From 0e307647e6012c21de2aece6328e9bb2321f6138 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Thu, 18 Feb 2021 16:18:32 +0100 Subject: [PATCH 01/30] Split hashing operations out into an mbedTLS hash driver Signed-off-by: Steven Cooreman --- include/psa/crypto_struct.h | 31 +-- library/CMakeLists.txt | 1 + library/Makefile | 1 + library/psa_crypto.c | 415 ++++--------------------------- library/psa_crypto_hash.c | 442 +++++++++++++++++++++++++++++++++ library/psa_crypto_hash.h | 236 ++++++++++++++++++ visualc/VS2010/mbedTLS.vcxproj | 2 + 7 files changed, 740 insertions(+), 388 deletions(-) create mode 100644 library/psa_crypto_hash.c create mode 100644 library/psa_crypto_hash.h diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 04ece6daa..1defd9bd7 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -89,35 +89,10 @@ typedef struct { struct psa_hash_operation_s { - psa_algorithm_t alg; - union - { - unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ -#if defined(MBEDTLS_MD2_C) - mbedtls_md2_context md2; -#endif -#if defined(MBEDTLS_MD4_C) - mbedtls_md4_context md4; -#endif -#if defined(MBEDTLS_MD5_C) - mbedtls_md5_context md5; -#endif -#if defined(MBEDTLS_RIPEMD160_C) - mbedtls_ripemd160_context ripemd160; -#endif -#if defined(MBEDTLS_SHA1_C) - mbedtls_sha1_context sha1; -#endif -#if defined(MBEDTLS_SHA256_C) - mbedtls_sha256_context sha256; -#endif -#if defined(MBEDTLS_SHA512_C) - mbedtls_sha512_context sha512; -#endif - } ctx; + psa_operation_driver_context_t ctx; }; -#define PSA_HASH_OPERATION_INIT {0, {0}} +#define PSA_HASH_OPERATION_INIT {{0, 0}} static inline struct psa_hash_operation_s psa_hash_operation_init( void ) { const struct psa_hash_operation_s v = PSA_HASH_OPERATION_INIT; @@ -127,6 +102,8 @@ static inline struct psa_hash_operation_s psa_hash_operation_init( void ) #if defined(MBEDTLS_MD_C) typedef struct { + /** The HMAC algorithm in use */ + psa_algorithm_t alg; /** The hash context. */ struct psa_hash_operation_s hash_ctx; /** The HMAC part of the context. */ diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 9c252a8bd..8eee6d7e9 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -64,6 +64,7 @@ set(src_crypto psa_crypto_client.c psa_crypto_driver_wrappers.c psa_crypto_ecp.c + psa_crypto_hash.c psa_crypto_rsa.c psa_crypto_se.c psa_crypto_slot_management.c diff --git a/library/Makefile b/library/Makefile index 903dc0df0..8c69671a4 100644 --- a/library/Makefile +++ b/library/Makefile @@ -121,6 +121,7 @@ OBJS_CRYPTO= \ psa_crypto_client.o \ psa_crypto_driver_wrappers.o \ psa_crypto_ecp.o \ + psa_crypto_hash.o \ psa_crypto_rsa.o \ psa_crypto_se.o \ psa_crypto_slot_management.o \ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 62252721f..84cf32d26 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -33,6 +33,7 @@ #include "psa_crypto_invasive.h" #include "psa_crypto_driver_wrappers.h" #include "psa_crypto_ecp.h" +#include "psa_crypto_hash.h" #include "psa_crypto_rsa.h" #include "psa_crypto_ecp.h" #if defined(MBEDTLS_PSA_CRYPTO_SE_C) @@ -2196,219 +2197,58 @@ const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ) psa_status_t psa_hash_abort( psa_hash_operation_t *operation ) { - switch( operation->alg ) + if( operation != NULL ) { - case 0: - /* The object has (apparently) been initialized but it is not - * in use. It's ok to call abort on such an object, and there's - * nothing to do. */ - break; -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) - case PSA_ALG_MD2: - mbedtls_md2_free( &operation->ctx.md2 ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) - case PSA_ALG_MD4: - mbedtls_md4_free( &operation->ctx.md4 ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) - case PSA_ALG_MD5: - mbedtls_md5_free( &operation->ctx.md5 ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) - case PSA_ALG_RIPEMD160: - mbedtls_ripemd160_free( &operation->ctx.ripemd160 ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) - case PSA_ALG_SHA_1: - mbedtls_sha1_free( &operation->ctx.sha1 ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) - case PSA_ALG_SHA_224: - mbedtls_sha256_free( &operation->ctx.sha256 ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) - case PSA_ALG_SHA_256: - mbedtls_sha256_free( &operation->ctx.sha256 ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) - case PSA_ALG_SHA_384: - mbedtls_sha512_free( &operation->ctx.sha512 ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) - case PSA_ALG_SHA_512: - mbedtls_sha512_free( &operation->ctx.sha512 ); - break; -#endif - default: - return( PSA_ERROR_BAD_STATE ); + if( operation->ctx.ctx != NULL ) + { + psa_status_t status = mbedtls_psa_hash_abort( operation->ctx.ctx ); + mbedtls_free( operation->ctx.ctx ); + operation->ctx.ctx = NULL; + return( status ); + } + else + { + // Multiple consequent calls to abort return success + return( PSA_SUCCESS ); + } } - operation->alg = 0; - return( PSA_SUCCESS ); + else + return( PSA_ERROR_INVALID_ARGUMENT ); } psa_status_t psa_hash_setup( psa_hash_operation_t *operation, psa_algorithm_t alg ) { - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + + if( operation == NULL || !PSA_ALG_IS_HASH( alg ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); /* A context must be freshly initialized before it can be set up. */ - if( operation->alg != 0 ) - { + if( operation->ctx.ctx != NULL ) return( PSA_ERROR_BAD_STATE ); - } - switch( alg ) - { -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) - case PSA_ALG_MD2: - mbedtls_md2_init( &operation->ctx.md2 ); - ret = mbedtls_md2_starts_ret( &operation->ctx.md2 ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) - case PSA_ALG_MD4: - mbedtls_md4_init( &operation->ctx.md4 ); - ret = mbedtls_md4_starts_ret( &operation->ctx.md4 ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) - case PSA_ALG_MD5: - mbedtls_md5_init( &operation->ctx.md5 ); - ret = mbedtls_md5_starts_ret( &operation->ctx.md5 ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) - case PSA_ALG_RIPEMD160: - mbedtls_ripemd160_init( &operation->ctx.ripemd160 ); - ret = mbedtls_ripemd160_starts_ret( &operation->ctx.ripemd160 ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) - case PSA_ALG_SHA_1: - mbedtls_sha1_init( &operation->ctx.sha1 ); - ret = mbedtls_sha1_starts_ret( &operation->ctx.sha1 ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) - case PSA_ALG_SHA_224: - mbedtls_sha256_init( &operation->ctx.sha256 ); - ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 1 ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) - case PSA_ALG_SHA_256: - mbedtls_sha256_init( &operation->ctx.sha256 ); - ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 0 ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) - case PSA_ALG_SHA_384: - mbedtls_sha512_init( &operation->ctx.sha512 ); - ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 1 ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) - case PSA_ALG_SHA_512: - mbedtls_sha512_init( &operation->ctx.sha512 ); - ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 0 ); - break; -#endif - default: - return( PSA_ALG_IS_HASH( alg ) ? - PSA_ERROR_NOT_SUPPORTED : - PSA_ERROR_INVALID_ARGUMENT ); - } - if( ret == 0 ) - operation->alg = alg; - else + operation->ctx.ctx = mbedtls_calloc( 1, sizeof(mbedtls_psa_hash_operation_t) ); + status = mbedtls_psa_hash_setup( operation->ctx.ctx, alg ); + if( status != PSA_SUCCESS ) psa_hash_abort( operation ); - return( mbedtls_to_psa_error( ret ) ); + return( status ); } psa_status_t psa_hash_update( psa_hash_operation_t *operation, const uint8_t *input, size_t input_length ) { - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + if( operation == NULL ) + return( PSA_ERROR_INVALID_ARGUMENT ); + if( operation->ctx.ctx == NULL ) + return( PSA_ERROR_BAD_STATE ); - /* Don't require hash implementations to behave correctly on a - * zero-length input, which may have an invalid pointer. */ - if( input_length == 0 ) - return( PSA_SUCCESS ); - - switch( operation->alg ) - { -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) - case PSA_ALG_MD2: - ret = mbedtls_md2_update_ret( &operation->ctx.md2, - input, input_length ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) - case PSA_ALG_MD4: - ret = mbedtls_md4_update_ret( &operation->ctx.md4, - input, input_length ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) - case PSA_ALG_MD5: - ret = mbedtls_md5_update_ret( &operation->ctx.md5, - input, input_length ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) - case PSA_ALG_RIPEMD160: - ret = mbedtls_ripemd160_update_ret( &operation->ctx.ripemd160, - input, input_length ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) - case PSA_ALG_SHA_1: - ret = mbedtls_sha1_update_ret( &operation->ctx.sha1, - input, input_length ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) - case PSA_ALG_SHA_224: - ret = mbedtls_sha256_update_ret( &operation->ctx.sha256, - input, input_length ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) - case PSA_ALG_SHA_256: - ret = mbedtls_sha256_update_ret( &operation->ctx.sha256, - input, input_length ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) - case PSA_ALG_SHA_384: - ret = mbedtls_sha512_update_ret( &operation->ctx.sha512, - input, input_length ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) - case PSA_ALG_SHA_512: - ret = mbedtls_sha512_update_ret( &operation->ctx.sha512, - input, input_length ); - break; -#endif - default: - (void)input; - return( PSA_ERROR_BAD_STATE ); - } - - if( ret != 0 ) + psa_status_t status = mbedtls_psa_hash_update( operation->ctx.ctx, + input, input_length ); + if( status != PSA_SUCCESS ) psa_hash_abort( operation ); - return( mbedtls_to_psa_error( ret ) ); + return( status ); } psa_status_t psa_hash_finish( psa_hash_operation_t *operation, @@ -2416,88 +2256,15 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation, size_t hash_size, size_t *hash_length ) { - psa_status_t status; - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t actual_hash_length = PSA_HASH_LENGTH( operation->alg ); + if( operation == NULL ) + return( PSA_ERROR_INVALID_ARGUMENT ); + if( operation->ctx.ctx == NULL ) + return( PSA_ERROR_BAD_STATE ); - /* Fill the output buffer with something that isn't a valid hash - * (barring an attack on the hash and deliberately-crafted input), - * in case the caller doesn't check the return status properly. */ - *hash_length = hash_size; - /* If hash_size is 0 then hash may be NULL and then the - * call to memset would have undefined behavior. */ - if( hash_size != 0 ) - memset( hash, '!', hash_size ); - - if( hash_size < actual_hash_length ) - { - status = PSA_ERROR_BUFFER_TOO_SMALL; - goto exit; - } - - switch( operation->alg ) - { -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) - case PSA_ALG_MD2: - ret = mbedtls_md2_finish_ret( &operation->ctx.md2, hash ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) - case PSA_ALG_MD4: - ret = mbedtls_md4_finish_ret( &operation->ctx.md4, hash ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) - case PSA_ALG_MD5: - ret = mbedtls_md5_finish_ret( &operation->ctx.md5, hash ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) - case PSA_ALG_RIPEMD160: - ret = mbedtls_ripemd160_finish_ret( &operation->ctx.ripemd160, hash ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) - case PSA_ALG_SHA_1: - ret = mbedtls_sha1_finish_ret( &operation->ctx.sha1, hash ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) - case PSA_ALG_SHA_224: - ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) - case PSA_ALG_SHA_256: - ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) - case PSA_ALG_SHA_384: - ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) - case PSA_ALG_SHA_512: - ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash ); - break; -#endif - default: - return( PSA_ERROR_BAD_STATE ); - } - status = mbedtls_to_psa_error( ret ); - -exit: - if( status == PSA_SUCCESS ) - { - *hash_length = actual_hash_length; - return( psa_hash_abort( operation ) ); - } - else - { - psa_hash_abort( operation ); - return( status ); - } + psa_status_t status = mbedtls_psa_hash_finish( operation->ctx.ctx, + hash, hash_size, hash_length ); + psa_hash_abort( operation ); + return( status ); } psa_status_t psa_hash_verify( psa_hash_operation_t *operation, @@ -2523,26 +2290,8 @@ psa_status_t psa_hash_compute( psa_algorithm_t alg, uint8_t *hash, size_t hash_size, size_t *hash_length ) { - psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - - *hash_length = hash_size; - status = psa_hash_setup( &operation, alg ); - if( status != PSA_SUCCESS ) - goto exit; - status = psa_hash_update( &operation, input, input_length ); - if( status != PSA_SUCCESS ) - goto exit; - status = psa_hash_finish( &operation, hash, hash_size, hash_length ); - if( status != PSA_SUCCESS ) - goto exit; - -exit: - if( status == PSA_SUCCESS ) - status = psa_hash_abort( &operation ); - else - psa_hash_abort( &operation ); - return( status ); + return( mbedtls_psa_hash_compute( alg, input, input_length, + hash, hash_size, hash_length ) ); } psa_status_t psa_hash_compare( psa_algorithm_t alg, @@ -2573,73 +2322,15 @@ exit: psa_status_t psa_hash_clone( const psa_hash_operation_t *source_operation, psa_hash_operation_t *target_operation ) { - if( target_operation->alg != 0 ) + if( source_operation == NULL || target_operation == NULL ) + return( PSA_ERROR_INVALID_ARGUMENT ); + if( source_operation->ctx.ctx == NULL ) + return( PSA_ERROR_BAD_STATE ); + if( target_operation->ctx.ctx != NULL ) return( PSA_ERROR_BAD_STATE ); - switch( source_operation->alg ) - { - case 0: - return( PSA_ERROR_BAD_STATE ); -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) - case PSA_ALG_MD2: - mbedtls_md2_clone( &target_operation->ctx.md2, - &source_operation->ctx.md2 ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) - case PSA_ALG_MD4: - mbedtls_md4_clone( &target_operation->ctx.md4, - &source_operation->ctx.md4 ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) - case PSA_ALG_MD5: - mbedtls_md5_clone( &target_operation->ctx.md5, - &source_operation->ctx.md5 ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) - case PSA_ALG_RIPEMD160: - mbedtls_ripemd160_clone( &target_operation->ctx.ripemd160, - &source_operation->ctx.ripemd160 ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) - case PSA_ALG_SHA_1: - mbedtls_sha1_clone( &target_operation->ctx.sha1, - &source_operation->ctx.sha1 ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) - case PSA_ALG_SHA_224: - mbedtls_sha256_clone( &target_operation->ctx.sha256, - &source_operation->ctx.sha256 ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) - case PSA_ALG_SHA_256: - mbedtls_sha256_clone( &target_operation->ctx.sha256, - &source_operation->ctx.sha256 ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) - case PSA_ALG_SHA_384: - mbedtls_sha512_clone( &target_operation->ctx.sha512, - &source_operation->ctx.sha512 ); - break; -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) - case PSA_ALG_SHA_512: - mbedtls_sha512_clone( &target_operation->ctx.sha512, - &source_operation->ctx.sha512 ); - break; -#endif - default: - return( PSA_ERROR_NOT_SUPPORTED ); - } - - target_operation->alg = source_operation->alg; - return( PSA_SUCCESS ); + target_operation->ctx.ctx = mbedtls_calloc(1, sizeof(mbedtls_psa_hash_operation_t)); + return( mbedtls_psa_hash_clone( source_operation->ctx.ctx, target_operation->ctx.ctx ) ); } @@ -2795,7 +2486,7 @@ static psa_status_t psa_mac_init( psa_mac_operation_t *operation, if( PSA_ALG_IS_HMAC( operation->alg ) ) { /* We'll set up the hash operation later in psa_hmac_setup_internal. */ - operation->ctx.hmac.hash_ctx.alg = 0; + operation->ctx.hmac.alg = 0; status = PSA_SUCCESS; } else @@ -2902,6 +2593,8 @@ static psa_status_t psa_hmac_setup_internal( psa_hmac_internal_data *hmac, size_t block_size = psa_get_hash_block_size( hash_alg ); psa_status_t status; + hmac->alg = hash_alg; + /* Sanity checks on block_size, to guarantee that there won't be a buffer * overflow below. This should never trigger if the hash algorithm * is implemented correctly. */ @@ -3119,7 +2812,7 @@ static psa_status_t psa_hmac_finish_internal( psa_hmac_internal_data *hmac, size_t mac_size ) { uint8_t tmp[MBEDTLS_MD_MAX_SIZE]; - psa_algorithm_t hash_alg = hmac->hash_ctx.alg; + psa_algorithm_t hash_alg = hmac->alg; size_t hash_size = 0; size_t block_size = psa_get_hash_block_size( hash_alg ); psa_status_t status; diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c new file mode 100644 index 000000000..deb13c215 --- /dev/null +++ b/library/psa_crypto_hash.c @@ -0,0 +1,442 @@ +/* + * PSA hashing layer on top of Mbed TLS software crypto + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "common.h" + +#if defined(MBEDTLS_PSA_CRYPTO_C) + +#include +#include "psa_crypto_core.h" +#include "psa_crypto_hash.h" + +#include +#include + +psa_status_t mbedtls_psa_hash_compute( + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *hash, + size_t hash_size, + size_t *hash_length) +{ + mbedtls_psa_hash_operation_t operation = MBEDTLS_PSA_HASH_OPERATION_INIT; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + + *hash_length = hash_size; + status = mbedtls_psa_hash_setup( &operation, alg ); + if( status != PSA_SUCCESS ) + goto exit; + status = mbedtls_psa_hash_update( &operation, input, input_length ); + if( status != PSA_SUCCESS ) + goto exit; + status = mbedtls_psa_hash_finish( &operation, hash, hash_size, hash_length ); + if( status != PSA_SUCCESS ) + goto exit; + +exit: + if( status == PSA_SUCCESS ) + status = mbedtls_psa_hash_abort( &operation ); + else + mbedtls_psa_hash_abort( &operation ); + return( status ); +} + +psa_status_t mbedtls_psa_hash_setup( + mbedtls_psa_hash_operation_t *operation, + psa_algorithm_t alg ) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + + /* A context must be freshly initialized before it can be set up. */ + if( operation->alg != 0 ) + { + return( PSA_ERROR_BAD_STATE ); + } + + switch( alg ) + { +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) + case PSA_ALG_MD2: + mbedtls_md2_init( &operation->ctx.md2 ); + ret = mbedtls_md2_starts_ret( &operation->ctx.md2 ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) + case PSA_ALG_MD4: + mbedtls_md4_init( &operation->ctx.md4 ); + ret = mbedtls_md4_starts_ret( &operation->ctx.md4 ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) + case PSA_ALG_MD5: + mbedtls_md5_init( &operation->ctx.md5 ); + ret = mbedtls_md5_starts_ret( &operation->ctx.md5 ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) + case PSA_ALG_RIPEMD160: + mbedtls_ripemd160_init( &operation->ctx.ripemd160 ); + ret = mbedtls_ripemd160_starts_ret( &operation->ctx.ripemd160 ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) + case PSA_ALG_SHA_1: + mbedtls_sha1_init( &operation->ctx.sha1 ); + ret = mbedtls_sha1_starts_ret( &operation->ctx.sha1 ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) + case PSA_ALG_SHA_224: + mbedtls_sha256_init( &operation->ctx.sha256 ); + ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 1 ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) + case PSA_ALG_SHA_256: + mbedtls_sha256_init( &operation->ctx.sha256 ); + ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 0 ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) + case PSA_ALG_SHA_384: + mbedtls_sha512_init( &operation->ctx.sha512 ); + ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 1 ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) + case PSA_ALG_SHA_512: + mbedtls_sha512_init( &operation->ctx.sha512 ); + ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 0 ); + break; +#endif + default: + return( PSA_ALG_IS_HASH( alg ) ? + PSA_ERROR_NOT_SUPPORTED : + PSA_ERROR_INVALID_ARGUMENT ); + } + if( ret == 0 ) + operation->alg = alg; + else + mbedtls_psa_hash_abort( operation ); + return( mbedtls_to_psa_error( ret ) ); +} + +psa_status_t mbedtls_psa_hash_clone( + const mbedtls_psa_hash_operation_t *source_operation, + mbedtls_psa_hash_operation_t *target_operation ) +{ + switch( source_operation->alg ) + { + case 0: + return( PSA_ERROR_BAD_STATE ); +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) + case PSA_ALG_MD2: + mbedtls_md2_clone( &target_operation->ctx.md2, + &source_operation->ctx.md2 ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) + case PSA_ALG_MD4: + mbedtls_md4_clone( &target_operation->ctx.md4, + &source_operation->ctx.md4 ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) + case PSA_ALG_MD5: + mbedtls_md5_clone( &target_operation->ctx.md5, + &source_operation->ctx.md5 ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) + case PSA_ALG_RIPEMD160: + mbedtls_ripemd160_clone( &target_operation->ctx.ripemd160, + &source_operation->ctx.ripemd160 ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) + case PSA_ALG_SHA_1: + mbedtls_sha1_clone( &target_operation->ctx.sha1, + &source_operation->ctx.sha1 ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) + case PSA_ALG_SHA_224: + mbedtls_sha256_clone( &target_operation->ctx.sha256, + &source_operation->ctx.sha256 ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) + case PSA_ALG_SHA_256: + mbedtls_sha256_clone( &target_operation->ctx.sha256, + &source_operation->ctx.sha256 ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) + case PSA_ALG_SHA_384: + mbedtls_sha512_clone( &target_operation->ctx.sha512, + &source_operation->ctx.sha512 ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) + case PSA_ALG_SHA_512: + mbedtls_sha512_clone( &target_operation->ctx.sha512, + &source_operation->ctx.sha512 ); + break; +#endif + default: + return( PSA_ERROR_NOT_SUPPORTED ); + } + + target_operation->alg = source_operation->alg; + return( PSA_SUCCESS ); +} + +psa_status_t mbedtls_psa_hash_update( + mbedtls_psa_hash_operation_t *operation, + const uint8_t *input, + size_t input_length ) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + + /* Don't require hash implementations to behave correctly on a + * zero-length input, which may have an invalid pointer. */ + if( input_length == 0 ) + return( PSA_SUCCESS ); + + switch( operation->alg ) + { +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) + case PSA_ALG_MD2: + ret = mbedtls_md2_update_ret( &operation->ctx.md2, + input, input_length ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) + case PSA_ALG_MD4: + ret = mbedtls_md4_update_ret( &operation->ctx.md4, + input, input_length ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) + case PSA_ALG_MD5: + ret = mbedtls_md5_update_ret( &operation->ctx.md5, + input, input_length ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) + case PSA_ALG_RIPEMD160: + ret = mbedtls_ripemd160_update_ret( &operation->ctx.ripemd160, + input, input_length ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) + case PSA_ALG_SHA_1: + ret = mbedtls_sha1_update_ret( &operation->ctx.sha1, + input, input_length ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) + case PSA_ALG_SHA_224: + ret = mbedtls_sha256_update_ret( &operation->ctx.sha256, + input, input_length ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) + case PSA_ALG_SHA_256: + ret = mbedtls_sha256_update_ret( &operation->ctx.sha256, + input, input_length ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) + case PSA_ALG_SHA_384: + ret = mbedtls_sha512_update_ret( &operation->ctx.sha512, + input, input_length ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) + case PSA_ALG_SHA_512: + ret = mbedtls_sha512_update_ret( &operation->ctx.sha512, + input, input_length ); + break; +#endif + default: + (void)input; + return( PSA_ERROR_BAD_STATE ); + } + + if( ret != 0 ) + mbedtls_psa_hash_abort( operation ); + return( mbedtls_to_psa_error( ret ) ); +} + +psa_status_t mbedtls_psa_hash_finish( + mbedtls_psa_hash_operation_t *operation, + uint8_t *hash, + size_t hash_size, + size_t *hash_length ) +{ + psa_status_t status; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t actual_hash_length = PSA_HASH_LENGTH( operation->alg ); + + /* Fill the output buffer with something that isn't a valid hash + * (barring an attack on the hash and deliberately-crafted input), + * in case the caller doesn't check the return status properly. */ + *hash_length = hash_size; + /* If hash_size is 0 then hash may be NULL and then the + * call to memset would have undefined behavior. */ + if( hash_size != 0 ) + memset( hash, '!', hash_size ); + + if( hash_size < actual_hash_length ) + { + status = PSA_ERROR_BUFFER_TOO_SMALL; + goto exit; + } + + switch( operation->alg ) + { +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) + case PSA_ALG_MD2: + ret = mbedtls_md2_finish_ret( &operation->ctx.md2, hash ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) + case PSA_ALG_MD4: + ret = mbedtls_md4_finish_ret( &operation->ctx.md4, hash ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) + case PSA_ALG_MD5: + ret = mbedtls_md5_finish_ret( &operation->ctx.md5, hash ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) + case PSA_ALG_RIPEMD160: + ret = mbedtls_ripemd160_finish_ret( &operation->ctx.ripemd160, hash ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) + case PSA_ALG_SHA_1: + ret = mbedtls_sha1_finish_ret( &operation->ctx.sha1, hash ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) + case PSA_ALG_SHA_224: + ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) + case PSA_ALG_SHA_256: + ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) + case PSA_ALG_SHA_384: + ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) + case PSA_ALG_SHA_512: + ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash ); + break; +#endif + default: + return( PSA_ERROR_BAD_STATE ); + } + status = mbedtls_to_psa_error( ret ); + +exit: + if( status == PSA_SUCCESS ) + { + *hash_length = actual_hash_length; + return( mbedtls_psa_hash_abort( operation ) ); + } + else + { + mbedtls_psa_hash_abort( operation ); + return( status ); + } +} + +psa_status_t mbedtls_psa_hash_abort( + mbedtls_psa_hash_operation_t *operation ) +{ + switch( operation->alg ) + { + case 0: + /* The object has (apparently) been initialized but it is not + * in use. It's ok to call abort on such an object, and there's + * nothing to do. */ + break; +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) + case PSA_ALG_MD2: + mbedtls_md2_free( &operation->ctx.md2 ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) + case PSA_ALG_MD4: + mbedtls_md4_free( &operation->ctx.md4 ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) + case PSA_ALG_MD5: + mbedtls_md5_free( &operation->ctx.md5 ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) + case PSA_ALG_RIPEMD160: + mbedtls_ripemd160_free( &operation->ctx.ripemd160 ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) + case PSA_ALG_SHA_1: + mbedtls_sha1_free( &operation->ctx.sha1 ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) + case PSA_ALG_SHA_224: + mbedtls_sha256_free( &operation->ctx.sha256 ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) + case PSA_ALG_SHA_256: + mbedtls_sha256_free( &operation->ctx.sha256 ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) + case PSA_ALG_SHA_384: + mbedtls_sha512_free( &operation->ctx.sha512 ); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) + case PSA_ALG_SHA_512: + mbedtls_sha512_free( &operation->ctx.sha512 ); + break; +#endif + default: + return( PSA_ERROR_BAD_STATE ); + } + operation->alg = 0; + return( PSA_SUCCESS ); +} + +#endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_hash.h b/library/psa_crypto_hash.h new file mode 100644 index 000000000..42a8183b3 --- /dev/null +++ b/library/psa_crypto_hash.h @@ -0,0 +1,236 @@ +/* + * PSA hashing layer on top of Mbed TLS software crypto + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PSA_CRYPTO_HASH_H +#define PSA_CRYPTO_HASH_H + +#include +#include "mbedtls/md2.h" +#include "mbedtls/md4.h" +#include "mbedtls/md5.h" +#include "mbedtls/ripemd160.h" +#include "mbedtls/sha1.h" +#include "mbedtls/sha256.h" +#include "mbedtls/sha512.h" + +typedef struct +{ + psa_algorithm_t alg; + union + { + unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ +#if defined(MBEDTLS_MD2_C) + mbedtls_md2_context md2; +#endif +#if defined(MBEDTLS_MD4_C) + mbedtls_md4_context md4; +#endif +#if defined(MBEDTLS_MD5_C) + mbedtls_md5_context md5; +#endif +#if defined(MBEDTLS_RIPEMD160_C) + mbedtls_ripemd160_context ripemd160; +#endif +#if defined(MBEDTLS_SHA1_C) + mbedtls_sha1_context sha1; +#endif +#if defined(MBEDTLS_SHA256_C) + mbedtls_sha256_context sha256; +#endif +#if defined(MBEDTLS_SHA512_C) + mbedtls_sha512_context sha512; +#endif + } ctx; +} mbedtls_psa_hash_operation_t; + +#define MBEDTLS_PSA_HASH_OPERATION_INIT {0, {0}} + +/** Calculate the hash (digest) of a message using Mbed TLS routines. + * + * \param alg The hash algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_HASH(\p alg) is true). + * \param[in] input Buffer containing the message to hash. + * \param input_length Size of the \p input buffer in bytes. + * \param[out] hash Buffer where the hash is to be written. + * \param hash_size Size of the \p hash buffer in bytes. + * \param[out] hash_length On success, the number of bytes + * that make up the hash value. This is always + * #PSA_HASH_LENGTH(\p alg). + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not supported or is not a hash algorithm. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \p hash_size is too small + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + */ +psa_status_t mbedtls_psa_hash_compute( + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *hash, + size_t hash_size, + size_t *hash_length); + +/** Set up a multipart hash operation using Mbed TLS routines. + * + * If an error occurs at any step after a call to mbedtls_psa_hash_setup(), the + * operation will need to be reset by a call to mbedtls_psa_hash_abort(). The + * core may call mbedtls_psa_hash_abort() at any time after the operation + * has been initialized. + * + * After a successful call to mbedtls_psa_hash_setup(), the core must + * eventually terminate the operation. The following events terminate an + * operation: + * - A successful call to mbedtls_psa_hash_finish() or mbedtls_psa_hash_verify(). + * - A call to mbedtls_psa_hash_abort(). + * + * \param[in,out] operation The operation object to set up. It must have + * been initialized to all-zero and not yet be in use. + * \param alg The hash algorithm to compute (\c PSA_ALG_XXX value + * such that #PSA_ALG_IS_HASH(\p alg) is true). + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \p alg is not a supported hash algorithm. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be inactive). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_CORRUPTION_DETECTED + */ +psa_status_t mbedtls_psa_hash_setup( + mbedtls_psa_hash_operation_t *operation, + psa_algorithm_t alg ); + +/** Clone an Mbed TLS hash operation. + * + * This function copies the state of an ongoing hash operation to + * a new operation object. In other words, this function is equivalent + * to calling mbedtls_psa_hash_setup() on \p target_operation with the same + * algorithm that \p source_operation was set up for, then + * mbedtls_psa_hash_update() on \p target_operation with the same input that + * that was passed to \p source_operation. After this function returns, the + * two objects are independent, i.e. subsequent calls involving one of + * the objects do not affect the other object. + * + * \param[in] source_operation The active hash operation to clone. + * \param[in,out] target_operation The operation object to set up. + * It must be initialized but not active. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_BAD_STATE + * The \p source_operation state is not valid (it must be active). + * \retval #PSA_ERROR_BAD_STATE + * The \p target_operation state is not valid (it must be inactive). + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + */ +psa_status_t mbedtls_psa_hash_clone( + const mbedtls_psa_hash_operation_t *source_operation, + mbedtls_psa_hash_operation_t *target_operation ); + +/** Add a message fragment to a multipart Mbed TLS hash operation. + * + * The application must call mbedtls_psa_hash_setup() before calling this function. + * + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling mbedtls_psa_hash_abort(). + * + * \param[in,out] operation Active hash operation. + * \param[in] input Buffer containing the message fragment to hash. + * \param input_length Size of the \p input buffer in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it muct be active). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_CORRUPTION_DETECTED + */ +psa_status_t mbedtls_psa_hash_update( + mbedtls_psa_hash_operation_t *operation, + const uint8_t *input, + size_t input_length ); + +/** Finish the calculation of the Mbed TLS-calculated hash of a message. + * + * The application must call mbedtls_psa_hash_setup() before calling this function. + * This function calculates the hash of the message formed by concatenating + * the inputs passed to preceding calls to mbedtls_psa_hash_update(). + * + * When this function returns successfuly, the operation becomes inactive. + * If this function returns an error status, the operation enters an error + * state and must be aborted by calling mbedtls_psa_hash_abort(). + * + * \param[in,out] operation Active hash operation. + * \param[out] hash Buffer where the hash is to be written. + * \param hash_size Size of the \p hash buffer in bytes. + * \param[out] hash_length On success, the number of bytes + * that make up the hash value. This is always + * #PSA_HASH_LENGTH(\c alg) where \c alg is the + * hash algorithm that is calculated. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active). + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p hash buffer is too small. You can determine a + * sufficient buffer size by calling #PSA_HASH_LENGTH(\c alg) + * where \c alg is the hash algorithm that is calculated. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_CORRUPTION_DETECTED + */ +psa_status_t mbedtls_psa_hash_finish( + mbedtls_psa_hash_operation_t *operation, + uint8_t *hash, + size_t hash_size, + size_t *hash_length ); + +/** Abort an Mbed TLS hash operation. + * + * Aborting an operation frees all associated resources except for the + * \p operation structure itself. Once aborted, the operation object + * can be reused for another operation by calling + * mbedtls_psa_hash_setup() again. + * + * You may call this function any time after the operation object has + * been initialized by one of the methods described in #psa_hash_operation_t. + * + * In particular, calling mbedtls_psa_hash_abort() after the operation has been + * terminated by a call to mbedtls_psa_hash_abort(), mbedtls_psa_hash_finish() or + * mbedtls_psa_hash_verify() is safe and has no effect. + * + * \param[in,out] operation Initialized hash operation. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_CORRUPTION_DETECTED + */ +psa_status_t mbedtls_psa_hash_abort( + mbedtls_psa_hash_operation_t *operation ); + +#endif /* PSA_CRYPTO_HASH_H */ diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index c2051e6d6..a80671e11 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -251,6 +251,7 @@ + @@ -324,6 +325,7 @@ + From 84d670d20c910b263e26177c41311e47b932108b Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Thu, 18 Feb 2021 16:22:53 +0100 Subject: [PATCH 02/30] Make psa_hash_compare go through hash_compute It's more efficient when dealing with hardware drivers. Signed-off-by: Steven Cooreman --- library/psa_crypto.c | 29 +++++++++++------------------ 1 file changed, 11 insertions(+), 18 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 84cf32d26..f2c8415f2 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2298,25 +2298,18 @@ psa_status_t psa_hash_compare( psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *hash, size_t hash_length ) { - psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - - status = psa_hash_setup( &operation, alg ); + uint8_t actual_hash[MBEDTLS_MD_MAX_SIZE]; + size_t actual_hash_length; + psa_status_t status = psa_hash_compute( alg, input, input_length, + actual_hash, sizeof(actual_hash), + &actual_hash_length ); if( status != PSA_SUCCESS ) - goto exit; - status = psa_hash_update( &operation, input, input_length ); - if( status != PSA_SUCCESS ) - goto exit; - status = psa_hash_verify( &operation, hash, hash_length ); - if( status != PSA_SUCCESS ) - goto exit; - -exit: - if( status == PSA_SUCCESS ) - status = psa_hash_abort( &operation ); - else - psa_hash_abort( &operation ); - return( status ); + return( status ); + if( actual_hash_length != hash_length ) + return( PSA_ERROR_INVALID_SIGNATURE ); + if( safer_memcmp( hash, actual_hash, actual_hash_length ) != 0 ) + return( PSA_ERROR_INVALID_SIGNATURE ); + return( PSA_SUCCESS ); } psa_status_t psa_hash_clone( const psa_hash_operation_t *source_operation, From 1e58235d8b9c7481096227454ede04ebfb597e64 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Thu, 18 Feb 2021 17:24:37 +0100 Subject: [PATCH 03/30] Dispatch hashing calls through the driver wrapper layer Signed-off-by: Steven Cooreman --- library/psa_crypto.c | 73 +++------ library/psa_crypto_driver_wrappers.c | 217 ++++++++++++++++++++++++++- library/psa_crypto_driver_wrappers.h | 33 ++++ library/psa_crypto_hash.h | 12 ++ 4 files changed, 280 insertions(+), 55 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index f2c8415f2..4824b45a3 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -33,7 +33,6 @@ #include "psa_crypto_invasive.h" #include "psa_crypto_driver_wrappers.h" #include "psa_crypto_ecp.h" -#include "psa_crypto_hash.h" #include "psa_crypto_rsa.h" #include "psa_crypto_ecp.h" #if defined(MBEDTLS_PSA_CRYPTO_SE_C) @@ -2198,20 +2197,7 @@ const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ) psa_status_t psa_hash_abort( psa_hash_operation_t *operation ) { if( operation != NULL ) - { - if( operation->ctx.ctx != NULL ) - { - psa_status_t status = mbedtls_psa_hash_abort( operation->ctx.ctx ); - mbedtls_free( operation->ctx.ctx ); - operation->ctx.ctx = NULL; - return( status ); - } - else - { - // Multiple consequent calls to abort return success - return( PSA_SUCCESS ); - } - } + return( psa_driver_wrapper_hash_abort( &operation->ctx ) ); else return( PSA_ERROR_INVALID_ARGUMENT ); } @@ -2219,20 +2205,10 @@ psa_status_t psa_hash_abort( psa_hash_operation_t *operation ) psa_status_t psa_hash_setup( psa_hash_operation_t *operation, psa_algorithm_t alg ) { - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - if( operation == NULL || !PSA_ALG_IS_HASH( alg ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - /* A context must be freshly initialized before it can be set up. */ - if( operation->ctx.ctx != NULL ) - return( PSA_ERROR_BAD_STATE ); - - operation->ctx.ctx = mbedtls_calloc( 1, sizeof(mbedtls_psa_hash_operation_t) ); - status = mbedtls_psa_hash_setup( operation->ctx.ctx, alg ); - if( status != PSA_SUCCESS ) - psa_hash_abort( operation ); - return( status ); + return( psa_driver_wrapper_hash_setup( &operation->ctx, alg ) ); } psa_status_t psa_hash_update( psa_hash_operation_t *operation, @@ -2241,14 +2217,9 @@ psa_status_t psa_hash_update( psa_hash_operation_t *operation, { if( operation == NULL ) return( PSA_ERROR_INVALID_ARGUMENT ); - if( operation->ctx.ctx == NULL ) - return( PSA_ERROR_BAD_STATE ); - psa_status_t status = mbedtls_psa_hash_update( operation->ctx.ctx, - input, input_length ); - if( status != PSA_SUCCESS ) - psa_hash_abort( operation ); - return( status ); + return( psa_driver_wrapper_hash_update( &operation->ctx, + input, input_length ) ); } psa_status_t psa_hash_finish( psa_hash_operation_t *operation, @@ -2258,11 +2229,10 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation, { if( operation == NULL ) return( PSA_ERROR_INVALID_ARGUMENT ); - if( operation->ctx.ctx == NULL ) - return( PSA_ERROR_BAD_STATE ); - psa_status_t status = mbedtls_psa_hash_finish( operation->ctx.ctx, - hash, hash_size, hash_length ); + psa_status_t status = psa_driver_wrapper_hash_finish( + &operation->ctx, + hash, hash_size, hash_length ); psa_hash_abort( operation ); return( status ); } @@ -2271,11 +2241,15 @@ psa_status_t psa_hash_verify( psa_hash_operation_t *operation, const uint8_t *hash, size_t hash_length ) { + if( operation == NULL ) + return( PSA_ERROR_INVALID_ARGUMENT ); + uint8_t actual_hash[MBEDTLS_MD_MAX_SIZE]; size_t actual_hash_length; - psa_status_t status = psa_hash_finish( operation, - actual_hash, sizeof( actual_hash ), - &actual_hash_length ); + psa_status_t status = psa_driver_wrapper_hash_finish( + &operation->ctx, + actual_hash, sizeof( actual_hash ), + &actual_hash_length ); if( status != PSA_SUCCESS ) return( status ); if( actual_hash_length != hash_length ) @@ -2290,8 +2264,8 @@ psa_status_t psa_hash_compute( psa_algorithm_t alg, uint8_t *hash, size_t hash_size, size_t *hash_length ) { - return( mbedtls_psa_hash_compute( alg, input, input_length, - hash, hash_size, hash_length ) ); + return( psa_driver_wrapper_hash_compute( alg, input, input_length, + hash, hash_size, hash_length ) ); } psa_status_t psa_hash_compare( psa_algorithm_t alg, @@ -2300,9 +2274,10 @@ psa_status_t psa_hash_compare( psa_algorithm_t alg, { uint8_t actual_hash[MBEDTLS_MD_MAX_SIZE]; size_t actual_hash_length; - psa_status_t status = psa_hash_compute( alg, input, input_length, - actual_hash, sizeof(actual_hash), - &actual_hash_length ); + psa_status_t status = psa_driver_wrapper_hash_compute( + alg, input, input_length, + actual_hash, sizeof(actual_hash), + &actual_hash_length ); if( status != PSA_SUCCESS ) return( status ); if( actual_hash_length != hash_length ) @@ -2317,13 +2292,9 @@ psa_status_t psa_hash_clone( const psa_hash_operation_t *source_operation, { if( source_operation == NULL || target_operation == NULL ) return( PSA_ERROR_INVALID_ARGUMENT ); - if( source_operation->ctx.ctx == NULL ) - return( PSA_ERROR_BAD_STATE ); - if( target_operation->ctx.ctx != NULL ) - return( PSA_ERROR_BAD_STATE ); - target_operation->ctx.ctx = mbedtls_calloc(1, sizeof(mbedtls_psa_hash_operation_t)); - return( mbedtls_psa_hash_clone( source_operation->ctx.ctx, target_operation->ctx.ctx ) ); + return( psa_driver_wrapper_hash_clone( &source_operation->ctx, + &target_operation->ctx ) ); } diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 6cf23cef9..72077acd3 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -38,14 +38,17 @@ /* Repeat above block for each JSON-declared driver during autogeneration */ -/* Auto-generated values depending on which drivers are registered. ID 0 is - * reserved for unallocated operations. */ +/* Auto-generated values depending on which drivers are registered. + * ID 0 is reserved for unallocated operations. + * ID 1 is reserved for the Mbed TLS software driver. */ #if