From 3ff2162d14dd4457eee3d206d755942fd5138249 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 29 Jun 2018 17:37:13 +0200 Subject: [PATCH] Remove salt from asymmetric_{sign,verify} No common signature algorithm uses a salt (RSA-PKCS#1v1.5, RSA-PSS, DSA, ECDSA, EdDSA). We don't even take an IV for MAC whereas MAC algorithms with IV are uncommon but heard of. So remove the salt parameter from psa_asymmetric_sign and psa_asymmetric_verify. --- include/psa/crypto.h | 22 --------------------- library/psa_crypto.c | 10 ---------- tests/suites/test_suite_psa_crypto.function | 11 ----------- 3 files changed, 43 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 8ac817a6e..68e3b0aa3 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2241,15 +2241,6 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, * the type of \p key. * \param[in] hash The hash or message to sign. * \param hash_length Size of the \p hash buffer in bytes. - * \param[in] salt A salt or label, if supported by the - * signature algorithm. - * If the signature algorithm does not support - * a salt, pass \c NULL. - * If the signature algorithm supports an - * optional salt and you do not want to pass - * a salt, pass \c NULL. - * \param salt_length Size of the \p salt buffer in bytes. - * If \p salt is \c NULL, pass 0. * \param[out] signature Buffer where the signature is to be written. * \param signature_size Size of the \p signature buffer in bytes. * \param[out] signature_length On success, the number of bytes @@ -2274,8 +2265,6 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *salt, - size_t salt_length, uint8_t *signature, size_t signature_size, size_t *signature_length); @@ -2296,15 +2285,6 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key, * \param[in] hash The hash or message whose signature is to be * verified. * \param hash_length Size of the \p hash buffer in bytes. - * \param[in] salt A salt or label, if supported by the signature - * algorithm. - * If the signature algorithm does not support a - * salt, pass \c NULL. - * If the signature algorithm supports an optional - * salt and you do not want to pass a salt, - * pass \c NULL. - * \param salt_length Size of the \p salt buffer in bytes. - * If \p salt is \c NULL, pass 0. * \param[in] signature Buffer containing the signature to verify. * \param signature_length Size of the \p signature buffer in bytes. * @@ -2324,8 +2304,6 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *salt, - size_t salt_length, const uint8_t *signature, size_t signature_length); diff --git a/library/psa_crypto.c b/library/psa_crypto.c index eb140ea2c..9988ec09e 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1983,8 +1983,6 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *salt, - size_t salt_length, uint8_t *signature, size_t signature_size, size_t *signature_length ) @@ -1994,9 +1992,6 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key, *signature_length = signature_size; - (void) salt; - (void) salt_length; - status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_SIGN, alg ); if( status != PSA_SUCCESS ) goto exit; @@ -2058,17 +2053,12 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *salt, - size_t salt_length, const uint8_t *signature, size_t signature_length ) { key_slot_t *slot; psa_status_t status; - (void) salt; - (void) salt_length; - status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_VERIFY, alg ); if( status != PSA_SUCCESS ) return( status ); diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index cbb3f37b2..9505ab6eb 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -294,7 +294,6 @@ static int exercise_signature_key( psa_key_slot_t key, { TEST_ASSERT( psa_asymmetric_sign( key, alg, payload, payload_length, - NULL, 0, signature, sizeof( signature ), &signature_length ) == PSA_SUCCESS ); } @@ -307,7 +306,6 @@ static int exercise_signature_key( psa_key_slot_t key, PSA_ERROR_INVALID_SIGNATURE ); TEST_ASSERT( psa_asymmetric_verify( key, alg, payload, payload_length, - NULL, 0, signature, signature_length ) == verify_status ); } @@ -965,7 +963,6 @@ void asymmetric_signature_key_policy( int policy_usage, status = psa_asymmetric_sign( key_slot, exercise_alg, payload, payload_length, - NULL, 0, signature, sizeof( signature ), &signature_length ); if( policy_alg == exercise_alg && @@ -977,7 +974,6 @@ void asymmetric_signature_key_policy( int policy_usage, memset( signature, 0, sizeof( signature ) ); status = psa_asymmetric_verify( key_slot, exercise_alg, payload, payload_length, - NULL, 0, signature, sizeof( signature ) ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_VERIFY ) != 0 ) @@ -2011,7 +2007,6 @@ void sign_deterministic( int key_type_arg, data_t *key_data, /* Perform the signature. */ TEST_ASSERT( psa_asymmetric_sign( slot, alg, input_data->x, input_data->len, - NULL, 0, signature, signature_size, &signature_length ) == PSA_SUCCESS ); /* Verify that the signature is what is expected. */ @@ -2061,7 +2056,6 @@ void sign_fail( int key_type_arg, data_t *key_data, actual_status = psa_asymmetric_sign( slot, alg, input_data->x, input_data->len, - NULL, 0, signature, signature_size, &signature_length ); TEST_ASSERT( actual_status == expected_status ); @@ -2118,7 +2112,6 @@ void sign_verify( int key_type_arg, data_t *key_data, /* Perform the signature. */ TEST_ASSERT( psa_asymmetric_sign( slot, alg, input_data->x, input_data->len, - NULL, 0, signature, signature_size, &signature_length ) == PSA_SUCCESS ); /* Check that the signature length looks sensible. */ @@ -2129,7 +2122,6 @@ void sign_verify( int key_type_arg, data_t *key_data, TEST_ASSERT( psa_asymmetric_verify( slot, alg, input_data->x, input_data->len, - NULL, 0, signature, signature_length ) == PSA_SUCCESS ); if( input_data->len != 0 ) @@ -2141,7 +2133,6 @@ void sign_verify( int key_type_arg, data_t *key_data, TEST_ASSERT( psa_asymmetric_verify( slot, alg, input_data->x, input_data->len, - NULL, 0, signature, signature_length ) == PSA_ERROR_INVALID_SIGNATURE ); } @@ -2184,7 +2175,6 @@ void asymmetric_verify( int key_type_arg, data_t *key_data, TEST_ASSERT( psa_asymmetric_verify( slot, alg, hash_data->x, hash_data->len, - NULL, 0, signature_data->x, signature_data->len ) == PSA_SUCCESS ); exit: @@ -2225,7 +2215,6 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data, actual_status = psa_asymmetric_verify( slot, alg, hash_data->x, hash_data->len, - NULL, 0, signature_data->x, signature_data->len );