 debug_level=2 \ crt_file=data_files/server7_int-ca.crt \ key_file=data_files/server7.key \ - mtu=512 force_version=dtls1_2" \ + mtu=512 force_version=dtls12" \ "$G_CLI -u --insecure 127.0.0.1" \ 0 \ -s "fragmenting handshake message" @@ -8870,7 +8870,7 @@ run_test "DTLS fragmenting: openssl server, DTLS 1.2" \ "$P_CLI dtls=1 debug_level=2 \ crt_file=data_files/server8_int-ca2.crt \ key_file=data_files/server8.key \ - mtu=512 force_version=dtls1_2" \ + mtu=512 force_version=dtls12" \ 0 \ -c "fragmenting handshake message" \ -C "error" @@ -8899,7 +8899,7 @@ run_test "DTLS fragmenting: openssl client, DTLS 1.2" \ "$P_SRV dtls=1 debug_level=2 \ crt_file=data_files/server7_int-ca.crt \ key_file=data_files/server7.key \ - mtu=512 force_version=dtls1_2" \ + mtu=512 force_version=dtls12" \ "$O_CLI -dtls1_2" \ 0 \ -s "fragmenting handshake message" @@ -8935,7 +8935,7 @@ run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.2" \ "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ crt_file=data_files/server8_int-ca2.crt \ key_file=data_files/server8.key \ - hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \ + hs_timeout=250-60000 mtu=512 force_version=dtls12" \ 0 \ -c "fragmenting handshake message" \ -C "error" @@ -8970,7 +8970,7 @@ run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.2" \ "$P_SRV dtls=1 debug_level=2 \ crt_file=data_files/server7_int-ca.crt \ key_file=data_files/server7.key \ - hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \ + hs_timeout=250-60000 mtu=512 force_version=dtls12" \ "$G_NEXT_CLI -u --insecure 127.0.0.1" \ 0 \ -s "fragmenting handshake message" @@ -9010,7 +9010,7 @@ run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \ "$P_CLI dtls=1 debug_level=2 \ crt_file=data_files/server8_int-ca2.crt \ key_file=data_files/server8.key \ - hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \ + hs_timeout=250-60000 mtu=512 force_version=dtls12" \ 0 \ -c "fragmenting handshake message" \ -C "error" @@ -9045,7 +9045,7 @@ run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.2" \ "$P_SRV dtls=1 debug_level=2 \ crt_file=data_files/server7_int-ca.crt \ key_file=data_files/server7.key \ - hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \ + hs_timeout=250-60000 mtu=512 force_version=dtls12" \ "$O_CLI -dtls1_2" \ 0 \ -s "fragmenting handshake message" From 4b71e9b96a498f2e1effaecf3b7cbfbc7f512ce7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 3 Dec 2021 13:32:10 +0100 Subject: [PATCH 058/107] Correct default requirements file name in help Signed-off-by: Gilles Peskine --- scripts/min_requirements.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/scripts/min_requirements.py b/scripts/min_requirements.py index db301e89135..eecab1c1e1c 100755 --- a/scripts/min_requirements.py +++ b/scripts/min_requirements.py @@ -99,6 +99,7 @@ def install( ['install'] + pip_install_options + ['-r', req_file_name]) +DEFAULT_REQUIREMENTS_FILE = 'ci.requirements.txt' def main() -> None: """Command line entry point.""" @@ -119,11 +120,12 @@ def main() -> None: " (short for --pip-install-option --user)") parser.add_argument('files', nargs='*', metavar='FILE', help="Requirement files" - " (default: requirements.txt in the script's directory)") + " (default: {} in the script's directory)" \ + .format(DEFAULT_REQUIREMENTS_FILE)) options = parser.parse_args() if not options.files: options.files = [os.path.join(os.path.dirname(__file__), - 'ci.requirements.txt')] + DEFAULT_REQUIREMENTS_FILE)] reqs = Requirements() for filename in options.files: reqs.add_file(filename) From ad47e6d1608178f7ba8365b030a8c02b39eaee49 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 6 Dec 2021 20:56:55 +0100 Subject: [PATCH 059/107] Add changelog entry for build error fixes Signed-off-by: Gilles Peskine --- ChangeLog.d/build-without-sha.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/build-without-sha.txt diff --git a/ChangeLog.d/build-without-sha.txt b/ChangeLog.d/build-without-sha.txt new file mode 100644 index 00000000000..78ba27694a3 --- /dev/null +++ b/ChangeLog.d/build-without-sha.txt @@ -0,0 +1,3 @@ +Bugfix + * Fix the build when no SHA2 module is included. Fixes #4930. + * Fix the build when only the bignum module is included. Fixes #4929. From b56f38f57bd648ef45d069b729269a5e1cdc5841 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Mon, 6 Dec 2021 18:58:02 +0000 Subject: [PATCH 060/107] Reword documentation of CMAC operations Change the wording of the documentation for some CMAC functions, as the existing wording, while technically correct, can be easy to misunderstand. The reworded docs explain the flow of a CMAC computation a little more fully. Signed-off-by: David Horstmann --- include/mbedtls/cmac.h | 49 ++++++++++++++++++++++++++++-------------- 1 file changed, 33 insertions(+), 16 deletions(-) diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h index 94139d5b4c7..8934886af74 100644 --- a/include/mbedtls/cmac.h +++ b/include/mbedtls/cmac.h @@ -74,9 +74,17 @@ struct mbedtls_cmac_context_t #endif /* !MBEDTLS_CMAC_ALT */ /** - * \brief This function sets the CMAC key, and prepares to authenticate + * \brief This function starts a new CMAC computation + * by setting the CMAC key, and preparing to authenticate * the input data. - * Must be called with an initialized cipher context. + * It must be called with an initialized cipher context. + * + * Once this function has completed, data can be supplied + * to the CMAC computation by calling + * mbedtls_cipher_cmac_update(). + * + * To start a CMAC computation using the same key as a previous + * CMAC computation, use mbedtls_cipher_cmac_finish(). * * \note When the CMAC implementation is supplied by an alternate * implementation (through #MBEDTLS_CMAC_ALT), some ciphers @@ -102,9 +110,15 @@ int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx, * \brief This function feeds an input buffer into an ongoing CMAC * computation. * - * It is called between mbedtls_cipher_cmac_starts() or - * mbedtls_cipher_cmac_reset(), and mbedtls_cipher_cmac_finish(). - * Can be called repeatedly. + * The CMAC computation must have previously been started + * by calling mbedtls_cipher_cmac_starts() or + * mbedtls_cipher_cmac_reset(). + * + * Call this function as many times as needed to input the + * data to be authenticated. + * Once all of the required data has been input, + * call mbedtls_cipher_cmac_finish() to obtain the result + * of the CMAC operation. * * \param ctx The cipher context used for the CMAC operation. * \param input The buffer holding the input data. @@ -118,12 +132,13 @@ int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen ); /** - * \brief This function finishes the CMAC operation, and writes - * the result to the output buffer. + * \brief This function finishes an ongoing CMAC operation, and + * writes the result to the output buffer. * - * It is called after mbedtls_cipher_cmac_update(). - * It can be followed by mbedtls_cipher_cmac_reset() and - * mbedtls_cipher_cmac_update(), or mbedtls_cipher_free(). + * It should be followed either by + * mbedtls_cipher_cmac_reset(), which starts another CMAC + * operation with the same key, or mbedtls_cipher_free(), + * which clears the cipher context. * * \param ctx The cipher context used for the CMAC operation. * \param output The output buffer for the CMAC checksum result. @@ -136,12 +151,14 @@ int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx, unsigned char *output ); /** - * \brief This function prepares the authentication of another - * message with the same key as the previous CMAC - * operation. - * - * It is called after mbedtls_cipher_cmac_finish() - * and before mbedtls_cipher_cmac_update(). + * \brief This function starts a new CMAC operation with the same + * key as the previous one. + * + * It should be called after finishing the previous CMAC + * operation with mbedtls_cipher_cmac_finish(). + * After calling this function, + * call mbedtls_cipher_cmac_update() to supply the new + * CMAC operation with data. * * \param ctx The cipher context used for the CMAC operation. * From 7464f37e7b3c0cfec090d1ddee7347bddce088c3 Mon Sep 17 00:00:00 2001 From: Gabor Mezei Date: Mon, 15 Nov 2021 16:03:24 +0100 Subject: [PATCH 061/107] Rename functions to have suitable name Signed-off-by: Gabor Mezei --- library/base64.c | 48 ++++++++++++------------- library/base64_invasive.h | 10 +++--- tests/suites/test_suite_base64.function | 6 ++-- 3 files changed, 32 insertions(+), 32 deletions(-) diff --git a/library/base64.c b/library/base64.c index a516c1d4a3d..b7e2e393782 100644 --- a/library/base64.c +++ b/library/base64.c @@ -43,9 +43,9 @@ * Constant flow with respect to c. */ MBEDTLS_STATIC_TESTABLE -unsigned char mbedtls_base64_mask_of_range( unsigned char low, - unsigned char high, - unsigned char c ) +unsigned char mbedtls_ct_uchar_mask_of_range( unsigned char low, + unsigned char high, + unsigned char c ) { /* low_mask is: 0 if low <= c, 0x...ff if low > c */ unsigned low_mask = ( (unsigned) c - low ) >> 8; @@ -59,17 +59,17 @@ unsigned char mbedtls_base64_mask_of_range( unsigned char low, * but not EBCDIC). */ MBEDTLS_STATIC_TESTABLE -unsigned char mbedtls_base64_enc_char( unsigned char val ) +unsigned char mbedtls_ct_base64_enc_char( unsigned char val ) { unsigned char digit = 0; /* For each range of values, if val is in that range, mask digit with * the corresponding value. Since val can only be in a single range, * only at most one masking will change digit. */ - digit |= mbedtls_base64_mask_of_range( 0, 25, val ) & ( 'A' + val ); - digit |= mbedtls_base64_mask_of_range( 26, 51, val ) & ( 'a' + val - 26 ); - digit |= mbedtls_base64_mask_of_range( 52, 61, val ) & ( '0' + val - 52 ); - digit |= mbedtls_base64_mask_of_range( 62, 62, val ) & '+'; - digit |= mbedtls_base64_mask_of_range( 63, 63, val ) & '/'; + digit |= mbedtls_ct_uchar_mask_of_range( 0, 25, val ) & ( 'A' + val ); + digit |= mbedtls_ct_uchar_mask_of_range( 26, 51, val ) & ( 'a' + val - 26 ); + digit |= mbedtls_ct_uchar_mask_of_range( 52, 61, val ) & ( '0' + val - 52 ); + digit |= mbedtls_ct_uchar_mask_of_range( 62, 62, val ) & '+'; + digit |= mbedtls_ct_uchar_mask_of_range( 63, 63, val ) & '/'; return( digit ); } @@ -113,12 +113,12 @@ int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen, C2 = *src++; C3 = *src++; - *p++ = mbedtls_base64_enc_char( ( C1 >> 2 ) & 0x3F ); - *p++ = mbedtls_base64_enc_char( ( ( ( C1 & 3 ) << 4 ) + ( C2 >> 4 ) ) + *p++ = mbedtls_ct_base64_enc_char( ( C1 >> 2 ) & 0x3F ); + *p++ = mbedtls_ct_base64_enc_char( ( ( ( C1 & 3 ) << 4 ) + ( C2 >> 4 ) ) & 0x3F ); - *p++ = mbedtls_base64_enc_char( ( ( ( C2 & 15 ) << 2 ) + ( C3 >> 6 ) ) + *p++ = mbedtls_ct_base64_enc_char( ( ( ( C2 & 15 ) << 2 ) + ( C3 >> 6 ) ) & 0x3F ); - *p++ = mbedtls_base64_enc_char( C3 & 0x3F ); + *p++ = mbedtls_ct_base64_enc_char( C3 & 0x3F ); } if( i < slen ) @@ -126,12 +126,12 @@ int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen, C1 = *src++; C2 = ( ( i + 1 ) < slen ) ? *src++ : 0; - *p++ = mbedtls_base64_enc_char( ( C1 >> 2 ) & 0x3F ); - *p++ = mbedtls_base64_enc_char( ( ( ( C1 & 3 ) << 4 ) + ( C2 >> 4 ) ) + *p++ = mbedtls_ct_base64_enc_char( ( C1 >> 2 ) & 0x3F ); + *p++ = mbedtls_ct_base64_enc_char( ( ( ( C1 & 3 ) << 4 ) + ( C2 >> 4 ) ) & 0x3F ); if( ( i + 1 ) < slen ) - *p++ = mbedtls_base64_enc_char( ( ( C2 & 15 ) << 2 ) & 0x3F ); + *p++ = mbedtls_ct_base64_enc_char( ( ( C2 & 15 ) << 2 ) & 0x3F ); else *p++ = '='; *p++ = '='; @@ -155,18 +155,18 @@ int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen, * access. */ MBEDTLS_STATIC_TESTABLE -signed char mbedtls_base64_dec_value( unsigned char c ) +signed char mbedtls_ct_base64_dec_value( unsigned char c ) { unsigned char val = 0; /* For each range of digits, if c is in that range, mask val with * the corresponding value. Since c can only be in a single range, * only at most one masking will change val. Set val to one plus * the desired value so that it stays 0 if c is in none of the ranges. */ - val |= mbedtls_base64_mask_of_range( 'A', 'Z', c ) & ( c - 'A' + 0 + 1 ); - val |= mbedtls_base64_mask_of_range( 'a', 'z', c ) & ( c - 'a' + 26 + 1 ); - val |= mbedtls_base64_mask_of_range( '0', '9', c ) & ( c - '0' + 52 + 1 ); - val |= mbedtls_base64_mask_of_range( '+', '+', c ) & ( c - '+' + 62 + 1 ); - val |= mbedtls_base64_mask_of_range( '/', '/', c ) & ( c - '/' + 63 + 1 ); + val |= mbedtls_ct_uchar_mask_of_range( 'A', 'Z', c ) & ( c - 'A' + 0 + 1 ); + val |= mbedtls_ct_uchar_mask_of_range( 'a', 'z', c ) & ( c - 'a' + 26 + 1 ); + val |= mbedtls_ct_uchar_mask_of_range( '0', '9', c ) & ( c - '0' + 52 + 1 ); + val |= mbedtls_ct_uchar_mask_of_range( '+', '+', c ) & ( c - '+' + 62 + 1 ); + val |= mbedtls_ct_uchar_mask_of_range( '/', '/', c ) & ( c - '/' + 63 + 1 ); /* At this point, val is 0 if c is an invalid digit and v+1 if c is * a digit with the value v. */ return( val - 1 ); @@ -224,7 +224,7 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen, { if( equals != 0 ) return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER ); - if( mbedtls_base64_dec_value( src[i] ) < 0 ) + if( mbedtls_ct_base64_dec_value( src[i] ) < 0 ) return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER ); } n++; @@ -259,7 +259,7 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen, if( *src == '=' ) ++equals; else - x |= mbedtls_base64_dec_value( *src ); + x |= mbedtls_ct_base64_dec_value( *src ); if( ++accumulated_digits == 4 ) { diff --git a/library/base64_invasive.h b/library/base64_invasive.h index ed5f7cb824b..fcb83315542 100644 --- a/library/base64_invasive.h +++ b/library/base64_invasive.h @@ -33,15 +33,15 @@ * * Constant flow with respect to c. */ -unsigned char mbedtls_base64_mask_of_range( unsigned char low, - unsigned char high, - unsigned char c ); +unsigned char mbedtls_ct_uchar_mask_of_range( unsigned char low, + unsigned char high, + unsigned char c ); /* Given a value in the range 0..63, return the corresponding Base64 digit. * * Operates in constant time (no branches or memory access depending on val). */ -unsigned char mbedtls_base64_enc_char( unsigned char val ); +unsigned char mbedtls_ct_base64_enc_char( unsigned char val ); /* Given a Base64 digit, return its value. * If c is not a Base64 digit ('A'..'Z', 'a'..'z', '0'..'9', '+' or '/'), @@ -49,7 +49,7 @@ unsigned char mbedtls_base64_enc_char( unsigned char val ); * * Operates in constant time (no branches or memory access depending on c). */ -signed char mbedtls_base64_dec_value( unsigned char c ); +signed char mbedtls_ct_base64_dec_value( unsigned char c ); #endif /* MBEDTLS_TEST_HOOKS */ #endif /* MBEDTLS_BASE64_INVASIVE_H */ diff --git a/tests/suites/test_suite_base64.function b/tests/suites/test_suite_base64.function index 67fbb675059..d332047a60a 100644 --- a/tests/suites/test_suite_base64.function +++ b/tests/suites/test_suite_base64.function @@ -24,7 +24,7 @@ void mask_of_range( int low_arg, int high_arg ) { mbedtls_test_set_step( c ); TEST_CF_SECRET( &c, sizeof( c ) ); - unsigned char m = mbedtls_base64_mask_of_range( low, high, c ); + unsigned char m = mbedtls_ct_uchar_mask_of_range( low, high, c ); TEST_CF_PUBLIC( &c, sizeof( c ) ); TEST_CF_PUBLIC( &m, sizeof( m ) ); if( low <= c && c <= high ) @@ -42,7 +42,7 @@ void enc_chars( ) { mbedtls_test_set_step( value ); TEST_CF_SECRET( &value, sizeof( value ) ); - unsigned char digit = mbedtls_base64_enc_char( value ); + unsigned char digit = mbedtls_ct_base64_enc_char( value ); TEST_CF_PUBLIC( &value, sizeof( value ) ); TEST_CF_PUBLIC( &digit, sizeof( digit ) ); TEST_EQUAL( digit, base64_digits[value] ); @@ -66,7 +66,7 @@ void dec_chars( ) else expected = p - base64_digits; TEST_CF_SECRET( &c, sizeof( c ) ); - signed char actual = mbedtls_base64_dec_value( c ); + signed char actual = mbedtls_ct_base64_dec_value( c ); TEST_CF_PUBLIC( &c, sizeof( c ) ); TEST_CF_PUBLIC( &actual, sizeof( actual ) ); TEST_EQUAL( actual, expected ); From 46f79c388d8025e1352eefa37642e827337aead3 Mon Sep 17 00:00:00 2001 From: Gabor Mezei Date: Mon, 15 Nov 2021 16:13:01 +0100 Subject: [PATCH 062/107] Move mbedtls_ct_uchar_mask_of_range function to the constant-time module Signed-off-by: Gabor Mezei --- library/base64.c | 16 --------- library/constant_time.c | 23 +++++++++++++ library/constant_time_invasive.h | 44 +++++++++++++++++++++++++ tests/suites/test_suite_base64.function | 2 ++ 4 files changed, 69 insertions(+), 16 deletions(-) create mode 100644 library/constant_time_invasive.h diff --git a/library/base64.c b/library/base64.c index b7e2e393782..2c4df833819 100644 --- a/library/base64.c +++ b/library/base64.c @@ -38,22 +38,6 @@ #define BASE64_SIZE_T_MAX ( (size_t) -1 ) /* SIZE_T_MAX is not standard */ -/* Return 0xff if low <= c <= high, 0 otherwise. - * - * Constant flow with respect to c. - */ -MBEDTLS_STATIC_TESTABLE -unsigned char mbedtls_ct_uchar_mask_of_range( unsigned char low, - unsigned char high, - unsigned char c ) -{ - /* low_mask is: 0 if low <= c, 0x...ff if low > c */ - unsigned low_mask = ( (unsigned) c - low ) >> 8; - /* high_mask is: 0 if c <= high, 0x...ff if c > high */ - unsigned high_mask = ( (unsigned) high - c ) >> 8; - return( ~( low_mask | high_mask ) & 0xff ); -} - /* Given a value in the range 0..63, return the corresponding Base64 digit. * The implementation assumes that letters are consecutive (e.g. ASCII * but not EBCDIC). diff --git a/library/constant_time.c b/library/constant_time.c index b0e5ddec711..8900415044a 100644 --- a/library/constant_time.c +++ b/library/constant_time.c @@ -40,6 +40,10 @@ #include "mbedtls/rsa.h" #endif +#if defined(MBEDTLS_BASE64_C) +#include "constant_time_invasive.h" +#endif + #include int mbedtls_ct_memcmp( const void *a, @@ -150,6 +154,25 @@ size_t mbedtls_ct_size_mask_ge( size_t x, #endif /* MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC */ +#if defined(MBEDTLS_BASE64_C) + +/* Return 0xff if low <= c <= high, 0 otherwise. + * + * Constant flow with respect to c. + */ +unsigned char mbedtls_ct_uchar_mask_of_range( unsigned char low, + unsigned char high, + unsigned char c ) +{ + /* low_mask is: 0 if low <= c, 0x...ff if low > c */ + unsigned low_mask = ( (unsigned) c - low ) >> 8; + /* high_mask is: 0 if c <= high, 0x...ff if c > high */ + unsigned high_mask = ( (unsigned) high - c ) >> 8; + return( ~( low_mask | high_mask ) & 0xff ); +} + +#endif /* MBEDTLS_BASE64_C */ + unsigned mbedtls_ct_size_bool_eq( size_t x, size_t y ) { diff --git a/library/constant_time_invasive.h b/library/constant_time_invasive.h new file mode 100644 index 00000000000..9008f5d4300 --- /dev/null +++ b/library/constant_time_invasive.h @@ -0,0 +1,44 @@ +/** + * \file constant_time_invasive.h + * + * \brief Constant-time module: interfaces for invasive testing only. + * + * The interfaces in this file are intended for testing purposes only. + * They SHOULD NOT be made available in library integrations except when + * building the library for testing. