From 06638ae3e8ccb5973243ba7e7ebce0d8384eba9c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Tue, 4 May 2021 10:19:37 +0200
Subject: [PATCH] Update "key stretching" flag
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
---
 include/psa/crypto_values.h                               | 8 +++++---
 .../test_suite_psa_crypto_storage_format.current.data     | 4 ++--
 tests/suites/test_suite_psa_crypto_storage_format.v0.data | 4 ++--
 3 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h
index 6d34b0640b..4f75b1f66c 100644
--- a/include/psa/crypto_values.h
+++ b/include/psa/crypto_values.h
@@ -1733,10 +1733,12 @@
  * use on low-entropy secrets such as password - these algorithms are also
  * known as key stretching or password hashing schemes. These are also the
  * algorithms that accepts inputs of type #PSA_KEY_DERIVATION_INPUT_PASSWORD.
+ *
+ * Those algorithms cannot be combined with a key agreement algorithm.
  */
-#define PSA_ALG_KEY_DERIVATION_STRETCHING_FLAG  ((psa_algorithm_t)0x00008000)
+#define PSA_ALG_KEY_DERIVATION_STRETCHING_FLAG  ((psa_algorithm_t)0x00800000)
 
-#define PSA_ALG_PBKDF2_HMAC_BASE                ((psa_algorithm_t)0x08008100)
+#define PSA_ALG_PBKDF2_HMAC_BASE                ((psa_algorithm_t)0x08800100)
 /** Macro to build a PBKDF2-HMAC password hashing / key stretching algorithm.
  *
  * PBKDF2 is defined by PKCS#5, republished as RFC 8018 (section 5.2).
@@ -1786,7 +1788,7 @@
  * This key derivation algorithm uses the same inputs as
  * #PBKDF_ALG_PBKDF2_HMAC() with the same constraints.
  */
-#define PSA_ALG_PBKDF2_AES_CMAC_PRF_128         ((psa_algorithm_t)0x08008200)
+#define PSA_ALG_PBKDF2_AES_CMAC_PRF_128         ((psa_algorithm_t)0x08800200)
 
 #define PSA_ALG_KEY_DERIVATION_MASK             ((psa_algorithm_t)0xfe00ffff)
 #define PSA_ALG_KEY_AGREEMENT_MASK              ((psa_algorithm_t)0xffff0000)
diff --git a/tests/suites/test_suite_psa_crypto_storage_format.current.data b/tests/suites/test_suite_psa_crypto_storage_format.current.data
index 6c280a2f7c..732b80b6b9 100644
--- a/tests/suites/test_suite_psa_crypto_storage_format.current.data
+++ b/tests/suites/test_suite_psa_crypto_storage_format.current.data
@@ -622,11 +622,11 @@ key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_
 
 PSA storage save: alg: PSA_ALG_PBKDF2_AES_CMAC_PRF_128
 depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_KEY_TYPE_RAW_DATA
-key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:0x0000:"4b":"505341004b455900000000000100000001100800010000000082000800000000010000004b"
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:0x0000:"4b":"505341004b455900000000000100000001100800010000000002800800000000010000004b"
 
 PSA storage save: alg2: PSA_ALG_PBKDF2_AES_CMAC_PRF_128
 depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_KEY_TYPE_RAW_DATA
-key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:"4c":"505341004b455900000000000100000001100800010000000000000000820008010000004c"
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:"4c":"505341004b455900000000000100000001100800010000000000000000028008010000004c"
 
 PSA storage save: alg: PSA_ALG_PURE_EDDSA
 depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RAW_DATA
diff --git a/tests/suites/test_suite_psa_crypto_storage_format.v0.data b/tests/suites/test_suite_psa_crypto_storage_format.v0.data
index 83f80232d1..82f55dd5da 100644
--- a/tests/suites/test_suite_psa_crypto_storage_format.v0.data
+++ b/tests/suites/test_suite_psa_crypto_storage_format.v0.data
@@ -622,11 +622,11 @@ key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_
 
 PSA storage read: alg: PSA_ALG_PBKDF2_AES_CMAC_PRF_128
 depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_KEY_TYPE_RAW_DATA
-key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:0x0000:"4b":"505341004b455900000000000100000001100800010000000082000800000000010000004b":0
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:0x0000:"4b":"505341004b455900000000000100000001100800010000000002800800000000010000004b":0
 
 PSA storage read: alg2: PSA_ALG_PBKDF2_AES_CMAC_PRF_128
 depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_KEY_TYPE_RAW_DATA
-key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:"4c":"505341004b455900000000000100000001100800010000000000000000820008010000004c":0
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:"4c":"505341004b455900000000000100000001100800010000000000000000028008010000004c":0
 
 PSA storage read: alg: PSA_ALG_PURE_EDDSA
 depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RAW_DATA