Merge pull request #58 from Patater/disallow-invalid-context
Disallow use of invalid contexts
diff --git a/.travis.yml b/.travis.yml
index 4fc31c9..bd5e750 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -23,7 +23,7 @@
- make test
- programs/test/selftest
- OSSL_NO_DTLS=1 tests/compat.sh
-- tests/ssl-opt.sh -e '\(DTLS\|SCSV\).*openssl'
+- tests/ssl-opt.sh -e '\(DTLS\|SCSV\).*openssl' --seed 4
- tests/scripts/test-ref-configs.pl
- tests/scripts/curves.pl
- tests/scripts/key-exchanges.pl
diff --git a/docs/architecture/.gitignore b/docs/architecture/.gitignore
new file mode 100644
index 0000000..23f832b
--- /dev/null
+++ b/docs/architecture/.gitignore
@@ -0,0 +1,2 @@
+*.html
+*.pdf
diff --git a/docs/architecture/Makefile b/docs/architecture/Makefile
new file mode 100644
index 0000000..f763c9c
--- /dev/null
+++ b/docs/architecture/Makefile
@@ -0,0 +1,19 @@
+PANDOC = pandoc
+
+default: all
+
+all_markdown = \
+ mbed-crypto-storage-specification.md \
+ # This line is intentionally left blank
+
+html: $(all_markdown:.md=.html)
+pdf: $(all_markdown:.md=.pdf)
+all: html pdf
+
+.SUFFIXES:
+.SUFFIXES: .md .html .pdf
+
+.md.html:
+ $(PANDOC) -o $@ $<
+.md.pdf:
+ $(PANDOC) -o $@ $<
diff --git a/docs/architecture/mbed-crypto-storage-specification.md b/docs/architecture/mbed-crypto-storage-specification.md
new file mode 100644
index 0000000..2d4fed5
--- /dev/null
+++ b/docs/architecture/mbed-crypto-storage-specification.md
@@ -0,0 +1,161 @@
+Mbed Crypto storage specification
+=================================
+
+This document specifies how Mbed Crypto uses storage.
+
+Mbed Crypto may be upgraded on an existing device with the storage preserved. Therefore:
+
+1. Any change may break existing installations and may require an upgrade path.
+1. This document retains historical information about all past released versions. Do not remove information from this document unless it has always been incorrect or it is about a version that you are sure was never released.
+
+Mbed Crypto 0.1.0
+-----------------
+
+Tags: mbedcrypto-0.1.0b, mbedcrypto-0.1.0b2
+
+Released in November 2018. <br>
+Integrated in Mbed OS 5.11.
+
+Supported backends:
+
+* [PSA ITS](#file-namespace-on-its-for-0.1.0)
+* [C stdio](#file-namespace-on-stdio-for-0.1.0)
+
+Supported features:
+
+* [Persistent transparent keys](#key-file-format-for-0.1.0) designated by a [slot number](#key-names-for-0.1.0).
+* [Nonvolatile random seed](#nonvolatile-random-seed-file-format-for-0.1.0) on ITS only.
+
+This is a beta release, and we do not promise backward compatibility, with one exception:
+
+> On Mbed OS, if a device has a nonvolatile random seed file produced with Mbed OS 5.11.x and is upgraded to a later version of Mbed OS, the nonvolatile random seed file is preserved or upgraded.
+
+We do not make any promises regarding key storage, or regarding the nonvolatile random seed file on other platforms.
+
+### Key names for 0.1.0
+
+Information about each key is stored in a dedicated file whose name is constructed from the key identifier. The way in which the file name is constructed depends on the storage backend. The content of the file is described [below](#key-file-format-for-0.1.0).
+
+The valid values for a key identifier are the range from 1 to 0xfffeffff. This limitation on the range is not documented in user-facing documentation: according to the user-facing documentation, arbitrary 32-bit values are valid.
+
+The code uses the following constant in an internal header (note that despite the name, this value is actually one plus the maximum permitted value):
+
+ #define PSA_MAX_PERSISTENT_KEY_IDENTIFIER 0xffff0000
+
+There is a shared namespace for all callers.
+
+### Key file format for 0.1.0
+
+All integers are encoded in little-endian order in 8-bit bytes.
+
+The layout of a key file is:
+
+* magic (8 bytes): `"PSA\0KEY\0"`
+* version (4 bytes): 0
+* type (4 bytes): `psa_key_type_t` value
+* policy usage flags (4 bytes): `psa_key_usage_t` value
+* policy usage algorithm (4 bytes): `psa_algorithm_t` value
+* key material length (4 bytes)
+* key material: output of `psa_export_key`
+* Any trailing data is rejected on load.
+
+### Nonvolatile random seed file format for 0.1.0
+
+The nonvolatile random seed file contains a seed for the random generator. If present, it is rewritten at each boot as part of the random generator initialization.
+
+The file format is just the seed as a byte string with no metadata or encoding of any kind.
+
+### File namespace on ITS for 0.1.0
+
+Assumption: ITS provides a 32-bit file identifier namespace. The Crypto service can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace.
+
+* File 0: unused.
+* Files 1 through 0xfffeffff: [content](#key-file-format-for-0.1.0) of the [key whose identifier is the file identifier](#key-names-for-0.1.0).
+* File 0xffffff52 (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-0.1.0).
+* Files 0xffff0000 through 0xffffff51, 0xffffff53 through 0xffffffff: unused.
+
+### File namespace on stdio for 0.1.0
+
+Assumption: C stdio, allowing names containing lowercase letters, digits and underscores, of length up to 23.
+
+An undocumented build-time configuration value `CRYPTO_STORAGE_FILE_LOCATION` allows storing the key files in a directory other than the current directory. This value is simply prepended to the file name (so it must end with a directory separator to put the keys in a different directory).
+
+* `CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_0"`: used as a temporary file. Must be writable. May be overwritten or deleted if present.
+* `sprintf(CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_%lu", key_id)` [content](#key-file-format-for-0.1.0) of the [key whose identifier](#key-names-for-0.1.0) is `key_id`.
+* Other files: unused.
+
+Mbed Crypto 0.2.0
+-----------------
+
+**Warning:** the information in this section is provisional and may change before Mbed Crypto is released for Mbed OS 5.12. At the time of writing, we don't even know whether this version will be called 0.2.0.
+
+To be released for Mbed OS 5.12.
+
+Supported integrations:
+
+* [PSA platform](#file-namespace-on-a-psa-platform-for-0.2.0)
+* [library using PSA ITS](#file-namespace-on-its-as-a-library-for-0.2.0)
+* [library using C stdio](#file-namespace-on-stdio-for-0.2.0)
+
+Supported features:
+
+* [Persistent transparent keys](#key-file-format-for-0.2.0) designated by a [key identifier and owner](#key-names-for-0.2.0).
+* [Nonvolatile random seed](#nonvolatile-random-seed-file-format-for-0.2.0) on ITS only.
+
+Backward compatibility commitments: TBD
+
+### Key names for 0.2.0
+
+Information about each key is stored in a dedicated file designated by a _key file identifier_ (`psa_key_file_id_t`). The key file identifier is constructed from the 32-bit key identifier (`psa_key_id_t`) and, if applicable, an identifier of the owner of the key. In integrations where there is no concept of key owner (in particular, in library integrations), the key file identifier is exactly the key identifier. When the library is integrated into a service, the service determines the semantics of the owner identifier.
+
+The way in which the file name is constructed from the key file identifier depends on the storage backend. The content of the file is described [below](#key-file-format-for-0.2.0).
+
+The valid values for a key identifier are the range from 1 to 0xfffeffff. This limitation on the range is not documented in user-facing documentation: according to the user-facing documentation, arbitrary 32-bit values are valid.
+
+* Library integration: the key file name is just the key identifer. This is a 32-bit value.
+* PSA service integration: the key file identifier is `(uint32_t)owner_uid << 32 | key_id` where `key_id` is the key identifier specified by the application and `owner_uid` (of type `int32_t`) is the calling partition identifier provided to the server by the partition manager. This is a 64-bit value.
+
+### Key file format for 0.2.0
+
+The layout is identical to [0.1.0](#key-file-format-for-0.1.0) so far. However note that the encoding of key types, algorithms and key material has changed, therefore the storage format is not compatible (despite using the same value in the version field so far).
+
+### Nonvolatile random seed file format for 0.2.0
+
+[Identical to 0.1.0](#nonvolatile-random-seed-file-format-for-0.1.0).
+
+### File namespace on a PSA platform for 0.2.0
+
+Assumption: ITS provides a 64-bit file identifier namespace. The Crypto service can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace.
+
+Assumption: the owner identifier is a nonzero value of type `int32_t`.
+
+* Files 0 through 0xffffff51, 0xffffff53 through 0xffffffff: unused, reserved for internal use of the crypto library or crypto service.
+* File 0xffffff52 (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-0.1.0).
+* Files 0x100000000 through 0xffffffffffff: [content](#key-file-format-for-0.2.0) of the [key whose identifier is the file identifier](#key-names-for-0.2.0). The upper 32 bits determine the owner.
+
+### File namespace on ITS as a library for 0.2.0
+
+Assumption: ITS provides a 64-bit file identifier namespace. The entity using the crypto library can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace.
+
+This is a library integration, so there is no owner. The key file identifier is identical to the key identifier.
+
+* File 0: unused.
+* Files 1 through 0xfffeffff: [content](#key-file-format-for-0.2.0) of the [key whose identifier is the file identifier](#key-names-for-0.2.0).
+* File 0xffffff52 (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-0.2.0).
+* Files 0xffff0000 through 0xffffff51, 0xffffff53 through 0xffffffff, 0x100000000 through 0xffffffffffffffff: unused.
+
+### File namespace on stdio for 0.2.0
+
+This is a library integration, so there is no owner. The key file identifier is identical to the key identifier.
+
+[Identical to 0.1.0](#file-namespace-on-stdio-for-0.1.0).
+
+### Upgrade from 0.1.0 to 0.2.0.
+
+* Delete files 1 through 0xfffeffff, which contain keys in a format that is no longer supported.
+
+### Suggested changes to make before 0.2.0
+
+The library integration and the PSA platform integration use different sets of file names. This is annoyingly non-uniform. For example, if we want to store non-key files, we have room in different ranges (0 through 0xffffffff on a PSA platform, 0xffff0000 through 0xffffffffffffffff in a library integration).
+
+It would simplify things to always have a 32-bit owner, with a nonzero value, and thus reserve the range 0–0xffffffff for internal library use.
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index fa1d3cf..097361a 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -1156,6 +1156,21 @@
*/
//#define MBEDTLS_PSA_HAS_ITS_IO
+/* MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER
+ *
+ * In PSA key storage, encode the owner of the key.
+ *
+ * This is only meaningful when building the library as part of a
+ * multi-client service. When you activate this option, you must provide
+ * an implementation of the type psa_key_owner_id_t and a translation
+ * from psa_key_file_id_t to file name in all the storage backends that
+ * you wish to support.
+ *
+ * Note that this option is meant for internal use only and may be removed
+ * without notice.
+ */
+//#define MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER
+
/**
* \def MBEDTLS_MEMORY_DEBUG
*
diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 93f8968..b62788b 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -193,7 +193,7 @@
* the policy has been saved to persistent storage. Implementations
* may defer saving the policy until the key material is created.