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef MBEDTLS_CONSTANT_TIME_INVASIVE_H +#define MBEDTLS_CONSTANT_TIME_INVASIVE_H + +#include "common.h" + +#if defined(MBEDTLS_TEST_HOOKS) + +/* Return 0xff if low <= c <= high, 0 otherwise. + * + * Constant flow with respect to c. + */ +unsigned char mbedtls_ct_uchar_mask_of_range( unsigned char low, + unsigned char high, + unsigned char c ); + +#endif /* MBEDTLS_TEST_HOOKS */ + +#endif /* MBEDTLS_CONSTANT_TIME_INVASIVE_H */ diff --git a/tests/suites/test_suite_base64.function b/tests/suites/test_suite_base64.function index d332047a60a..89982047fe5 100644 --- a/tests/suites/test_suite_base64.function +++ b/tests/suites/test_suite_base64.function @@ -1,6 +1,8 @@ /* BEGIN_HEADER */ #include "mbedtls/base64.h" #include "base64_invasive.h" +#include "constant_time_internal.h" +#include "constant_time_invasive.h" #include #if defined(MBEDTLS_TEST_HOOKS) From 200708d30a5bb1d185902d82be206c8230f7c2aa Mon Sep 17 00:00:00 2001 From: Gabor Mezei Date: Mon, 15 Nov 2021 16:18:54 +0100 Subject: [PATCH 063/107] Move mbedtls_ct_base64_enc_char function to the constant-time module Signed-off-by: Gabor Mezei --- library/base64.c | 20 +------------------- library/constant_time.c | 22 ++++++++++++++++++++++ library/constant_time_internal.h | 6 ++++++ 3 files changed, 29 insertions(+), 19 deletions(-) diff --git a/library/base64.c b/library/base64.c index 2c4df833819..f1a6055019b 100644 --- a/library/base64.c +++ b/library/base64.c @@ -23,6 +23,7 @@ #include "mbedtls/base64.h" #include "base64_invasive.h" +#include "constant_time_internal.h" #include @@ -38,25 +39,6 @@ #define BASE64_SIZE_T_MAX ( (size_t) -1 ) /* SIZE_T_MAX is not standard */ -/* Given a value in the range 0..63, return the corresponding Base64 digit. - * The implementation assumes that letters are consecutive (e.g. ASCII - * but not EBCDIC). - */ -MBEDTLS_STATIC_TESTABLE -unsigned char mbedtls_ct_base64_enc_char( unsigned char val ) -{ - unsigned char digit = 0; - /* For each range of values, if val is in that range, mask digit with - * the corresponding value. Since val can only be in a single range, - * only at most one masking will change digit. */ - digit |= mbedtls_ct_uchar_mask_of_range( 0, 25, val ) & ( 'A' + val ); - digit |= mbedtls_ct_uchar_mask_of_range( 26, 51, val ) & ( 'a' + val - 26 ); - digit |= mbedtls_ct_uchar_mask_of_range( 52, 61, val ) & ( '0' + val - 52 ); - digit |= mbedtls_ct_uchar_mask_of_range( 62, 62, val ) & '+'; - digit |= mbedtls_ct_uchar_mask_of_range( 63, 63, val ) & '/'; - return( digit ); -} - /* * Encode a buffer into base64 format */ diff --git a/library/constant_time.c b/library/constant_time.c index 8900415044a..cdaa7fad9cd 100644 --- a/library/constant_time.c +++ b/library/constant_time.c @@ -324,6 +324,28 @@ void mbedtls_ct_mpi_uint_cond_assign( size_t n, #endif /* MBEDTLS_BIGNUM_C */ +#if defined(MBEDTLS_BASE64_C) + +/* Given a value in the range 0..63, return the corresponding Base64 digit. + * The implementation assumes that letters are consecutive (e.g. ASCII + * but not EBCDIC). + */ +unsigned char mbedtls_ct_base64_enc_char( unsigned char val ) +{ + unsigned char digit = 0; + /* For each range of values, if val is in that range, mask digit with + * the corresponding value. Since val can only be in a single range, + * only at most one masking will change digit. */ + digit |= mbedtls_ct_uchar_mask_of_range( 0, 25, val ) & ( 'A' + val ); + digit |= mbedtls_ct_uchar_mask_of_range( 26, 51, val ) & ( 'a' + val - 26 ); + digit |= mbedtls_ct_uchar_mask_of_range( 52, 61, val ) & ( '0' + val - 52 ); + digit |= mbedtls_ct_uchar_mask_of_range( 62, 62, val ) & '+'; + digit |= mbedtls_ct_uchar_mask_of_range( 63, 63, val ) & '/'; + return( digit ); +} + +#endif /* MBEDTLS_BASE64_C */ + #if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT) /** Shift some data towards the left inside a buffer. diff --git a/library/constant_time_internal.h b/library/constant_time_internal.h index 69cd092095c..f0286221a1c 100644 --- a/library/constant_time_internal.h +++ b/library/constant_time_internal.h @@ -167,6 +167,12 @@ void mbedtls_ct_mpi_uint_cond_assign( size_t n, #endif /* MBEDTLS_BIGNUM_C */ +#if defined(MBEDTLS_BASE64_C) + +unsigned char mbedtls_ct_base64_enc_char( unsigned char val ); + +#endif /* MBEDTLS_BASE64_C */ + #if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) /** Conditional memcpy without branches. From 3d4dba84b71ff669ac81e2f1520f0ef2ad486765 Mon Sep 17 00:00:00 2001 From: Gabor Mezei Date: Mon, 15 Nov 2021 16:22:37 +0100 Subject: [PATCH 064/107] Move mbedtls_ct_base64_dec_value function to the constant-time module Signed-off-by: Gabor Mezei --- library/base64.c | 29 ----------------------------- library/constant_time.c | 28 ++++++++++++++++++++++++++++ library/constant_time_internal.h | 2 ++ 3 files changed, 30 insertions(+), 29 deletions(-) diff --git a/library/base64.c b/library/base64.c index f1a6055019b..b2e6dabcb14 100644 --- a/library/base64.c +++ b/library/base64.c @@ -109,35 +109,6 @@ int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen, return( 0 ); } -/* Given a Base64 digit, return its value. - * If c is not a Base64 digit ('A'..'Z', 'a'..'z', '0'..'9', '+' or '/'), - * return -1. - * - * The implementation assumes that letters are consecutive (e.g. ASCII - * but not EBCDIC). - * - * The implementation is constant-flow (no branch or memory access depending - * on the value of c) unless the compiler inlines and optimizes a specific - * access. - */ -MBEDTLS_STATIC_TESTABLE -signed char mbedtls_ct_base64_dec_value( unsigned char c ) -{ - unsigned char val = 0; - /* For each range of digits, if c is in that range, mask val with - * the corresponding value. Since c can only be in a single range, - * only at most one masking will change val. Set val to one plus - * the desired value so that it stays 0 if c is in none of the ranges. */ - val |= mbedtls_ct_uchar_mask_of_range( 'A', 'Z', c ) & ( c - 'A' + 0 + 1 ); - val |= mbedtls_ct_uchar_mask_of_range( 'a', 'z', c ) & ( c - 'a' + 26 + 1 ); - val |= mbedtls_ct_uchar_mask_of_range( '0', '9', c ) & ( c - '0' + 52 + 1 ); - val |= mbedtls_ct_uchar_mask_of_range( '+', '+', c ) & ( c - '+' + 62 + 1 ); - val |= mbedtls_ct_uchar_mask_of_range( '/', '/', c ) & ( c - '/' + 63 + 1 ); - /* At this point, val is 0 if c is an invalid digit and v+1 if c is - * a digit with the value v. */ - return( val - 1 ); -} - /* * Decode a base64-formatted buffer */ diff --git a/library/constant_time.c b/library/constant_time.c index cdaa7fad9cd..5bf594fddec 100644 --- a/library/constant_time.c +++ b/library/constant_time.c @@ -344,6 +344,34 @@ unsigned char mbedtls_ct_base64_enc_char( unsigned char val ) return( digit ); } +/* Given a Base64 digit, return its value. + * If c is not a Base64 digit ('A'..'Z', 'a'..'z', '0'..'9', '+' or '/'), + * return -1. + * + * The implementation assumes that letters are consecutive (e.g. ASCII + * but not EBCDIC). + * + * The implementation is constant-flow (no branch or memory access depending + * on the value of c) unless the compiler inlines and optimizes a specific + * access. + */ +signed char mbedtls_ct_base64_dec_value( unsigned char c ) +{ + unsigned char val = 0; + /* For each range of digits, if c is in that range, mask val with + * the corresponding value. Since c can only be in a single range, + * only at most one masking will change val. Set val to one plus + * the desired value so that it stays 0 if c is in none of the ranges. */ + val |= mbedtls_ct_uchar_mask_of_range( 'A', 'Z', c ) & ( c - 'A' + 0 + 1 ); + val |= mbedtls_ct_uchar_mask_of_range( 'a', 'z', c ) & ( c - 'a' + 26 + 1 ); + val |= mbedtls_ct_uchar_mask_of_range( '0', '9', c ) & ( c - '0' + 52 + 1 ); + val |= mbedtls_ct_uchar_mask_of_range( '+', '+', c ) & ( c - '+' + 62 + 1 ); + val |= mbedtls_ct_uchar_mask_of_range( '/', '/', c ) & ( c - '/' + 63 + 1 ); + /* At this point, val is 0 if c is an invalid digit and v+1 if c is + * a digit with the value v. */ + return( val - 1 ); +} + #endif /* MBEDTLS_BASE64_C */ #if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT) diff --git a/library/constant_time_internal.h b/library/constant_time_internal.h index f0286221a1c..90d1ac67322 100644 --- a/library/constant_time_internal.h +++ b/library/constant_time_internal.h @@ -171,6 +171,8 @@ void mbedtls_ct_mpi_uint_cond_assign( size_t n, unsigned char mbedtls_ct_base64_enc_char( unsigned char val ); +signed char mbedtls_ct_base64_dec_value( unsigned char c ); + #endif /* MBEDTLS_BASE64_C */ #if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) From f554ce21b8e9c2686d95a9bd785b632e7aa50404 Mon Sep 17 00:00:00 2001 From: Gabor Mezei Date: Thu, 18 Nov 2021 16:57:00 +0100 Subject: [PATCH 065/107] Delete base64_invasive.h due to functions are moved to the constant-time module Signed-off-by: Gabor Mezei --- library/base64.c | 1 - library/base64_invasive.h | 55 ------------------------- tests/suites/test_suite_base64.function | 1 - 3 files changed, 57 deletions(-) delete mode 100644 library/base64_invasive.h diff --git a/library/base64.c b/library/base64.c index b2e6dabcb14..83daa0bcc67 100644 --- a/library/base64.c +++ b/library/base64.c @@ -22,7 +22,6 @@ #if defined(MBEDTLS_BASE64_C) #include "mbedtls/base64.h" -#include "base64_invasive.h" #include "constant_time_internal.h" #include diff --git a/library/base64_invasive.h b/library/base64_invasive.h deleted file mode 100644 index fcb83315542..00000000000 --- a/library/base64_invasive.h +++ /dev/null @@ -1,55 +0,0 @@ -/** - * \file base_invasive.h - * - * \brief Base64 module: interfaces for invasive testing only. - * - * The interfaces in this file are intended for testing purposes only. - * They SHOULD NOT be made available in library integrations except when - * building the library for testing. - */ -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#ifndef MBEDTLS_BASE64_INVASIVE_H -#define MBEDTLS_BASE64_INVASIVE_H - -#include "common.h" - -#if defined(MBEDTLS_TEST_HOOKS) -/* Return 0xff if low <= c <= high, 0 otherwise. - * - * Constant flow with respect to c. - */ -unsigned char mbedtls_ct_uchar_mask_of_range( unsigned char low, - unsigned char high, - unsigned char c ); - -/* Given a value in the range 0..63, return the corresponding Base64 digit. - * - * Operates in constant time (no branches or memory access depending on val). - */ -unsigned char mbedtls_ct_base64_enc_char( unsigned char val ); - -/* Given a Base64 digit, return its value. - * If c is not a Base64 digit ('A'..'Z', 'a'..'z', '0'..'9', '+' or '/'), - * return -1. - * - * Operates in constant time (no branches or memory access depending on c). - */ -signed char mbedtls_ct_base64_dec_value( unsigned char c ); -#endif /* MBEDTLS_TEST_HOOKS */ - -#endif /* MBEDTLS_BASE64_INVASIVE_H */ diff --git a/tests/suites/test_suite_base64.function b/tests/suites/test_suite_base64.function index 89982047fe5..7baa3d501c8 100644 --- a/tests/suites/test_suite_base64.function +++ b/tests/suites/test_suite_base64.function @@ -1,6 +1,5 @@ /* BEGIN_HEADER */ #include "mbedtls/base64.h" -#include "base64_invasive.h" #include "constant_time_internal.h" #include "constant_time_invasive.h" #include From df29332d4bb3cce05ce84447e4f42d47f9b62fec Mon Sep 17 00:00:00 2001 From: Gabor Mezei Date: Fri, 26 Nov 2021 17:20:36 +0100 Subject: [PATCH 066/107] Make mbedtls_ct_uchar_mask_of_range function static Signed-off-by: Gabor Mezei --- library/constant_time.c | 1 + 1 file changed, 1 insertion(+) diff --git a/library/constant_time.c b/library/constant_time.c index 5bf594fddec..6fa69bb2cb0 100644 --- a/library/constant_time.c +++ b/library/constant_time.c @@ -160,6 +160,7 @@ size_t mbedtls_ct_size_mask_ge( size_t x, * * Constant flow with respect to c. */ +MBEDTLS_STATIC_TESTABLE unsigned char mbedtls_ct_uchar_mask_of_range( unsigned char low, unsigned char high, unsigned char c ) From 46ca2f76c4bda5eed8b59f0a324fbfad0083cdc6 Mon Sep 17 00:00:00 2001 From: Gabor Mezei Date: Wed, 24 Nov 2021 15:51:39 +0100 Subject: [PATCH 067/107] Unify function parameters Signed-off-by: Gabor Mezei --- library/constant_time.c | 16 ++++++++-------- library/constant_time_internal.h | 2 +- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/library/constant_time.c b/library/constant_time.c index 6fa69bb2cb0..cd699a55ad9 100644 --- a/library/constant_time.c +++ b/library/constant_time.c @@ -331,17 +331,17 @@ void mbedtls_ct_mpi_uint_cond_assign( size_t n, * The implementation assumes that letters are consecutive (e.g. ASCII * but not EBCDIC). */ -unsigned char mbedtls_ct_base64_enc_char( unsigned char val ) +unsigned char mbedtls_ct_base64_enc_char( unsigned char value ) { unsigned char digit = 0; - /* For each range of values, if val is in that range, mask digit with - * the corresponding value. Since val can only be in a single range, + /* For each range of values, if value is in that range, mask digit with + * the corresponding value. Since value can only be in a single range, * only at most one masking will change digit. */ - digit |= mbedtls_ct_uchar_mask_of_range( 0, 25, val ) & ( 'A' + val ); - digit |= mbedtls_ct_uchar_mask_of_range( 26, 51, val ) & ( 'a' + val - 26 ); - digit |= mbedtls_ct_uchar_mask_of_range( 52, 61, val ) & ( '0' + val - 52 ); - digit |= mbedtls_ct_uchar_mask_of_range( 62, 62, val ) & '+'; - digit |= mbedtls_ct_uchar_mask_of_range( 63, 63, val ) & '/'; + digit |= mbedtls_ct_uchar_mask_of_range( 0, 25, value ) & ( 'A' + value ); + digit |= mbedtls_ct_uchar_mask_of_range( 26, 51, value ) & ( 'a' + value - 26 ); + digit |= mbedtls_ct_uchar_mask_of_range( 52, 61, value ) & ( '0' + value - 52 ); + digit |= mbedtls_ct_uchar_mask_of_range( 62, 62, value ) & '+'; + digit |= mbedtls_ct_uchar_mask_of_range( 63, 63, value ) & '/'; return( digit ); } diff --git a/library/constant_time_internal.h b/library/constant_time_internal.h index 90d1ac67322..a13e7b2c0ee 100644 --- a/library/constant_time_internal.h +++ b/library/constant_time_internal.h @@ -169,7 +169,7 @@ void mbedtls_ct_mpi_uint_cond_assign( size_t n, #if defined(MBEDTLS_BASE64_C) -unsigned char mbedtls_ct_base64_enc_char( unsigned char val ); +unsigned char mbedtls_ct_base64_enc_char( unsigned char value ); signed char mbedtls_ct_base64_dec_value( unsigned char c ); From 3a755f511f279bc93fe0d508dee8f01794bb7e0f Mon Sep 17 00:00:00 2001 From: Gabor Mezei Date: Wed, 24 Nov 2021 16:26:33 +0100 Subject: [PATCH 068/107] Add documentation for the functions Signed-off-by: Gabor Mezei --- library/constant_time.c | 15 --------------- library/constant_time_internal.h | 21 +++++++++++++++++++++ library/constant_time_invasive.h | 11 +++++++++-- 3 files changed, 30 insertions(+), 17 deletions(-) diff --git a/library/constant_time.c b/library/constant_time.c index cd699a55ad9..18f1b20daa3 100644 --- a/library/constant_time.c +++ b/library/constant_time.c @@ -327,10 +327,6 @@ void mbedtls_ct_mpi_uint_cond_assign( size_t n, #if defined(MBEDTLS_BASE64_C) -/* Given a value in the range 0..63, return the corresponding Base64 digit. - * The implementation assumes that letters are consecutive (e.g. ASCII - * but not EBCDIC). - */ unsigned char mbedtls_ct_base64_enc_char( unsigned char value ) { unsigned char digit = 0; @@ -345,17 +341,6 @@ unsigned char mbedtls_ct_base64_enc_char( unsigned char value ) return( digit ); } -/* Given a Base64 digit, return its value. - * If c is not a Base64 digit ('A'..'Z', 'a'..'z', '0'..'9', '+' or '/'), - * return -1. - * - * The implementation assumes that letters are consecutive (e.g. ASCII - * but not EBCDIC). - * - * The implementation is constant-flow (no branch or memory access depending - * on the value of c) unless the compiler inlines and optimizes a specific - * access. - */ signed char mbedtls_ct_base64_dec_value( unsigned char c ) { unsigned char val = 0; diff --git a/library/constant_time_internal.h b/library/constant_time_internal.h index a13e7b2c0ee..bbb3a906709 100644 --- a/library/constant_time_internal.h +++ b/library/constant_time_internal.h @@ -169,8 +169,29 @@ void mbedtls_ct_mpi_uint_cond_assign( size_t n, #if defined(MBEDTLS_BASE64_C) +/** Given a value in the range 0..63, return the corresponding Base64 digit. + * + * The implementation assumes that letters are consecutive (e.g. ASCII + * but not EBCDIC). + * + * \param value A value in the range 0..63. + * + * \return A base64 digit converted from \p value. + */ unsigned char mbedtls_ct_base64_enc_char( unsigned char value ); +/** Given a Base64 digit, return its value. + * + * If c is not a Base64 digit ('A'..'Z', 'a'..'z', '0'..'9', '+' or '/'), + * return -1. + * + * The implementation assumes that letters are consecutive (e.g. ASCII + * but not EBCDIC). + * + * \param c A base64 digit. + * + * \return The value of the base64 digit \p c. + */ signed char mbedtls_ct_base64_dec_value( unsigned char c ); #endif /* MBEDTLS_BASE64_C */ diff --git a/library/constant_time_invasive.h b/library/constant_time_invasive.h index 9008f5d4300..4620ca13799 100644 --- a/library/constant_time_invasive.h +++ b/library/constant_time_invasive.h @@ -31,9 +31,16 @@ #if defined(MBEDTLS_TEST_HOOKS) -/* Return 0xff if low <= c <= high, 0 otherwise. +/** Turn a value into a mask: + * - if \p low <= \p c <= \p high, + * return the all-bits 1 mask, aka (unsigned) -1 + * - otherwise, return the all-bits 0 mask, aka 0 * - * Constant flow with respect to c. + * \param low The value to analyze. + * \param high The value to analyze. + * \param c The value to analyze. + * + * \return All-bits-one if \p low <= \p c <= \p high, otherwise zero. */ unsigned char mbedtls_ct_uchar_mask_of_range( unsigned char low, unsigned char high, From 00e08a3a2169a9c1c0ec3c7aaab751875d21c3a5 Mon Sep 17 00:00:00 2001 From: Gabor Mezei Date: Thu, 9 Dec 2021 10:05:48 +0100 Subject: [PATCH 069/107] Update generated files Signed-off-by: Gabor Mezei --- visualc/VS2010/mbedTLS.vcxproj | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 08972c3f872..88ffe1b2ee2 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -256,10 +256,10 @@ - + From 110afd0e4dec60d58746a359c06328a8df398d4d Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 9 Dec 2021 12:48:51 +0000 Subject: [PATCH 070/107] Prevent resource leak If -f was used as an argument twice to the program, then it would leak the file resource, due to overwriting it on the second pass Signed-off-by: Paul Elliott --- programs/ssl/ssl_context_info.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c index a204d9eadc0..7ac01d6df37 100644 --- a/programs/ssl/ssl_context_info.c +++ b/programs/ssl/ssl_context_info.c @@ -222,7 +222,13 @@ void parse_arguments( int argc, char *argv[] ) error_exit(); } - if( ( b64_file = fopen( argv[i], "r" ) ) == NULL ) + if( NULL != b64_file ) + { + printf_err( "Cannot specify more than one file with -f\n" ); + error_exit( ); + } + + if( ( b64_file = fopen( argv[i], "r" )) == NULL ) { printf_err( "Cannot find file \"%s\"\n", argv[i] ); error_exit(); From 8f20bab14d6034eb23a97bd3a09fec487f34a39b Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 9 Dec 2021 14:48:47 +0000 Subject: [PATCH 071/107] Fix printf format specifier Also mark function as printf variant so compiler will pickup any future issues. Signed-off-by: Paul Elliott --- programs/ssl/ssl_context_info.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c index 7ac01d6df37..7018080d4ac 100644 --- a/programs/ssl/ssl_context_info.c +++ b/programs/ssl/ssl_context_info.c @@ -22,6 +22,7 @@ #else #include MBEDTLS_CONFIG_FILE #endif +#include "mbedtls/debug.h" #include #include @@ -164,6 +165,7 @@ void printf_dbg( const char *str, ... ) } } +MBEDTLS_PRINTF_ATTRIBUTE( 1, 2 ) void printf_err( const char *str, ... ) { va_list args; @@ -470,7 +472,8 @@ size_t read_next_b64_code( uint8_t **b64, size_t *max_len ) } else if( len > *max_len ) { - printf_err( "The code found is too large by %u bytes.\n", len - *max_len ); + printf_err( "The code found is too large by %" MBEDTLS_PRINTF_SIZET " bytes.