Skip to content

Commit 8a351f6

Browse files
Harshal5Harshal5
committed
feat(drivers): Builtin CMAC driver use PSA cipher interface
1 parent 08e776d commit 8a351f6

File tree

10 files changed

+375
-59
lines changed

10 files changed

+375
-59
lines changed

core/psa_crypto.c

Lines changed: 58 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -4301,7 +4301,7 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation,
43014301
goto exit;
43024302
}
43034303

4304-
if (!PSA_ALG_IS_CIPHER(alg)) {
4304+
if (!PSA_ALG_IS_CIPHER(alg) && !PSA_ALG_IS_CMAC(alg)) {
43054305
status = PSA_ERROR_INVALID_ARGUMENT;
43064306
goto exit;
43074307
}
@@ -4316,7 +4316,7 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation,
43164316
* so we only set it (in the driver wrapper) after resources have been
43174317
* allocated/initialized. */
43184318
operation->iv_set = 0;
4319-
if (alg == PSA_ALG_ECB_NO_PADDING) {
4319+
if (alg == PSA_ALG_ECB_NO_PADDING || PSA_ALG_FULL_LENGTH_MAC(alg) == PSA_ALG_CMAC) {
43204320
operation->iv_required = 0;
43214321
} else {
43224322
operation->iv_required = 1;
@@ -5913,6 +5913,7 @@ static psa_status_t psa_key_derivation_pbkdf2_generate_block(
59135913
psa_key_attributes_t *attributes)
59145914
{
59155915
psa_status_t status;
5916+
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
59165917
psa_mac_operation_t mac_operation = PSA_MAC_OPERATION_INIT;
59175918
size_t mac_output_length;
59185919
uint8_t U_i[PSA_MAC_MAX_SIZE];
@@ -5924,10 +5925,26 @@ static psa_status_t psa_key_derivation_pbkdf2_generate_block(
59245925
mac_operation.mac_size = prf_output_length;
59255926
MBEDTLS_PUT_UINT32_BE(pbkdf2->block_number, block_counter, 0);
59265927

5928+
psa_key_id_t key = 0;
5929+
status = psa_import_key(attributes, pbkdf2->password, pbkdf2->password_length, &key);
5930+
if (status != PSA_SUCCESS) {
5931+
return status;
5932+
}
5933+
5934+
psa_key_slot_t *slot;
5935+
status = psa_get_and_lock_key_slot_with_policy(
5936+
key,
5937+
&slot,
5938+
PSA_KEY_USAGE_SIGN_MESSAGE,
5939+
prf_alg);
5940+
if (status != PSA_SUCCESS) {
5941+
goto cleanup;
5942+
}
5943+
59275944
status = psa_driver_wrapper_mac_sign_setup(&mac_operation,
5928-
attributes,
5929-
pbkdf2->password,
5930-
pbkdf2->password_length,
5945+
&slot->attr,
5946+
slot->key.data,
5947+
slot->key.bytes,
59315948
prf_alg);
59325949
if (status != PSA_SUCCESS) {
59335950
goto cleanup;
@@ -5957,9 +5974,9 @@ static psa_status_t psa_key_derivation_pbkdf2_generate_block(
59575974
/* We are passing prf_output_length as mac_size because the driver
59585975
* function directly sets mac_output_length as mac_size upon success.
59595976
* See https://github.com/Mbed-TLS/mbedtls/issues/7801 */
5960-
status = psa_driver_wrapper_mac_compute(attributes,
5961-
pbkdf2->password,
5962-
pbkdf2->password_length,
5977+
status = psa_driver_wrapper_mac_compute(&slot->attr,
5978+
slot->key.data,
5979+
slot->key.bytes,
59635980
prf_alg, U_i, prf_output_length,
59645981
U_i, prf_output_length,
59655982
&mac_output_length);
@@ -5971,9 +5988,11 @@ static psa_status_t psa_key_derivation_pbkdf2_generate_block(
59715988
}
59725989

59735990
cleanup:
5991+
psa_destroy_key(key);
5992+
unlock_status = psa_unregister_read_under_mutex(slot);
59745993
/* Zeroise buffers to clear sensitive data from memory. */
59755994
mbedtls_platform_zeroize(U_i, PSA_MAC_MAX_SIZE);
5976-
return status;
5995+
return (status == PSA_SUCCESS) ? unlock_status : status;
59775996
}
59785997

59795998
static psa_status_t psa_key_derivation_pbkdf2_read(
@@ -5987,19 +6006,21 @@ static psa_status_t psa_key_derivation_pbkdf2_read(
59876006
uint8_t prf_output_length;
59886007
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
59896008
psa_set_key_bits(&attributes, PSA_BYTES_TO_BITS(pbkdf2->password_length));
5990-
psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE);
59916009

