-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add PSA interruptible key agreement APIs #9490
Merged
yanesca
merged 22 commits into
Mbed-TLS:development
from
waleed-elmelegy-arm:add-iop-key-agrmnt-api
Nov 11, 2024
Merged
Changes from all commits
Commits
Show all changes
22 commits
Select commit
Hold shift + click to select a range
a2891a9
Add PSA interuptable key agreement APIs
waleed-elmelegy-arm a7fc0a6
Add PSA interruptible key agreement tests
waleed-elmelegy-arm 96a5c01
Add changelog entry for interuptible psa key agreement APIs
waleed-elmelegy-arm 4cef20d
Fix everest build issue
waleed-elmelegy-arm 26136ec
Improve interruptible key agreement implementation
waleed-elmelegy-arm 57fb2a6
Refactor interuptible key agreement testing helper function
waleed-elmelegy-arm 93be7a1
Refactor PSA key agreement API implementation
waleed-elmelegy-arm 3783aca
Improve key agreement iop basic testing
waleed-elmelegy-arm d610d18
Fix codestyle in psa iop key agreement driver wrapper APIs
waleed-elmelegy-arm fa4eb35
Improve psa iop key agreement changelog message
waleed-elmelegy-arm a98aeaf
Fix iop key agreement struct initilaization error on some platforms
waleed-elmelegy-arm 8422138
Fix possible error in initalizing key agreement iop struct
waleed-elmelegy-arm 86e518b
Remove interuptible key agreement driver interface
waleed-elmelegy-arm 18df1c5
Refactor and improve interuptible key agreement builtin implementation
waleed-elmelegy-arm cd721b9
Add a common key agreement parameter validation function across iop a…
waleed-elmelegy-arm 280e225
Add small fixes to iop key agreement APIs
waleed-elmelegy-arm f840b3a
Add compile time initilaizers to ECDH and bignum structs
waleed-elmelegy-arm e980fbe
Fix codestyle in ECDH compile time initilaizers
waleed-elmelegy-arm 97041ed
Fix Documentation issue in mbedtls_psa_key_agreement_iop_setup()
waleed-elmelegy-arm a4d0fd1
Fix a typo and a mistake in ECDH conext compile time initalizer
waleed-elmelegy-arm 7817da0
Improve and fix compile initializers for ECDH/ECP
waleed-elmelegy-arm 947afa0
Remove designated initializers from ECDH compile time initializers
waleed-elmelegy-arm File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
Features | ||
* Add an interruptible version of key agreement to the PSA interface. | ||
See psa_key_agreement_iop_setup() and related functions. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,6 @@ | ||
set(libs | ||
${mbedtls_target} | ||
${everest_target} | ||
${CMAKE_THREAD_LIBS_INIT} | ||
) | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -7732,6 +7732,24 @@ psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, | |
return (status == PSA_SUCCESS) ? unlock_status : status; | ||
} | ||
|
||
static psa_status_t validate_key_agreement_params(const psa_key_attributes_t *attributes, | ||
psa_algorithm_t alg) | ||
{ | ||
psa_key_type_t key_type; | ||
|
||
if (!PSA_ALG_IS_RAW_KEY_AGREEMENT(alg)) { | ||
return PSA_ERROR_INVALID_ARGUMENT; | ||
} | ||
|
||
key_type = psa_get_key_type(attributes); | ||
if (key_type != PSA_KEY_TYPE_DERIVE && key_type != PSA_KEY_TYPE_RAW_DATA | ||
&& key_type != PSA_KEY_TYPE_HMAC && key_type != PSA_KEY_TYPE_PASSWORD) { | ||
return PSA_ERROR_INVALID_ARGUMENT; | ||
} | ||
|
||
return PSA_SUCCESS; | ||
} | ||
|
||
psa_status_t psa_key_agreement(mbedtls_svc_key_id_t private_key, | ||
const uint8_t *peer_key, | ||
size_t peer_key_length, | ||
|
@@ -7742,14 +7760,12 @@ psa_status_t psa_key_agreement(mbedtls_svc_key_id_t private_key, | |
psa_status_t status; | ||
uint8_t shared_secret[PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE]; | ||
size_t shared_secret_len; | ||
psa_key_type_t key_type; | ||
|
||
*key = MBEDTLS_SVC_KEY_ID_INIT; | ||
|
||
key_type = psa_get_key_type(attributes); | ||
if (key_type != PSA_KEY_TYPE_DERIVE && key_type != PSA_KEY_TYPE_RAW_DATA | ||
&& key_type != PSA_KEY_TYPE_HMAC && key_type != PSA_KEY_TYPE_PASSWORD) { | ||
return PSA_ERROR_INVALID_ARGUMENT; | ||
status = validate_key_agreement_params(attributes, alg); | ||
if (status != PSA_SUCCESS) { | ||
return status; | ||
} | ||
|
||
status = psa_raw_key_agreement(alg, private_key, peer_key, peer_key_length, shared_secret, | ||
|
@@ -7764,6 +7780,161 @@ psa_status_t psa_key_agreement(mbedtls_svc_key_id_t private_key, | |
return status; | ||
} | ||
|
||
#if defined(MBEDTLS_ECP_RESTARTABLE) && \ | ||
defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) | ||
|
||
static psa_status_t psa_key_agreement_iop_abort_internal(psa_key_agreement_iop_t *operation) | ||
{ | ||
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; | ||
|
||
if (operation->id == 0) { | ||
return PSA_SUCCESS; | ||
} | ||
|
||
status = mbedtls_psa_key_agreement_iop_abort(&operation->mbedtls_ctx); | ||
|
||
operation->id = 0; | ||
|
||
return status; | ||
} | ||
#endif | ||
|
||
uint32_t psa_key_agreement_iop_get_num_ops( | ||
psa_key_agreement_iop_t *operation) | ||
{ | ||
#if defined(MBEDTLS_ECP_RESTARTABLE) && \ | ||
defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) | ||
return operation->num_ops; | ||
#else | ||
(void) operation; | ||
return 0; | ||
#endif | ||
} | ||
|
||
psa_status_t psa_key_agreement_iop_setup( | ||
psa_key_agreement_iop_t *operation, | ||
mbedtls_svc_key_id_t private_key, | ||
const uint8_t *peer_key, | ||
size_t peer_key_length, | ||
psa_algorithm_t alg, | ||
const psa_key_attributes_t *attributes) | ||
{ | ||
#if defined(MBEDTLS_ECP_RESTARTABLE) && \ | ||
defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) | ||
gilles-peskine-arm marked this conversation as resolved.
