From 416d0e2b010d4bd84a7ab2b1544f9040905b320a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 22 Oct 2022 18:27:57 +0200 Subject: [PATCH 01/15] Introduce preprocessor symbols for MD algorithm support via PSA MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit These new symbols will allow code to call the md module and benefit from PSA accelerator drivers. Code must use MBEDTLS_MD_CAN_xxx instead of MBEDTLS_xxx_C to check for support for a particular algorithm. This commit only defines the symbols. Subsequent commits will implement those symbols in the md module, and in users of the md module. Signed-off-by: Gilles Peskine Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/md.h | 85 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 85 insertions(+) diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index 3341d1cc02..163b718d61 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -32,6 +32,91 @@ #include "mbedtls/build_info.h" #include "mbedtls/platform_util.h" +#if defined(MBEDTLS_MD_LIGHT) + +/* + * - MBEDTLS_MD_CAN_xxx is defined if the md module can perform xxx. + * - MBEDTLS_MD_xxx_VIA_PSA is defined if the md module performs xxx via PSA. + * - MBEDTLS_MD_SOME_PSA is defined if at least one algorithm is performed + * via PSA. + * - MBEDTLS_MD_SOME_LEGACY is defined if at least one algorithm is performed + * via a direct legacy call. + * + * The md module performs an algorithm via PSA if there is a PSA hash + * accelerator, and makes a direct legacy call otherwise. + */ + +/* PSA accelerated implementations */ +#if defined(MBEDTLS_PSA_CRYPTO_C) +#if defined(MBEDTLS_PSA_ACCEL_ALG_MD5) +#define MBEDTLS_MD_CAN_MD5 +#define MBEDTLS_MD_MD5_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) +#define MBEDTLS_MD_CAN_SHA1 +#define MBEDTLS_MD_SHA1_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) +#define MBEDTLS_MD_CAN_SHA224 +#define MBEDTLS_MD_SHA224_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) +#define MBEDTLS_MD_CAN_SHA256 +#define MBEDTLS_MD_SHA256_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) +#define MBEDTLS_MD_CAN_SHA384 +#define MBEDTLS_MD_SHA384_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) +#define MBEDTLS_MD_CAN_SHA512 +#define MBEDTLS_MD_SHA512_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) +#define MBEDTLS_MD_CAN_RIPEMD160 +#define MBEDTLS_MD_RIPEMD160_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#endif /* MBEDTLS_PSA_CRYPTO_C */ + +/* Built-in implementations */ +#if defined(MBEDTLS_MD5_C) +#define MBEDTLS_MD_CAN_MD5 +#define MBEDTLS_MD_SOME_LEGACY +#endif +#if defined(MBEDTLS_SHA1_C) +#define MBEDTLS_MD_CAN_SHA1 +#define MBEDTLS_MD_SOME_LEGACY +#endif +#if defined(MBEDTLS_SHA224_C) +#define MBEDTLS_MD_CAN_SHA224 +#define MBEDTLS_MD_SOME_LEGACY +#endif +#if defined(MBEDTLS_SHA256_C) +#define MBEDTLS_MD_CAN_SHA256 +#define MBEDTLS_MD_SOME_LEGACY +#endif +#if defined(MBEDTLS_SHA384_C) +#define MBEDTLS_MD_CAN_SHA384 +#define MBEDTLS_MD_SOME_LEGACY +#endif +#if defined(MBEDTLS_SHA512_C) +#define MBEDTLS_MD_CAN_SHA512 +#define MBEDTLS_MD_SOME_LEGACY +#endif +#if defined(MBEDTLS_RIPEMD160_C) +#define MBEDTLS_MD_CAN_RIPEMD160 +#define MBEDTLS_MD_SOME_LEGACY +#endif + +#endif /* MBEDTLS_MD_LIGHT */ + /** The selected feature is not available. */ #define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE -0x5080 /** Bad input parameters to function. */ From 83d9e09b1538c0eb52f18e9b09a81382411f0e06 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 22 Oct 2022 18:32:43 +0200 Subject: [PATCH 02/15] Switch metadata functions to the PSA-aware availability symbols MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Gilles Peskine Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/md.h | 13 +++++----- library/md.c | 56 ++++++++++++++++++++++---------------------- 2 files changed, 35 insertions(+), 34 deletions(-) diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index 163b718d61..bd44b64ad5 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -149,19 +149,20 @@ typedef enum { MBEDTLS_MD_RIPEMD160, /**< The RIPEMD-160 message digest. */ } mbedtls_md_type_t; -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_MD_CAN_SHA512) #define MBEDTLS_MD_MAX_SIZE 64 /* longest known is SHA512 */ -#elif defined(MBEDTLS_SHA384_C) +#elif defined(MBEDTLS_MD_CAN_SHA384) #define MBEDTLS_MD_MAX_SIZE 48 /* longest known is SHA384 */ -#elif defined(MBEDTLS_SHA256_C) +#elif defined(MBEDTLS_MD_CAN_SHA256) #define MBEDTLS_MD_MAX_SIZE 32 /* longest known is SHA256 */ -#elif defined(MBEDTLS_SHA224_C) +#elif defined(MBEDTLS_MD_CAN_SHA224) #define MBEDTLS_MD_MAX_SIZE 28 /* longest known is SHA224 */ #else -#define MBEDTLS_MD_MAX_SIZE 20 /* longest known is SHA1 or RIPE MD-160 */ +#define MBEDTLS_MD_MAX_SIZE 20 /* longest known is SHA1 or RIPE MD-160 + or smaller (MD5 and earlier) */ #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_MD_CAN_SHA512) #define MBEDTLS_MD_MAX_BLOCK_SIZE 128 #else #define MBEDTLS_MD_MAX_BLOCK_SIZE 64 diff --git a/library/md.c b/library/md.c index 6681f9aa0c..7171057a99 100644 --- a/library/md.c +++ b/library/md.c @@ -60,7 +60,7 @@ #include #endif -#if defined(MBEDTLS_MD5_C) +#if defined(MBEDTLS_MD_CAN_MD5) const mbedtls_md_info_t mbedtls_md5_info = { "MD5", MBEDTLS_MD_MD5, @@ -69,7 +69,7 @@ const mbedtls_md_info_t mbedtls_md5_info = { }; #endif -#if defined(MBEDTLS_RIPEMD160_C) +#if defined(MBEDTLS_MD_CAN_RIPEMD160) const mbedtls_md_info_t mbedtls_ripemd160_info = { "RIPEMD160", MBEDTLS_MD_RIPEMD160, @@ -78,7 +78,7 @@ const mbedtls_md_info_t mbedtls_ripemd160_info = { }; #endif -#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_MD_CAN_SHA1) const mbedtls_md_info_t mbedtls_sha1_info = { "SHA1", MBEDTLS_MD_SHA1, @@ -87,7 +87,7 @@ const mbedtls_md_info_t mbedtls_sha1_info = { }; #endif -#if defined(MBEDTLS_SHA224_C) +#if defined(MBEDTLS_MD_CAN_SHA224) const mbedtls_md_info_t mbedtls_sha224_info = { "SHA224", MBEDTLS_MD_SHA224, @@ -96,7 +96,7 @@ const mbedtls_md_info_t mbedtls_sha224_info = { }; #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_MD_CAN_SHA256) const mbedtls_md_info_t mbedtls_sha256_info = { "SHA256", MBEDTLS_MD_SHA256, @@ -105,7 +105,7 @@ const mbedtls_md_info_t mbedtls_sha256_info = { }; #endif -#if defined(MBEDTLS_SHA384_C) +#if defined(MBEDTLS_MD_CAN_SHA384) const mbedtls_md_info_t mbedtls_sha384_info = { "SHA384", MBEDTLS_MD_SHA384, @@ -114,7 +114,7 @@ const mbedtls_md_info_t mbedtls_sha384_info = { }; #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_MD_CAN_SHA512) const mbedtls_md_info_t mbedtls_sha512_info = { "SHA512", MBEDTLS_MD_SHA512, @@ -126,31 +126,31 @@ const mbedtls_md_info_t mbedtls_sha512_info = { const mbedtls_md_info_t *mbedtls_md_info_from_type(mbedtls_md_type_t md_type) { switch (md_type) { -#if defined(MBEDTLS_MD5_C) +#if defined(MBEDTLS_MD_CAN_MD5) case MBEDTLS_MD_MD5: return &mbedtls_md5_info; #endif -#if defined(MBEDTLS_RIPEMD160_C) +#if defined(MBEDTLS_MD_CAN_RIPEMD160) case MBEDTLS_MD_RIPEMD160: return &mbedtls_ripemd160_info; #endif -#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_MD_CAN_SHA1) case MBEDTLS_MD_SHA1: return &mbedtls_sha1_info; #endif -#if