mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-12 01:14:02 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update generated PSA wrappers

Browse Source 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2024-07-31 17:03:59 +02:00
parent fd46f7f173
commit 7db1bcdb34
7 changed files with 112 additions and 183 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
tests/include/test/psa_test_wrappers.h
View File

@ -363,14 +363,6 @@ psa_status_t mbedtls_test_wrap_psa_generate_key_custom(
#define psa_generate_key_custom(arg0_attributes, arg1_custom, arg2_custom_data, arg3_custom_data_length, arg4_key) \
mbedtls_test_wrap_psa_generate_key_custom(arg0_attributes, arg1_custom, arg2_custom_data, arg3_custom_data_length, arg4_key)
psa_status_t mbedtls_test_wrap_psa_generate_key_ext(
const psa_key_attributes_t *arg0_attributes,
const psa_key_production_parameters_t *arg1_params,
size_t arg2_params_data_length,
mbedtls_svc_key_id_t *arg3_key);
#define psa_generate_key_ext(arg0_attributes, arg1_params, arg2_params_data_length, arg3_key) \
mbedtls_test_wrap_psa_generate_key_ext(arg0_attributes, arg1_params, arg2_params_data_length, arg3_key)
psa_status_t mbedtls_test_wrap_psa_generate_random(
uint8_t *arg0_output,
size_t arg1_output_size);
@ -515,15 +507,6 @@ psa_status_t mbedtls_test_wrap_psa_key_derivation_output_key_custom(
#define psa_key_derivation_output_key_custom(arg0_attributes, arg1_operation, arg2_custom, arg3_custom_data, arg4_custom_data_length, arg5_key) \
mbedtls_test_wrap_psa_key_derivation_output_key_custom(arg0_attributes, arg1_operation, arg2_custom, arg3_custom_data, arg4_custom_data_length, arg5_key)
psa_status_t mbedtls_test_wrap_psa_key_derivation_output_key_ext(
const psa_key_attributes_t *arg0_attributes,
psa_key_derivation_operation_t *arg1_operation,
const psa_key_production_parameters_t *arg2_params,
size_t arg3_params_data_length,
mbedtls_svc_key_id_t *arg4_key);
#define psa_key_derivation_output_key_ext(arg0_attributes, arg1_operation, arg2_params, arg3_params_data_length, arg4_key) \
mbedtls_test_wrap_psa_key_derivation_output_key_ext(arg0_attributes, arg1_operation, arg2_params, arg3_params_data_length, arg4_key)
psa_status_t mbedtls_test_wrap_psa_key_derivation_set_capacity(
psa_key_derivation_operation_t *arg0_operation,
size_t arg1_capacity);

4
tests/psa-client-server/psasim/src/psa_functions_codes.h
View File

@ -40,7 +40,7 @@ enum {
PSA_EXPORT_KEY,
PSA_EXPORT_PUBLIC_KEY,
PSA_GENERATE_KEY,
PSA_GENERATE_KEY_EXT,
PSA_GENERATE_KEY_CUSTOM,
PSA_GENERATE_RANDOM,
PSA_GET_KEY_ATTRIBUTES,
PSA_HASH_ABORT,
@ -62,7 +62,7 @@ enum {
PSA_KEY_DERIVATION_KEY_AGREEMENT,
PSA_KEY_DERIVATION_OUTPUT_BYTES,
PSA_KEY_DERIVATION_OUTPUT_KEY,
PSA_KEY_DERIVATION_OUTPUT_KEY_EXT,
PSA_KEY_DERIVATION_OUTPUT_KEY_CUSTOM,
PSA_KEY_DERIVATION_SET_CAPACITY,
PSA_KEY_DERIVATION_SETUP,
PSA_MAC_ABORT,