\n", + len - *max_len ); len = pad = 0; } else if( len % 4 != 0 ) From d0688761814d08f1799ab0a5d21ad483b124a828 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 9 Dec 2021 17:18:10 +0000 Subject: [PATCH 072/107] Add checks for return values to md functions Signed-off-by: Paul Elliott --- programs/aes/crypt_and_hash.c | 53 +++++++++++++++++++++++++++++------ 1 file changed, 45 insertions(+), 8 deletions(-) diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c index 63a12480fdc..bdc5c04d2e9 100644 --- a/programs/aes/crypt_and_hash.c +++ b/programs/aes/crypt_and_hash.c @@ -281,10 +281,27 @@ int main( int argc, char *argv[] ) p = argv[2]; - mbedtls_md_starts( &md_ctx ); - mbedtls_md_update( &md_ctx, buffer, 8 ); - mbedtls_md_update( &md_ctx, (unsigned char *) p, strlen( p ) ); - mbedtls_md_finish( &md_ctx, digest ); + if( mbedtls_md_starts( &md_ctx ) != 0 ) + { + mbedtls_fprintf( stderr, "mbedtls_md_starts() returned error\n" ); + goto exit; + } + if( mbedtls_md_update( &md_ctx, buffer, 8 ) != 0 ) + { + mbedtls_fprintf( stderr, "mbedtls_md_update() returned error\n" ); + goto exit; + } + if( mbedtls_md_update( &md_ctx, ( unsigned char * ) p, strlen( p ) ) + != 0 ) + { + mbedtls_fprintf( stderr, "mbedtls_md_update() returned error\n" ); + goto exit; + } + if( mbedtls_md_finish( &md_ctx, digest ) != 0 ) + { + mbedtls_fprintf( stderr, "mbedtls_md_finish() returned error\n" ); + goto exit; + } memcpy( IV, digest, 16 ); @@ -306,10 +323,30 @@ int main( int argc, char *argv[] ) for( i = 0; i < 8192; i++ ) { - mbedtls_md_starts( &md_ctx ); - mbedtls_md_update( &md_ctx, digest, 32 ); - mbedtls_md_update( &md_ctx, key, keylen ); - mbedtls_md_finish( &md_ctx, digest ); + if( mbedtls_md_starts( &md_ctx ) != 0 ) + { + mbedtls_fprintf( stderr, + "mbedtls_md_starts() returned error\n" ); + goto exit; + } + if( mbedtls_md_update( &md_ctx, digest, 32 ) != 0 ) + { + mbedtls_fprintf( stderr, + "mbedtls_md_update() returned error\n" ); + goto exit; + } + if( mbedtls_md_update( &md_ctx, key, keylen ) != 0 ) + { + mbedtls_fprintf( stderr, + "mbedtls_md_update() returned error\n" ); + goto exit; + } + if( mbedtls_md_finish( &md_ctx, digest ) != 0 ) + { + mbedtls_fprintf( stderr, + "mbedtls_md_finish() returned error\n" ); + goto exit; + } } From 68b64cd64c9ca7e8327d00325020a39c4389c477 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 9 Dec 2021 18:27:01 +0000 Subject: [PATCH 073/107] Add checked return to cipher setup Signed-off-by: Paul Elliott --- tests/suites/test_suite_cipher.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index 76e474f2170..b50422e391f 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -102,7 +102,7 @@ void cipher_invalid_param_unconditional( ) (void)valid_mode; /* In some configurations this is unused */ mbedtls_cipher_init( &valid_ctx ); - mbedtls_cipher_setup( &valid_ctx, valid_info ); + TEST_ASSERT( mbedtls_cipher_setup( &valid_ctx, valid_info ) == 0 ); mbedtls_cipher_init( &invalid_ctx ); /* mbedtls_cipher_setup() */ From 3d283787344afd3a1172b280f70c6cfab41c2f65 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 10 Dec 2021 14:25:45 +0100 Subject: [PATCH 074/107] Check return values in more places Selective replacement of ``` ^\( *\)\(mbedtls_\(md\|cipher\)_[A-Z_a-z0-9]+\)\((.*)\); ``` by ``` \1if( \2\4 != 0 ) \1{ \1 mbedtls_fprintf( stderr, "\2() returned error\\n" ); \1 goto exit; \1} ``` Signed-off-by: Gilles Peskine --- programs/aes/crypt_and_hash.c | 72 +++++++++++++++++++++++++++++------ 1 file changed, 60 insertions(+), 12 deletions(-) diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c index bdc5c04d2e9..18bdf6cd269 100644 --- a/programs/aes/crypt_and_hash.c +++ b/programs/aes/crypt_and_hash.c @@ -367,7 +367,11 @@ int main( int argc, char *argv[] ) goto exit; } - mbedtls_md_hmac_starts( &md_ctx, digest, 32 ); + if( mbedtls_md_hmac_starts( &md_ctx, digest, 32 ) != 0 ) + { + mbedtls_fprintf( stderr, "mbedtls_md_hmac_starts() returned error\n" ); + goto exit; + } /* * Encrypt and write the ciphertext. @@ -389,7 +393,11 @@ int main( int argc, char *argv[] ) goto exit; } - mbedtls_md_hmac_update( &md_ctx, output, olen ); + if( mbedtls_md_hmac_update( &md_ctx, output, olen ) != 0 ) + { + mbedtls_fprintf( stderr, "mbedtls_md_hmac_update() returned error\n" ); + goto exit; + } if( fwrite( output, 1, olen, fout ) != olen ) { @@ -403,7 +411,11 @@ int main( int argc, char *argv[] ) mbedtls_fprintf( stderr, "mbedtls_cipher_finish() returned error\n" ); goto exit; } - mbedtls_md_hmac_update( &md_ctx, output, olen ); + if( mbedtls_md_hmac_update( &md_ctx, output, olen ) != 0 ) + { + mbedtls_fprintf( stderr, "mbedtls_md_hmac_update() returned error\n" ); + goto exit; + } if( fwrite( output, 1, olen, fout ) != olen ) { @@ -414,7 +426,11 @@ int main( int argc, char *argv[] ) /* * Finally write the HMAC. */ - mbedtls_md_hmac_finish( &md_ctx, digest ); + if( mbedtls_md_hmac_finish( &md_ctx, digest ) != 0 ) + { + mbedtls_fprintf( stderr, "mbedtls_md_hmac_finish() returned error\n" ); + goto exit; + } if( fwrite( digest, 1, mbedtls_md_get_size( md_info ), fout ) != mbedtls_md_get_size( md_info ) ) { @@ -483,10 +499,26 @@ int main( int argc, char *argv[] ) for( i = 0; i < 8192; i++ ) { - mbedtls_md_starts( &md_ctx ); - mbedtls_md_update( &md_ctx, digest, 32 ); - mbedtls_md_update( &md_ctx, key, keylen ); - mbedtls_md_finish( &md_ctx, digest ); + if( mbedtls_md_starts( &md_ctx ) != 0 ) + { + mbedtls_fprintf( stderr, "mbedtls_md_starts() returned error\n" ); + goto exit; + } + if( mbedtls_md_update( &md_ctx, digest, 32 ) != 0 ) + { + mbedtls_fprintf( stderr, "mbedtls_md_update() returned error\n" ); + goto exit; + } + if( mbedtls_md_update( &md_ctx, key, keylen ) != 0 ) + { + mbedtls_fprintf( stderr, "mbedtls_md_update() returned error\n" ); + goto exit; + } + if( mbedtls_md_finish( &md_ctx, digest ) != 0 ) + { + mbedtls_fprintf( stderr, "mbedtls_md_finish() returned error\n" ); + goto exit; + } } if( mbedtls_cipher_setkey( &cipher_ctx, digest, cipher_info->key_bitlen, @@ -508,7 +540,11 @@ int main( int argc, char *argv[] ) goto exit; } - mbedtls_md_hmac_starts( &md_ctx, digest, 32 ); + if( mbedtls_md_hmac_starts( &md_ctx, digest, 32 ) != 0 ) + { + mbedtls_fprintf( stderr, "mbedtls_md_hmac_starts() returned error\n" ); + goto exit; + } /* * Decrypt and write the plaintext. @@ -525,7 +561,11 @@ int main( int argc, char *argv[] ) goto exit; } - mbedtls_md_hmac_update( &md_ctx, buffer, ilen ); + if( mbedtls_md_hmac_update( &md_ctx, buffer, ilen ) != 0 ) + { + mbedtls_fprintf( stderr, "mbedtls_md_hmac_update() returned error\n" ); + goto exit; + } if( mbedtls_cipher_update( &cipher_ctx, buffer, ilen, output, &olen ) != 0 ) { @@ -543,7 +583,11 @@ int main( int argc, char *argv[] ) /* * Verify the message authentication code. */ - mbedtls_md_hmac_finish( &md_ctx, digest ); + if( mbedtls_md_hmac_finish( &md_ctx, digest ) != 0 ) + { + mbedtls_fprintf( stderr, "mbedtls_md_hmac_finish() returned error\n" ); + goto exit; + } if( fread( buffer, 1, mbedtls_md_get_size( md_info ), fin ) != mbedtls_md_get_size( md_info ) ) { @@ -566,7 +610,11 @@ int main( int argc, char *argv[] ) /* * Write the final block of data */ - mbedtls_cipher_finish( &cipher_ctx, output, &olen ); + if( mbedtls_cipher_finish( &cipher_ctx, output, &olen ) != 0 ) + { + mbedtls_fprintf( stderr, "mbedtls_cipher_finish() returned error\n" ); + goto exit; + } if( fwrite( output, 1, olen, fout ) != olen ) { From 3fc0d304476ce4feee06a92d856ba889fd4f5d2a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 10 Dec 2021 14:28:31 +0100 Subject: [PATCH 075/107] Don't fail until everything is initialized Can't call mbedtls_cipher_free(&invalid_ctx) in cleanup if mbedtls_cipher_init(&invalid_ctx) hasn't been called. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_cipher.function | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index b50422e391f..b0b1629a82a 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -102,9 +102,10 @@ void cipher_invalid_param_unconditional( ) (void)valid_mode; /* In some configurations this is unused */ mbedtls_cipher_init( &valid_ctx ); - TEST_ASSERT( mbedtls_cipher_setup( &valid_ctx, valid_info ) == 0 ); mbedtls_cipher_init( &invalid_ctx ); + TEST_ASSERT( mbedtls_cipher_setup( &valid_ctx, valid_info ) == 0 ); + /* mbedtls_cipher_setup() */ TEST_ASSERT( mbedtls_cipher_setup( &valid_ctx, NULL ) == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); From 5c93a9f2145d55b217956a569e9778eae5cebaad Mon Sep 17 00:00:00 2001 From: Minos Galanakis Date: Wed, 8 Dec 2021 17:38:07 +0000 Subject: [PATCH 076/107] Update changelog & readme This patch adds explicit wording to state that Two's complement is the official supported signed integer representation. Signed-off-by: Minos Galanakis --- ChangeLog.d/twos_complement_representation.txt | 3 +++ README.md | 8 ++++++++ 2 files changed, 11 insertions(+) create mode 100644 ChangeLog.d/twos_complement_representation.txt diff --git a/ChangeLog.d/twos_complement_representation.txt b/ChangeLog.d/twos_complement_representation.txt new file mode 100644 index 00000000000..fa49859abca --- /dev/null +++ b/ChangeLog.d/twos_complement_representation.txt @@ -0,0 +1,3 @@ +Requirement changes + * Sign-magnitude and one's complement representations for signed integers are + not supported. Two's complement is the only supported representation. diff --git a/README.md b/README.md index 4d50a6176d7..eb3829cd8c2 100644 --- a/README.md +++ b/README.md @@ -197,6 +197,14 @@ Mbed TLS can be ported to many different architectures, OS's and platforms. Befo - [What external dependencies does Mbed TLS rely on?](https://tls.mbed.org/kb/development/what-external-dependencies-does-mbedtls-rely-on) - [How do I configure Mbed TLS](https://tls.mbed.org/kb/compiling-and-building/how-do-i-configure-mbedtls) +Mbed TLS is mostly written in portable C99; however, it has a few platform requirements that go beyond the standard, but are met by most modern architectures: + +- Bytes must be 8 bits. +- All-bits-zero must be a valid representation of a null pointer. +- Signed integers must be represented using two's complement. +- `int` and `size_t` must be at least 32 bits wide. +- The types `uint8_t`, `uint16_t`, `uint32_t` and their signed equivalents must be available. + PSA cryptography API -------------------- From fe724fe618946772c3a7906de945d46dc9354c83 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 11 Nov 2021 19:00:38 +0000 Subject: [PATCH 077/107] Fix for pkcs12 with NULL or zero length password Previously passing a NULL or zero length password into either mbedtls_pkcs12_pbe() or mbedtls_pkcs12_derive() could cause an infinate loop, and it was also possible to pass a NULL password, with a non-zero length, which would cause memory corruption. I have fixed these errors, and improved the documentation to reflect the changes and further explain what is expected of the inputs. Signed-off-by: Paul Elliott --- ChangeLog.d/fix-pkcs12-null-password.txt | 2 ++ include/mbedtls/pkcs12.h | 22 +++++++++++++--------- library/pkcs12.c | 21 ++++++++++++++++----- 3 files changed, 31 insertions(+), 14 deletions(-) create mode 100644 ChangeLog.d/fix-pkcs12-null-password.txt diff --git a/ChangeLog.d/fix-pkcs12-null-password.txt b/ChangeLog.d/fix-pkcs12-null-password.txt new file mode 100644 index 00000000000..699575f530f --- /dev/null +++ b/ChangeLog.d/fix-pkcs12-null-password.txt @@ -0,0 +1,2 @@ +Bugfix + * Fix issues in pkcs12 when a NULL and/or zero length password was supplied. diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h index ba9180b3cd5..fbf2378686d 100644 --- a/include/mbedtls/pkcs12.h +++ b/include/mbedtls/pkcs12.h @@ -79,11 +79,13 @@ int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode, * \brief PKCS12 Password Based function (encryption / decryption) * for cipher-based and mbedtls_md-based PBE's * - * \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure - * \param mode either MBEDTLS_PKCS12_PBE_ENCRYPT or MBEDTLS_PKCS12_PBE_DECRYPT + * \param pbe_params an ASN1 buffer containing the pkcs-12 PbeParams structure + * \param mode either MBEDTLS_PKCS12_PBE_ENCRYPT or + * MBEDTLS_PKCS12_PBE_DECRYPT * \param cipher_type the cipher used - * \param md_type the mbedtls_md used - * \param pwd the password used (may be NULL if no password is used) + * \param md_type the mbedtls_md used + * \param pwd Latin1-encoded password used (may be NULL if no password is + * used, but not if pwdlen is non-zero) * \param pwdlen length of the password (may be 0) * \param input the input data * \param len data length @@ -108,14 +110,16 @@ int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode, * integrity key. * * \param data buffer to store the derived data in - * \param datalen length to fill - * \param pwd password to use (may be NULL if no password is used) + * \param datalen length of buffer to fill + * \param pwd Null terminated BMPString password to use (may be NULL if + * no password is used, but not if pwdlen is non-zero) * \param pwdlen length of the password (may be 0) * \param salt salt buffer to use * \param saltlen length of the salt - * \param mbedtls_md mbedtls_md type to use during the derivation - * \param id id that describes the purpose (can be MBEDTLS_PKCS12_DERIVE_KEY, - * MBEDTLS_PKCS12_DERIVE_IV or MBEDTLS_PKCS12_DERIVE_MAC_KEY) + * \param mbedtls_md mbedtls_md type to use during the derivation + * \param id id that describes the purpose (can be + * MBEDTLS_PKCS12_DERIVE_KEY, MBEDTLS_PKCS12_DERIVE_IV or + * MBEDTLS_PKCS12_DERIVE_MAC_KEY) * \param iterations number of iterations * * \return 0 if successful, or a MD, BIGNUM type error. diff --git a/library/pkcs12.c b/library/pkcs12.c index 3699dd5c6d0..80eb9dbe8dc 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -179,6 +179,9 @@ int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode, mbedtls_cipher_context_t cipher_ctx; size_t olen = 0; + if( pwd == NULL && pwdlen != 0 ) + return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); + cipher_info = mbedtls_cipher_info_from_type( cipher_type ); if( cipher_info == NULL ) return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE ); @@ -231,13 +234,18 @@ static void pkcs12_fill_buffer( unsigned char *data, size_t data_len, unsigned char *p = data; size_t use_len; - while( data_len > 0 ) + if( filler != NULL && fill_len != 0 ) { - use_len = ( data_len > fill_len ) ? fill_len : data_len; - memcpy( p, filler, use_len ); - p += use_len; - data_len -= use_len; + while( data_len > 0 ) + { + use_len = ( data_len > fill_len ) ? fill_len : data_len; + memcpy( p, filler, use_len ); + p += use_len; + data_len -= use_len; + } } + else + memset( data, 0, data_len ); } int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, @@ -263,6 +271,9 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, if( datalen > 128 || pwdlen > 64 || saltlen > 64 ) return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); + if( pwd == NULL && pwdlen != 0 ) + return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); + md_info = mbedtls_md_info_from_type( md_type ); if( md_info == NULL ) return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE ); From f294ff5d879838ebe3f8263dacf68148f47764e3 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Wed, 17 Nov 2021 17:47:23 +0000 Subject: [PATCH 078/107] Make changelog more specific Signed-off-by: Paul Elliott --- ChangeLog.d/fix-pkcs12-null-password.txt | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/ChangeLog.d/fix-pkcs12-null-password.txt b/ChangeLog.d/fix-pkcs12-null-password.txt index 699575f530f..fae81955359 100644 --- a/ChangeLog.d/fix-pkcs12-null-password.txt +++ b/ChangeLog.d/fix-pkcs12-null-password.txt @@ -1,2 +1,5 @@ Bugfix - * Fix issues in pkcs12 when a NULL and/or zero length password was supplied. + * Fix a potential invalid pointer dereference and infinite loop bugs in + pkcs12 functions when the password is empty. Fix the documentation to + better describe the inputs to these functions and their possible values. + Fixes #5136. From a59cc3dbc7980404b6c13d74975563a6ed5f9b85 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 18 Nov 2021 12:39:10 +0000 Subject: [PATCH 079/107] Further documentation improvements Signed-off-by: Paul Elliott --- include/mbedtls/pkcs12.h | 28 ++++++++++++++++------------ 1 file changed, 16 insertions(+), 12 deletions(-) diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h index fbf2378686d..784e8d6f8a2 100644 --- a/include/mbedtls/pkcs12.h +++ b/include/mbedtls/pkcs12.h @@ -80,12 +80,12 @@ int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode, * for cipher-based and mbedtls_md-based PBE's * * \param pbe_params an ASN1 buffer containing the pkcs-12 PbeParams structure - * \param mode either MBEDTLS_PKCS12_PBE_ENCRYPT or - * MBEDTLS_PKCS12_PBE_DECRYPT + * \param mode either #MBEDTLS_PKCS12_PBE_ENCRYPT or + * #MBEDTLS_PKCS12_PBE_DECRYPT * \param cipher_type the cipher used * \param md_type the mbedtls_md used - * \param pwd Latin1-encoded password used (may be NULL if no password is - * used, but not if pwdlen is non-zero) + * \param pwd Latin1-encoded password used. This may only be \c NULL when + * pwdlen is 0. No \c NULL terminator should be used. * \param pwdlen length of the password (may be 0) * \param input the input data * \param len data length @@ -106,20 +106,24 @@ int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode, * to produce pseudo-random bits for a particular "purpose". * * Depending on the given id, this function can produce an - * encryption/decryption key, an nitialization vector or an + * encryption/decryption key, an initialization vector or an * integrity key. * * \param data buffer to store the derived data in * \param datalen length of buffer to fill - * \param pwd Null terminated BMPString password to use (may be NULL if - * no password is used, but not if pwdlen is non-zero) - * \param pwdlen length of the password (may be 0) - * \param salt salt buffer to use - * \param saltlen length of the salt + * \param pwd The password to use. For compliance with PKCS#12 §B.1, this + * should be a BMPString, i.e. a Unicode string where each + * character is encoded as 2 bytes in big-endian order, with + * no byte order mark and with a null terminator (i.e. the + * last two bytes should be 0x00 0x00). + * \param pwdlen length of the password (may be 0). + * \param salt Salt buffer to use This may only be \c NULL when + * saltlen is 0. + * \param saltlen length of the salt (may be zero) * \param mbedtls_md mbedtls_md type to use during the derivation * \param id id that describes the purpose (can be - * MBEDTLS_PKCS12_DERIVE_KEY, MBEDTLS_PKCS12_DERIVE_IV or - * MBEDTLS_PKCS12_DERIVE_MAC_KEY) + * #MBEDTLS_PKCS12_DERIVE_KEY, #MBEDTLS_PKCS12_DERIVE_IV or + * #MBEDTLS_PKCS12_DERIVE_MAC_KEY) * \param iterations number of iterations * * \return 0 if successful, or a MD, BIGNUM type error. From 7412eb4bc23ff069254c1f3f7d14c2c058157e94 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 18 Nov 2021 14:02:21 +0000 Subject: [PATCH 080/107] Better fix for empty password / salt Signed-off-by: Paul Elliott --- library/pkcs12.c | 78 +++++++++++++++++++++++++++++++++++------------- 1 file changed, 58 insertions(+), 20 deletions(-) diff --git a/library/pkcs12.c b/library/pkcs12.c index 80eb9dbe8dc..31038130621 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -244,8 +244,6 @@ static void pkcs12_fill_buffer( unsigned char *data, size_t data_len, data_len -= use_len; } } - else - memset( data, 0, data_len ); } int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, @@ -258,9 +256,12 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, unsigned char diversifier[128]; unsigned char salt_block[128], pwd_block[128], hash_block[128]; + unsigned char empty_string[2] = { 0, 0 }; unsigned char hash_output[MBEDTLS_MD_MAX_SIZE]; unsigned char *p; unsigned char c; + int use_password = 0; + int use_salt = 0; size_t hlen, use_len, v, i; @@ -274,6 +275,12 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, if( pwd == NULL && pwdlen != 0 ) return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); + if( salt == NULL && saltlen != 0 ) + return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); + + use_password = ( pwd && pwdlen != 0 ); + use_salt = ( salt && saltlen != 0 ); + md_info = mbedtls_md_info_from_type( md_type ); if( md_info == NULL ) return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE ); @@ -291,8 +298,15 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, memset( diversifier, (unsigned char) id, v ); - pkcs12_fill_buffer( salt_block, v, salt, saltlen ); - pkcs12_fill_buffer( pwd_block, v, pwd, pwdlen ); + if( use_salt != 0 ) + { + pkcs12_fill_buffer( salt_block, v, salt, saltlen ); + } + + if( use_password != 0 ) + { + pkcs12_fill_buffer( pwd_block, v, pwd, pwdlen ); + } p = data; while( datalen > 0 ) @@ -304,11 +318,29 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, if( ( ret = mbedtls_md_update( &md_ctx, diversifier, v ) ) != 0 ) goto exit; - if( ( ret = mbedtls_md_update( &md_ctx, salt_block, v ) ) != 0 ) - goto exit; + if( use_salt != 0 ) + { + if( ( ret = mbedtls_md_update( &md_ctx, salt_block, v )) != 0 ) + goto exit; + } + else + { + if( ( ret = mbedtls_md_update( &md_ctx, empty_string, + sizeof( empty_string ) )) != 0 ) + goto exit; + } - if( ( ret = mbedtls_md_update( &md_ctx, pwd_block, v ) ) != 0 ) - goto exit; + if( use_password != 0) + { + if( ( ret = mbedtls_md_update( &md_ctx, pwd_block, v )) != 0 ) + goto exit; + } + else + { + if( ( ret = mbedtls_md_update( &md_ctx, empty_string, + sizeof( empty_string ) )) != 0 ) + goto exit; + } if( ( ret = mbedtls_md_finish( &md_ctx, hash_output ) ) != 0 ) goto exit; @@ -336,22 +368,28 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, if( ++hash_block[i - 1] != 0 ) break; - // salt_block += B - c = 0; - for( i = v; i > 0; i-- ) + if( use_salt != 0 ) { - j = salt_block[i - 1] + hash_block[i - 1] + c; - c = MBEDTLS_BYTE_1( j ); - salt_block[i - 1] = MBEDTLS_BYTE_0( j ); + // salt_block += B + c = 0; + for( i = v; i > 0; i-- ) + { + j = salt_block[i - 1] + hash_block[i - 1] + c; + c = MBEDTLS_BYTE_1( j ); + salt_block[i - 1] = MBEDTLS_BYTE_0( j ); + } } - // pwd_block += B - c = 0; - for( i = v; i > 0; i-- ) + if( use_password != 0 ) { - j = pwd_block[i - 1] + hash_block[i - 1] + c; - c = MBEDTLS_BYTE_1( j ); - pwd_block[i - 1] = MBEDTLS_BYTE_0( j ); + // pwd_block += B + c = 0; + for( i = v; i > 0; i-- ) + { + j = pwd_block[i - 1] + hash_block[i - 1] + c; + c = MBEDTLS_BYTE_1( j ); + pwd_block[i - 1] = MBEDTLS_BYTE_0( j ); + } } } From d8e2e8347b4a7514d310e6c629aa3a71d9d5f857 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 10 Dec 2021 21:33:21 +0100 Subject: [PATCH 081/107] Zeroize local MAC variables Zeroize local MAC variables used for CBC+HMAC cipher suites. In encryption, this is just good hygiene but probably not needed for security since the data protected by the MAC that could leak is about to be transmitted anyway. In DTLS decryption, this could be a security issue since an adversary could learn the MAC of data that they were trying to inject. At least with encrypt-then-MAC, the adversary could then easily inject a datagram with a corrected packet. TLS would still be safe since the receiver would close the connection after the bad MAC. Signed-off-by: Gilles Peskine --- ChangeLog.d/ssl-mac-zeroize.txt | 5 +++++ library/ssl_msg.c | 20 ++++++++++++++++++-- 2 files changed, 23 insertions(+), 2 deletions(-) create mode 100644 ChangeLog.d/ssl-mac-zeroize.txt diff --git a/ChangeLog.d/ssl-mac-zeroize.txt b/ChangeLog.d/ssl-mac-zeroize.txt new file mode 100644 index 00000000000..b49c7acd771 --- /dev/null +++ b/ChangeLog.d/ssl-mac-zeroize.txt @@ -0,0 +1,5 @@ +Security + * Zeroize intermediate variables used to calculate the MAC in CBC cipher + suites. This hardens the library in case stack memory leaks through a + memory disclosure vulnerabilty, which could formerly have allowed a + man-in-the-middle to inject fake ciphertext into a DTLS connection. diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 928d6fc86cd..ce0fd4d4b44 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -717,6 +717,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, ssl_mac( &transform->md_ctx_enc, transform->mac_enc, data, rec->data_len, rec->ctr, rec->type, mac ); memcpy( data + rec->data_len, mac, transform->maclen ); + mbedtls_platform_zeroize( mac, transform->maclen ); } else #endif @@ -737,6 +738,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, mbedtls_md_hmac_reset( &transform->md_ctx_enc ); memcpy( data + rec->data_len, mac, transform->maclen ); + mbedtls_platform_zeroize( mac, transform->maclen ); } else #endif @@ -1021,6 +1023,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, rec->data_len += transform->maclen; post_avail -= transform->maclen; auth_done++; + mbedtls_platform_zeroize( mac, transform->maclen ); } #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ } @@ -1305,13 +1308,20 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, transform->maclen ); /* Compare expected MAC with MAC at the end of the record. */ + ret = 0; if( mbedtls_ct_memcmp( data + rec->data_len, mac_expect, transform->maclen ) != 0 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "message mac does not match" ) ); - return( MBEDTLS_ERR_SSL_INVALID_MAC ); + ret = MBEDTLS_ERR_SSL_INVALID_MAC; + goto hmac_failed_etm_enabled; } auth_done++; + + hmac_failed_etm_enabled: + mbedtls_platform_zeroize( mac_expect, transform->maclen ); + if( ret != 0 ) + return( ret ); } #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ @@ -1562,7 +1572,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, if( ret != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ct_hmac", ret ); - return( ret ); + goto hmac_failed_etm_disabled; } mbedtls_ct_memcpy_offset( mac_peer, data, @@ -1592,6 +1602,12 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, correct = 0; } auth_done++; + + hmac_failed_etm_disabled: + mbedtls_platform_zeroize( mac_peer, transform->maclen ); + mbedtls_platform_zeroize( mac_expect, transform->maclen ); + if( ret != 0 ) + return( ret ); } /* From 2b3f21dc0b8866abf8325357d6b271c9fca98ef2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 10 Dec 2021 21:35:10 +0100 Subject: [PATCH 082/107] Catch failures of md_hmac operations Declare mbedtls_md functions as MBEDTLS_CHECK_RETURN_TYPICAL, meaning that their return values should be checked. Do check the return values in our code. We were already doing that everywhere for hash calculations, but not for HMAC calculations. Signed-off-by: Gilles Peskine --- ChangeLog.d/check-return.txt | 6 +- include/mbedtls/md.h | 14 +++ library/ssl_msg.c | 163 ++++++++++++++++++++++++++--------- library/ssl_tls.c | 118 ++++++++++++++++++------- 4 files changed, 228 insertions(+), 73 deletions(-) diff --git a/ChangeLog.d/check-return.txt b/ChangeLog.d/check-return.txt index 045b1805ec2..7d905da7321 100644 --- a/ChangeLog.d/check-return.txt +++ b/ChangeLog.d/check-return.txt @@ -5,6 +5,8 @@ Bugfix This does not concern the implementation provided with Mbed TLS, where this function cannot fail, or full-module replacements with MBEDTLS_AES_ALT or MBEDTLS_DES_ALT. Reported by Armelle Duboc in #1092. + * Some failures of HMAC operations were ignored. These failures could only + happen with an alternative implementation of the underlying hash module. Features * Warn if errors from certain functions are ignored. This is currently @@ -13,5 +15,5 @@ Features (where supported) for critical functions where ignoring the return value is almost always a bug. Enable the new configuration option MBEDTLS_CHECK_RETURN_WARNING to get warnings for other functions. This - is currently implemented in the AES and DES modules, and will be extended - to other modules in the future. + is currently implemented in the AES, DES and md modules, and will be + extended to other modules in the future. diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index ee243218839..84fafd2ac77 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -32,6 +32,7 @@ #else #include MBEDTLS_CONFIG_FILE #endif +#include "mbedtls/platform_util.h" /** The selected feature is not available. */ #define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE -0x5080 @@ -210,6 +211,7 @@ int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_ * failure. * \return #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure. */ +MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac ); /** @@ -231,6 +233,7 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_inf * \return \c 0 on success. * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification failure. */ +MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_md_clone( mbedtls_md_context_t *dst, const mbedtls_md_context_t *src ); @@ -280,6 +283,7 @@ const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info ); * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification * failure. */ +MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_md_starts( mbedtls_md_context_t *ctx ); /** @@ -298,6 +302,7 @@ int mbedtls_md_starts( mbedtls_md_context_t *ctx ); * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification * failure. */ +MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ); /** @@ -318,6 +323,7 @@ int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, si * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification * failure. */ +MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ); /** @@ -338,6 +344,7 @@ int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ); * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification * failure. */ +MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen, unsigned char *output ); @@ -359,6 +366,7 @@ int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, si * the file pointed by \p path. * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info was NULL. */ +MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigned char *output ); #endif /* MBEDTLS_FS_IO */ @@ -381,6 +389,7 @@ int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification * failure. */ +MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, size_t keylen ); @@ -403,6 +412,7 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification * failure. */ +MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ); @@ -424,6 +434,7 @@ int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *inpu * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification * failure. */ +MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output); /** @@ -441,6 +452,7 @@ int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output); * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification * failure. */ +MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ); /** @@ -465,11 +477,13 @@ int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ); * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification * failure. */ +MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen, const unsigned char *input, size_t ilen, unsigned char *output ); /* Internal use */ +MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data ); #ifdef __cplusplus diff --git a/library/ssl_msg.c b/library/ssl_msg.c index ce0fd4d4b44..0b696dd5612 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -474,17 +474,18 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data, /* * SSLv3.0 MAC functions */ -static void ssl_mac( mbedtls_md_context_t *md_ctx, - const unsigned char *secret, - const unsigned char *buf, size_t len, - const unsigned char *ctr, int type, - unsigned char out[SSL3_MAC_MAX_BYTES] ) +static int ssl_mac( mbedtls_md_context_t *md_ctx, + const unsigned char *secret, + const unsigned char *buf, size_t len, + const unsigned char *ctr, int type, + unsigned char out[SSL3_MAC_MAX_BYTES] ) { unsigned char header[11]; unsigned char padding[48]; int padlen; int md_size = mbedtls_md_get_size( md_ctx->md_info ); int md_type = mbedtls_md_get_type( md_ctx->md_info ); + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* Only MD5 and SHA-1 supported */ if( md_type == MBEDTLS_MD_MD5 ) @@ -497,19 +498,43 @@ static void ssl_mac( mbedtls_md_context_t *md_ctx, MBEDTLS_PUT_UINT16_BE( len, header, 9); memset( padding, 0x36, padlen ); - mbedtls_md_starts( md_ctx ); - mbedtls_md_update( md_ctx, secret, md_size ); - mbedtls_md_update( md_ctx, padding, padlen ); - mbedtls_md_update( md_ctx, header, 11 ); - mbedtls_md_update( md_ctx, buf, len ); - mbedtls_md_finish( md_ctx, out ); + ret = mbedtls_md_starts( md_ctx ); + if( ret != 0 ) + return( ret ); + ret = mbedtls_md_update( md_ctx, secret, md_size ); + if( ret != 0 ) + return( ret ); + ret = mbedtls_md_update( md_ctx, padding, padlen ); + if( ret != 0 ) + return( ret ); + ret = mbedtls_md_update( md_ctx, header, 11 ); + if( ret != 0 ) + return( ret ); + ret = mbedtls_md_update( md_ctx, buf, len ); + if( ret != 0 ) + return( ret ); + ret = mbedtls_md_finish( md_ctx, out ); + if( ret != 0 ) + return( ret ); memset( padding, 0x5C, padlen ); - mbedtls_md_starts( md_ctx ); - mbedtls_md_update( md_ctx, secret, md_size ); - mbedtls_md_update( md_ctx, padding, padlen ); - mbedtls_md_update( md_ctx, out, md_size ); - mbedtls_md_finish( md_ctx, out ); + ret = mbedtls_md_starts( md_ctx ); + if( ret != 0 ) + return( ret ); + ret = mbedtls_md_update( md_ctx, secret, md_size ); + if( ret != 0 ) + return( ret ); + ret = mbedtls_md_update( md_ctx, padding, padlen ); + if( ret != 0 ) + return( ret ); + ret = mbedtls_md_update( md_ctx, out, md_size ); + if( ret != 0 ) + return( ret ); + ret = mbedtls_md_finish( md_ctx, out ); + if( ret != 0 ) + return( ret ); + + return( 0 ); } #endif /* MBEDTLS_SSL_PROTO_SSL3 */ @@ -714,10 +739,17 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, if( transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) { unsigned char mac[SSL3_MAC_MAX_BYTES]; - ssl_mac( &transform->md_ctx_enc, transform->mac_enc, - data, rec->data_len, rec->ctr, rec->type, mac ); - memcpy( data + rec->data_len, mac, transform->maclen ); + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + ret = ssl_mac( &transform->md_ctx_enc, transform->mac_enc, + data, rec->data_len, rec->ctr, rec->type, mac ); + if( ret == 0 ) + memcpy( data + rec->data_len, mac, transform->maclen ); mbedtls_platform_zeroize( mac, transform->maclen ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_mac", ret ); + return( ret ); + } } else #endif @@ -726,19 +758,35 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) { unsigned char mac[MBEDTLS_SSL_MAC_ADD]; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ssl_extract_add_data_from_record( add_data, &add_data_len, rec, transform->minor_ver ); - mbedtls_md_hmac_update( &transform->md_ctx_enc, add_data, - add_data_len ); - mbedtls_md_hmac_update( &transform->md_ctx_enc, - data, rec->data_len ); - mbedtls_md_hmac_finish( &transform->md_ctx_enc, mac ); - mbedtls_md_hmac_reset( &transform->md_ctx_enc ); + ret = mbedtls_md_hmac_update( &transform->md_ctx_enc, + add_data, add_data_len ); + if( ret != 0 ) + goto hmac_failed_etm_disabled; + ret = mbedtls_md_hmac_update( &transform->md_ctx_enc, + data, rec->data_len ); + if( ret != 0 ) + goto hmac_failed_etm_disabled; + ret = mbedtls_md_hmac_finish( &transform->md_ctx_enc, mac ); + if( ret != 0 ) + goto hmac_failed_etm_disabled; + ret = mbedtls_md_hmac_reset( &transform->md_ctx_enc ); + if( ret != 0 ) + goto hmac_failed_etm_disabled; memcpy( data + rec->data_len, mac, transform->maclen ); + + hmac_failed_etm_disabled: mbedtls_platform_zeroize( mac, transform->maclen ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_hmac_xxx", ret ); + return( ret ); + } } else #endif @@ -1011,19 +1059,34 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", add_data, add_data_len ); - mbedtls_md_hmac_update( &transform->md_ctx_enc, add_data, - add_data_len ); - mbedtls_md_hmac_update( &transform->md_ctx_enc, - data, rec->data_len ); - mbedtls_md_hmac_finish( &transform->md_ctx_enc, mac ); - mbedtls_md_hmac_reset( &transform->md_ctx_enc ); + ret = mbedtls_md_hmac_update( &transform->md_ctx_enc, add_data, + add_data_len ); + if( ret != 0 ) + goto hmac_failed_etm_enabled; + ret = mbedtls_md_hmac_update( &transform->md_ctx_enc, + data, rec->data_len ); + if( ret != 0 ) + goto hmac_failed_etm_enabled; + ret = mbedtls_md_hmac_finish( &transform->md_ctx_enc, mac ); + if( ret != 0 ) + goto hmac_failed_etm_enabled; + ret = mbedtls_md_hmac_reset( &transform->md_ctx_enc ); + if( ret != 0 ) + goto hmac_failed_etm_enabled; memcpy( data + rec->data_len, mac, transform->maclen ); rec->data_len += transform->maclen; post_avail -= transform->maclen; auth_done++; + + hmac_failed_etm_enabled: mbedtls_platform_zeroize( mac, transform->maclen ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "HMAC calculation failed", ret ); + return( ret ); + } } #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ } @@ -1295,12 +1358,20 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, /* Calculate expected MAC. */ MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", add_data, add_data_len ); - mbedtls_md_hmac_update( &transform->md_ctx_dec, add_data, - add_data_len ); - mbedtls_md_hmac_update( &transform->md_ctx_dec, + ret = mbedtls_md_hmac_update( &transform->md_ctx_dec, add_data, + add_data_len ); + if( ret != 0 ) + goto hmac_failed_etm_enabled; + ret = mbedtls_md_hmac_update( &transform->md_ctx_dec, data, rec->data_len ); - mbedtls_md_hmac_finish( &transform->md_ctx_dec, mac_expect ); - mbedtls_md_hmac_reset( &transform->md_ctx_dec ); + if( ret != 0 ) + goto hmac_failed_etm_enabled; + ret = mbedtls_md_hmac_finish( &transform->md_ctx_dec, mac_expect ); + if( ret != 0 ) + goto hmac_failed_etm_enabled; + ret = mbedtls_md_hmac_reset( &transform->md_ctx_dec ); + if( ret != 0 ) + goto hmac_failed_etm_enabled; MBEDTLS_SSL_DEBUG_BUF( 4, "message mac", data + rec->data_len, transform->maclen ); @@ -1308,7 +1379,6 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, transform->maclen ); /* Compare expected MAC with MAC at the end of the record. */ - ret = 0; if( mbedtls_ct_memcmp( data + rec->data_len, mac_expect, transform->maclen ) != 0 ) { @@ -1321,7 +1391,11 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, hmac_failed_etm_enabled: mbedtls_platform_zeroize( mac_expect, transform->maclen ); if( ret != 0 ) + { + if( ret != MBEDTLS_ERR_SSL_INVALID_MAC ) + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_hmac_xxx", ret ); return( ret ); + } } #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ @@ -1539,11 +1613,16 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, #if defined(MBEDTLS_SSL_PROTO_SSL3) if( transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) { - ssl_mac( &transform->md_ctx_dec, - transform->mac_dec, - data, rec->data_len, - rec->ctr, rec->type, - mac_expect ); + ret = ssl_mac( &transform->md_ctx_dec, + transform->mac_dec, + data, rec->data_len, + rec->ctr, rec->type, + mac_expect ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_mac", ret ); + goto hmac_failed_etm_disabled; + } memcpy( mac_peer, data + rec->data_len, transform->maclen ); } else diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 9757f86c2c2..537adc2a0c9 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -442,19 +442,37 @@ static int tls1_prf( const unsigned char *secret, size_t slen, goto exit; } - mbedtls_md_hmac_starts( &md_ctx, S1, hs ); - mbedtls_md_hmac_update( &md_ctx, tmp + 20, nb ); - mbedtls_md_hmac_finish( &md_ctx, 4 + tmp ); + ret = mbedtls_md_hmac_starts( &md_ctx, S1, hs ); + if( ret != 0 ) + goto exit; + ret = mbedtls_md_hmac_update( &md_ctx, tmp + 20, nb ); + if( ret != 0 ) + goto exit; + ret = mbedtls_md_hmac_finish( &md_ctx, 4 + tmp ); + if( ret != 0 ) + goto exit; for( i = 0; i < dlen; i += 16 ) { - mbedtls_md_hmac_reset ( &md_ctx ); - mbedtls_md_hmac_update( &md_ctx, 4 + tmp, 16 + nb ); - mbedtls_md_hmac_finish( &md_ctx, h_i ); + ret = mbedtls_md_hmac_reset ( &md_ctx ); + if( ret != 0 ) + goto exit; + ret = mbedtls_md_hmac_update( &md_ctx, 4 + tmp, 16 + nb ); + if( ret != 0 ) + goto exit; + ret = mbedtls_md_hmac_finish( &md_ctx, h_i ); + if( ret != 0 ) + goto exit; - mbedtls_md_hmac_reset ( &md_ctx ); - mbedtls_md_hmac_update( &md_ctx, 4 + tmp, 16 ); - mbedtls_md_hmac_finish( &md_ctx, 4 + tmp ); + ret = mbedtls_md_hmac_reset ( &md_ctx ); + if( ret != 0 ) + goto exit; + ret = mbedtls_md_hmac_update( &md_ctx, 4 + tmp, 16 ); + if( ret != 0 ) + goto exit; + ret = mbedtls_md_hmac_finish( &md_ctx, 4 + tmp ); + if( ret != 0 ) + goto exit; k = ( i + 16 > dlen ) ? dlen % 16 : 16; @@ -478,19 +496,37 @@ static int tls1_prf( const unsigned char *secret, size_t slen, goto exit; } - mbedtls_md_hmac_starts( &md_ctx, S2, hs ); - mbedtls_md_hmac_update( &md_ctx, tmp + 20, nb ); - mbedtls_md_hmac_finish( &md_ctx, tmp ); + ret = mbedtls_md_hmac_starts( &md_ctx, S2, hs ); + if( ret != 0 ) + goto exit; + ret = mbedtls_md_hmac_update( &md_ctx, tmp + 20, nb ); + if( ret != 0 ) + goto exit; + ret = mbedtls_md_hmac_finish( &md_ctx, tmp ); + if( ret != 0 ) + goto exit; for( i = 0; i < dlen; i += 20 ) { - mbedtls_md_hmac_reset ( &md_ctx ); - mbedtls_md_hmac_update( &md_ctx, tmp, 20 + nb ); - mbedtls_md_hmac_finish( &md_ctx, h_i ); + ret = mbedtls_md_hmac_reset ( &md_ctx ); + if( ret != 0 ) + goto exit; + ret = mbedtls_md_hmac_update( &md_ctx, tmp, 20 + nb ); + if( ret != 0 ) + goto exit; + ret = mbedtls_md_hmac_finish( &md_ctx, h_i ); + if( ret != 0 ) + goto exit; - mbedtls_md_hmac_reset ( &md_ctx ); - mbedtls_md_hmac_update( &md_ctx, tmp, 20 ); - mbedtls_md_hmac_finish( &md_ctx, tmp ); + ret = mbedtls_md_hmac_reset ( &md_ctx ); + if( ret != 0 ) + goto exit; + ret = mbedtls_md_hmac_update( &md_ctx, tmp, 20 ); + if( ret != 0 ) + goto exit; + ret = mbedtls_md_hmac_finish( &md_ctx, tmp ); + if( ret != 0 ) + goto exit; k = ( i + 20 > dlen ) ? dlen % 20 : 20; @@ -680,19 +716,37 @@ static int tls_prf_generic( mbedtls_md_type_t md_type, if ( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) goto exit; - mbedtls_md_hmac_starts( &md_ctx, secret, slen ); - mbedtls_md_hmac_update( &md_ctx, tmp + md_len, nb ); - mbedtls_md_hmac_finish( &md_ctx, tmp ); + ret = mbedtls_md_hmac_starts( &md_ctx, secret, slen ); + if( ret != 0 ) + goto exit; + ret = mbedtls_md_hmac_update( &md_ctx, tmp + md_len, nb ); + if( ret != 0 ) + goto exit; + ret = mbedtls_md_hmac_finish( &md_ctx, tmp ); + if( ret != 0 ) + goto exit; for( i = 0; i < dlen; i += md_len ) { - mbedtls_md_hmac_reset ( &md_ctx ); - mbedtls_md_hmac_update( &md_ctx, tmp, md_len + nb ); - mbedtls_md_hmac_finish( &md_ctx, h_i ); + ret = mbedtls_md_hmac_reset ( &md_ctx ); + if( ret != 0 ) + goto exit; + ret = mbedtls_md_hmac_update( &md_ctx, tmp, md_len + nb ); + if( ret != 0 ) + goto exit; + ret = mbedtls_md_hmac_finish( &md_ctx, h_i ); + if( ret != 0 ) + goto exit; - mbedtls_md_hmac_reset ( &md_ctx ); - mbedtls_md_hmac_update( &md_ctx, tmp, md_len ); - mbedtls_md_hmac_finish( &md_ctx, tmp ); + ret = mbedtls_md_hmac_reset ( &md_ctx ); + if( ret != 0 ) + goto exit; + ret = mbedtls_md_hmac_update( &md_ctx, tmp, md_len ); + if( ret != 0 ) + goto exit; + ret = mbedtls_md_hmac_finish( &md_ctx, tmp ); + if( ret != 0 ) + goto exit; k = ( i + md_len > dlen ) ? dlen % md_len : md_len; @@ -1232,8 +1286,14 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, For AEAD-based ciphersuites, there is nothing to do here. */ if( mac_key_len != 0 ) { - mbedtls_md_hmac_starts( &transform->md_ctx_enc, mac_enc, mac_key_len ); - mbedtls_md_hmac_starts( &transform->md_ctx_dec, mac_dec, mac_key_len ); + ret = mbedtls_md_hmac_starts( &transform->md_ctx_enc, + mac_enc, mac_key_len ); + if( ret != 0 ) + goto end; + ret = mbedtls_md_hmac_starts( &transform->md_ctx_dec, + mac_dec, mac_key_len ); + if( ret != 0 ) + goto end; } } else From 13d5a3429a56f5158266517cfd58f3c724795f78 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 18 Nov 2021 22:35:48 +0000 Subject: [PATCH 083/107] Add PKCS12 tests Only regression tests for the empty password bugs for now. Further tests will follow later. Signed-off-by: Paul Elliott --- tests/CMakeLists.txt | 1 + tests/suites/test_suite_pkcs12.data | 33 +++++++++++ tests/suites/test_suite_pkcs12.function | 73 +++++++++++++++++++++++++ 3 files changed, 107 insertions(+) create mode 100644 tests/suites/test_suite_pkcs12.data create mode 100644 tests/suites/test_suite_pkcs12.function diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 75ef44ebe4f..f86127245d2 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -143,6 +143,7 @@ add_test_suite(pk) add_test_suite(pkcs1_v15) add_test_suite(pkcs1_v21) add_test_suite(pkcs5) +add_test_suite(pkcs12) add_test_suite(pkparse) add_test_suite(pkwrite) add_test_suite(poly1305) diff --git a/tests/suites/test_suite_pkcs12.data b/tests/suites/test_suite_pkcs12.data new file mode 100644 index 00000000000..e9e7339dcaa --- /dev/null +++ b/tests/suites/test_suite_pkcs12.data @@ -0,0 +1,33 @@ +Pkcs12 derive key : Zero length password and hash +depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":1:"":1:3:0 + +Pkcs12 derive key: NULL password and hash +depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":0:"":0:3:0 + +Pkcs12 derive key: Zero length password +depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":1:"0123456789abcdef":1:3:0 + +Pkcs12 derive key: NULL password +depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":0:"0123456789abcdef":1:3:0 + +Pkcs12 derive key: Invalid length NULL password +depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":2:"0123456789abcdef":1:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA + +Pkcs12 derive key: Zero length hash +depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":1:3:0 + +Pkcs12 derive key: NULL hash +depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":0:3:0 + +Pkcs12 derive key: Invalid length NULL hash +depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"0123456789abcdef":2:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA + + diff --git a/tests/suites/test_suite_pkcs12.function b/tests/suites/test_suite_pkcs12.function new file mode 100644 index 00000000000..8771c2b36c4 --- /dev/null +++ b/tests/suites/test_suite_pkcs12.function @@ -0,0 +1,73 @@ +/* BEGIN_HEADER */ +#include "mbedtls/pkcs12.h" +#include "mbedtls/error.h" + +typedef enum +{ + USE_NULL_INPUT = 0, + USE_GIVEN_INPUT = 1, + USE_NULL_INPUT_WITH_SIZE = 2, +} input_usage_method_t; + +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_ASN1_PARSE_C + * END_DEPENDENCIES + */ + +/* BEGIN_CASE */ +void pkcs12_derive_key_test( int md_type, int key_size_arg, + data_t *password_arg, int password_usage, + data_t *salt_arg, int salt_usage, + int iterations, int expected_status ) + +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + unsigned char *output_data = NULL; + + unsigned char *password = NULL; + size_t password_len = 0; + unsigned char *salt = NULL; + size_t salt_len = 0; + size_t key_size = key_size_arg; + + if( password_usage == USE_GIVEN_INPUT ) + { + password = password_arg->x; + password_len = password_arg->len; + } + else if( password_usage == USE_NULL_INPUT_WITH_SIZE ) + { + password_len = password_arg->len; + } + + if( salt_usage == USE_GIVEN_INPUT ) + { + salt = salt_arg->x; + salt_len = salt_arg->len; + } + else if( salt_usage == USE_NULL_INPUT_WITH_SIZE ) + { + salt_len = salt_arg->len; + } + + ASSERT_ALLOC( output_data, key_size ); + + ret = mbedtls_pkcs12_derivation( output_data, + key_size, + password, + password_len, + salt, + salt_len, + md_type, + MBEDTLS_PKCS12_DERIVE_KEY, + iterations ); + + TEST_EQUAL( ret, expected_status ); + +exit: + mbedtls_free( output_data ); + +} +/* END_CASE */ From 1a3540afbe4400165bf492b23e8af16272dc4779 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Mon, 22 Nov 2021 17:50:26 +0000 Subject: [PATCH 084/107] Fix missing test dependancies Signed-off-by: Paul Elliott --- tests/suites/test_suite_pkcs12.data | 16 ++++++++-------- tests/suites/test_suite_pkcs12.function | 2 +- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/tests/suites/test_suite_pkcs12.data b/tests/suites/test_suite_pkcs12.data index e9e7339dcaa..98f1c0d596c 100644 --- a/tests/suites/test_suite_pkcs12.data +++ b/tests/suites/test_suite_pkcs12.data @@ -1,33 +1,33 @@ Pkcs12 derive key : Zero length password and hash -depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +depends_on:MBEDTLS_MD5_C pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":1:"":1:3:0 Pkcs12 derive key: NULL password and hash -depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +depends_on:MBEDTLS_MD5_C pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":0:"":0:3:0 Pkcs12 derive key: Zero length password -depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +depends_on:MBEDTLS_MD5_C pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":1:"0123456789abcdef":1:3:0 Pkcs12 derive key: NULL password -depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +depends_on:MBEDTLS_MD5_C pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":0:"0123456789abcdef":1:3:0 Pkcs12 derive key: Invalid length NULL password -depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +depends_on:MBEDTLS_MD5_C pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":2:"0123456789abcdef":1:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA Pkcs12 derive key: Zero length hash -depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +depends_on:MBEDTLS_MD5_C pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":1:3:0 Pkcs12 derive key: NULL hash -depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +depends_on:MBEDTLS_MD5_C pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":0:3:0 Pkcs12 derive key: Invalid length NULL hash -depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_MD5_C +depends_on:MBEDTLS_MD5_C pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"0123456789abcdef":2:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA diff --git a/tests/suites/test_suite_pkcs12.function b/tests/suites/test_suite_pkcs12.function index 8771c2b36c4..27393d06aa3 100644 --- a/tests/suites/test_suite_pkcs12.function +++ b/tests/suites/test_suite_pkcs12.function @@ -12,7 +12,7 @@ typedef enum /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_ASN1_PARSE_C + * depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_PKCS12_C * END_DEPENDENCIES */ From 2ab9a7a57a37e40f7814c57985001ffca668a101 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 25 Nov 2021 17:29:40 +0000 Subject: [PATCH 085/107] Stop CMake out of source tests running on 16.04 Running the out of source CMake test on Ubuntu 16.04 using more than one processor (as the CI does) can create a race condition whereby the build fails to see a generated file, despite that file actually having been generated. This problem appears to go away with 18.04 or newer, so make the out of source tests not supported on Ubuntu 16.04 Signed-off-by: Paul Elliott --- ...op_cmake_out_of_build_running_on_16.04.txt | 4 +++ tests/scripts/all.sh | 30 +++++++++++++++++++ 2 files changed, 34 insertions(+) create mode 100644 ChangeLog.d/stop_cmake_out_of_build_running_on_16.04.txt diff --git a/ChangeLog.d/stop_cmake_out_of_build_running_on_16.04.txt b/ChangeLog.d/stop_cmake_out_of_build_running_on_16.04.txt new file mode 100644 index 00000000000..000b4e7b46b --- /dev/null +++ b/ChangeLog.d/stop_cmake_out_of_build_running_on_16.04.txt @@ -0,0 +1,4 @@ +Bugfix + * Prevent CMake out of source tests from running on Ubuntu 16.04, as this can + cause failures due to race conditions with generated files. + diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 2d6538552c2..c07ef34f5de 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2940,6 +2940,36 @@ component_test_valgrind () { fi } +support_test_cmake_out_of_source () { + distrib_id="" + distrib_ver="" + distrib_ver_minor="" + distrib_ver_major="" + + # Attempt to parse lsb-release to find out distribution and version. If not + # found this should fail safe (test is supported). + if [[ -f /etc/lsb-release ]]; then + + while read -r lsb_line; do + case "$lsb_line" in + "DISTRIB_ID"*) distrib_id=${lsb_line/#DISTRIB_ID=};; + "DISTRIB_RELEASE"*) distrib_ver=${lsb_line/#DISTRIB_RELEASE=};; + esac + done < /etc/lsb-release + + distrib_ver_major="${distrib_ver%%.*}" + distrib_ver="${distrib_ver#*.}" + distrib_ver_minor="${distrib_ver%%.*}" + fi + + # Running the out of source CMake test on Ubuntu 16.04 using more than one + # processor (as the CI does) can create a race condition whereby the build + # fails to see a generated file, despite that file actually having been + # generated. This problem appears to go away with 18.04 or newer, so make + # the out of source tests unsupported on Ubuntu 16.04. + [ "$distrib_id" != "Ubuntu" ] || [ "$distrib_ver_major" -gt 16 ] +} + component_test_cmake_out_of_source () { msg "build: cmake 'out-of-source' build" MBEDTLS_ROOT_DIR="$PWD" From ce22008c63235837f07c654d62f1bd1acaa3af9e Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Tue, 30 Nov 2021 15:37:49 +0000 Subject: [PATCH 086/107] Documentation fixes Signed-off-by: Paul Elliott --- include/mbedtls/pkcs12.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h index 784e8d6f8a2..d9e85b1d126 100644 --- a/include/mbedtls/pkcs12.h +++ b/include/mbedtls/pkcs12.h @@ -85,7 +85,7 @@ int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode, * \param cipher_type the cipher used * \param md_type the mbedtls_md used * \param pwd Latin1-encoded password used. This may only be \c NULL when - * pwdlen is 0. No \c NULL terminator should be used. + * \p pwdlen is 0. No null terminator should be used. * \param pwdlen length of the password (may be 0) * \param input the input data * \param len data length @@ -118,7 +118,7 @@ int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode, * last two bytes should be 0x00 0x00). * \param pwdlen length of the password (may be 0). * \param salt Salt buffer to use This may only be \c NULL when - * saltlen is 0. + * \p saltlen is 0. * \param saltlen length of the salt (may be zero) * \param mbedtls_md mbedtls_md type to use during the derivation * \param id id that describes the purpose (can be From 8ca8f2d163b8009e1e1f90d483ed4d0d56dd53e0 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Tue, 30 Nov 2021 16:21:27 +0000 Subject: [PATCH 087/107] Remove incorrect test dependency Signed-off-by: Paul Elliott --- tests/suites/test_suite_pkcs12.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_pkcs12.function b/tests/suites/test_suite_pkcs12.function index 27393d06aa3..e4f026b1bae 100644 --- a/tests/suites/test_suite_pkcs12.function +++ b/tests/suites/test_suite_pkcs12.function @@ -12,7 +12,7 @@ typedef enum /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_PKCS12_C + * depends_on:MBEDTLS_PKCS12_C * END_DEPENDENCIES */ From 73051b4176ff806d6af3077463a5994dfcfb1bab Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Tue, 30 Nov 2021 16:31:10 +0000 Subject: [PATCH 088/107] Rename (and relabel) pkcs12 test case Remove surplus _test suffix. Change labeling from Pcks12 to PCKS#12 as it should be. Signed-off-by: Paul Elliott --- tests/suites/test_suite_pkcs12.data | 32 ++++++++++++------------- tests/suites/test_suite_pkcs12.function | 8 +++---- 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/tests/suites/test_suite_pkcs12.data b/tests/suites/test_suite_pkcs12.data index 98f1c0d596c..c8bfe46945b 100644 --- a/tests/suites/test_suite_pkcs12.data +++ b/tests/suites/test_suite_pkcs12.data @@ -1,33 +1,33 @@ -Pkcs12 derive key : Zero length password and hash +PKCS#12 derive key : Zero length password and hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":1:"":1:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":1:"":1:3:0 -Pkcs12 derive key: NULL password and hash +PKCS#12 derive key: NULL password and hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":0:"":0:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":0:"":0:3:0 -Pkcs12 derive key: Zero length password +PKCS#12 derive key: Zero length password depends_on:MBEDTLS_MD5_C -pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":1:"0123456789abcdef":1:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":1:"0123456789abcdef":1:3:0 -Pkcs12 derive key: NULL password +PKCS#12 derive key: NULL password depends_on:MBEDTLS_MD5_C -pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"":0:"0123456789abcdef":1:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":0:"0123456789abcdef":1:3:0 -Pkcs12 derive key: Invalid length NULL password +PKCS#12 derive key: Invalid length NULL password depends_on:MBEDTLS_MD5_C -pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":2:"0123456789abcdef":1:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":2:"0123456789abcdef":1:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA -Pkcs12 derive key: Zero length hash +PKCS#12 derive key: Zero length hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":1:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":1:3:0 -Pkcs12 derive key: NULL hash +PKCS#12 derive key: NULL hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":0:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":0:3:0 -Pkcs12 derive key: Invalid length NULL hash +PKCS#12 derive key: Invalid length NULL hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key_test:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"0123456789abcdef":2:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"0123456789abcdef":2:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA diff --git a/tests/suites/test_suite_pkcs12.function b/tests/suites/test_suite_pkcs12.function index e4f026b1bae..4c3f321b3f5 100644 --- a/tests/suites/test_suite_pkcs12.function +++ b/tests/suites/test_suite_pkcs12.function @@ -17,10 +17,10 @@ typedef enum */ /* BEGIN_CASE */ -void pkcs12_derive_key_test( int md_type, int key_size_arg, - data_t *password_arg, int password_usage, - data_t *salt_arg, int salt_usage, - int iterations, int expected_status ) +void pkcs12_derive_key( int md_type, int key_size_arg, + data_t *password_arg, int password_usage, + data_t *salt_arg, int salt_usage, + int iterations, int expected_status ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; From 270a264b7825008d0de6e344b36b1c345ee2a4ca Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Tue, 30 Nov 2021 16:39:51 +0000 Subject: [PATCH 089/107] Simplify Input usage macros Also ensure they are used in test data