defined(MBEDTLS_SHA224_C) +#if defined(MBEDTLS_MD_CAN_SHA224) case MBEDTLS_MD_SHA224: return &mbedtls_sha224_info; #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_MD_CAN_SHA256) case MBEDTLS_MD_SHA256: return &mbedtls_sha256_info; #endif -#if defined(MBEDTLS_SHA384_C) +#if defined(MBEDTLS_MD_CAN_SHA384) case MBEDTLS_MD_SHA384: return &mbedtls_sha384_info; #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_MD_CAN_SHA512) case MBEDTLS_MD_SHA512: return &mbedtls_sha512_info; #endif @@ -536,30 +536,30 @@ mbedtls_md_type_t mbedtls_md_get_type(const mbedtls_md_info_t *md_info) */ static const int supported_digests[] = { -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_MD_CAN_SHA512) MBEDTLS_MD_SHA512, #endif -#if defined(MBEDTLS_SHA384_C) +#if defined(MBEDTLS_MD_CAN_SHA384) MBEDTLS_MD_SHA384, #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_MD_CAN_SHA256) MBEDTLS_MD_SHA256, #endif -#if defined(MBEDTLS_SHA224_C) +#if defined(MBEDTLS_MD_CAN_SHA224) MBEDTLS_MD_SHA224, #endif -#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_MD_CAN_SHA1) MBEDTLS_MD_SHA1, #endif -#if defined(MBEDTLS_RIPEMD160_C) +#if defined(MBEDTLS_MD_CAN_RIPEMD160) MBEDTLS_MD_RIPEMD160, #endif -#if defined(MBEDTLS_MD5_C) +#if defined(MBEDTLS_MD_CAN_MD5) MBEDTLS_MD_MD5, #endif @@ -578,37 +578,37 @@ const mbedtls_md_info_t *mbedtls_md_info_from_string(const char *md_name) } /* Get the appropriate digest information */ -#if defined(MBEDTLS_MD5_C) +#if defined(MBEDTLS_MD_CAN_MD5) if (!strcmp("MD5", md_name)) { return mbedtls_md_info_from_type(MBEDTLS_MD_MD5); } #endif -#if defined(MBEDTLS_RIPEMD160_C) +#if defined(MBEDTLS_MD_CAN_RIPEMD160) if (!strcmp("RIPEMD160", md_name)) { return mbedtls_md_info_from_type(MBEDTLS_MD_RIPEMD160); } #endif -#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_MD_CAN_SHA1) if (!strcmp("SHA1", md_name) || !strcmp("SHA", md_name)) { return mbedtls_md_info_from_type(MBEDTLS_MD_SHA1); } #endif -#if defined(MBEDTLS_SHA224_C) +#if defined(MBEDTLS_MD_CAN_SHA224) if (!strcmp("SHA224", md_name)) { return mbedtls_md_info_from_type(MBEDTLS_MD_SHA224); } #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_MD_CAN_SHA256) if (!strcmp("SHA256", md_name)) { return mbedtls_md_info_from_type(MBEDTLS_MD_SHA256); } #endif -#if defined(MBEDTLS_SHA384_C) +#if defined(MBEDTLS_MD_CAN_SHA384) if (!strcmp("SHA384", md_name)) { return mbedtls_md_info_from_type(MBEDTLS_MD_SHA384); } #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_MD_CAN_SHA512) if (!strcmp("SHA512", md_name)) { return mbedtls_md_info_from_type(MBEDTLS_MD_SHA512); } From 12612e5ab45db3cd688a26ffaa3de56f252a74c9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 22 Oct 2022 20:07:28 +0200 Subject: [PATCH 03/15] Implement md over PSA MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When MBEDTLS_MD_xxx_VIA_PSA is enabled (by mbdetls/md.h), route calls to xxx over PSA rather than through the built-in implementation. Signed-off-by: Gilles Peskine Signed-off-by: Manuel Pégourié-Gonnard --- library/md.c | 117 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 117 insertions(+) diff --git a/library/md.c b/library/md.c index 7171057a99..20bfd23f13 100644 --- a/library/md.c +++ b/library/md.c @@ -52,6 +52,10 @@ #include "mbedtls/sha256.h" #include "mbedtls/sha512.h" +#if defined(MBEDTLS_MD_SOME_PSA) +#include +#endif + #include "mbedtls/platform.h" #include @@ -159,6 +163,63 @@ const mbedtls_md_info_t *mbedtls_md_info_from_type(mbedtls_md_type_t md_type) } } +#if defined(MBEDTLS_MD_SOME_PSA) +static psa_algorithm_t psa_alg_of_md(const mbedtls_md_info_t *info) +{ + switch (info->type) { +#if defined(MBEDTLS_MD_MD5_VIA_PSA) + case MBEDTLS_MD_MD5: + return PSA_ALG_MD5; +#endif +#if defined(MBEDTLS_MD_RIPEMD160_VIA_PSA) + case MBEDTLS_MD_RIPEMD160: + return PSA_ALG_RIPEMD160; +#endif +#if defined(MBEDTLS_MD_SHA1_VIA_PSA) + case MBEDTLS_MD_SHA1: + return PSA_ALG_SHA_1; +#endif +#if defined(MBEDTLS_MD_SHA224_VIA_PSA) + case MBEDTLS_MD_SHA224: + return PSA_ALG_SHA_224; +#endif +#if defined(MBEDTLS_MD_SHA256_VIA_PSA) + case MBEDTLS_MD_SHA256: + return PSA_ALG_SHA_256; +#endif +#if defined(MBEDTLS_MD_SHA384_VIA_PSA) + case MBEDTLS_MD_SHA384: + return PSA_ALG_SHA_384; +#endif +#if defined(MBEDTLS_MD_SHA512_VIA_PSA) + case MBEDTLS_MD_SHA512: + return PSA_ALG_SHA_512; +#endif + default: + return PSA_ALG_NONE; + } +} + +static int md_uses_psa(const mbedtls_md_info_t *info) +{ + return psa_alg_of_md(info) != PSA_ALG_NONE; +} + +static int mbedtls_md_error_from_psa(psa_status_t status) +{ + switch (status) { + case PSA_SUCCESS: + return 0; + case PSA_ERROR_NOT_SUPPORTED: + return MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE; + case PSA_ERROR_INSUFFICIENT_MEMORY: + return MBEDTLS_ERR_MD_ALLOC_FAILED; + default: + return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED; + } +} +#endif /* MBEDTLS_MD_SOME_PSA */ + void mbedtls_md_init(mbedtls_md_context_t *ctx) { memset(ctx, 0, sizeof(mbedtls_md_context_t)); @@ -171,6 +232,11 @@ void mbedtls_md_free(mbedtls_md_context_t *ctx) } if (ctx->md_ctx != NULL) { +#if defined(MBEDTLS_MD_SOME_PSA) + if (md_uses_psa(ctx->md_info) && ctx->md_ctx != NULL) { + psa_hash_abort(ctx->md_ctx); + } else +#endif switch (ctx->md_info->type) { #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: @@ -232,6 +298,13 @@ int mbedtls_md_clone(mbedtls_md_context_t *dst, return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } +#if defined(MBEDTLS_MD_SOME_PSA) + if (md_uses_psa(src->md_info)) { + psa_status_t status = psa_hash_clone(src->md_ctx, dst->md_ctx); + return mbedtls_md_error_from_psa(status); + } +#endif + switch (src->md_info->type) { #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: @@ -294,6 +367,14 @@ int mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info ctx->md_ctx = NULL; ctx->hmac_ctx = NULL; +#if defined(MBEDTLS_MD_SOME_PSA) + if (md_uses_psa(ctx->md_info)) { + ctx->md_ctx = mbedtls_calloc(1, sizeof(psa_hash_operation_t)); + if (ctx->md_ctx == NULL) { + return MBEDTLS_ERR_MD_ALLOC_FAILED; + } + } else +#endif switch (md_info->type) { #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: @@ -352,6 +433,15 @@ int mbedtls_md_starts(mbedtls_md_context_t *ctx) return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } +#if defined(MBEDTLS_MD_SOME_PSA) + psa_algorithm_t alg = psa_alg_of_md(ctx->md_info); + if (alg != PSA_ALG_NONE) { + psa_hash_abort(ctx->md_ctx); + psa_status_t status = psa_hash_setup(ctx->md_ctx, alg); + return mbedtls_md_error_from_psa(status); + } +#endif + switch (ctx->md_info->type) { #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: @@ -392,6 +482,13 @@ int mbedtls_md_update(mbedtls_md_context_t *ctx, const unsigned char *input, siz return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } +#if defined(MBEDTLS_MD_SOME_PSA) + if (md_uses_psa(ctx->md_info)) { + psa_status_t status = psa_hash_update(ctx->md_ctx, input, ilen); + return mbedtls_md_error_from_psa(status); + } +#endif + switch (ctx->md_info->type) { #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: @@ -432,6 +529,15 @@ int mbedtls_md_finish(mbedtls_md_context_t *ctx, unsigned