* \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_OCCUPIED_SLOT
+ * \retval #PSA_ERROR_ALREADY_EXISTS
* \retval #PSA_ERROR_NOT_SUPPORTED
* \retval #PSA_ERROR_INVALID_ARGUMENT
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
@@ -285,7 +285,7 @@
* Success. The application can now use the value of `*handle`
* to access the newly allocated key slot.
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_EMPTY_SLOT
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
* \retval #PSA_ERROR_INVALID_ARGUMENT
* \p lifetime is invalid, for example #PSA_KEY_LIFETIME_VOLATILE.
* \retval #PSA_ERROR_INVALID_ARGUMENT
@@ -322,7 +322,7 @@
* to access the newly allocated key slot.
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_INSUFFICIENT_STORAGE
- * \retval #PSA_ERROR_OCCUPIED_SLOT
+ * \retval #PSA_ERROR_ALREADY_EXISTS
* There is already a key with the identifier \p id in the storage
* area designated by \p lifetime.
* \retval #PSA_ERROR_INVALID_ARGUMENT
@@ -401,7 +401,7 @@
* \retval #PSA_ERROR_INVALID_ARGUMENT
* The key slot is invalid,
* or the key data is not correctly formatted.
- * \retval #PSA_ERROR_OCCUPIED_SLOT
+ * \retval #PSA_ERROR_ALREADY_EXISTS
* There is already a key in the specified slot.
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_INSUFFICIENT_STORAGE
@@ -470,7 +470,7 @@
*
* \retval #PSA_SUCCESS
* \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_EMPTY_SLOT
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
* The handle is to a key slot which does not contain key material yet.
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
@@ -554,7 +554,7 @@
*
* \retval #PSA_SUCCESS
* \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_EMPTY_SLOT
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
* \retval #PSA_ERROR_NOT_PERMITTED
* \retval #PSA_ERROR_NOT_SUPPORTED
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
@@ -641,7 +641,7 @@
*
* \retval #PSA_SUCCESS
* \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_EMPTY_SLOT
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
* \retval #PSA_ERROR_INVALID_ARGUMENT
* The key is neither a public key nor a key pair.
* \retval #PSA_ERROR_NOT_SUPPORTED
@@ -710,9 +710,9 @@
*
* \retval #PSA_SUCCESS
* \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_OCCUPIED_SLOT
+ * \retval #PSA_ERROR_ALREADY_EXISTS
* \p target already contains key material.
- * \retval #PSA_ERROR_EMPTY_SLOT
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
* \p source does not contain key material.
* \retval #PSA_ERROR_INVALID_ARGUMENT
* The policy constraints on the source, on the target and
@@ -782,7 +782,7 @@
*/
static psa_hash_operation_t psa_hash_operation_init(void);
-/** Start a multipart hash operation.
+/** Set up a multipart hash operation.
*
* The sequence of operations to calculate a hash (message digest)
* is as follows:
@@ -816,6 +816,9 @@
* Success.
* \retval #PSA_ERROR_NOT_SUPPORTED
* \p alg is not supported or is not a hash algorithm.
+ * \retval #PSA_ERROR_BAD_STATE
+ * The operation state is not valid (already set up and not
+ * subsequently completed).
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
@@ -837,7 +840,7 @@
* \retval #PSA_SUCCESS
* Success.
* \retval #PSA_ERROR_BAD_STATE
- * The operation state is not valid (not started, or already completed).
+ * The operation state is not valid (not set up, or already completed).
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
@@ -874,7 +877,7 @@
* \retval #PSA_SUCCESS
* Success.
* \retval #PSA_ERROR_BAD_STATE
- * The operation state is not valid (not started, or already completed).
+ * The operation state is not valid (not set up, or already completed).
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
* The size of the \p hash buffer is too small. You can determine a
* sufficient buffer size by calling #PSA_HASH_SIZE(\c alg)
@@ -914,7 +917,7 @@
* The hash of the message was calculated successfully, but it
* differs from the expected hash.
* \retval #PSA_ERROR_BAD_STATE
- * The operation state is not valid (not started, or already completed).
+ * The operation state is not valid (not set up, or already completed).
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
@@ -1032,7 +1035,7 @@
*/
static psa_mac_operation_t psa_mac_operation_init(void);
-/** Start a multipart MAC calculation operation.
+/** Set up a multipart MAC calculation operation.
*
* This function sets up the calculation of the MAC
* (message authentication code) of a byte string.
@@ -1071,7 +1074,7 @@
* \retval #PSA_SUCCESS
* Success.
* \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_EMPTY_SLOT
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
* \retval #PSA_ERROR_NOT_PERMITTED
* \retval #PSA_ERROR_INVALID_ARGUMENT
* \p key is not compatible with \p alg.
@@ -1082,6 +1085,9 @@
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_BAD_STATE
+ * The operation state is not valid (already set up and not
+ * subsequently completed).
+ * \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
* It is implementation-dependent whether a failure to initialize
* results in this error code.
@@ -1090,7 +1096,7 @@
psa_key_handle_t handle,
psa_algorithm_t alg);
-/** Start a multipart MAC verification operation.
+/** Set up a multipart MAC verification operation.
*
* This function sets up the verification of the MAC
* (message authentication code) of a byte string against an expected value.
@@ -1128,7 +1134,7 @@
* \retval #PSA_SUCCESS
* Success.
* \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_EMPTY_SLOT
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
* \retval #PSA_ERROR_NOT_PERMITTED
* \retval #PSA_ERROR_INVALID_ARGUMENT
* \c key is not compatible with \c alg.
@@ -1139,6 +1145,9 @@
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_BAD_STATE
+ * The operation state is not valid (already set up and not
+ * subsequently completed).
+ * \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
* It is implementation-dependent whether a failure to initialize
* results in this error code.
@@ -1162,7 +1171,7 @@
* \retval #PSA_SUCCESS
* Success.
* \retval #PSA_ERROR_BAD_STATE
- * The operation state is not valid (not started, or already completed).
+ * The operation state is not valid (not set up, or already completed).
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
@@ -1201,7 +1210,7 @@
* \retval #PSA_SUCCESS
* Success.
* \retval #PSA_ERROR_BAD_STATE
- * The operation state is not valid (not started, or already completed).
+ * The operation state is not valid (not set up, or already completed).
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
* The size of the \p mac buffer is too small. You can determine a
* sufficient buffer size by calling PSA_MAC_FINAL_SIZE().
@@ -1240,7 +1249,7 @@
* The MAC of the message was calculated successfully, but it
* differs from the expected MAC.
* \retval #PSA_ERROR_BAD_STATE
- * The operation state is not valid (not started, or already completed).
+ * The operation state is not valid (not set up, or already completed).
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
@@ -1373,7 +1382,7 @@
* \retval #PSA_SUCCESS
* Success.
* \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_EMPTY_SLOT
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
* \retval #PSA_ERROR_NOT_PERMITTED
* \retval #PSA_ERROR_INVALID_ARGUMENT
* \p key is not compatible with \p alg.
@@ -1384,6 +1393,9 @@
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_BAD_STATE
+ * The operation state is not valid (already set up and not
+ * subsequently completed).
+ * \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
* It is implementation-dependent whether a failure to initialize
* results in this error code.
@@ -1432,7 +1444,7 @@
* \retval #PSA_SUCCESS
* Success.
* \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_EMPTY_SLOT
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
* \retval #PSA_ERROR_NOT_PERMITTED
* \retval #PSA_ERROR_INVALID_ARGUMENT
* \p key is not compatible with \p alg.
@@ -1443,6 +1455,9 @@
* \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_BAD_STATE
+ * The operation state is not valid (already set up and not
+ * subsequently completed).
+ * \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
* It is implementation-dependent whether a failure to initialize
* results in this error code.
@@ -1471,7 +1486,7 @@
* \retval #PSA_SUCCESS
* Success.
* \retval #PSA_ERROR_BAD_STATE
- * The operation state is not valid (not started, or IV already set).
+ * The operation state is not valid (not set up, or IV already set).
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
* The size of the \p iv buffer is too small.
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
@@ -1505,7 +1520,7 @@
* \retval #PSA_SUCCESS
* Success.
* \retval #PSA_ERROR_BAD_STATE
- * The operation state is not valid (not started, or IV already set).
+ * The operation state is not valid (not set up, or IV already set).
* \retval #PSA_ERROR_INVALID_ARGUMENT
* The size of \p iv is not acceptable for the chosen algorithm,
* or the chosen algorithm does not use an IV.
@@ -1541,7 +1556,7 @@
* \retval #PSA_SUCCESS
* Success.
* \retval #PSA_ERROR_BAD_STATE
- * The operation state is not valid (not started, IV required but
+ * The operation state is not valid (not set up, IV required but
* not set, or already completed).
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
* The size of the \p output buffer is too small.
@@ -1579,7 +1594,7 @@
* \retval #PSA_SUCCESS
* Success.
* \retval #PSA_ERROR_BAD_STATE
- * The operation state is not valid (not started, IV required but
+ * The operation state is not valid (not set up, IV required but
* not set, or already completed).
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
* The size of the \p output buffer is too small.
@@ -1660,7 +1675,7 @@
* \retval #PSA_SUCCESS
* Success.
* \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_EMPTY_SLOT
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
* \retval #PSA_ERROR_NOT_PERMITTED
* \retval #PSA_ERROR_INVALID_ARGUMENT
* \p key is not compatible with \p alg.
@@ -1716,7 +1731,7 @@
* \retval #PSA_SUCCESS
* Success.
* \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_EMPTY_SLOT
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
* \retval #PSA_ERROR_INVALID_SIGNATURE
* The ciphertext is not authentic.
* \retval #PSA_ERROR_NOT_PERMITTED
@@ -2034,7 +2049,7 @@
* \param output_length Number of bytes to output.
*
* \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_INSUFFICIENT_CAPACITY
+ * \retval #PSA_ERROR_INSUFFICIENT_DATA
* There were fewer than \p output_length bytes
* in the generator. Note that in this case, no
* output is written to the output buffer.
@@ -2076,7 +2091,7 @@
* Success.
* If the key is persistent, the key material and the key's metadata
* have been saved to persistent storage.
- * \retval #PSA_ERROR_INSUFFICIENT_CAPACITY
+ * \retval #PSA_ERROR_INSUFFICIENT_DATA
* There were fewer than \p output_length bytes
* in the generator. Note that in this case, no
* output is written to the output buffer.
@@ -2088,7 +2103,7 @@
* implementation in general or in this particular slot.
* \retval #PSA_ERROR_BAD_STATE
* \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_OCCUPIED_SLOT
+ * \retval #PSA_ERROR_ALREADY_EXISTS
* There is already a key in the specified slot.
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_INSUFFICIENT_STORAGE
@@ -2172,7 +2187,7 @@
* \retval #PSA_SUCCESS
* Success.
* \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_EMPTY_SLOT
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
* \retval #PSA_ERROR_NOT_PERMITTED
* \retval #PSA_ERROR_INVALID_ARGUMENT
* \c key is not compatible with \c alg,
@@ -2233,7 +2248,7 @@
* \retval #PSA_SUCCESS
* Success.
