From fdc57f88cfbc83c55a0faea4e91d760ad092b096 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 20 Feb 2019 16:49:32 +0000 Subject: [PATCH] crypto: Update to Mbed Crypto 1.0.0d4 --- features/mbedtls/mbed-crypto/VERSION.txt | 2 +- .../mbedtls/mbed-crypto/importer/Makefile | 2 +- features/mbedtls/mbed-crypto/inc/psa/crypto.h | 41 +++++++++----- .../mbed-crypto/inc/psa/crypto_platform.h | 49 ++++++++++++++++ .../mbed-crypto/inc/psa/crypto_types.h | 7 +++ .../COMPONENT_PSA_SRV_IMPL/psa_crypto.c | 49 +++++++++------- .../COMPONENT_PSA_SRV_IMPL/psa_crypto_core.h | 2 +- .../psa_crypto_service_integration.h | 40 +++++++++++++ .../psa_crypto_slot_management.c | 56 ++++++++++--------- .../psa_crypto_storage.c | 5 +- .../psa_crypto_storage.h | 8 +-- .../psa_crypto_storage_backend.h | 8 +-- .../psa_crypto_storage_file.c | 12 ++-- .../psa_crypto_storage_its.c | 34 ++++++++--- 14 files changed, 231 insertions(+), 84 deletions(-) create mode 100644 features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_service_integration.h diff --git a/features/mbedtls/mbed-crypto/VERSION.txt b/features/mbedtls/mbed-crypto/VERSION.txt index 7055c32916..17d6b30a1b 100644 --- a/features/mbedtls/mbed-crypto/VERSION.txt +++ b/features/mbedtls/mbed-crypto/VERSION.txt @@ -1 +1 @@ -mbedcrypto-1.0.0d3 +mbedcrypto-1.0.0d4 diff --git a/features/mbedtls/mbed-crypto/importer/Makefile b/features/mbedtls/mbed-crypto/importer/Makefile index c3739fd08a..385d33d7a7 100644 --- a/features/mbedtls/mbed-crypto/importer/Makefile +++ b/features/mbedtls/mbed-crypto/importer/Makefile @@ -29,7 +29,7 @@ # Set the Mbed Crypto release to import (this can/should be edited before # import) -CRYPTO_RELEASE ?= mbedcrypto-1.0.0d3 +CRYPTO_RELEASE ?= mbedcrypto-1.0.0d4 CRYPTO_REPO_URL ?= git@github.com:ARMmbed/mbed-crypto.git # Translate between Mbed Crypto namespace and Mbed OS namespace diff --git a/features/mbedtls/mbed-crypto/inc/psa/crypto.h b/features/mbedtls/mbed-crypto/inc/psa/crypto.h index 25c3cb4dbd..b62788b492 100644 --- a/features/mbedtls/mbed-crypto/inc/psa/crypto.h +++ b/features/mbedtls/mbed-crypto/inc/psa/crypto.h @@ -782,7 +782,7 @@ typedef struct psa_hash_operation_s psa_hash_operation_t; */ static psa_hash_operation_t psa_hash_operation_init(void); -/** Start a multipart hash operation. +/** Set up a multipart hash operation. * * The sequence of operations to calculate a hash (message digest) * is as follows: @@ -816,6 +816,9 @@ static psa_hash_operation_t psa_hash_operation_init(void); * Success. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a hash algorithm. + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (already set up and not + * subsequently completed). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -837,7 +840,7 @@ psa_status_t psa_hash_setup(psa_hash_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, or already completed). + * The operation state is not valid (not set up, or already completed). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -874,7 +877,7 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, or already completed). + * The operation state is not valid (not set up, or already completed). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p hash buffer is too small. You can determine a * sufficient buffer size by calling #PSA_HASH_SIZE(\c alg) @@ -914,7 +917,7 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation, * The hash of the message was calculated successfully, but it * differs from the expected hash. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, or already completed). + * The operation state is not valid (not set up, or already completed). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -1032,7 +1035,7 @@ typedef struct psa_mac_operation_s psa_mac_operation_t; */ static psa_mac_operation_t psa_mac_operation_init(void); -/** Start a multipart MAC calculation operation. +/** Set up a multipart MAC calculation operation. * * This function sets up the calculation of the MAC * (message authentication code) of a byte string. @@ -1082,6 +1085,9 @@ static psa_mac_operation_t psa_mac_operation_init(void); * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (already set up and not + * subsequently completed). + * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. @@ -1090,7 +1096,7 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, psa_key_handle_t handle, psa_algorithm_t alg); -/** Start a multipart MAC verification operation. +/** Set up a multipart MAC verification operation. * * This function sets up the verification of the MAC * (message authentication code) of a byte string against an expected value. @@ -1139,6 +1145,9 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (already set up and not + * subsequently completed). + * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. @@ -1162,7 +1171,7 @@ psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, or already completed). + * The operation state is not valid (not set up, or already completed). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -1201,7 +1210,7 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, or already completed). + * The operation state is not valid (not set up, or already completed). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p mac buffer is too small. You can determine a * sufficient buffer size by calling PSA_MAC_FINAL_SIZE(). @@ -1240,7 +1249,7 @@ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, * The MAC of the message was calculated successfully, but it * differs from the expected MAC. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, or already completed). + * The operation state is not valid (not set up, or already completed). * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE @@ -1384,6 +1393,9 @@ static psa_cipher_operation_t psa_cipher_operation_init(void); * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (already set up and not + * subsequently completed). + * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. @@ -1443,6 +1455,9 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (already set up and not + * subsequently completed). + * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. @@ -1471,7 +1486,7 @@ psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, or IV already set). + * The operation state is not valid (not set up, or IV already set). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p iv buffer is too small. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -1505,7 +1520,7 @@ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, or IV already set). + * The operation state is not valid (not set up, or IV already set). * \retval #PSA_ERROR_INVALID_ARGUMENT * The size of \p iv is not acceptable for the chosen algorithm, * or the chosen algorithm does not use an IV. @@ -1541,7 +1556,7 @@ psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, IV required but + * The operation state is not valid (not set up, IV required but * not set, or already completed). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. @@ -1579,7 +1594,7 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (not started, IV required but + * The operation state is not valid (not set up, IV required but * not set, or already completed). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. diff --git a/features/mbedtls/mbed-crypto/inc/psa/crypto_platform.h b/features/mbedtls/mbed-crypto/inc/psa/crypto_platform.h index 50ca546fb6..42cdad32a4 100644 --- a/features/mbedtls/mbed-crypto/inc/psa/crypto_platform.h +++ b/features/mbedtls/mbed-crypto/inc/psa/crypto_platform.h @@ -49,4 +49,53 @@ /* Integral type representing a key handle. */ typedef uint16_t psa_key_handle_t; +/* This implementation distinguishes *application key identifiers*, which + * are the key identifiers specified by the application, from + * *key file identifiers*, which are the key identifiers that the library + * sees internally. The two types can be different if there is a remote + * call layer between the application and the library which supports + * multiple client applications that do not have access to each others' + * keys. The point of having different types is that the key file + * identifier may encode not only the key identifier specified by the + * application, but also the the identity of the application. + * + * Note that this is an internal concept of the