char *output) return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } +#if defined(MBEDTLS_MD_SOME_PSA) + if (md_uses_psa(ctx->md_info)) { + size_t size = ctx->md_info->size; + psa_status_t status = psa_hash_finish(ctx->md_ctx, + output, size, &size); + return mbedtls_md_error_from_psa(status); + } +#endif + switch (ctx->md_info->type) { #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: @@ -473,6 +579,17 @@ int mbedtls_md(const mbedtls_md_info_t *md_info, const unsigned char *input, siz return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } +#if defined(MBEDTLS_MD_SOME_PSA) + psa_algorithm_t alg = psa_alg_of_md(md_info); + if (alg != PSA_ALG_NONE) { + size_t size = md_info->size; + psa_status_t status = psa_hash_compute(alg, + input, ilen, + output, size, &size); + return mbedtls_md_error_from_psa(status); + } +#endif + switch (md_info->type) { #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: From d8ea37f1a3764727ea74ced95336368a9bce626c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 9 Mar 2023 10:46:22 +0100 Subject: [PATCH 04/15] Add engine field to context structure MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit For multi-part operations, we want to make the decision to use PSA or not only once, during setup(), and remember it afterwards. This supports the introduction, in the next few commits, of a dynamic component to that decision: has the PSA driver sub-system been initialized yet? Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/md.h | 17 ++++++++++++++++- library/md.c | 27 ++++++++++++++++++--------- 2 files changed, 34 insertions(+), 10 deletions(-) diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index bd44b64ad5..ada7ad933b 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -180,6 +180,16 @@ typedef enum { /* Defined internally in library/md_wrap.h. */ typedef struct mbedtls_md_info_t mbedtls_md_info_t; +/** + * Used internally to indicate whether a context uses legacy or PSA. + * + * Internal use only. + */ +typedef enum { + MBEDTLS_MD_ENGINE_LEGACY = 0, + MBEDTLS_MD_ENGINE_PSA, +} mbedtls_md_engine_t; + /** * The generic message-digest context. */ @@ -187,7 +197,12 @@ typedef struct mbedtls_md_context_t { /** Information about the associated message digest. */ const mbedtls_md_info_t *MBEDTLS_PRIVATE(md_info); - /** The digest-specific context. */ +#if defined(MBEDTLS_MD_SOME_PSA) + /** Are hash operations dispatched to PSA or legacy? */ + mbedtls_md_engine_t MBEDTLS_PRIVATE(engine); +#endif + + /** The digest-specific context (legacy) or the PSA operation. */ void *MBEDTLS_PRIVATE(md_ctx); /** The HMAC part of the context. */ diff --git a/library/md.c b/library/md.c index 20bfd23f13..5b61b51fdb 100644 --- a/library/md.c +++ b/library/md.c @@ -222,6 +222,7 @@ static int mbedtls_md_error_from_psa(psa_status_t status) void mbedtls_md_init(mbedtls_md_context_t *ctx) { + /* Note: this sets engine (if present) to MBEDTLS_MD_ENGINE_LEGACY */ memset(ctx, 0, sizeof(mbedtls_md_context_t)); } @@ -233,7 +234,7 @@ void mbedtls_md_free(mbedtls_md_context_t *ctx) if (ctx->md_ctx != NULL) { #if defined(MBEDTLS_MD_SOME_PSA) - if (md_uses_psa(ctx->md_info) && ctx->md_ctx != NULL) { + if (ctx->engine == MBEDTLS_MD_ENGINE_PSA) { psa_hash_abort(ctx->md_ctx); } else #endif @@ -299,7 +300,15 @@ int mbedtls_md_clone(mbedtls_md_context_t *dst, } #if defined(MBEDTLS_MD_SOME_PSA) - if (md_uses_psa(src->md_info)) { + if (src->engine != dst->engine) { + /* This can happen with src set to legacy because PSA wasn't ready + * yet, and dst to PSA because it became ready in the meantime. + * We currently don't support that case (we'd need to re-allocate + * md_ctx to the size of the appropriate MD context). */ + return MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE; + } + + if (src->engine == MBEDTLS_MD_ENGINE_PSA) { psa_status_t status = psa_hash_clone(src->md_ctx, dst->md_ctx); return mbedtls_md_error_from_psa(status); } @@ -373,6 +382,7 @@ int mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info if (ctx->md_ctx == NULL) { return MBEDTLS_ERR_MD_ALLOC_FAILED; } + ctx->engine = MBEDTLS_MD_ENGINE_PSA; } else #endif switch (md_info->type) { @@ -434,8 +444,8 @@ int mbedtls_md_starts(mbedtls_md_context_t *ctx) } #if defined(MBEDTLS_MD_SOME_PSA) - psa_algorithm_t alg = psa_alg_of_md(ctx->md_info); - if (alg != PSA_ALG_NONE) { + if (ctx->engine == MBEDTLS_MD_ENGINE_PSA) { + psa_algorithm_t alg = psa_alg_of_md(ctx->md_info); psa_hash_abort(ctx->md_ctx); psa_status_t status = psa_hash_setup(ctx->md_ctx, alg); return mbedtls_md_error_from_psa(status); @@ -483,7 +493,7 @@ int mbedtls_md_update(mbedtls_md_context_t *ctx, const unsigned char *input, siz } #if defined(MBEDTLS_MD_SOME_PSA) - if (md_uses_psa(ctx->md_info)) { + if (ctx->engine == MBEDTLS_MD_ENGINE_PSA) { psa_status_t status = psa_hash_update(ctx->md_ctx, input, ilen); return mbedtls_md_error_from_psa(status); } @@ -530,7 +540,7 @@ int mbedtls_md_finish(mbedtls_md_context_t *ctx, unsigned char *output) } #if defined(MBEDTLS_MD_SOME_PSA) - if (md_uses_psa(ctx->md_info)) { + if (ctx->engine == MBEDTLS_MD_ENGINE_PSA) { size_t size = ctx->md_info->size; psa_status_t status = psa_hash_finish(ctx->md_ctx, output, size, &size); @@ -580,10 +590,9 @@ int mbedtls_md(const mbedtls_md_info_t *md_info, const unsigned char *input, siz } #if defined(MBEDTLS_MD_SOME_PSA) - psa_algorithm_t alg = psa_alg_of_md(md_info); - if (alg != PSA_ALG_NONE) { + if (md_uses_psa(md_info)) { size_t size = md_info->size; - psa_status_t status = psa_hash_compute(alg, + psa_status_t status = psa_hash_compute(psa_alg_of_md(md_info), input, ilen, output, size, &size); return mbedtls_md_error_from_psa(status); From 7abdf7eee5f5d8e775cc0c5bcecb8caab046ffa6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 9 Mar 2023 11:17:43 +0100 Subject: [PATCH 05/15] Add utility function to check for drivers init MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This will be used in the next commit. While at it, move driver initialization before RNG init - this will be handy when the entropy module wants to use drivers for hashes. Signed-off-by: Manuel Pégourié-Gonnard --- library/psa_crypto.c | 20 ++++++++++++++------ library/psa_crypto_core.h | 12 ++++++++++++ tests/suites/test_suite_psa_crypto.data | 3 +++ tests/suites/test_suite_psa_crypto.function | 15 +++++++++++++++ 4 files changed, 44 insertions(+), 6 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ba204f7ef2..46938eadbf 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -111,6 +111,7 @@ static int key_type_is_raw_bytes(psa_key_type_t type) typedef struct { unsigned initialized : 1; unsigned rng_state : 2; + unsigned drivers_initialized : 1; mbedtls_psa_random_context_t rng; } psa_global_data_t; @@ -125,6 +126,12 @@ mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state = if (global_data.initialized == 0) \ return PSA_ERROR_BAD_STATE; +int psa_can_do_hash(psa_algorithm_t hash_alg) +{ + (void) hash_alg; + return global_data.drivers_initialized; +} + psa_status_t mbedtls_to_psa_error(int ret) { /* Mbed TLS error codes can combine a high-level error code and a @@ -7124,6 +7131,13 @@ psa_status_t psa_crypto_init(void) return PSA_SUCCESS; } + /* Init drivers */ + status = psa_driver_wrapper_init(); + if (status != PSA_SUCCESS) { + goto exit; + } + global_data.drivers_initialized = 1; + /* Initialize and seed the random generator. */ mbedtls_psa_random_init(&global_data.rng); global_data.rng_state = RNG_INITIALIZED; @@ -7138,12 +7152,6 @@ psa_status_t psa_crypto_init(void) goto exit; } - /* Init drivers */ - status = psa_driver_wrapper_init(); - if (status != PSA_SUCCESS) { - goto exit; - } - #if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS) status = psa_crypto_load_transaction(); if (status == PSA_SUCCESS) { diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index d3d0188a6e..8bc1b647c0 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -26,6 +26,18 @@ #include "psa/crypto.h" #include "psa/crypto_se_driver.h" +/** + * Tell if PSA is ready for this hash. + * + * \note For now, only checks the state of the driver subsystem, + * not the algorithm. Might do more in the future. + * + * \param hash_alg The hash algorithm (ignored for now). + * + * \return 1 if the driver subsytem is ready, 0 otherwise. + */ +int psa_can_do_hash(psa_algorithm_t hash_alg); + /** Constant-time buffer comparison * * \param[in] a Left-hand buffer for comparison. diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index eddac7fc16..86b2f667db 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1,3 +1,6 @@ +PSA can_do_hash +psa_can_do_hash: + PSA compile-time sanity checks static_checks: diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 231b47fca4..41a3237b3e 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -13,6 +13,9 @@ #include "psa/crypto.h" #include "psa_crypto_slot_management.h" +/* For psa_can_do_hash() */ +#include "psa_crypto_core.h" + #include "test/asn1_helpers.h" #include "test/psa_crypto_helpers.h" #include "test/psa_exercise_key.h" @@ -1255,6 +1258,18 @@ static void interruptible_signverify_get_minmax_completes(uint32_t max_ops, * END_DEPENDENCIES */ +/* BEGIN_CASE */ +void psa_can_do_hash() +{ + /* We can't test that this is specific to drivers until partial init has + * been implemented, but we can at least test before/after full init. */ + TEST_EQUAL(0, psa_can_do_hash(PSA_ALG_NONE)); + PSA_INIT(); + TEST_EQUAL(1, psa_can_do_hash(PSA_ALG_NONE)); + PSA_DONE(); +} +/* END_CASE */ + /* BEGIN_CASE */ void static_checks() { From 9b14639342ac15e9f8e265aded8089f5b3781cd4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 9 Mar 2023 15:56:14 +0100 Subject: [PATCH 06/15] Dispatch according to init status. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We shouldn't dispatch to PSA when drivers have not been initialized yet. Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/md.h | 4 ++ library/md.c | 8 ++- tests/scripts/all.sh | 23 ++++++++ tests/suites/test_suite_md.data | 84 +++++++++++++++++++++++++++++ tests/suites/test_suite_md.function | 51 ++++++++++++++++++ 5 files changed, 169 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index ada7ad933b..5ab0967272 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -286,6 +286,10 @@ int mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info * * \return \c 0 on success. * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification failure. + * \return #MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE if both contexts are + * not using the same engine. This can be avoided by moving + * the call to psa_crypto_init() before the first call to + * mbedtls_md_setup(). */ MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_md_clone(mbedtls_md_context_t *dst, diff --git a/library/md.c b/library/md.c index 5b61b51fdb..0862fb0724 100644 --- a/library/md.c +++ b/library/md.c @@ -54,6 +54,7 @@ #if defined(MBEDTLS_MD_SOME_PSA) #include +#include "psa_crypto_core.h" #endif #include "mbedtls/platform.h" @@ -202,7 +203,12 @@ static psa_algorithm_t psa_alg_of_md(const mbedtls_md_info_t *info) static int md_uses_psa(const mbedtls_md_info_t *info) { - return psa_alg_of_md(info) != PSA_ALG_NONE; + psa_algorithm_t alg = psa_alg_of_md(info); + if (alg == PSA_ALG_NONE) { + return 0; + } + + return psa_can_do_hash(alg); } static int mbedtls_md_error_from_psa(psa_status_t status) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index b76ba579ff..c21f1be0e8 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2442,6 +2442,29 @@ component_test_psa_crypto_config_accel_hash () { make test } +component_test_psa_crypto_config_accel_hash_keep_builtins () { + msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated+builtin hash" + # This component ensures that all the test cases for + # md_psa_dynamic_dispatch with legacy+driver in test_suite_md are run. + + # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having + # partial support for cipher operations in the driver test library. + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING + + loc_accel_list="ALG_MD5 ALG_RIPEMD160 ALG_SHA_1 ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512" + loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) + make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" + + scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS + scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG + loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" + make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" + + msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated+builtin hash" + make test +} + # Auxiliary function to build config for hashes with and without drivers config_psa_crypto_hash_use_psa () { DRIVER_ONLY="$1" diff --git a/tests/suites/test_suite_md.data b/tests/suites/test_suite_md.data index 79b837619b..24dd39bf9b 100644 --- a/tests/suites/test_suite_md.data +++ b/tests/suites/test_suite_md.data @@ -1016,3 +1016,87 @@ mbedtls_md_file:MBEDTLS_MD_SHA512:"data_files/hash_file_3":"7ccc9b2da71ffde9966c generic SHA-512 Hash file #4 depends_on:MBEDTLS_SHA512_C mbedtls_md_file:MBEDTLS_MD_SHA512:"data_files/hash_file_4":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e" + +PSA dispatch MD5 legacy only +depends_on:MBEDTLS_MD5_C:!MBEDTLS_MD_MD5_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_MD5:0:MBEDTLS_MD_ENGINE_LEGACY + +PSA dispatch MD5 driver only +depends_on:!MBEDTLS_MD5_C:MBEDTLS_MD_MD5_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_MD5:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch MD5 legacy+driver +depends_on:MBEDTLS_MD5_C:MBEDTLS_MD_MD5_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_MD5:0:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch RIPEMD160 legacy only +depends_on:MBEDTLS_RIPEMD160_C:!MBEDTLS_MD_RIPEMD160_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_RIPEMD160:0:MBEDTLS_MD_ENGINE_LEGACY + +PSA dispatch RIPEMD160 driver only +depends_on:!MBEDTLS_RIPEMD160_C:MBEDTLS_MD_RIPEMD160_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_RIPEMD160:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch RIPEMD160 legacy+driver +depends_on:MBEDTLS_RIPEMD160_C:MBEDTLS_MD_RIPEMD160_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_RIPEMD160:0:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA1 