* \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_EMPTY_SLOT
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
* \retval #PSA_ERROR_NOT_PERMITTED
* \retval #PSA_ERROR_INVALID_ARGUMENT
* \c private_key is not compatible with \c alg,
@@ -2332,7 +2347,7 @@
* If the key is persistent, the key material and the key's metadata
* have been saved to persistent storage.
* \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_OCCUPIED_SLOT
+ * \retval #PSA_ERROR_ALREADY_EXISTS
* There is already a key in the specified slot.
* \retval #PSA_ERROR_NOT_SUPPORTED
* \retval #PSA_ERROR_INVALID_ARGUMENT
diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
index 7f08857..86d9954 100644
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@@ -37,6 +37,29 @@
/* UID for secure storage seed */
#define PSA_CRYPTO_ITS_RANDOM_SEED_UID 0xFFFFFF52
+/*
+ * Deprecated PSA Crypto error code definitions
+ */
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#define PSA_ERROR_UNKNOWN_ERROR \
+ MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_GENERIC_ERROR )
+#endif
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#define PSA_ERROR_OCCUPIED_SLOT \
+ MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_ALREADY_EXISTS )
+#endif
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#define PSA_ERROR_EMPTY_SLOT \
+ MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_DOES_NOT_EXIST )
+#endif
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#define PSA_ERROR_INSUFFICIENT_CAPACITY \
+ MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_INSUFFICIENT_DATA )
+#endif
+
/**
* \brief Library deinitialization.
*
@@ -111,7 +134,6 @@
* \retval #PSA_ERROR_INVALID_ARGUMENT
* \p seed_size is out of range.
* \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval `PSA_ITS_ERROR_XXX`
* There was a failure reading or writing from storage.
* \retval #PSA_ERROR_NOT_PERMITTED
* The library has already been initialized. It is no longer
diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h
index 50ca546..42cdad3 100644
--- a/include/psa/crypto_platform.h
+++ b/include/psa/crypto_platform.h
@@ -49,4 +49,53 @@
/* Integral type representing a key handle. */
typedef uint16_t psa_key_handle_t;
+/* This implementation distinguishes *application key identifiers*, which
+ * are the key identifiers specified by the application, from
+ * *key file identifiers*, which are the key identifiers that the library
+ * sees internally. The two types can be different if there is a remote
+ * call layer between the application and the library which supports
+ * multiple client applications that do not have access to each others'
+ * keys. The point of having different types is that the key file
+ * identifier may encode not only the key identifier specified by the
+ * application, but also the the identity of the application.
+ *
+ * Note that this is an internal concept of the library and the remote
+ * call layer. The application itself never sees anything other than
+ * #psa_app_key_id_t with its standard definition.
+ */
+
+/* The application key identifier is always what the application sees as
+ * #psa_key_id_t. */
+typedef uint32_t psa_app_key_id_t;
+
+#if defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER)
+
+#if defined(PSA_CRYPTO_SECURE)
+/* Building for the PSA Crypto service on a PSA platform. */
+/* A key owner is a PSA partition identifier. */
+typedef int32_t psa_key_owner_id_t;
+#endif
+
+typedef struct
+{
+ uint32_t key_id;
+ psa_key_owner_id_t owner;
+} psa_key_file_id_t;
+#define PSA_KEY_FILE_GET_KEY_ID( file_id ) ( ( file_id ).key_id )
+
+/* Since crypto.h is used as part of the PSA Cryptography API specification,
+ * it must use standard types for things like the argument of psa_open_key().
+ * If it wasn't for that constraint, psa_open_key() would take a
+ * `psa_key_file_id_t` argument. As a workaround, make `psa_key_id_t` an
+ * alias for `psa_key_file_id_t` when building for a multi-client service. */
+typedef psa_key_file_id_t psa_key_id_t;
+
+#else /* !MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER */
+
+/* By default, a key file identifier is just the application key identifier. */
+typedef psa_app_key_id_t psa_key_file_id_t;
+#define PSA_KEY_FILE_GET_KEY_ID( id ) ( id )
+
+#endif /* !MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER */
+
#endif /* PSA_CRYPTO_PLATFORM_H */
diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h
index 0578664..20cd4b4 100644
--- a/include/psa/crypto_se_driver.h
+++ b/include/psa/crypto_se_driver.h
@@ -754,7 +754,7 @@
* that make up the key data.
*
* \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_EMPTY_SLOT
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
* \retval #PSA_ERROR_NOT_PERMITTED
* \retval #PSA_ERROR_NOT_SUPPORTED
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h
index 9b44d6a..923b94a 100644
--- a/include/psa/crypto_types.h
+++ b/include/psa/crypto_types.h
@@ -47,8 +47,13 @@
* This is either #PSA_SUCCESS (which is zero), indicating success,
* or a nonzero value indicating that an error occurred. Errors are
* encoded as one of the \c PSA_ERROR_xxx values defined here.
+ * If #PSA_SUCCESS is already defined, it means that #psa_status_t
+ * is also defined in an external header, so prevent its multiple
+ * definition.
*/
+#ifndef PSA_SUCCESS
typedef int32_t psa_status_t;
+#endif
/**@}*/
@@ -85,7 +90,14 @@
/** Encoding of identifiers of persistent keys.
*/
+/* Implementation-specific quirk: The Mbed Crypto library can be built as
+ * part of a multi-client service that exposes the PSA Crypto API in each
+ * client and encodes the client identity in the key id argument of functions
+ * such as psa_open_key(). In this build configuration, we define
+ * psa_key_id_t in crypto_platform.h instead of here. */
+#if !defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER)
typedef uint32_t psa_key_id_t;
+#endif
/**@}*/
diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h
index 2ae72e0..d42d8c2 100644
--- a/include/psa/crypto_values.h
+++ b/include/psa/crypto_values.h
@@ -40,25 +40,17 @@
* @{
*/
-#if !defined(PSA_SUCCESS)
-/* If PSA_SUCCESS is defined, assume that PSA crypto is being used
- * together with PSA IPC, which also defines the identifier
- * PSA_SUCCESS. We must not define PSA_SUCCESS ourselves in that case;
- * the other error code names don't clash. This is a temporary hack
- * until we unify error reporting in PSA IPC and PSA crypto.
- *
- * Note that psa_defs.h must be included before this header!
- */
+/* PSA error codes */
+
/** The action was completed successfully. */
#define PSA_SUCCESS ((psa_status_t)0)
-#endif /* !defined(PSA_SUCCESS) */
/** An error occurred that does not correspond to any defined
* failure cause.
*
* Implementations may use this error code if none of the other standard
* error codes are applicable. */
-#define PSA_ERROR_UNKNOWN_ERROR ((psa_status_t)1)
+#define PSA_ERROR_GENERIC_ERROR ((psa_status_t)-132)
/** The requested operation or a parameter is not supported
* by this implementation.
@@ -67,7 +59,7 @@
* parameter such as a key type, algorithm, etc. is not recognized.
* If a combination of parameters is recognized and identified as
* not valid, return #PSA_ERROR_INVALID_ARGUMENT instead. */
-#define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)2)
+#define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)-134)
/** The requested action is denied by a policy.
*
@@ -80,7 +72,7 @@
* not valid or not supported, it is unspecified whether the function
* returns #PSA_ERROR_NOT_PERMITTED, #PSA_ERROR_NOT_SUPPORTED or
* #PSA_ERROR_INVALID_ARGUMENT. */
-#define PSA_ERROR_NOT_PERMITTED ((psa_status_t)3)
+#define PSA_ERROR_NOT_PERMITTED ((psa_status_t)-133)
/** An output buffer is too small.
*
@@ -92,23 +84,19 @@
* buffer would succeed. However implementations may return this
* error if a function has invalid or unsupported parameters in addition
* to the parameters that determine the necessary output buffer size. */
-#define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)4)
+#define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)-138)
-/** A slot is occupied, but must be empty to carry out the
- * requested action.
+/** Asking for an item that already exists
*
- * If a handle is invalid, it does not designate an occupied slot.
- * The error for an invalid handle is #PSA_ERROR_INVALID_HANDLE.
- */
-#define PSA_ERROR_OCCUPIED_SLOT ((psa_status_t)5)
+ * Implementations should return this error, when attempting
+ * to write an item (like a key) that already exists. */
+#define PSA_ERROR_ALREADY_EXISTS ((psa_status_t)-139)
-/** A slot is empty, but must be occupied to carry out the
- * requested action.
+/** Asking for an item that doesn't exist
*
- * If a handle is invalid, it does not designate an empty slot.
- * The error for an invalid handle is #PSA_ERROR_INVALID_HANDLE.
- */
-#define PSA_ERROR_EMPTY_SLOT ((psa_status_t)6)
+ * Implementations should return this error, if a requested item (like
+ * a key) does not exist. */
+#define PSA_ERROR_DOES_NOT_EXIST ((psa_status_t)-140)
/** The requested action cannot be performed in the current state.
*
@@ -118,9 +106,9 @@
*
* Implementations shall not return this error code to indicate
* that a key slot is occupied when it needs to be free or vice versa,
- * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT
+ * but shall return #PSA_ERROR_ALREADY_EXISTS or #PSA_ERROR_DOES_NOT_EXIST
* as applicable. */
-#define PSA_ERROR_BAD_STATE ((psa_status_t)7)
+#define PSA_ERROR_BAD_STATE ((psa_status_t)-137)
/** The parameters passed to the function are invalid.
*
@@ -129,20 +117,20 @@
*
* Implementations shall not return this error code to indicate
* that a key slot is occupied when it needs to be free or vice versa,
- * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT
+ * but shall return #PSA_ERROR_ALREADY_EXISTS or #PSA_ERROR_DOES_NOT_EXIST
* as applicable.
*
* Implementation shall not return this error code to indicate that a
* key handle is invalid, but shall return #PSA_ERROR_INVALID_HANDLE
* instead.
*/
-#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)8)
+#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)-135)
/** There is not enough runtime memory.
*
* If the action is carried out across multiple security realms, this
* error can refer to available memory in any of the security realms. */
-#define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)9)
+#define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)-141)
/** There is not enough persistent storage.
*
@@ -151,7 +139,7 @@
* many functions that do not otherwise access storage may return this
* error code if the implementation requires a mandatory log entry for
* the requested action and the log storage space is full. */
-#define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)10)
+#define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)-142)
/** There was a communication failure inside the implementation.
*
@@ -168,7 +156,7 @@
* cryptoprocessor but there was a breakdown of communication before
* the cryptoprocessor could report the status to the application.
*/
-#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)11)
+#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)-145)
/** There was a storage failure that may have led to data loss.
*
@@ -193,13 +181,13 @@
* permanent storage corruption. However application writers should
* keep in mind that transient errors while reading the storage may be
* reported using this error code. */
-#define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)12)
+#define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)-146)
/** A hardware failure was detected.
*
* A hardware failure may be transient or permanent depending on the
* cause. */
-#define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)13)
+#define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)-147)
/** A tampering attempt was detected.
*
@@ -230,7 +218,7 @@
* This error indicates an attack against the application. Implementations
* shall not return this error code as a consequence of the behavior of
* the application itself. */
-#define PSA_ERROR_TAMPERING_DETECTED ((psa_status_t)14)
+#define PSA_ERROR_TAMPERING_DETECTED ((psa_status_t)-151)
/** There is not enough entropy to generate random data needed
* for the requested action.