defined(PSA_CRYPTO_DRIVER_TEST) -#define PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID (1) -#define PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID (2) +#define PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID (2) +#define PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID (3) #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */ +#define PSA_CRYPTO_MBED_TLS_DRIVER_ID (1) + /* Support the 'old' SE interface when asked to */ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* PSA_CRYPTO_DRIVER_PRESENT is defined when either a new-style or old-style @@ -56,6 +59,9 @@ #include "psa_crypto_se.h" #endif +/* Include software fallback when present */ +#include "psa_crypto_hash.h" + /* Start delegation functions */ psa_status_t psa_driver_wrapper_sign_hash( const psa_key_attributes_t *attributes, @@ -1066,4 +1072,207 @@ psa_status_t psa_driver_wrapper_cipher_abort( #endif /* PSA_CRYPTO_DRIVER_PRESENT */ } +/* + * Hashing functions + */ +psa_status_t psa_driver_wrapper_hash_compute( + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *hash, + size_t hash_size, + size_t *hash_length) +{ + psa_status_t status = PSA_ERROR_NOT_SUPPORTED; + + /* Try accelerators first */ + + /* If software fallback is compiled in, try fallback */ +#if defined(MBEDTLS_PSA_BUILTIN_HASH) + status = mbedtls_psa_hash_compute( alg, input, input_length, + hash, hash_size, hash_length ); + if( status != PSA_ERROR_NOT_SUPPORTED ) + return( status ); +#endif + if( status == PSA_ERROR_NOT_SUPPORTED ) + { + (void) alg; + (void) input; + (void) input_length; + (void) hash; + (void) hash_size; + (void) hash_length; + + return( PSA_ERROR_NOT_SUPPORTED ); + } + return( status ); +} + +psa_status_t psa_driver_wrapper_hash_setup( + psa_operation_driver_context_t *operation, + psa_algorithm_t alg ) +{ + psa_status_t status = PSA_ERROR_NOT_SUPPORTED; + + /* A context must be freshly initialized before it can be set up. */ + if( operation->id != 0 || operation->ctx != NULL ) + return( PSA_ERROR_BAD_STATE ); + + /* Try setup on accelerators first */ + + /* If software fallback is compiled in, try fallback */ +#if defined(MBEDTLS_PSA_BUILTIN_HASH) + operation->ctx = mbedtls_calloc( 1, sizeof(mbedtls_psa_hash_operation_t) ); + status = mbedtls_psa_hash_setup( operation->ctx, alg ); + if( status == PSA_SUCCESS ) + { + operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; + } + else + { + mbedtls_free( operation->ctx ); + operation->ctx = NULL; + operation->id = 0; + } + + if( status != PSA_ERROR_NOT_SUPPORTED ) + return( status ); +#endif + /* Nothing left to try if we fall through here */ + (void) status; + (void) operation; + (void) alg; + return( PSA_ERROR_NOT_SUPPORTED ); +} + +psa_status_t psa_driver_wrapper_hash_clone( + const psa_operation_driver_context_t *source_operation, + psa_operation_driver_context_t *target_operation ) +{ + psa_status_t status = PSA_ERROR_NOT_SUPPORTED; + + if( source_operation->ctx == NULL || source_operation->id == 0 ) + return( PSA_ERROR_BAD_STATE ); + if( target_operation->ctx != NULL || target_operation->id != 0 ) + return( PSA_ERROR_BAD_STATE ); + + switch( source_operation->id ) + { +#if defined(MBEDTLS_PSA_BUILTIN_HASH) + case PSA_CRYPTO_MBED_TLS_DRIVER_ID: + target_operation->ctx = mbedtls_calloc( 1, sizeof(mbedtls_psa_hash_operation_t) ); + if( target_operation->ctx == NULL ) + { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + break; + } + target_operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; + status = mbedtls_psa_hash_clone( source_operation->ctx, + target_operation->ctx ); + break; +#endif + default: + (void) status; + (void) source_operation; + (void) target_operation; + return( PSA_ERROR_BAD_STATE ); + } + + if( status != PSA_SUCCESS ) + psa_driver_wrapper_hash_abort( target_operation ); + return( status ); +} + +psa_status_t psa_driver_wrapper_hash_update( + psa_operation_driver_context_t *operation, + const uint8_t *input, + size_t input_length ) +{ + psa_status_t status = PSA_ERROR_NOT_SUPPORTED; + + if( operation->ctx == NULL || operation->id == 0 ) + return( PSA_ERROR_BAD_STATE ); + + switch( operation->id ) + { +#if defined(MBEDTLS_PSA_BUILTIN_HASH) + case PSA_CRYPTO_MBED_TLS_DRIVER_ID: + status = mbedtls_psa_hash_update( operation->ctx, + input, input_length ); + break; +#endif + default: + (void) status; + (void) operation; + (void) input; + (void) input_length; + return( PSA_ERROR_BAD_STATE ); + } + + if( status != PSA_SUCCESS ) + psa_driver_wrapper_hash_abort( operation ); + return( status ); +} + +psa_status_t psa_driver_wrapper_hash_finish( + psa_operation_driver_context_t *operation, + uint8_t *hash, + size_t hash_size, + size_t *hash_length ) +{ + psa_status_t status = PSA_ERROR_NOT_SUPPORTED; + + if( operation->ctx == NULL || operation->id == 0 ) + return( PSA_ERROR_BAD_STATE ); + + switch( operation->id ) + { +#if defined(MBEDTLS_PSA_BUILTIN_HASH) + case PSA_CRYPTO_MBED_TLS_DRIVER_ID: + status = mbedtls_psa_hash_finish( operation->ctx, + hash, hash_size, hash_length ); + break; +#endif + default: + (void) status; + (void) operation; + (void) hash; + (void) hash_size; + (void) hash_length; + return( PSA_ERROR_BAD_STATE ); + } + + psa_driver_wrapper_hash_abort( operation ); + return( status ); +} + +psa_status_t psa_driver_wrapper_hash_abort( + psa_operation_driver_context_t *operation ) +{ + psa_status_t status = PSA_ERROR_NOT_SUPPORTED; + + switch( operation->id ) + { + case 0: + if( operation->ctx == NULL ) + return( PSA_SUCCESS ); + else + return( PSA_ERROR_BAD_STATE ); +#if defined(MBEDTLS_PSA_BUILTIN_HASH) + case PSA_CRYPTO_MBED_TLS_DRIVER_ID: + if( operation->ctx != NULL ) + { + status = mbedtls_psa_hash_abort( operation->ctx ); + mbedtls_free( operation->ctx ); + operation->ctx = NULL; + } + operation->id = 0; + return( PSA_SUCCESS ); +#endif + default: + (void) status; + return( PSA_ERROR_BAD_STATE ); + } +} + /* End of automatically generated file. */ diff --git a/library/psa_crypto_driver_wrappers.h b/library/psa_crypto_driver_wrappers.h index 22d22d61c..1190a0e1b 100644 --- a/library/psa_crypto_driver_wrappers.h +++ b/library/psa_crypto_driver_wrappers.h @@ -127,6 +127,39 @@ psa_status_t psa_driver_wrapper_cipher_finish( psa_status_t psa_driver_wrapper_cipher_abort( psa_operation_driver_context_t *operation ); +/* + * Hashing functions + */ +psa_status_t psa_driver_wrapper_hash_compute( + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *hash, + size_t hash_size, + size_t *hash_length); + +psa_status_t psa_driver_wrapper_hash_setup( + psa_operation_driver_context_t *operation, + psa_algorithm_t alg ); + +psa_status_t psa_driver_wrapper_hash_clone( + const psa_operation_driver_context_t *source_operation, + psa_operation_driver_context_t *target_operation ); + +psa_status_t psa_driver_wrapper_hash_update( + psa_operation_driver_context_t *operation, + const uint8_t *input, + size_t input_length ); + +psa_status_t psa_driver_wrapper_hash_finish( + psa_operation_driver_context_t *operation, + uint8_t *hash, + size_t hash_size, + size_t *hash_length ); + +psa_status_t psa_driver_wrapper_hash_abort( + psa_operation_driver_context_t *operation ); + #endif /* PSA_CRYPTO_DRIVER_WRAPPERS_H */ /* End of automatically generated file. */ diff --git a/library/psa_crypto_hash.h b/library/psa_crypto_hash.h index 42a8183b3..0181b4e16 100644 --- a/library/psa_crypto_hash.h +++ b/library/psa_crypto_hash.h @@ -30,6 +30,18 @@ #include "mbedtls/sha256.h" #include "mbedtls/sha512.h" +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) +#define MBEDTLS_PSA_BUILTIN_HASH +#endif + typedef struct { psa_algorithm_t alg; From 8e9e407feddb1da61bf30225e8636c8eecdce7c2 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Thu, 4 Mar 2021 11:07:23 +0100 Subject: [PATCH 04/30] Clarify documentation of internal hash software driver interface Signed-off-by: Steven Cooreman --- library/psa_crypto_hash.h | 40 ++++++++++++++++++++++++++++++++------- 1 file changed, 33 insertions(+), 7 deletions(-) diff --git a/library/psa_crypto_hash.h b/library/psa_crypto_hash.h index 0181b4e16..57dadc3dd 100644 --- a/library/psa_crypto_hash.h +++ b/library/psa_crypto_hash.h @@ -75,6 +75,11 @@ typedef struct #define MBEDTLS_PSA_HASH_OPERATION_INIT {0, {0}} /** Calculate the hash (digest) of a message using Mbed TLS routines. + * + * \note The signature of this function is that of a PSA driver hash_compute + * entry point. This function behaves as a hash_compute entry point as + * defined in the PSA driver interface specification for transparent + * drivers. * * \param alg The hash algorithm to compute (\c PSA_ALG_XXX value * such that #PSA_ALG_IS_HASH(\p alg) is true). @@ -89,15 +94,11 @@ typedef struct * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_NOT_SUPPORTED - * \p alg is not supported or is not a hash algorithm. - * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p alg is not supported * \retval #PSA_ERROR_BUFFER_TOO_SMALL * \p hash_size is too small * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY */ psa_status_t mbedtls_psa_hash_compute( psa_algorithm_t alg, @@ -108,6 +109,11 @@ psa_status_t mbedtls_psa_hash_compute( size_t *hash_length); /** Set up a multipart hash operation using Mbed TLS routines. + * + * \note The signature of this function is that of a PSA driver hash_setup + * entry point. This function behaves as a hash_setup entry point as + * defined in the PSA driver interface specification for transparent + * drivers. * * If an error occurs at any step after a call to mbedtls_psa_hash_setup(), the * operation will need to be reset by a call to mbedtls_psa_hash_abort(). The @@ -128,7 +134,7 @@ psa_status_t mbedtls_psa_hash_compute( * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_NOT_SUPPORTED - * \p alg is not a supported hash algorithm. + * \p alg is not supported * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be inactive). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -139,6 +145,11 @@ psa_status_t mbedtls_psa_hash_setup( psa_algorithm_t alg ); /** Clone an Mbed TLS hash operation. + * + * \note The signature of this function is that of a PSA driver hash_clone + * entry point. This function behaves as a hash_clone entry point as + * defined in the PSA driver interface specification for transparent + * drivers. * * This function copies the state of an ongoing hash operation to * a new operation object. In other words, this function is equivalent @@ -166,6 +177,11 @@ psa_status_t mbedtls_psa_hash_clone( mbedtls_psa_hash_operation_t *target_operation ); /** Add a message fragment to a multipart Mbed TLS hash operation. + * + * \note The signature of this function is that of a PSA driver hash_update + * entry point. This function behaves as a hash_update entry point as + * defined in the PSA driver interface specification for transparent + * drivers. * * The application must call mbedtls_psa_hash_setup() before calling this function. * @@ -179,7 +195,7 @@ psa_status_t mbedtls_psa_hash_clone( * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it muct be active). + * The operation state is not valid (it must be active). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_CORRUPTION_DETECTED */ @@ -189,6 +205,11 @@ psa_status_t mbedtls_psa_hash_update( size_t input_length ); /** Finish the calculation of the Mbed TLS-calculated hash of a message. + * + * \note The signature of this function is that of a PSA driver hash_finish + * entry point. This function behaves as a hash_finish entry point as + * defined in the PSA driver interface specification for transparent + * drivers. * * The application must call mbedtls_psa_hash_setup() before calling this function. * This function calculates the hash of the message formed by concatenating @@ -224,6 +245,11 @@ psa_status_t mbedtls_psa_hash_finish( size_t *hash_length ); /** Abort an Mbed TLS hash operation. + * + * \note The signature of this function is that of a PSA driver hash_abort + * entry point. This function behaves as a hash_abort entry point as + * defined in the PSA driver interface specification for transparent + * drivers. * * Aborting an operation frees all associated resources except for the * \p operation structure itself. Once aborted, the operation object From dbf8ceda547401c93fa89ee773f8b47eef0607a6 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Thu, 4 Mar 2021 13:01:18 +0100 Subject: [PATCH 05/30] Change the way driver context structures are used Apparently there's a goal to make the PSA Crypto core free from dynamic memory allocations. Therefore, all driver context structures need to be known at compile time in order for the core to know their final size. This change defines & implements for hashing operations how the context structures get defined. Signed-off-by: Steven Cooreman --- include/psa/crypto_struct.h | 22 +++-- library/psa_crypto.c | 61 +++++++----- library/psa_crypto_driver_wrappers.c | 98 +++---------------- library/psa_crypto_driver_wrappers.h | 12 +-- library/psa_crypto_driver_wrappers_contexts.h | 48 +++++++++ visualc/VS2010/mbedTLS.vcxproj | 1 + 6 files changed, 119 insertions(+), 123 deletions(-) create mode 100644 library/psa_crypto_driver_wrappers_contexts.h diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 1defd9bd7..5d03d110d 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -68,14 +68,9 @@ extern "C" { #include "mbedtls/cipher.h" #include "mbedtls/cmac.h" #include "mbedtls/gcm.h" -#include "mbedtls/md.h" -#include "mbedtls/md2.h" -#include "mbedtls/md4.h" -#include "mbedtls/md5.h" -#include "mbedtls/ripemd160.h" -#include "mbedtls/sha1.h" -#include "mbedtls/sha256.h" -#include "mbedtls/sha512.h" + +/* Include the context definition for the compiled-in drivers */ +#include "../../library/psa_crypto_driver_wrappers_contexts.h" typedef struct { /** Unique ID indicating which driver got assigned to do the @@ -89,10 +84,17 @@ typedef struct { struct psa_hash_operation_s { - psa_operation_driver_context_t ctx; + /** Unique ID indicating which driver got assigned to do the + * operation. Since driver contexts are driver-specific, swapping + * drivers halfway through the operation is not supported. + * ID values are auto-generated in psa_driver_wrappers.h + * ID value zero means the context is not valid or not assigned to + * any driver (i.e. none of the driver contexts are active). */ + unsigned int id; + union psa_driver_hash_context_u ctx; }; -#define PSA_HASH_OPERATION_INIT {{0, 0}} +#define PSA_HASH_OPERATION_INIT {0, {0}} static inline struct psa_hash_operation_s psa_hash_operation_init( void ) { const struct psa_hash_operation_s v = PSA_HASH_OPERATION_INIT; diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 4824b45a3..9c645efb6 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2196,30 +2196,42 @@ const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ) psa_status_t psa_hash_abort( psa_hash_operation_t *operation ) { - if( operation != NULL ) - return( psa_driver_wrapper_hash_abort( &operation->ctx ) ); - else - return( PSA_ERROR_INVALID_ARGUMENT ); + /* Aborting a non-active operation is allowed */ + if( operation->id == 0 ) + return( PSA_SUCCESS ); + + psa_status_t status = psa_driver_wrapper_hash_abort( operation ); + operation->id = 0; + + return( status ); } psa_status_t psa_hash_setup( psa_hash_operation_t *operation, psa_algorithm_t alg ) { - if( operation == NULL || !PSA_ALG_IS_HASH( alg ) ) + /* A context must be freshly initialized before it can be set up. */ + if( operation->id != 0 ) + return( PSA_ERROR_BAD_STATE ); + + if( !PSA_ALG_IS_HASH( alg ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - return( psa_driver_wrapper_hash_setup( &operation->ctx, alg ) ); + return( psa_driver_wrapper_hash_setup( operation, alg ) ); } psa_status_t psa_hash_update( psa_hash_operation_t *operation, const uint8_t *input, size_t input_length ) { - if( operation == NULL ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if( operation->id == 0 ) + return( PSA_ERROR_BAD_STATE ); - return( psa_driver_wrapper_hash_update( &operation->ctx, - input, input_length ) ); + psa_status_t status = psa_driver_wrapper_hash_update( operation, + input, input_length ); + if( status != PSA_SUCCESS ) + psa_hash_abort( operation ); + + return( status ); } psa_status_t psa_hash_finish( psa_hash_operation_t *operation, @@ -2227,12 +2239,11 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation, size_t hash_size, size_t *hash_length ) { - if( operation == NULL ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if( operation->id == 0 ) + return( PSA_ERROR_BAD_STATE ); psa_status_t status = psa_driver_wrapper_hash_finish( - &operation->ctx, - hash, hash_size, hash_length ); + operation, hash, hash_size, hash_length ); psa_hash_abort( operation ); return( status ); } @@ -2241,13 +2252,10 @@ psa_status_t psa_hash_verify( psa_hash_operation_t *operation, const uint8_t *hash, size_t hash_length ) { - if( operation == NULL ) - return( PSA_ERROR_INVALID_ARGUMENT ); - uint8_t actual_hash[MBEDTLS_MD_MAX_SIZE]; size_t actual_hash_length; - psa_status_t status = psa_driver_wrapper_hash_finish( - &operation->ctx, + psa_status_t status = psa_hash_finish( + operation, actual_hash, sizeof( actual_hash ), &actual_hash_length ); if( status != PSA_SUCCESS ) @@ -2290,11 +2298,18 @@ psa_status_t psa_hash_compare( psa_algorithm_t alg, psa_status_t psa_hash_clone( const psa_hash_operation_t *source_operation, psa_hash_operation_t *target_operation ) { - if( source_operation == NULL || target_operation == NULL ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if( source_operation->id == 0 || + target_operation->id != 0 ) + { + return( PSA_ERROR_BAD_STATE ); + } - return( psa_driver_wrapper_hash_clone( &source_operation->ctx, - &target_operation->ctx ) ); + psa_status_t status = psa_driver_wrapper_hash_clone( source_operation, + target_operation ); + if( status != PSA_SUCCESS ) + psa_hash_abort( target_operation ); + + return( status ); } diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 72077acd3..43aa180cb 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -59,9 +59,6 @@ #include "psa_crypto_se.h" #endif -/* Include software fallback when present */ -#include "psa_crypto_hash.h" - /* Start delegation functions */ psa_status_t psa_driver_wrapper_sign_hash( const psa_key_attributes_t *attributes, @@ -1109,31 +1106,18 @@ psa_status_t psa_driver_wrapper_hash_compute( } psa_status_t psa_driver_wrapper_hash_setup( - psa_operation_driver_context_t *operation, + psa_hash_operation_t *operation, psa_algorithm_t alg ) { psa_status_t status = PSA_ERROR_NOT_SUPPORTED; - /* A context must be freshly initialized before it can be set up. */ - if( operation->id != 0 || operation->ctx != NULL ) - return( PSA_ERROR_BAD_STATE ); - /* Try setup on accelerators first */ /* If software fallback is compiled in, try fallback */ #if defined(MBEDTLS_PSA_BUILTIN_HASH) - operation->ctx = mbedtls_calloc( 1, sizeof(mbedtls_psa_hash_operation_t) ); - status = mbedtls_psa_hash_setup( operation->ctx, alg ); + status = mbedtls_psa_hash_setup( &operation->ctx.mbedtls_ctx, alg ); if( status == PSA_SUCCESS ) - { operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; - } - else - { - mbedtls_free( operation->ctx ); - operation->ctx = NULL; - operation->id = 0; - } if( status != PSA_ERROR_NOT_SUPPORTED ) return( status ); @@ -1146,131 +1130,77 @@ psa_status_t psa_driver_wrapper_hash_setup( } psa_status_t psa_driver_wrapper_hash_clone( - const psa_operation_driver_context_t *source_operation, - psa_operation_driver_context_t *target_operation ) + const psa_hash_operation_t *source_operation, + psa_hash_operation_t *target_operation ) { - psa_status_t status = PSA_ERROR_NOT_SUPPORTED; - - if( source_operation->ctx == NULL || source_operation->id == 0 ) - return( PSA_ERROR_BAD_STATE ); - if( target_operation->ctx != NULL || target_operation->id != 0 ) - return( PSA_ERROR_BAD_STATE ); - switch( source_operation->id ) { #if defined(MBEDTLS_PSA_BUILTIN_HASH) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - target_operation->ctx = mbedtls_calloc( 1, sizeof(mbedtls_psa_hash_operation_t) ); - if( target_operation->ctx == NULL ) - { - status = PSA_ERROR_INSUFFICIENT_MEMORY; - break; - } target_operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; - status = mbedtls_psa_hash_clone( source_operation->ctx, - target_operation->ctx ); - break; + return( mbedtls_psa_hash_clone( &source_operation->ctx.mbedtls_ctx, + &target_operation->ctx.mbedtls_ctx ) ); #endif default: - (void) status; (void) source_operation; (void) target_operation; return( PSA_ERROR_BAD_STATE ); } - - if( status != PSA_SUCCESS ) - psa_driver_wrapper_hash_abort( target_operation ); - return( status ); } psa_status_t psa_driver_wrapper_hash_update( - psa_operation_driver_context_t *operation, + psa_hash_operation_t *operation, const uint8_t *input, size_t input_length ) { - psa_status_t status = PSA_ERROR_NOT_SUPPORTED; - - if( operation->ctx == NULL || operation->id == 0 ) - return( PSA_ERROR_BAD_STATE ); - switch( operation->id ) { #if defined(MBEDTLS_PSA_BUILTIN_HASH) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - status = mbedtls_psa_hash_update( operation->ctx, - input, input_length ); - break; + return( mbedtls_psa_hash_update( &operation->ctx.mbedtls_ctx, + input, input_length ) ); #endif default: - (void) status; (void) operation; (void) input; (void) input_length; return( PSA_ERROR_BAD_STATE ); } - - if( status != PSA_SUCCESS ) - psa_driver_wrapper_hash_abort( operation ); - return( status ); } psa_status_t psa_driver_wrapper_hash_finish( - psa_operation_driver_context_t *operation, + psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, size_t *hash_length ) { - psa_status_t status = PSA_ERROR_NOT_SUPPORTED; - - if( operation->ctx == NULL || operation->id == 0 ) - return( PSA_ERROR_BAD_STATE ); - switch( operation->id ) { #if defined(MBEDTLS_PSA_BUILTIN_HASH) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - status = mbedtls_psa_hash_finish( operation->ctx, - hash, hash_size, hash_length ); + return( mbedtls_psa_hash_finish( &operation->ctx.mbedtls_ctx, + hash, hash_size, hash_length ) ); break; #endif default: - (void) status; (void) operation; (void) hash; (void) hash_size; (void) hash_length; return( PSA_ERROR_BAD_STATE ); } - - psa_driver_wrapper_hash_abort( operation ); - return( status ); } psa_status_t psa_driver_wrapper_hash_abort( - psa_operation_driver_context_t *operation ) + psa_hash_operation_t *operation ) { - psa_status_t status = PSA_ERROR_NOT_SUPPORTED; - switch( operation->id ) { - case 0: - if( operation->ctx == NULL ) - return( PSA_SUCCESS ); - else - return( PSA_ERROR_BAD_STATE ); #if defined(MBEDTLS_PSA_BUILTIN_HASH) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - if( operation->ctx != NULL ) - { - status = mbedtls_psa_hash_abort( operation->ctx ); - mbedtls_free( operation->ctx ); - operation->ctx = NULL; - } - operation->id = 0; - return( PSA_SUCCESS ); + return( mbedtls_psa_hash_abort( &operation->ctx.mbedtls_ctx ) ); #endif default: - (void) status; return( PSA_ERROR_BAD_STATE ); } } diff --git a/library/psa_crypto_driver_wrappers.h b/library/psa_crypto_driver_wrappers.h index 1190a0e1b..dd7c6c7a1 100644 --- a/library/psa_crypto_driver_wrappers.h +++ b/library/psa_crypto_driver_wrappers.h @@ -139,26 +139,26 @@ psa_status_t psa_driver_wrapper_hash_compute( size_t *hash_length); psa_status_t psa_driver_wrapper_hash_setup( - psa_operation_driver_context_t *operation, + psa_hash_operation_t *operation, psa_algorithm_t alg ); psa_status_t psa_driver_wrapper_hash_clone( - const psa_operation_driver_context_t *source_operation, - psa_operation_driver_context_t *target_operation ); + const psa_hash_operation_t *source_operation, + psa_hash_operation_t *target_operation ); psa_status_t psa_driver_wrapper_hash_update( - psa_operation_driver_context_t *operation, + psa_hash_operation_t *operation, const uint8_t *input, size_t input_length ); psa_status_t psa_driver_wrapper_hash_finish( - psa_operation_driver_context_t *operation, + psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, size_t *hash_length ); psa_status_t psa_driver_wrapper_hash_abort( - psa_operation_driver_context_t *operation ); + psa_hash_operation_t *operation ); #endif /* PSA_CRYPTO_DRIVER_WRAPPERS_H */ diff --git a/library/psa_crypto_driver_wrappers_contexts.h b/library/psa_crypto_driver_wrappers_contexts.h new file mode 100644 index 000000000..9bb79664a --- /dev/null +++ b/library/psa_crypto_driver_wrappers_contexts.h @@ -0,0 +1,48 @@ +/* + * Declaration of context structures for use with the PSA driver wrapper + * interface. + * + * Warning: This file will be auto-generated in the future. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PSA_CRYPTO_DRIVER_WRAPPERS_CONTEXTS_H +#define PSA_CRYPTO_DRIVER_WRAPPERS_CONTEXTS_H + +#include "psa/crypto.h" +#include "psa/crypto_driver_common.h" + +/* Include all structure definitions for the drivers that have been included + * during the auto-generation of this file (autogeneration not yet in place) */ + +/* Include the structure definitions for the mbed TLS software drivers */ +#include "psa_crypto_hash.h" + +/* Define the context to be used for an operation that is executed through the + * PSA Driver wrapper layer as the union of all possible driver's contexts. + * + * The union members are the driver's context structures, and the member names + * are formatted as `'drivername'_ctx`. This allows for procedural generation + * of both this file and the content of psa_crypto_driver_wrappers.c */ + +union psa_driver_hash_context_u { + unsigned dummy; /* Make sure this structure is always non-empty */ + mbedtls_psa_hash_operation_t mbedtls_ctx; +}; + +#endif /* PSA_CRYPTO_DRIVER_WRAPPERS_CONTEXTS_H */ +/* End of automatically generated file. */ diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index a80671e11..c4ec8b674 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -250,6 +250,7 @@ + From c8288354a210c7908d603a2507082dce96a57a5a Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Thu, 4 Mar 2021 14:02:19 +0100 Subject: [PATCH 06/30] move hash update zero-length-input check back into the core Signed-off-by: Steven Cooreman --- library/psa_crypto.c | 5 +++++ library/psa_crypto_hash.c | 5 ----- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 9c645efb6..c5f9601f8 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2226,6 +2226,11 @@ psa_status_t psa_hash_update( psa_hash_operation_t *operation, if( operation->id == 0 ) return( PSA_ERROR_BAD_STATE ); + /* Don't require hash implementations to behave correctly on a + * zero-length input, which may have an invalid pointer. */ + if( input_length == 0 ) + return( PSA_SUCCESS ); + psa_status_t status = psa_driver_wrapper_hash_update( operation, input, input_length ); if( status != PSA_SUCCESS ) diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index deb13c215..8ac21d0cb 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -216,11 +216,6 @@ psa_status_t mbedtls_psa_hash_update( { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - /* Don't require hash implementations to behave correctly on a - * zero-length input, which may have an invalid pointer. */ - if( input_length == 0 ) - return( PSA_SUCCESS ); - switch( operation->alg ) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) From f763810e58b491506048cb155fd54302d06f47da Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Thu, 4 Mar 2021 15:14:36 +0100 Subject: [PATCH 07/30] Add test driver for hash operations Signed-off-by: Steven Cooreman --- library/psa_crypto_driver_wrappers.c | 34 ++++ library/psa_crypto_driver_wrappers_contexts.h | 6 + library/psa_crypto_hash.c | 175 ++++++++++++++++++ tests/include/test/drivers/hash.h | 69 +++++++ tests/include/test/drivers/test_driver.h | 1 + visualc/VS2010/mbedTLS.vcxproj | 1 + 6 files changed, 286 insertions(+) create mode 100644 tests/include/test/drivers/hash.h diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 43aa180cb..81a7d4dc2 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -1083,6 +1083,12 @@ psa_status_t psa_driver_wrapper_hash_compute( psa_status_t status = PSA_ERROR_NOT_SUPPORTED; /* Try accelerators first */ +#if defined(PSA_CRYPTO_DRIVER_TEST) + status = test_transparent_hash_compute( alg, input, input_length, + hash, hash_size, hash_length ); + if( status != PSA_ERROR_NOT_SUPPORTED ) + return( status ); +#endif /* If software fallback is compiled in, try fallback */ #if defined(MBEDTLS_PSA_BUILTIN_HASH) @@ -1112,6 +1118,14 @@ psa_status_t psa_driver_wrapper_hash_setup( psa_status_t status = PSA_ERROR_NOT_SUPPORTED; /* Try setup on accelerators first */ +#if defined(PSA_CRYPTO_DRIVER_TEST) + status = test_transparent_hash_setup( &operation->ctx.test_ctx, alg ); + if( status == PSA_SUCCESS ) + operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; + + if( status != PSA_ERROR_NOT_SUPPORTED ) + return( status ); +#endif /* If software fallback is compiled in, try fallback */ #if defined(MBEDTLS_PSA_BUILTIN_HASH) @@ -1135,6 +1149,12 @@ psa_status_t psa_driver_wrapper_hash_clone( { switch( source_operation->id ) { +#if defined(PSA_CRYPTO_DRIVER_TEST) + case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: + target_operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; + return( test_transparent_hash_clone( &source_operation->ctx.test_ctx, + &target_operation->ctx.test_ctx ) ); +#endif #if defined(MBEDTLS_PSA_BUILTIN_HASH) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: target_operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; @@ -1155,6 +1175,11 @@ psa_status_t psa_driver_wrapper_hash_update( { switch( operation->id ) { +#if defined(PSA_CRYPTO_DRIVER_TEST) + case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: + return( test_transparent_hash_update( &operation->ctx.test_ctx, + input, input_length ) ); +#endif #if defined(MBEDTLS_PSA_BUILTIN_HASH) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: return( mbedtls_psa_hash_update( &operation->ctx.mbedtls_ctx, @@ -1176,6 +1201,11 @@ psa_status_t psa_driver_wrapper_hash_finish( { switch( operation->id ) { +#if defined(PSA_CRYPTO_DRIVER_TEST) + case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: + return( test_transparent_hash_finish( &operation->ctx.test_ctx, + hash, hash_size, hash_length ) ); +#endif #if defined(MBEDTLS_PSA_BUILTIN_HASH) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: return( mbedtls_psa_hash_finish( &operation->ctx.mbedtls_ctx, @@ -1196,6 +1226,10 @@ psa_status_t psa_driver_wrapper_hash_abort( { switch( operation->id ) { +#if defined(PSA_CRYPTO_DRIVER_TEST) + case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: + return( test_transparent_hash_abort( &operation->ctx.test_ctx ) ); +#endif #if defined(MBEDTLS_PSA_BUILTIN_HASH) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: return( mbedtls_psa_hash_abort( &operation->ctx.mbedtls_ctx ) ); diff --git a/library/psa_crypto_driver_wrappers_contexts.h b/library/psa_crypto_driver_wrappers_contexts.h index 9bb79664a..db4153c4d 100644 --- a/library/psa_crypto_driver_wrappers_contexts.h +++ b/library/psa_crypto_driver_wrappers_contexts.h @@ -28,6 +28,9 @@ /* Include all structure definitions for the drivers that have been included * during the auto-generation of this file (autogeneration not yet in place) */ +#if defined(PSA_CRYPTO_DRIVER_TEST) +#include "test/drivers/test_driver.h" +#endif /* Include the structure definitions for the mbed TLS software drivers */ #include "psa_crypto_hash.h" @@ -42,6 +45,9 @@ union psa_driver_hash_context_u { unsigned dummy; /* Make sure this structure is always non-empty */ mbedtls_psa_hash_operation_t mbedtls_ctx; +#if defined(PSA_CRYPTO_DRIVER_TEST) + test_transparent_hash_operation_t test_ctx; +#endif }; #endif /* PSA_CRYPTO_DRIVER_WRAPPERS_CONTEXTS_H */ diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index 8ac21d0cb..bd3b57e6e 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -434,4 +434,179 @@ psa_status_t mbedtls_psa_hash_abort( return( PSA_SUCCESS ); } + /* + * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. + */ +#if defined(PSA_CRYPTO_DRIVER_TEST) + +#if defined(MBEDTLS_PSA_ACCEL_ALG_MD2) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_MD4) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_MD5) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) +#define INCLUDE_HASH_TEST_DRIVER +#endif + +#if defined(INCLUDE_HASH_TEST_DRIVER) +psa_status_t is_hash_accelerated( psa_algorithm_t alg ) +{ + switch( alg ) + { +#if defined(MBEDTLS_PSA_ACCEL_ALG_MD2) + case PSA_ALG_MD2: + return( PSA_SUCCESS ); +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_MD4) + case PSA_ALG_MD4: + return( PSA_SUCCESS ); +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_MD5) + case PSA_ALG_MD5: + return( PSA_SUCCESS ); +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) + case PSA_ALG_RIPEMD160: + return( PSA_SUCCESS ); +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) + case PSA_ALG_SHA_1: + return( PSA_SUCCESS ); +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) + case PSA_ALG_SHA_224: + return( PSA_SUCCESS ); +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) + case PSA_ALG_SHA_256: + return( PSA_SUCCESS ); +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) + case PSA_ALG_SHA_384: + return( PSA_SUCCESS ); +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) + case PSA_ALG_SHA_512: + return( PSA_SUCCESS ); +#endif + default: + return( PSA_ERROR_NOT_SUPPORTED ); + } +} +#endif /* INCLUDE_HASH_TEST_DRIVER */ + +psa_status_t test_transparent_hash_compute( + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *hash, + size_t hash_size, + size_t *hash_length) +{ +#if defined(INCLUDE_HASH_TEST_DRIVER) + if( is_hash_accelerated( alg ) == PSA_SUCCESS ) + return( mbedtls_psa_hash_compute( alg, input, input_length, + hash, hash_size, hash_length ) ); + else + return( PSA_ERROR_NOT_SUPPORTED ); +#else + (void) alg; + (void) input; + (void) input_length; + (void) hash; + (void) hash_size; + (void) hash_length; + return( PSA_ERROR_NOT_SUPPORTED ); +#endif +} + +psa_status_t test_transparent_hash_setup( + test_transparent_hash_operation_t *operation, + psa_algorithm_t alg ) +{ +#if defined(INCLUDE_HASH_TEST_DRIVER) + if( is_hash_accelerated( alg ) == PSA_SUCCESS ) + return( mbedtls_psa_hash_setup( &operation->operation, alg ) ); + else + return( PSA_ERROR_NOT_SUPPORTED ); +#else + (void) alg; + (void) operation; + return( PSA_ERROR_NOT_SUPPORTED ); +#endif +} + +psa_status_t test_transparent_hash_clone( + const test_transparent_hash_operation_t *source_operation, + test_transparent_hash_operation_t *target_operation ) +{ +#if defined(INCLUDE_HASH_TEST_DRIVER) + if( is_hash_accelerated( source_operation->operation.alg ) == PSA_SUCCESS ) + return( mbedtls_psa_hash_clone( &source_operation->operation, + &target_operation->operation ) ); + else + return( PSA_ERROR_BAD_STATE ); +#else + (void) source_operation; + (void) target_operation; + return( PSA_ERROR_NOT_SUPPORTED ); +#endif +} + +psa_status_t test_transparent_hash_update( + test_transparent_hash_operation_t *operation, + const uint8_t *input, + size_t input_length ) +{ +#if defined(INCLUDE_HASH_TEST_DRIVER) + if( is_hash_accelerated( operation->operation.alg ) == PSA_SUCCESS ) + return( mbedtls_psa_hash_update( &operation->operation, + input, input_length ) ); + else + return( PSA_ERROR_BAD_STATE ); +#else + (void) operation; + (void) input; + (void) input_length; + return( PSA_ERROR_NOT_SUPPORTED ); +#endif +} + +psa_status_t test_transparent_hash_finish( + test_transparent_hash_operation_t *operation, + uint8_t *hash, + size_t hash_size, + size_t *hash_length ) +{ +#if defined(INCLUDE_HASH_TEST_DRIVER) + if( is_hash_accelerated( operation->operation.alg ) == PSA_SUCCESS ) + return( mbedtls_psa_hash_finish( &operation->operation, + hash, hash_size, hash_length ) ); + else + return( PSA_ERROR_BAD_STATE ); +#else + (void) operation; + (void) hash; + (void) hash_size; + (void) hash_length; + return( PSA_ERROR_NOT_SUPPORTED ); +#endif +} + +psa_status_t test_transparent_hash_abort( + test_transparent_hash_operation_t *operation ) +{ +#if defined(INCLUDE_HASH_TEST_DRIVER) + return( mbedtls_psa_hash_abort( &operation->operation ) ); +#else + (void) operation; + return( PSA_ERROR_NOT_SUPPORTED ); +#endif +} + +#endif /* PSA_CRYPTO_DRIVER_TEST */ + #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/tests/include/test/drivers/hash.h b/tests/include/test/drivers/hash.h new file mode 100644 index 000000000..45c770c81 --- /dev/null +++ b/tests/include/test/drivers/hash.h @@ -0,0 +1,69 @@ +/* + * Test driver for hash functions + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PSA_CRYPTO_TEST_DRIVERS_HASH_H +#define PSA_CRYPTO_TEST_DRIVERS_HASH_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(PSA_CRYPTO_DRIVER_TEST) +/* Include path is relative to the tests/include folder, which is the base + * include path for including this (hash.h) test driver header. */ +#include "../../library/psa_crypto_hash.h" + +typedef struct { + mbedtls_psa_hash_operation_t operation; +} test_transparent_hash_operation_t; + +psa_status_t test_transparent_hash_compute( + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *hash, + size_t hash_size, + size_t *hash_length); + +psa_status_t test_transparent_hash_setup( + test_transparent_hash_operation_t *operation, + psa_algorithm_t alg ); + +psa_status_t test_transparent_hash_clone( + const test_transparent_hash_operation_t *source_operation, + test_transparent_hash_operation_t *target_operation ); + +psa_status_t test_transparent_hash_update( + test_transparent_hash_operation_t *operation, + const uint8_t *input, + size_t input_length ); + +psa_status_t test_transparent_hash_finish( + test_transparent_hash_operation_t *operation, + uint8_t *hash, + size_t hash_size, + size_t *hash_length ); + +psa_status_t test_transparent_hash_abort( + test_transparent_hash_operation_t *operation ); + +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_TEST_DRIVERS_HASH_H */ diff --git a/tests/include/test/drivers/test_driver.h b/tests/include/test/drivers/test_driver.h index f26b795dd..8783924b8 100644 --- a/tests/include/test/drivers/test_driver.h +++ b/tests/include/test/drivers/test_driver.h @@ -26,5 +26,6 @@ #include "test/drivers/key_management.h" #include "test/drivers/cipher.h" #include "test/drivers/size.h" +#include "test/drivers/hash.h" #endif /* PSA_CRYPTO_TEST_DRIVER_H */ diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index c4ec8b674..7322cc76d 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -242,6 +242,7 @@ + From b1777312dad14b7b87f458b757c34fa0fc6470f7 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Thu, 4 Mar 2021 15:22:38 +0100 Subject: [PATCH 08/30] Make the driver context union a defined type Signed-off-by: Steven Cooreman --- include/psa/crypto_struct.h | 2 +- library/psa_crypto_driver_wrappers_contexts.h | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 5d03d110d..f22ed50c6 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -91,7 +91,7 @@ struct psa_hash_operation_s * ID value zero means the context is not valid or not assigned to * any driver (i.e. none of the driver contexts are active). */ unsigned int id; - union psa_driver_hash_context_u ctx; + psa_driver_hash_context_t ctx; }; #define PSA_HASH_OPERATION_INIT {0, {0}} diff --git a/library/psa_crypto_driver_wrappers_contexts.h b/library/psa_crypto_driver_wrappers_contexts.h index db4153c4d..8cc21a287 100644 --- a/library/psa_crypto_driver_wrappers_contexts.h +++ b/library/psa_crypto_driver_wrappers_contexts.h @@ -42,13 +42,13 @@ * are formatted as `'drivername'_ctx`. This allows for procedural generation * of both this file and the content of psa_crypto_driver_wrappers.c */ -union psa_driver_hash_context_u { +typedef union { unsigned dummy; /* Make sure this structure is always non-empty */ mbedtls_psa_hash_operation_t mbedtls_ctx; #if defined(PSA_CRYPTO_DRIVER_TEST) test_transparent_hash_operation_t test_ctx; #endif -}; +} psa_driver_hash_context_t; #endif /* PSA_CRYPTO_DRIVER_WRAPPERS_CONTEXTS_H */ /* End of automatically generated file. */ From 5adf52c72deaeaab74ba87969d00607d8d39f99e Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Thu, 4 Mar 2021 18:09:49 +0100 Subject: [PATCH 09/30] Correctly void potentially unused arguments Signed-off-by: Steven Cooreman --- library/psa_crypto_hash.