rather than values Signed-off-by: Paul Elliott --- tests/suites/test_suite_pkcs12.data | 16 ++++++++-------- tests/suites/test_suite_pkcs12.function | 19 ++++--------------- 2 files changed, 12 insertions(+), 23 deletions(-) diff --git a/tests/suites/test_suite_pkcs12.data b/tests/suites/test_suite_pkcs12.data index c8bfe46945b..ec04f4a65ed 100644 --- a/tests/suites/test_suite_pkcs12.data +++ b/tests/suites/test_suite_pkcs12.data @@ -1,33 +1,33 @@ PKCS#12 derive key : Zero length password and hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":1:"":1:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_GIVEN_INPUT:"":USE_GIVEN_INPUT:3:0 PKCS#12 derive key: NULL password and hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":0:"":0:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_NULL_INPUT:"":USE_NULL_INPUT:3:0 PKCS#12 derive key: Zero length password depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":1:"0123456789abcdef":1:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_GIVEN_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:0 PKCS#12 derive key: NULL password depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":0:"0123456789abcdef":1:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_NULL_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:0 PKCS#12 derive key: Invalid length NULL password depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":2:"0123456789abcdef":1:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_NULL_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA PKCS#12 derive key: Zero length hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":1:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"":USE_GIVEN_INPUT:3:0 PKCS#12 derive key: NULL hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"":0:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"":USE_NULL_INPUT:3:0 PKCS#12 derive key: Invalid length NULL hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":1:"0123456789abcdef":2:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"0123456789abcdef":USE_NULL_INPUT:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA diff --git a/tests/suites/test_suite_pkcs12.function b/tests/suites/test_suite_pkcs12.function index 4c3f321b3f5..2ed43693c17 100644 --- a/tests/suites/test_suite_pkcs12.function +++ b/tests/suites/test_suite_pkcs12.function @@ -6,7 +6,6 @@ typedef enum { USE_NULL_INPUT = 0, USE_GIVEN_INPUT = 1, - USE_NULL_INPUT_WITH_SIZE = 2, } input_usage_method_t; /* END_HEADER */ @@ -33,24 +32,14 @@ void pkcs12_derive_key( int md_type, int key_size_arg, size_t key_size = key_size_arg; if( password_usage == USE_GIVEN_INPUT ) - { password = password_arg->x; - password_len = password_arg->len; - } - else if( password_usage == USE_NULL_INPUT_WITH_SIZE ) - { - password_len = password_arg->len; - } + + password_len = password_arg->len; if( salt_usage == USE_GIVEN_INPUT ) - { salt = salt_arg->x; - salt_len = salt_arg->len; - } - else if( salt_usage == USE_NULL_INPUT_WITH_SIZE ) - { - salt_len = salt_arg->len; - } + + salt_len = salt_arg->len; ASSERT_ALLOC( output_data, key_size ); From 7a342a24ffd1996c44e5528af408301622a8d115 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Wed, 1 Dec 2021 17:18:12 +0000 Subject: [PATCH 090/107] Delete unneccesary changelog entry Signed-off-by: Paul Elliott --- ChangeLog.d/stop_cmake_out_of_build_running_on_16.04.txt | 4 ---- 1 file changed, 4 deletions(-) delete mode 100644 ChangeLog.d/stop_cmake_out_of_build_running_on_16.04.txt diff --git a/ChangeLog.d/stop_cmake_out_of_build_running_on_16.04.txt b/ChangeLog.d/stop_cmake_out_of_build_running_on_16.04.txt deleted file mode 100644 index 000b4e7b46b..00000000000 --- a/ChangeLog.d/stop_cmake_out_of_build_running_on_16.04.txt +++ /dev/null @@ -1,4 +0,0 @@ -Bugfix - * Prevent CMake out of source tests from running on Ubuntu 16.04, as this can - cause failures due to race conditions with generated files. - From 8d7eef470ba41015e2713d533b5946d0111dc95d Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 2 Dec 2021 17:51:34 +0000 Subject: [PATCH 091/107] Add explanation for safety in function Signed-off-by: Paul Elliott --- library/pkcs12.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/library/pkcs12.c b/library/pkcs12.c index 31038130621..eadc9a09242 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -244,6 +244,14 @@ static void pkcs12_fill_buffer( unsigned char *data, size_t data_len, data_len -= use_len; } } + else + { + /* If either of the above are not true then clearly there is nothing + * that this function can do. The function should *not* be called + * under either of those circumstances, as you could end up with an + * incorrect output but for safety's sake, leaving the check in as + * otherwise we could end up with memory corruption.*/ + } } int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, From c89e209dedbc6abd629791b36882d30918c00690 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 2 Dec 2021 18:03:12 +0000 Subject: [PATCH 092/107] Remove incorrect hashing Incorrect interpretation of 'empty' Signed-off-by: Paul Elliott --- library/pkcs12.c | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/library/pkcs12.c b/library/pkcs12.c index eadc9a09242..cacf7dba221 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -264,7 +264,6 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, unsigned char diversifier[128]; unsigned char salt_block[128], pwd_block[128], hash_block[128]; - unsigned char empty_string[2] = { 0, 0 }; unsigned char hash_output[MBEDTLS_MD_MAX_SIZE]; unsigned char *p; unsigned char c; @@ -331,24 +330,12 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, if( ( ret = mbedtls_md_update( &md_ctx, salt_block, v )) != 0 ) goto exit; } - else - { - if( ( ret = mbedtls_md_update( &md_ctx, empty_string, - sizeof( empty_string ) )) != 0 ) - goto exit; - } if( use_password != 0) { if( ( ret = mbedtls_md_update( &md_ctx, pwd_block, v )) != 0 ) goto exit; } - else - { - if( ( ret = mbedtls_md_update( &md_ctx, empty_string, - sizeof( empty_string ) )) != 0 ) - goto exit; - } if( ( ret = mbedtls_md_finish( &md_ctx, hash_output ) ) != 0 ) goto exit; From 5752b4b7d0111a428018da0954ad06908d88072a Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Fri, 3 Dec 2021 18:55:31 +0000 Subject: [PATCH 093/107] Add expected output for tests Expected output generated by OpenSSL (see below) apart from the case where both password and salt are either NULL or zero length, as OpenSSL does not support this. For these test cases we have had to use our own output as that which is expected. Code to generate test cases is as follows: #include #include #include int Keygen_Uni( const char * test_name, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int id, int iter, int n, unsigned char *out, const EVP_MD *md_type ) { size_t index; printf( "%s\n", test_name ); int ret = PKCS12_key_gen_uni( pass, passlen, salt, saltlen, id, iter, n, out, md_type ); if( ret != 1 ) { printf( "Key generation returned %d\n", ret ); } else { for( index = 0; index < n; ++index ) { printf( "%02x", out[index] ); } printf( "\n" ); } printf( "\n" ); } int main(void) { unsigned char out_buf[48]; unsigned char pass[64]; int pass_len; unsigned char salt[64]; int salt_len; /* If ID=1, then the pseudorandom bits being produced are to be used as key material for performing encryption or decryption. If ID=2, then the pseudorandom bits being produced are to be used as an IV (Initial Value) for encryption or decryption. If ID=3, then the pseudorandom bits being produced are to be used as an integrity key for MACing. */ int id = 1; int iter = 3; memset( out_buf, 0, sizeof( out_buf ) ); memset( pass, 0, sizeof( pass ) ); memset( salt, 0, sizeof( salt ) ); Keygen_Uni( "Zero length pass and salt", pass, 0, salt, 0, id, iter, sizeof(out_buf), out_buf, EVP_md5( ) ); memset( out_buf, 0, sizeof( out_buf ) ); Keygen_Uni( "NULL pass and salt", NULL, 0, NULL, 0, id, iter, sizeof(out_buf), out_buf, EVP_md5( ) ); memset( out_buf, 0, sizeof( out_buf ) ); salt[0] = 0x01; salt[1] = 0x23; salt[2] = 0x45; salt[3] = 0x67; salt[4] = 0x89; salt[5] = 0xab; salt[6] = 0xcd; salt[7] = 0xef; Keygen_Uni( "Zero length pass", pass, 0, salt, 8, id, iter, sizeof(out_buf), out_buf, EVP_md5( ) ); memset( out_buf, 0, sizeof( out_buf ) ); Keygen_Uni( "NULL pass", NULL, 0, salt, 8, id, iter, sizeof(out_buf), out_buf, EVP_md5( ) ); memset( out_buf, 0, sizeof( out_buf ) ); memset( salt, 0, sizeof( salt ) ); pass[0] = 0x01; pass[1] = 0x23; pass[2] = 0x45; pass[3] = 0x67; pass[4] = 0x89; pass[5] = 0xab; pass[6] = 0xcd; pass[7] = 0xef; Keygen_Uni( "Zero length salt", pass, 8, salt, 0, id, iter, sizeof(out_buf), out_buf, EVP_md5( ) ); memset( out_buf, 0, sizeof( out_buf ) ); Keygen_Uni( "NULL salt", pass, 8, NULL, 0, id, iter, sizeof(out_buf), out_buf, EVP_md5( ) ); memset( out_buf, 0, sizeof( out_buf ) ); salt[0] = 0x01; salt[1] = 0x23; salt[2] = 0x45; salt[3] = 0x67; salt[4] = 0x89; salt[5] = 0xab; salt[6] = 0xcd; salt[7] = 0xef; Keygen_Uni( "Valid pass and salt", pass, 8, salt, 8, id, iter, sizeof(out_buf), out_buf, EVP_md5( ) ); return 0; } Signed-off-by: Paul Elliott --- tests/suites/test_suite_pkcs12.data | 36 +++++++++++++------------ tests/suites/test_suite_pkcs12.function | 9 ++++++- 2 files changed, 27 insertions(+), 18 deletions(-) diff --git a/tests/suites/test_suite_pkcs12.data b/tests/suites/test_suite_pkcs12.data index ec04f4a65ed..a8c4bab35ae 100644 --- a/tests/suites/test_suite_pkcs12.data +++ b/tests/suites/test_suite_pkcs12.data @@ -1,33 +1,35 @@ -PKCS#12 derive key : Zero length password and hash +PKCS#12 derive key : MD5: Zero length password and hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_GIVEN_INPUT:"":USE_GIVEN_INPUT:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_GIVEN_INPUT:"":USE_GIVEN_INPUT:3:"6afdcbd5ebf943272134f1c3de2dc11b6afdcbd5ebf943272134f1c3de2dc11b6afdcbd5ebf943272134f1c3de2dc11b":0 -PKCS#12 derive key: NULL password and hash +PKCS#12 derive key: MD5: NULL password and hash depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_NULL_INPUT:"":USE_NULL_INPUT:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_NULL_INPUT:"":USE_NULL_INPUT:3:"6afdcbd5ebf943272134f1c3de2dc11b6afdcbd5ebf943272134f1c3de2dc11b6afdcbd5ebf943272134f1c3de2dc11b":0 -PKCS#12 derive key: Zero length password +PKCS#12 derive key: MD5: Zero length password depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_GIVEN_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_GIVEN_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:"832d8502114fcccfd3de0c2b2863b1c45fb92a8db2ed1e704727b324adc267bdd66ae4918a81fa2d1ba15febfb9e6c4e":0 -PKCS#12 derive key: NULL password +PKCS#12 derive key: MD5: NULL password depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_NULL_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_NULL_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:"832d8502114fcccfd3de0c2b2863b1c45fb92a8db2ed1e704727b324adc267bdd66ae4918a81fa2d1ba15febfb9e6c4e":0 -PKCS#12 derive key: Invalid length NULL password +PKCS#12 derive key: MD5: Invalid length NULL password depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_NULL_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_NULL_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:"":MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA -PKCS#12 derive key: Zero length hash +PKCS#12 derive key: MD5: Zero length salt depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"":USE_GIVEN_INPUT:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"":USE_GIVEN_INPUT:3:"832d8502114fcccfd3de0c2b2863b1c45fb92a8db2ed1e704727b324adc267bdd66ae4918a81fa2d1ba15febfb9e6c4e":0 -PKCS#12 derive key: NULL hash +PKCS#12 derive key: MD5: NULL salt depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"":USE_NULL_INPUT:3:0 +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"":USE_NULL_INPUT:3:"832d8502114fcccfd3de0c2b2863b1c45fb92a8db2ed1e704727b324adc267bdd66ae4918a81fa2d1ba15febfb9e6c4e":0 -PKCS#12 derive key: Invalid length NULL hash +PKCS#12 derive key: MD5: Invalid length NULL salt depends_on:MBEDTLS_MD5_C -pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"0123456789abcdef":USE_NULL_INPUT:3:MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA - +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"0123456789abcdef":USE_NULL_INPUT:3:"":MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA +PKCS#12 derive key: MD5: Valid password and salt +depends_on:MBEDTLS_MD5_C +pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:"46559deeee036836ab1b633ec620178d4c70eacf42f72a2ad7360c812efa09ca3d7567b489a109050345c2dc6a262995":0 diff --git a/tests/suites/test_suite_pkcs12.function b/tests/suites/test_suite_pkcs12.function index 2ed43693c17..a7b01f6df83 100644 --- a/tests/suites/test_suite_pkcs12.function +++ b/tests/suites/test_suite_pkcs12.function @@ -19,7 +19,8 @@ typedef enum void pkcs12_derive_key( int md_type, int key_size_arg, data_t *password_arg, int password_usage, data_t *salt_arg, int salt_usage, - int iterations, int expected_status ) + int iterations, + data_t* expected_output, int expected_status ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -55,6 +56,12 @@ void pkcs12_derive_key( int md_type, int key_size_arg, TEST_EQUAL( ret, expected_status ); + if( expected_status == 0 ) + { + ASSERT_COMPARE( expected_output->x, expected_output->len, + output_data, key_size ); + } + exit: mbedtls_free( output_data ); From dc269bbd0853b6d85ecea5ded6d4a1208f2886c8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 13 Dec 2021 12:32:43 +0100 Subject: [PATCH 094/107] mbedtls_cipher_check_tag: zeroize expected tag on tag mismatch Signed-off-by: Gilles Peskine --- library/cipher.c | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/library/cipher.c b/library/cipher.c index d51ccd77ffe..0c5bcda6688 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -1125,6 +1125,12 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, } #endif /* MBEDTLS_USE_PSA_CRYPTO */ + /* Status to return on a non-authenticated algorithm. It would make sense + * to return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT or perhaps + * MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, but at the time I write this our + * unit tests assume 0. */ + ret = 0; + #if defined(MBEDTLS_GCM_C) if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) { @@ -1140,9 +1146,7 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, /* Check the tag in "constant-time" */ if( mbedtls_ct_memcmp( tag, check_tag, tag_len ) != 0 ) - return( MBEDTLS_ERR_CIPHER_AUTH_FAILED ); - - return( 0 ); + ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; } #endif /* MBEDTLS_GCM_C */ @@ -1162,13 +1166,12 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, /* Check the tag in "constant-time" */ if( mbedtls_ct_memcmp( tag, check_tag, tag_len ) != 0 ) - return( MBEDTLS_ERR_CIPHER_AUTH_FAILED ); - - return( 0 ); + ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; } #endif /* MBEDTLS_CHACHAPOLY_C */ - return( 0 ); + mbedtls_platform_zeroize( check_tag, tag_len ); + return( ret ); } #endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */ From b3f4e5b1e19927d85d38ccf5478e316270a52f20 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 13 Dec 2021 12:33:18 +0100 Subject: [PATCH 095/107] PSA hash verification: zeroize expected hash on hash mismatch Signed-off-by: Gilles Peskine --- library/psa_crypto.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index e3db912f72f..a89430d4ea3 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2249,6 +2249,7 @@ psa_status_t psa_hash_verify( psa_hash_operation_t *operation, status = PSA_ERROR_INVALID_SIGNATURE; exit: + mbedtls_platform_zeroize( actual_hash, sizeof( actual_hash ) ); if( status != PSA_SUCCESS ) psa_hash_abort(operation); @@ -2283,12 +2284,18 @@ psa_status_t psa_hash_compare( psa_algorithm_t alg, actual_hash, sizeof(actual_hash), &actual_hash_length ); if( status != PSA_SUCCESS ) - return( status ); + goto exit; if( actual_hash_length != hash_length ) - return( PSA_ERROR_INVALID_SIGNATURE ); + { + status = PSA_ERROR_INVALID_SIGNATURE; + goto exit; + } if( mbedtls_psa_safer_memcmp( hash, actual_hash, actual_hash_length ) != 0 ) - return( PSA_ERROR_INVALID_SIGNATURE ); - return( PSA_SUCCESS ); + status = PSA_ERROR_INVALID_SIGNATURE; + +exit: + mbedtls_platform_zeroize( actual_hash, sizeof( actual_hash ) ); + return( status ); } psa_status_t psa_hash_clone( const psa_hash_operation_t *source_operation, From 69d3b86baaac0ac9c70189e0c593110c28a01115 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 13 Dec 2021 12:35:08 +0100 Subject: [PATCH 096/107] mbedtls_ssl_cookie_check: zeroize expected cookie on cookie mismatch Signed-off-by: Gilles Peskine --- library/ssl_cookie.c | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c index faf92e7c0f3..abf29ae717e 100644 --- a/library/ssl_cookie.c +++ b/library/ssl_cookie.c @@ -218,15 +218,20 @@ int mbedtls_ssl_cookie_check( void *p_ctx, #if defined(MBEDTLS_THREADING_C) if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_SSL_INTERNAL_ERROR, - MBEDTLS_ERR_THREADING_MUTEX_ERROR ) ); + { + ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_SSL_INTERNAL_ERROR, + MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + } #endif if( ret != 0 ) - return( ret ); + goto exit; if( mbedtls_ct_memcmp( cookie + 4, ref_hmac, sizeof( ref_hmac ) ) != 0 ) - return( -1 ); + { + ret = -1; + goto exit; + } #if defined(MBEDTLS_HAVE_TIME) cur_time = (unsigned long) mbedtls_time( NULL ); @@ -240,8 +245,13 @@ int mbedtls_ssl_cookie_check( void *p_ctx, ( (unsigned long) cookie[3] ); if( ctx->timeout != 0 && cur_time - cookie_time > ctx->timeout ) - return( -1 ); + { + ret = -1; + goto exit; + } - return( 0 ); +exit: + mbedtls_platform_zeroize( ref_hmac, sizeof( ref_hmac ) ); + return( ret ); } #endif /* MBEDTLS_SSL_COOKIE_C */ From f91b2e5a97ca0f60f8a172ad058b48e4703da804 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 13 Dec 2021 12:36:15 +0100 Subject: [PATCH 097/107] mbedtls_ssl_parse_finished: zeroize expected finished value on error Signed-off-by: Gilles Peskine --- library/ssl_tls.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 537adc2a0c9..ae1a1066e97 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3636,7 +3636,7 @@ int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl ) if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); + goto exit; } if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) @@ -3644,7 +3644,8 @@ int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + ret = MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; + goto exit; } /* There is currently no ciphersuite using another length with TLS 1.2 */ @@ -3661,7 +3662,8 @@ int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_FINISHED ); + ret = MBEDTLS_ERR_SSL_BAD_HS_FINISHED; + goto exit; } if( mbedtls_ct_memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ), @@ -3670,7 +3672,8 @@ int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_FINISHED ); + ret = MBEDTLS_ERR_SSL_BAD_HS_FINISHED; + goto exit; } #if defined(MBEDTLS_SSL_RENEGOTIATION) @@ -3699,7 +3702,9 @@ int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse finished" ) ); - return( 0 ); +exit: + mbedtls_platform_zeroize( buf, hash_len ); + return( ret ); } static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake ) From 8c99a760d5ee083b1401ee1fcee90c1b4655bf75 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 13 Dec 2021 12:37:55 +0100 Subject: [PATCH 098/107] PKCS#1v1.5 signature: better cleanup of temporary values Zeroize temporary buffers used to sanity-check the signature. If there is an error, overwrite the tentative signature in the output buffer. Signed-off-by: Gilles Peskine --- library/rsa.