diff --git a/features/mbedtls/mbed-crypto/VERSION.txt b/features/mbedtls/mbed-crypto/VERSION.txt index 605916325f..07ad87f46e 100644 --- a/features/mbedtls/mbed-crypto/VERSION.txt +++ b/features/mbedtls/mbed-crypto/VERSION.txt @@ -1 +1 @@ -mbedcrypto-1.0.0d1 +mbedcrypto-1.0.0d2 diff --git a/features/mbedtls/mbed-crypto/importer/Makefile b/features/mbedtls/mbed-crypto/importer/Makefile index 6daef790f4..b121c28182 100644 --- a/features/mbedtls/mbed-crypto/importer/Makefile +++ b/features/mbedtls/mbed-crypto/importer/Makefile @@ -29,7 +29,7 @@ # Set the Mbed Crypto release to import (this can/should be edited before # import) -CRYPTO_RELEASE ?= mbedcrypto-1.0.0d1 +CRYPTO_RELEASE ?= mbedcrypto-1.0.0d2 CRYPTO_REPO_URL ?= git@github.com:ARMmbed/mbed-crypto.git # Translate between Mbed Crypto namespace and Mbed OS namespace diff --git a/features/mbedtls/mbed-crypto/inc/psa/crypto_values.h b/features/mbedtls/mbed-crypto/inc/psa/crypto_values.h index 4d25835be5..acf856dd1b 100644 --- a/features/mbedtls/mbed-crypto/inc/psa/crypto_values.h +++ b/features/mbedtls/mbed-crypto/inc/psa/crypto_values.h @@ -641,6 +641,7 @@ (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_SELECTION) #define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff) + #define PSA_ALG_MD2 ((psa_algorithm_t)0x01000001) #define PSA_ALG_MD4 ((psa_algorithm_t)0x01000002) #define PSA_ALG_MD5 ((psa_algorithm_t)0x01000003) @@ -667,6 +668,44 @@ /** SHA3-512 */ #define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x01000013) +/** In a hash-and-sign algorithm policy, allow any hash algorithm. + * + * This value may be used to form the algorithm usage field of a policy + * for a signature algorithm that is parametrized by a hash. The key + * may then be used to perform operations using the same signature + * algorithm parametrized with any supported hash. + * + * That is, suppose that `PSA_xxx_SIGNATURE` is one of the following macros: + * - #PSA_ALG_RSA_PKCS1V15_SIGN, #PSA_ALG_RSA_PSS, + * - #PSA_ALG_DSA, #PSA_ALG_DETERMINISTIC_DSA, + * - #PSA_ALG_ECDSA, #PSA_ALG_DETERMINISTIC_ECDSA. + * Then you may create and use a key as follows: + * - Set the key usage field using #PSA_ALG_ANY_HASH, for example: + * ``` + * psa_key_policy_set_usage(&policy, + * PSA_KEY_USAGE_SIGN, //or PSA_KEY_USAGE_VERIFY + * PSA_xxx_SIGNATURE(PSA_ALG_ANY_HASH)); + * psa_set_key_policy(handle, &policy); + * ``` + * - Import or generate key material. + * - Call psa_asymmetric_sign() or psa_asymmetric_verify(), passing + * an algorithm built from `PSA_xxx_SIGNATURE` and a specific hash. Each + * call to sign or verify a message may use a different hash. + * ``` + * psa_asymmetric_sign(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA_256), ...); + * psa_asymmetric_sign(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA_512), ...); + * psa_asymmetric_sign(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA3_256), ...); + * ``` + * + * This value may not be used to build other algorithms that are + * parametrized over a hash. For any valid use of this macro to build + * an algorithm `\p alg`, #PSA_ALG_IS_HASH_AND_SIGN(\p alg) is true. + * + * This value may not be used to build an algorithm specification to + * perform an operation. It is only valid to build policies. + */ +#define PSA_ALG_ANY_HASH ((psa_algorithm_t)0x010000ff) + #define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000) #define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x02800000) /** Macro to build an HMAC algorithm. @@ -914,6 +953,8 @@ * * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * This includes #PSA_ALG_ANY_HASH + * when specifying the algorithm in a usage policy. * * \return The corresponding RSA PKCS#1 v1.5 signature algorithm. * \return Unspecified if \p alg is not a supported @@ -943,6 +984,8 @@ * * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * This includes #PSA_ALG_ANY_HASH + * when specifying the algorithm in a usage policy. * * \return The corresponding RSA PSS signature algorithm. * \return Unspecified if \p alg is not a supported @@ -961,6 +1004,8 @@ * * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * This includes #PSA_ALG_ANY_HASH + * when specifying the algorithm in a usage policy. * * \return The corresponding DSA signature algorithm. * \return Unspecified if \p alg is not a supported @@ -996,6 +1041,8 @@ * * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * This includes #PSA_ALG_ANY_HASH + * when specifying the algorithm in a usage policy. * * \return The corresponding ECDSA signature algorithm. * \return Unspecified if \p alg is not a supported @@ -1028,6 +1075,8 @@ * * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_HASH(\p hash_alg) is true). + * This includes #PSA_ALG_ANY_HASH + * when specifying the algorithm in a usage policy. * * \return The corresponding deterministic ECDSA signature * algorithm. @@ -1046,6 +1095,23 @@ #define PSA_ALG_IS_RANDOMIZED_ECDSA(alg) \ (PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)) +/** Whether the specified algorithm is a hash-and-sign algorithm. + * + * Hash-and-sign algorithms are public-key signature algorithms structured + * in two parts: first the calculation of a hash in a way that does not + * depend on the key, then the calculation of a signature from the + * hash value and the key. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a hash-and-sign algorithm, 0 otherwise. + * This macro may return either 0 or 1 if \p alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_HASH_AND_SIGN(alg) \ + (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \ + PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg)) + /** Get the hash used by a hash-and-sign signature algorithm. * * A hash-and-sign algorithm is a signature algorithm which is @@ -1065,8 +1131,7 @@ * if it is not supported by the implementation. */ #define PSA_ALG_SIGN_GET_HASH(alg) \ - (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \ - PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg) ? \ + (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \ ((alg) & PSA_ALG_HASH_MASK) == 0 ? /*"raw" algorithm*/ 0 : \ ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \ 0) @@ -1325,6 +1390,24 @@ #define PSA_ALG_IS_ECDH(alg) \ (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_ECDH_BASE) +/** Whether the specified algorithm encoding is a wildcard. + * + * Wildcard values may only be used to set the usage algorithm field in + * a policy, not to perform an operation. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \c alg is a wildcard algorithm encoding. + * \return 0 if \c alg is a non-wildcard algorithm encoding (suitable for + * an operation). + * \return This macro may return either 0 or 1 if \c alg is not a supported + * algorithm identifier. + */ +#define PSA_ALG_IS_WILDCARD(alg) \ + (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \ + PSA_ALG_SIGN_GET_HASH(alg) == PSA_ALG_ANY_HASH : \ + (alg) == PSA_ALG_ANY_HASH) + /**@}*/ /** \defgroup key_lifetimes Key lifetimes diff --git a/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto.c b/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto.c index 58e82fa2e5..7fb1adb295 100644 --- a/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto.c +++ b/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto.c @@ -93,7 +93,7 @@ #include "mbedtls/xtea.h" #if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) ) -#include "psa_prot_internal_storage.h" +#include "psa/internal_trusted_storage.h" #endif #define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) ) @@ -748,6 +748,29 @@ static psa_status_t psa_get_empty_key_slot( psa_key_handle_t handle, return( status ); } +/** Test whether a policy permits an algorithm. + * + * The caller must test usage flags separately. + */ +static int psa_key_policy_permits( const psa_key_policy_t *policy, + psa_algorithm_t alg ) +{ + /* Common case: the policy only allows alg. */ + if( alg == policy->alg ) + return( 1 ); + /* If policy->alg is a hash-and-sign with a wildcard for the hash, + * and alg is the same hash-and-sign family with any hash, + * then alg is compliant with policy->alg. */ + if( PSA_ALG_IS_HASH_AND_SIGN( alg ) && + PSA_ALG_SIGN_GET_HASH( policy->alg ) == PSA_ALG_ANY_HASH ) + { + return( ( policy->alg & ~PSA_ALG_HASH_MASK ) == + ( alg & ~PSA_ALG_HASH_MASK ) ); + } + /* If it isn't permitted, it's forbidden. */ + return( 0 ); +} + /** Retrieve a slot which must contain a key. The key must have allow all the * usage flags set in \p usage. If \p alg is nonzero, the key must allow * operations with this algorithm. */ @@ -775,7 +798,9 @@ static psa_status_t psa_get_key_from_slot( psa_key_handle_t handle, usage &= ~PSA_KEY_USAGE_EXPORT; if( ( slot->policy.usage & usage ) != usage ) return( PSA_ERROR_NOT_PERMITTED ); - if( alg != 0 && ( alg != slot->policy.alg ) ) + + /* Enforce that the usage policy permits the requested algortihm. */ + if( alg != 0 && ! psa_key_policy_permits( &slot->policy, alg ) ) return( PSA_ERROR_NOT_PERMITTED ); *p_slot = slot; @@ -4264,7 +4289,7 @@ static psa_status_t its_to_psa_error( psa_its_status_t ret ) case PSA_ITS_SUCCESS: return( PSA_SUCCESS ); - case PSA_ITS_ERROR_KEY_NOT_FOUND: + case PSA_ITS_ERROR_UID_NOT_FOUND: return( PSA_ERROR_EMPTY_SLOT ); case PSA_ITS_ERROR_STORAGE_FAILURE: @@ -4273,10 +4298,9 @@ static psa_status_t its_to_psa_error( psa_its_status_t ret ) case PSA_ITS_ERROR_INSUFFICIENT_SPACE: return( PSA_ERROR_INSUFFICIENT_STORAGE ); - case PSA_ITS_ERROR_INVALID_KEY: case PSA_ITS_ERROR_OFFSET_INVALID: case PSA_ITS_ERROR_INCORRECT_SIZE: - case PSA_ITS_ERROR_BAD_POINTER: + case PSA_ITS_ERROR_INVALID_ARGUMENTS: return( PSA_ERROR_INVALID_ARGUMENT ); case PSA_ITS_ERROR_FLAGS_NOT_SUPPORTED: @@ -4307,7 +4331,7 @@ psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed, its_status = psa_its_get_info( PSA_CRYPTO_ITS_RANDOM_SEED_UID, &p_info ); status = its_to_psa_error( its_status ); - if( PSA_ITS_ERROR_KEY_NOT_FOUND == its_status ) /* No seed exists */ + if( PSA_ITS_ERROR_UID_NOT_FOUND == its_status ) /* No seed exists */ { its_status = psa_its_set( PSA_CRYPTO_ITS_RANDOM_SEED_UID, seed_size, seed, 0 ); status = its_to_psa_error( its_status ); diff --git a/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_storage_its.c b/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_storage_its.c index d53467a1aa..1873c69ccb 100644 --- a/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_storage_its.c +++ b/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_storage_its.c @@ -29,7 +29,7 @@ #include "psa/crypto.h" #include "psa_crypto_storage_backend.h" -#include "psa_prot_internal_storage.h" +#include "psa/internal_trusted_storage.h" #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" @@ -42,7 +42,7 @@ static psa_status_t its_to_psa_error( psa_its_status_t ret ) case PSA_ITS_SUCCESS: return( PSA_SUCCESS ); - case PSA_ITS_ERROR_KEY_NOT_FOUND: + case PSA_ITS_ERROR_UID_NOT_FOUND: return( PSA_ERROR_EMPTY_SLOT ); case PSA_ITS_ERROR_STORAGE_FAILURE: @@ -51,10 +51,9 @@ static psa_status_t its_to_psa_error( psa_its_status_t ret ) case PSA_ITS_ERROR_INSUFFICIENT_SPACE: return( PSA_ERROR_INSUFFICIENT_STORAGE ); - case PSA_ITS_ERROR_INVALID_KEY: case PSA_ITS_ERROR_OFFSET_INVALID: case PSA_ITS_ERROR_INCORRECT_SIZE: - case PSA_ITS_ERROR_BAD_POINTER: + case PSA_ITS_ERROR_INVALID_ARGUMENTS: return( PSA_ERROR_INVALID_ARGUMENT ); case PSA_ITS_ERROR_FLAGS_NOT_SUPPORTED: @@ -68,7 +67,7 @@ static psa_status_t its_to_psa_error( psa_its_status_t ret ) } } -static uint32_t psa_its_identifier_of_slot( psa_key_id_t key ) +static psa_its_uid_t psa_its_identifier_of_slot( psa_key_id_t key ) { return( key ); } @@ -78,7 +77,7 @@ psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data, { psa_its_status_t ret; psa_status_t status; - uint32_t data_identifier = psa_its_identifier_of_slot( key ); + psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key ); struct psa_its_info_t data_identifier_info; ret = psa_its_get_info( data_identifier, &data_identifier_info ); @@ -95,12 +94,12 @@ psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data, int psa_is_key_present_in_storage( const psa_key_id_t key ) { psa_its_status_t ret; - uint32_t data_identifier = psa_its_identifier_of_slot( key ); + psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key ); struct psa_its_info_t data_identifier_info; ret = psa_its_get_info( data_identifier, &data_identifier_info ); - if( ret == PSA_ITS_ERROR_KEY_NOT_FOUND ) + if( ret == PSA_ITS_ERROR_UID_NOT_FOUND ) return( 0 ); return( 1 ); } @@ -111,7 +110,7 @@ psa_status_t psa_crypto_storage_store( const psa_key_id_t key, { psa_its_status_t ret; psa_status_t status; - uint32_t data_identifier = psa_its_identifier_of_slot( key ); + psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key ); struct psa_its_info_t data_identifier_info; if( psa_is_key_present_in_storage( key ) == 1 ) @@ -146,18 +145,18 @@ exit: psa_status_t psa_destroy_persistent_key( const psa_key_id_t key ) { psa_its_status_t ret; - uint32_t data_identifier = psa_its_identifier_of_slot( key ); + psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key ); struct psa_its_info_t data_identifier_info; ret = psa_its_get_info( data_identifier, &data_identifier_info ); - if( ret == PSA_ITS_ERROR_KEY_NOT_FOUND ) + if( ret == PSA_ITS_ERROR_UID_NOT_FOUND ) return( PSA_SUCCESS ); if( psa_its_remove( data_identifier ) != PSA_ITS_SUCCESS ) return( PSA_ERROR_STORAGE_FAILURE ); ret = psa_its_get_info( data_identifier, &data_identifier_info ); - if( ret != PSA_ITS_ERROR_KEY_NOT_FOUND ) + if( ret != PSA_ITS_ERROR_UID_NOT_FOUND ) return( PSA_ERROR_STORAGE_FAILURE ); return( PSA_SUCCESS ); @@ -168,7 +167,7 @@ psa_status_t psa_crypto_storage_get_data_length( const psa_key_id_t key, { psa_its_status_t ret; psa_status_t status; - uint32_t data_identifier = psa_its_identifier_of_slot( key ); + psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key ); struct psa_its_info_t data_identifier_info; ret = psa_its_get_info( data_identifier, &data_identifier_info );