From cca4dbef4c85882ce1222b6503f110bb9e93cabc Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Wed, 25 Sep 2024 17:49:14 +0100 Subject: [PATCH 01/10] Add PSA interruptible key generation setup & abort APIs Signed-off-by: Waleed Elmelegy --- tf-psa-crypto/core/psa_crypto.c | 106 ++++++++++++++++++ tf-psa-crypto/core/psa_crypto_core.h | 44 ++++++++ .../drivers/builtin/include/mbedtls/bignum.h | 2 + .../drivers/builtin/include/mbedtls/ecp.h | 8 ++ .../drivers/builtin/src/psa_crypto_ecp.c | 49 ++++---- .../include/psa/crypto_builtin_composites.h | 16 +++ tf-psa-crypto/include/psa/crypto_struct.h | 8 +- .../tests/suites/test_suite_psa_crypto.data | 8 ++ .../suites/test_suite_psa_crypto.function | 36 ++++-- 9 files changed, 241 insertions(+), 36 deletions(-) diff --git a/tf-psa-crypto/core/psa_crypto.c b/tf-psa-crypto/core/psa_crypto.c index d1c93fd21..c110ad2a2 100644 --- a/tf-psa-crypto/core/psa_crypto.c +++ b/tf-psa-crypto/core/psa_crypto.c @@ -8085,6 +8085,112 @@ psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, key); } +#if defined(MBEDTLS_ECP_RESTARTABLE) +static psa_status_t psa_generate_key_iop_abort_internal( + psa_generate_key_iop_t *operation) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + + if (operation->id == 0) { + return PSA_SUCCESS; + } + + status = mbedtls_psa_generate_key_iop_abort(&operation->ctx); + + operation->id = 0; + + return status; +} +#endif + +uint32_t psa_generate_key_iop_get_num_ops( + psa_generate_key_iop_t *operation) +{ + (void) operation; + return 0; +} + +psa_status_t psa_generate_key_iop_setup( + psa_generate_key_iop_t *operation, + const psa_key_attributes_t *attributes) +{ +#if defined(MBEDTLS_ECP_RESTARTABLE) + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_type_t type; + + if (operation->id != 0 || operation->error_occurred) { + status = PSA_ERROR_BAD_STATE; + goto exit; + } + + type = psa_get_key_type(attributes); + + if (!PSA_KEY_TYPE_IS_ECC(type)) { + status = PSA_ERROR_NOT_SUPPORTED; + goto exit; + } + + if (psa_get_key_bits(attributes) == 0) { + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; + } + + if (PSA_KEY_TYPE_IS_PUBLIC_KEY(type)) { + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; + } + + operation->attributes = *attributes; + + operation->num_ops = 0; + + /* To be removed later when driver dispatch is added. */ + operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; + + status = mbedtls_psa_generate_key_iop_setup(&operation->ctx, attributes); + +exit: + if (status != PSA_SUCCESS) { + operation->error_occurred = 1; + psa_generate_key_iop_abort_internal(operation); + } + + return status; +#else + (void) operation; + (void) attributes; + return PSA_ERROR_NOT_SUPPORTED; +#endif +} + +psa_status_t psa_generate_key_iop_complete( + psa_generate_key_iop_t *operation, + psa_key_id_t *key) +{ + (void) operation; + (void) key; + + return PSA_ERROR_NOT_SUPPORTED; +} + +psa_status_t psa_generate_key_iop_abort( + psa_generate_key_iop_t *operation) +{ +#if defined(MBEDTLS_ECP_RESTARTABLE) + psa_status_t status; + + status = psa_generate_key_iop_abort_internal(operation); + + operation->error_occurred = 0; + operation->num_ops = 0; + return status; +#else + (void) operation; + return PSA_SUCCESS; +#endif +} + + /****************************************************************/ /* Module setup */ /****************************************************************/ diff --git a/tf-psa-crypto/core/psa_crypto_core.h b/tf-psa-crypto/core/psa_crypto_core.h index 21e7559f0..7447c4399 100644 --- a/tf-psa-crypto/core/psa_crypto_core.h +++ b/tf-psa-crypto/core/psa_crypto_core.h @@ -431,6 +431,50 @@ psa_status_t psa_generate_key_internal(const psa_key_attributes_t *attributes, size_t key_buffer_size, size_t *key_buffer_length); +/** + * \brief Setup a new interruptible key generation operation. + * + * \note The signature of this function is that of a PSA driver + * generate_key_setup entry point. This function behaves as a + * generate_key_setup entry point as defined in the PSA driver interface + * specification for transparent drivers. + * + * \param[in] operation The \c mbedtls_psa_generate_key_iop_t to use. + * This must