library and the remote + * call layer. The application itself never sees anything other than + * #psa_app_key_id_t with its standard definition. + */ + +/* The application key identifier is always what the application sees as + * #psa_key_id_t. */ +typedef uint32_t psa_app_key_id_t; + +#if defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER) + +#if defined(PSA_CRYPTO_SECURE) +/* Building for the PSA Crypto service on a PSA platform. */ +/* A key owner is a PSA partition identifier. */ +typedef int32_t psa_key_owner_id_t; +#endif + +typedef struct +{ + uint32_t key_id; + psa_key_owner_id_t owner; +} psa_key_file_id_t; +#define PSA_KEY_FILE_GET_KEY_ID( file_id ) ( ( file_id ).key_id ) + +/* Since crypto.h is used as part of the PSA Cryptography API specification, + * it must use standard types for things like the argument of psa_open_key(). + * If it wasn't for that constraint, psa_open_key() would take a + * `psa_key_file_id_t` argument. As a workaround, make `psa_key_id_t` an + * alias for `psa_key_file_id_t` when building for a multi-client service. */ +typedef psa_key_file_id_t psa_key_id_t; + +#else /* !MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER */ + +/* By default, a key file identifier is just the application key identifier. */ +typedef psa_app_key_id_t psa_key_file_id_t; +#define PSA_KEY_FILE_GET_KEY_ID( id ) ( id ) + +#endif /* !MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER */ + #endif /* PSA_CRYPTO_PLATFORM_H */ diff --git a/features/mbedtls/mbed-crypto/inc/psa/crypto_types.h b/features/mbedtls/mbed-crypto/inc/psa/crypto_types.h index 29c9853030..923b94ad4b 100644 --- a/features/mbedtls/mbed-crypto/inc/psa/crypto_types.h +++ b/features/mbedtls/mbed-crypto/inc/psa/crypto_types.h @@ -90,7 +90,14 @@ typedef uint32_t psa_key_lifetime_t; /** Encoding of identifiers of persistent keys. */ +/* Implementation-specific quirk: The Mbed Crypto library can be built as + * part of a multi-client service that exposes the PSA Crypto API in each + * client and encodes the client identity in the key id argument of functions + * such as psa_open_key(). In this build configuration, we define + * psa_key_id_t in crypto_platform.h instead of here. */ +#if !defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER) typedef uint32_t psa_key_id_t; +#endif /**@}*/ diff --git a/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto.c b/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto.c index 325abde520..cfa07a6eee 100644 --- a/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto.c +++ b/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto.c @@ -26,22 +26,8 @@ #endif #if defined(MBEDTLS_PSA_CRYPTO_C) -/* - * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM - * (Secure Partition Manager) integration which separates the code into two - * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing - * Environment). When building for the SPE, an additional header file should be - * included. - */ -#if defined(MBEDTLS_PSA_CRYPTO_SPM) -/* - * PSA_CRYPTO_SECURE means that this file is compiled for the SPE. - * Some headers will be affected by this flag. - */ -#define PSA_CRYPTO_SECURE 1 -#include "crypto_spe.h" -#endif +#include "psa_crypto_service_integration.h" #include "psa/crypto.h" #include "psa_crypto_core.h" @@ -172,13 +158,21 @@ static psa_status_t mbedtls_to_psa_error( int ret ) case MBEDTLS_ERR_ASN1_BUF_TOO_SMALL: return( PSA_ERROR_BUFFER_TOO_SMALL ); +#if defined(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA) case MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA: +#elif defined(MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH) + case MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH: +#endif case MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH: return( PSA_ERROR_NOT_SUPPORTED ); case MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED: return( PSA_ERROR_HARDWARE_FAILURE ); +#if defined(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA) case MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA: +#elif defined(MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH) + case MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH: +#endif case MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH: return( PSA_ERROR_NOT_SUPPORTED ); case MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED: @@ -3621,6 +3615,12 @@ psa_status_t psa_generator_abort( psa_crypto_generator_t *generator ) psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator, size_t *capacity) { + if( generator->alg == 0 ) + { + /* This is a blank generator. */ + return PSA_ERROR_BAD_STATE; + } + *capacity = generator->capacity; return( PSA_SUCCESS ); } @@ -3850,6 +3850,12 @@ psa_status_t psa_generator_read( psa_crypto_generator_t *generator, { psa_status_t status; + if( generator->alg == 0 ) + { + /* This is a blank generator. */ + return PSA_ERROR_BAD_STATE; + } + if( output_length > generator->capacity ) { generator->capacity = 0; @@ -3858,11 +3864,10 @@ psa_status_t psa_generator_read( psa_crypto_generator_t *generator, status = PSA_ERROR_INSUFFICIENT_DATA; goto exit; } - if( output_length == 0 && - generator->capacity == 0 && generator->alg == 0 ) + if( output_length == 0 && generator->capacity == 0 ) { - /* Edge case: this is a blank or finished generator, and 0 - * bytes were requested. The right error in this case could + /* Edge case: this is a finished generator, and 0 bytes + * were requested. The right error in this case could * be either INSUFFICIENT_CAPACITY or BAD_STATE. Return * INSUFFICIENT_CAPACITY, which is right for a finished * generator, for consistency with the case when @@ -3911,7 +3916,13 @@ psa_status_t psa_generator_read( psa_crypto_generator_t *generator, exit: if( status != PSA_SUCCESS ) { + /* Preserve the algorithm upon errors, but clear all sensitive state. + * This allows us to differentiate between exhausted generators and + * blank generators, so we can return PSA_ERROR_BAD_STATE on blank + * generators. */ + psa_algorithm_t alg = generator->alg; psa_generator_abort( generator ); + generator->alg = alg; memset( output, '!', output_length ); } return( status ); diff --git a/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_core.h b/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_core.h index c289681973..0f75624597 100644 --- a/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_core.h +++ b/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_core.h @@ -41,7 +41,7 @@ typedef struct psa_key_type_t type; psa_key_policy_t policy; psa_key_lifetime_t lifetime; - psa_key_id_t persistent_storage_id; + psa_key_file_id_t persistent_storage_id; unsigned allocated : 1; union { diff --git a/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_service_integration.h b/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_service_integration.h new file mode 100644 index 0000000000..938bfe1dec --- /dev/null +++ b/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_service_integration.h @@ -0,0 +1,40 @@ +/* Copyright (C) 2019, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#ifndef PSA_CRYPTO_SERVICE_INTEGRATION_H +#define PSA_CRYPTO_SERVICE_INTEGRATION_H + +/* + * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM + * (Secure Partition Manager) integration which separates the code into two + * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing + * Environment). When building for the SPE, an additional header file should be + * included. + */ +#if defined(MBEDTLS_PSA_CRYPTO_SPM) +/* + * PSA_CRYPTO_SECURE means that the file which included this file is being + * compiled for SPE. The files crypto_structs.h and crypto_types.h have + * different implementations for NSPE and SPE and are compiled according to this + * flag. + */ +#define PSA_CRYPTO_SECURE 1 +#include "crypto_spe.h" +#endif // MBEDTLS_PSA_CRYPTO_SPM + +#endif // PSA_CRYPTO_SERVICE_INTEGRATION_H diff --git a/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_slot_management.c b/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_slot_management.c index dad23c490e..33c03a7991 100644 --- a/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_slot_management.c +++ b/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_slot_management.c @@ -26,22 +26,8 @@ #endif #if defined(MBEDTLS_PSA_CRYPTO_C) -/* - * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM - * (Secure Partition Manager) integration which separates the code into two - * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing - * Environment). When building for the SPE, an additional header file should be - * included. - */ -#if defined(MBEDTLS_PSA_CRYPTO_SPM) -/* - * PSA_CRYPTO_SECURE means that this file is compiled for the SPE. - * Some headers will be affected by this flag. - */ -#define PSA_CRYPTO_SECURE 1 -#include "crypto_spe.h" -#endif +#include "psa_crypto_service_integration.h" #include "psa/crypto.h" #include "psa_crypto_core.h" @@ -182,6 +168,30 @@ exit: psa_free_persistent_key_data( key_data, key_data_length ); return( status ); } + +/** Check whether a key identifier is acceptable. + * + * For backward compatibility, key identifiers that were valid in a + * past released version must remain valid, unless a migration path + * is provided. + * + * \param file_id The key identifier to check. + * + * \return 1 if \p file_id is acceptable, otherwise 0. + */ +static int psa_is_key_id_valid( psa_key_file_id_t file_id ) +{ + psa_app_key_id_t key_id = PSA_KEY_FILE_GET_KEY_ID( file_id ); + /* Reject id=0 because by general library conventions, 0 is an invalid + * value wherever possible. */ + if( key_id == 0 ) + return( 0 ); + /* Reject high values because the file names are reserved for the + * library's internal use. */ + if( key_id > PSA_MAX_PERSISTENT_KEY_IDENTIFIER ) + return( 0 ); + return( 1 ); +} #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ /** Declare a slot as persistent and load it from storage. @@ -203,19 +213,13 @@ exit: * \retval #PSA_ERROR_STORAGE_FAILURE */ static psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle, - psa_key_id_t id ) + psa_key_file_id_t id ) { #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) psa_key_slot_t *slot; psa_status_t status; - /* Reject id=0 because by general library conventions, 0 is an invalid - * value wherever possible. */ - if( id == 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); - /* Reject high values because the file names are reserved for the - * library's internal use. */ - if( id >= PSA_MAX_PERSISTENT_KEY_IDENTIFIER ) + if( ! psa_is_key_id_valid( id ) ) return( PSA_ERROR_INVALID_ARGUMENT ); status = psa_get_key_slot( handle, &slot ); @@ -236,7 +240,7 @@ static psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle, } static psa_status_t persistent_key_setup( psa_key_lifetime_t lifetime, - psa_key_id_t id, + psa_key_file_id_t id, psa_key_handle_t *handle, psa_status_t wanted_load_status ) { @@ -261,14 +265,14 @@ static psa_status_t persistent_key_setup( psa_key_lifetime_t lifetime, } psa_status_t psa_open_key( psa_key_lifetime_t lifetime, - psa_key_id_t id, + psa_key_file_id_t id, psa_key_handle_t *handle ) { return( persistent_key_setup( lifetime, id, handle, PSA_SUCCESS ) ); } psa_status_t psa_create_key( psa_key_lifetime_t lifetime, - psa_key_id_t id, + psa_key_file_id_t id, psa_key_handle_t *handle ) { psa_status_t status; diff --git a/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_storage.c b/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_storage.c index b4e4076e1a..84a6ed5585 100644 --- a/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_storage.c +++ b/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_storage.c @@ -30,6 +30,7 @@ #include #include +#include "psa_crypto_service_integration.h" #include "psa/crypto.h" #include "psa_crypto_storage.h" #include "psa_crypto_storage_backend.h" @@ -148,7 +149,7 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, return( PSA_SUCCESS ); } -psa_status_t psa_save_persistent_key( const psa_key_id_t key, +psa_status_t psa_save_persistent_key( const psa_key_file_id_t key, const psa_key_type_t type, const psa_key_policy_t *policy, const uint8_t *data, @@ -186,7 +187,7 @@ void psa_free_persistent_key_data( uint8_t *key_data, size_t key_data_length ) mbedtls_free( key_data ); } -psa_status_t psa_load_persistent_key( psa_key_id_t key, +psa_status_t psa_load_persistent_key( psa_key_file_id_t key, psa_key_type_t *type, psa_key_policy_t *policy, uint8_t **data, diff --git a/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_storage.h