From 5f3a938d9542bfa93f82f926586bd0e715df08da Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Wed, 13 Sep 2023 16:28:12 +0530 Subject: [PATCH 01/17] Fix psa_key_derivation_setup_kdf Signed-off-by: Kusumit Ghoderao --- library/psa_crypto.c | 83 ++++++++++++++++++++++++++++++-------------- 1 file changed, 57 insertions(+), 26 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a8baa6b6f..3ca89fbe8 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -6075,27 +6075,39 @@ static psa_status_t psa_key_derivation_setup_kdf( if (!is_kdf_alg_supported(kdf_alg)) { return PSA_ERROR_NOT_SUPPORTED; } + psa_status_t status = PSA_SUCCESS; + +#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS) + if (kdf_alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) { + operation->capacity = PSA_HASH_LENGTH(PSA_ALG_SHA_256); + return PSA_SUCCESS; + } +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128) + if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) { +#if (UINT_MAX > UINT32_MAX) + operation->capacity = UINT32_MAX * PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, + 128U, + PSA_ALG_CMAC); +#else + operation->capacity = UINT32_MAX; +#endif + return PSA_SUCCESS; + } +#endif - /* All currently supported key derivation algorithms (apart from - * ecjpake to pms and pbkdf2_aes_cmac_128) are based on a hash algorithm. */ psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH(kdf_alg); size_t hash_size = PSA_HASH_LENGTH(hash_alg); - if (kdf_alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) { - hash_size = PSA_HASH_LENGTH(PSA_ALG_SHA_256); - } else if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) { - hash_size = PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, 128U, PSA_ALG_CMAC); - } else { - if (hash_size == 0) { - return PSA_ERROR_NOT_SUPPORTED; - } + if (hash_size == 0) { + return PSA_ERROR_NOT_SUPPORTED; + } - /* Make sure that hash_alg is a supported hash algorithm. Otherwise - * we might fail later, which is somewhat unfriendly and potentially - * risk-prone. */ - psa_status_t status = psa_hash_try_support(hash_alg); - if (status != PSA_SUCCESS) { - return status; - } + /* Make sure that hash_alg is a supported hash algorithm. Otherwise + * we might fail later, which is somewhat unfriendly and potentially + * risk-prone. */ + status = psa_hash_try_support(hash_alg); + if (status != PSA_SUCCESS) { + return status; } if ((PSA_ALG_IS_TLS12_PRF(kdf_alg) || @@ -6103,16 +6115,35 @@ static psa_status_t psa_key_derivation_setup_kdf( !(hash_alg == PSA_ALG_SHA_256 || hash_alg == PSA_ALG_SHA_384)) { return PSA_ERROR_NOT_SUPPORTED; } -#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS) - if (PSA_ALG_IS_HKDF_EXTRACT(kdf_alg) || - (kdf_alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS)) { + if (PSA_ALG_IS_HKDF(kdf_alg)) { + operation->capacity = 255 * hash_size; + } +#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) + if (PSA_ALG_IS_HKDF_EXTRACT(kdf_alg)) { operation->capacity = hash_size; - } else -#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT || - MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS */ - operation->capacity = 255 * hash_size; - return PSA_SUCCESS; + } +#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT */ +#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND) + if (PSA_ALG_IS_HKDF_EXPAND(kdf_alg)) { + operation->capacity = 255 * hash_size; + } +#endif + if (PSA_ALG_IS_TLS12_PRF(kdf_alg)) { + operation->capacity = UINT_MAX; + } + if (PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) { + /* Master Secret consists of 2-byte version number + * and a 46-byte random value */ + operation->capacity = 48U; + } + if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg)) { +#if (UINT_MAX > UINT32_MAX) + operation->capacity = UINT32_MAX * hash_size; +#else + operation->capacity = UINT32_MAX; +#endif + } + return status; } static psa_status_t psa_key_agreement_try_support(psa_algorithm_t alg) From 4aa6b36a3510695d4caad9d272bb4160d393a05d Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Wed, 