Show resolved
Hide resolved
|
||
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; | ||
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; | ||
psa_key_slot_t *slot = NULL; | ||
|
||
if (operation->id != 0 || operation->error_occurred) { | ||
return PSA_ERROR_BAD_STATE; | ||
} | ||
|
||
status = validate_key_agreement_params(attributes, alg); | ||
if (status != PSA_SUCCESS) { | ||
operation->error_occurred = 1; | ||
return status; | ||
} | ||
|
||
status = psa_get_and_lock_transparent_key_slot_with_policy( | ||
private_key, &slot, PSA_KEY_USAGE_DERIVE, alg); | ||
if (status != PSA_SUCCESS) { | ||
goto exit; | ||
} | ||
|
||
operation->attributes = *attributes; | ||
|
||
operation->num_ops = 0; | ||
|
||
/* To be removed later when driver dispatch is added. */ | ||
operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; | ||
|
||
status = mbedtls_psa_key_agreement_iop_setup(&operation->mbedtls_ctx, | ||
&slot->attr, slot->key.data, | ||
slot->key.bytes, peer_key, | ||
peer_key_length); | ||
|
||
operation->num_ops = mbedtls_psa_key_agreement_iop_get_num_ops(&operation->mbedtls_ctx); | ||
|
||
exit: | ||
unlock_status = psa_unregister_read_under_mutex(slot); | ||
if (status != PSA_SUCCESS) { | ||
operation->error_occurred = 1; | ||
gilles-peskine-arm marked this conversation as resolved.
Show resolved
Hide resolved
|
||
psa_key_agreement_iop_abort_internal(operation); | ||
return status; | ||
} | ||
if (unlock_status != PSA_SUCCESS) { | ||
operation->error_occurred = 1; | ||
} | ||
return unlock_status; | ||
gilles-peskine-arm marked this conversation as resolved.
Show resolved
Hide resolved
|
||
#else | ||
(void) operation; | ||
(void) private_key; | ||
(void) peer_key; | ||
(void) peer_key_length; | ||
(void) alg; | ||
(void) attributes; | ||
return PSA_ERROR_NOT_SUPPORTED; | ||
#endif | ||
} | ||
|
||
psa_status_t psa_key_agreement_iop_complete( | ||
psa_key_agreement_iop_t *operation, | ||
mbedtls_svc_key_id_t *key) | ||
{ | ||
#if defined(MBEDTLS_ECP_RESTARTABLE) && \ | ||
defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) | ||
|
||
if (operation->id == 0 || operation->error_occurred) { | ||
return PSA_ERROR_BAD_STATE; | ||
} | ||
|
||
psa_status_t status; | ||
uint8_t intermediate_key[PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE]; | ||
size_t key_len = 0; | ||
|
||
status = mbedtls_psa_key_agreement_iop_complete(&operation->mbedtls_ctx, intermediate_key, | ||
sizeof(intermediate_key), | ||
&key_len); | ||
|
||
operation->num_ops = mbedtls_psa_key_agreement_iop_get_num_ops(&operation->mbedtls_ctx); | ||
|
||
if (status == PSA_SUCCESS) { | ||
status = psa_import_key(&operation->attributes, intermediate_key, | ||
key_len, key); | ||
} | ||
|
||
if (status != PSA_SUCCESS && status != PSA_OPERATION_INCOMPLETE) { | ||
operation->error_occurred = 1; | ||
gilles-peskine-arm marked this conversation as resolved.
Show resolved
Hide resolved
|
||
psa_key_agreement_iop_abort_internal(operation); | ||
} | ||
mbedtls_platform_zeroize(intermediate_key, sizeof(intermediate_key)); | ||
return status; | ||
#else | ||
(void) operation; | ||
(void) key; | ||
return PSA_ERROR_BAD_STATE; | ||
#endif | ||
} | ||
|
||
psa_status_t psa_key_agreement_iop_abort( | ||
psa_key_agreement_iop_t *operation) | ||
{ | ||
#if defined(MBEDTLS_ECP_RESTARTABLE) && \ | ||
defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) | ||
psa_status_t status; | ||
|
||
status = psa_key_agreement_iop_abort_internal(operation); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. If |
||
|
||
operation->num_ops = 0; | ||
operation->error_occurred = 0; | ||
|
||
return status; | ||
#else | ||
(void) operation; | ||
return PSA_SUCCESS; | ||
#endif | ||
} | ||
|
||
/****************************************************************/ | ||
/* Random generation */ | ||
/****************************************************************/ | ||
|
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Many users don't care about interruptible operations and don't want to pay for the code size. This is a preexisting issue with signature. For new interruptible code we should do it right from the start, it's easier than fixing it later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As agreed, we will do this later, further discussion on this in #7029