44
tests/psa-client-server/psasim/src/psa_sim_crypto_client.c
View File

@ -2803,9 +2803,10 @@ fail:
}
psa_status_t psa_generate_key_ext(
psa_status_t psa_generate_key_custom(
const psa_key_attributes_t *attributes,
const psa_key_production_parameters_t *params, size_t params_data_length,
const psa_custom_key_parameters_t *custom,
const uint8_t *custom_data, size_t custom_data_length,
mbedtls_svc_key_id_t *key
)
{
@ -2817,7 +2818,8 @@ psa_status_t psa_generate_key_ext(
size_t needed =
psasim_serialise_begin_needs() +
psasim_serialise_psa_key_attributes_t_needs(*attributes) +
psasim_serialise_psa_key_production_parameters_t_needs(params, params_data_length) +
psasim_serialise_psa_custom_key_parameters_t_needs(*custom) +
psasim_serialise_buffer_needs(custom_data, custom_data_length) +
psasim_serialise_mbedtls_svc_key_id_t_needs(*key);
ser_params = malloc(needed);
@ -2839,9 +2841,15 @@ psa_status_t psa_generate_key_ext(
if (!ok) {
goto fail;
}
ok = psasim_serialise_psa_key_production_parameters_t(
ok = psasim_serialise_psa_custom_key_parameters_t(
&pos, &remaining,
params, params_data_length);
*custom);
if (!ok) {
goto fail;
}
ok = psasim_serialise_buffer(
&pos, &remaining,
custom_data, custom_data_length);
if (!ok) {
goto fail;
}
@ -2852,10 +2860,10 @@ psa_status_t psa_generate_key_ext(
goto fail;
}
ok = psa_crypto_call(PSA_GENERATE_KEY_EXT,
ok = psa_crypto_call(PSA_GENERATE_KEY_CUSTOM,
ser_params, (size_t) (pos - ser_params), &ser_result, &result_length);
if (!ok) {
printf("PSA_GENERATE_KEY_EXT server call failed\n");
printf("PSA_GENERATE_KEY_CUSTOM server call failed\n");
goto fail;
}
@ -4572,10 +4580,11 @@ fail:
}
psa_status_t psa_key_derivation_output_key_ext(
psa_status_t psa_key_derivation_output_key_custom(
const psa_key_attributes_t *attributes,
psa_key_derivation_operation_t *operation,
const psa_key_production_parameters_t *params, size_t params_data_length,
const psa_custom_key_parameters_t *custom,
const uint8_t *custom_data, size_t custom_data_length,
mbedtls_svc_key_id_t *key
)
{
@ -4588,7 +4597,8 @@ psa_status_t psa_key_derivation_output_key_ext(
psasim_serialise_begin_needs() +
psasim_serialise_psa_key_attributes_t_needs(*attributes) +
psasim_serialise_psa_key_derivation_operation_t_needs(*operation) +
psasim_serialise_psa_key_production_parameters_t_needs(params, params_data_length) +
psasim_serialise_psa_custom_key_parameters_t_needs(*custom) +
psasim_serialise_buffer_needs(custom_data, custom_data_length) +
psasim_serialise_mbedtls_svc_key_id_t_needs(*key);
ser_params = malloc(needed);
@ -4616,9 +4626,15 @@ psa_status_t psa_key_derivation_output_key_ext(
if (!ok) {
goto fail;
}
ok = psasim_serialise_psa_key_production_parameters_t(
ok = psasim_serialise_psa_custom_key_parameters_t(
&pos, &remaining,
params, params_data_length);
*custom);
if (!ok) {
goto fail;
}
ok = psasim_serialise_buffer(
&pos, &remaining,
custom_data, custom_data_length);
if (!ok) {
goto fail;
}
@ -4629,10 +4645,10 @@ psa_status_t psa_key_derivation_output_key_ext(
goto fail;
}
ok = psa_crypto_call(PSA_KEY_DERIVATION_OUTPUT_KEY_EXT,
ok = psa_crypto_call(PSA_KEY_DERIVATION_OUTPUT_KEY_CUSTOM,
ser_params, (size_t) (pos - ser_params), &ser_result, &result_length);
if (!ok) {
printf("PSA_KEY_DERIVATION_OUTPUT_KEY_EXT server call failed\n");
printf("PSA_KEY_DERIVATION_OUTPUT_KEY_CUSTOM server call failed\n");
goto fail;
}