13 Sep 2023 16:50:09 +0530 Subject: [PATCH 02/17] add tests for derive_full and derive_set_capacity Signed-off-by: Kusumit Ghoderao --- tests/suites/test_suite_psa_crypto.data | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 1bd8b6500..aa9f4e39a 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -6320,6 +6320,10 @@ PSA key derivation: HKDF-Expand SHA-1, request too much capacity depends_on:PSA_WANT_ALG_HKDF_EXPAND:PSA_WANT_ALG_SHA_1 derive_set_capacity:PSA_ALG_HKDF_EXPAND(PSA_ALG_SHA_1):255 * PSA_HASH_LENGTH(PSA_ALG_SHA_1) + 1:PSA_ERROR_INVALID_ARGUMENT +PSA key derivation: TLS 1.2 PSK-to-MS, request too much capacity +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS +derive_set_capacity:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):48U + 1U:PSA_ERROR_INVALID_ARGUMENT + PSA key derivation: over capacity 42: output 42+1 depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":PSA_SUCCESS:0:"":PSA_SUCCESS:"":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"ff":0:1:0 @@ -6528,6 +6532,14 @@ PSA key derivation: TLS 1.2 PRF SHA-256, read maximum capacity depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF derive_full:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_256) +PSA key derivation: TLS 1.2 PSK-to-MS, read maximum capacity minus 1 +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS +derive_full:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":47 + +PSA key derivation: TLS 1.2 PSK-to-MS, read maximum capacity +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS +derive_full:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48 + PSA key derivation: HKDF SHA-256, exercise AES128-CTR depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR From a0907f5750efedda58e11ea6b09395ba36b0fc2d Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Fri, 27 Oct 2023 15:08:00 +0530 Subject: [PATCH 03/17] Reorder and correct comment Signed-off-by: Kusumit Ghoderao --- library/psa_crypto.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3ca89fbe8..a1d96bfa9 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -6110,11 +6110,6 @@ static psa_status_t psa_key_derivation_setup_kdf( return status; } - if ((PSA_ALG_IS_TLS12_PRF(kdf_alg) || - PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) && - !(hash_alg == PSA_ALG_SHA_256 || hash_alg == PSA_ALG_SHA_384)) { - return PSA_ERROR_NOT_SUPPORTED; - } if (PSA_ALG_IS_HKDF(kdf_alg)) { operation->capacity = 255 * hash_size; } @@ -6128,12 +6123,17 @@ static psa_status_t psa_key_derivation_setup_kdf( operation->capacity = 255 * hash_size; } #endif + if ((PSA_ALG_IS_TLS12_PRF(kdf_alg) || + PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) && + !(hash_alg == PSA_ALG_SHA_256 || hash_alg == PSA_ALG_SHA_384)) { + return PSA_ERROR_NOT_SUPPORTED; + } if (PSA_ALG_IS_TLS12_PRF(kdf_alg)) { operation->capacity = UINT_MAX; } if (PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) { - /* Master Secret consists of 2-byte version number - * and a 46-byte random value */ + /* Master Secret is always 48 bytes + * https://datatracker.ietf.org/doc/html/rfc5246.html#section-8.1 */ operation->capacity = 48U; } if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg)) { From 86e83dd4a7be88d6da353aa787d38aa777364aa1 Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Fri, 1 Dec 2023 16:38:26 +0530 Subject: [PATCH 04/17] Add kdf_set_max_capacity function Signed-off-by: Kusumit Ghoderao --- library/psa_crypto.c | 149 ++++++++++++++++++++++++------------------- 1 file changed, 82 insertions(+), 67 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a1d96bfa9..a116beff6 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -6063,6 +6063,86 @@ static psa_status_t psa_hash_try_support(psa_algorithm_t alg) return status; } +static psa_status_t psa_key_derivation_set_maximum_capacity( + psa_key_derivation_operation_t *operation, + psa_algorithm_t kdf_alg) +{ +#if defined(PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS) + if (kdf_alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) { + operation->capacity = PSA_HASH_LENGTH(PSA_ALG_SHA_256); + return PSA_SUCCESS; + } +#endif +#if defined(PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128) + if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) { +#if (SIZE_MAX > UINT32_MAX) + operation->capacity = UINT32_MAX * PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, + 128U, + PSA_ALG_CMAC); +#else + operation->capacity = SIZE_MAX; +#endif + return PSA_SUCCESS; + } +#endif /* PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 */ + + /* After this point, if kdf_alg is not valid then value of hash_alg may be + * invalid or meaningless but it does not affect this function */ + psa_algorithm_t hash_alg = PSA_ALG_GET_HASH(kdf_alg); + size_t hash_size = PSA_HASH_LENGTH(hash_alg); + + /* Make sure that hash_alg is a supported hash algorithm. Otherwise + * we might fail later, which is somewhat unfriendly and potentially + * risk-prone. */ + psa_status_t status = psa_hash_try_support(hash_alg); + if (status != PSA_SUCCESS) { + return status; + } + +#if defined(PSA_WANT_ALG_HKDF) + if (PSA_ALG_IS_HKDF(kdf_alg)) { + operation->capacity = 255 * hash_size; + } else +#endif +#if defined(PSA_WANT_ALG_HKDF_EXTRACT) + if (PSA_ALG_IS_HKDF_EXTRACT(kdf_alg)) { + operation->capacity = hash_size; + } else +#endif +#if defined(PSA_WANT_ALG_HKDF_EXPAND) + if (PSA_ALG_IS_HKDF_EXPAND(kdf_alg)) { + operation->capacity = 255 * hash_size; + } else +#endif +#if defined(PSA_WANT_ALG_TLS12_PRF) + if (PSA_ALG_IS_TLS12_PRF(kdf_alg) && + (hash_alg == PSA_ALG_SHA_256 || hash_alg == PSA_ALG_SHA_384)) { + operation->capacity = SIZE_MAX; + } else +#endif +#if defined(PSA_WANT_ALG_TLS12_PSK_TO_MS) + if (PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg) && + (hash_alg == PSA_ALG_SHA_256 || hash_alg == PSA_ALG_SHA_384)) { + /* Master Secret is always 48 bytes + * https://datatracker.ietf.org/doc/html/rfc5246.html#section-8.1 */ + operation->capacity = 48U; + } else +#endif +#if defined(PSA_WANT_ALG_PBKDF2_HMAC) + if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg)) { +#if (SIZE_MAX > UINT32_MAX) + operation->capacity = UINT32_MAX * hash_size; +#else + operation->capacity = SIZE_MAX; +#endif + } else +#endif /* PSA_WANT_ALG_PBKDF2_HMAC */ + { + status = PSA_ERROR_NOT_SUPPORTED; + } + return status; +} + static psa_status_t psa_key_derivation_setup_kdf( psa_key_derivation_operation_t *operation, psa_algorithm_t kdf_alg) @@ -6075,74 +6155,9 @@ static psa_status_t psa_key_derivation_setup_kdf( if (!is_kdf_alg_supported(kdf_alg)) { return PSA_ERROR_NOT_SUPPORTED; } - psa_status_t status = PSA_SUCCESS; -#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS) - if (kdf_alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) { - operation->capacity = PSA_HASH_LENGTH(PSA_ALG_SHA_256); - return PSA_SUCCESS; - } -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128) - if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) { -#if (UINT_MAX > UINT32_MAX) - operation->capacity = UINT32_MAX * PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, - 128U, - PSA_ALG_CMAC); -#else - operation->capacity = UINT32_MAX; -#endif - return PSA_SUCCESS; - } -#endif - - psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH(kdf_alg); - size_t hash_size = PSA_HASH_LENGTH(hash_alg); - if (hash_size == 0) { - return PSA_ERROR_NOT_SUPPORTED; - } - - /* Make sure that hash_alg is a supported hash algorithm. Otherwise - * we might fail later, which is somewhat unfriendly and potentially - * risk-prone. */ - status = psa_hash_try_support(hash_alg); - if (status != PSA_SUCCESS) { - return status; - } - - if (PSA_ALG_IS_HKDF(kdf_alg)) { - operation->capacity = 255 * hash_size; - } -#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) - if (PSA_ALG_IS_HKDF_EXTRACT(kdf_alg)) { - operation->capacity = hash_size; - } -#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT */ -#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND) - if (PSA_ALG_IS_HKDF_EXPAND(kdf_alg)) { - operation->capacity = 255 * hash_size; - } -#endif - if ((PSA_ALG_IS_TLS12_PRF(kdf_alg) || - PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) && - !