From cf8841a0761a1b90bdd936aae55d03c237d6b847 Mon Sep 17 00:00:00 2001 From: Neil Armstrong Date: Thu, 24 Feb 2022 11:17:45 +0100 Subject: [PATCH] Remove non-PSA MAC keys in mbedtls_ssl_transform when MBEDTLS_USE_PSA_CRYPTO is defined Also remove last usage of non-PSA MAC keys in ssl_decrypt_non_etm_cbc() SSL test. Signed-off-by: Neil Armstrong --- library/ssl_misc.h | 4 ++-- library/ssl_msg.c | 3 ++- library/ssl_tls.c | 8 ++++++-- tests/suites/test_suite_ssl.function | 20 +++++++++++++++++++- 4 files changed, 29 insertions(+), 6 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 73504a6128..9de5239af6 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -952,10 +952,10 @@ struct mbedtls_ssl_transform mbedtls_svc_key_id_t psa_mac_enc; /*!< MAC (encryption) */ mbedtls_svc_key_id_t psa_mac_dec; /*!< MAC (decryption) */ psa_algorithm_t psa_mac_alg; /*!< psa MAC algorithm */ -#endif - +#else mbedtls_md_context_t md_ctx_enc; /*!< MAC (encryption) */ mbedtls_md_context_t md_ctx_dec; /*!< MAC (decryption) */ +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) int encrypt_then_mac; /*!< flag for EtM activation */ diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 7445cb5653..b8809fb127 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -5755,9 +5755,10 @@ void mbedtls_ssl_transform_free( mbedtls_ssl_transform *transform ) #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_destroy_key( transform->psa_mac_enc ); psa_destroy_key( transform->psa_mac_dec ); -#endif +#else mbedtls_md_free( &transform->md_ctx_enc ); mbedtls_md_free( &transform->md_ctx_dec ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif mbedtls_platform_zeroize( transform, sizeof( mbedtls_ssl_transform ) ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 60795e0704..336f92d347 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -613,10 +613,11 @@ void mbedtls_ssl_transform_init( mbedtls_ssl_transform *transform ) #if defined(MBEDTLS_USE_PSA_CRYPTO) transform->psa_mac_enc = MBEDTLS_SVC_KEY_ID_INIT; transform->psa_mac_dec = MBEDTLS_SVC_KEY_ID_INIT; -#endif +#else mbedtls_md_init( &transform->md_ctx_enc ); mbedtls_md_init( &transform->md_ctx_dec ); #endif +#endif } void mbedtls_ssl_session_init( mbedtls_ssl_session *session ) @@ -7174,6 +7175,7 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform, if( mbedtls_cipher_info_get_mode( cipher_info ) == MBEDTLS_MODE_STREAM || mbedtls_cipher_info_get_mode( cipher_info ) == MBEDTLS_MODE_CBC ) { +#if !defined(MBEDTLS_USE_PSA_CRYPTO) /* Initialize HMAC contexts */ if( ( ret = mbedtls_md_setup( &transform->md_ctx_enc, md_info, 1 ) ) != 0 || ( ret = mbedtls_md_setup( &transform->md_ctx_dec, md_info, 1 ) ) != 0 ) @@ -7181,6 +7183,7 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform, MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_setup", ret ); goto end; } +#endif /* !MBEDTLS_USE_PSA_CRYPTO */ /* Get MAC length */ mac_key_len = mbedtls_md_get_size( md_info ); @@ -7328,13 +7331,14 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform, MBEDTLS_SSL_DEBUG_RET( 1, "psa_import_mac_key", ret ); goto end; } -#endif +#else ret = mbedtls_md_hmac_starts( &transform->md_ctx_enc, mac_enc, mac_key_len ); if( ret != 0 ) goto end; ret = mbedtls_md_hmac_starts( &transform->md_ctx_dec, mac_dec, mac_key_len ); if( ret != 0 ) goto end; +#endif /* MBEDTLS_USE_PSA_CRYPTO */ } #endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 31f9b722ac..0ec8b95b56 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -1383,7 +1383,7 @@ static int build_transforms( mbedtls_ssl_transform *t_in, CHK( psa_import_key( &attributes, md0, maclen, &t_out->psa_mac_dec ) == PSA_SUCCESS ); -#endif +#else CHK( mbedtls_md_setup( &t_out->md_ctx_enc, md_info, 1 ) == 0 ); CHK( mbedtls_md_setup( &t_out->md_ctx_dec, md_info, 1 ) == 0 ); CHK( mbedtls_md_setup( &t_in->md_ctx_enc, md_info, 1 ) == 0 ); @@ -1397,6 +1397,7 @@ static int build_transforms( mbedtls_ssl_transform *t_in, md1, maclen ) == 0 ); CHK( mbedtls_md_hmac_starts( &t_out->md_ctx_dec, md0, maclen ) == 0 ); +#endif } #else ((void) hash_id); @@ -3724,6 +3725,10 @@ void ssl_decrypt_non_etm_cbc( int cipher_type, int hash_id, int trunc_hmac, unsigned char padlen; /* excluding the padding_length byte */ unsigned char add_data[13]; unsigned char mac[MBEDTLS_MD_MAX_SIZE]; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; + size_t sign_mac_length = 0; +#endif int exp_ret; int ret; const unsigned char pad_max_len = 255; /* Per the standard */ @@ -3807,11 +3812,24 @@ void ssl_decrypt_non_etm_cbc( int cipher_type, int hash_id, int trunc_hmac, */ /* MAC with additional data */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + TEST_EQUAL( PSA_SUCCESS, psa_mac_sign_setup( &operation, + t0.psa_mac_enc, + t0.psa_mac_alg ) ); + TEST_EQUAL( PSA_SUCCESS, psa_mac_update( &operation, add_data, 13 ) ); + TEST_EQUAL( PSA_SUCCESS, psa_mac_update( &operation, + rec.buf + rec.data_offset, + rec.data_len ) ); + TEST_EQUAL( PSA_SUCCESS, psa_mac_sign_finish( &operation, + mac, MBEDTLS_MD_MAX_SIZE, + &sign_mac_length ) ); +#else TEST_EQUAL( 0, mbedtls_md_hmac_update( &t0.md_ctx_enc, add_data, 13 ) ); TEST_EQUAL( 0, mbedtls_md_hmac_update( &t0.md_ctx_enc, rec.buf + rec.data_offset, rec.data_len ) ); TEST_EQUAL( 0, mbedtls_md_hmac_finish( &t0.md_ctx_enc, mac ) ); +#endif memcpy( rec.buf + rec.data_offset + rec.data_len, mac, t0.maclen ); rec.data_len += t0.maclen;