be initialized first. + * \param[in] attributes The desired attributes of the generated key. + * + * \retval #PSA_SUCCESS + * The operation started successfully - call \c mbedtls_psa_generate_key_complete() + * with the same operation to complete the operation. + * * \retval #PSA_ERROR_NOT_SUPPORTED + * Either no internal interruptible operations are + * currently supported, or the key attributes are not unsupported. + * * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * There was insufficient memory to load the key representation. + * + */ +psa_status_t mbedtls_psa_generate_key_iop_setup( + mbedtls_psa_generate_key_iop_t *operation, + const psa_key_attributes_t *attributes); + +/** + * \brief Abort a key generation operation. + * + * \note The signature of this function is that of a PSA driver + * generate_key_abort entry point. This function behaves as a + * generate_key_abort entry point as defined in the PSA driver + * interface specification for transparent drivers. + * + * \param[in] operation The \c mbedtls_psa_generate_key_iop_t to abort. + * + * \retval #PSA_SUCCESS + * The operation was aborted successfully. + * + */ +psa_status_t mbedtls_psa_generate_key_iop_abort( + mbedtls_psa_generate_key_iop_t *operation); + + /** Sign a message with a private key. For hash-and-sign algorithms, * this includes the hashing step. * diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/bignum.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/bignum.h index 8367cd34e..22d5d8484 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/bignum.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/bignum.h @@ -238,6 +238,8 @@ typedef struct mbedtls_mpi { } mbedtls_mpi; +#define MBEDTLS_MPI_INIT { 0, 0, 0 } + /** * \brief Initialize an MPI context. * diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/ecp.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/ecp.h index 7b0a80d93..b3406142f 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/ecp.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/ecp.h @@ -162,6 +162,8 @@ typedef struct mbedtls_ecp_point { } mbedtls_ecp_point; +#define MBEDTLS_ECP_POINT_INIT { MBEDTLS_MPI_INIT, MBEDTLS_MPI_INIT, MBEDTLS_MPI_INIT } + /** * \brief The ECP group structure. * @@ -250,6 +252,9 @@ typedef struct mbedtls_ecp_group { } mbedtls_ecp_group; +#define MBEDTLS_ECP_GROUP_INIT { MBEDTLS_ECP_DP_NONE, MBEDTLS_MPI_INIT, MBEDTLS_MPI_INIT, \ + MBEDTLS_MPI_INIT, MBEDTLS_ECP_POINT_INIT, MBEDTLS_MPI_INIT, \ + 0, 0, 0, NULL, NULL, NULL, NULL, NULL, 0 } /** * \name SECTION: Module settings * @@ -419,6 +424,9 @@ typedef struct mbedtls_ecp_keypair { } mbedtls_ecp_keypair; +#define MBEDTLS_ECP_KEYPAIR_INIT { MBEDTLS_ECP_GROUP_INIT, MBEDTLS_MPI_INIT, \ + MBEDTLS_ECP_POINT_INIT } + /** * The uncompressed point format for Short Weierstrass curves * (MBEDTLS_ECP_DP_SECP_XXX and MBEDTLS_ECP_DP_BP_XXX). diff --git a/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.c b/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.c index 749e11be0..33a97973c 100644 --- a/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.c +++ b/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.c @@ -596,41 +596,38 @@ exit: /* Interruptible ECC Key Generation */ /****************************************************************/ -uint32_t psa_generate_key_iop_get_num_ops( - psa_generate_key_iop_t *operation) -{ - (void) operation; - return 0; -} +#if defined(MBEDTLS_ECP_RESTARTABLE) && defined(MBEDTLS_ECP_C) -psa_status_t psa_generate_key_iop_setup( - psa_generate_key_iop_t *operation, +psa_status_t mbedtls_psa_generate_key_iop_setup( + mbedtls_psa_generate_key_iop_t *operation, const psa_key_attributes_t *attributes) { - (void) operation; - (void) attributes; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - return PSA_ERROR_NOT_SUPPORTED; + mbedtls_ecp_keypair_init(&operation->ecp); + + psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY( + psa_get_key_type(attributes)); + mbedtls_ecp_group_id grp_id = + mbedtls_ecc_group_from_psa(curve, psa_get_key_bits(attributes)); + if (grp_id == MBEDTLS_ECP_DP_NONE) { + return PSA_ERROR_NOT_SUPPORTED; + } + + status = mbedtls_ecp_group_load(&operation->ecp.grp, grp_id); + + return mbedtls_to_psa_error(status); } -psa_status_t psa_generate_key_iop_complete( - psa_generate_key_iop_t *operation, - psa_key_id_t *key) +psa_status_t mbedtls_psa_generate_key_iop_abort( + mbedtls_psa_generate_key_iop_t *operation) { - (void) operation; - (void) key; - - return PSA_ERROR_NOT_SUPPORTED; -} - -psa_status_t psa_generate_key_iop_abort( - psa_generate_key_iop_t *operation) -{ - (void) operation; - - return PSA_ERROR_NOT_SUPPORTED; + mbedtls_ecp_keypair_free(&operation->ecp); + operation->num_ops = 0; + return PSA_SUCCESS; } +#endif /****************************************************************/ /* Interruptible ECC Key Agreement */ /****************************************************************/ diff --git a/tf-psa-crypto/include/psa/crypto_builtin_composites.h b/tf-psa-crypto/include/psa/crypto_builtin_composites.h index c14f5dd11..c9c0c6b87 100644 --- a/tf-psa-crypto/include/psa/crypto_builtin_composites.h +++ b/tf-psa-crypto/include/psa/crypto_builtin_composites.h @@ -211,4 +211,20 @@ typedef struct { #define MBEDTLS_PSA_PAKE_OPERATION_INIT { { 0 } } +typedef struct { +#if defined(MBEDTLS_ECP_C) + mbedtls_ecp_keypair MBEDTLS_PRIVATE(ecp); + uint32_t num_ops; +#else + /* Make the struct non-empty if algs not supported. */ + unsigned MBEDTLS_PRIVATE(dummy); +#endif +} mbedtls_psa_generate_key_iop_t; + +#if defined(MBEDTLS_ECP_C) +#define MBEDTLS_PSA_GENERATE_KEY_IOP_INIT { MBEDTLS_ECP_KEYPAIR_INIT, 0 } +#else +#define MBEDTLS_PSA_GENERATE_KEY_IOP_INIT { 0 } +#endif + #endif /* PSA_CRYPTO_BUILTIN_COMPOSITES_H */ diff --git a/tf-psa-crypto/include/psa/crypto_struct.h b/tf-psa-crypto/include/psa/crypto_struct.h index 2eec94811..76ef5c439 100644 --- a/tf-psa-crypto/include/psa/crypto_struct.h +++ b/tf-psa-crypto/include/psa/crypto_struct.h @@ -542,14 +542,18 @@ struct psa_generate_key_iop_s { * any driver (i.e. none of the driver contexts are active). */ unsigned int MBEDTLS_PRIVATE(id); - + mbedtls_psa_generate_key_iop_t MBEDTLS_PRIVATE(ctx); + psa_key_attributes_t MBEDTLS_PRIVATE(attributes); + unsigned int MBEDTLS_PRIVATE(error_occurred) : 1; + uint32_t MBEDTLS_PRIVATE(num_ops); #endif }; #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C) #define PSA_GENERATE_KEY_IOP_INIT { 0 } #else -#define PSA_GENERATE_KEY_IOP_INIT { 0 } +#define PSA_GENERATE_KEY_IOP_INIT { 0, MBEDTLS_PSA_GENERATE_KEY_IOP_INIT, PSA_KEY_ATTRIBUTES_INIT, \ + 0, 0 } #endif static inline struct psa_generate_key_iop_s diff --git a/tf-psa-crypto/tests/suites/test_suite_psa_crypto.data b/tf-psa-crypto/tests/suites/test_suite_psa_crypto.data index e921c112d..e0a572e3c 100644 --- a/tf-psa-crypto/tests/suites/test_suite_psa_crypto.data +++ b/tf-psa-crypto/tests/suites/test_suite_psa_crypto.data @@ -7488,6 +7488,14 @@ depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_ # doesn't fully relate the curve with its size. generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_ERROR_NOT_SUPPORTED:0 +PSA generate key: ECC, SECP256R1, zero bit size +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 +generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT:0 + +PSA generate key: ECC, SECP256R1, public key +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 +generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT:0 + PSA generate key: ECC, Curve25519, good depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_MONTGOMERY_255 generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_SUCCESS:0 diff --git a/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function b/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function index cee73b086..cf035e137 100644 --- a/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function +++ b/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function @@ -10096,6 +10096,7 @@ void generate_key(int type_arg, psa_status_t expected_status = expected_status_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_generate_key_iop_t operation = PSA_GENERATE_KEY_IOP_INIT; PSA_ASSERT(psa_crypto_init()); @@ -10111,21 +10112,40 @@ void generate_key(int type_arg, TEST_ASSUME(status != PSA_ERROR_INSUFFICIENT_MEMORY); } TEST_EQUAL(status, expected_status); + if (expected_status == PSA_SUCCESS) { + /* Test the key information */ + PSA_ASSERT(psa_get_key_attributes(key, &got_attributes)); + TEST_EQUAL(psa_get_key_type(&got_attributes), type); + TEST_EQUAL(psa_get_key_bits(&got_attributes), bits); + + /* Do something with the key according to its type and permitted usage. */ + TEST_EQUAL(mbedtls_test_psa_exercise_key(key, usage, alg, 0), 1); + } + + if (!PSA_KEY_TYPE_IS_ECC(type)) { + expected_status = PSA_ERROR_NOT_SUPPORTED; + } + +#if !defined(MBEDTLS_ECP_RESTARTABLE) + expected_status = PSA_ERROR_NOT_SUPPORTED; +#endif + + status = psa_generate_key_iop_setup(&operation, &attributes); + TEST_EQUAL(status, expected_status); if (expected_status != PSA_SUCCESS) { goto exit; } - /* Test the key information */ - PSA_ASSERT(psa_get_key_attributes(key, &got_attributes)); - TEST_EQUAL(psa_get_key_type(&got_attributes), type); - TEST_EQUAL(psa_get_key_bits(&got_attributes), bits); + status = psa_generate_key_iop_setup(&operation, &attributes); + TEST_EQUAL(status, PSA_ERROR_BAD_STATE); - /* Do something with the key according to its type and permitted usage. */ - if (!mbedtls_test_psa_exercise_key(key, usage, alg, 0)) { - goto exit; - } + status = psa_generate_key_iop_abort(&operation); + + status = psa_generate_key_iop_setup(&operation, &attributes); + TEST_EQUAL(status, PSA_SUCCESS); exit: + psa_generate_key_iop_abort(&operation); /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. From 1c3c5b15c22a0737bc4bfbc7d7e4611052035f47 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Thu, 31 Oct 2024 16:35:38 +0000 Subject: [PATCH 02/10] Add Testing interuptible key generation initialization Signed-off-by: Waleed Elmelegy --- .../tests/suites/test_suite_psa_crypto.data | 3 +++ .../tests/suites/test_suite_psa_crypto.function | 15 +++++++++++++++ 2 files changed, 18 insertions(+) diff --git a/tf-psa-crypto/tests/suites/test_suite_psa_crypto.data b/tf-psa-crypto/tests/suites/test_suite_psa_crypto.data index e0a572e3c..379d497f5 100644 --- a/tf-psa-crypto/tests/suites/test_suite_psa_crypto.data +++ b/tf-psa-crypto/tests/suites/test_suite_psa_crypto.data @@ -7528,6 +7528,9 @@ PSA generate key: FFDH, 1024 bits, invalid bits depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE generate_key:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):1024:PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:PSA_ERROR_NOT_SUPPORTED:0 +PSA generate key interruptible object initializers zero properly +generate_key_iop_init: + PSA generate key custom: RSA, flags=1 depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE generate_key_custom:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:0:1:"":PSA_ERROR_INVALID_ARGUMENT diff --git a/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function b/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function index cf035e137..9d1ecefc3 100644 --- a/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function +++ b/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function @@ -10157,6 +10157,21 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void generate_key_iop_init() +{ + psa_generate_key_iop_t init = PSA_GENERATE_KEY_IOP_INIT; + psa_generate_key_iop_t func = psa_generate_key_iop_init(); + psa_generate_key_iop_t zero; + + memset(&zero, 0, sizeof(zero)); + + PSA_ASSERT(psa_generate_key_iop_abort(&init)); + PSA_ASSERT(psa_generate_key_iop_abort(&func)); + PSA_ASSERT(psa_generate_key_iop_abort(&zero)); +} +/* END_CASE */ + /* BEGIN_CASE */ void generate_key_custom(int type_arg, int bits_arg, From 75a412f5a30022415dae9b723b7d3e6fb08b9f31 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Thu, 31 Oct 2024 16:37:09 +0000 Subject: [PATCH 03/10] Remove mention of drivers for interuptible key generation Signed-off-by: Waleed Elmelegy --- tf-psa-crypto/core/psa_crypto_core.h | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/tf-psa-crypto/core/psa_crypto_core.h b/tf-psa-crypto/core/psa_crypto_core.h index 7447c4399..c579d8bdd 100644 --- a/tf-psa-crypto/core/psa_crypto_core.h +++ b/tf-psa-crypto/core/psa_crypto_core.h @@ -434,11 +434,6 @@ psa_status_t