@@ -249,7 +237,7 @@
* secure pseudorandom generator (PRNG). However implementations may return
* this error at any time if a policy requires the PRNG to be reseeded
* during normal operation. */
-#define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)15)
+#define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)-148)
/** The signature, MAC or hash is incorrect.
*
@@ -259,7 +247,7 @@
*
* If the value to verify has an invalid size, implementations may return
* either #PSA_ERROR_INVALID_ARGUMENT or #PSA_ERROR_INVALID_SIGNATURE. */
-#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)16)
+#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149)
/** The decrypted padding is incorrect.
*
@@ -275,17 +263,15 @@
* as close as possible to indistinguishable to an external observer.
* In particular, the timing of a decryption operation should not
* depend on the validity of the padding. */
-#define PSA_ERROR_INVALID_PADDING ((psa_status_t)17)
+#define PSA_ERROR_INVALID_PADDING ((psa_status_t)-150)
-/** The generator has insufficient capacity left.
- *
- * Once a function returns this error, attempts to read from the
- * generator will always return this error. */
-#define PSA_ERROR_INSUFFICIENT_CAPACITY ((psa_status_t)18)
+/** Return this error when there's insufficient data when attempting
+ * to read from a resource. */
+#define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t)-143)
/** The key handle is not valid.
*/
-#define PSA_ERROR_INVALID_HANDLE ((psa_status_t)19)
+#define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136)
/**@}*/
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 38f50b3..22b4c0c 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -26,22 +26,8 @@
#endif
#if defined(MBEDTLS_PSA_CRYPTO_C)
-/*
- * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM
- * (Secure Partition Manager) integration which separates the code into two
- * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing
- * Environment). When building for the SPE, an additional header file should be
- * included.
- */
-#if defined(MBEDTLS_PSA_CRYPTO_SPM)
-/*
- * PSA_CRYPTO_SECURE means that this file is compiled for the SPE.
- * Some headers will be affected by this flag.
- */
-#define PSA_CRYPTO_SECURE 1
-#include "crypto_spe.h"
-#endif
+#include "psa_crypto_service_integration.h"
#include "psa/crypto.h"
#include "psa_crypto_core.h"
@@ -172,13 +158,21 @@
case MBEDTLS_ERR_ASN1_BUF_TOO_SMALL:
return( PSA_ERROR_BUFFER_TOO_SMALL );
+#if defined(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA)
case MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA:
+#elif defined(MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH)
+ case MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH:
+#endif
case MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH:
return( PSA_ERROR_NOT_SUPPORTED );
case MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED:
return( PSA_ERROR_HARDWARE_FAILURE );
+#if defined(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA)
case MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA:
+#elif defined(MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH)
+ case MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH:
+#endif
case MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH:
return( PSA_ERROR_NOT_SUPPORTED );
case MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED:
@@ -346,7 +340,7 @@
return( PSA_ERROR_HARDWARE_FAILURE );
default:
- return( PSA_ERROR_UNKNOWN_ERROR );
+ return( PSA_ERROR_GENERIC_ERROR );
}
}
@@ -742,7 +736,7 @@
return( status );
if( slot->type != PSA_KEY_TYPE_NONE )
- return( PSA_ERROR_OCCUPIED_SLOT );
+ return( PSA_ERROR_ALREADY_EXISTS );
*p_slot = slot;
return( status );
@@ -839,7 +833,7 @@
if( status != PSA_SUCCESS )
return( status );
if( slot->type == PSA_KEY_TYPE_NONE )
- return( PSA_ERROR_EMPTY_SLOT );
+ return( PSA_ERROR_DOES_NOT_EXIST );
/* Enforce that usage policy for the key slot contains all the flags
* required by the usage parameter. There is one exception: public
@@ -1001,7 +995,7 @@
return( status );
if( slot->type == PSA_KEY_TYPE_NONE )
- return( PSA_ERROR_EMPTY_SLOT );
+ return( PSA_ERROR_DOES_NOT_EXIST );
if( type != NULL )
*type = slot->type;
if( bits != NULL )
@@ -3124,7 +3118,7 @@
size_t output_size,
size_t *output_length )
{
- psa_status_t status = PSA_ERROR_UNKNOWN_ERROR;
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
int cipher_ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH];
@@ -3645,6 +3639,12 @@
psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator,
size_t *capacity)
{
+ if( generator->alg == 0 )
+ {
+ /* This is a blank generator. */
+ return PSA_ERROR_BAD_STATE;
+ }
+
*capacity = generator->capacity;
return( PSA_SUCCESS );
}
@@ -3874,24 +3874,29 @@
{
psa_status_t status;
+ if( generator->alg == 0 )
+ {
+ /* This is a blank generator. */
+ return PSA_ERROR_BAD_STATE;
+ }
+
if( output_length > generator->capacity )
{
generator->capacity = 0;
/* Go through the error path to wipe all confidential data now
* that the generator object is useless. */
- status = PSA_ERROR_INSUFFICIENT_CAPACITY;
+ status = PSA_ERROR_INSUFFICIENT_DATA;
goto exit;
}
- if( output_length == 0 &&
- generator->capacity == 0 && generator->alg == 0 )
+ if( output_length == 0 && generator->capacity == 0 )
{
- /* Edge case: this is a blank or finished generator, and 0
- * bytes were requested. The right error in this case could
+ /* Edge case: this is a finished generator, and 0 bytes
+ * were requested. The right error in this case could
* be either INSUFFICIENT_CAPACITY or BAD_STATE. Return
* INSUFFICIENT_CAPACITY, which is right for a finished
* generator, for consistency with the case when
* output_length > 0. */
- return( PSA_ERROR_INSUFFICIENT_CAPACITY );
+ return( PSA_ERROR_INSUFFICIENT_DATA );
}
generator->capacity -= output_length;
@@ -3935,7 +3940,13 @@
exit:
if( status != PSA_SUCCESS )
{
+ /* Preserve the algorithm upon errors, but clear all sensitive state.
+ * This allows us to differentiate between exhausted generators and
+ * blank generators, so we can return PSA_ERROR_BAD_STATE on blank
+ * generators. */
+ psa_algorithm_t alg = generator->alg;
psa_generator_abort( generator );
+ generator->alg = alg;
memset( output, '!', output_length );
}
return( status );
@@ -4415,45 +4426,11 @@
#if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) )
-/* Support function for error conversion between psa_its error codes to psa crypto */
-static psa_status_t its_to_psa_error( psa_its_status_t ret )
-{
- switch( ret )
- {
- case PSA_ITS_SUCCESS:
- return( PSA_SUCCESS );
-
- case PSA_ITS_ERROR_UID_NOT_FOUND:
- return( PSA_ERROR_EMPTY_SLOT );
-
- case PSA_ITS_ERROR_STORAGE_FAILURE:
- return( PSA_ERROR_STORAGE_FAILURE );
-
- case PSA_ITS_ERROR_INSUFFICIENT_SPACE:
- return( PSA_ERROR_INSUFFICIENT_STORAGE );
-
- case PSA_ITS_ERROR_OFFSET_INVALID:
- case PSA_ITS_ERROR_INCORRECT_SIZE:
- case PSA_ITS_ERROR_INVALID_ARGUMENTS:
- return( PSA_ERROR_INVALID_ARGUMENT );
-
- case PSA_ITS_ERROR_FLAGS_NOT_SUPPORTED:
- return( PSA_ERROR_NOT_SUPPORTED );
-
- case PSA_ITS_ERROR_WRITE_ONCE:
- return( PSA_ERROR_OCCUPIED_SLOT );
-
- default:
- return( PSA_ERROR_UNKNOWN_ERROR );
- }
-}
-
psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed,
size_t seed_size )
{
psa_status_t status;
- psa_its_status_t its_status;
- struct psa_its_info_t p_info;
+ struct psa_storage_info_t p_info;
if( global_data.initialized )
return( PSA_ERROR_NOT_PERMITTED );
@@ -4462,15 +4439,13 @@
( seed_size > MBEDTLS_ENTROPY_MAX_SEED_SIZE ) )
return( PSA_ERROR_INVALID_ARGUMENT );
- its_status = psa_its_get_info( PSA_CRYPTO_ITS_RANDOM_SEED_UID, &p_info );
- status = its_to_psa_error( its_status );
+ status = psa_its_get_info( PSA_CRYPTO_ITS_RANDOM_SEED_UID, &p_info );
- if( PSA_ITS_ERROR_UID_NOT_FOUND == its_status ) /* No seed exists */
+ if( PSA_ERROR_DOES_NOT_EXIST == status ) /* No seed exists */
{
- its_status = psa_its_set( PSA_CRYPTO_ITS_RANDOM_SEED_UID, seed_size, seed, 0 );
- status = its_to_psa_error( its_status );
+ status = psa_its_set( PSA_CRYPTO_ITS_RANDOM_SEED_UID, seed_size, seed, 0 );
}
- else if( PSA_ITS_SUCCESS == its_status )
+ else if( PSA_SUCCESS == status )
{
/* You should not be here. Seed needs to be injected only once */
status = PSA_ERROR_NOT_PERMITTED;
diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h
index c289681..0f75624 100644
--- a/library/psa_crypto_core.h
+++ b/library/psa_crypto_core.h
@@ -41,7 +41,7 @@
psa_key_type_t type;
psa_key_policy_t policy;
psa_key_lifetime_t lifetime;
- psa_key_id_t persistent_storage_id;
+ psa_key_file_id_t persistent_storage_id;
unsigned allocated : 1;
union
{
diff --git a/library/psa_crypto_service_integration.h b/library/psa_crypto_service_integration.h
new file mode 100644
index 0000000..938bfe1
--- /dev/null
+++ b/library/psa_crypto_service_integration.h
@@ -0,0 +1,40 @@
+/* Copyright (C) 2019, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef PSA_CRYPTO_SERVICE_INTEGRATION_H
+#define PSA_CRYPTO_SERVICE_INTEGRATION_H
+
+/*
+ * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM
+ * (Secure Partition Manager) integration which separates the code into two
+ * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing
+ * Environment). When building for the SPE, an additional header file should be
+ * included.
+ */
+#if defined(MBEDTLS_PSA_CRYPTO_SPM)
+/*
+ * PSA_CRYPTO_SECURE means that the file which included this file is being
+ * compiled for SPE. The files crypto_structs.h and crypto_types.h have
+ * different implementations for NSPE and SPE and are compiled according to this
+ * flag.
+ */
+#define PSA_CRYPTO_SECURE 1
+#include "crypto_spe.h"
+#endif // MBEDTLS_PSA_CRYPTO_SPM
+
+#endif // PSA_CRYPTO_SERVICE_INTEGRATION_H
diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index c151c5e..33c03a7 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -26,22 +26,8 @@
#endif
#if defined(MBEDTLS_PSA_CRYPTO_C)
-/*
- * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM
- * (Secure Partition Manager) integration which separates the code into two
- * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing
- * Environment). When building for the SPE, an additional header file should be
- * included.
- */
-#if defined(MBEDTLS_PSA_CRYPTO_SPM)
-/*
- * PSA_CRYPTO_SECURE means that this file is compiled for the SPE.