66
tests/psa-client-server/psasim/src/psa_sim_crypto_server.c
View File

@ -3116,14 +3116,15 @@ fail:
}
// Returns 1 for success, 0 for failure
int psa_generate_key_ext_wrapper(
int psa_generate_key_custom_wrapper(
uint8_t *in_params, size_t in_params_len,
uint8_t **out_params, size_t *out_params_len)
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_attributes_t attributes;
psa_key_production_parameters_t *params = NULL;
size_t params_data_length;
psa_custom_key_parameters_t custom;
uint8_t *custom_data = NULL;
size_t custom_data_length;
mbedtls_svc_key_id_t key;
uint8_t *pos = in_params;
@ -3143,9 +3144,16 @@ int psa_generate_key_ext_wrapper(
goto fail;
}
ok = psasim_deserialise_psa_key_production_parameters_t(
ok = psasim_deserialise_psa_custom_key_parameters_t(
&pos, &remaining,
&params, &params_data_length);
&custom);
if (!ok) {
goto fail;
}
ok = psasim_deserialise_buffer(
&pos, &remaining,
&custom_data, &custom_data_length);
if (!ok) {
goto fail;
}
@ -3159,9 +3167,10 @@ int psa_generate_key_ext_wrapper(
// Now we call the actual target function
status = psa_generate_key_ext(
status = psa_generate_key_custom(
&attributes,
params, params_data_length,
&custom,
custom_data, custom_data_length,
&key
);
@ -3201,14 +3210,14 @@ int psa_generate_key_ext_wrapper(
*out_params = result;
*out_params_len = result_size;
free(params);
free(custom_data);
return 1; // success
fail:
free(result);
free(params);
free(custom_data);
return 0; // This shouldn't happen!
}
@ -5079,15 +5088,16 @@ fail:
}
// Returns 1 for success, 0 for failure
int psa_key_derivation_output_key_ext_wrapper(
int psa_key_derivation_output_key_custom_wrapper(
uint8_t *in_params, size_t in_params_len,
uint8_t **out_params, size_t *out_params_len)
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_attributes_t attributes;
psa_key_derivation_operation_t *operation;
psa_key_production_parameters_t *params = NULL;
size_t params_data_length;
psa_custom_key_parameters_t custom;
uint8_t *custom_data = NULL;
size_t custom_data_length;
mbedtls_svc_key_id_t key;
uint8_t *pos = in_params;
@ -5114,9 +5124,16 @@ int psa_key_derivation_output_key_ext_wrapper(
goto fail;
}
ok = psasim_deserialise_psa_key_production_parameters_t(
ok = psasim_deserialise_psa_custom_key_parameters_t(
&pos, &remaining,
&params, &params_data_length);
&custom);
if (!ok) {
goto fail;
}
ok = psasim_deserialise_buffer(
&pos, &remaining,
&custom_data, &custom_data_length);
if (!ok) {
goto fail;
}
@ -5130,10 +5147,11 @@ int psa_key_derivation_output_key_ext_wrapper(
// Now we call the actual target function
status = psa_key_derivation_output_key_ext(
status = psa_key_derivation_output_key_custom(
&attributes,
operation,
params, params_data_length,
&custom,
custom_data, custom_data_length,
&key
);
@ -5181,14 +5199,14 @@ int psa_key_derivation_output_key_ext_wrapper(
*out_params = result;
*out_params_len = result_size;
free(params);
free(custom_data);
return 1; // success
fail:
free(result);
free(params);
free(custom_data);
return 0; // This shouldn't happen!
}
@ -7712,9 +7730,9 @@ psa_status_t psa_crypto_call(psa_msg_t msg)
ok = psa_generate_key_wrapper(in_params, in_params_len,
&out_params, &out_params_len);
break;
case PSA_GENERATE_KEY_EXT:
ok = psa_generate_key_ext_wrapper(in_params, in_params_len,
&out_params, &out_params_len);
case PSA_GENERATE_KEY_CUSTOM:
ok = psa_generate_key_custom_wrapper(in_params, in_params_len,
&out_params, &out_params_len);
break;
case PSA_GENERATE_RANDOM:
ok = psa_generate_random_wrapper(in_params, in_params_len,
@ -7800,9 +7818,9 @@ psa_status_t psa_crypto_call(psa_msg_t msg)
ok = psa_key_derivation_output_key_wrapper(in_params, in_params_len,
&out_params, &out_params_len);
break;
case PSA_KEY_DERIVATION_OUTPUT_KEY_EXT:
ok = psa_key_derivation_output_key_ext_wrapper(in_params, in_params_len,
&out_params, &out_params_len);
case PSA_KEY_DERIVATION_OUTPUT_KEY_CUSTOM:
ok = psa_key_derivation_output_key_custom_wrapper(in_params, in_params_len,
&out_params, &out_params_len);
break;
case PSA_KEY_DERIVATION_SET_CAPACITY:
ok = psa_key_derivation_set_capacity_wrapper(in_params, in_params_len,