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/library/rsa.c b/library/rsa.c index a395542c3ad..8a5d40ff1ef 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -1942,9 +1942,13 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, memcpy( sig, sig_try, ctx->len ); cleanup: + mbedtls_platform_zeroize( sig_try, ctx->len ); + mbedtls_platform_zeroize( verif, ctx->len ); mbedtls_free( sig_try ); mbedtls_free( verif ); + if( ret != 0 ) + memset( sig, '!', ctx->len ); return( ret ); } #endif /* MBEDTLS_PKCS1_V15 */ From d61551c0170ea886428f243f299d6a31b6519234 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 13 Dec 2021 12:43:11 +0100 Subject: [PATCH 099/107] Generalize MAC zeroization changelog entry Signed-off-by: Gilles Peskine --- ChangeLog.d/mac-zeroize.txt | 6 ++++++ ChangeLog.d/ssl-mac-zeroize.txt | 5 ----- 2 files changed, 6 insertions(+), 5 deletions(-) create mode 100644 ChangeLog.d/mac-zeroize.txt delete mode 100644 ChangeLog.d/ssl-mac-zeroize.txt diff --git a/ChangeLog.d/mac-zeroize.txt b/ChangeLog.d/mac-zeroize.txt new file mode 100644 index 00000000000..a43e34f845f --- /dev/null +++ b/ChangeLog.d/mac-zeroize.txt @@ -0,0 +1,6 @@ +Security + * Zeroize several intermediate variables used to calculate the expected + value when verifying a MAC or AEAD tag. This hardens the library in + case the value leaks through a memory disclosure vulnerability. For + example, a memory disclosure vulnerability could have allowed a + man-in-the-middle to inject fake ciphertext into a DTLS connection. diff --git a/ChangeLog.d/ssl-mac-zeroize.txt b/ChangeLog.d/ssl-mac-zeroize.txt deleted file mode 100644 index b49c7acd771..00000000000 --- a/ChangeLog.d/ssl-mac-zeroize.txt +++ /dev/null @@ -1,5 +0,0 @@ -Security - * Zeroize intermediate variables used to calculate the MAC in CBC cipher - suites. This hardens the library in case stack memory leaks through a - memory disclosure vulnerabilty, which could formerly have allowed a - man-in-the-middle to inject fake ciphertext into a DTLS connection. From 622d80453b5f8c057ec5f5bfb8ee6c88762af86c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 13 Dec 2021 14:38:40 +0100 Subject: [PATCH 100/107] Initialize hash_len before using it Signed-off-by: Gilles Peskine --- library/ssl_tls.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index ae1a1066e97..f07b189c591 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3631,6 +3631,14 @@ int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse finished" ) ); + /* There is currently no ciphersuite using another length with TLS 1.2 */ +#if defined(MBEDTLS_SSL_PROTO_SSL3) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) + hash_len = 36; + else +#endif + hash_len = 12; + ssl->handshake->calc_finished( ssl, buf, ssl->conf->endpoint ^ 1 ); if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) @@ -3648,14 +3656,6 @@ int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl ) goto exit; } - /* There is currently no ciphersuite using another length with TLS 1.2 */ -#if defined(MBEDTLS_SSL_PROTO_SSL3) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - hash_len = 36; - else -#endif - hash_len = 12; - if( ssl->in_msg[0] != MBEDTLS_SSL_HS_FINISHED || ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + hash_len ) { From f9a0501683166e97a61070b76f819ba39be28a67 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 13 Dec 2021 16:57:47 +0100 Subject: [PATCH 101/107] mbedtls_cipher_check_tag: jump on error for more robustness to refactoring Signed-off-by: Gilles Peskine --- library/cipher.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/library/cipher.c b/library/cipher.c index 0c5bcda6688..4ec40d2cacd 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -1146,7 +1146,10 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, /* Check the tag in "constant-time" */ if( mbedtls_ct_memcmp( tag, check_tag, tag_len ) != 0 ) + { ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; + goto exit; + } } #endif /* MBEDTLS_GCM_C */ @@ -1166,10 +1169,14 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, /* Check the tag in "constant-time" */ if( mbedtls_ct_memcmp( tag, check_tag, tag_len ) != 0 ) + { ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; + goto exit; + } } #endif /* MBEDTLS_CHACHAPOLY_C */ +exit: mbedtls_platform_zeroize( check_tag, tag_len ); return( ret ); } From 04e920410d03873684ee2b2a96e492787b4cd51c Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 13 Dec 2021 17:50:41 +0000 Subject: [PATCH 102/107] Add missing changelog for ARIA (#5051) Signed-off-by: Dave Rodgman --- ChangeLog.d/aria.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/aria.txt diff --git a/ChangeLog.d/aria.txt b/ChangeLog.d/aria.txt new file mode 100644 index 00000000000..280a7c9be1e --- /dev/null +++ b/ChangeLog.d/aria.txt @@ -0,0 +1,3 @@ +Features + * Add PSA API definition for ARIA. + From 2d2fb47e45b8b9dd8382bd05da15bb8765960d74 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 14 Dec 2021 11:18:42 +0100 Subject: [PATCH 103/107] Add change log for #4883 Signed-off-by: Ronald Cron --- ChangeLog.d/fix-sign_verify-message-usage.txt | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 ChangeLog.d/fix-sign_verify-message-usage.txt diff --git a/ChangeLog.d/fix-sign_verify-message-usage.txt b/ChangeLog.d/fix-sign_verify-message-usage.txt new file mode 100644 index 00000000000..dd326ee5cbf --- /dev/null +++ b/ChangeLog.d/fix-sign_verify-message-usage.txt @@ -0,0 +1,5 @@ +Bugfix + * The key usage flags PSA_KEY_USAGE_SIGN_MESSAGE now allows the MAC + operations psa_mac_compute() and psa_mac_sign_setup(). + * The key usage flags PSA_KEY_USAGE_VERIFY_MESSAGE now allows the MAC + operations psa_mac_verify() and psa_mac_verify_setup(). From 0798a827c8f5df6c406a7cd5d2dcf48d527c963d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 15 Dec 2021 11:48:21 +0000 Subject: [PATCH 104/107] Assemble changelog Signed-off-by: Dave Rodgman --- ChangeLog | 121 ++++++++++++++++++ ChangeLog.d/aria.txt | 3 - ChangeLog.d/base64-ranges.txt | 4 - ChangeLog.d/bugfix-for-gcm-long-iv-size.txt | 4 - ChangeLog.d/build-without-sha.txt | 3 - .../chacha20-poly1305-invalid-nonce.txt | 3 - ChangeLog.d/check-return.txt | 19 --- ChangeLog.d/constant_time_module.txt | 10 -- ChangeLog.d/do-not-use-obsolete-header.txt | 5 - ChangeLog.d/fix-cipher-iv.txt | 5 - ChangeLog.d/fix-cipher-output-size-macros.txt | 4 - .../fix-mbedtls_cipher_crypt-aes-ecb.txt | 2 - .../fix-needed-shared-libraries-linux.txt | 3 - ChangeLog.d/fix-pkcs12-null-password.txt | 5 - ChangeLog.d/fix-psa_gen_key-status.txt | 2 - ChangeLog.d/fix-session-copy-bug.txt | 6 - ChangeLog.d/fix-sign_verify-message-usage.txt | 5 - ChangeLog.d/fix_compilation_ssl_tests.txt | 3 - ChangeLog.d/issue4630.txt | 2 - ChangeLog.d/mac-zeroize.txt | 6 - ChangeLog.d/makefile-python-windows.txt | 4 - ChangeLog.d/muladdc-memory.txt | 5 - ChangeLog.d/no-strerror.txt | 3 - ChangeLog.d/psa_alg_rsa_pss.txt | 5 - ChangeLog.d/psa_cipher_update_ecp.txt | 2 - ChangeLog.d/psa_crypto_api_macros.txt | 11 -- ChangeLog.d/remove-greentea-support.txt | 3 - ChangeLog.d/remove_default_alllow_sha1.txt | 10 -- ChangeLog.d/semi-public-structure-fields.txt | 5 - ChangeLog.d/tls_ext_cid-config.txt | 3 - .../twos_complement_representation.txt | 3 - 31 files changed, 121 insertions(+), 148 deletions(-) delete mode 100644 ChangeLog.d/aria.txt delete mode 100644 ChangeLog.d/base64-ranges.txt delete mode 100644 ChangeLog.d/bugfix-for-gcm-long-iv-size.txt delete mode 100644 ChangeLog.d/build-without-sha.txt delete mode 100644 ChangeLog.d/chacha20-poly1305-invalid-nonce.txt delete mode 100644 ChangeLog.d/check-return.txt delete mode 100644 ChangeLog.d/constant_time_module.txt delete mode 100644 ChangeLog.d/do-not-use-obsolete-header.txt delete mode 100644 ChangeLog.d/fix-cipher-iv.txt delete mode 100644 ChangeLog.d/fix-cipher-output-size-macros.txt delete mode 100644 ChangeLog.d/fix-mbedtls_cipher_crypt-aes-ecb.txt delete mode 100644 ChangeLog.d/fix-needed-shared-libraries-linux.txt delete mode 100644 ChangeLog.d/fix-pkcs12-null-password.txt delete mode 100644 ChangeLog.d/fix-psa_gen_key-status.txt delete mode 100644 ChangeLog.d/fix-session-copy-bug.txt delete mode 100644 ChangeLog.d/fix-sign_verify-message-usage.txt delete mode 100644 ChangeLog.d/fix_compilation_ssl_tests.txt delete mode 100644 ChangeLog.d/issue4630.txt delete mode 100644 ChangeLog.d/mac-zeroize.txt delete mode 100644 ChangeLog.d/makefile-python-windows.txt delete mode 100644 ChangeLog.d/muladdc-memory.txt delete mode 100644 ChangeLog.d/no-strerror.txt delete mode 100644 ChangeLog.d/psa_alg_rsa_pss.txt delete mode 100644 ChangeLog.d/psa_cipher_update_ecp.txt delete mode 100644 ChangeLog.d/psa_crypto_api_macros.txt delete mode 100644 ChangeLog.d/remove-greentea-support.txt delete mode 100644 ChangeLog.d/remove_default_alllow_sha1.txt delete mode 100644 ChangeLog.d/semi-public-structure-fields.txt delete mode 100644 ChangeLog.d/tls_ext_cid-config.txt delete mode 100644 ChangeLog.d/twos_complement_representation.txt diff --git a/ChangeLog b/ChangeLog index 89572ca0b96..43d42a79f18 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,126 @@ mbed TLS ChangeLog (Sorted per branch, date) += mbed TLS x.x.x branch released xxxx-xx-xx + +API changes + * Some fields of mbedtls_ssl_session and mbedtls_ssl_config are in a + different order. This only affects applications that define such + structures directly or serialize them. + +Requirement changes + * Sign-magnitude and one's complement representations for signed integers are + not supported. Two's complement is the only supported representation. + +Removals + * Remove config option MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES, + which allowed SHA-1 in the default TLS configuration for certificate + signing. It was intended to facilitate the transition in environments + with SHA-1 certificates. SHA-1 is considered a weak message digest and + its use constitutes a security risk. + * Remove the partial support for running unit tests via Greentea on Mbed OS, + which had been unmaintained since 2018. + +Features + * The identifier of the CID TLS extension can be configured by defining + MBEDTLS_TLS_EXT_CID at compile time. + * Warn if errors from certain functions are ignored. This is currently + supported on GCC-like compilers and on MSVC and can be configured through + the macro MBEDTLS_CHECK_RETURN. The warnings are always enabled + (where supported) for critical functions where ignoring the return + value is almost always a bug. Enable the new configuration option + MBEDTLS_CHECK_RETURN_WARNING to get warnings for other functions. This + is currently implemented in the AES, DES and md modules, and will be + extended to other modules in the future. + * Add missing PSA macros declared by PSA Crypto API 1.0.0: + PSA_ALG_IS_SIGN_HASH, PSA_ALG_NONE, PSA_HASH_BLOCK_LENGTH, PSA_KEY_ID_NULL. + * Add new API mbedtls_ct_memcmp for constant time buffer comparison. + * Add PSA API definition for ARIA. + +Security + * Zeroize several intermediate variables used to calculate the expected + value when verifying a MAC or AEAD tag. This hardens the library in + case the value leaks through a memory disclosure vulnerability. For + example, a memory disclosure vulnerability could have allowed a + man-in-the-middle to inject fake ciphertext into a DTLS connection. + * In psa_cipher_generate_iv() and psa_cipher_encrypt(), do not read back + from the output buffer. This fixes a potential policy bypass or decryption + oracle vulnerability if the output buffer is in memory that is shared with + an untrusted application. + +Bugfix + * Stop using reserved identifiers as local variables. Fixes #4630. + * The GNU makefiles invoke python3 in preference to python except on Windows. + The check was accidentally not performed when cross-compiling for Windows + on Linux. Fix this. Fixes #4774. + * Prevent divide by zero if either of PSA_CIPHER_ENCRYPT_OUTPUT_SIZE() or + PSA_CIPHER_UPDATE_OUTPUT_SIZE() were called using an asymmetric key type. + * Fix a parameter set but unused in psa_crypto_cipher.c. Fixes #4935. + * Don't use the obsolete header path sys/fcntl.h in unit tests. + These header files cause compilation errors in musl. + Fixes #4969. + * Fix missing constraints on x86_64 and aarch64 assembly code + for bignum multiplication that broke some bignum operations with + (at least) Clang 12. + Fixes #4116, #4786, #4917, #4962. + * Fix mbedtls_cipher_crypt: AES-ECB when MBEDTLS_USE_PSA_CRYPTO is enabled. + * Failures of alternative implementations of AES or DES single-block + functions enabled with MBEDTLS_AES_ENCRYPT_ALT, MBEDTLS_AES_DECRYPT_ALT, + MBEDTLS_DES_CRYPT_ECB_ALT or MBEDTLS_DES3_CRYPT_ECB_ALT were ignored. + This does not concern the implementation provided with Mbed TLS, + where this function cannot fail, or full-module replacements with + MBEDTLS_AES_ALT or MBEDTLS_DES_ALT. Reported by Armelle Duboc in #1092. + * Some failures of HMAC operations were ignored. These failures could only + happen with an alternative implementation of the underlying hash module. + * Fix the error returned by psa_generate_key() for a public key. Fixes #4551. + * Fix the build of sample programs when neither MBEDTLS_ERROR_C nor + MBEDTLS_ERROR_STRERROR_DUMMY is enabled. + * Fix PSA_ALG_RSA_PSS verification accepting an arbitrary salt length. + This algorithm now accepts only the same salt length for verification + that it produces when signing, as documented. Use the new algorithm + PSA_ALG_RSA_PSS_ANY_SALT to accept any salt length. Fixes #4946. + * The existing predicate macro name PSA_ALG_IS_HASH_AND_SIGN is now reserved + for algorithm values that fully encode the hashing step, as per the PSA + Crypto API specification. This excludes PSA_ALG_RSA_PKCS1V15_SIGN_RAW and + PSA_ALG_ECDSA_ANY. The new predicate macro PSA_ALG_IS_SIGN_HASH covers + all algorithms that can be used with psa_{sign,verify}_hash(), including + these two. + * Fix issue in Makefile on Linux with SHARED=1, that caused shared libraries + not to list other shared libraries they need. + * Fix a bug in mbedtls_gcm_starts() when bits of iv are longer than 2^32. + * Fix #4884. + * Fix an uninitialized variable warning in test_suite_ssl.function with GCC + version 11. + * Fix the build when no SHA2 module is included. Fixes #4930. + * Fix the build when only the bignum module is included. Fixes #4929. + * Fix a potential invalid pointer dereference and infinite loop bugs in + pkcs12 functions when the password is empty. Fix the documentation to + better describe the inputs to these functions and their possible values. + Fixes #5136. + * Fix a double-free that happened after mbedtls_ssl_set_session() or + mbedtls_ssl_get_session() failed with MBEDTLS_ERR_SSL_ALLOC_FAILED + (out of memory). After that, calling mbedtls_ssl_session_free() + and mbedtls_ssl_free() would cause an internal session buffer to + be free()'d twice. + * The key usage flags PSA_KEY_USAGE_SIGN_MESSAGE now allows the MAC + operations psa_mac_compute() and psa_mac_sign_setup(). + * The key usage flags PSA_KEY_USAGE_VERIFY_MESSAGE now allows the MAC + operations psa_mac_verify() and psa_mac_verify_setup(). + +Changes + * Set config option MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE to be + disabled by default. + * Improve the performance of base64 constant-flow code. The result is still + slower than the original non-constant-flow implementation, but much faster + than the previous constant-flow implementation. Fixes #4814. + * Indicate in the error returned if the nonce length used with + ChaCha20-Poly1305 is invalid, and not just unsupported. + * The mbedcrypto library includes a new source code module constant_time.c, + containing various functions meant to resist timing side channel attacks. + This module does not have a separate configuration option, and functions + from this module will be included in the build as required. Currently + most of the interface of this module is private and may change at any + time. + = mbed TLS 2.27.0 branch released 2021-07-07 API changes diff --git a/ChangeLog.d/aria.txt b/ChangeLog.d/aria.txt deleted file mode 100644 index 280a7c9be1e..00000000000 --- a/ChangeLog.d/aria.txt +++ /dev/null @@ -1,3 +0,0 @@ -Features - * Add PSA API definition for ARIA. - diff --git a/ChangeLog.d/base64-ranges.txt b/ChangeLog.d/base64-ranges.txt deleted file mode 100644 index e3f3862bfb1..00000000000 --- a/ChangeLog.d/base64-ranges.txt +++ /dev/null @@ -1,4 +0,0 @@ -Changes - * Improve the performance of base64 constant-flow code. The result is still - slower than the original non-constant-flow implementation, but much faster - than the previous constant-flow implementation. Fixes #4814. diff --git a/ChangeLog.d/bugfix-for-gcm-long-iv-size.txt b/ChangeLog.d/bugfix-for-gcm-long-iv-size.txt deleted file mode 100644 index c04c4aa1825..00000000000 --- a/ChangeLog.d/bugfix-for-gcm-long-iv-size.txt +++ /dev/null @@ -1,4 +0,0 @@ -Bugfix - * Fix a bug in mbedtls_gcm_starts() when bits of iv are longer than 2^32. - * Fix #4884. - diff --git a/ChangeLog.d/build-without-sha.txt b/ChangeLog.d/build-without-sha.txt deleted file mode 100644 index 78ba27694a3..00000000000 --- a/ChangeLog.d/build-without-sha.