legacy only +depends_on:MBEDTLS_SHA1_C:!MBEDTLS_MD_SHA1_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA1:0:MBEDTLS_MD_ENGINE_LEGACY + +PSA dispatch SHA1 driver only +depends_on:!MBEDTLS_SHA1_C:MBEDTLS_MD_SHA1_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA1:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA1 legacy+driver +depends_on:MBEDTLS_SHA1_C:MBEDTLS_MD_SHA1_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA1:0:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA224 legacy only +depends_on:MBEDTLS_SHA224_C:!MBEDTLS_MD_SHA224_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA224:0:MBEDTLS_MD_ENGINE_LEGACY + +PSA dispatch SHA224 driver only +depends_on:!MBEDTLS_SHA224_C:MBEDTLS_MD_SHA224_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA224:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA224 legacy+driver +depends_on:MBEDTLS_SHA224_C:MBEDTLS_MD_SHA224_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA224:0:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA256 legacy only +depends_on:MBEDTLS_SHA256_C:!MBEDTLS_MD_SHA256_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA256:0:MBEDTLS_MD_ENGINE_LEGACY + +PSA dispatch SHA256 driver only +depends_on:!MBEDTLS_SHA256_C:MBEDTLS_MD_SHA256_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA256:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA256 legacy+driver +depends_on:MBEDTLS_SHA256_C:MBEDTLS_MD_SHA256_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA256:0:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA384 legacy only +depends_on:MBEDTLS_SHA384_C:!MBEDTLS_MD_SHA384_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA384:0:MBEDTLS_MD_ENGINE_LEGACY + +PSA dispatch SHA384 driver only +depends_on:!MBEDTLS_SHA384_C:MBEDTLS_MD_SHA384_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA384:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA384 legacy+driver +depends_on:MBEDTLS_SHA384_C:MBEDTLS_MD_SHA384_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA384:0:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA512 legacy only +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_MD_SHA512_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA512:0:MBEDTLS_MD_ENGINE_LEGACY + +PSA dispatch SHA512 driver only +depends_on:!MBEDTLS_SHA512_C:MBEDTLS_MD_SHA512_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA512:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA512 legacy+driver +depends_on:MBEDTLS_SHA512_C:MBEDTLS_MD_SHA512_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA512:0:MBEDTLS_MD_ENGINE_PSA diff --git a/tests/suites/test_suite_md.function b/tests/suites/test_suite_md.function index 1e8622be0f..bf875f3efd 100644 --- a/tests/suites/test_suite_md.function +++ b/tests/suites/test_suite_md.function @@ -16,6 +16,9 @@ void mbedtls_md_list() unsigned char out[MBEDTLS_MD_MAX_SIZE] = { 0 }; mbedtls_md_init(&ctx); +#if defined(MBEDTLS_MD_SOME_PSA) + PSA_INIT(); +#endif /* * Test that mbedtls_md_list() only returns valid MDs. @@ -31,6 +34,9 @@ void mbedtls_md_list() exit: mbedtls_md_free(&ctx); +#if defined(MBEDTLS_MD_SOME_PSA) + PSA_DONE(); +#endif } /* END_CASE */ @@ -338,3 +344,48 @@ void mbedtls_md_file(int md_type, char *filename, ASSERT_COMPARE(output, mbedtls_md_get_size(md_info), hash->x, hash->len); } /* END_CASE */ + +/* BEGIN_CASE */ +void md_psa_dynamic_dispatch(int md_type, int pre_psa_ret, int post_psa_engine) +{ + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_type); + TEST_ASSERT(md_info != NULL); + mbedtls_md_context_t ctx1, ctx2; + + mbedtls_md_init(&ctx1); + mbedtls_md_init(&ctx2); + + /* Before PSA crypto init */ + TEST_EQUAL(pre_psa_ret, mbedtls_md_setup(&ctx1, md_info, 0)); + TEST_EQUAL(pre_psa_ret, mbedtls_md_setup(&ctx2, md_info, 0)); + +#if defined(MBEDTLS_MD_SOME_PSA) + TEST_EQUAL(ctx1.engine, MBEDTLS_MD_ENGINE_LEGACY); + TEST_EQUAL(ctx2.engine, MBEDTLS_MD_ENGINE_LEGACY); +#endif + + /* Reset ctx1 but keep ctx2 for the cloning test */ + mbedtls_md_free(&ctx1); + mbedtls_md_init(&ctx1); + + /* After PSA Crypto init */ + PSA_INIT(); + TEST_EQUAL(0, mbedtls_md_setup(&ctx1, md_info, 0)); +#if defined(MBEDTLS_MD_SOME_PSA) + TEST_EQUAL(ctx1.engine, post_psa_engine); +#endif + + /* Cloning test */ + if (pre_psa_ret == 0) { + int exp_clone_ret = post_psa_engine == MBEDTLS_MD_ENGINE_PSA + ? MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE + : 0; + TEST_EQUAL(exp_clone_ret, mbedtls_md_clone(&ctx2, &ctx1)); + } + +exit: + mbedtls_md_free(&ctx1); + mbedtls_md_free(&ctx2); + PSA_DONE(); +} +/* END_CASE */ From c9e0ad23c1f7f2d17ad8e8d66896c323ee036552 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 9 Mar 2023 16:46:08 +0100 Subject: [PATCH 07/15] Update design document MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Support for PSA_CRYPTO_CLIENT without PSA_CRYPTO_C is out of scope for now but might be added later (the architecture supports that). - While we're using a void pointer for md_ctx, we don't need a union here; the union will be useful only if & when we remove the indirection. Signed-off-by: Manuel Pégourié-Gonnard --- .../psa-migration/md-cipher-dispatch.md | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/docs/architecture/psa-migration/md-cipher-dispatch.md b/docs/architecture/psa-migration/md-cipher-dispatch.md index eee59c4d80..355f5618dd 100644 --- a/docs/architecture/psa-migration/md-cipher-dispatch.md +++ b/docs/architecture/psa-migration/md-cipher-dispatch.md @@ -312,13 +312,16 @@ Note that some algorithms have different spellings in legacy and PSA. Since MD i ``` #if defined(MBEDTLS_MD_LIGHT) #if defined(MBEDTLS_SHA256_C) || \ - ((defined(MBEDTLS_PSA_CRYPTO_C) || defined(MBEDTLS_PSA_CRYPTO_CLIENT)) && \ - PSA_WANT_ALG_SHA_256) + (defined(MBEDTLS_PSA_CRYPTO_C) && PSA_WANT_ALG_SHA_256) #define MBEDTLS_MD_CAN_SHA256 #endif #endif ``` +Note: in the future, we may want to replace `defined(MBEDTLS_PSA_CRYPTO_C)` +with `defined(MBEDTLS_PSA_CRYTO_C) || defined(MBEDTLS_PSA_CRYPTO_CLIENT)` but +for now this is out of scope. + #### MD light internal support macros * If at least one hash has a PSA driver, define `MBEDTLS_MD_SOME_PSA`. @@ -337,16 +340,11 @@ enum { } mbedtls_md_engine_t; // private type typedef struct mbedtls_md_context_t { - const mbedtls_md_type_t type; - const mbedtls_md_engine_t engine; - union { -#if defined(MBEDTLS_MD_SOME_LEGACY) - void *legacy; // used if engine == LEGACY -#endif + mbedtls_md_type_t type; #if defined(MBEDTLS_MD_SOME_PSA) - psa_hash_operation_t *psa; // used if engine == PSA + mbedtls_md_engine_t engine; #endif - } digest; + void *md_ctx; // mbedtls_xxx_context or psa_hash_operation #if defined(MBEDTLS_MD_C) void *hmac_ctx; #endif From 39a376a41783fa1ebdaa8ffeded717d81b3c8054 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 9 Mar 2023 17:21:40 +0100 Subject: [PATCH 08/15] Finish removing HMAC from MD-light MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/md.h | 2 ++ library/md.c | 10 ++++++++++ 2 files changed, 12 insertions(+) diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index 5ab0967272..85d5c657bb 