mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-29 22:20:30 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #8729 from adeaarm/crypto_struct_client_view

Browse Source 
Add a client view of the multipart contexts
This commit is contained in:
Gilles Peskine 2024-02-06 17:29:55 +00:00 committed by GitHub
commit 8bdd8cdc4f
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 74 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
include/psa/crypto_extra.h
View File

@ -1828,8 +1828,12 @@ psa_status_t psa_pake_abort(psa_pake_operation_t *operation);
/** Returns a suitable initializer for a PAKE operation object of type /** Returns a suitable initializer for a PAKE operation object of type
* psa_pake_operation_t. * psa_pake_operation_t.
*/ */
#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
#define PSA_PAKE_OPERATION_INIT { 0 }
#else
#define PSA_PAKE_OPERATION_INIT { 0, PSA_ALG_NONE, 0, PSA_PAKE_OPERATION_STAGE_SETUP, \ #define PSA_PAKE_OPERATION_INIT { 0, PSA_ALG_NONE, 0, PSA_PAKE_OPERATION_STAGE_SETUP, \
{ 0 }, { { 0 } } } { 0 }, { { 0 } } }
#endif
struct psa_pake_cipher_suite_s { struct psa_pake_cipher_suite_s {
psa_algorithm_t algorithm; psa_algorithm_t algorithm;
@ -1957,6 +1961,9 @@ struct psa_jpake_computation_stage_s {
((round) == PSA_JPAKE_FIRST ? 2 : 1)) ((round) == PSA_JPAKE_FIRST ? 2 : 1))
struct psa_pake_operation_s { struct psa_pake_operation_s {
#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
mbedtls_psa_client_handle_t handle;
#else
/** Unique ID indicating which driver got assigned to do the /** Unique ID indicating which driver got assigned to do the
* operation. Since driver contexts are driver-specific, swapping * operation. Since driver contexts are driver-specific, swapping
* drivers halfway through the operation is not supported. * drivers halfway through the operation is not supported.
@ -1982,6 +1989,7 @@ struct psa_pake_operation_s {
psa_driver_pake_context_t MBEDTLS_PRIVATE(ctx); psa_driver_pake_context_t MBEDTLS_PRIVATE(ctx);
psa_crypto_driver_pake_inputs_t MBEDTLS_PRIVATE(inputs); psa_crypto_driver_pake_inputs_t MBEDTLS_PRIVATE(inputs);
} MBEDTLS_PRIVATE(data); } MBEDTLS_PRIVATE(data);
#endif
}; };
static inline struct psa_pake_cipher_suite_s psa_pake_cipher_suite_init(void) static inline struct psa_pake_cipher_suite_s psa_pake_cipher_suite_init(void)

10
include/psa/crypto_platform.h
View File

@ -89,4 +89,14 @@ typedef struct {
} mbedtls_psa_external_random_context_t; } mbedtls_psa_external_random_context_t;
#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
/** The type of the client handle used in context structures
*
* When a client view of the multipart context structures is required,
* this handle is used to keep a mapping with the service side of the
* context which contains the actual data.
*/
typedef uint32_t mbedtls_psa_client_handle_t;
#endif
#endif /* PSA_CRYPTO_PLATFORM_H */ #endif /* PSA_CRYPTO_PLATFORM_H */