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * Fix the build when no SHA2 module is included. Fixes #4930. - * Fix the build when only the bignum module is included. Fixes #4929. diff --git a/ChangeLog.d/chacha20-poly1305-invalid-nonce.txt b/ChangeLog.d/chacha20-poly1305-invalid-nonce.txt deleted file mode 100644 index ca3f9aceea0..00000000000 --- a/ChangeLog.d/chacha20-poly1305-invalid-nonce.txt +++ /dev/null @@ -1,3 +0,0 @@ -Changes - * Indicate in the error returned if the nonce length used with - ChaCha20-Poly1305 is invalid, and not just unsupported. diff --git a/ChangeLog.d/check-return.txt b/ChangeLog.d/check-return.txt deleted file mode 100644 index 7d905da7321..00000000000 --- a/ChangeLog.d/check-return.txt +++ /dev/null @@ -1,19 +0,0 @@ -Bugfix - * Failures of alternative implementations of AES or DES single-block - functions enabled with MBEDTLS_AES_ENCRYPT_ALT, MBEDTLS_AES_DECRYPT_ALT, - MBEDTLS_DES_CRYPT_ECB_ALT or MBEDTLS_DES3_CRYPT_ECB_ALT were ignored. - This does not concern the implementation provided with Mbed TLS, - where this function cannot fail, or full-module replacements with - MBEDTLS_AES_ALT or MBEDTLS_DES_ALT. Reported by Armelle Duboc in #1092. - * Some failures of HMAC operations were ignored. These failures could only - happen with an alternative implementation of the underlying hash module. - -Features - * Warn if errors from certain functions are ignored. This is currently - supported on GCC-like compilers and on MSVC and can be configured through - the macro MBEDTLS_CHECK_RETURN. The warnings are always enabled - (where supported) for critical functions where ignoring the return - value is almost always a bug. Enable the new configuration option - MBEDTLS_CHECK_RETURN_WARNING to get warnings for other functions. This - is currently implemented in the AES, DES and md modules, and will be - extended to other modules in the future. diff --git a/ChangeLog.d/constant_time_module.txt b/ChangeLog.d/constant_time_module.txt deleted file mode 100644 index ebb0b7fb96e..00000000000 --- a/ChangeLog.d/constant_time_module.txt +++ /dev/null @@ -1,10 +0,0 @@ -Changes - * The mbedcrypto library includes a new source code module constant_time.c, - containing various functions meant to resist timing side channel attacks. - This module does not have a separate configuration option, and functions - from this module will be included in the build as required. Currently - most of the interface of this module is private and may change at any - time. - -Features - * Add new API mbedtls_ct_memcmp for constant time buffer comparison. diff --git a/ChangeLog.d/do-not-use-obsolete-header.txt b/ChangeLog.d/do-not-use-obsolete-header.txt deleted file mode 100644 index 9a57ef16b24..00000000000 --- a/ChangeLog.d/do-not-use-obsolete-header.txt +++ /dev/null @@ -1,5 +0,0 @@ -Bugfix - * Don't use the obsolete header path sys/fcntl.h in unit tests. - These header files cause compilation errors in musl. - Fixes #4969. - diff --git a/ChangeLog.d/fix-cipher-iv.txt b/ChangeLog.d/fix-cipher-iv.txt deleted file mode 100644 index e7af6414ac2..00000000000 --- a/ChangeLog.d/fix-cipher-iv.txt +++ /dev/null @@ -1,5 +0,0 @@ -Security - * In psa_cipher_generate_iv() and psa_cipher_encrypt(), do not read back - from the output buffer. This fixes a potential policy bypass or decryption - oracle vulnerability if the output buffer is in memory that is shared with - an untrusted application. diff --git a/ChangeLog.d/fix-cipher-output-size-macros.txt b/ChangeLog.d/fix-cipher-output-size-macros.txt deleted file mode 100644 index 4a4b971c83b..00000000000 --- a/ChangeLog.d/fix-cipher-output-size-macros.txt +++ /dev/null @@ -1,4 +0,0 @@ -Bugfix - * Prevent divide by zero if either of PSA_CIPHER_ENCRYPT_OUTPUT_SIZE() or - PSA_CIPHER_UPDATE_OUTPUT_SIZE() were called using an asymmetric key type. - diff --git a/ChangeLog.d/fix-mbedtls_cipher_crypt-aes-ecb.txt b/ChangeLog.d/fix-mbedtls_cipher_crypt-aes-ecb.txt deleted file mode 100644 index 6dc47244fed..00000000000 --- a/ChangeLog.d/fix-mbedtls_cipher_crypt-aes-ecb.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bugfix - * Fix mbedtls_cipher_crypt: AES-ECB when MBEDTLS_USE_PSA_CRYPTO is enabled. diff --git a/ChangeLog.d/fix-needed-shared-libraries-linux.txt b/ChangeLog.d/fix-needed-shared-libraries-linux.txt deleted file mode 100644 index 74ad3bc7531..00000000000 --- a/ChangeLog.d/fix-needed-shared-libraries-linux.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * Fix issue in Makefile on Linux with SHARED=1, that caused shared libraries - not to list other shared libraries they need. diff --git a/ChangeLog.d/fix-pkcs12-null-password.txt b/ChangeLog.d/fix-pkcs12-null-password.txt deleted file mode 100644 index fae81955359..00000000000 --- a/ChangeLog.d/fix-pkcs12-null-password.txt +++ /dev/null @@ -1,5 +0,0 @@ -Bugfix - * Fix a potential invalid pointer dereference and infinite loop bugs in - pkcs12 functions when the password is empty. Fix the documentation to - better describe the inputs to these functions and their possible values. - Fixes #5136. diff --git a/ChangeLog.d/fix-psa_gen_key-status.txt b/ChangeLog.d/fix-psa_gen_key-status.txt deleted file mode 100644 index 78609882f9e..00000000000 --- a/ChangeLog.d/fix-psa_gen_key-status.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bugfix - * Fix the error returned by psa_generate_key() for a public key. Fixes #4551. diff --git a/ChangeLog.d/fix-session-copy-bug.txt b/ChangeLog.d/fix-session-copy-bug.txt deleted file mode 100644 index 46e3d8ef612..00000000000 --- a/ChangeLog.d/fix-session-copy-bug.txt +++ /dev/null @@ -1,6 +0,0 @@ -Bugfix - * Fix a double-free that happened after mbedtls_ssl_set_session() or - mbedtls_ssl_get_session() failed with MBEDTLS_ERR_SSL_ALLOC_FAILED - (out of memory). After that, calling mbedtls_ssl_session_free() - and mbedtls_ssl_free() would cause an internal session buffer to - be free()'d twice. diff --git a/ChangeLog.d/fix-sign_verify-message-usage.txt b/ChangeLog.d/fix-sign_verify-message-usage.txt deleted file mode 100644 index dd326ee5cbf..00000000000 --- a/ChangeLog.d/fix-sign_verify-message-usage.txt +++ /dev/null @@ -1,5 +0,0 @@ -Bugfix - * The key usage flags PSA_KEY_USAGE_SIGN_MESSAGE now allows the MAC - operations psa_mac_compute() and psa_mac_sign_setup(). - * The key usage flags PSA_KEY_USAGE_VERIFY_MESSAGE now allows the MAC - operations psa_mac_verify() and psa_mac_verify_setup(). diff --git a/ChangeLog.d/fix_compilation_ssl_tests.txt b/ChangeLog.d/fix_compilation_ssl_tests.txt deleted file mode 100644 index 202e5c43925..00000000000 --- a/ChangeLog.d/fix_compilation_ssl_tests.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * Fix an uninitialized variable warning in test_suite_ssl.function with GCC - version 11. diff --git a/ChangeLog.d/issue4630.txt b/ChangeLog.d/issue4630.txt deleted file mode 100644 index 0bc4b99e592..00000000000 --- a/ChangeLog.d/issue4630.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bugfix - * Stop using reserved identifiers as local variables. Fixes #4630. diff --git a/ChangeLog.d/mac-zeroize.txt b/ChangeLog.d/mac-zeroize.txt deleted file mode 100644 index a43e34f845f..00000000000 --- a/ChangeLog.d/mac-zeroize.txt +++ /dev/null @@ -1,6 +0,0 @@ -Security - * Zeroize several intermediate variables used to calculate the expected - value when verifying a MAC or AEAD tag. This hardens the library in - case the value leaks through a memory disclosure vulnerability. For - example, a memory disclosure vulnerability could have allowed a - man-in-the-middle to inject fake ciphertext into a DTLS connection. diff --git a/ChangeLog.d/makefile-python-windows.txt b/ChangeLog.d/makefile-python-windows.txt deleted file mode 100644 index 57ccc1a39a5..00000000000 --- a/ChangeLog.d/makefile-python-windows.txt +++ /dev/null @@ -1,4 +0,0 @@ -Bugfix - * The GNU makefiles invoke python3 in preference to python except on Windows. - The check was accidentally not performed when cross-compiling for Windows - on Linux. Fix this. Fixes #4774. diff --git a/ChangeLog.d/muladdc-memory.txt b/ChangeLog.d/muladdc-memory.txt deleted file mode 100644 index 218be5a6054..00000000000 --- a/ChangeLog.d/muladdc-memory.txt +++ /dev/null @@ -1,5 +0,0 @@ -Bugfix - * Fix missing constraints on x86_64 and aarch64 assembly code - for bignum multiplication that broke some bignum operations with - (at least) Clang 12. - Fixes #4116, #4786, #4917, #4962. diff --git a/ChangeLog.d/no-strerror.txt b/ChangeLog.d/no-strerror.txt deleted file mode 100644 index 69743a87157..00000000000 --- a/ChangeLog.d/no-strerror.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * Fix the build of sample programs when neither MBEDTLS_ERROR_C nor - MBEDTLS_ERROR_STRERROR_DUMMY is enabled. diff --git a/ChangeLog.d/psa_alg_rsa_pss.txt b/ChangeLog.d/psa_alg_rsa_pss.txt deleted file mode 100644 index 5c6048fe6c3..00000000000 --- a/ChangeLog.d/psa_alg_rsa_pss.txt +++ /dev/null @@ -1,5 +0,0 @@ -Bugfix - * Fix PSA_ALG_RSA_PSS verification accepting an arbitrary salt length. - This algorithm now accepts only the same salt length for verification - that it produces when signing, as documented. Use the new algorithm - PSA_ALG_RSA_PSS_ANY_SALT to accept any salt length. Fixes #4946. diff --git a/ChangeLog.d/psa_cipher_update_ecp.txt b/ChangeLog.d/psa_cipher_update_ecp.txt deleted file mode 100644 index 1c3fbc6b18b..00000000000 --- a/ChangeLog.d/psa_cipher_update_ecp.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bugfix - * Fix a parameter set but unused in psa_crypto_cipher.c. Fixes #4935. diff --git a/ChangeLog.d/psa_crypto_api_macros.txt b/ChangeLog.d/psa_crypto_api_macros.txt deleted file mode 100644 index ff53e33c2dc..00000000000 --- a/ChangeLog.d/psa_crypto_api_macros.txt +++ /dev/null @@ -1,11 +0,0 @@ -Features - * Add missing PSA macros declared by PSA Crypto API 1.0.0: - PSA_ALG_IS_SIGN_HASH, PSA_ALG_NONE, PSA_HASH_BLOCK_LENGTH, PSA_KEY_ID_NULL. - -Bugfix - * The existing predicate macro name PSA_ALG_IS_HASH_AND_SIGN is now reserved - for algorithm values that fully encode the hashing step, as per the PSA - Crypto API specification. This excludes PSA_ALG_RSA_PKCS1V15_SIGN_RAW and - PSA_ALG_ECDSA_ANY. The new predicate macro PSA_ALG_IS_SIGN_HASH covers - all algorithms that can be used with psa_{sign,verify}_hash(), including - these two. diff --git a/ChangeLog.d/remove-greentea-support.txt b/ChangeLog.d/remove-greentea-support.txt deleted file mode 100644 index af4df4baa18..00000000000 --- a/ChangeLog.d/remove-greentea-support.txt +++ /dev/null @@ -1,3 +0,0 @@ -Removals - * Remove the partial support for running unit tests via Greentea on Mbed OS, - which had been unmaintained since 2018. diff --git a/ChangeLog.d/remove_default_alllow_sha1.txt b/ChangeLog.d/remove_default_alllow_sha1.txt deleted file mode 100644 index 9ec10cf6bc8..00000000000 --- a/ChangeLog.d/remove_default_alllow_sha1.txt +++ /dev/null @@ -1,10 +0,0 @@ -Removals - * Remove config option MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES, - which allowed SHA-1 in the default TLS configuration for certificate - signing. It was intended to facilitate the transition in environments - with SHA-1 certificates. SHA-1 is considered a weak message digest and - its use constitutes a security risk. - -Changes - * Set config option MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE to be - disabled by default. diff --git a/ChangeLog.d/semi-public-structure-fields.txt b/ChangeLog.d/semi-public-structure-fields.txt deleted file mode 100644 index 802f8de2b7a..00000000000 --- a/ChangeLog.d/semi-public-structure-fields.txt +++ /dev/null @@ -1,5 +0,0 @@ -API changes - * Some fields of mbedtls_ssl_session and mbedtls_ssl_config are in a - different order. This only affects applications that define such - structures directly or serialize them. - diff --git a/ChangeLog.d/tls_ext_cid-config.txt b/ChangeLog.d/tls_ext_cid-config.txt deleted file mode 100644 index b7b1e72443e..00000000000 --- a/ChangeLog.d/tls_ext_cid-config.txt +++ /dev/null @@ -1,3 +0,0 @@ -Features - * The identifier of the CID TLS extension can be configured by defining - MBEDTLS_TLS_EXT_CID at compile time. diff --git a/ChangeLog.d/twos_complement_representation.txt b/ChangeLog.d/twos_complement_representation.txt deleted file mode 100644 index fa49859abca..00000000000 --- a/ChangeLog.d/twos_complement_representation.txt +++ /dev/null @@ -1,3 +0,0 @@ -Requirement changes - * Sign-magnitude and one's complement representations for signed integers are - not supported. Two's complement is the only supported representation. From f00d9a2340ddaf107a879ce14d9741c6d2b29175 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 15 Dec 2021 11:52:54 +0000 Subject: [PATCH 105/107] Minor Changelog updates & fixes Signed-off-by: Dave Rodgman --- ChangeLog | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/ChangeLog b/ChangeLog index 43d42a79f18..021012a0269 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,6 @@ mbed TLS ChangeLog (Sorted per branch, date) -= mbed TLS x.x.x branch released xxxx-xx-xx += mbed TLS 2.28.0 branch released 2021-12-17 API changes * Some fields of mbedtls_ssl_session and mbedtls_ssl_config are in a @@ -33,7 +33,7 @@ Features extended to other modules in the future. * Add missing PSA macros declared by PSA Crypto API 1.0.0: PSA_ALG_IS_SIGN_HASH, PSA_ALG_NONE, PSA_HASH_BLOCK_LENGTH, PSA_KEY_ID_NULL. - * Add new API mbedtls_ct_memcmp for constant time buffer comparison. + * Add new API mbedtls_ct_memcmp for constant time buffer comparison. * Add PSA API definition for ARIA. Security @@ -46,6 +46,11 @@ Security from the output buffer. This fixes a potential policy bypass or decryption oracle vulnerability if the output buffer is in memory that is shared with an untrusted application. + * Fix a double-free that happened after mbedtls_ssl_set_session() or + mbedtls_ssl_get_session() failed with MBEDTLS_ERR_SSL_ALLOC_FAILED + (out of memory). After that, calling mbedtls_ssl_session_free() + and mbedtls_ssl_free() would cause an internal session buffer to + be free()'d twice. Bugfix * Stop using reserved identifiers as local variables. Fixes #4630. @@ -86,8 +91,8 @@ Bugfix these two. * Fix issue in Makefile on Linux with SHARED=1, that caused shared libraries not to list other shared libraries they need. - * Fix a bug in mbedtls_gcm_starts() when bits of iv are longer than 2^32. - * Fix #4884. + * Fix a bug in mbedtls_gcm_starts() when the bit length of the iv + exceeds 2^32. Fixes #4884. * Fix an uninitialized variable warning in test_suite_ssl.function with GCC version 11. * Fix the build when no SHA2 module is included. Fixes #4930. @@ -96,11 +101,6 @@ Bugfix pkcs12 functions when the password is empty. Fix the documentation to better describe the inputs to these functions and their possible values. Fixes #5136. - * Fix a double-free that happened after mbedtls_ssl_set_session() or - mbedtls_ssl_get_session() failed with MBEDTLS_ERR_SSL_ALLOC_FAILED - (out of memory). After that, calling mbedtls_ssl_session_free() - and mbedtls_ssl_free() would cause an internal session buffer to - be free()'d twice. * The key usage flags PSA_KEY_USAGE_SIGN_MESSAGE now allows the MAC operations psa_mac_compute() and psa_mac_sign_setup(). * The key usage flags PSA_KEY_USAGE_VERIFY_MESSAGE now allows the MAC @@ -114,12 +114,12 @@ Changes than the previous constant-flow implementation. Fixes #4814. * Indicate in the error returned if the nonce length used with ChaCha20-Poly1305 is invalid, and not just unsupported. - * The mbedcrypto library includes a new source code module constant_time.c, - containing various functions meant to resist timing side channel attacks. - This module does not have a separate configuration option, and functions - from this module will be included in the build as required. Currently - most of the interface of this module is private and may change at any - time. + * The mbedcrypto library includes a new source code module constant_time.c, + containing various functions meant to resist timing side channel attacks. + This module does not have a separate configuration option, and functions + from this module will be included in the build as required. Currently + most of the interface of this module is private and may change at any + time. = mbed TLS 2.27.0 branch released 2021-07-07 From 29c3aee6a75ec44e07097647d5b1c34c65b9add8 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 13 Dec 2021 18:47:16 +0000 Subject: [PATCH 106/107] Update branch information in BRANCHES.md Signed-off-by: Dave Rodgman --- BRANCHES.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/BRANCHES.md b/BRANCHES.md index d5144188ea2..ee91f76bb8b 100644 --- a/BRANCHES.md +++ b/BRANCHES.md @@ -48,8 +48,7 @@ The following branches are currently maintained: - [master](https://github.com/ARMmbed/mbedtls/tree/master) - [`development`](https://github.com/ARMmbed/mbedtls/) -- [`mbedtls-2.16`](https://github.com/ARMmbed/mbedtls/tree/mbedtls-2.16) - maintained until at least the end of 2021, see - +- [`mbedtls-2.28`](https://github.com/ARMmbed/mbedtls/tree/mbedtls-2.28) + maintained until at least the end of 2024. Users are urged to always use the latest version of a maintained branch. From d41dab39c5f4c4fed56b346d56ece076c91016e1 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 15 Dec 2021 11:55:31 +0000 Subject: [PATCH 107/107] Bump version to 2.28.0 Executed ./scripts/bump_version.sh --version 2.28.0 --so-tls 14 Signed-off-by: Dave Rodgman --- doxygen/input/doc_mainpage.h | 2 +- doxygen/mbedtls.doxyfile | 2 +- include/mbedtls/version.h | 8 ++++---- library/CMakeLists.txt | 6 +++--- library/Makefile | 2 +- tests/suites/test_suite_version.data | 4 ++-- 6 files changed, 12 insertions(+), 12 deletions(-) diff --git a/doxygen/input/doc_mainpage.h b/doxygen/input/doc_mainpage.h index 4ff63ce69af..5a0f3ecaff7 100644 --- a/doxygen/input/doc_mainpage.h +++ b/doxygen/input/doc_mainpage.h @@ -22,7 +22,7 @@ */ /** - * @mainpage mbed TLS v2.27.0 source code documentation + * @mainpage mbed TLS v2.28.0 source code documentation * * This documentation describes the internal structure of mbed TLS. It was * automatically generated from specially formatted comment blocks in diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile index 186c1487baa..efd9ac6edf4 100644 --- a/doxygen/mbedtls.doxyfile +++ b/doxygen/mbedtls.doxyfile @@ -28,7 +28,7 @@ DOXYFILE_ENCODING = UTF-8 # identify the project. Note that if you do not use Doxywizard you need # to put quotes around the project name if it contains spaces. -PROJECT_NAME = "mbed TLS v2.27.0" +PROJECT_NAME = "mbed TLS v2.28.0" # The PROJECT_NUMBER tag can be used to enter a project or revision number. # This could be handy for archiving the generated documentation or diff --git a/include/mbedtls/version.h b/include/mbedtls/version.h index 2740479f53b..b1a92b2bcf3 100644 --- a/include/mbedtls/version.h +++ b/include/mbedtls/version.h @@ -37,7 +37,7 @@ * Major, Minor, Patchlevel */ #define MBEDTLS_VERSION_MAJOR 2 -#define MBEDTLS_VERSION_MINOR 27 +#define MBEDTLS_VERSION_MINOR 28 #define MBEDTLS_VERSION_PATCH 0 /** @@ -45,9 +45,9 @@ * MMNNPP00 * Major version | Minor version | Patch version */ -#define MBEDTLS_VERSION_NUMBER 0x021B0000 -#define MBEDTLS_VERSION_STRING "2.27.0" -#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.27.0" +#define MBEDTLS_VERSION_NUMBER 0x021C0000 +#define MBEDTLS_VERSION_STRING "2.28.0" +#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.28.0" #if defined(MBEDTLS_VERSION_C) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 0cafd88817f..0a600674db4 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -203,15 +203,15 @@ endif(USE_STATIC_MBEDTLS_LIBRARY) if(USE_SHARED_MBEDTLS_LIBRARY) add_library(${mbedcrypto_target} SHARED ${src_crypto}) - set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 2.27.0 SOVERSION 7) + set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 2.28.0 SOVERSION 7) target_link_libraries(${mbedcrypto_target} PUBLIC ${libs}) add_library(${mbedx509_target} SHARED ${src_x509}) - set_target_properties(${mbedx509_target} PROPERTIES VERSION 2.27.0 SOVERSION 1) + set_target_properties(${mbedx509_target} PROPERTIES VERSION 2.28.0 SOVERSION 1) target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target}) add_library(${mbedtls_target} SHARED ${src_tls}) - set_target_properties(${mbedtls_target} PROPERTIES VERSION 2.27.0 SOVERSION 13) + set_target_properties(${mbedtls_target} PROPERTIES VERSION 2.28.0 SOVERSION 14) target_link_libraries(${mbedtls_target} PUBLIC ${libs} ${mbedx509_target}) endif(USE_SHARED_MBEDTLS_LIBRARY) diff --git a/library/Makefile b/library/Makefile index 71a1bb00b50..54b0651dc48 100644 --- a/library/Makefile +++ b/library/Makefile @@ -39,7 +39,7 @@ LOCAL_CFLAGS += -fPIC -fpic endif endif -SOEXT_TLS=so.13 +SOEXT_TLS=so.14 SOEXT_X509=so.1 SOEXT_CRYPTO=so.7 diff --git a/tests/suites/test_suite_version.data b/tests/suites/test_suite_version.data index 9d4ae17657b..60bd1b9d40d 100644 --- a/tests/suites/test_suite_version.data +++ b/tests/suites/test_suite_version.data @@ -1,8 +1,8 @@ Check compiletime library version -check_compiletime_version:"2.27.0" +check_compiletime_version:"2.28.0" Check runtime library version -check_runtime_version:"2.27.0" +check_runtime_version:"2.28.0" Check for MBEDTLS_VERSION_C check_feature:"MBEDTLS_VERSION_C":0