92
tests/psa-client-server/psasim/src/psa_sim_serialise.c
View File

@ -735,96 +735,38 @@ int psasim_deserialise_return_buffer(uint8_t **pos,
return 1;
}
#define SER_TAG_SIZE 4
size_t psasim_serialise_psa_key_production_parameters_t_needs(
const psa_key_production_parameters_t *params,
size_t data_length)
size_t psasim_serialise_psa_custom_key_parameters_t_needs(
psa_custom_key_parameters_t value)
{
/* We will serialise with 4-byte tag = "PKPP" + 4-byte overall length at the beginning,
* followed by size_t data_length, then the actual data from the structure.
*/
return SER_TAG_SIZE + sizeof(uint32_t) + sizeof(data_length) + sizeof(*params) + data_length;
return sizeof(value);
}
int psasim_serialise_psa_key_production_parameters_t(uint8_t **pos,
size_t *remaining,
const psa_key_production_parameters_t *params,
size_t data_length)
int psasim_serialise_psa_custom_key_parameters_t(uint8_t **pos,
size_t *remaining,
psa_custom_key_parameters_t value)
{
if (data_length > UINT32_MAX / 2) { /* arbitrary limit */
return 0; /* too big to serialise */
}
/* We use 32-bit lengths, which should be enough for any reasonable usage :) */
/* (the UINT32_MAX / 2 above is an even more conservative check to avoid overflow here) */
uint32_t len = (uint32_t) (sizeof(data_length) + sizeof(*params) + data_length);
if (*remaining < SER_TAG_SIZE + sizeof(uint32_t) + len) {
if (*remaining < sizeof(value)) {
return 0;
}
char tag[SER_TAG_SIZE] = "PKPP";
memcpy(*pos, tag, sizeof(tag));
memcpy(*pos + sizeof(tag), &len, sizeof(len));
*pos += sizeof(tag) + sizeof(len);
*remaining -= sizeof(tag) + sizeof(len);
memcpy(*pos, &data_length, sizeof(data_length));
memcpy(*pos + sizeof(data_length), params, sizeof(*params) + data_length);
*pos += sizeof(data_length) + sizeof(*params) + data_length;
*remaining -= sizeof(data_length) + sizeof(*params) + data_length;
memcpy(*pos, &value, sizeof(value));
*pos += sizeof(value);
return 1;
}
int psasim_deserialise_psa_key_production_parameters_t(uint8_t **pos,
size_t *remaining,
psa_key_production_parameters_t **params,
size_t *data_length)
int psasim_deserialise_psa_custom_key_parameters_t(uint8_t **pos,
size_t *remaining,
psa_custom_key_parameters_t *value)
{
if (*remaining < SER_TAG_SIZE + sizeof(uint32_t)) {
return 0; /* can't even be an empty serialisation */
if (*remaining < sizeof(*value)) {
return 0;
}
char tag[SER_TAG_SIZE] = "PKPP"; /* expected */
uint32_t len;
memcpy(value, *pos, sizeof(*value));
memcpy(&len, *pos + sizeof(tag), sizeof(len));
if (memcmp(*pos, tag, sizeof(tag)) != 0) {
return 0; /* wrong tag */
}
*pos += sizeof(tag) + sizeof(len);
*remaining -= sizeof(tag) + sizeof(len);
if (*remaining < sizeof(*data_length)) {
return 0; /* missing data_length */
}
memcpy(data_length, *pos, sizeof(*data_length));
if ((size_t) len != (sizeof(data_length) + sizeof(**params) + *data_length)) {
return 0; /* wrong length */
}
if (*remaining < sizeof(*data_length) + sizeof(**params) + *data_length) {
return 0; /* not enough data provided */
}
*pos += sizeof(data_length);
*remaining -= sizeof(data_length);
psa_key_production_parameters_t *out = malloc(sizeof(**params) + *data_length);
if (out == NULL) {
return 0; /* allocation failure */
}
memcpy(out, *pos, sizeof(*out) + *data_length);
*pos += sizeof(*out) + *data_length;
*remaining -= sizeof(*out) + *data_length;
*params = out;
*pos += sizeof(*value);
*remaining -= sizeof(*value);
return 1;
}