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -205,8 +205,10 @@ typedef struct mbedtls_md_context_t { /** The digest-specific context (legacy) or the PSA operation. */ void *MBEDTLS_PRIVATE(md_ctx); +#if defined(MBEDTLS_MD_C) /** The HMAC part of the context. */ void *MBEDTLS_PRIVATE(hmac_ctx); +#endif } mbedtls_md_context_t; /** diff --git a/library/md.c b/library/md.c index 0862fb0724..bffedb3448 100644 --- a/library/md.c +++ b/library/md.c @@ -287,11 +287,13 @@ void mbedtls_md_free(mbedtls_md_context_t *ctx) mbedtls_free(ctx->md_ctx); } +#if defined(MBEDTLS_MD_C) if (ctx->hmac_ctx != NULL) { mbedtls_platform_zeroize(ctx->hmac_ctx, 2 * ctx->md_info->block_size); mbedtls_free(ctx->hmac_ctx); } +#endif mbedtls_platform_zeroize(ctx, sizeof(mbedtls_md_context_t)); } @@ -380,7 +382,13 @@ int mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info ctx->md_info = md_info; ctx->md_ctx = NULL; +#if defined(MBEDTLS_MD_C) ctx->hmac_ctx = NULL; +#else + if (hmac != 0) { + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; + } +#endif #if defined(MBEDTLS_MD_SOME_PSA) if (md_uses_psa(ctx->md_info)) { @@ -431,6 +439,7 @@ int mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } +#if defined(MBEDTLS_MD_C) if (hmac != 0) { ctx->hmac_ctx = mbedtls_calloc(2, md_info->block_size); if (ctx->hmac_ctx == NULL) { @@ -438,6 +447,7 @@ int mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info return MBEDTLS_ERR_MD_ALLOC_FAILED; } } +#endif return 0; } From 7dc8b95849083ffe8abe6cdc38bb54e87b068e0c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 10 Mar 2023 10:07:51 +0100 Subject: [PATCH 09/15] Fix failures in builds without PSA_CRYPTO_C MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- tests/include/test/psa_crypto_helpers.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h index ac6eb2083a..f27f88eb6b 100644 --- a/tests/include/test/psa_crypto_helpers.h +++ b/tests/include/test/psa_crypto_helpers.h @@ -295,6 +295,7 @@ int mbedtls_test_fail_if_psa_leaking(int line_no, const char *filename); #define PSA_INIT_IF_NO_MD() ((void) 0) #define PSA_DONE_IF_NO_MD() ((void) 0) #endif + /** \def USE_PSA_INIT * * Call this macro to initialize the PSA subsystem if #MBEDTLS_USE_PSA_CRYPTO @@ -321,4 +322,9 @@ int mbedtls_test_fail_if_psa_leaking(int line_no, const char *filename); #define USE_PSA_DONE() ((void) 0) #endif /* !MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_SSL_PROTO_TLS1_3 */ +#if !defined(MBEDTLS_PSA_CRYPTO_C) +#define PSA_INIT() ((void) 0) +#define PSA_DONE() ((void) 0) +#endif /* MBEDTLS_PSA_CRYPTO_C */ + #endif /* PSA_CRYPTO_HELPERS_H */ From 54e3c6593e2958314567268b6ec7899994a7853e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 30 Jan 2023 13:01:36 +0100 Subject: [PATCH 10/15] Fix failures in signature accel test MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The test driver library tries to only build what's necessary, but must use the same PSA_WANT macros as the main library. So, for things that are not needed, it undefines MBEDTLS_PSA_BUILTIN_xxx and defines MBEDTLS_PSA_ACCEL_xxx, unless the ACCEL symbol was defined on the command line, in which case it undefines it and defineds BUILTIN instead. This negation happens in crypto_config_test_driver_extension.h and reflects the fact that what we want accelerated in the main library is what we want built-in in the driver library (and vice versa if we want to minimize the size of the driver library). So, the ACCEL symbols in inside the test driver library (while it's being built, not those on the command line) are a bit of a white lie: they don't actually mean "there's an accelerator for this" but instead "I won't include a built-in for this even though the corresponding PSA_WANT symbol is defined". This was quite harmless until MD started making dispatch decisions based on the ACCEL symbols: when it tries to dispatch to an accelerator that doesn't actually exist, things tend to go badly. The minimal fix for this is to change how we enable extra hashes in the test driver library: by defining the ACCEL symbol on the command line, in the build we'll end up with the BUILTIN symbol (and implementation!) and no ACCEL symbol, which is exactly what we want. Long version: https://arm-ce.slack.com/archives/GTM3SM1K5/p1675071671707599 Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/all.sh | 35 ++++++++++++++++++----------------- 1 file changed, 18 insertions(+), 17 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index c21f1be0e8..d444cbaf68 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2062,12 +2062,12 @@ component_test_psa_crypto_config_accel_ecdsa () { scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING - # These hashes are needed for some ECDSA signature tests. - scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA224_C - scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA384_C - scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA512_C - loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) + # These hashes are needed for some ECDSA signature tests. + loc_accel_flags="$loc_accel_flags -DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_ALG_SHA_224" + loc_accel_flags="$loc_accel_flags -DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_ALG_SHA_256" + loc_accel_flags="$loc_accel_flags -DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_ALG_SHA_384" + loc_accel_flags="$loc_accel_flags -DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_ALG_SHA_512" make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" # Configure and build the main libraries @@ -2135,14 +2135,13 @@ component_test_psa_crypto_config_accel_ecdsa_use_psa () { scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING - # SHA-1 and all variants of SHA-2 are needed for ECDSA and X.509 tests, - # but only SHA-256 is enabled by default, so enable the others. - scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA1_C - scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA224_C - scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA384_C - scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA512_C - loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) + # SHA-1 and all variants of SHA-2 are needed for ECDSA and X.509 tests + loc_accel_flags="$loc_accel_flags -DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_ALG_SHA_1" + loc_accel_flags="$loc_accel_flags -DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_ALG_SHA_224" + loc_accel_flags="$loc_accel_flags -DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_ALG_SHA_256" + loc_accel_flags="$loc_accel_flags -DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_ALG_SHA_384" + loc_accel_flags="$loc_accel_flags -DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_ALG_SHA_512" make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" # Configure and build the main libraries with drivers enabled @@ -2364,14 +2363,10 @@ component_test_psa_crypto_config_accel_rsa_signature () { # PSA_ALG_ANY_HASH as algorithm to test with the key, the chosen hash # algorithm based on the hashes supported by the library is also # supported by the test library. + # Disabled