(hash_alg == PSA_ALG_SHA_256 || hash_alg == PSA_ALG_SHA_384)) { - return PSA_ERROR_NOT_SUPPORTED; - } - if (PSA_ALG_IS_TLS12_PRF(kdf_alg)) { - operation->capacity = UINT_MAX; - } - if (PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) { - /* Master Secret is always 48 bytes - * https://datatracker.ietf.org/doc/html/rfc5246.html#section-8.1 */ - operation->capacity = 48U; - } - if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg)) { -#if (UINT_MAX > UINT32_MAX) - operation->capacity = UINT32_MAX * hash_size; -#else - operation->capacity = UINT32_MAX; -#endif - } + psa_status_t status = psa_key_derivation_set_maximum_capacity(operation, + kdf_alg); return status; } From 9ffd397e4c217ef7cb3fdae4ea79fb2a7a8a4de8 Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Fri, 1 Dec 2023 16:40:13 +0530 Subject: [PATCH 05/17] Increase input parameter type and buffer size Signed-off-by: Kusumit Ghoderao --- tests/suites/test_suite_psa_crypto.function | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 4c08a9017..f87c8000c 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -8451,7 +8451,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void derive_set_capacity(int alg_arg, int capacity_arg, +void derive_set_capacity(int alg_arg, int64_t capacity_arg, int expected_status_arg) { psa_algorithm_t alg = alg_arg; @@ -8932,7 +8932,7 @@ void derive_full(int alg_arg, psa_algorithm_t alg = alg_arg; size_t requested_capacity = requested_capacity_arg; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; - unsigned char output_buffer[16]; + unsigned char output_buffer[32]; size_t expected_capacity = requested_capacity; size_t current_capacity; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; From 2c4264bd412f64bafda9a19e6756efd3c0a1828d Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Fri, 1 Dec 2023 16:41:26 +0530 Subject: [PATCH 06/17] Add hkdf_extract, hkdf_expand and ecjpake_to_pms cases Signed-off-by: Kusumit Ghoderao --- tests/src/psa_exercise_key.c | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/tests/src/psa_exercise_key.c b/tests/src/psa_exercise_key.c index f8b36e1fa..560b7113d 100644 --- a/tests/src/psa_exercise_key.c +++ b/tests/src/psa_exercise_key.c @@ -414,6 +414,21 @@ int mbedtls_test_psa_setup_key_derivation_wrap( PSA_KEY_DERIVATION_INPUT_INFO, input2, input2_length)); + } else if (PSA_ALG_IS_HKDF_EXTRACT(alg)) { + PSA_ASSERT(psa_key_derivation_input_bytes(operation, + PSA_KEY_DERIVATION_INPUT_SALT, + input1, input1_length)); + PSA_ASSERT(psa_key_derivation_input_key(operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + key)); + } else if (PSA_ALG_IS_HKDF_EXPAND(alg)) { + PSA_ASSERT(psa_key_derivation_input_key(operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + key)); + PSA_ASSERT(psa_key_derivation_input_bytes(operation, + PSA_KEY_DERIVATION_INPUT_INFO, + input2, + input2_length)); } else if (PSA_ALG_IS_TLS12_PRF(alg) || PSA_ALG_IS_TLS12_PSK_TO_MS(alg)) { PSA_ASSERT(psa_key_derivation_input_bytes(operation, @@ -436,6 +451,10 @@ int mbedtls_test_psa_setup_key_derivation_wrap( PSA_ASSERT(psa_key_derivation_input_key(operation, PSA_KEY_DERIVATION_INPUT_PASSWORD, key)); + } else if (alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) { + PSA_ASSERT(psa_key_derivation_input_bytes(operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + input1, input1_length)); } else { TEST_FAIL("Key derivation algorithm not supported"); } From 604e1cbbe70d4485c6a34bf78bf2722aebc8f4ea Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Fri, 1 Dec 2023 16:43:03 +0530 Subject: [PATCH 07/17] Change error status for invalid HKDF alg Signed-off-by: Kusumit Ghoderao --- tests/suites/test_suite_psa_crypto.