b/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_storage.h index 9da009d8d3..7e5aae9f98 100644 --- a/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_storage.h +++ b/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_storage.h @@ -59,7 +59,7 @@ extern "C" { * This limitation will probably become moot when we implement client * separation for key storage. */ -#define PSA_MAX_PERSISTENT_KEY_IDENTIFIER 0xffff0000 +#define PSA_MAX_PERSISTENT_KEY_IDENTIFIER 0xfffeffff /** * \brief Format key data and metadata and save to a location for given key @@ -86,7 +86,7 @@ extern "C" { * \retval PSA_ERROR_STORAGE_FAILURE * \retval PSA_ERROR_ALREADY_EXISTS */ -psa_status_t psa_save_persistent_key( const psa_key_id_t key, +psa_status_t psa_save_persistent_key( const psa_key_file_id_t key, const psa_key_type_t type, const psa_key_policy_t *policy, const uint8_t *data, @@ -117,7 +117,7 @@ psa_status_t psa_save_persistent_key( const psa_key_id_t key, * \retval PSA_ERROR_STORAGE_FAILURE * \retval PSA_ERROR_DOES_NOT_EXIST */ -psa_status_t psa_load_persistent_key( psa_key_id_t key, +psa_status_t psa_load_persistent_key( psa_key_file_id_t key, psa_key_type_t *type, psa_key_policy_t *policy, uint8_t **data, @@ -134,7 +134,7 @@ psa_status_t psa_load_persistent_key( psa_key_id_t key, * or the key did not exist. * \retval PSA_ERROR_STORAGE_FAILURE */ -psa_status_t psa_destroy_persistent_key( const psa_key_id_t key ); +psa_status_t psa_destroy_persistent_key( const psa_key_file_id_t key ); /** * \brief Free the temporary buffer allocated by psa_load_persistent_key(). diff --git a/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_storage_backend.h b/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_storage_backend.h index 83bd2f359d..dd534d2ff1 100644 --- a/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_storage_backend.h +++ b/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_storage_backend.h @@ -56,7 +56,7 @@ extern "C" { * \retval PSA_ERROR_STORAGE_FAILURE * \retval PSA_ERROR_DOES_NOT_EXIST */ -psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data, +psa_status_t psa_crypto_storage_load( const psa_key_file_id_t key, uint8_t *data, size_t data_size ); /** @@ -75,7 +75,7 @@ psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data, * \retval PSA_ERROR_STORAGE_FAILURE * \retval PSA_ERROR_ALREADY_EXISTS */ -psa_status_t psa_crypto_storage_store( const psa_key_id_t key, +psa_status_t psa_crypto_storage_store( const psa_key_file_id_t key, const uint8_t *data, size_t data_length ); @@ -92,7 +92,7 @@ psa_status_t psa_crypto_storage_store( const psa_key_id_t key, * \retval 1 * Persistent data present for slot number */ -int psa_is_key_present_in_storage( const psa_key_id_t key ); +int psa_is_key_present_in_storage( const psa_key_file_id_t key ); /** * \brief Get data length for given key slot number. @@ -104,7 +104,7 @@ int psa_is_key_present_in_storage( const psa_key_id_t key ); * \retval PSA_SUCCESS * \retval PSA_ERROR_STORAGE_FAILURE */ -psa_status_t psa_crypto_storage_get_data_length( const psa_key_id_t key, +psa_status_t psa_crypto_storage_get_data_length( const psa_key_file_id_t key, size_t *data_length ); diff --git a/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_storage_file.c b/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_storage_file.c index c7ff1be013..c4a534fe36 100644 --- a/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_storage_file.c +++ b/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_storage_file.c @@ -49,7 +49,7 @@ enum { MAX_LOCATION_LEN = sizeof(CRYPTO_STORAGE_FILE_LOCATION) + 40 }; -static void key_id_to_location( const psa_key_id_t key, +static void key_id_to_location( const psa_key_file_id_t key, char *location, size_t location_size ) { @@ -58,7 +58,7 @@ static void key_id_to_location( const psa_key_id_t key, (unsigned long) key ); } -psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data, +psa_status_t psa_crypto_storage_load( const psa_key_file_id_t key, uint8_t *data, size_t data_size ) { psa_status_t status = PSA_SUCCESS; @@ -83,7 +83,7 @@ exit: return( status ); } -int psa_is_key_present_in_storage( const psa_key_id_t