58
include/psa/crypto_struct.h
View File

@ -68,6 +68,9 @@ extern "C" {
#include "psa/crypto_driver_contexts_primitives.h" #include "psa/crypto_driver_contexts_primitives.h"
struct psa_hash_operation_s { struct psa_hash_operation_s {
#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
mbedtls_psa_client_handle_t handle;
#else
/** Unique ID indicating which driver got assigned to do the /** Unique ID indicating which driver got assigned to do the
* operation. Since driver contexts are driver-specific, swapping * operation. Since driver contexts are driver-specific, swapping
* drivers halfway through the operation is not supported. * drivers halfway through the operation is not supported.
@ -76,9 +79,13 @@ struct psa_hash_operation_s {
* any driver (i.e. the driver context is not active, in use). */ * any driver (i.e. the driver context is not active, in use). */
unsigned int MBEDTLS_PRIVATE(id); unsigned int MBEDTLS_PRIVATE(id);
psa_driver_hash_context_t MBEDTLS_PRIVATE(ctx); psa_driver_hash_context_t MBEDTLS_PRIVATE(ctx);
#endif
}; };
#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
#define PSA_HASH_OPERATION_INIT { 0 }
#else
#define PSA_HASH_OPERATION_INIT { 0, { 0 } } #define PSA_HASH_OPERATION_INIT { 0, { 0 } }
#endif
static inline struct psa_hash_operation_s psa_hash_operation_init(void) static inline struct psa_hash_operation_s psa_hash_operation_init(void)
{ {
const struct psa_hash_operation_s v = PSA_HASH_OPERATION_INIT; const struct psa_hash_operation_s v = PSA_HASH_OPERATION_INIT;
@ -86,6 +93,9 @@ static inline struct psa_hash_operation_s psa_hash_operation_init(void)
} }
struct psa_cipher_operation_s { struct psa_cipher_operation_s {
#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
mbedtls_psa_client_handle_t handle;
#else
/** Unique ID indicating which driver got assigned to do the /** Unique ID indicating which driver got assigned to do the
* operation. Since driver contexts are driver-specific, swapping * operation. Since driver contexts are driver-specific, swapping
* drivers halfway through the operation is not supported. * drivers halfway through the operation is not supported.
@ -100,9 +110,14 @@ struct psa_cipher_operation_s {
uint8_t MBEDTLS_PRIVATE(default_iv_length); uint8_t MBEDTLS_PRIVATE(default_iv_length);
psa_driver_cipher_context_t MBEDTLS_PRIVATE(ctx); psa_driver_cipher_context_t MBEDTLS_PRIVATE(ctx);
#endif
}; };
#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
#define PSA_CIPHER_OPERATION_INIT { 0 }
#else
#define PSA_CIPHER_OPERATION_INIT { 0, 0, 0, 0, { 0 } } #define PSA_CIPHER_OPERATION_INIT { 0, 0, 0, 0, { 0 } }
#endif
static inline struct psa_cipher_operation_s psa_cipher_operation_init(void) static inline struct psa_cipher_operation_s psa_cipher_operation_init(void)
{ {
const struct psa_cipher_operation_s v = PSA_CIPHER_OPERATION_INIT; const struct psa_cipher_operation_s v = PSA_CIPHER_OPERATION_INIT;
@ -114,6 +129,9 @@ static inline struct psa_cipher_operation_s psa_cipher_operation_init(void)
#include "psa/crypto_driver_contexts_composites.h" #include "psa/crypto_driver_contexts_composites.h"
struct psa_mac_operation_s { struct psa_mac_operation_s {
#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
mbedtls_psa_client_handle_t handle;
#else
/** Unique ID indicating which driver got assigned to do the /** Unique ID indicating which driver got assigned to do the
* operation. Since driver contexts are driver-specific, swapping * operation. Since driver contexts are driver-specific, swapping
* drivers halfway through the operation is not supported. * drivers halfway through the operation is not supported.
@ -124,9 +142,14 @@ struct psa_mac_operation_s {
uint8_t MBEDTLS_PRIVATE(mac_size); uint8_t MBEDTLS_PRIVATE(mac_size);
unsigned int MBEDTLS_PRIVATE(is_sign) : 1; unsigned int MBEDTLS_PRIVATE(is_sign) : 1;
psa_driver_mac_context_t MBEDTLS_PRIVATE(ctx); psa_driver_mac_context_t MBEDTLS_PRIVATE(ctx);
#endif
}; };
#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
#define PSA_MAC_OPERATION_INIT { 0 }
#else
#define PSA_MAC_OPERATION_INIT { 0, 0, 0, { 0 } } #define PSA_MAC_OPERATION_INIT { 0, 0, 0, { 0 } }
#endif
static inline struct psa_mac_operation_s psa_mac_operation_init(void) static inline struct psa_mac_operation_s psa_mac_operation_init(void)
{ {
const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT; const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT;
@ -134,7 +157,9 @@ static inline struct psa_mac_operation_s psa_mac_operation_init(void)
} }
struct psa_aead_operation_s { struct psa_aead_operation_s {
#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
mbedtls_psa_client_handle_t handle;
#else
/** Unique ID indicating which driver got assigned to do the /** Unique ID indicating which driver got assigned to do the
* operation. Since driver contexts are driver-specific, swapping * operation. Since driver contexts are driver-specific, swapping
* drivers halfway through the operation is not supported. * drivers halfway through the operation is not supported.
@ -156,9 +181,14 @@ struct psa_aead_operation_s {