- * Some headers will be affected by this flag.
- */
-#define PSA_CRYPTO_SECURE 1
-#include "crypto_spe.h"
-#endif
+#include "psa_crypto_service_integration.h"
#include "psa/crypto.h"
#include "psa_crypto_core.h"
@@ -182,6 +168,30 @@
psa_free_persistent_key_data( key_data, key_data_length );
return( status );
}
+
+/** Check whether a key identifier is acceptable.
+ *
+ * For backward compatibility, key identifiers that were valid in a
+ * past released version must remain valid, unless a migration path
+ * is provided.
+ *
+ * \param file_id The key identifier to check.
+ *
+ * \return 1 if \p file_id is acceptable, otherwise 0.
+ */
+static int psa_is_key_id_valid( psa_key_file_id_t file_id )
+{
+ psa_app_key_id_t key_id = PSA_KEY_FILE_GET_KEY_ID( file_id );
+ /* Reject id=0 because by general library conventions, 0 is an invalid
+ * value wherever possible. */
+ if( key_id == 0 )
+ return( 0 );
+ /* Reject high values because the file names are reserved for the
+ * library's internal use. */
+ if( key_id > PSA_MAX_PERSISTENT_KEY_IDENTIFIER )
+ return( 0 );
+ return( 1 );
+}
#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
/** Declare a slot as persistent and load it from storage.
@@ -194,7 +204,7 @@
*
* \retval #PSA_SUCCESS
* The slot content was loaded successfully.
- * \retval #PSA_ERROR_EMPTY_SLOT
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
* There is no content for this slot in persistent storage.
* \retval #PSA_ERROR_INVALID_HANDLE
* \retval #PSA_ERROR_INVALID_ARGUMENT
@@ -203,19 +213,13 @@
* \retval #PSA_ERROR_STORAGE_FAILURE
*/
static psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle,
- psa_key_id_t id )
+ psa_key_file_id_t id )
{
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
psa_key_slot_t *slot;
psa_status_t status;
- /* Reject id=0 because by general library conventions, 0 is an invalid
- * value wherever possible. */
- if( id == 0 )
- return( PSA_ERROR_INVALID_ARGUMENT );
- /* Reject high values because the file names are reserved for the
- * library's internal use. */
- if( id >= PSA_MAX_PERSISTENT_KEY_IDENTIFIER )
+ if( ! psa_is_key_id_valid( id ) )
return( PSA_ERROR_INVALID_ARGUMENT );
status = psa_get_key_slot( handle, &slot );
@@ -236,7 +240,7 @@
}
static psa_status_t persistent_key_setup( psa_key_lifetime_t lifetime,
- psa_key_id_t id,
+ psa_key_file_id_t id,
psa_key_handle_t *handle,
psa_status_t wanted_load_status )
{
@@ -261,24 +265,24 @@
}
psa_status_t psa_open_key( psa_key_lifetime_t lifetime,
- psa_key_id_t id,
+ psa_key_file_id_t id,
psa_key_handle_t *handle )
{
return( persistent_key_setup( lifetime, id, handle, PSA_SUCCESS ) );
}
psa_status_t psa_create_key( psa_key_lifetime_t lifetime,
- psa_key_id_t id,
+ psa_key_file_id_t id,
psa_key_handle_t *handle )
{
psa_status_t status;
status = persistent_key_setup( lifetime, id, handle,
- PSA_ERROR_EMPTY_SLOT );
+ PSA_ERROR_DOES_NOT_EXIST );
switch( status )
{
- case PSA_SUCCESS: return( PSA_ERROR_OCCUPIED_SLOT );
- case PSA_ERROR_EMPTY_SLOT: return( PSA_SUCCESS );
+ case PSA_SUCCESS: return( PSA_ERROR_ALREADY_EXISTS );
+ case PSA_ERROR_DOES_NOT_EXIST: return( PSA_SUCCESS );
default: return( status );
}
}
diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c
index b4e4076..84a6ed5 100644
--- a/library/psa_crypto_storage.c
+++ b/library/psa_crypto_storage.c
@@ -30,6 +30,7 @@
#include <stdlib.h>
#include <string.h>
+#include "psa_crypto_service_integration.h"
#include "psa/crypto.h"
#include "psa_crypto_storage.h"
#include "psa_crypto_storage_backend.h"
@@ -148,7 +149,7 @@
return( PSA_SUCCESS );
}
-psa_status_t psa_save_persistent_key( const psa_key_id_t key,
+psa_status_t psa_save_persistent_key( const psa_key_file_id_t key,
const psa_key_type_t type,
const psa_key_policy_t *policy,
const uint8_t *data,
@@ -186,7 +187,7 @@
mbedtls_free( key_data );
}
-psa_status_t psa_load_persistent_key( psa_key_id_t key,
+psa_status_t psa_load_persistent_key( psa_key_file_id_t key,
psa_key_type_t *type,
psa_key_policy_t *policy,
uint8_t **data,
diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h
index 85881c1..7e5aae9 100644
--- a/library/psa_crypto_storage.h
+++ b/library/psa_crypto_storage.h
@@ -59,7 +59,7 @@
* This limitation will probably become moot when we implement client
* separation for key storage.
*/
-#define PSA_MAX_PERSISTENT_KEY_IDENTIFIER 0xffff0000
+#define PSA_MAX_PERSISTENT_KEY_IDENTIFIER 0xfffeffff
/**
* \brief Format key data and metadata and save to a location for given key
@@ -84,9 +84,9 @@
* \retval PSA_ERROR_INSUFFICIENT_MEMORY
* \retval PSA_ERROR_INSUFFICIENT_STORAGE
* \retval PSA_ERROR_STORAGE_FAILURE
- * \retval PSA_ERROR_OCCUPIED_SLOT
+ * \retval PSA_ERROR_ALREADY_EXISTS
*/
-psa_status_t psa_save_persistent_key( const psa_key_id_t key,
+psa_status_t psa_save_persistent_key( const psa_key_file_id_t key,
const psa_key_type_t type,
const psa_key_policy_t *policy,
const uint8_t *data,
@@ -115,9 +115,9 @@
* \retval PSA_SUCCESS
* \retval PSA_ERROR_INSUFFICIENT_MEMORY
* \retval PSA_ERROR_STORAGE_FAILURE
- * \retval PSA_ERROR_EMPTY_SLOT
+ * \retval PSA_ERROR_DOES_NOT_EXIST
*/
-psa_status_t psa_load_persistent_key( psa_key_id_t key,
+psa_status_t psa_load_persistent_key( psa_key_file_id_t key,
psa_key_type_t *type,
psa_key_policy_t *policy,
uint8_t **data,
@@ -134,7 +134,7 @@
* or the key did not exist.
* \retval PSA_ERROR_STORAGE_FAILURE
*/
-psa_status_t psa_destroy_persistent_key( const psa_key_id_t key );
+psa_status_t psa_destroy_persistent_key( const psa_key_file_id_t key );
/**
* \brief Free the temporary buffer allocated by psa_load_persistent_key().
diff --git a/library/psa_crypto_storage_backend.h b/library/psa_crypto_storage_backend.h
index 47896b8..dd534d2 100644
--- a/library/psa_crypto_storage_backend.h
+++ b/library/psa_crypto_storage_backend.h
@@ -54,9 +54,9 @@
*
* \retval PSA_SUCCESS
* \retval PSA_ERROR_STORAGE_FAILURE
- * \retval PSA_ERROR_EMPTY_SLOT
+ * \retval PSA_ERROR_DOES_NOT_EXIST
*/
-psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data,
+psa_status_t psa_crypto_storage_load( const psa_key_file_id_t key, uint8_t *data,
size_t data_size );
/**
@@ -73,9 +73,9 @@
* \retval PSA_SUCCESS
* \retval PSA_ERROR_INSUFFICIENT_STORAGE
* \retval PSA_ERROR_STORAGE_FAILURE
- * \retval PSA_ERROR_OCCUPIED_SLOT
+ * \retval PSA_ERROR_ALREADY_EXISTS
*/
-psa_status_t psa_crypto_storage_store( const psa_key_id_t key,
+psa_status_t psa_crypto_storage_store( const psa_key_file_id_t key,
const uint8_t *data,
size_t data_length );
@@ -92,7 +92,7 @@
* \retval 1
* Persistent data present for slot number
*/
-int psa_is_key_present_in_storage( const psa_key_id_t key );
+int psa_is_key_present_in_storage( const psa_key_file_id_t key );
/**
* \brief Get data length for given key slot number.