psa_generate_key_internal(const psa_key_attributes_t *attributes, /** * \brief Setup a new interruptible key generation operation. * - * \note The signature of this function is that of a PSA driver - * generate_key_setup entry point. This function behaves as a - * generate_key_setup entry point as defined in the PSA driver interface - * specification for transparent drivers. - * * \param[in] operation The \c mbedtls_psa_generate_key_iop_t to use. * This must be initialized first. * \param[in] attributes The desired attributes of the generated key. @@ -460,11 +455,6 @@ psa_status_t mbedtls_psa_generate_key_iop_setup( /** * \brief Abort a key generation operation. * - * \note The signature of this function is that of a PSA driver - * generate_key_abort entry point. This function behaves as a - * generate_key_abort entry point as defined in the PSA driver - * interface specification for transparent drivers. - * * \param[in] operation The \c mbedtls_psa_generate_key_iop_t to abort. * * \retval #PSA_SUCCESS From e3abcc3ff57890a47ea43adb1d751fee25d79be2 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Thu, 31 Oct 2024 16:39:02 +0000 Subject: [PATCH 04/10] Improve interuptible key generation testing Signed-off-by: Waleed Elmelegy --- .../tests/suites/test_suite_psa_crypto.function | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function b/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function index 9d1ecefc3..4cd4eae73 100644 --- a/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function +++ b/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function @@ -10122,6 +10122,11 @@ void generate_key(int type_arg, TEST_EQUAL(mbedtls_test_psa_exercise_key(key, usage, alg, 0), 1); } + /* Adjust expected_status for interruptible key generation. + * Interruptible key generation is only supported for ECC key pairs and even + * for those only when MBEDTLS_ECP_RESTARTABLE is on. + */ + if (!PSA_KEY_TYPE_IS_ECC(type)) { expected_status = PSA_ERROR_NOT_SUPPORTED; } @@ -10132,17 +10137,18 @@ void generate_key(int type_arg, status = psa_generate_key_iop_setup(&operation, &attributes); TEST_EQUAL(status, expected_status); - if (expected_status != PSA_SUCCESS) { - goto exit; - } + /* Test that calling setup 2 time consecutively fails */ +#if defined(MBEDTLS_ECP_RESTARTABLE) status = psa_generate_key_iop_setup(&operation, &attributes); TEST_EQUAL(status, PSA_ERROR_BAD_STATE); +#endif - status = psa_generate_key_iop_abort(&operation); + PSA_ASSERT(psa_generate_key_iop_abort(&operation)); + /* Test that after calling abort operation is reset to it's fresh state */ status = psa_generate_key_iop_setup(&operation, &attributes); - TEST_EQUAL(status, PSA_SUCCESS); + TEST_EQUAL(status, expected_status); exit: psa_generate_key_iop_abort(&operation); From bb0683274b2ba95b0a1e31540622d287effdcdb5 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Thu, 31 Oct 2024 16:39:38 +0000 Subject: [PATCH 05/10] Remove useless define check for interuptible key agreement APIs Signed-off-by: Waleed Elmelegy --- tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.c b/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.c index 33a97973c..76cf3ab88 100644 --- a/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.c +++ b/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.c @@ -596,7 +596,7 @@ exit: /* Interruptible ECC Key Generation */ /****************************************************************/ -#if defined(MBEDTLS_ECP_RESTARTABLE) && defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_ECP_RESTARTABLE) psa_status_t mbedtls_psa_generate_key_iop_setup( mbedtls_psa_generate_key_iop_t *operation, From b16edbef72caf431f72d395f13d160b7e943ca2f Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Thu, 31 Oct 2024 16:41:00 +0000 Subject: [PATCH 06/10] Improve comments for interuptible key agreement APIs Signed-off-by: Waleed Elmelegy --- tf-psa-crypto/core/psa_crypto.c | 2 +- tf-psa-crypto/include/psa/crypto.h | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/tf-psa-crypto/core/psa_crypto.c b/tf-psa-crypto/core/psa_crypto.c index c110ad2a2..edbcba3c5 100644 --- a/tf-psa-crypto/core/psa_crypto.c +++ b/tf-psa-crypto/core/psa_crypto.c @@ -8144,7 +8144,7 @@ psa_status_t psa_generate_key_iop_setup( operation->num_ops = 0; - /* To be removed later when driver dispatch is added. */ + /* We only support the builtin/Mbed TLS driver for now. */ operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; status = mbedtls_psa_generate_key_iop_setup(&operation->ctx, attributes); diff --git a/tf-psa-crypto/include/psa/crypto.h b/tf-psa-crypto/include/psa/crypto.h index aa58033a0..58b68870f 100644 --- a/tf-psa-crypto/include/psa/crypto.h +++ b/tf-psa-crypto/include/psa/crypto.h @@ -4360,8 +4360,9 @@ typedef struct psa_verify_hash_interruptible_operation_s psa_verify_hash_interru * time. The only guarantee is that lower values * for \p max_ops means functions will block for a * lesser maximum amount of time. The functions - * \c psa_sign_interruptible_get_num_ops() and - * \c psa_verify_interruptible_get_num_ops() are + * \c psa_sign_interruptible_get_num_ops(), + * \c psa_verify_interruptible_get_num_ops() and + * \c psa_generate_key_iop_get_num_ops() are * provided to help with tuning this value. * * \note This value defaults to From 005b78c307eab92b8ebbee922ed54a145417e3e9 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Fri, 1 Nov 2024 17:07:25 +0000 Subject: [PATCH 07/10] Add testing valid attributes after aborting an invalid input in iop key generation Signed-off-by: Waleed Elmelegy --- .../tests/suites/test_suite_psa_crypto.function | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function b/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function index 4cd4eae73..9dc68b536 100644 --- a/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function +++ b/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function @@ -10146,9 +10146,21 @@ void generate_key(int type_arg, PSA_ASSERT(psa_generate_key_iop_abort(&operation)); +#if defined(MBEDTLS_ECP_RESTARTABLE) + /* In case the expected status is a failure test a valid input will succeed after abort */ + if (expected_status != PSA_SUCCESS) { + memset(&attributes, 0, sizeof(attributes)); + psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)); + psa_set_key_bits(&attributes, 256); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | + PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, PSA_ALG_ECDSA_ANY); + } /* Test that after calling abort operation is reset to it's fresh state */ status = psa_generate_key_iop_setup(&operation, &attributes); - TEST_EQUAL(status, expected_status); + TEST_EQUAL(status, PSA_SUCCESS); +#endif exit: psa_generate_key_iop_abort(&operation); From 1f5075b23f63ad64dcb080fa350eee549de86e6f Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Mon, 4 Nov 2024 15:58:01 +0000 Subject: [PATCH 08/10] Revert "Add testing valid attributes after aborting an invalid input in iop key generation" This reverts commit 005b78c307eab92b8ebbee922ed54a145417e3e9. Signed-off-by: Waleed Elmelegy --- .../tests/suites/test_suite_psa_crypto.function | 14 +------------- 1 file changed, 1 insertion(+), 13 deletions(-) diff --git a/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function b/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function index 9dc68b536..4cd4eae73 100644 --- a/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function +++ b/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function @@ -10146,21 +10146,9 @@ void generate_key(int type_arg, PSA_ASSERT(psa_generate_key_iop_abort(&operation)); -#if defined(MBEDTLS_ECP_RESTARTABLE) - /* In case the expected status is a failure test a valid input will succeed after abort */ - if (expected_status != PSA_SUCCESS) { - memset(&attributes, 0, sizeof(attributes)); - psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)); - psa_set_key_bits(&attributes, 256); - psa_set_key_usage_flags(&attributes, - PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | - PSA_KEY_USAGE_VERIFY_HASH); - psa_set_key_algorithm(&attributes, PSA_ALG_ECDSA_ANY); - } /* Test that after calling abort operation is reset to it's fresh state */ status = psa_generate_key_iop_setup(&operation, &attributes); - TEST_EQUAL(status, PSA_SUCCESS); -#endif + TEST_EQUAL(status, expected_status); exit: psa_generate_key_iop_abort(&operation); From df186be8f5e48107c6023f187a33e9506b66c551 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Mon, 4 Nov 2024 17:26:19 +0000 Subject: [PATCH 09/10] Add extra tests cases for different Weierstrass curves for key generation Signed-off-by: Waleed Elmelegy --- .../tests/suites/test_suite_psa_crypto.data | 32 +++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/tf-psa-crypto/tests/suites/test_suite_psa_crypto.data b/tf-psa-crypto/tests/suites/test_suite_psa_crypto.data index 379d497f5..851d06b60 100644 --- a/tf-psa-crypto/tests/suites/test_suite_psa_crypto.data +++ b/tf-psa-crypto/tests/suites/test_suite_psa_crypto.data @@ -7482,6 +7482,38 @@ PSA generate key: ECC, SECP256R1, good depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_R1_256 generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_SUCCESS:0 +PSA generate key: ECC, SECP384R1, good +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_R1_384 +generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_SUCCESS:0 + +PSA generate key: ECC, SECP521R1, good +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_R1_521 +generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_SUCCESS:0 + +PSA generate key: ECC, SECP192K1, good +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_K1_192 +generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_SUCCESS:0 + +PSA generate key: ECC, SECP224K1, good +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_K1_224 +generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_SUCCESS:0 + +PSA generate key: ECC, SECP256K1, good +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_K1_256 +generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_SUCCESS:0 + +PSA generate key: ECC, brainpool160r1, good +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_BRAINPOOL_P_R1_160 +generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_SUCCESS:0 + +PSA generate key: ECC, brainpool256r1, good +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_BRAINPOOL_P_R1_256 +generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_SUCCESS:0 + +PSA generate key: ECC, brainpool384r1, good +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_BRAINPOOL_P_R1_384 +generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_SUCCESS:0 + PSA generate key: ECC, SECP256R1, incorrect bit size depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 # INVALID_ARGUMENT would make more sense, but our code as currently structured From 1ea62b11e15e0d40b792b0d1f93c717e141d2388 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Tue, 5 Nov 2024 12:39:16 +0000 Subject: [PATCH 10/10] Remove generate key brainpool160r1 & SECP224K1 test cases Remove generate key brainpool160r1 & SECP224K1 test cases as they are scheduled to be removed in 4.0 . Signed-off-by: Waleed Elmelegy --- tf-psa-crypto/tests/suites/test_suite_psa_crypto.data | 8 -------- 1 file changed, 8 deletions(-) diff --git a/tf-psa-crypto/tests/suites/test_suite_psa_crypto.data b/tf-psa-crypto/tests/suites/test_suite_psa_crypto.data index 851d06b60..e7d349e8d 100644 --- a/tf-psa-crypto/tests/suites/test_suite_psa_crypto.data +++ b/tf-psa-crypto/tests/suites/test_suite_psa_crypto.data @@ -7494,18 +7494,10 @@ PSA generate key: ECC, SECP192K1, good depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_K1_192 generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_SUCCESS:0 -PSA generate key: ECC, SECP224K1, good -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_K1_224 -generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_SUCCESS:0 - PSA generate key: ECC, SECP256K1, good depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_K1_256 generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_SUCCESS:0 -PSA generate key: ECC, brainpool160r1, good -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_BRAINPOOL_P_R1_160 -generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_SUCCESS:0 - PSA generate key: ECC, brainpool256r1, good depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_BRAINPOOL_P_R1_256 generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_SUCCESS:0