unsigned int MBEDTLS_PRIVATE(is_encrypt) : 1; unsigned int MBEDTLS_PRIVATE(is_encrypt) : 1;
psa_driver_aead_context_t MBEDTLS_PRIVATE(ctx); psa_driver_aead_context_t MBEDTLS_PRIVATE(ctx);
#endif
}; };
#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
#define PSA_AEAD_OPERATION_INIT { 0 }
#else
#define PSA_AEAD_OPERATION_INIT { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, { 0 } } #define PSA_AEAD_OPERATION_INIT { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, { 0 } }
#endif
static inline struct psa_aead_operation_s psa_aead_operation_init(void) static inline struct psa_aead_operation_s psa_aead_operation_init(void)
{ {
const struct psa_aead_operation_s v = PSA_AEAD_OPERATION_INIT; const struct psa_aead_operation_s v = PSA_AEAD_OPERATION_INIT;
@ -170,14 +200,22 @@ static inline struct psa_aead_operation_s psa_aead_operation_init(void)
#include "psa/crypto_driver_contexts_key_derivation.h" #include "psa/crypto_driver_contexts_key_derivation.h"
struct psa_key_derivation_s { struct psa_key_derivation_s {
#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
mbedtls_psa_client_handle_t handle;
#else
psa_algorithm_t MBEDTLS_PRIVATE(alg); psa_algorithm_t MBEDTLS_PRIVATE(alg);
unsigned int MBEDTLS_PRIVATE(can_output_key) : 1; unsigned int MBEDTLS_PRIVATE(can_output_key) : 1;
size_t MBEDTLS_PRIVATE(capacity); size_t MBEDTLS_PRIVATE(capacity);
psa_driver_key_derivation_context_t MBEDTLS_PRIVATE(ctx); psa_driver_key_derivation_context_t MBEDTLS_PRIVATE(ctx);
#endif
}; };
#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
#define PSA_KEY_DERIVATION_OPERATION_INIT { 0 }
#else
/* This only zeroes out the first byte in the union, the rest is unspecified. */ /* This only zeroes out the first byte in the union, the rest is unspecified. */
#define PSA_KEY_DERIVATION_OPERATION_INIT { 0, 0, 0, { 0 } } #define PSA_KEY_DERIVATION_OPERATION_INIT { 0, 0, 0, { 0 } }
#endif
static inline struct psa_key_derivation_s psa_key_derivation_operation_init( static inline struct psa_key_derivation_s psa_key_derivation_operation_init(
void) void)
{ {
@ -434,6 +472,9 @@ static inline size_t psa_get_key_bits(
* \brief The context for PSA interruptible hash signing. * \brief The context for PSA interruptible hash signing.
*/ */
struct psa_sign_hash_interruptible_operation_s { struct psa_sign_hash_interruptible_operation_s {
#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
mbedtls_psa_client_handle_t handle;
#else
/** Unique ID indicating which driver got assigned to do the /** Unique ID indicating which driver got assigned to do the
* operation. Since driver contexts are driver-specific, swapping * operation. Since driver contexts are driver-specific, swapping
* drivers halfway through the operation is not supported. * drivers halfway through the operation is not supported.
@ -447,9 +488,14 @@ struct psa_sign_hash_interruptible_operation_s {
unsigned int MBEDTLS_PRIVATE(error_occurred) : 1; unsigned int MBEDTLS_PRIVATE(error_occurred) : 1;
uint32_t MBEDTLS_PRIVATE(num_ops); uint32_t MBEDTLS_PRIVATE(num_ops);
#endif
}; };
#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
#define PSA_SIGN_HASH_INTERRUPTIBLE_OPERATION_INIT { 0 }
#else
#define PSA_SIGN_HASH_INTERRUPTIBLE_OPERATION_INIT { 0, { 0 }, 0, 0 } #define PSA_SIGN_HASH_INTERRUPTIBLE_OPERATION_INIT { 0, { 0 }, 0, 0 }
#endif
static inline struct psa_sign_hash_interruptible_operation_s static inline struct psa_sign_hash_interruptible_operation_s
psa_sign_hash_interruptible_operation_init(void) psa_sign_hash_interruptible_operation_init(void)
@ -464,6 +510,9 @@ psa_sign_hash_interruptible_operation_init(void)
* \brief The context for PSA interruptible hash verification. * \brief The context for PSA interruptible hash verification.
*/ */
struct psa_verify_hash_interruptible_operation_s { struct psa_verify_hash_interruptible_operation_s {
#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
mbedtls_psa_client_handle_t handle;
#else
/** Unique ID indicating which driver got assigned to do the /** Unique ID indicating which driver got assigned to do the
* operation. Since driver contexts are driver-specific, swapping * operation. Since driver contexts are driver-specific, swapping
* drivers halfway through the operation is not supported. * drivers halfway through the operation is not supported.
@ -477,9 +526,14 @@ struct psa_verify_hash_interruptible_operation_s {
unsigned int MBEDTLS_PRIVATE(error_occurred) : 1; unsigned int MBEDTLS_PRIVATE(error_occurred) : 1;
uint32_t MBEDTLS_PRIVATE(num_ops); uint32_t MBEDTLS_PRIVATE(num_ops);
#endif
}; };
#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C)
#define PSA_VERIFY_HASH_INTERRUPTIBLE_OPERATION_INIT { 0 }
#else
#define PSA_VERIFY_HASH_INTERRUPTIBLE_OPERATION_INIT { 0, { 0 }, 0, 0 } #define PSA_VERIFY_HASH_INTERRUPTIBLE_OPERATION_INIT { 0, { 0 }, 0, 0 }
#endif
static inline struct psa_verify_hash_interruptible_operation_s static inline struct psa_verify_hash_interruptible_operation_s
psa_verify_hash_interruptible_operation_init(void) psa_verify_hash_interruptible_operation_init(void)