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index bd3b57e6e..cd0d15ee0 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -202,6 +202,8 @@ psa_status_t mbedtls_psa_hash_clone( break; #endif default: + (void) source_operation; + (void) target_operation; return( PSA_ERROR_NOT_SUPPORTED ); } @@ -273,7 +275,8 @@ psa_status_t mbedtls_psa_hash_update( break; #endif default: - (void)input; + (void) input; + (void) input_length; return( PSA_ERROR_BAD_STATE ); } @@ -355,6 +358,7 @@ psa_status_t mbedtls_psa_hash_finish( break; #endif default: + (void) hash; return( PSA_ERROR_BAD_STATE ); } status = mbedtls_to_psa_error( ret ); From 0eeb794a2ec6750fd844cb25d28102c48fbcbfd4 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Mon, 8 Mar 2021 12:13:21 +0100 Subject: [PATCH 10/30] Initialize status with CORRUPTION_DETECTED and update fallthrough Signed-off-by: Steven Cooreman --- library/psa_crypto_driver_wrappers.c | 23 ++++++++++------------- 1 file changed, 10 insertions(+), 13 deletions(-) diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 81a7d4dc2..7bb0185dd 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -1080,7 +1080,7 @@ psa_status_t psa_driver_wrapper_hash_compute( size_t hash_size, size_t *hash_length) { - psa_status_t status = PSA_ERROR_NOT_SUPPORTED; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; /* Try accelerators first */ #if defined(PSA_CRYPTO_DRIVER_TEST) @@ -1097,25 +1097,22 @@ psa_status_t psa_driver_wrapper_hash_compute( if( status != PSA_ERROR_NOT_SUPPORTED ) return( status ); #endif - if( status == PSA_ERROR_NOT_SUPPORTED ) - { - (void) alg; - (void) input; - (void) input_length; - (void) hash; - (void) hash_size; - (void) hash_length; + (void) status; + (void) alg; + (void) input; + (void) input_length; + (void) hash; + (void) hash_size; + (void) hash_length; - return( PSA_ERROR_NOT_SUPPORTED ); - } - return( status ); + return( PSA_ERROR_NOT_SUPPORTED ); } psa_status_t psa_driver_wrapper_hash_setup( psa_hash_operation_t *operation, psa_algorithm_t alg ) { - psa_status_t status = PSA_ERROR_NOT_SUPPORTED; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; /* Try setup on accelerators first */ #if defined(PSA_CRYPTO_DRIVER_TEST) From 4f7d0586e1df83d987e00b17fad182ae3bbf15bb Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Mon, 8 Mar 2021 13:59:42 +0100 Subject: [PATCH 11/30] Setup internal dependency macros for software hash driver Signed-off-by: Steven Cooreman --- library/psa_crypto_hash.c | 129 +++++++++++++++++++++++++------------- 1 file changed, 84 insertions(+), 45 deletions(-) diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index cd0d15ee0..9a9dd0997 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -29,6 +29,45 @@ #include #include +/* Use builtin defines specific to this compilation unit, since the test driver + * relies on this software driver. */ +#if( defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) || \ + ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_MD2) ) ) +#define BUILTIN_ALG_MD2 1 +#endif +#if( defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) || \ + ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_MD4) ) ) +#define BUILTIN_ALG_MD4 1 +#endif +#if( defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) || \ + ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_MD5) ) ) +#define BUILTIN_ALG_MD5 1 +#endif +#if( defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) || \ + ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) ) ) +#define BUILTIN_ALG_RIPEMD160 1 +#endif +#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) || \ + ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) ) ) +#define BUILTIN_ALG_SHA_1 1 +#endif +#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) || \ + ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) ) ) +#define BUILTIN_ALG_SHA_224 1 +#endif +#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \ + ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) ) ) +#define BUILTIN_ALG_SHA_256 1 +#endif +#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) || \ + ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) ) ) +#define BUILTIN_ALG_SHA_384 1 +#endif +#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \ + ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) ) ) +#define BUILTIN_ALG_SHA_512 1 +#endif + psa_status_t mbedtls_psa_hash_compute( psa_algorithm_t alg, const uint8_t *input, @@ -73,55 +112,55 @@ psa_status_t mbedtls_psa_hash_setup( switch( alg ) { -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) +#if defined(BUILTIN_ALG_MD2) case PSA_ALG_MD2: mbedtls_md2_init( &operation->ctx.md2 ); ret = mbedtls_md2_starts_ret( &operation->ctx.md2 ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) +#if defined(BUILTIN_ALG_MD4) case PSA_ALG_MD4: mbedtls_md4_init( &operation->ctx.md4 ); ret = mbedtls_md4_starts_ret( &operation->ctx.md4 ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) +#if defined(BUILTIN_ALG_MD5) case PSA_ALG_MD5: mbedtls_md5_init( &operation->ctx.md5 ); ret = mbedtls_md5_starts_ret( &operation->ctx.md5 ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) +#if defined(BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: mbedtls_ripemd160_init( &operation->ctx.ripemd160 ); ret = mbedtls_ripemd160_starts_ret( &operation->ctx.ripemd160 ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) +#if defined(BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: mbedtls_sha1_init( &operation->ctx.sha1 ); ret = mbedtls_sha1_starts_ret( &operation->ctx.sha1 ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) +#if defined(BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: mbedtls_sha256_init( &operation->ctx.sha256 ); ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 1 ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) +#if defined(BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: mbedtls_sha256_init( &operation->ctx.sha256 ); ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 0 ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) +#if defined(BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: mbedtls_sha512_init( &operation->ctx.sha512 ); ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 1 ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) +#if defined(BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: mbedtls_sha512_init( &operation->ctx.sha512 ); ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 0 ); @@ -147,55 +186,55 @@ psa_status_t mbedtls_psa_hash_clone( { case 0: return( PSA_ERROR_BAD_STATE ); -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) +#if defined(BUILTIN_ALG_MD2) case PSA_ALG_MD2: mbedtls_md2_clone( &target_operation->ctx.md2, &source_operation->ctx.md2 ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) +#if defined(BUILTIN_ALG_MD4) case PSA_ALG_MD4: mbedtls_md4_clone( &target_operation->ctx.md4, &source_operation->ctx.md4 ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) +#if defined(BUILTIN_ALG_MD5) case PSA_ALG_MD5: mbedtls_md5_clone( &target_operation->ctx.md5, &source_operation->ctx.md5 ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) +#if defined(BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: mbedtls_ripemd160_clone( &target_operation->ctx.ripemd160, &source_operation->ctx.ripemd160 ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) +#if defined(BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: mbedtls_sha1_clone( &target_operation->ctx.sha1, &source_operation->ctx.sha1 ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) +#if defined(BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: mbedtls_sha256_clone( &target_operation->ctx.sha256, &source_operation->ctx.sha256 ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) +#if defined(BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: mbedtls_sha256_clone( &target_operation->ctx.sha256, &source_operation->ctx.sha256 ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) +#if defined(BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: mbedtls_sha512_clone( &target_operation->ctx.sha512, &source_operation->ctx.sha512 ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) +#if defined(BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: mbedtls_sha512_clone( &target_operation->ctx.sha512, &source_operation->ctx.sha512 ); @@ -220,55 +259,55 @@ psa_status_t mbedtls_psa_hash_update( switch( operation->alg ) { -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) +#if defined(BUILTIN_ALG_MD2) case PSA_ALG_MD2: ret = mbedtls_md2_update_ret( &operation->ctx.md2, input, input_length ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) +#if defined(BUILTIN_ALG_MD4) case PSA_ALG_MD4: ret = mbedtls_md4_update_ret( &operation->ctx.md4, input, input_length ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) +#if defined(BUILTIN_ALG_MD5) case PSA_ALG_MD5: ret = mbedtls_md5_update_ret( &operation->ctx.md5, input, input_length ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) +#if defined(BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: ret = mbedtls_ripemd160_update_ret( &operation->ctx.ripemd160, input, input_length ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) +#if defined(BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: ret = mbedtls_sha1_update_ret( &operation->ctx.sha1, input, input_length ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) +#if defined(BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: ret = mbedtls_sha256_update_ret( &operation->ctx.sha256, input, input_length ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) +#if defined(BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: ret = mbedtls_sha256_update_ret( &operation->ctx.sha256, input, input_length ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) +#if defined(BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: ret = mbedtls_sha512_update_ret( &operation->ctx.sha512, input, input_length ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) +#if defined(BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: ret = mbedtls_sha512_update_ret( &operation->ctx.sha512, input, input_length ); @@ -312,47 +351,47 @@ psa_status_t mbedtls_psa_hash_finish( switch( operation->alg ) { -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) +#if defined(BUILTIN_ALG_MD2) case PSA_ALG_MD2: ret = mbedtls_md2_finish_ret( &operation->ctx.md2, hash ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) +#if defined(BUILTIN_ALG_MD4) case PSA_ALG_MD4: ret = mbedtls_md4_finish_ret( &operation->ctx.md4, hash ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) +#if defined(BUILTIN_ALG_MD5) case PSA_ALG_MD5: ret = mbedtls_md5_finish_ret( &operation->ctx.md5, hash ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) +#if defined(BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: ret = mbedtls_ripemd160_finish_ret( &operation->ctx.ripemd160, hash ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) +#if defined(BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: ret = mbedtls_sha1_finish_ret( &operation->ctx.sha1, hash ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) +#if defined(BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) +#if defined(BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) +#if defined(BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) +#if defined(BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash ); break; @@ -386,47 +425,47 @@ psa_status_t mbedtls_psa_hash_abort( * in use. It's ok to call abort on such an object, and there's * nothing to do. */ break; -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) +#if defined(BUILTIN_ALG_MD2) case PSA_ALG_MD2: mbedtls_md2_free( &operation->ctx.md2 ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) +#if defined(BUILTIN_ALG_MD4) case PSA_ALG_MD4: mbedtls_md4_free( &operation->ctx.md4 ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) +#if defined(BUILTIN_ALG_MD5) case PSA_ALG_MD5: mbedtls_md5_free( &operation->ctx.md5 ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) +#if defined(BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: mbedtls_ripemd160_free( &operation->ctx.ripemd160 ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) +#if defined(BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: mbedtls_sha1_free( &operation->ctx.sha1 ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) +#if defined(BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: mbedtls_sha256_free( &operation->ctx.sha256 ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) +#if defined(BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: mbedtls_sha256_free( &operation->ctx.sha256 ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) +#if defined(BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: mbedtls_sha512_free( &operation->ctx.sha512 ); break; #endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) +#if defined(BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: mbedtls_sha512_free( &operation->ctx.sha512 ); break; From d029b60770e45127101fb6c37d4921e322375d66 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Mon, 8 Mar 2021 16:16:53 +0100 Subject: [PATCH 12/30] Move test driver hash function declarations to software driver Signed-off-by: Steven Cooreman --- library/psa_crypto_hash.h | 41 ++++++++++++++ tests/include/test/drivers/hash.h | 69 ------------------------ tests/include/test/drivers/test_driver.h | 1 - visualc/VS2010/mbedTLS.vcxproj | 1 - 4 files changed, 41 insertions(+), 71 deletions(-) delete mode 100644 tests/include/test/drivers/hash.h diff --git a/library/psa_crypto_hash.h b/library/psa_crypto_hash.h index 57dadc3dd..ed528ab4c 100644 --- a/library/psa_crypto_hash.h +++ b/library/psa_crypto_hash.h @@ -271,4 +271,45 @@ psa_status_t mbedtls_psa_hash_finish( psa_status_t mbedtls_psa_hash_abort( mbedtls_psa_hash_operation_t *operation ); +/* + * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. + */ + +#if defined(PSA_CRYPTO_DRIVER_TEST) +typedef struct { + mbedtls_psa_hash_operation_t operation; +} test_transparent_hash_operation_t; + +psa_status_t test_transparent_hash_compute( + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *hash, + size_t hash_size, + size_t *hash_length); + +psa_status_t test_transparent_hash_setup( + test_transparent_hash_operation_t *operation, + psa_algorithm_t alg ); + +psa_status_t test_transparent_hash_clone( + const test_transparent_hash_operation_t *source_operation, + test_transparent_hash_operation_t *target_operation ); + +psa_status_t test_transparent_hash_update( + test_transparent_hash_operation_t *operation, + const uint8_t *input, + size_t input_length ); + +psa_status_t test_transparent_hash_finish( + test_transparent_hash_operation_t *operation, + uint8_t *hash, + size_t hash_size, + size_t *hash_length ); + +psa_status_t test_transparent_hash_abort( + test_transparent_hash_operation_t *operation ); + +#endif /* PSA_CRYPTO_DRIVER_TEST */ + #endif /* PSA_CRYPTO_HASH_H */ diff --git a/tests/include/test/drivers/hash.h b/tests/include/test/drivers/hash.h deleted file mode 100644 index 45c770c81..000000000 --- a/tests/include/test/drivers/hash.h +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Test driver for hash functions - */ -/* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef PSA_CRYPTO_TEST_DRIVERS_HASH_H -#define PSA_CRYPTO_TEST_DRIVERS_HASH_H - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(PSA_CRYPTO_DRIVER_TEST) -/* Include path is relative to the tests/include folder, which is the base - * include path for including this (hash.h) test driver header. */ -#include "../../library/psa_crypto_hash.h" - -typedef struct { - mbedtls_psa_hash_operation_t operation; -} test_transparent_hash_operation_t; - -psa_status_t test_transparent_hash_compute( - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *hash, - size_t hash_size, - size_t *hash_length); - -psa_status_t test_transparent_hash_setup( - test_transparent_hash_operation_t *operation, - psa_algorithm_t alg ); - -psa_status_t test_transparent_hash_clone( - const test_transparent_hash_operation_t *source_operation, - test_transparent_hash_operation_t *target_operation ); - -psa_status_t test_transparent_hash_update( - test_transparent_hash_operation_t *operation, - const uint8_t *input, - size_t input_length ); - -psa_status_t test_transparent_hash_finish( - test_transparent_hash_operation_t *operation, - uint8_t *hash, - size_t hash_size, - size_t *hash_length ); - -psa_status_t test_transparent_hash_abort( - test_transparent_hash_operation_t *operation ); - -#endif /* PSA_CRYPTO_DRIVER_TEST */ -#endif /* PSA_CRYPTO_TEST_DRIVERS_HASH_H */ diff --git a/tests/include/test/drivers/test_driver.h b/tests/include/test/drivers/test_driver.h index 8783924b8..f26b795dd 100644 --- a/tests/include/test/drivers/test_driver.h +++ b/tests/include/test/drivers/test_driver.h @@ -26,6 +26,5 @@ #include "test/drivers/key_management.h" #include "test/drivers/cipher.h" #include "test/drivers/size.h" -#include "test/drivers/hash.h" #endif /* PSA_CRYPTO_TEST_DRIVER_H */ diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 7322cc76d..c4ec8b674 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -242,7 +242,6 @@ - From 25555227e5341cdff9a1fda4641bc788c0d07d77 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Mon, 8 Mar 2021 16:20:04 +0100 Subject: [PATCH 13/30] Rename hash test driver functions to match auto-naming scheme Signed-off-by: Steven Cooreman --- library/psa_crypto_driver_wrappers.c | 12 ++++----- library/psa_crypto_driver_wrappers_contexts.h | 2 +- library/psa_crypto_hash.c | 24 ++++++++--------- library/psa_crypto_hash.h | 26 +++++++++---------- 4 files changed, 32 insertions(+), 32 deletions(-) diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 7bb0185dd..97e4ee869 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -1084,7 +1084,7 @@ psa_status_t psa_driver_wrapper_hash_compute( /* Try accelerators first */ #if defined(PSA_CRYPTO_DRIVER_TEST) - status = test_transparent_hash_compute( alg, input, input_length, + status = mbedtls_transparent_test_driver_hash_compute( alg, input, input_length, hash, hash_size, hash_length ); if( status != PSA_ERROR_NOT_SUPPORTED ) return( status ); @@ -1116,7 +1116,7 @@ psa_status_t psa_driver_wrapper_hash_setup( /* Try setup on accelerators first */ #if defined(PSA_CRYPTO_DRIVER_TEST) - status = test_transparent_hash_setup( &operation->ctx.test_ctx, alg ); + status = mbedtls_transparent_test_driver_hash_setup( &operation->ctx.test_ctx, alg ); if( status == PSA_SUCCESS ) operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; @@ -1149,7 +1149,7 @@ psa_status_t psa_driver_wrapper_hash_clone( #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: target_operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; - return( test_transparent_hash_clone( &source_operation->ctx.test_ctx, + return( mbedtls_transparent_test_driver_hash_clone( &source_operation->ctx.test_ctx, &target_operation->ctx.test_ctx ) ); #endif #if defined(MBEDTLS_PSA_BUILTIN_HASH) @@ -1174,7 +1174,7 @@ psa_status_t psa_driver_wrapper_hash_update( { #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( test_transparent_hash_update( &operation->ctx.test_ctx, + return( mbedtls_transparent_test_driver_hash_update( &operation->ctx.test_ctx, input, input_length ) ); #endif #if defined(MBEDTLS_PSA_BUILTIN_HASH) @@ -1200,7 +1200,7 @@ psa_status_t psa_driver_wrapper_hash_finish( { #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( test_transparent_hash_finish( &operation->ctx.test_ctx, + return( mbedtls_transparent_test_driver_hash_finish( &operation->ctx.test_ctx, hash, hash_size, hash_length ) ); #endif #if defined(MBEDTLS_PSA_BUILTIN_HASH) @@ -1225,7 +1225,7 @@ psa_status_t psa_driver_wrapper_hash_abort( { #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( test_transparent_hash_abort( &operation->ctx.test_ctx ) ); + return( mbedtls_transparent_test_driver_hash_abort( &operation->ctx.test_ctx ) ); #endif #if defined(MBEDTLS_PSA_BUILTIN_HASH) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: diff --git a/library/psa_crypto_driver_wrappers_contexts.h b/library/psa_crypto_driver_wrappers_contexts.h index 8cc21a287..8db55c937 100644 --- a/library/psa_crypto_driver_wrappers_contexts.h +++ b/library/psa_crypto_driver_wrappers_contexts.h @@ -46,7 +46,7 @@ typedef union { unsigned dummy; /* Make sure this structure is always non-empty */ mbedtls_psa_hash_operation_t mbedtls_ctx; #if defined(PSA_CRYPTO_DRIVER_TEST) - test_transparent_hash_operation_t test_ctx; + mbedtls_transparent_test_driver_hash_operation_t test_ctx; #endif } psa_driver_hash_context_t; diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index 9a9dd0997..b573c7aee 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -541,7 +541,7 @@ psa_status_t is_hash_accelerated( psa_algorithm_t alg ) } #endif /* INCLUDE_HASH_TEST_DRIVER */ -psa_status_t test_transparent_hash_compute( +psa_status_t mbedtls_transparent_test_driver_hash_compute( psa_algorithm_t alg, const uint8_t *input, size_t input_length, @@ -566,8 +566,8 @@ psa_status_t test_transparent_hash_compute( #endif } -psa_status_t test_transparent_hash_setup( - test_transparent_hash_operation_t *operation, +psa_status_t mbedtls_transparent_test_driver_hash_setup( + mbedtls_transparent_test_driver_hash_operation_t *operation, psa_algorithm_t alg ) { #if defined(INCLUDE_HASH_TEST_DRIVER) @@ -582,9 +582,9 @@ psa_status_t test_transparent_hash_setup( #endif } -psa_status_t test_transparent_hash_clone( - const test_transparent_hash_operation_t *source_operation, - test_transparent_hash_operation_t *target_operation ) +psa_status_t mbedtls_transparent_test_driver_hash_clone( + const mbedtls_transparent_test_driver_hash_operation_t *source_operation, + mbedtls_transparent_test_driver_hash_operation_t *target_operation ) { #if defined(INCLUDE_HASH_TEST_DRIVER) if( is_hash_accelerated( source_operation->operation.alg ) == PSA_SUCCESS ) @@ -599,8 +599,8 @@ psa_status_t test_transparent_hash_clone( #endif } -psa_status_t test_transparent_hash_update( - test_transparent_hash_operation_t *operation, +psa_status_t mbedtls_transparent_test_driver_hash_update( + mbedtls_transparent_test_driver_hash_operation_t *operation, const uint8_t *input, size_t input_length ) { @@ -618,8 +618,8 @@ psa_status_t test_transparent_hash_update( #endif } -psa_status_t test_transparent_hash_finish( - test_transparent_hash_operation_t *operation, +psa_status_t mbedtls_transparent_test_driver_hash_finish( + mbedtls_transparent_test_driver_hash_operation_t *operation, uint8_t *hash, size_t hash_size, size_t *hash_length ) @@ -639,8 +639,8 @@ psa_status_t test_transparent_hash_finish( #endif } -psa_status_t test_transparent_hash_abort( - test_transparent_hash_operation_t *operation ) +psa_status_t mbedtls_transparent_test_driver_hash_abort( + mbedtls_transparent_test_driver_hash_operation_t *operation ) { #if defined(INCLUDE_HASH_TEST_DRIVER) return( mbedtls_psa_hash_abort( &operation->operation ) ); diff --git a/library/psa_crypto_hash.h b/library/psa_crypto_hash.h index ed528ab4c..7d52624a0 100644 --- a/library/psa_crypto_hash.h +++ b/library/psa_crypto_hash.h @@ -278,9 +278,9 @@ psa_status_t mbedtls_psa_hash_abort( #if defined(PSA_CRYPTO_DRIVER_TEST) typedef struct { mbedtls_psa_hash_operation_t operation; -} test_transparent_hash_operation_t; +} mbedtls_transparent_test_driver_hash_operation_t; -psa_status_t test_transparent_hash_compute( +psa_status_t mbedtls_transparent_test_driver_hash_compute( psa_algorithm_t alg, const uint8_t *input, size_t input_length, @@ -288,27 +288,27 @@ psa_status_t test_transparent_hash_compute( size_t hash_size, size_t *hash_length); -psa_status_t test_transparent_hash_setup( - test_transparent_hash_operation_t *operation, +psa_status_t mbedtls_transparent_test_driver_hash_setup( + mbedtls_transparent_test_driver_hash_operation_t *operation, psa_algorithm_t alg ); -psa_status_t test_transparent_hash_clone( - const test_transparent_hash_operation_t *source_operation, - test_transparent_hash_operation_t *target_operation ); +psa_status_t mbedtls_transparent_test_driver_hash_clone( + const mbedtls_transparent_test_driver_hash_operation_t *source_operation, + mbedtls_transparent_test_driver_hash_operation_t *target_operation ); -psa_status_t test_transparent_hash_update( - test_transparent_hash_operation_t *operation, +psa_status_t mbedtls_transparent_test_driver_hash_update( + mbedtls_transparent_test_driver_hash_operation_t *operation, const uint8_t *input, size_t input_length ); -psa_status_t test_transparent_hash_finish( - test_transparent_hash_operation_t *operation, +psa_status_t mbedtls_transparent_test_driver_hash_finish( + mbedtls_transparent_test_driver_hash_operation_t *operation, uint8_t *hash, size_t hash_size, size_t *hash_length ); -psa_status_t test_transparent_hash_abort( - test_transparent_hash_operation_t *operation ); +psa_status_t mbedtls_transparent_test_driver_hash_abort( + mbedtls_transparent_test_driver_hash_operation_t *operation ); #endif /* PSA_CRYPTO_DRIVER_TEST */ From 83f300e2f7b9aa809cb3b45fd1c1e4710b89c231 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Mon, 8 Mar 2021 17:09:48 +0100 Subject: [PATCH 14/30] Restructure the hash driver content Apply the right define guards for the right purpose. The 'core' hash driver is included if any hash algorithm is either to be tested through the test driver, or if it is requested by a user and not accelerated (i.e. 