key ) +int psa_is_key_present_in_storage( const psa_key_file_id_t key ) { char slot_location[MAX_LOCATION_LEN]; FILE *file; @@ -101,7 +101,7 @@ int psa_is_key_present_in_storage( const psa_key_id_t key ) return( 1 ); } -psa_status_t psa_crypto_storage_store( const psa_key_id_t key, +psa_status_t psa_crypto_storage_store( const psa_key_file_id_t key, const uint8_t *data, size_t data_length ) { @@ -156,7 +156,7 @@ exit: return( status ); } -psa_status_t psa_destroy_persistent_key( const psa_key_id_t key ) +psa_status_t psa_destroy_persistent_key( const psa_key_file_id_t key ) { FILE *file; char slot_location[MAX_LOCATION_LEN]; @@ -175,7 +175,7 @@ psa_status_t psa_destroy_persistent_key( const psa_key_id_t key ) return( PSA_SUCCESS ); } -psa_status_t psa_crypto_storage_get_data_length( const psa_key_id_t key, +psa_status_t psa_crypto_storage_get_data_length( const psa_key_file_id_t key, size_t *data_length ) { psa_status_t status = PSA_SUCCESS; diff --git a/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_storage_its.c b/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_storage_its.c index bb0d0cdf19..447c0aebb4 100644 --- a/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_storage_its.c +++ b/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto_storage_its.c @@ -28,6 +28,7 @@ #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) #include "psa/error.h" +#include "psa_crypto_service_integration.h" #include "psa/crypto.h" #include "psa_crypto_storage_backend.h" #include "psa/internal_trusted_storage.h" @@ -36,12 +37,31 @@ #include "mbedtls/platform.h" #endif -static psa_storage_uid_t psa_its_identifier_of_slot( psa_key_id_t key ) +/* Determine a file name (ITS file identifier) for the given key file + * identifier. The file name must be distinct from any file that is used + * for a purpose other than storing a key. Currently, the only such file + * is the random seed file whose name is PSA_CRYPTO_ITS_RANDOM_SEED_UID + * and whose value is 0xFFFFFF52. */ +static psa_storage_uid_t psa_its_identifier_of_slot( psa_key_file_id_t file_id ) { - return( key ); +#if defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER) && \ + defined(PSA_CRYPTO_SECURE) + /* Encode the owner in the upper 32 bits. This means that if + * owner values are nonzero (as they are on a PSA platform), + * no key file will ever have a value less than 0x100000000, so + * the whole range 0..0xffffffff is available for non-key files. */ + uint32_t unsigned_owner = (uint32_t) file_id.owner; + return( (uint64_t) unsigned_owner << 32 | file_id.key_id ); +#else + /* Use the key id directly as a file name. + * psa_is_key_file_id_valid() in psa_crypto_slot_management.c + * is responsible for ensuring that key identifiers do not have a + * value that is reserved for non-key files. */ + return( file_id ); +#endif } -psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data, +psa_status_t psa_crypto_storage_load( const psa_key_file_id_t key, uint8_t *data, size_t data_size ) { psa_status_t status; @@ -57,7 +77,7 @@ psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data, return( status ); } -int psa_is_key_present_in_storage( const psa_key_id_t key ) +int psa_is_key_present_in_storage( const psa_key_file_id_t key ) { psa_status_t ret; psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); @@ -70,7 +90,7 @@ int psa_is_key_present_in_storage( const psa_key_id_t key ) return( 1 ); } -psa_status_t psa_crypto_storage_store( const psa_key_id_t key, +psa_status_t psa_crypto_storage_store( const psa_key_file_id_t key, const uint8_t *data, size_t data_length ) { @@ -105,7 +125,7 @@ exit: return( status ); } -psa_status_t psa_destroy_persistent_key( const psa_key_id_t key ) +psa_status_t psa_destroy_persistent_key( const psa_key_file_id_t key ) { psa_status_t ret; psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); @@ -125,7 +145,7 @@ psa_status_t psa_destroy_persistent_key( const psa_key_id_t key ) return( PSA_SUCCESS ); } -psa_status_t psa_crypto_storage_get_data_length( const psa_key_id_t key, +psa_status_t psa_crypto_storage_get_data_length( const psa_key_file_id_t key, size_t *data_length ) { psa_status_t status;