Implement one-shot MAC APIs, psa_mac_compute and psa_mac_verify, introduced in PSA Crypto API 1.0.
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
mbedtls_rsa_set_padding() now returns the error
code MBEDTLS_ERR_RSA_INVALID_PADDING when
padding parameters are invalid.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Add comment to the effect that we cannot really check nonce size as the
GCM spec allows almost arbitrarily large nonces. As a result of this,
change the operation nonce over to an allocated buffer to avoid overflow
situations.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
On space-constrained platforms, it is a useful configuration to be able
to import/export and perform RSA key pair operations, but to exclude RSA
key generation, potentially saving flash space. It is not possible to
express this with the PSA_WANT_ configuration system at the present
time. However, in previous versions of Mbed TLS (v2.24.0 and earlier) it
was possible to configure a software PSA implementation which was
capable of making RSA signatures but not capable of generating RSA keys.
To do this, one unset MBEDTLS_GENPRIME.
Since the addition of MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR, this
expressivity was lost. Expressing that you wanted to work with RSA key
pairs forced you to include the ability to generate key pairs as well.
Change psa_crypto_rsa.c to only call mbedtls_rsa_gen_key() if
MBEDTLS_GENPRIME is also set. This restores the configuration behavior
present in Mbed TLS v2.24.0 and earlier versions.
It left as a future exercise to add the ability to PSA to be able to
express a desire for a software or accelerator configuration that
includes RSA key pair operations, like signature, but excludes key pair
generation.
Without this change, linker errors will occur when attempts to call,
which doesn't exist when MBEDTLS_GENPRIME is unset.
psa_crypto_rsa.c.obj: in function `rsa_generate_key':
psa_crypto_rsa.c:320: undefined reference to `mbedtls_rsa_gen_key'
Fixes#4512
Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
Removes mode parameter from
mbedtls_rsa_rsaes_oaep_encrypt and propagates
changes throughout the codebase.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
Removal of the mode parameter from
mbedtls_rsa_pkcs1_encrypt function. This change
is propagated throughout the codebase and to
relevant tests.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
Split to data required for internal implementation and data required for
driver implementation with data left over for the PSA layer.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
To avoid code duplication of the old-style SE interface usage
call psa_driver_wrapper_sign/verify_hash function instead of
the direct internal functions.
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
Use common funtion for psa_sign_hash and psa_sign_message and one for
psa_verify_hash and psa_verify_message to unify them.
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
Removing the mode parameter from the mbedtls_rsa_rsaes_oaep_decrypt
function. The change is progagated to all function calls, including in
test suite .function files. Additionally fully removing one test
where the wrong mode was being tested.
Signed-off-by: Tom Daubney <Thomas.Daubney@arm.com>
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
The mode parameter has been removed from the
mbedtls_rsa_pkcs1_decrypt function. The change
has been progagated to all function calls,
including in test suite .function files.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
Since a valid mac operation context would guarantee that the stored
mac size is >= 4, it wasn't immediately obvious that the zero-length
check is meant for static analyzers and a bit of robustness.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