@@ -104,7 +104,7 @@
* \retval PSA_SUCCESS
* \retval PSA_ERROR_STORAGE_FAILURE
*/
-psa_status_t psa_crypto_storage_get_data_length( const psa_key_id_t key,
+psa_status_t psa_crypto_storage_get_data_length( const psa_key_file_id_t key,
size_t *data_length );
diff --git a/library/psa_crypto_storage_file.c b/library/psa_crypto_storage_file.c
index d7c3362..c4a534f 100644
--- a/library/psa_crypto_storage_file.c
+++ b/library/psa_crypto_storage_file.c
@@ -49,7 +49,7 @@
enum { MAX_LOCATION_LEN = sizeof(CRYPTO_STORAGE_FILE_LOCATION) + 40 };
-static void key_id_to_location( const psa_key_id_t key,
+static void key_id_to_location( const psa_key_file_id_t key,
char *location,
size_t location_size )
{
@@ -58,7 +58,7 @@
(unsigned long) key );
}
-psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data,
+psa_status_t psa_crypto_storage_load( const psa_key_file_id_t key, uint8_t *data,
size_t data_size )
{
psa_status_t status = PSA_SUCCESS;
@@ -83,7 +83,7 @@
return( status );
}
-int psa_is_key_present_in_storage( const psa_key_id_t key )
+int psa_is_key_present_in_storage( const psa_key_file_id_t key )
{
char slot_location[MAX_LOCATION_LEN];
FILE *file;
@@ -101,7 +101,7 @@
return( 1 );
}
-psa_status_t psa_crypto_storage_store( const psa_key_id_t key,
+psa_status_t psa_crypto_storage_store( const psa_key_file_id_t key,
const uint8_t *data,
size_t data_length )
{
@@ -119,7 +119,7 @@
key_id_to_location( key, slot_location, MAX_LOCATION_LEN );
if( psa_is_key_present_in_storage( key ) == 1 )
- return( PSA_ERROR_OCCUPIED_SLOT );
+ return( PSA_ERROR_ALREADY_EXISTS );
file = fopen( temp_location, "wb" );
if( file == NULL )
@@ -156,7 +156,7 @@
return( status );
}
-psa_status_t psa_destroy_persistent_key( const psa_key_id_t key )
+psa_status_t psa_destroy_persistent_key( const psa_key_file_id_t key )
{
FILE *file;
char slot_location[MAX_LOCATION_LEN];
@@ -175,7 +175,7 @@
return( PSA_SUCCESS );
}
-psa_status_t psa_crypto_storage_get_data_length( const psa_key_id_t key,
+psa_status_t psa_crypto_storage_get_data_length( const psa_key_file_id_t key,
size_t *data_length )
{
psa_status_t status = PSA_SUCCESS;
@@ -187,7 +187,7 @@
file = fopen( slot_location, "rb" );
if( file == NULL )
- return( PSA_ERROR_EMPTY_SLOT );
+ return( PSA_ERROR_DOES_NOT_EXIST );
if( fseek( file, 0, SEEK_END ) != 0 )
{
diff --git a/library/psa_crypto_storage_its.c b/library/psa_crypto_storage_its.c
index 1873c69..447c0ae 100644
--- a/library/psa_crypto_storage_its.c
+++ b/library/psa_crypto_storage_its.c
@@ -27,6 +27,8 @@
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C)
+#include "psa/error.h"
+#include "psa_crypto_service_integration.h"
#include "psa/crypto.h"
#include "psa_crypto_storage_backend.h"
#include "psa/internal_trusted_storage.h"
@@ -35,96 +37,77 @@
#include "mbedtls/platform.h"
#endif
-static psa_status_t its_to_psa_error( psa_its_status_t ret )
+/* Determine a file name (ITS file identifier) for the given key file
+ * identifier. The file name must be distinct from any file that is used
+ * for a purpose other than storing a key. Currently, the only such file
+ * is the random seed file whose name is PSA_CRYPTO_ITS_RANDOM_SEED_UID
+ * and whose value is 0xFFFFFF52. */
+static psa_storage_uid_t psa_its_identifier_of_slot( psa_key_file_id_t file_id )
{
- switch( ret )
- {
- case PSA_ITS_SUCCESS:
- return( PSA_SUCCESS );
-
- case PSA_ITS_ERROR_UID_NOT_FOUND:
- return( PSA_ERROR_EMPTY_SLOT );
-
- case PSA_ITS_ERROR_STORAGE_FAILURE:
- return( PSA_ERROR_STORAGE_FAILURE );
-
- case PSA_ITS_ERROR_INSUFFICIENT_SPACE:
- return( PSA_ERROR_INSUFFICIENT_STORAGE );
-
- case PSA_ITS_ERROR_OFFSET_INVALID:
- case PSA_ITS_ERROR_INCORRECT_SIZE:
- case PSA_ITS_ERROR_INVALID_ARGUMENTS:
- return( PSA_ERROR_INVALID_ARGUMENT );
-
- case PSA_ITS_ERROR_FLAGS_NOT_SUPPORTED:
- return( PSA_ERROR_NOT_SUPPORTED );
-
- case PSA_ITS_ERROR_WRITE_ONCE:
- return( PSA_ERROR_OCCUPIED_SLOT );
-
- default:
- return( PSA_ERROR_UNKNOWN_ERROR );
- }
+#if defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER) && \
+ defined(PSA_CRYPTO_SECURE)
+ /* Encode the owner in the upper 32 bits. This means that if
+ * owner values are nonzero (as they are on a PSA platform),
+ * no key file will ever have a value less than 0x100000000, so
+ * the whole range 0..0xffffffff is available for non-key files. */
+ uint32_t unsigned_owner = (uint32_t) file_id.owner;
+ return( (uint64_t) unsigned_owner << 32 | file_id.key_id );
+#else
+ /* Use the key id directly as a file name.
+ * psa_is_key_file_id_valid() in psa_crypto_slot_management.c
+ * is responsible for ensuring that key identifiers do not have a
+ * value that is reserved for non-key files. */
+ return( file_id );
+#endif
}
-static psa_its_uid_t psa_its_identifier_of_slot( psa_key_id_t key )
-{
- return( key );
-}
-
-psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data,
+psa_status_t psa_crypto_storage_load( const psa_key_file_id_t key, uint8_t *data,
size_t data_size )
{
- psa_its_status_t ret;
psa_status_t status;
- psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key );
- struct psa_its_info_t data_identifier_info;
+ psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key );
+ struct psa_storage_info_t data_identifier_info;
- ret = psa_its_get_info( data_identifier, &data_identifier_info );
- status = its_to_psa_error( ret );
- if( status != PSA_SUCCESS )
+ status = psa_its_get_info( data_identifier, &data_identifier_info );
+ if( status != PSA_SUCCESS )
return( status );
- ret = psa_its_get( data_identifier, 0, data_size, data );
- status = its_to_psa_error( ret );
+ status = psa_its_get( data_identifier, 0, data_size, data );
return( status );
}
-int psa_is_key_present_in_storage( const psa_key_id_t key )
+int psa_is_key_present_in_storage( const psa_key_file_id_t key )
{
- psa_its_status_t ret;
- psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key );
- struct psa_its_info_t data_identifier_info;
+ psa_status_t ret;
+ psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key );
+ struct psa_storage_info_t data_identifier_info;
ret = psa_its_get_info( data_identifier, &data_identifier_info );
- if( ret == PSA_ITS_ERROR_UID_NOT_FOUND )
+ if( ret == PSA_ERROR_DOES_NOT_EXIST )
return( 0 );
return( 1 );
}
-psa_status_t psa_crypto_storage_store( const psa_key_id_t key,
+psa_status_t psa_crypto_storage_store( const psa_key_file_id_t key,
const uint8_t *data,
size_t data_length )
{
- psa_its_status_t ret;
psa_status_t status;
- psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key );
- struct psa_its_info_t data_identifier_info;
+ psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key );
+ struct psa_storage_info_t data_identifier_info;
if( psa_is_key_present_in_storage( key ) == 1 )
- return( PSA_ERROR_OCCUPIED_SLOT );
+ return( PSA_ERROR_ALREADY_EXISTS );
- ret = psa_its_set( data_identifier, data_length, data, 0 );
- status = its_to_psa_error( ret );
+ status = psa_its_set( data_identifier, data_length, data, 0 );
if( status != PSA_SUCCESS )
{
return( PSA_ERROR_STORAGE_FAILURE );
}
- ret = psa_its_get_info( data_identifier, &data_identifier_info );
- status = its_to_psa_error( ret );
+ status = psa_its_get_info( data_identifier, &data_identifier_info );
if( status != PSA_SUCCESS )
{
goto exit;
@@ -142,36 +125,34 @@
return( status );
}
-psa_status_t psa_destroy_persistent_key( const psa_key_id_t key )
+psa_status_t psa_destroy_persistent_key( const psa_key_file_id_t key )
{
- psa_its_status_t ret;
- psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key );
- struct psa_its_info_t data_identifier_info;
+ psa_status_t ret;
+ psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key );
+ struct psa_storage_info_t data_identifier_info;
ret = psa_its_get_info( data_identifier, &data_identifier_info );
- if( ret == PSA_ITS_ERROR_UID_NOT_FOUND )
+ if( ret == PSA_ERROR_DOES_NOT_EXIST )
return( PSA_SUCCESS );
- if( psa_its_remove( data_identifier ) != PSA_ITS_SUCCESS )
+ if( psa_its_remove( data_identifier ) != PSA_SUCCESS )
return( PSA_ERROR_STORAGE_FAILURE );
ret = psa_its_get_info( data_identifier, &data_identifier_info );
- if( ret != PSA_ITS_ERROR_UID_NOT_FOUND )
+ if( ret != PSA_ERROR_DOES_NOT_EXIST )
return( PSA_ERROR_STORAGE_FAILURE );
return( PSA_SUCCESS );
}
-psa_status_t psa_crypto_storage_get_data_length( const psa_key_id_t key,
+psa_status_t psa_crypto_storage_get_data_length( const psa_key_file_id_t key,
size_t *data_length )
{
- psa_its_status_t ret;
psa_status_t status;
- psa_its_uid_t data_identifier = psa_its_identifier_of_slot( key );
- struct psa_its_info_t data_identifier_info;
+ psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key );
+ struct psa_storage_info_t data_identifier_info;
- ret = psa_its_get_info( data_identifier, &data_identifier_info );
- status = its_to_psa_error( ret );
+ status = psa_its_get_info( data_identifier, &data_identifier_info );
if( status != PSA_SUCCESS )
return( status );
diff --git a/library/version_features.c b/library/version_features.c
index ad3f937..2bfecf0 100644
--- a/library/version_features.c
+++ b/library/version_features.c
@@ -411,6 +411,9 @@
#if defined(MBEDTLS_PSA_HAS_ITS_IO)
"MBEDTLS_PSA_HAS_ITS_IO",
#endif /* MBEDTLS_PSA_HAS_ITS_IO */
+#if defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER)
+ "MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER",
+#endif /* MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER */
#if defined(MBEDTLS_MEMORY_DEBUG)
"MBEDTLS_MEMORY_DEBUG",
#endif /* MBEDTLS_MEMORY_DEBUG */
diff --git a/scripts/config.pl b/scripts/config.pl
index 55f4b6e..e141b41 100755
--- a/scripts/config.pl
+++ b/scripts/config.pl
@@ -100,6 +100,7 @@
MBEDTLS_NO_64BIT_MULTIPLICATION
MBEDTLS_PSA_CRYPTO_SPM
MBEDTLS_PSA_HAS_ITS_IO
+MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER
MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
MBEDTLS_USE_PSA_CRYPTO
_ALT\s*$
diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py
index 32508f2..382fd23 100755
--- a/scripts/generate_psa_constants.py
+++ b/scripts/generate_psa_constants.py
@@ -167,6 +167,16 @@
return
elif (name.startswith('PSA_ERROR_') or name == 'PSA_SUCCESS') \
and not parameter:
+ if name in [
+ 'PSA_ERROR_UNKNOWN_ERROR',
+ 'PSA_ERROR_OCCUPIED_SLOT',
+ 'PSA_ERROR_EMPTY_SLOT',
+ 'PSA_ERROR_INSUFFICIENT_CAPACITY',
+ ]:
+ # Ad hoc skipping of deprecated error codes, which share
+ # numerical values with non-deprecated error codes
+ return
+
self.statuses.add(name)
elif name.startswith('PSA_KEY_TYPE_') and not parameter:
self.key_types.add(name)
diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py
index d22652e..5e128eb 100755
--- a/tests/scripts/test_psa_constant_names.py
+++ b/tests/scripts/test_psa_constant_names.py
@@ -131,11 +131,16 @@
excluded_name_re = re.compile('_(?:GET|IS|OF)_|_(?:BASE|FLAG|MASK)\Z')
# Additional excluded macros.
# PSA_ALG_ECDH and PSA_ALG_FFDH are excluded for now as the script
- # currently doesn't support them.
+ # currently doesn't support them. Deprecated errors are also excluded.
excluded_names = set(['PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH',
'PSA_ALG_FULL_LENGTH_MAC',
'PSA_ALG_ECDH',
- 'PSA_ALG_FFDH'])
+ 'PSA_ALG_FFDH',
+ 'PSA_ERROR_UNKNOWN_ERROR',
+ 'PSA_ERROR_OCCUPIED_SLOT',
+ 'PSA_ERROR_EMPTY_SLOT',
+ 'PSA_ERROR_INSUFFICIENT_CAPACITY',
+ ])
argument_split_re = re.compile(r' *, *')
def parse_header_line(self, line):
'''Parse a C header line, looking for "#define PSA_xxx".'''