unwanted hashes here, we'll enable hashes we want in loc_accel_flags. scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5 scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160_C - scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA1_C - scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA224_C - scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA512_C - # We need to define either MD_C or all of the PSA_WANT_ALG_SHAxxx. - scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_MD_C # We need PEM parsing in the test library as well to support the import # of PEM encoded RSA keys. scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_PEM_PARSE_C @@ -2379,6 +2374,12 @@ component_test_psa_crypto_config_accel_rsa_signature () { loc_accel_list="ALG_RSA_PKCS1V15_SIGN ALG_RSA_PSS KEY_TYPE_RSA_KEY_PAIR KEY_TYPE_RSA_PUBLIC_KEY" loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) + # These hashes are needed for some RSA-PSS signature tests. + loc_accel_flags="$loc_accel_flags -DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_ALG_SHA_1" + loc_accel_flags="$loc_accel_flags -DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_ALG_SHA_224" + loc_accel_flags="$loc_accel_flags -DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_ALG_SHA_256" + loc_accel_flags="$loc_accel_flags -DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_ALG_SHA_384" + loc_accel_flags="$loc_accel_flags -DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_ALG_SHA_512" make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" # Mbed TLS library build From 9f132b7c9c310c24af9a3d6304e11fbf1290952a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 14 Mar 2023 10:26:46 +0100 Subject: [PATCH 11/15] Clarify real/dummy def of PSA_INIT/DONE MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- tests/include/test/psa_crypto_helpers.h | 58 +++++++++++++------------ 1 file changed, 30 insertions(+), 28 deletions(-) diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h index f27f88eb6b..38a60b4f15 100644 --- a/tests/include/test/psa_crypto_helpers.h +++ b/tests/include/test/psa_crypto_helpers.h @@ -24,15 +24,43 @@ #include "test/helpers.h" #if defined(MBEDTLS_PSA_CRYPTO_C) - #include "test/psa_helpers.h" - #include +#endif #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "mbedtls/psa_util.h" #endif +#if defined(MBEDTLS_PSA_CRYPTO_C) +/** Initialize the PSA Crypto subsystem. */ +#define PSA_INIT() PSA_ASSERT(psa_crypto_init()) + +/** Shut down the PSA Crypto subsystem and destroy persistent keys. + * Expect a clean shutdown, with no slots in use. + * + * If some key slots are still in use, record the test case as failed, + * but continue executing. This macro is suitable (and primarily intended) + * for use in the cleanup section of test functions. + * + * \note Persistent keys must be recorded with #TEST_USES_KEY_ID before + * creating them. + */ +#define PSA_DONE() \ + do \ + { \ + mbedtls_test_fail_if_psa_leaking(__LINE__, __FILE__); \ + mbedtls_test_psa_purge_key_storage(); \ + mbedtls_psa_crypto_free(); \ + } \ + while (0) +#else /*MBEDTLS_PSA_CRYPTO_C */ +#define PSA_INIT() ((void) 0) +#define PSA_DONE() ((void) 0) +#endif /* MBEDTLS_PSA_CRYPTO_C */ + +#if defined(MBEDTLS_PSA_CRYPTO_C) + #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) /* Internal function for #TEST_USES_KEY_ID. Return 1 on success, 0 on failure. */ @@ -86,8 +114,6 @@ void mbedtls_test_psa_purge_key_cache(void); #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ -#define PSA_INIT() PSA_ASSERT(psa_crypto_init()) - /** Check for things that have not been cleaned up properly in the * PSA subsystem. * @@ -112,25 +138,6 @@ const char *mbedtls_test_helper_is_psa_leaking(void); } \ while (0) -/** Shut down the PSA Crypto subsystem and destroy persistent keys. - * Expect a clean shutdown, with no slots in use. - * - * If some key slots are still in use, record the test case as failed, - * but continue executing. This macro is suitable (and primarily intended) - * for use in the cleanup section of test functions. - * - * \note Persistent keys must be recorded with #TEST_USES_KEY_ID before - * creating them. - */ -#define PSA_DONE() \ - do \ - { \ - mbedtls_test_fail_if_psa_leaking(__LINE__, __FILE__); \ - mbedtls_test_psa_purge_key_storage(); \ - mbedtls_psa_crypto_free(); \ - } \ - while (0) - /** Shut down the PSA Crypto subsystem, allowing persistent keys to survive. * Expect a clean shutdown, with no slots in use. * @@ -322,9 +329,4 @@ int mbedtls_test_fail_if_psa_leaking(int line_no, const char *filename); #define USE_PSA_DONE() ((void) 0) #endif /* !MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_SSL_PROTO_TLS1_3 */ -#if !defined(MBEDTLS_PSA_CRYPTO_C) -#define PSA_INIT() ((void) 0) -#define PSA_DONE() ((void) 0) -#endif /* MBEDTLS_PSA_CRYPTO_C */ - #endif /* PSA_CRYPTO_HELPERS_H */ From f48b1f810e9c94bd9a4ac4434c19b2c2bd89fa4c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 14 Mar 2023 10:50:52 +0100 Subject: [PATCH 12/15] Rename internal function to something clearer MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- library/md.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/md.c b/library/md.c index bffedb3448..bebe3580bd 100644 --- a/library/md.c +++ b/library/md.c @@ -201,7 +201,7 @@ static psa_algorithm_t psa_alg_of_md(const mbedtls_md_info_t *info) } } -static int md_uses_psa(const mbedtls_md_info_t *info) +static int md_can_use_psa(const mbedtls_md_info_t *info) { psa_algorithm_t alg = psa_alg_of_md(info); if (alg == PSA_ALG_NONE) { @@ -391,7 +391,7 @@ int mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info #endif #if defined(MBEDTLS_MD_SOME_PSA) - if (md_uses_psa(ctx->md_info)) { + if (md_can_use_psa(ctx->md_info)) { ctx->md_ctx = mbedtls_calloc(1, sizeof(psa_hash_operation_t)); if (ctx->md_ctx == NULL) { return MBEDTLS_ERR_MD_ALLOC_FAILED; @@ -606,7 +606,7 @@ int mbedtls_md(const mbedtls_md_info_t *md_info, const unsigned char *input, siz } #if defined(MBEDTLS_MD_SOME_PSA) - if (md_uses_psa(md_info)) { + if (md_can_use_psa(md_info)) { size_t size = md_info->size; psa_status_t status = psa_hash_compute(psa_alg_of_md(md_info), input, ilen, From a9ab4a2d60c9dd17b283e74546505ce56cab58b4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 14 Mar 2023 10:51:15 +0100 Subject: [PATCH 13/15] Clarify a comment MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/md.