'fallback'/'software' driver requested for the algorithm). Signed-off-by: Steven Cooreman --- library/psa_crypto_hash.c | 303 +++++++++++++++++++++++--------------- 1 file changed, 188 insertions(+), 115 deletions(-) diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index b573c7aee..7c5d324c0 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -30,7 +30,7 @@ #include /* Use builtin defines specific to this compilation unit, since the test driver - * relies on this software driver. */ + * relies on the software driver. */ #if( defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) || \ ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_MD2) ) ) #define BUILTIN_ALG_MD2 1 @@ -68,37 +68,102 @@ #define BUILTIN_ALG_SHA_512 1 #endif -psa_status_t mbedtls_psa_hash_compute( - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *hash, - size_t hash_size, - size_t *hash_length) +#if ( defined(BUILTIN_ALG_MD2) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD2) ) || \ + ( defined(BUILTIN_ALG_MD4) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD4) ) || \ + ( defined(BUILTIN_ALG_MD5) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD5) ) || \ + ( defined(BUILTIN_ALG_RIPEMD160) && !defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) ) || \ + ( defined(BUILTIN_ALG_SHA_1) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) ) || \ + ( defined(BUILTIN_ALG_SHA_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) ) || \ + ( defined(BUILTIN_ALG_SHA_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) ) || \ + ( defined(BUILTIN_ALG_SHA_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) ) || \ + ( defined(BUILTIN_ALG_SHA_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) ) +#define INCLUDE_HASH_MBEDTLS_DRIVER 1 +#endif + +#if defined(PSA_CRYPTO_DRIVER_TEST) && \ + ( defined(MBEDTLS_PSA_ACCEL_ALG_MD2) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_MD4) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_MD5) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) ) +#define INCLUDE_HASH_TEST_DRIVER +#endif + +#if defined(INCLUDE_HASH_MBEDTLS_DRIVER) || \ + defined(INCLUDE_HASH_TEST_DRIVER) +#define INCLUDE_HASH_CORE 1 +#endif + +/* Implement the PSA driver hash interface on top of mbed TLS if either the + * software driver or the test driver requires it. */ +#if defined(INCLUDE_HASH_CORE) +static psa_status_t hash_abort( + mbedtls_psa_hash_operation_t *operation ) { - mbedtls_psa_hash_operation_t operation = MBEDTLS_PSA_HASH_OPERATION_INIT; - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - - *hash_length = hash_size; - status = mbedtls_psa_hash_setup( &operation, alg ); - if( status != PSA_SUCCESS ) - goto exit; - status = mbedtls_psa_hash_update( &operation, input, input_length ); - if( status != PSA_SUCCESS ) - goto exit; - status = mbedtls_psa_hash_finish( &operation, hash, hash_size, hash_length ); - if( status != PSA_SUCCESS ) - goto exit; - -exit: - if( status == PSA_SUCCESS ) - status = mbedtls_psa_hash_abort( &operation ); - else - mbedtls_psa_hash_abort( &operation ); - return( status ); + switch( operation->alg ) + { + case 0: + /* The object has (apparently) been initialized but it is not + * in use. It's ok to call abort on such an object, and there's + * nothing to do. */ + break; +#if defined(BUILTIN_ALG_MD2) + case PSA_ALG_MD2: + mbedtls_md2_free( &operation->ctx.md2 ); + break; +#endif +#if defined(BUILTIN_ALG_MD4) + case PSA_ALG_MD4: + mbedtls_md4_free( &operation->ctx.md4 ); + break; +#endif +#if defined(BUILTIN_ALG_MD5) + case PSA_ALG_MD5: + mbedtls_md5_free( &operation->ctx.md5 ); + break; +#endif +#if defined(BUILTIN_ALG_RIPEMD160) + case PSA_ALG_RIPEMD160: + mbedtls_ripemd160_free( &operation->ctx.ripemd160 ); + break; +#endif +#if defined(BUILTIN_ALG_SHA_1) + case PSA_ALG_SHA_1: + mbedtls_sha1_free( &operation->ctx.sha1 ); + break; +#endif +#if defined(BUILTIN_ALG_SHA_224) + case PSA_ALG_SHA_224: + mbedtls_sha256_free( &operation->ctx.sha256 ); + break; +#endif +#if defined(BUILTIN_ALG_SHA_256) + case PSA_ALG_SHA_256: + mbedtls_sha256_free( &operation->ctx.sha256 ); + break; +#endif +#if defined(BUILTIN_ALG_SHA_384) + case PSA_ALG_SHA_384: + mbedtls_sha512_free( &operation->ctx.sha512 ); + break; +#endif +#if defined(BUILTIN_ALG_SHA_512) + case PSA_ALG_SHA_512: + mbedtls_sha512_free( &operation->ctx.sha512 ); + break; +#endif + default: + return( PSA_ERROR_BAD_STATE ); + } + operation->alg = 0; + return( PSA_SUCCESS ); } -psa_status_t mbedtls_psa_hash_setup( +static psa_status_t hash_setup( mbedtls_psa_hash_operation_t *operation, psa_algorithm_t alg ) { @@ -174,11 +239,11 @@ psa_status_t mbedtls_psa_hash_setup( if( ret == 0 ) operation->alg = alg; else - mbedtls_psa_hash_abort( operation ); + hash_abort( operation ); return( mbedtls_to_psa_error( ret ) ); } -psa_status_t mbedtls_psa_hash_clone( +static psa_status_t hash_clone( const mbedtls_psa_hash_operation_t *source_operation, mbedtls_psa_hash_operation_t *target_operation ) { @@ -250,7 +315,7 @@ psa_status_t mbedtls_psa_hash_clone( return( PSA_SUCCESS ); } -psa_status_t mbedtls_psa_hash_update( +static psa_status_t hash_update( mbedtls_psa_hash_operation_t *operation, const uint8_t *input, size_t input_length ) @@ -320,11 +385,11 @@ psa_status_t mbedtls_psa_hash_update( } if( ret != 0 ) - mbedtls_psa_hash_abort( operation ); + hash_abort( operation ); return( mbedtls_to_psa_error( ret ) ); } -psa_status_t mbedtls_psa_hash_finish( +static psa_status_t hash_finish( mbedtls_psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, @@ -406,94 +471,102 @@ exit: if( status == PSA_SUCCESS ) { *hash_length = actual_hash_length; - return( mbedtls_psa_hash_abort( operation ) ); + return( hash_abort( operation ) ); } else { - mbedtls_psa_hash_abort( operation ); + hash_abort( operation ); return( status ); } } +static psa_status_t hash_compute( + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *hash, + size_t hash_size, + size_t *hash_length) +{ + mbedtls_psa_hash_operation_t operation = MBEDTLS_PSA_HASH_OPERATION_INIT; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + + *hash_length = hash_size; + status = hash_setup( &operation, alg ); + if( status != PSA_SUCCESS ) + goto exit; + status = hash_update( &operation, input, input_length ); + if( status != PSA_SUCCESS ) + goto exit; + status = hash_finish( &operation, hash, hash_size, hash_length ); + if( status != PSA_SUCCESS ) + goto exit; + +exit: + if( status == PSA_SUCCESS ) + status = hash_abort( &operation ); + else + hash_abort( &operation ); + return( status ); +} +#endif /* INCLUDE_HASH_CORE */ + +#if defined(INCLUDE_HASH_MBEDTLS_DRIVER) +psa_status_t mbedtls_psa_hash_compute( + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *hash, + size_t hash_size, + size_t *hash_length) +{ + return( hash_compute( alg, input, input_length, + hash, hash_size, hash_length ) ); +} + +psa_status_t mbedtls_psa_hash_setup( + mbedtls_psa_hash_operation_t *operation, + psa_algorithm_t alg ) +{ + return( hash_setup( operation, alg ) ); +} + +psa_status_t mbedtls_psa_hash_clone( + const mbedtls_psa_hash_operation_t *source_operation, + mbedtls_psa_hash_operation_t *target_operation ) +{ + return( hash_clone( source_operation, target_operation ) ); +} + +psa_status_t mbedtls_psa_hash_update( + mbedtls_psa_hash_operation_t *operation, + const uint8_t *input, + size_t input_length ) +{ + return( hash_update( operation, input, input_length ) ); +} + +psa_status_t mbedtls_psa_hash_finish( + mbedtls_psa_hash_operation_t *operation, + uint8_t *hash, + size_t hash_size, + size_t *hash_length ) +{ + return( hash_finish( operation, hash, hash_size, hash_length ) ); +} + psa_status_t mbedtls_psa_hash_abort( mbedtls_psa_hash_operation_t *operation ) { - switch( operation->alg ) - { - case 0: - /* The object has (apparently) been initialized but it is not - * in use. It's ok to call abort on such an object, and there's - * nothing to do. */ - break; -#if defined(BUILTIN_ALG_MD2) - case PSA_ALG_MD2: - mbedtls_md2_free( &operation->ctx.md2 ); - break; -#endif -#if defined(BUILTIN_ALG_MD4) - case PSA_ALG_MD4: - mbedtls_md4_free( &operation->ctx.md4 ); - break; -#endif -#if defined(BUILTIN_ALG_MD5) - case PSA_ALG_MD5: - mbedtls_md5_free( &operation->ctx.md5 ); - break; -#endif -#if defined(BUILTIN_ALG_RIPEMD160) - case PSA_ALG_RIPEMD160: - mbedtls_ripemd160_free( &operation->ctx.ripemd160 ); - break; -#endif -#if defined(BUILTIN_ALG_SHA_1) - case PSA_ALG_SHA_1: - mbedtls_sha1_free( &operation->ctx.sha1 ); - break; -#endif -#if defined(BUILTIN_ALG_SHA_224) - case PSA_ALG_SHA_224: - mbedtls_sha256_free( &operation->ctx.sha256 ); - break; -#endif -#if defined(BUILTIN_ALG_SHA_256) - case PSA_ALG_SHA_256: - mbedtls_sha256_free( &operation->ctx.sha256 ); - break; -#endif -#if defined(BUILTIN_ALG_SHA_384) - case PSA_ALG_SHA_384: - mbedtls_sha512_free( &operation->ctx.sha512 ); - break; -#endif -#if defined(BUILTIN_ALG_SHA_512) - case PSA_ALG_SHA_512: - mbedtls_sha512_free( &operation->ctx.sha512 ); - break; -#endif - default: - return( PSA_ERROR_BAD_STATE ); - } - operation->alg = 0; - return( PSA_SUCCESS ); + return( hash_abort( operation ) ); } +#endif /* INCLUDE_HASH_MBEDTLS_DRIVER */ /* * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. */ #if defined(PSA_CRYPTO_DRIVER_TEST) -#if defined(MBEDTLS_PSA_ACCEL_ALG_MD2) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_MD4) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_MD5) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) -#define INCLUDE_HASH_TEST_DRIVER -#endif - #if defined(INCLUDE_HASH_TEST_DRIVER) psa_status_t is_hash_accelerated( psa_algorithm_t alg ) { @@ -551,8 +624,8 @@ psa_status_t mbedtls_transparent_test_driver_hash_compute( { #if defined(INCLUDE_HASH_TEST_DRIVER) if( is_hash_accelerated( alg ) == PSA_SUCCESS ) - return( mbedtls_psa_hash_compute( alg, input, input_length, - hash, hash_size, hash_length ) ); + return( hash_compute( alg, input, input_length, + hash, hash_size, hash_length ) ); else return( PSA_ERROR_NOT_SUPPORTED ); #else @@ -572,7 +645,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_setup( { #if defined(INCLUDE_HASH_TEST_DRIVER) if( is_hash_accelerated( alg ) == PSA_SUCCESS ) - return( mbedtls_psa_hash_setup( &operation->operation, alg ) ); + return( hash_setup( &operation->operation, alg ) ); else return( PSA_ERROR_NOT_SUPPORTED ); #else @@ -588,8 +661,8 @@ psa_status_t mbedtls_transparent_test_driver_hash_clone( { #if defined(INCLUDE_HASH_TEST_DRIVER) if( is_hash_accelerated( source_operation->operation.alg ) == PSA_SUCCESS ) - return( mbedtls_psa_hash_clone( &source_operation->operation, - &target_operation->operation ) ); + return( hash_clone( &source_operation->operation, + &target_operation->operation ) ); else return( PSA_ERROR_BAD_STATE ); #else @@ -606,8 +679,8 @@ psa_status_t mbedtls_transparent_test_driver_hash_update( { #if defined(INCLUDE_HASH_TEST_DRIVER) if( is_hash_accelerated( operation->operation.alg ) == PSA_SUCCESS ) - return( mbedtls_psa_hash_update( &operation->operation, - input, input_length ) ); + return( hash_update( &operation->operation, + input, input_length ) ); else return( PSA_ERROR_BAD_STATE ); #else @@ -626,8 +699,8 @@ psa_status_t mbedtls_transparent_test_driver_hash_finish( { #if defined(INCLUDE_HASH_TEST_DRIVER) if( is_hash_accelerated( operation->operation.alg ) == PSA_SUCCESS ) - return( mbedtls_psa_hash_finish( &operation->operation, - hash, hash_size, hash_length ) ); + return( hash_finish( &operation->operation, + hash, hash_size, hash_length ) ); else return( PSA_ERROR_BAD_STATE ); #else @@ -643,7 +716,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_abort( mbedtls_transparent_test_driver_hash_operation_t *operation ) { #if defined(INCLUDE_HASH_TEST_DRIVER) - return( mbedtls_psa_hash_abort( &operation->operation ) ); + return( hash_abort( &operation->operation ) ); #else (void) operation; return( PSA_ERROR_NOT_SUPPORTED ); From d50db945c4ed9abf68ada7eaf73e04adbc0265f9 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Mon, 8 Mar 2021 17:17:15 +0100 Subject: [PATCH 15/30] Add hash acceleration driver testing Test hash algorithm functions when called through a transparent driver in all.sh test_psa_crypto_config_basic and test_psa_crypto_drivers components. Signed-off-by: Steven Cooreman --- tests/scripts/all.sh | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 0e81d743b..d2345b1a2 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1457,6 +1457,15 @@ component_test_psa_crypto_config_basic() { loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_RSA_PSS" loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_ECDSA" loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA" + loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD2" + loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD4" + loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD5" + loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_RIPEMD160" + loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_SHA_1" + loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_SHA_224" + loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_SHA_256" + loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_SHA_384" + loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_SHA_512" loc_cflags="${loc_cflags} -I../tests/include -O2" make CC=gcc CFLAGS="$loc_cflags" LDFLAGS="$ASAN_CFLAGS" @@ -2235,6 +2244,15 @@ component_test_psa_crypto_drivers () { loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_RSA_PSS" loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_ECDSA" loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA" + loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD2" + loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD4" + loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD5" + loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_RIPEMD160" + loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_SHA_1" + loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_SHA_224" + loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_SHA_256" + loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_SHA_384" + loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_SHA_512" loc_cflags="${loc_cflags} -I../tests/include -O2" make CC=gcc CFLAGS="${loc_cflags}" LDFLAGS="$ASAN_CFLAGS" From f66d5fd2bdb776f7a52ea6dec6a8b54923c9ad44 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Mon, 8 Mar 2021 18:40:40 +0100 Subject: [PATCH 16/30] Apply same argument checking as in psa_hash_setup Signed-off-by: Steven Cooreman --- library/psa_crypto.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c5f9601f8..fce7211aa 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2277,6 +2277,9 @@ psa_status_t psa_hash_compute( psa_algorithm_t alg, uint8_t *hash, size_t hash_size, size_t *hash_length ) { + if( !PSA_ALG_IS_HASH( alg ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + return( psa_driver_wrapper_hash_compute( alg, input, input_length, hash, hash_size, hash_length ) ); } @@ -2287,6 +2290,10 @@ psa_status_t psa_hash_compare( psa_algorithm_t alg, { uint8_t actual_hash[MBEDTLS_MD_MAX_SIZE]; size_t actual_hash_length; + + if( !PSA_ALG_IS_HASH( alg ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + psa_status_t status = psa_driver_wrapper_hash_compute( alg, input, input_length, actual_hash, sizeof(actual_hash), From fbe09284cf9f873e97ce6ecf36da2c61ab263d3c Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Mon, 8 Mar 2021 18:41:12 +0100 Subject: [PATCH 17/30] Set output length to 0 at start of function This behaviour was present previously, and is depended on by the test suites. Signed-off-by: Steven Cooreman --- library/psa_crypto.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index fce7211aa..a39c5353f 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2244,6 +2244,7 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation, size_t hash_size, size_t *hash_length ) { + *hash_length = 0; if( operation->id == 0 ) return( PSA_ERROR_BAD_STATE ); @@ -2277,6 +2278,7 @@ psa_status_t psa_hash_compute( psa_algorithm_t alg, uint8_t *hash, size_t hash_size, size_t *hash_length ) { + *hash_length = 0; if( !PSA_ALG_IS_HASH( alg ) ) return( PSA_ERROR_INVALID_ARGUMENT ); From 0d5866639512247477ff6bda20f9aff47014c3e8 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Mon, 8 Mar 2021 20:28:18 +0100 Subject: [PATCH 18/30] Reuse already-defined MBEDTLS_PSA_BUILTIN_HASH Signed-off-by: Steven Cooreman --- library/psa_crypto_hash.c | 23 ++++++++--------------- 1 file changed, 8 insertions(+), 15 deletions(-) diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index 7c5d324c0..e622e0d1b 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -68,18 +68,9 @@ #define BUILTIN_ALG_SHA_512 1 #endif -#if ( defined(BUILTIN_ALG_MD2) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD2) ) || \ - ( defined(BUILTIN_ALG_MD4) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD4) ) || \ - ( defined(BUILTIN_ALG_MD5) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD5) ) || \ - ( defined(BUILTIN_ALG_RIPEMD160) && !defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) ) || \ - ( defined(BUILTIN_ALG_SHA_1) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) ) || \ - ( defined(BUILTIN_ALG_SHA_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) ) || \ - ( defined(BUILTIN_ALG_SHA_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) ) || \ - ( defined(BUILTIN_ALG_SHA_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) ) || \ - ( defined(BUILTIN_ALG_SHA_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) ) -#define INCLUDE_HASH_MBEDTLS_DRIVER 1 -#endif - +/* If at least one of the hash algorithms is to be exercised through the + * transparent test driver, then the mbedtls_transparent_test_driver_hash_* + * entry points need to be implemented. */ #if defined(PSA_CRYPTO_DRIVER_TEST) && \ ( defined(MBEDTLS_PSA_ACCEL_ALG_MD2) || \ defined(MBEDTLS_PSA_ACCEL_ALG_MD4) || \ @@ -93,7 +84,9 @@ #define INCLUDE_HASH_TEST_DRIVER #endif -#if defined(INCLUDE_HASH_MBEDTLS_DRIVER) || \ +/* If either of the built-in or test driver entry points need to be implemented, then + * the core implementation should be present. */ +#if defined(MBEDTLS_PSA_BUILTIN_HASH) || \ defined(INCLUDE_HASH_TEST_DRIVER) #define INCLUDE_HASH_CORE 1 #endif @@ -511,7 +504,7 @@ exit: } #endif /* INCLUDE_HASH_CORE */ -#if defined(INCLUDE_HASH_MBEDTLS_DRIVER) +#if defined(MBEDTLS_PSA_BUILTIN_HASH) psa_status_t mbedtls_psa_hash_compute( psa_algorithm_t alg, const uint8_t *input, @@ -560,7 +553,7 @@ psa_status_t mbedtls_psa_hash_abort( { return( hash_abort( operation ) ); } -#endif /* INCLUDE_HASH_MBEDTLS_DRIVER */ +#endif /* MBEDTLS_PSA_BUILTIN_HASH */ /* * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. From 830aff2a983c8355462c5849bda51be116400b51 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Tue, 9 Mar 2021 09:50:44 +0100 Subject: [PATCH 19/30] Restructure the way driver contexts are declared Drivers (both built-in and external) need to declare their context structures in a way such that they are accessible by the to-be-autogenerated crypto_driver_contexts.h file. That file lives in include/psa, which means all builtin driver context structure declarations also need to live in include/psa. Signed-off-by: Steven Cooreman --- include/psa/crypto_builtin_hash.h | 91 +++++++++++++++++++ .../psa/crypto_driver_contexts.h | 17 ++-- include/psa/crypto_struct.h | 2 +- library/psa_crypto_driver_wrappers.c | 6 +- library/psa_crypto_hash.h | 55 +---------- visualc/VS2010/mbedTLS.vcxproj | 3 +- 6 files changed, 106 insertions(+), 68 deletions(-) create mode 100644 include/psa/crypto_builtin_hash.h rename library/psa_crypto_driver_wrappers_contexts.h => include/psa/crypto_driver_contexts.h (76%) diff --git a/include/psa/crypto_builtin_hash.h b/include/psa/crypto_builtin_hash.h new file mode 100644 index 000000000..0f42fdcb2 --- /dev/null +++ b/include/psa/crypto_builtin_hash.h @@ -0,0 +1,91 @@ +/* + * Context structure declaration of the software-based driver which performs + * hashing through the PSA Crypto driver dispatch layer. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PSA_CRYPTO_BUILTIN_HASH_H +#define PSA_CRYPTO_BUILTIN_HASH_H + +#include +#include "mbedtls/md2.h" +#include "mbedtls/md4.h" +#include "mbedtls/md5.h" +#include "mbedtls/ripemd160.h" +#include "mbedtls/sha1.h" +#include "mbedtls/sha256.h" +#include "mbedtls/sha512.h" + +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) +#define MBEDTLS_PSA_BUILTIN_HASH +#endif + +typedef struct +{ + psa_algorithm_t alg; + union + { + unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ +#if defined(MBEDTLS_MD2_C) + mbedtls_md2_context md2; +#endif +#if defined(MBEDTLS_MD4_C) + mbedtls_md4_context md4; +#endif +#if defined(MBEDTLS_MD5_C) + mbedtls_md5_context md5; +#endif +#if defined(MBEDTLS_RIPEMD160_C) + mbedtls_ripemd160_context ripemd160; +#endif +#if defined(MBEDTLS_SHA1_C) + mbedtls_sha1_context sha1; +#endif +#if defined(MBEDTLS_SHA256_C) + mbedtls_sha256_context sha256; +#endif +#if defined(MBEDTLS_SHA512_C) + mbedtls_sha512_context sha512; +#endif + } ctx; +} mbedtls_psa_hash_operation_t; + +#define MBEDTLS_PSA_HASH_OPERATION_INIT {0, {0}} + +/* + * BEYOND THIS POINT, TEST DRIVER DECLARATIONS ONLY. + */ +#if defined(PSA_CRYPTO_DRIVER_TEST) + +typedef struct { + mbedtls_psa_hash_operation_t operation; +} mbedtls_transparent_test_driver_hash_operation_t; + +#define MBEDTLS_TRANSPARENT_TEST_DRIVER_HASH_OPERATION_INIT { MBEDTLS_PSA_HASH_OPERATION_INIT } + +#endif /* PSA_CRYPTO_DRIVER_TEST */ + +#endif /* PSA_CRYPTO_BUILTIN_HASH_H */ diff --git a/library/psa_crypto_driver_wrappers_contexts.h b/include/psa/crypto_driver_contexts.h similarity index 76% rename from library/psa_crypto_driver_wrappers_contexts.h rename to include/psa/crypto_driver_contexts.h index 8db55c937..524329dd0 100644 --- a/library/psa_crypto_driver_wrappers_contexts.h +++ b/include/psa/crypto_driver_contexts.h @@ -20,20 +20,17 @@ * limitations under the License. */ -#ifndef PSA_CRYPTO_DRIVER_WRAPPERS_CONTEXTS_H -#define PSA_CRYPTO_DRIVER_WRAPPERS_CONTEXTS_H +#ifndef PSA_CRYPTO_DRIVER_CONTEXTS_H +#define PSA_CRYPTO_DRIVER_CONTEXTS_H #include "psa/crypto.h" #include "psa/crypto_driver_common.h" -/* Include all structure definitions for the drivers that have been included - * during the auto-generation of this file (autogeneration not yet in place) */ -#if defined(PSA_CRYPTO_DRIVER_TEST) -#include "test/drivers/test_driver.h" -#endif +/* Include the context structure definitions for those drivers that were + * declared during the autogeneration process. */ -/* Include the structure definitions for the mbed TLS software drivers */ -#include "psa_crypto_hash.h" +/* Include the context structure definitions for the Mbed TLS software drivers */ +#include "psa/crypto_builtin_hash.h" /* Define the context to be used for an operation that is executed through the * PSA Driver wrapper layer as the union of all possible driver's contexts. @@ -50,5 +47,5 @@ typedef union { #endif } psa_driver_hash_context_t; -#endif /* PSA_CRYPTO_DRIVER_WRAPPERS_CONTEXTS_H */ +#endif /* PSA_CRYPTO_DRIVER_CONTEXTS_H */ /* End of automatically generated file. */ diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index f22ed50c6..87eefb9b1 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -70,7 +70,7 @@ extern "C" { #include "mbedtls/gcm.h" /* Include the context definition for the compiled-in drivers */ -#include "../../library/psa_crypto_driver_wrappers_contexts.h" +#include "psa/crypto_driver_contexts.h" typedef struct { /** Unique ID indicating which driver got assigned to do the diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 97e4ee869..457738f24 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -21,6 +21,8 @@ #include "psa_crypto_core.h" #include "psa_crypto_driver_wrappers.h" +#include "psa_crypto_hash.h" + #include "mbedtls/platform.h" #if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) @@ -41,14 +43,14 @@ /* Auto-generated values depending on which drivers are registered. * ID 0 is reserved for unallocated operations. * ID 1 is reserved for the Mbed TLS software driver. */ +#define PSA_CRYPTO_MBED_TLS_DRIVER_ID (1) + #if defined(PSA_CRYPTO_DRIVER_TEST) #define PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID (2) #define PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID (3) #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */ -#define PSA_CRYPTO_MBED_TLS_DRIVER_ID (1) - /* Support the 'old' SE interface when asked to */ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* PSA_CRYPTO_DRIVER_PRESENT is defined when either a new-style or old-style diff --git a/library/psa_crypto_hash.h b/library/psa_crypto_hash.h index 7d52624a0..443110eae 100644 --- a/library/psa_crypto_hash.h +++ b/library/psa_crypto_hash.h @@ -22,57 +22,7 @@ #define PSA_CRYPTO_HASH_H #include -#include "mbedtls/md2.h" -#include "mbedtls/md4.h" -#include "mbedtls/md5.h" -#include "mbedtls/ripemd160.h" -#include "mbedtls/sha1.h" -#include "mbedtls/sha256.h" -#include "mbedtls/sha512.h" - -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) -#define MBEDTLS_PSA_BUILTIN_HASH -#endif - -typedef struct -{ - psa_algorithm_t alg; - union - { - unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ -#if defined(MBEDTLS_MD2_C) - mbedtls_md2_context md2; -#endif -#if defined(MBEDTLS_MD4_C) - mbedtls_md4_context md4; -#endif -#if defined(MBEDTLS_MD5_C) - mbedtls_md5_context md5; -#endif -#if defined(MBEDTLS_RIPEMD160_C) - mbedtls_ripemd160_context ripemd160; -#endif -#if defined(MBEDTLS_SHA1_C) - mbedtls_sha1_context sha1; -#endif -#if defined(MBEDTLS_SHA256_C) - mbedtls_sha256_context sha256; -#endif -#if defined(MBEDTLS_SHA512_C) - mbedtls_sha512_context sha512; -#endif - } ctx; -} mbedtls_psa_hash_operation_t; - -#define MBEDTLS_PSA_HASH_OPERATION_INIT {0, {0}} +#include /** Calculate the hash (digest) of a message using Mbed TLS routines. * @@ -276,9 +226,6 @@ psa_status_t mbedtls_psa_hash_abort( */ #if defined(PSA_CRYPTO_DRIVER_TEST) -typedef struct { - mbedtls_psa_hash_operation_t operation; -} mbedtls_transparent_test_driver_hash_operation_t; psa_status_t mbedtls_transparent_test_driver_hash_compute( psa_algorithm_t alg, diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index c4ec8b674..7a013443f 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -222,9 +222,11 @@ + + @@ -250,7 +252,6 @@ - From a85e2f835e37d5b20f8d5f236d8c70eb323a10e1 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Mon, 15 Mar 2021 11:00:12 +0100 Subject: [PATCH 20/30] Guard hash test functions as a block Replicate the way the internal hash functions are guarded Signed-off-by: Steven Cooreman --- include/psa/crypto_builtin_hash.h | 12 ++++++ library/psa_crypto_driver_wrappers.c | 12 +++--- library/psa_crypto_hash.c | 58 ++-------------------------- 3 files changed, 21 insertions(+), 61 deletions(-) diff --git a/include/psa/crypto_builtin_hash.h b/include/psa/crypto_builtin_hash.h index 0f42fdcb2..87e971193 100644 --- a/include/psa/crypto_builtin_hash.h +++ b/include/psa/crypto_builtin_hash.h @@ -43,6 +43,18 @@ #define MBEDTLS_PSA_BUILTIN_HASH #endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_MD2) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_MD4) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_MD5) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) +#define MBEDTLS_PSA_ACCEL_HASH +#endif + typedef struct { psa_algorithm_t alg; diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 457738f24..bf829919e 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -1085,7 +1085,7 @@ psa_status_t psa_driver_wrapper_hash_compute( psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; /* Try accelerators first */ -#if defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_HASH) status = mbedtls_transparent_test_driver_hash_compute( alg, input, input_length, hash, hash_size, hash_length ); if( status != PSA_ERROR_NOT_SUPPORTED ) @@ -1117,7 +1117,7 @@ psa_status_t psa_driver_wrapper_hash_setup( psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; /* Try setup on accelerators first */ -#if defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_HASH) status = mbedtls_transparent_test_driver_hash_setup( &operation->ctx.test_ctx, alg ); if( status == PSA_SUCCESS ) operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; @@ -1148,7 +1148,7 @@ psa_status_t psa_driver_wrapper_hash_clone( { switch( source_operation->id ) { -#if defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_HASH) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: target_operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; return( mbedtls_transparent_test_driver_hash_clone( &source_operation->ctx.test_ctx, @@ -1174,7 +1174,7 @@ psa_status_t psa_driver_wrapper_hash_update( { switch( operation->id ) { -#if defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_HASH) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: return( mbedtls_transparent_test_driver_hash_update( &operation->ctx.test_ctx, input, input_length ) ); @@ -1200,7 +1200,7 @@ psa_status_t psa_driver_wrapper_hash_finish( { switch( operation->id ) { -#if defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_HASH) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: return( mbedtls_transparent_test_driver_hash_finish( &operation->ctx.test_ctx, hash, hash_size, hash_length ) ); @@ -1225,7 +1225,7 @@ psa_status_t psa_driver_wrapper_hash_abort( { switch( operation->id ) { -#if defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_HASH) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: return( mbedtls_transparent_test_driver_hash_abort( &operation->ctx.test_ctx ) ); #endif diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index e622e0d1b..4d1afc2fb 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -72,15 +72,7 @@ * transparent test driver, then the mbedtls_transparent_test_driver_hash_* * entry points need to be implemented. */ #if defined(PSA_CRYPTO_DRIVER_TEST) && \ - ( defined(MBEDTLS_PSA_ACCEL_ALG_MD2) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_MD4) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_MD5) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) ) + defined(MBEDTLS_PSA_ACCEL_HASH) #define INCLUDE_HASH_TEST_DRIVER #endif @@ -558,9 +550,8 @@ psa_status_t mbedtls_psa_hash_abort( /* * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. */ -#if defined(PSA_CRYPTO_DRIVER_TEST) - #if defined(INCLUDE_HASH_TEST_DRIVER) + psa_status_t is_hash_accelerated( psa_algorithm_t alg ) { switch( alg ) @@ -605,7 +596,6 @@ psa_status_t is_hash_accelerated( psa_algorithm_t alg ) return( PSA_ERROR_NOT_SUPPORTED ); } } -#endif /* INCLUDE_HASH_TEST_DRIVER */ psa_status_t mbedtls_transparent_test_driver_hash_compute( psa_algorithm_t alg, @@ -615,54 +605,32 @@ psa_status_t mbedtls_transparent_test_driver_hash_compute( size_t hash_size, size_t *hash_length) { -#if defined(INCLUDE_HASH_TEST_DRIVER) if( is_hash_accelerated( alg ) == PSA_SUCCESS ) return( hash_compute( alg, input, input_length, hash, hash_size, hash_length ) ); else return( PSA_ERROR_NOT_SUPPORTED ); -#else - (void) alg; - (void) input; - (void) input_length; - (void) hash; - (void) hash_size; - (void) hash_length; - return( PSA_ERROR_NOT_SUPPORTED ); -#endif } psa_status_t mbedtls_transparent_test_driver_hash_setup( mbedtls_transparent_test_driver_hash_operation_t *operation, psa_algorithm_t alg ) { -#if defined(INCLUDE_HASH_TEST_DRIVER) if( is_hash_accelerated( alg ) == PSA_SUCCESS ) return( hash_setup( &operation->operation, alg ) ); else return( PSA_ERROR_NOT_SUPPORTED ); -#else - (void) alg; - (void) operation; - return( PSA_ERROR_NOT_SUPPORTED ); -#endif } psa_status_t mbedtls_transparent_test_driver_hash_clone( const mbedtls_transparent_test_driver_hash_operation_t *source_operation, mbedtls_transparent_test_driver_hash_operation_t *target_operation ) { -#if defined(INCLUDE_HASH_TEST_DRIVER) if( is_hash_accelerated( source_operation->operation.alg ) == PSA_SUCCESS ) return( hash_clone( &source_operation->operation, &target_operation->operation ) ); else return( PSA_ERROR_BAD_STATE ); -#else - (void) source_operation; - (void) target_operation; - return( PSA_ERROR_NOT_SUPPORTED ); -#endif } psa_status_t mbedtls_transparent_test_driver_hash_update( @@ -670,18 +638,11 @@ psa_status_t mbedtls_transparent_test_driver_hash_update( const uint8_t *input, size_t input_length ) { -#if defined(INCLUDE_HASH_TEST_DRIVER) if( is_hash_accelerated( operation->operation.alg ) == PSA_SUCCESS ) return( hash_update( &operation->operation, input, input_length ) ); else return( PSA_ERROR_BAD_STATE ); -#else - (void) operation; - (void) input; - (void) input_length; - return( PSA_ERROR_NOT_SUPPORTED ); -#endif } psa_status_t mbedtls_transparent_test_driver_hash_finish( @@ -690,32 +651,19 @@ psa_status_t mbedtls_transparent_test_driver_hash_finish( size_t hash_size, size_t *hash_length ) { -#if defined(INCLUDE_HASH_TEST_DRIVER) if( is_hash_accelerated( operation->operation.alg ) == PSA_SUCCESS ) return( hash_finish( &operation->operation, hash, hash_size, hash_length ) ); else return( PSA_ERROR_BAD_STATE ); -#else - (void) operation; - (void) hash; - (void) hash_size; - (void) hash_length; - return( PSA_ERROR_NOT_SUPPORTED ); -#endif } psa_status_t mbedtls_transparent_test_driver_hash_abort( mbedtls_transparent_test_driver_hash_operation_t *operation ) { -#if defined(INCLUDE_HASH_TEST_DRIVER) return( hash_abort( &operation->operation ) ); -#else - (void) operation; - return( PSA_ERROR_NOT_SUPPORTED ); -#endif } -#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* INCLUDE_HASH_TEST_DRIVER */ #endif /* MBEDTLS_PSA_CRYPTO_C */ From 5f88e776c34d1faddbbdf64960aae03ee959fd9d Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Mon, 15 Mar 2021 11:07:12 +0100 Subject: [PATCH 21/30] Move mbedtls_md_info_from_psa into the mbedtls hash driver Signed-off-by: Steven Cooreman --- library/psa_crypto.c | 54 +-------------------------------------- library/psa_crypto_core.h | 11 -------- library/psa_crypto_ecp.c | 1 + library/psa_crypto_hash.c | 53 ++++++++++++++++++++++++++++++++++++++ library/psa_crypto_hash.h | 11 ++++++++ library/psa_crypto_rsa.c | 1 + 6 files changed, 67 insertions(+), 64 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a39c5353f..14feabde0 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -33,6 +33,7 @@ #include "psa_crypto_invasive.h" #include "psa_crypto_driver_wrappers.h" #include "psa_crypto_ecp.h" +#include "psa_crypto_hash.h" #include "psa_crypto_rsa.h" #include "psa_crypto_ecp.h" #if defined(MBEDTLS_PSA_CRYPTO_SE_C) @@ -2141,59 +2142,6 @@ exit: /* Message digests */ /****************************************************************/ -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) -const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ) -{ - switch( alg ) - { -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) - case PSA_ALG_MD2: - return( &mbedtls_md2_info ); -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) - case PSA_ALG_MD4: - return( &mbedtls_md4_info ); -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) - case PSA_ALG_MD5: - return( &mbedtls_md5_info ); -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) - case PSA_ALG_RIPEMD160: - return( &mbedtls_ripemd160_info ); -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) - case PSA_ALG_SHA_1: - return( &mbedtls_sha1_info ); -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) - case PSA_ALG_SHA_224: - return( &mbedtls_sha224_info ); -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) - case PSA_ALG_SHA_256: - return( &mbedtls_sha256_info ); -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) - case PSA_ALG_SHA_384: - return( &mbedtls_sha384_info ); -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) - case PSA_ALG_SHA_512: - return( &mbedtls_sha512_info ); -#endif - default: - return( NULL ); - } -} -#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || - * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || - * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || - * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */ - psa_status_t psa_hash_abort( psa_hash_operation_t *operation ) { /* Aborting a non-active operation is allowed */ diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index da690444c..ec7ac8049 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -30,8 +30,6 @@ #include "psa/crypto.h" #include "psa/crypto_se_driver.h" -#include - /** The data structure representing a key slot, containing key material * and metadata for one key. */ @@ -214,15 +212,6 @@ psa_status_t psa_copy_key_material_into_slot( psa_key_slot_t *slot, */ psa_status_t mbedtls_to_psa_error( int ret ); -/** Get Mbed TLS MD information of a hash algorithm given its PSA identifier - * - * \param[in] alg PSA hash algorithm identifier - * - * \return The Mbed TLS MD information of the hash algorithm. \c NULL if the - * PSA hash algorithm is not supported. - */ -const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ); - /** Import a key in binary format. * * \note The signature of this function is that of a PSA driver diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c index 75ab1690d..3ce232c6b 100644 --- a/library/psa_crypto_ecp.c +++ b/library/psa_crypto_ecp.c @@ -26,6 +26,7 @@ #include "psa_crypto_core.h" #include "psa_crypto_ecp.h" #include "psa_crypto_random_impl.h" +#include "psa_crypto_hash.h" #include #include diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index 4d1afc2fb..2678738f4 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -83,6 +83,59 @@ #define INCLUDE_HASH_CORE 1 #endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) +const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ) +{ + switch( alg ) + { +#if defined(MBEDTLS_MD2_C) + case PSA_ALG_MD2: + return( &mbedtls_md2_info ); +#endif +#if defined(MBEDTLS_MD4_C) + case PSA_ALG_MD4: + return( &mbedtls_md4_info ); +#endif +#if defined(MBEDTLS_MD5_C) + case PSA_ALG_MD5: + return( &mbedtls_md5_info ); +#endif +#if defined(MBEDTLS_RIPEMD160_C) + case PSA_ALG_RIPEMD160: + return( &mbedtls_ripemd160_info ); +#endif +#if defined(MBEDTLS_SHA1_C) + case PSA_ALG_SHA_1: + return( &mbedtls_sha1_info ); +#endif +#if defined(MBEDTLS_SHA256_C) + case PSA_ALG_SHA_224: + return( &mbedtls_sha224_info ); +#endif +#if defined(MBEDTLS_SHA256_C) + case PSA_ALG_SHA_256: + return( &mbedtls_sha256_info ); +#endif +#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) + case PSA_ALG_SHA_384: + return( &mbedtls_sha384_info ); +#endif +#if defined(MBEDTLS_SHA512_C) + case PSA_ALG_SHA_512: + return( &mbedtls_sha512_info ); +#endif + default: + return( NULL ); + } +} +#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || + * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || + * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || + * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */ + /* Implement the PSA driver hash interface on top of mbed TLS if either the * software driver or the test driver requires it. */ #if defined(INCLUDE_HASH_CORE) diff --git a/library/psa_crypto_hash.h b/library/psa_crypto_hash.h index 443110eae..af47c8b57 100644 --- a/library/psa_crypto_hash.h +++ b/library/psa_crypto_hash.h @@ -24,6 +24,17 @@ #include #include +#include + +/** Get Mbed TLS MD information of a hash algorithm given its PSA identifier + * + * \param[in] alg PSA hash algorithm identifier + * + * \return The Mbed TLS MD information of the hash algorithm. \c NULL if the + * PSA hash algorithm is not supported. + */ +const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ); + /** Calculate the hash (digest) of a message using Mbed TLS routines. * * \note The signature of this function is that of a PSA driver hash_compute diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index 3e95d3ada..1ab1e9491 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -26,6 +26,7 @@ #include "psa_crypto_core.h" #include "psa_crypto_random_impl.h" #include "psa_crypto_rsa.h" +#include "psa_crypto_hash.h" #include #include From 753f973f8721bd4b4fc5fb496c88616ff6a0e514 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Mon, 15 Mar 2021 11:38:44 +0100 Subject: [PATCH 22/30] Use full config during driver testing Due to the way the test drivers are setup, we require the full setup. Signed-off-by: Steven Cooreman --- tests/scripts/all.