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 635c5bf..65ac6d7 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1021,31 +1021,127 @@
PSA symmetric encryption multipart: AES-CBC-nopad, 7+9 bytes
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:"a076ec9dfbe47d52afc357336f20743b"
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:0:16:"a076ec9dfbe47d52afc357336f20743b"
PSA symmetric encryption multipart: AES-CBC-nopad, 3+13 bytes
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:"a076ec9dfbe47d52afc357336f20743b"
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:0:16:"a076ec9dfbe47d52afc357336f20743b"
PSA symmetric encryption multipart: AES-CBC-nopad, 4+12 bytes
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":4:"a076ec9dfbe47d52afc357336f20743b"
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":4:0:16:"a076ec9dfbe47d52afc357336f20743b"
PSA symmetric encryption multipart: AES-CBC-nopad, 11+5 bytes
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b"
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:0:16:"a076ec9dfbe47d52afc357336f20743b"
+
+PSA symmetric encryption multipart: AES-CBC-nopad, 16+16 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f"
+
+PSA symmetric encryption multipart: AES-CBC-nopad, 12+20 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:0:32:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f"
+
+PSA symmetric encryption multipart: AES-CBC-nopad, 20+12 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f"
+
+PSA symmetric encryption multipart: AES-CTR, 11+5 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32"
+
+PSA symmetric encryption multipart: AES-CTR, 16+16 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+
+PSA symmetric encryption multipart: AES-CTR, 12+20 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+
+PSA symmetric encryption multipart: AES-CTR, 20+12 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+
+PSA symmetric encryption multipart: AES-CTR, 12+10 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b"
+
+PSA symmetric encryption multipart: AES-CTR, 0+15 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd"
+
+PSA symmetric encryption multipart: AES-CTR, 15+0 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd"
+
+PSA symmetric encryption multipart: AES-CTR, 0+16 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32"
+
+PSA symmetric encryption multipart: AES-CTR, 16+0 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32"
PSA symmetric decryption multipart: AES-CBC-nopad, 7+9 bytes
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":7:"6bc1bee22e409f96e93d7e117393172a"
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":7:0:16:"6bc1bee22e409f96e93d7e117393172a"
PSA symmetric decryption multipart: AES-CBC-nopad, 3+13 bytes
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":3:"6bc1bee22e409f96e93d7e117393172a"
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":3:0:16:"6bc1bee22e409f96e93d7e117393172a"
PSA symmetric decryption multipart: AES-CBC-nopad, 11+5 bytes
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11:"6bc1bee22e409f96e93d7e117393172a"
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11:0:16:"6bc1bee22e409f96e93d7e117393172a"
+
+PSA symmetric decryption multipart: AES-CBC-nopad, 16+16 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":16:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef"
+
+PSA symmetric decryption multipart: AES-CBC-nopad, 12+20 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":12:0:32:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef"
+
+PSA symmetric decryption multipart: AES-CBC-nopad, 20+12 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":20:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef"
+
+PSA symmetric encryption multipart: AES-CTR, 11+5 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32"
+
+PSA symmetric encryption multipart: AES-CTR, 16+16 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+
+PSA symmetric encryption multipart: AES-CTR, 12+20 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+
+PSA symmetric encryption multipart: AES-CTR, 20+12 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+
+PSA symmetric encryption multipart: AES-CTR, 12+10 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b"
+
+PSA symmetric decryption multipart: AES-CTR, 0+15 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd"
+
+PSA symmetric decryption multipart: AES-CTR, 15+0 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd"
+
+PSA symmetric decryption multipart: AES-CTR, 0+16 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32"
+
+PSA symmetric decryption multipart: AES-CTR, 16+0 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32"
PSA symmetric encrypt/decrypt multipart: AES-CBC-nopad, 11+5 bytes
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 9ea6cc0..5c662d8 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -419,10 +419,10 @@
size_t key_bits;
uint8_t *public_key = NULL;
size_t public_key_length;
- /* Return UNKNOWN_ERROR if something other than the final call to
+ /* Return GENERIC_ERROR if something other than the final call to
* psa_key_agreement fails. This isn't fully satisfactory, but it's
* good enough: callers will report it as a failed test anyway. */
- psa_status_t status = PSA_ERROR_UNKNOWN_ERROR;
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
PSA_ASSERT( psa_get_key_information( handle,
&private_key_type,
@@ -1027,7 +1027,7 @@
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
TEST_EQUAL( psa_get_key_information( handle, NULL, NULL ),
- PSA_ERROR_EMPTY_SLOT );
+ PSA_ERROR_DOES_NOT_EXIST );
/* Import the key */
PSA_ASSERT( psa_import_key( handle, type,
@@ -1114,7 +1114,7 @@
/* Import the key again */
status = psa_import_key( handle, type, data, sizeof( data ) );
- TEST_EQUAL( status, PSA_ERROR_OCCUPIED_SLOT );
+ TEST_EQUAL( status, PSA_ERROR_ALREADY_EXISTS );
exit:
mbedtls_psa_crypto_free( );
@@ -1164,7 +1164,7 @@
status = psa_export_key( handle,
exported, export_size,
&exported_length );
- TEST_EQUAL( status, PSA_ERROR_EMPTY_SLOT );
+ TEST_EQUAL( status, PSA_ERROR_DOES_NOT_EXIST );
exit:
mbedtls_psa_crypto_free( );
@@ -1187,7 +1187,7 @@
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg );
- TEST_EQUAL( status, PSA_ERROR_EMPTY_SLOT );
+ TEST_EQUAL( status, PSA_ERROR_DOES_NOT_EXIST );
exit:
psa_cipher_abort( &operation );
@@ -1220,7 +1220,7 @@
status = psa_export_key( handle,
exported, export_size,
&exported_length );
- TEST_EQUAL( status, PSA_ERROR_EMPTY_SLOT );
+ TEST_EQUAL( status, PSA_ERROR_DOES_NOT_EXIST );
exit:
mbedtls_psa_crypto_free( );
@@ -1248,7 +1248,7 @@
TEST_EQUAL( status, expected_import_status );
status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg );
- TEST_EQUAL( status, PSA_ERROR_EMPTY_SLOT );
+ TEST_EQUAL( status, PSA_ERROR_DOES_NOT_EXIST );
exit:
psa_cipher_abort( &operation );
@@ -1937,7 +1937,7 @@
/* Test that the target slot is unaffected. */
TEST_EQUAL( psa_get_key_information( target_handle,
&target_type, &target_bits ),
- PSA_ERROR_EMPTY_SLOT );
+ PSA_ERROR_DOES_NOT_EXIST );
PSA_ASSERT( psa_get_key_policy( target_handle, &target_policy ) );
TEST_EQUAL( target_usage, psa_key_policy_get_usage( &target_policy ) );
TEST_EQUAL( target_alg, psa_key_policy_get_algorithm( &target_policy ) );
@@ -2787,8 +2787,8 @@
&function_output_length ) );
total_output_length += function_output_length;
status = psa_cipher_finish( &operation,
- output + function_output_length,
- output_buffer_size,
+ output + total_output_length,
+ output_buffer_size - total_output_length,
&function_output_length );
total_output_length += function_output_length;
@@ -2811,12 +2811,16 @@
void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
data_t *key,
data_t *input,
- int first_part_size,
+ int first_part_size_arg,
+ int output1_length_arg, int output2_length_arg,
data_t *expected_output )
{
psa_key_handle_t handle = 0;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
+ size_t first_part_size = first_part_size_arg;
+ size_t output1_length = output1_length_arg;
+ size_t output2_length = output2_length_arg;
unsigned char iv[16] = {0};
size_t iv_size;
unsigned char *output = NULL;
@@ -2847,20 +2851,23 @@
PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
ASSERT_ALLOC( output, output_buffer_size );
- TEST_ASSERT( (unsigned int) first_part_size < input->len );
+ TEST_ASSERT( first_part_size <= input->len );
PSA_ASSERT( psa_cipher_update( &operation, input->x, first_part_size,
output, output_buffer_size,
&function_output_length ) );
+ TEST_ASSERT( function_output_length == output1_length );
total_output_length += function_output_length;
PSA_ASSERT( psa_cipher_update( &operation,
input->x + first_part_size,
input->len - first_part_size,
- output, output_buffer_size,
+ output + total_output_length,
+ output_buffer_size - total_output_length,
&function_output_length ) );
+ TEST_ASSERT( function_output_length == output2_length );
total_output_length += function_output_length;
PSA_ASSERT( psa_cipher_finish( &operation,
- output + function_output_length,
- output_buffer_size,
+ output + total_output_length,
+ output_buffer_size - total_output_length,
&function_output_length ) );
total_output_length += function_output_length;
PSA_ASSERT( psa_cipher_abort( &operation ) );
@@ -2879,13 +2886,17 @@
void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
data_t *key,
data_t *input,
- int first_part_size,
+ int first_part_size_arg,
+ int output1_length_arg, int output2_length_arg,
data_t *expected_output )
{
psa_key_handle_t handle = 0;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
+ size_t first_part_size = first_part_size_arg;
+ size_t output1_length = output1_length_arg;
+ size_t output2_length = output2_length_arg;
unsigned char iv[16] = {0};
size_t iv_size;
unsigned char *output = NULL;
@@ -2917,21 +2928,24 @@
PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
ASSERT_ALLOC( output, output_buffer_size );
- TEST_ASSERT( (unsigned int) first_part_size < input->len );
+ TEST_ASSERT( first_part_size <= input->len );
PSA_ASSERT( psa_cipher_update( &operation,
input->x, first_part_size,
output, output_buffer_size,
&function_output_length ) );
+ TEST_ASSERT( function_output_length == output1_length );
total_output_length += function_output_length;
PSA_ASSERT( psa_cipher_update( &operation,
input->x + first_part_size,
input->len - first_part_size,
- output, output_buffer_size,
+ output + total_output_length,
+ output_buffer_size - total_output_length,
&function_output_length ) );
+ TEST_ASSERT( function_output_length == output2_length );
total_output_length += function_output_length;
PSA_ASSERT( psa_cipher_finish( &operation,
- output + function_output_length,
- output_buffer_size,