59926010
if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg)) {
59936011
prf_alg = PSA_ALG_HMAC(PSA_ALG_PBKDF2_HMAC_GET_HASH(kdf_alg));
59946012
prf_output_length = PSA_HASH_LENGTH(prf_alg);
59956013
psa_set_key_type(&attributes, PSA_KEY_TYPE_HMAC);
6014+
psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE);
59966015
} else if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) {
59976016
prf_alg = PSA_ALG_CMAC;
59986017
prf_output_length = PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, 128U, PSA_ALG_CMAC);
59996018
psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
6019+
psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_ENCRYPT);
60006020
} else {
60016021
return PSA_ERROR_INVALID_ARGUMENT;
60026022
}
6023+
psa_set_key_algorithm(&attributes, prf_alg);
60036024

60046025
switch (pbkdf2->state) {
60056026
case PSA_PBKDF2_STATE_PASSWORD_SET:
@@ -7198,23 +7219,47 @@ static psa_status_t psa_pbkdf2_cmac_set_password(const uint8_t *input,
71987219
size_t *output_len)
71997220
{
72007221
psa_status_t status = PSA_SUCCESS;
7222+
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
7223+
72017224
if (input_len != PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, 128U, PSA_ALG_CMAC)) {
72027225
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
72037226
uint8_t zeros[16] = { 0 };
72047227
psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
72057228
psa_set_key_bits(&attributes, PSA_BYTES_TO_BITS(sizeof(zeros)));
7206-
psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE);
7229+
psa_set_key_algorithm(&attributes, PSA_ALG_CMAC);
7230+
psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_ENCRYPT);
7231+
7232+
psa_key_id_t key = 0;
7233+
status = psa_import_key(&attributes, zeros, sizeof(zeros), &key);
7234+
if (status != PSA_SUCCESS) {
7235+
return status;
7236+
}
7237+
7238+
psa_key_slot_t *slot;
7239+
status = psa_get_and_lock_key_slot_with_policy(
7240+
key,
7241+
&slot,
7242+
PSA_KEY_USAGE_SIGN_MESSAGE,
7243+
PSA_ALG_CMAC);
7244+
if (status != PSA_SUCCESS) {
7245+
return status;
7246+
}
7247+
72077248
/* Passing PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, 128U, PSA_ALG_CMAC) as
72087249
* mac_size as the driver function sets mac_output_length = mac_size
72097250
* on success. See https://github.com/Mbed-TLS/mbedtls/issues/7801 */
7210-
status = psa_driver_wrapper_mac_compute(&attributes,
7211-
zeros, sizeof(zeros),
7251+
status = psa_driver_wrapper_mac_compute(&slot->attr,
7252+
slot->key.data, slot->key.bytes,
72127253
PSA_ALG_CMAC, input, input_len,
72137254
output,
72147255
PSA_MAC_LENGTH(PSA_KEY_TYPE_AES,
72157256
128U,
72167257
PSA_ALG_CMAC),
72177258
output_len);
7259+
7260+
psa_destroy_key(key);
7261+
unlock_status = psa_unregister_read_under_mutex(slot);
7262+
return (status == PSA_SUCCESS) ? unlock_status : status;
72187263
} else {
72197264
memcpy(output, input, input_len);
72207265
*output_len = PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, 128U, PSA_ALG_CMAC);

drivers/builtin/src/psa_crypto_cipher.c

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -81,7 +81,7 @@ static psa_status_t mbedtls_cipher_validate_values(
8181
MBEDTLS_ASSUME(alg != PSA_ALG_CBC_PKCS7);
8282
#endif
8383
#if !defined(PSA_WANT_ALG_CMAC)
84-
MBEDTLS_ASSUME(alg != PSA_ALG_CMAC);
84+
MBEDTLS_ASSUME(PSA_ALG_FULL_LENGTH_MAC(alg) != PSA_ALG_CMAC);
8585
#endif
8686

8787
if (alg == PSA_ALG_STREAM_CIPHER ||
@@ -108,7 +108,7 @@ static psa_status_t mbedtls_cipher_validate_values(
108108
alg == PSA_ALG_ECB_NO_PADDING ||
109109
alg == PSA_ALG_CBC_NO_PADDING ||
110110
alg == PSA_ALG_CBC_PKCS7 ||
111-
alg == PSA_ALG_CMAC) {
111+
PSA_ALG_FULL_LENGTH_MAC(alg) == PSA_ALG_CMAC) {
112112
if (key_type == PSA_KEY_TYPE_AES ||
113113
key_type == PSA_KEY_TYPE_ARIA ||
114114
key_type == PSA_KEY_TYPE_DES ||
@@ -197,7 +197,7 @@ psa_status_t mbedtls_cipher_values_from_psa(
197197
default:
198198
return PSA_ERROR_NOT_SUPPORTED;
199199
}
200-
} else if (alg == PSA_ALG_CMAC) {
200+
} else if (PSA_ALG_FULL_LENGTH_MAC(alg) == PSA_ALG_CMAC) {
201201
*mode = MBEDTLS_MODE_ECB;
202202
} else {
203203
return PSA_ERROR_NOT_SUPPORTED;

0 commit comments

Comments
 (0)