mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-01-27 15:35:50 +00:00
Merge pull request #202 from ARMmbed/psa-tls12_prf_minor_fixes
Minor fixes for ECDH and TLS12_PRF
This commit is contained in:
commit
65b691793d
@ -1270,7 +1270,7 @@ typedef uint32_t psa_algorithm_t;
|
||||
* \param kdf_alg A key derivation algorithm (\c PSA_ALG_XXX value such
|
||||
* that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true)
|
||||
* or a key selection algorithm (\c PSA_ALG_XXX value such
|
||||
* that #PSA_ALG_IS_SELECTION(\p hash_alg) is true).
|
||||
* that #PSA_ALG_IS_KEY_SELECTION(\p hash_alg) is true).
|
||||
*
|
||||
* \return The Diffie-Hellman algorithm with the specified
|
||||
* selection or derivation algorithm.
|
||||
|
@ -85,7 +85,7 @@ struct psa_hash_operation_s
|
||||
} ctx;
|
||||
};
|
||||
|
||||
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
typedef struct
|
||||
{
|
||||
/** The hash context. */
|
||||
@ -93,7 +93,7 @@ typedef struct
|
||||
/** The HMAC part of the context. */
|
||||
uint8_t opad[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
|
||||
} psa_hmac_internal_data;
|
||||
|
||||
#endif /* MBEDTLS_MD_C */
|
||||
|
||||
struct psa_mac_operation_s
|
||||
{
|
||||
@ -130,6 +130,7 @@ struct psa_cipher_operation_s
|
||||
} ctx;
|
||||
};
|
||||
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
typedef struct
|
||||
{
|
||||
uint8_t *info;
|
||||
@ -143,7 +144,9 @@ typedef struct
|
||||
uint8_t offset_in_block;
|
||||
uint8_t block_number;
|
||||
} psa_hkdf_generator_t;
|
||||
#endif /* MBEDTLS_MD_C */
|
||||
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
typedef struct psa_tls12_prf_generator_s
|
||||
{
|
||||
/* The TLS 1.2 PRF uses the key for each HMAC iteration,
|
||||
@ -172,6 +175,7 @@ typedef struct psa_tls12_prf_generator_s
|
||||
uint8_t block_number;
|
||||
|
||||
} psa_tls12_prf_generator_t;
|
||||
#endif /* MBEDTLS_MD_C */
|
||||
|
||||
struct psa_crypto_generator_s
|
||||
{
|
||||
|
@ -1431,6 +1431,7 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
|
||||
(int) key_bits, mode ) );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
static size_t psa_get_hash_block_size( psa_algorithm_t alg )
|
||||
{
|
||||
switch( alg )
|
||||
@ -1457,6 +1458,7 @@ static size_t psa_get_hash_block_size( psa_algorithm_t alg )
|
||||
return( 0 );
|
||||
}
|
||||
}
|
||||
#endif /* MBEDTLS_MD_C */
|
||||
|
||||
/* Initialize the MAC operation structure. Once this function has been
|
||||
* called, psa_mac_abort can run and will do the right thing. */
|
||||
@ -2164,6 +2166,7 @@ static psa_status_t psa_ecdsa_sign( mbedtls_ecp_keypair *ecp,
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
|
||||
if( PSA_ALG_DSA_IS_DETERMINISTIC( alg ) )
|
||||
{
|
||||
psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
|
||||
@ -2174,7 +2177,9 @@ static psa_status_t psa_ecdsa_sign( mbedtls_ecp_keypair *ecp,
|
||||
md_alg ) );
|
||||
}
|
||||
else
|
||||
#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
|
||||
{
|
||||
(void) alg;
|
||||
MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ecp->grp, &r, &s, &ecp->d,
|
||||
hash, hash_length,
|
||||
mbedtls_ctr_drbg_random,
|
||||
@ -2265,7 +2270,13 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key,
|
||||
if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
|
||||
{
|
||||
#if defined(MBEDTLS_ECDSA_C)
|
||||
if( PSA_ALG_IS_ECDSA( alg ) )
|
||||
if(
|
||||
#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
|
||||
PSA_ALG_IS_ECDSA( alg )
|
||||
#else
|
||||
PSA_ALG_IS_RANDOMIZED_ECDSA( alg )
|
||||
#endif
|
||||
)
|
||||
status = psa_ecdsa_sign( slot->data.ecp,
|
||||
alg,
|
||||
hash, hash_length,
|
||||
@ -3637,8 +3648,13 @@ exit:
|
||||
/* Key derivation */
|
||||
/****************************************************************/
|
||||
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
/* Set up an HKDF-based generator. This is exactly the extract phase
|
||||
* of the HKDF algorithm. */
|
||||
* of the HKDF algorithm.
|
||||
*
|
||||
* Note that if this function fails, you must call psa_generator_abort()
|
||||
* to potentially free embedded data structures and wipe confidential data.
