mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-01-27 06:35:22 +00:00
Fix psa_generator_import_key for DES
In psa_generator_import_key, if generating a DES or 3DES key, set the parity bits. Add tests for deriving a DES key. Also test deriving an AES key while I'm at it.
This commit is contained in:
parent
9fb0e01177
commit
08542d8037
@ -3142,6 +3142,18 @@ exit:
|
||||
return( status );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_DES_C)
|
||||
static void psa_des_set_key_parity( uint8_t *data, size_t data_size )
|
||||
{
|
||||
if( data_size >= 8 )
|
||||
mbedtls_des_key_set_parity( data );
|
||||
if( data_size >= 16 )
|
||||
mbedtls_des_key_set_parity( data + 8 );
|
||||
if( data_size >= 24 )
|
||||
mbedtls_des_key_set_parity( data + 16 );
|
||||
}
|
||||
#endif /* MBEDTLS_DES_C */
|
||||
|
||||
psa_status_t psa_generator_import_key( psa_key_slot_t key,
|
||||
psa_key_type_t type,
|
||||
size_t bits,
|
||||
@ -3162,6 +3174,10 @@ psa_status_t psa_generator_import_key( psa_key_slot_t key,
|
||||
status = psa_generator_read( generator, data, bytes );
|
||||
if( status != PSA_SUCCESS )
|
||||
goto exit;
|
||||
#if defined(MBEDTLS_DES_C)
|
||||
if( type == PSA_KEY_TYPE_DES )
|
||||
psa_des_set_key_parity( data, bytes );
|
||||
#endif /* MBEDTLS_DES_C */
|
||||
status = psa_import_key( key, type, data, bytes );
|
||||
|
||||
exit:
|
||||
@ -3312,13 +3328,8 @@ psa_status_t psa_generate_key( psa_key_slot_t key,
|
||||
}
|
||||
#if defined(MBEDTLS_DES_C)
|
||||
if( type == PSA_KEY_TYPE_DES )
|
||||
{
|
||||
mbedtls_des_key_set_parity( slot->data.raw.data );
|
||||
if( slot->data.raw.bytes >= 16 )
|
||||
mbedtls_des_key_set_parity( slot->data.raw.data + 8 );
|
||||
if( slot->data.raw.bytes == 24 )
|
||||
mbedtls_des_key_set_parity( slot->data.raw.data + 16 );
|
||||
}
|
||||
psa_des_set_key_parity( slot->data.raw.data,
|
||||
slot->data.raw.bytes );
|
||||
#endif /* MBEDTLS_DES_C */
|
||||
}
|
||||
else
|
||||
|
@ -861,6 +861,26 @@ PSA key derivation: HKDF SHA-256, read maximum capacity
|
||||
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
|
||||
derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32
|
||||
|
||||
PSA key derivation: HKDF SHA-256, exercise AES128-CTR
|
||||
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
|
||||
derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR
|
||||
|
||||
PSA key derivation: HKDF SHA-256, exercise AES256-CTR
|
||||
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
|
||||
derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR
|
||||
|
||||
PSA key derivation: HKDF SHA-256, exercise DES-CBC
|
||||
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7
|
||||
|
||||
PSA key derivation: HKDF SHA-256, exercise 2-key 3DES-CBC
|
||||
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7
|
||||
|
||||
PSA key derivation: HKDF SHA-256, exercise 3-key 3DES-CBC
|
||||
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7
|
||||
|
||||
PSA key derivation: HKDF SHA-256, exercise HMAC-SHA-256
|
||||
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
|
||||
derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN:PSA_ALG_HMAC(PSA_ALG_SHA_256)
|
||||
|
Loading…
x
Reference in New Issue
Block a user