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index 85d5c657bb..a5dfb68420 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -36,7 +36,8 @@ /* * - MBEDTLS_MD_CAN_xxx is defined if the md module can perform xxx. - * - MBEDTLS_MD_xxx_VIA_PSA is defined if the md module performs xxx via PSA. + * - MBEDTLS_MD_xxx_VIA_PSA is defined if the md module performs xxx via PSA + * (when PSA Crypto is initialized). * - MBEDTLS_MD_SOME_PSA is defined if at least one algorithm is performed * via PSA. * - MBEDTLS_MD_SOME_LEGACY is defined if at least one algorithm is performed From ec31f2917f7ddf6ea8940fe7a7f1f20ea8b36444 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 14 Mar 2023 11:03:37 +0100 Subject: [PATCH 14/15] Systematically call PSA_INIT for MD tests MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit All tests that call md_setup() or compute a hash of a HMAC may now need it in some builds. Signed-off-by: Manuel Pégourié-Gonnard --- tests/suites/test_suite_md.function | 59 +++++++++++++++++++++++++---- 1 file changed, 51 insertions(+), 8 deletions(-) diff --git a/tests/suites/test_suite_md.function b/tests/suites/test_suite_md.function index bf875f3efd..64a417147e 100644 --- a/tests/suites/test_suite_md.function +++ b/tests/suites/test_suite_md.function @@ -1,5 +1,13 @@ /* BEGIN_HEADER */ #include "mbedtls/md.h" + +#if defined(MBEDTLS_MD_SOME_PSA) +#define MD_PSA_INIT() PSA_INIT() +#define MD_PSA_DONE() PSA_DONE() +#else /* MBEDTLS_MD_SOME_PSA */ +#define MD_PSA_INIT() ((void) 0) +#define MD_PSA_DONE() ((void) 0) +#endif /* MBEDTLS_MD_SOME_PSA */ /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -15,10 +23,8 @@ void mbedtls_md_list() mbedtls_md_context_t ctx; unsigned char out[MBEDTLS_MD_MAX_SIZE] = { 0 }; + MD_PSA_INIT(); mbedtls_md_init(&ctx); -#if defined(MBEDTLS_MD_SOME_PSA) - PSA_INIT(); -#endif /* * Test that mbedtls_md_list() only returns valid MDs. @@ -34,9 +40,7 @@ void mbedtls_md_list() exit: mbedtls_md_free(&ctx); -#if defined(MBEDTLS_MD_SOME_PSA) - PSA_DONE(); -#endif + MD_PSA_DONE(); } /* END_CASE */ @@ -49,6 +53,7 @@ void md_null_args() #endif unsigned char buf[1] = { 0 }; + MD_PSA_INIT(); mbedtls_md_init(&ctx); TEST_EQUAL(0, mbedtls_md_get_size(NULL)); @@ -107,6 +112,9 @@ void md_null_args() #if defined(MBEDTLS_MD_C) TEST_ASSERT(mbedtls_md_info_from_string("no such md") == NULL); #endif + +exit: + MD_PSA_DONE(); } /* END_CASE */ @@ -120,6 +128,8 @@ void md_info(int md_type, char *md_name, int md_size) (void) md_name; #endif + /* Note: PSA Crypto init not needed to info functions */ + md_info = mbedtls_md_info_from_type(md_type); TEST_ASSERT(md_info != NULL); #if defined(MBEDTLS_MD_C) @@ -150,12 +160,17 @@ void md_text(int md_type, char *text_src_string, data_t *hash) unsigned char output[MBEDTLS_MD_MAX_SIZE] = { 0 }; const mbedtls_md_info_t *md_info = NULL; + MD_PSA_INIT(); + md_info = mbedtls_md_info_from_type(md_type); TEST_ASSERT(md_info != NULL); TEST_EQUAL(0, mbedtls_md(md_info, src, src_len, output)); ASSERT_COMPARE(output, mbedtls_md_get_size(md_info), hash->x, hash->len); + +exit: + MD_PSA_DONE(); } /* END_CASE */ @@ -165,6 +180,8 @@ void md_hex(int md_type, data_t *src_str, data_t *hash) unsigned char output[MBEDTLS_MD_MAX_SIZE] = { 0 }; const mbedtls_md_info_t *md_info = NULL; + MD_PSA_INIT(); + md_info = mbedtls_md_info_from_type(md_type); TEST_ASSERT(md_info != NULL); @@ -172,6 +189,9 @@ void md_hex(int md_type, data_t *src_str, data_t *hash) ASSERT_COMPARE(output, mbedtls_md_get_size(md_info), hash->x, hash->len); + +exit: + MD_PSA_DONE(); } /* END_CASE */ @@ -187,6 +207,8 @@ void md_text_multi(int md_type, char *text_src_string, const mbedtls_md_info_t *md_info = NULL; mbedtls_md_context_t ctx, ctx_copy; + MD_PSA_INIT(); + mbedtls_md_init(&ctx); mbedtls_md_init(&ctx_copy); @@ -220,6 +242,7 @@ void md_text_multi(int md_type, char *text_src_string, exit: mbedtls_md_free(&ctx); mbedtls_md_free(&ctx_copy); + MD_PSA_DONE(); } /* END_CASE */ @@ -231,6 +254,8 @@ void md_hex_multi(int md_type, data_t *src_str, data_t *hash) mbedtls_md_context_t ctx, ctx_copy; int halfway; + MD_PSA_INIT(); + mbedtls_md_init(&ctx); mbedtls_md_init(&ctx_copy); @@ -264,6 +289,7 @@ void md_hex_multi(int md_type, data_t *src_str, data_t *hash) exit: mbedtls_md_free(&ctx); mbedtls_md_free(&ctx_copy); + MD_PSA_DONE(); } /* END_CASE */ @@ -275,6 +301,8 @@ void mbedtls_md_hmac(int md_type, int trunc_size, unsigned char output[MBEDTLS_MD_MAX_SIZE] = { 0 }; const mbedtls_md_info_t *md_info = NULL; + MD_PSA_INIT(); + md_info = mbedtls_md_info_from_type(md_type); TEST_ASSERT(md_info != NULL); @@ -283,6 +311,9 @@ void mbedtls_md_hmac(int md_type, int trunc_size, src_str->x, src_str->len, output)); ASSERT_COMPARE(output, trunc_size, hash->x, hash->len); + +exit: + MD_PSA_DONE(); } /* END_CASE */ @@ -295,6 +326,8 @@ void md_hmac_multi(int md_type, int trunc_size, data_t *key_str, mbedtls_md_context_t ctx; int halfway; + MD_PSA_INIT(); + mbedtls_md_init(&ctx); md_info = mbedtls_md_info_from_type(md_type); @@ -326,6 +359,7 @@ void md_hmac_multi(int md_type, int trunc_size, data_t *key_str, exit: mbedtls_md_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ @@ -336,12 +370,17 @@ void mbedtls_md_file(int md_type, char *filename, unsigned char output[MBEDTLS_MD_MAX_SIZE] = { 0 }; const mbedtls_md_info_t *md_info = NULL; + MD_PSA_INIT(); + md_info = mbedtls_md_info_from_type(md_type); TEST_ASSERT(md_info != NULL); TEST_EQUAL(0, mbedtls_md_file(md_info, filename, output)); ASSERT_COMPARE(output, mbedtls_md_get_size(md_info), hash->x, hash->len); + +exit: + MD_PSA_DONE(); } /* END_CASE */ @@ -352,6 +391,8 @@ void md_psa_dynamic_dispatch(int md_type, int pre_psa_ret, int post_psa_engine) TEST_ASSERT(md_info != NULL); mbedtls_md_context_t ctx1, ctx2; + /* Intentionally no PSA init here! (Will be done later.) */ + mbedtls_md_init(&ctx1); mbedtls_md_init(&ctx2); @@ -368,8 +409,10 @@ void md_psa_dynamic_dispatch(int md_type, int pre_psa_ret, int post_psa_engine) mbedtls_md_free(&ctx1); mbedtls_md_init(&ctx1); + /* Now initilize PSA Crypto */ + MD_PSA_INIT(); + /* After PSA Crypto init */ - PSA_INIT(); TEST_EQUAL(0, mbedtls_md_setup(&ctx1, md_info, 0)); #if defined(MBEDTLS_MD_SOME_PSA) TEST_EQUAL(ctx1.engine, post_psa_engine); @@ -386,6 +429,6 @@ void md_psa_dynamic_dispatch(int md_type, int pre_psa_ret, int post_psa_engine) exit: mbedtls_md_free(&ctx1); mbedtls_md_free(&ctx2); - PSA_DONE(); + MD_PSA_DONE(); } /* END_CASE */ From 9d698df4f42f87ac57a91e0faac5342300001cd8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 14 Mar 2023 12:24:05 +0100 Subject: [PATCH 15/15] Further clarify a comment MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/md.h | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index a5dfb68420..7bad24dc9b 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -36,15 +36,16 @@ /* * - MBEDTLS_MD_CAN_xxx is defined if the md module can perform xxx. - * - MBEDTLS_MD_xxx_VIA_PSA is defined if the md module performs xxx via PSA - * (when PSA Crypto is initialized). - * - MBEDTLS_MD_SOME_PSA is defined if at least one algorithm is performed - * via PSA. - * - MBEDTLS_MD_SOME_LEGACY is defined if at least one algorithm is performed - * via a direct legacy call. + * - MBEDTLS_MD_xxx_VIA_PSA is defined if the md module may perform xxx via PSA + * (see below). + * - MBEDTLS_MD_SOME_PSA is defined if at least one algorithm may be performed + * via PSA (see below). + * - MBEDTLS_MD_SOME_LEGACY is defined if at least one algorithm may be performed + * via a direct legacy call (see below). * * The md module performs an algorithm via PSA if there is a PSA hash - * accelerator, and makes a direct legacy call otherwise. + * accelerator and the PSA driver subsytem is initialized at the time the + * operation is started, and makes a direct legacy call otherwise. */ /* PSA accelerated implementations */