49
tests/psa-client-server/psasim/src/psa_sim_serialise.h
View File

@ -421,55 +421,48 @@ int psasim_deserialise_buffer(uint8_t **pos, size_t *remaining,
int psasim_deserialise_return_buffer(uint8_t **pos, size_t *remaining,
uint8_t *buffer, size_t buffer_length);
/** Return how much space is needed by \c psasim_serialise_psa_key_production_parameters_t()
* to serialise a psa_key_production_parameters_t (a structure with a flexible array member).
/** Return how much buffer space is needed by \c psasim_serialise_psa_custom_key_parameters_t()
* to serialise a `psa_custom_key_parameters_t`.
*
* \param params Pointer to the struct to be serialised
* \param value The value that will be serialised into the buffer
* (needed in case some serialisations are value-
* dependent).
* \param data_length Number of bytes in the data[] of the struct to be serialised.
*
* \return The number of bytes needed in the serialisation buffer by
* \c psasim_serialise_psa_key_production_parameters_t() to serialise
* the specified structure.
* \return The number of bytes needed in the buffer by
* \c psasim_serialise_psa_custom_key_parameters_t() to serialise
* the given value.
*/
size_t psasim_serialise_psa_key_production_parameters_t_needs(
const psa_key_production_parameters_t *params,
size_t buffer_size);
size_t psasim_serialise_psa_custom_key_parameters_t_needs(
psa_custom_key_parameters_t value);
/** Serialise a psa_key_production_parameters_t.
/** Serialise a `psa_custom_key_parameters_t` into a buffer.
*
* \param pos[in,out] Pointer to a `uint8_t *` holding current position
* in the buffer.
* \param remaining[in,out] Pointer to a `size_t` holding number of bytes
* remaining in the buffer.
* \param params Pointer to the structure to be serialised.
* \param data_length Number of bytes in the data[] of the struct to be serialised.
* \param value The value to serialise into the buffer.
*
* \return \c 1 on success ("okay"), \c 0 on error.
*/
int psasim_serialise_psa_key_production_parameters_t(uint8_t **pos,
size_t *remaining,
const psa_key_production_parameters_t *params,
size_t data_length);
int psasim_serialise_psa_custom_key_parameters_t(uint8_t **pos,
size_t *remaining,
psa_custom_key_parameters_t value);
/** Deserialise a psa_key_production_parameters_t.
/** Deserialise a `psa_custom_key_parameters_t` from a buffer.
*
* \param pos[in,out] Pointer to a `uint8_t *` holding current position
* in the serialisation buffer.
* in the buffer.
* \param remaining[in,out] Pointer to a `size_t` holding number of bytes
* remaining in the serialisation buffer.
* \param params Pointer to a `psa_key_production_parameters_t *` to
* receive the address of a newly-allocated structure,
* which the caller must `free()`.
* \param data_length Pointer to a `size_t` to receive the number of
* bytes in the data[] member of the structure deserialised.
* remaining in the buffer.
* \param value Pointer to a `psa_custom_key_parameters_t` to receive the value
* deserialised from the buffer.
*
* \return \c 1 on success ("okay"), \c 0 on error.
*/
int psasim_deserialise_psa_key_production_parameters_t(uint8_t **pos, size_t *remaining,
psa_key_production_parameters_t **params,
size_t *buffer_length);
int psasim_deserialise_psa_custom_key_parameters_t(uint8_t **pos,
size_t *remaining,
psa_custom_key_parameters_t *value);
/** Return how much buffer space is needed by \c psasim_serialise_psa_status_t()
* to serialise a `psa_status_t`.

23
tests/src/psa_test_wrappers.c
View File

@ -622,17 +622,6 @@ psa_status_t mbedtls_test_wrap_psa_generate_key_custom(
return status;
}
/* Wrapper for psa_generate_key_ext */
psa_status_t mbedtls_test_wrap_psa_generate_key_ext(
const psa_key_attributes_t *arg0_attributes,
const psa_key_production_parameters_t *arg1_params,
size_t arg2_params_data_length,
mbedtls_svc_key_id_t *arg3_key)
{
psa_status_t status = (psa_generate_key_ext)(arg0_attributes, arg1_params, arg2_params_data_length, arg3_key);
return status;
}
/* Wrapper for psa_generate_random */
psa_status_t mbedtls_test_wrap_psa_generate_random(
uint8_t *arg0_output,
@ -907,18 +896,6 @@ psa_status_t mbedtls_test_wrap_psa_key_derivation_output_key_custom(
return status;
}
/* Wrapper for psa_key_derivation_output_key_ext */
psa_status_t mbedtls_test_wrap_psa_key_derivation_output_key_ext(
const psa_key_attributes_t *arg0_attributes,
psa_key_derivation_operation_t *arg1_operation,
const psa_key_production_parameters_t *arg2_params,
size_t arg3_params_data_length,
mbedtls_svc_key_id_t *arg4_key)
{
psa_status_t status = (psa_key_derivation_output_key_ext)(arg0_attributes, arg1_operation, arg2_params, arg3_params_data_length, arg4_key);
return status;
}
/* Wrapper for psa_key_derivation_set_capacity */
psa_status_t mbedtls_test_wrap_psa_key_derivation_set_capacity(
psa_key_derivation_operation_t *arg0_operation,