|
||||
*/
|
||||
static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf,
|
||||
const uint8_t *secret,
|
||||
size_t secret_length,
|
||||
@ -3674,8 +3690,14 @@ static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf,
|
||||
}
|
||||
return( PSA_SUCCESS );
|
||||
}
|
||||
#endif /* MBEDTLS_MD_C */
|
||||
|
||||
/* Set up a TLS-1.2-prf-based generator (see RFC 5246, Section 5). */
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
/* Set up a TLS-1.2-prf-based generator (see RFC 5246, Section 5).
|
||||
*
|
||||
* Note that if this function fails, you must call psa_generator_abort()
|
||||
* to potentially free embedded data structures and wipe confidential data.
|
||||
*/
|
||||
static psa_status_t psa_generator_tls12_prf_setup(
|
||||
psa_tls12_prf_generator_t *tls12_prf,
|
||||
const unsigned char *key,
|
||||
@ -3727,7 +3749,11 @@ static psa_status_t psa_generator_tls12_prf_setup(
|
||||
|
||||
return( PSA_SUCCESS );
|
||||
}
|
||||
#endif /* MBEDTLS_MD_C */
|
||||
|
||||
/* Note that if this function fails, you must call psa_generator_abort()
|
||||
* to potentially free embedded data structures and wipe confidential data.
|
||||
*/
|
||||
static psa_status_t psa_key_derivation_internal(
|
||||
psa_crypto_generator_t *generator,
|
||||
const uint8_t *secret, size_t secret_length,
|
||||
@ -3744,8 +3770,10 @@ static psa_status_t psa_key_derivation_internal(
|
||||
|
||||
if( alg == PSA_ALG_SELECT_RAW )
|
||||
{
|
||||
(void) salt;
|
||||
if( salt_length != 0 )
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
(void) label;
|
||||
if( label_length != 0 )
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
generator->ctx.buffer.data = mbedtls_calloc( 1, secret_length );
|
||||
@ -3854,6 +3882,7 @@ psa_status_t psa_key_derivation( psa_crypto_generator_t *generator,
|
||||
/* Key agreement */
|
||||
/****************************************************************/
|
||||
|
||||
#if defined(MBEDTLS_ECDH_C)
|
||||
static psa_status_t psa_key_agreement_ecdh( const uint8_t *peer_key,
|
||||
size_t peer_key_length,
|
||||
const mbedtls_ecp_keypair *our_key,
|
||||
@ -3905,9 +3934,13 @@ exit:
|
||||
mbedtls_ecdh_free( &ecdh );
|
||||
return( mbedtls_to_psa_error( ret ) );
|
||||
}
|
||||
#endif /* MBEDTLS_ECDH_C */
|
||||
|
||||
#define PSA_KEY_AGREEMENT_MAX_SHARED_SECRET_SIZE MBEDTLS_ECP_MAX_BYTES
|
||||
|
||||
/* Note that if this function fails, you must call psa_generator_abort()
|
||||
* to potentially free embedded data structures and wipe confidential data.
|
||||
*/
|
||||
static psa_status_t psa_key_agreement_internal( psa_crypto_generator_t *generator,
|
||||
key_slot_t *private_key,
|
||||
const uint8_t *peer_key,
|
||||
@ -3934,6 +3967,9 @@ static psa_status_t psa_key_agreement_internal( psa_crypto_generator_t *generato
|
||||
break;
|
||||
#endif /* MBEDTLS_ECDH_C */
|
||||
default:
|
||||
(void) private_key;
|
||||
(void) peer_key;
|
||||
(void) peer_key_length;
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
}
|
||||
if( status != PSA_SUCCESS )
|
||||
@ -3965,10 +4001,13 @@ psa_status_t psa_key_agreement( psa_crypto_generator_t *generator,
|
||||
PSA_KEY_USAGE_DERIVE, alg );
|
||||
if( status != PSA_SUCCESS )
|
||||
return( status );
|
||||
return( psa_key_agreement_internal( generator,
|
||||
slot,
|
||||
peer_key, peer_key_length,
|
||||
alg ) );
|
||||
status = psa_key_agreement_internal( generator,
|
||||
slot,
|
||||
peer_key, peer_key_length,
|
||||
alg );
|
||||
if( status != PSA_SUCCESS )
|
||||
psa_generator_abort( generator );
|
||||
return( status );
|
||||
}
|
||||
|
||||
|
||||
|
@ -1618,7 +1618,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBE
|
||||
key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS
|
||||
|
||||
PSA key agreement setup: ECDH, raw: public key on different curve
|
||||
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
|
||||
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C
|
||||
key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3076301006072a8648ce3d020106052b8104002203620004e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":PSA_ERROR_INVALID_ARGUMENT
|
||||
|
||||
PSA key agreement setup: ECDH, raw: public key instead of private key
|
||||
@ -1697,6 +1697,10 @@ PSA key agreement: ECDH brainpoolP512r1 (RFC 7027), raw: read
|
||||
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C
|
||||
key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"30819b301406072a8648ce3d020106092b240303020801010d03818200049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f":""
|
||||
|
||||
PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32
|
||||
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C
|
||||
key_agreement_output:PSA_ALG_ECDH(PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":""
|
||||
|
||||
PSA generate random: 0 bytes
|
||||
generate_random:0
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user