+ output + total_output_length,
+ output_buffer_size - total_output_length,
&function_output_length ) );
total_output_length += function_output_length;
PSA_ASSERT( psa_cipher_abort( &operation ) );
@@ -2994,8 +3008,8 @@
&function_output_length ) );
total_output_length += function_output_length;
status = psa_cipher_finish( &operation,
- output + function_output_length,
- output_buffer_size,
+ output + total_output_length,
+ output_buffer_size - total_output_length,
&function_output_length );
total_output_length += function_output_length;
TEST_EQUAL( status, expected_status );
@@ -3061,7 +3075,8 @@
output1, output1_size,
&output1_length ) );
PSA_ASSERT( psa_cipher_finish( &operation1,
- output1 + output1_length, output1_size,
+ output1 + output1_length,
+ output1_size - output1_length,
&function_output_length ) );
output1_length += function_output_length;
@@ -3079,7 +3094,7 @@
function_output_length = 0;
PSA_ASSERT( psa_cipher_finish( &operation2,
output2 + output2_length,
- output2_size,
+ output2_size - output2_length,
&function_output_length ) );
output2_length += function_output_length;
@@ -3101,11 +3116,12 @@
int key_type_arg,
data_t *key,
data_t *input,
- int first_part_size )
+ int first_part_size_arg )
{
psa_key_handle_t handle = 0;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
+ size_t first_part_size = first_part_size_arg;
unsigned char iv[16] = {0};
size_t iv_size = 16;
size_t iv_length = 0;
@@ -3141,7 +3157,7 @@
PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
ASSERT_ALLOC( output1, output1_buffer_size );
- TEST_ASSERT( (unsigned int) first_part_size < input->len );
+ TEST_ASSERT( first_part_size <= input->len );
PSA_ASSERT( psa_cipher_update( &operation1, input->x, first_part_size,
output1, output1_buffer_size,
@@ -3891,13 +3907,13 @@
memset( &zero, 0, sizeof( zero ) );
- /* A default generator should have no capacity. */
- PSA_ASSERT( psa_get_generator_capacity( &func, &capacity ) );
- TEST_EQUAL( capacity, 0 );
- PSA_ASSERT( psa_get_generator_capacity( &init, &capacity ) );
- TEST_EQUAL( capacity, 0 );
- PSA_ASSERT( psa_get_generator_capacity( &zero, &capacity ) );
- TEST_EQUAL( capacity, 0 );
+ /* A default generator should not be able to report its capacity. */
+ TEST_EQUAL( psa_get_generator_capacity( &func, &capacity ),
+ PSA_ERROR_BAD_STATE );
+ TEST_EQUAL( psa_get_generator_capacity( &init, &capacity ),
+ PSA_ERROR_BAD_STATE );
+ TEST_EQUAL( psa_get_generator_capacity( &zero, &capacity ),
+ PSA_ERROR_BAD_STATE );
/* A default generator should be abortable without error. */
PSA_ASSERT( psa_generator_abort(&func) );
@@ -3986,7 +4002,7 @@
PSA_ASSERT( psa_generator_read( &generator, buffer, capacity ) );
TEST_EQUAL( psa_generator_read( &generator, buffer, capacity ),
- PSA_ERROR_INSUFFICIENT_CAPACITY );
+ PSA_ERROR_INSUFFICIENT_DATA );
exit:
psa_generator_abort( &generator );
@@ -4004,18 +4020,18 @@
psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size )
- == PSA_ERROR_INSUFFICIENT_CAPACITY ); // should be PSA_ERROR_BAD_STATE:#183
+ == PSA_ERROR_BAD_STATE );
TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity )
- == PSA_SUCCESS ); // should be PSA_ERROR_BAD_STATE:#183
+ == PSA_ERROR_BAD_STATE );
PSA_ASSERT( psa_generator_abort( &generator ) );
TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size )
- == PSA_ERROR_INSUFFICIENT_CAPACITY ); // should be PSA_ERROR_BAD_STATE:#183
+ == PSA_ERROR_BAD_STATE );
TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity )
- == PSA_SUCCESS );// should be PSA_ERROR_BAD_STATE:#183
+ == PSA_ERROR_BAD_STATE );
exit:
psa_generator_abort( &generator );
@@ -4085,14 +4101,14 @@
{
/* Reading 0 bytes when 0 bytes are available can go either way. */
TEST_ASSERT( status == PSA_SUCCESS ||
- status == PSA_ERROR_INSUFFICIENT_CAPACITY );
+ status == PSA_ERROR_INSUFFICIENT_DATA );
continue;
}
else if( expected_capacity == 0 ||
output_sizes[i] > expected_capacity )
{
/* Capacity exceeded. */
- TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_CAPACITY );
+ TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_DATA );
expected_capacity = 0;
continue;
}
@@ -4169,7 +4185,7 @@
/* Check that the generator refuses to go over capacity. */
TEST_EQUAL( psa_generator_read( &generator, output_buffer, 1 ),
- PSA_ERROR_INSUFFICIENT_CAPACITY );
+ PSA_ERROR_INSUFFICIENT_DATA );
PSA_ASSERT( psa_generator_abort( &generator ) );
@@ -4405,7 +4421,7 @@
PSA_ASSERT( psa_generator_read( &generator,
output, actual_capacity ) );
TEST_EQUAL( psa_generator_read( &generator, output, 1 ),
- PSA_ERROR_INSUFFICIENT_CAPACITY );
+ PSA_ERROR_INSUFFICIENT_DATA );
exit:
psa_generator_abort( &generator );
@@ -4533,7 +4549,7 @@
psa_key_type_t got_type;
size_t got_bits;
psa_status_t expected_info_status =
- expected_status == PSA_SUCCESS ? PSA_SUCCESS : PSA_ERROR_EMPTY_SLOT;
+ expected_status == PSA_SUCCESS ? PSA_SUCCESS : PSA_ERROR_DOES_NOT_EXIST;
psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
PSA_ASSERT( psa_crypto_init( ) );
diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function
index 727db43..a14657e 100644
--- a/tests/suites/test_suite_psa_crypto_entropy.function
+++ b/tests/suites/test_suite_psa_crypto_entropy.function
@@ -22,7 +22,6 @@
int seed_length_b,
int expected_status_b )
{
- psa_its_status_t its_status;
psa_status_t status;
uint8_t output[32] = { 0 };
uint8_t zeros[32] = { 0 };
@@ -43,9 +42,9 @@
{
seed[i] = i;
}
- its_status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
- TEST_ASSERT( ( its_status == PSA_ITS_SUCCESS ) ||
- ( its_status == PSA_ITS_ERROR_KEY_NOT_FOUND ) );
+ status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
+ TEST_ASSERT( ( status == PSA_SUCCESS ) ||
+ ( status == PSA_ERROR_DOES_NOT_EXIST ) );
status = mbedtls_psa_inject_entropy( seed, seed_length_a );
TEST_EQUAL( status, expected_status_a );
status = mbedtls_psa_inject_entropy( seed, seed_length_b );
@@ -64,7 +63,6 @@
/* BEGIN_CASE */
void run_entropy_inject_with_crypto_init( )
{
- psa_its_status_t its_status;
psa_status_t status;
int i;
uint8_t seed[MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE] = { 0 };
@@ -73,13 +71,13 @@
{
seed[i] = i;
}
- its_status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
- TEST_ASSERT( ( its_status == PSA_ITS_SUCCESS ) ||
- ( its_status == PSA_ITS_ERROR_KEY_NOT_FOUND ) );
+ status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
+ TEST_ASSERT( ( status == PSA_SUCCESS ) ||
+ ( status == PSA_ERROR_DOES_NOT_EXIST ) );
status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
PSA_ASSERT( status );
- its_status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
- TEST_EQUAL( its_status, PSA_ITS_SUCCESS );
+ status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
+ TEST_EQUAL( status, PSA_SUCCESS );
status = psa_crypto_init( );
TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_ENTROPY );
status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function
index e19ef2b..2fa307e 100644
--- a/tests/suites/test_suite_psa_crypto_persistent_key.function
+++ b/tests/suites/test_suite_psa_crypto_persistent_key.function
@@ -138,7 +138,7 @@
/* Check key slot storage is removed */
TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 );
TEST_EQUAL( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, &handle ),
- PSA_ERROR_EMPTY_SLOT );
+ PSA_ERROR_DOES_NOT_EXIST );
TEST_EQUAL( handle, 0 );
/* Shutdown and restart */
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data
index c545617..e937465 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.data
+++ b/tests/suites/test_suite_psa_crypto_slot_management.data
@@ -35,7 +35,7 @@
Open failure: non-existent identifier
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-open_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_EMPTY_SLOT
+open_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_DOES_NOT_EXIST
Open failure: volatile lifetime
open_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_ERROR_INVALID_ARGUMENT
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function
index 0ebdb1e..0278b88 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.function
+++ b/tests/suites/test_suite_psa_crypto_slot_management.function
@@ -178,7 +178,7 @@
break;
case CLOSE_BY_DESTROY:
TEST_EQUAL( psa_open_key( lifetime, id, &handle ),
- PSA_ERROR_EMPTY_SLOT );
+ PSA_ERROR_DOES_NOT_EXIST );
break;
}
@@ -223,7 +223,7 @@
/* Attempt to create a new key in the same slot. */
TEST_EQUAL( psa_create_key( lifetime, id, &handle2 ),
- PSA_ERROR_OCCUPIED_SLOT );
+ PSA_ERROR_ALREADY_EXISTS );
TEST_EQUAL( handle2, 0 );
if( reopen_policy == CLOSE_AFTER )
@@ -436,7 +436,7 @@
/* Copy the key. */
TEST_EQUAL( psa_copy_key( source_handle, target_handle, NULL ),
- PSA_ERROR_EMPTY_SLOT );
+ PSA_ERROR_DOES_NOT_EXIST );
/* Test that the slots are unaffected. */
PSA_ASSERT( psa_get_key_policy( source_handle, &got_policy ) );
@@ -514,7 +514,7 @@
/* Copy the key. */
TEST_EQUAL( psa_copy_key( source_handle, target_handle, NULL ),
- PSA_ERROR_OCCUPIED_SLOT );
+ PSA_ERROR_ALREADY_EXISTS );
/* Test that the target slot is unaffected. */
PSA_ASSERT( psa_get_key_information( target_handle,
@@ -579,7 +579,7 @@
/* Copy the key. */
TEST_EQUAL( psa_copy_key( handle, handle, NULL ),
- PSA_ERROR_OCCUPIED_SLOT );
+ PSA_ERROR_ALREADY_EXISTS );
/* Test that the slot is unaffected. */
PSA_ASSERT( psa_get_key_information( handle,
diff --git a/tests/suites/test_suite_psa_crypto_storage_file.data b/tests/suites/test_suite_psa_crypto_storage_file.data
index 730e092..4b068e1 100644
--- a/tests/suites/test_suite_psa_crypto_storage_file.data
+++ b/tests/suites/test_suite_psa_crypto_storage_file.data
@@ -24,7 +24,7 @@
PSA Storage Store into preexisting location, should fail
depends_on:MBEDTLS_FS_IO
-write_data_to_prexisting_file:"psa_key_slot_1":"deadbeef":PSA_ERROR_OCCUPIED_SLOT
+write_data_to_prexisting_file:"psa_key_slot_1":"deadbeef":PSA_ERROR_ALREADY_EXISTS
PSA Storage Store, preexisting temp_location file, should succeed
depends_on:MBEDTLS_FS_IO
@@ -40,4 +40,4 @@
PSA Storage Get data size nonexistent file location, should fail
depends_on:MBEDTLS_FS_IO
-get_file_size:"deadbeef":4:PSA_ERROR_EMPTY_SLOT:0
+get_file_size:"deadbeef":4:PSA_ERROR_DOES_NOT_EXIST:0
diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj
index 23d5c2c..bb92d8f 100644
--- a/visualc/VS2010/mbedTLS.vcxproj
+++ b/visualc/VS2010/mbedTLS.vcxproj
@@ -238,6 +238,7 @@
<ClInclude Include="..\..\include\psa\crypto_values.h" />
<ClInclude Include="..\..\library/psa_crypto_core.h" />
<ClInclude Include="..\..\library/psa_crypto_invasive.h" />
+ <ClInclude Include="..\..\library/psa_crypto_service_integration.h" />
<ClInclude Include="..\..\library/psa_crypto_slot_management.h" />
<ClInclude Include="..\..\library/psa_crypto_storage.h" />
<ClInclude Include="..\..\library/psa_crypto_storage_backend.h" />