eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Introduce PSA_PAKE_OPERATION_STAGE_SETUP to optimize out alg checks

Browse source 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
This commit is contained in:
Przemek Stekiel 2023-01-26 10:35:02 +01:00
parent ff01bc496c
commit 1c3cfb4fb0
2 changed files with 8 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

7
include/psa/crypto_extra.h
View file

@ -430,8 +430,9 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed,
#define PSA_DH_FAMILY_CUSTOM ((psa_dh_family_t) 0x7e) #define PSA_DH_FAMILY_CUSTOM ((psa_dh_family_t) 0x7e)
/** EC-JPAKE operation stages. */ /** EC-JPAKE operation stages. */
#define PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS 0 #define PSA_PAKE_OPERATION_STAGE_SETUP 0
#define PSA_PAKE_OPERATION_STAGE_COMPUTATION 1 #define PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS 1
#define PSA_PAKE_OPERATION_STAGE_COMPUTATION 2
/** /**
* \brief Set domain parameters for a key. * \brief Set domain parameters for a key.
@ -1893,7 +1894,7 @@ psa_status_t psa_pake_abort(psa_pake_operation_t *operation);
/** Returns a suitable initializer for a PAKE operation object of type /** Returns a suitable initializer for a PAKE operation object of type
* psa_pake_operation_t. * psa_pake_operation_t.
*/ */
#define PSA_PAKE_OPERATION_INIT { 0, PSA_ALG_NONE, PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS, \ #define PSA_PAKE_OPERATION_INIT { 0, PSA_ALG_NONE, PSA_PAKE_OPERATION_STAGE_SETUP, \
{ { 0 } }, { { 0 } } } { { 0 } }, { { 0 } } }
struct psa_pake_cipher_suite_s { struct psa_pake_cipher_suite_s {

26
library/psa_crypto.c
View file

@ -7237,11 +7237,7 @@ psa_status_t psa_pake_setup(
psa_pake_operation_t *operation, psa_pake_operation_t *operation,
const psa_pake_cipher_suite_t *cipher_suite) const psa_pake_cipher_suite_t *cipher_suite)
{ {
if (operation->stage != PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) { if (operation->stage != PSA_PAKE_OPERATION_STAGE_SETUP) {
return PSA_ERROR_BAD_STATE;
}
if (operation->alg != PSA_ALG_NONE) {
return PSA_ERROR_BAD_STATE; return PSA_ERROR_BAD_STATE;
} }
@ -7266,6 +7262,8 @@ psa_status_t psa_pake_setup(
computation_stage->output_step = PSA_PAKE_STEP_X1_X2; computation_stage->output_step = PSA_PAKE_STEP_X1_X2;
} }
operation->stage = PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS;
return PSA_SUCCESS; return PSA_SUCCESS;
} }
@ -7281,10 +7279,6 @@ psa_status_t psa_pake_set_password_key(
return PSA_ERROR_BAD_STATE; return PSA_ERROR_BAD_STATE;
} }
if (operation->alg == PSA_ALG_NONE) {
return PSA_ERROR_BAD_STATE;
}
status = psa_get_and_lock_key_slot_with_policy(password, &slot, status = psa_get_and_lock_key_slot_with_policy(password, &slot,
PSA_KEY_USAGE_DERIVE, PSA_KEY_USAGE_DERIVE,
PSA_ALG_JPAKE); PSA_ALG_JPAKE);
@ -7329,10 +7323,6 @@ psa_status_t psa_pake_set_user(
return PSA_ERROR_BAD_STATE; return PSA_ERROR_BAD_STATE;
} }
if (operation->alg == PSA_ALG_NONE) {
return PSA_ERROR_BAD_STATE;
}
if (user_id_len == 0) { if (user_id_len == 0) {
return PSA_ERROR_INVALID_ARGUMENT; return PSA_ERROR_INVALID_ARGUMENT;
} }
@ -7351,10 +7341,6 @@ psa_status_t psa_pake_set_peer(
return PSA_ERROR_BAD_STATE; return PSA_ERROR_BAD_STATE;
} }
if (operation->alg == PSA_ALG_NONE) {
return PSA_ERROR_BAD_STATE;
}
if (peer_id_len == 0) { if (peer_id_len == 0) {
return PSA_ERROR_INVALID_ARGUMENT; return PSA_ERROR_INVALID_ARGUMENT;
} }
@ -7370,10 +7356,6 @@ psa_status_t psa_pake_set_role(
return PSA_ERROR_BAD_STATE; return PSA_ERROR_BAD_STATE;
} }
if (operation->alg == PSA_ALG_NONE) {
return PSA_ERROR_BAD_STATE;
}
if (role != PSA_PAKE_ROLE_NONE && if (role != PSA_PAKE_ROLE_NONE &&
role != PSA_PAKE_ROLE_FIRST && role != PSA_PAKE_ROLE_FIRST &&
role != PSA_PAKE_ROLE_SECOND && role != PSA_PAKE_ROLE_SECOND &&
@ -7887,7 +7869,7 @@ psa_status_t psa_pake_abort(
} }
operation->alg = PSA_ALG_NONE; operation->alg = PSA_ALG_NONE;
operation->stage = PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS; operation->stage = PSA_PAKE_OPERATION_STAGE_SETUP;
operation->id = 0; operation->id = 0;
return PSA_SUCCESS; return PSA_SUCCESS;