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index d2345b1a2..00e18ddd8 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2235,6 +2235,7 @@ component_test_se_default () { component_test_psa_crypto_drivers () { msg "build: MBEDTLS_PSA_CRYPTO_DRIVERS w/ driver hooks" + scripts/config.py full scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS # Need to define the correct symbol and include the test driver header path in order to build with the test driver loc_cflags="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST" @@ -2258,7 +2259,7 @@ component_test_psa_crypto_drivers () { make CC=gcc CFLAGS="${loc_cflags}" LDFLAGS="$ASAN_CFLAGS" unset loc_cflags - msg "test: MBEDTLS_PSA_CRYPTO_DRIVERS, signature" + msg "test: full + MBEDTLS_PSA_CRYPTO_DRIVERS" make test } From 0f8ffa806b7f07d77a265c9340c471629752f90c Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Mon, 15 Mar 2021 11:56:33 +0100 Subject: [PATCH 23/30] Rename and retype hash test driver context structure Signed-off-by: Steven Cooreman --- include/psa/crypto_builtin_hash.h | 6 ++---- include/psa/crypto_driver_contexts.h | 2 +- library/psa_crypto_driver_wrappers.c | 25 +++++++++++++++---------- library/psa_crypto_hash.c | 19 ++++++++----------- 4 files changed, 26 insertions(+), 26 deletions(-) diff --git a/include/psa/crypto_builtin_hash.h b/include/psa/crypto_builtin_hash.h index 87e971193..b0332d659 100644 --- a/include/psa/crypto_builtin_hash.h +++ b/include/psa/crypto_builtin_hash.h @@ -92,11 +92,9 @@ typedef struct */ #if defined(PSA_CRYPTO_DRIVER_TEST) -typedef struct { - mbedtls_psa_hash_operation_t operation; -} mbedtls_transparent_test_driver_hash_operation_t; +typedef mbedtls_psa_hash_operation_t mbedtls_transparent_test_driver_hash_operation_t; -#define MBEDTLS_TRANSPARENT_TEST_DRIVER_HASH_OPERATION_INIT { MBEDTLS_PSA_HASH_OPERATION_INIT } +#define MBEDTLS_TRANSPARENT_TEST_DRIVER_HASH_OPERATION_INIT MBEDTLS_PSA_HASH_OPERATION_INIT #endif /* PSA_CRYPTO_DRIVER_TEST */ diff --git a/include/psa/crypto_driver_contexts.h b/include/psa/crypto_driver_contexts.h index 524329dd0..fdf178f94 100644 --- a/include/psa/crypto_driver_contexts.h +++ b/include/psa/crypto_driver_contexts.h @@ -43,7 +43,7 @@ typedef union { unsigned dummy; /* Make sure this structure is always non-empty */ mbedtls_psa_hash_operation_t mbedtls_ctx; #if defined(PSA_CRYPTO_DRIVER_TEST) - mbedtls_transparent_test_driver_hash_operation_t test_ctx; + mbedtls_transparent_test_driver_hash_operation_t test_driver_ctx; #endif } psa_driver_hash_context_t; diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index bf829919e..dea85c9e2 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -1086,8 +1086,8 @@ psa_status_t psa_driver_wrapper_hash_compute( /* Try accelerators first */ #if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_HASH) - status = mbedtls_transparent_test_driver_hash_compute( alg, input, input_length, - hash, hash_size, hash_length ); + status = mbedtls_transparent_test_driver_hash_compute( + alg, input, input_length, hash, hash_size, hash_length ); if( status != PSA_ERROR_NOT_SUPPORTED ) return( status ); #endif @@ -1118,7 +1118,8 @@ psa_status_t psa_driver_wrapper_hash_setup( /* Try setup on accelerators first */ #if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_HASH) - status = mbedtls_transparent_test_driver_hash_setup( &operation->ctx.test_ctx, alg ); + status = mbedtls_transparent_test_driver_hash_setup( + &operation->ctx.test_driver_ctx, alg ); if( status == PSA_SUCCESS ) operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; @@ -1151,8 +1152,9 @@ psa_status_t psa_driver_wrapper_hash_clone( #if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_HASH) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: target_operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; - return( mbedtls_transparent_test_driver_hash_clone( &source_operation->ctx.test_ctx, - &target_operation->ctx.test_ctx ) ); + return( mbedtls_transparent_test_driver_hash_clone( + &source_operation->ctx.test_driver_ctx, + &target_operation->ctx.test_driver_ctx ) ); #endif #if defined(MBEDTLS_PSA_BUILTIN_HASH) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: @@ -1176,8 +1178,9 @@ psa_status_t psa_driver_wrapper_hash_update( { #if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_HASH) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( mbedtls_transparent_test_driver_hash_update( &operation->ctx.test_ctx, - input, input_length ) ); + return( mbedtls_transparent_test_driver_hash_update( + &operation->ctx.test_driver_ctx, + input, input_length ) ); #endif #if defined(MBEDTLS_PSA_BUILTIN_HASH) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: @@ -1202,8 +1205,9 @@ psa_status_t psa_driver_wrapper_hash_finish( { #if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_HASH) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( mbedtls_transparent_test_driver_hash_finish( &operation->ctx.test_ctx, - hash, hash_size, hash_length ) ); + return( mbedtls_transparent_test_driver_hash_finish( + &operation->ctx.test_driver_ctx, + hash, hash_size, hash_length ) ); #endif #if defined(MBEDTLS_PSA_BUILTIN_HASH) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: @@ -1227,7 +1231,8 @@ psa_status_t psa_driver_wrapper_hash_abort( { #if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_HASH) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( mbedtls_transparent_test_driver_hash_abort( &operation->ctx.test_ctx ) ); + return( mbedtls_transparent_test_driver_hash_abort( + &operation->ctx.test_driver_ctx ) ); #endif #if defined(MBEDTLS_PSA_BUILTIN_HASH) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index 2678738f4..bd9a1d7e5 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -670,7 +670,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_setup( psa_algorithm_t alg ) { if( is_hash_accelerated( alg ) == PSA_SUCCESS ) - return( hash_setup( &operation->operation, alg ) ); + return( hash_setup( operation, alg ) ); else return( PSA_ERROR_NOT_SUPPORTED ); } @@ -679,9 +679,8 @@ psa_status_t mbedtls_transparent_test_driver_hash_clone( const mbedtls_transparent_test_driver_hash_operation_t *source_operation, mbedtls_transparent_test_driver_hash_operation_t *target_operation ) { - if( is_hash_accelerated( source_operation->operation.alg ) == PSA_SUCCESS ) - return( hash_clone( &source_operation->operation, - &target_operation->operation ) ); + if( is_hash_accelerated( source_operation->alg ) == PSA_SUCCESS ) + return( hash_clone( source_operation, target_operation ) ); else return( PSA_ERROR_BAD_STATE ); } @@ -691,9 +690,8 @@ psa_status_t mbedtls_transparent_test_driver_hash_update( const uint8_t *input, size_t input_length ) { - if( is_hash_accelerated( operation->operation.alg ) == PSA_SUCCESS ) - return( hash_update( &operation->operation, - input, input_length ) ); + if( is_hash_accelerated( operation->alg ) == PSA_SUCCESS ) + return( hash_update( operation, input, input_length ) ); else return( PSA_ERROR_BAD_STATE ); } @@ -704,9 +702,8 @@ psa_status_t mbedtls_transparent_test_driver_hash_finish( size_t hash_size, size_t *hash_length ) { - if( is_hash_accelerated( operation->operation.alg ) == PSA_SUCCESS ) - return( hash_finish( &operation->operation, - hash, hash_size, hash_length ) ); + if( is_hash_accelerated( operation->alg ) == PSA_SUCCESS ) + return( hash_finish( operation, hash, hash_size, hash_length ) ); else return( PSA_ERROR_BAD_STATE ); } @@ -714,7 +711,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_finish( psa_status_t mbedtls_transparent_test_driver_hash_abort( mbedtls_transparent_test_driver_hash_operation_t *operation ) { - return( hash_abort( &operation->operation ) ); + return( hash_abort( operation ) ); } #endif /* INCLUDE_HASH_TEST_DRIVER */ From fa952958a5452aa71eb27fa74f493ddd7e9b78ab Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Mon, 15 Mar 2021 12:16:25 +0100 Subject: [PATCH 24/30] Don't void actually used arguments Signed-off-by: Steven Cooreman --- library/psa_crypto_driver_wrappers.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index dea85c9e2..8041d2e67 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -1163,7 +1163,6 @@ psa_status_t psa_driver_wrapper_hash_clone( &target_operation->ctx.mbedtls_ctx ) ); #endif default: - (void) source_operation; (void) target_operation; return( PSA_ERROR_BAD_STATE ); } @@ -1188,7 +1187,6 @@ psa_status_t psa_driver_wrapper_hash_update( input, input_length ) ); #endif default: - (void) operation; (void) input; (void) input_length; return( PSA_ERROR_BAD_STATE ); @@ -1216,7 +1214,6 @@ psa_status_t psa_driver_wrapper_hash_finish( break; #endif default: - (void) operation; (void) hash; (void) hash_size; (void) hash_length; From 893232fbde0ea28b731079525dbccaac8306962a Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Mon, 15 Mar 2021 12:23:37 +0100 Subject: [PATCH 25/30] Ensure the full driver structure is zeroized at setup Signed-off-by: Steven Cooreman --- library/psa_crypto.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 14feabde0..b30cb4f6d 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2164,6 +2164,9 @@ psa_status_t psa_hash_setup( psa_hash_operation_t *operation, if( !PSA_ALG_IS_HASH( alg ) ) return( PSA_ERROR_INVALID_ARGUMENT ); + /* Ensure all of the context is zeroized, not just the dummy int */ + memset( &operation->ctx, 0, sizeof( operation->ctx ) ); + return( psa_driver_wrapper_hash_setup( operation, alg ) ); } From 5e4c18f6d9d38b3f74ec51aa75ec18c3539df2a1 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Mon, 15 Mar 2021 12:26:07 +0100 Subject: [PATCH 26/30] Reorder the driver wrapper switch-case content Reordered the cases to be in numeric order. Signed-off-by: Steven Cooreman --- library/psa_crypto_driver_wrappers.c | 41 ++++++++++++++-------------- 1 file changed, 20 insertions(+), 21 deletions(-) diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 8041d2e67..31d78c484 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -1149,18 +1149,18 @@ psa_status_t psa_driver_wrapper_hash_clone( { switch( source_operation->id ) { +#if defined(MBEDTLS_PSA_BUILTIN_HASH) + case PSA_CRYPTO_MBED_TLS_DRIVER_ID: + target_operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; + return( mbedtls_psa_hash_clone( &source_operation->ctx.mbedtls_ctx, + &target_operation->ctx.mbedtls_ctx ) ); +#endif #if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_HASH) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: target_operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; return( mbedtls_transparent_test_driver_hash_clone( &source_operation->ctx.test_driver_ctx, &target_operation->ctx.test_driver_ctx ) ); -#endif -#if defined(MBEDTLS_PSA_BUILTIN_HASH) - case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - target_operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; - return( mbedtls_psa_hash_clone( &source_operation->ctx.mbedtls_ctx, - &target_operation->ctx.mbedtls_ctx ) ); #endif default: (void) target_operation; @@ -1175,16 +1175,16 @@ psa_status_t psa_driver_wrapper_hash_update( { switch( operation->id ) { +#if defined(MBEDTLS_PSA_BUILTIN_HASH) + case PSA_CRYPTO_MBED_TLS_DRIVER_ID: + return( mbedtls_psa_hash_update( &operation->ctx.mbedtls_ctx, + input, input_length ) ); +#endif #if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_HASH) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: return( mbedtls_transparent_test_driver_hash_update( &operation->ctx.test_driver_ctx, input, input_length ) ); -#endif -#if defined(MBEDTLS_PSA_BUILTIN_HASH) - case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - return( mbedtls_psa_hash_update( &operation->ctx.mbedtls_ctx, - input, input_length ) ); #endif default: (void) input; @@ -1201,17 +1201,16 @@ psa_status_t psa_driver_wrapper_hash_finish( { switch( operation->id ) { +#if defined(MBEDTLS_PSA_BUILTIN_HASH) + case PSA_CRYPTO_MBED_TLS_DRIVER_ID: + return( mbedtls_psa_hash_finish( &operation->ctx.mbedtls_ctx, + hash, hash_size, hash_length ) ); +#endif #if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_HASH) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: return( mbedtls_transparent_test_driver_hash_finish( &operation->ctx.test_driver_ctx, hash, hash_size, hash_length ) ); -#endif -#if defined(MBEDTLS_PSA_BUILTIN_HASH) - case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - return( mbedtls_psa_hash_finish( &operation->ctx.mbedtls_ctx, - hash, hash_size, hash_length ) ); - break; #endif default: (void) hash; @@ -1226,14 +1225,14 @@ psa_status_t psa_driver_wrapper_hash_abort( { switch( operation->id ) { +#if defined(MBEDTLS_PSA_BUILTIN_HASH) + case PSA_CRYPTO_MBED_TLS_DRIVER_ID: + return( mbedtls_psa_hash_abort( &operation->ctx.mbedtls_ctx ) ); +#endif #if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_HASH) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: return( mbedtls_transparent_test_driver_hash_abort( &operation->ctx.test_driver_ctx ) ); -#endif -#if defined(MBEDTLS_PSA_BUILTIN_HASH) - case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - return( mbedtls_psa_hash_abort( &operation->ctx.mbedtls_ctx ) ); #endif default: return( PSA_ERROR_BAD_STATE ); From 61bb8fc693687c05c66eaafaf3c0ece217e84594 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Mon, 15 Mar 2021 12:32:48 +0100 Subject: [PATCH 27/30] remove superfluous calls to hash_abort The PSA Core is already calling psa_hash_abort, so the driver doesn't have to do that explicitly. Signed-off-by: Steven Cooreman --- library/psa_crypto_hash.c | 19 ++++++------------- 1 file changed, 6 insertions(+), 13 deletions(-) diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index bd9a1d7e5..432d8a0ca 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -422,8 +422,6 @@ static psa_status_t hash_update( return( PSA_ERROR_BAD_STATE ); } - if( ret != 0 ) - hash_abort( operation ); return( mbedtls_to_psa_error( ret ) ); } @@ -507,15 +505,8 @@ static psa_status_t hash_finish( exit: if( status == PSA_SUCCESS ) - { *hash_length = actual_hash_length; - return( hash_abort( operation ) ); - } - else - { - hash_abort( operation ); - return( status ); - } + return( status ); } static psa_status_t hash_compute( @@ -528,6 +519,7 @@ static psa_status_t hash_compute( { mbedtls_psa_hash_operation_t operation = MBEDTLS_PSA_HASH_OPERATION_INIT; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED; *hash_length = hash_size; status = hash_setup( &operation, alg ); @@ -541,11 +533,12 @@ static psa_status_t hash_compute( goto exit; exit: + abort_status = hash_abort( &operation ); if( status == PSA_SUCCESS ) - status = hash_abort( &operation ); + return( abort_status ); else - hash_abort( &operation ); - return( status ); + return( status ); + } #endif /* INCLUDE_HASH_CORE */ From aa87fd0012ea7ed838f70f3c19e1a58a34ee6e27 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Mon, 15 Mar 2021 18:54:03 +0100 Subject: [PATCH 28/30] Make driver IDs always visible Signed-off-by: Steven Cooreman --- library/psa_crypto_driver_wrappers.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 31d78c484..89452dada 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -39,6 +39,7 @@ #endif /* PSA_CRYPTO_DRIVER_TEST */ /* Repeat above block for each JSON-declared driver during autogeneration */ +#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */ /* Auto-generated values depending on which drivers are registered. * ID 0 is reserved for unallocated operations. @@ -49,7 +50,6 @@ #define PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID (2) #define PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID (3) #endif /* PSA_CRYPTO_DRIVER_TEST */ -#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */ /* Support the 'old' SE interface when asked to */ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) From b6bf4bbf957a5b78a795cbfdcb8fc3aec34e271b Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Mon, 15 Mar 2021 19:00:14 +0100 Subject: [PATCH 29/30] Clear up language on zeroizing driver context at setup Signed-off-by: Steven Cooreman --- library/psa_crypto.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b30cb4f6d..8c61cb968 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2164,7 +2164,8 @@ psa_status_t psa_hash_setup( psa_hash_operation_t *operation, if( !PSA_ALG_IS_HASH( alg ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - /* Ensure all of the context is zeroized, not just the dummy int */ + /* Ensure all of the context is zeroized, since PSA_HASH_OPERATION_INIT only + * directly zeroes the int-sized dummy member of the context union. */ memset( &operation->ctx, 0, sizeof( operation->ctx ) ); return( psa_driver_wrapper_hash_setup( operation, alg ) ); From f8e45a4e980b98cc761e788016cfdc655dc6e79d Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Tue, 16 Mar 2021 11:07:55 +0100 Subject: [PATCH 30/30] Simplify compilation guards around hash driver testing The hash driver entry points (and consequentially the hash driver core) are now always compiled on when PSA_CRYPTO_DRIVER_TEST is turned on. Signed-off-by: Steven Cooreman --- include/psa/crypto_builtin_hash.h | 12 ------------ library/psa_crypto_driver_wrappers.c | 12 ++++++------ library/psa_crypto_hash.c | 23 ++++------------------- 3 files changed, 10 insertions(+), 37 deletions(-) diff --git a/include/psa/crypto_builtin_hash.h b/include/psa/crypto_builtin_hash.h index b0332d659..64323bf0e 100644 --- a/include/psa/crypto_builtin_hash.h +++ b/include/psa/crypto_builtin_hash.h @@ -43,18 +43,6 @@ #define MBEDTLS_PSA_BUILTIN_HASH #endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_MD2) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_MD4) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_MD5) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) -#define MBEDTLS_PSA_ACCEL_HASH -#endif - typedef struct { psa_algorithm_t alg; diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 89452dada..6c94472f8 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -1085,7 +1085,7 @@ psa_status_t psa_driver_wrapper_hash_compute( psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; /* Try accelerators first */ -#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_HASH) +#if defined(PSA_CRYPTO_DRIVER_TEST) status = mbedtls_transparent_test_driver_hash_compute( alg, input, input_length, hash, hash_size, hash_length ); if( status != PSA_ERROR_NOT_SUPPORTED ) @@ -1117,7 +1117,7 @@ psa_status_t psa_driver_wrapper_hash_setup( psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; /* Try setup on accelerators first */ -#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_HASH) +#if defined(PSA_CRYPTO_DRIVER_TEST) status = mbedtls_transparent_test_driver_hash_setup( &operation->ctx.test_driver_ctx, alg ); if( status == PSA_SUCCESS ) @@ -1155,7 +1155,7 @@ psa_status_t psa_driver_wrapper_hash_clone( return( mbedtls_psa_hash_clone( &source_operation->ctx.mbedtls_ctx, &target_operation->ctx.mbedtls_ctx ) ); #endif -#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_HASH) +#if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: target_operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; return( mbedtls_transparent_test_driver_hash_clone( @@ -1180,7 +1180,7 @@ psa_status_t psa_driver_wrapper_hash_update( return( mbedtls_psa_hash_update( &operation->ctx.mbedtls_ctx, input, input_length ) ); #endif -#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_HASH) +#if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: return( mbedtls_transparent_test_driver_hash_update( &operation->ctx.test_driver_ctx, @@ -1206,7 +1206,7 @@ psa_status_t psa_driver_wrapper_hash_finish( return( mbedtls_psa_hash_finish( &operation->ctx.mbedtls_ctx, hash, hash_size, hash_length ) ); #endif -#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_HASH) +#if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: return( mbedtls_transparent_test_driver_hash_finish( &operation->ctx.test_driver_ctx, @@ -1229,7 +1229,7 @@ psa_status_t psa_driver_wrapper_hash_abort( case PSA_CRYPTO_MBED_TLS_DRIVER_ID: return( mbedtls_psa_hash_abort( &operation->ctx.mbedtls_ctx ) ); #endif -#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_HASH) +#if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: return( mbedtls_transparent_test_driver_hash_abort( &operation->ctx.test_driver_ctx ) ); diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index 432d8a0ca..75521007f 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -68,21 +68,6 @@ #define BUILTIN_ALG_SHA_512 1 #endif -/* If at least one of the hash algorithms is to be exercised through the - * transparent test driver, then the mbedtls_transparent_test_driver_hash_* - * entry points need to be implemented. */ -#if defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_ACCEL_HASH) -#define INCLUDE_HASH_TEST_DRIVER -#endif - -/* If either of the built-in or test driver entry points need to be implemented, then - * the core implementation should be present. */ -#if defined(MBEDTLS_PSA_BUILTIN_HASH) || \ - defined(INCLUDE_HASH_TEST_DRIVER) -#define INCLUDE_HASH_CORE 1 -#endif - #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \ @@ -138,7 +123,7 @@ const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ) /* Implement the PSA driver hash interface on top of mbed TLS if either the * software driver or the test driver requires it. */ -#if defined(INCLUDE_HASH_CORE) +#if defined(MBEDTLS_PSA_BUILTIN_HASH) || defined(PSA_CRYPTO_DRIVER_TEST) static psa_status_t hash_abort( mbedtls_psa_hash_operation_t *operation ) { @@ -540,7 +525,7 @@ exit: return( status ); } -#endif /* INCLUDE_HASH_CORE */ +#endif /* MBEDTLS_PSA_BUILTIN_HASH || PSA_CRYPTO_DRIVER_TEST */ #if defined(MBEDTLS_PSA_BUILTIN_HASH) psa_status_t mbedtls_psa_hash_compute( @@ -596,7 +581,7 @@ psa_status_t mbedtls_psa_hash_abort( /* * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. */ -#if defined(INCLUDE_HASH_TEST_DRIVER) +#if defined(PSA_CRYPTO_DRIVER_TEST) psa_status_t is_hash_accelerated( psa_algorithm_t alg ) { @@ -707,6 +692,6 @@ psa_status_t mbedtls_transparent_test_driver_hash_abort( return( hash_abort( operation ) ); } -#endif /* INCLUDE_HASH_TEST_DRIVER */ +#endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* MBEDTLS_PSA_CRYPTO_C */