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index aa9f4e39a..61181f448 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -5185,7 +5185,7 @@ derive_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT PSA key derivation setup: algorithm from bad hash depends_on:PSA_WANT_ALG_SHA_256 -derive_setup:PSA_ALG_HKDF(PSA_ALG_CATEGORY_HASH):PSA_ERROR_NOT_SUPPORTED +derive_setup:PSA_ALG_HKDF(PSA_ALG_CATEGORY_HASH):PSA_ERROR_INVALID_ARGUMENT PSA key derivation setup: bad algorithm depends_on:PSA_WANT_ALG_SHA_256 @@ -7041,7 +7041,7 @@ key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA PSA key agreement setup: ECDH, unknown KDF depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 -key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED +key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT PSA key agreement setup: bad key agreement algorithm depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 From 1da06da398eb9c0d03a269ac546f7ea2f3f8c588 Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Fri, 1 Dec 2023 16:44:02 +0530 Subject: [PATCH 08/17] Add tests for derive_set_capacity for pbkdf and ecjpake_to_pms Signed-off-by: Kusumit Ghoderao --- tests/suites/test_suite_psa_crypto.data | 26 +++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 61181f448..3ab07d90c 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -6324,6 +6324,32 @@ PSA key derivation: TLS 1.2 PSK-to-MS, request too much capacity depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS derive_set_capacity:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):48U + 1U:PSA_ERROR_INVALID_ARGUMENT +PSA key derivation: TLS 1.2 ECJPAKE-to-PMS, request too much capacity +depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS +derive_set_capacity:PSA_ALG_TLS12_ECJPAKE_TO_PMS:PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT + +# UINT32_MAX * PSA_HASH_LENGTH(PSA_ALG_SHA_256) = 137438953440 +# This test case will work correctly on 64-bit machines +PSA key derivation: PBKDF2-HMAC-SHA256, request too much capacity +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):UINT32_MAX * PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, request too much capacity +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:UINT32_MAX * PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE + 1:PSA_ERROR_INVALID_ARGUMENT + +PSA key derivation: TLS 1.2 PRF, request maximum capacity +depends_on:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_SHA_256 +derive_set_capacity:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):SIZE_MAX:PSA_SUCCESS + +PSA key derivation: PBKDF2-HMAC-SHA256, request maximum capacity +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):UINT32_MAX * PSA_HASH_LENGTH(PSA_ALG_SHA_256):PSA_SUCCESS + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, request maximum capacity +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:UINT32_MAX * PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE:PSA_SUCCESS + PSA key derivation: over capacity 42: output 42+1 depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":PSA_SUCCESS:0:"":PSA_SUCCESS:"":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"ff":0:1:0 From d3ae165adb1b375828e0724632acbcb13adaf387 Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Fri, 1 Dec 2023 16:44:52 +0530 Subject: [PATCH 09/17] Add tests for derive_full for hkdf_extract, hkdf_expand and ecjpake_to_pms Signed-off-by: Kusumit Ghoderao --- tests/suites/test_suite_psa_crypto.data | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 3ab07d90c..3d79e459d 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -6550,13 +6550,21 @@ PSA key derivation: HKDF SHA-256, read maximum capacity depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_256) -PSA key derivation: TLS 1.2 PRF SHA-256, read maximum capacity minus 1 -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF -derive_full:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_256) - 1 +PSA key derivation: HKDF-Extract SHA-256, read maximum capacity minus 1 +depends_on:PSA_WANT_ALG_HKDF_EXTRACT:PSA_WANT_ALG_SHA_256 +derive_full:PSA_ALG_HKDF_EXTRACT(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"":PSA_HASH_LENGTH(PSA_ALG_SHA_256) - 1 -PSA key derivation: TLS 1.2 PRF SHA-256, read maximum capacity -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF -derive_full:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_256) +PSA key derivation: HKDF-Extract SHA-256, read maximum capacity +depends_on:PSA_WANT_ALG_HKDF_EXTRACT:PSA_WANT_ALG_SHA_256 +derive_full:PSA_ALG_HKDF_EXTRACT(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"":PSA_HASH_LENGTH(PSA_ALG_SHA_256) + +PSA key derivation: HKDF-Expand SHA-256, read maximum capacity minus 1 +depends_on:PSA_WANT_ALG_HKDF_EXPAND:PSA_WANT_ALG_SHA_256 +derive_full:PSA_ALG_HKDF_EXPAND(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_256) - 1 + +PSA key derivation: HKDF-Expand SHA-256, read maximum capacity +depends_on:PSA_WANT_ALG_HKDF_EXPAND:PSA_WANT_ALG_SHA_256 +derive_full:PSA_ALG_HKDF_EXPAND(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_256) PSA key derivation: TLS 1.2 PSK-to-MS, read maximum capacity minus 1 depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS @@ -6566,6 +6574,10 @@ PSA key derivation: TLS 1.2 PSK-to-MS, read maximum capacity depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS derive_full:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48 +PSA key derivation: TLS 1.2 ECJPAKE-to-PMS, read maximum capacity +depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS +derive_full:PSA_ALG_TLS12_ECJPAKE_TO_PMS:"deadbeef":"0409fc1accc230a205e4a208e64a8f204291f581a12756392da4b8c0cf5ef02b950000000000000000000000000000000000000000000000000000000000000000":"":PSA_HASH_LENGTH(PSA_ALG_SHA_256) + PSA key derivation: HKDF SHA-256, exercise AES128-CTR depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR From 83455ebcc002d5604c7a492b84c1158a8b428f6f Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Fri, 1 Dec 2023 16:50:51 +0530 Subject: [PATCH 10/17] disable pbkdf2_hmac set max capacity test Signed-off-by: Kusumit Ghoderao --- tests/suites/test_suite_psa_crypto.data | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 3d79e459d..36f48f28d 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -6328,11 +6328,10 @@ PSA key derivation: TLS 1.2 ECJPAKE-to-PMS, request too much capacity depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS derive_set_capacity:PSA_ALG_TLS12_ECJPAKE_TO_PMS:PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT -# UINT32_MAX * PSA_HASH_LENGTH(PSA_ALG_SHA_256) = 137438953440 # This test case will work correctly on 64-bit machines -PSA key derivation: PBKDF2-HMAC-SHA256, request too much capacity -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 -derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):UINT32_MAX * PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT +#PSA key derivation: PBKDF2-HMAC-SHA256, request too much capacity +#depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +#erive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):UINT32_MAX * PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT PSA key derivation: PBKDF2-AES-CMAC-PRF-128, request too much capacity depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES From 911eafda316e3f1ba3ba43af143c06cbbec48c3d Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Fri, 1 Dec 2023 16:59:56 +0530 Subject: [PATCH 11/17] add bugfix changelog entry Signed-off-by: Kusumit Ghoderao --- ChangeLog.d/fix_kdf_correct_initial_capacity.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/fix_kdf_correct_initial_capacity.txt diff --git a/ChangeLog.d/fix_kdf_correct_initial_capacity.txt b/ChangeLog.d/fix_kdf_correct_initial_capacity.txt new file mode 100644 index 000000000..6eeffd777 --- /dev/null +++ b/ChangeLog.d/fix_kdf_correct_initial_capacity.txt @@ -0,0 +1,3 @@ +Bugfix + * Correct initial capacities for key derivation algorithms:TLS12_PRF, + TLS12_PSK_TO_MS, PBKDF2-HMAC, PBKDF2-CMAC From d3f70d321a16a5e043a8d6341a830b516024d1f4 Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Wed, 6 Dec 2023 16:20:04 +0530 Subject: [PATCH 12/17] fix unused variable warning and other fixes Signed-off-by: Kusumit Ghoderao --- ...ity.txt => fix_kdf_incorrect_initial_capacity.txt} | 2 +- library/psa_crypto.c | 11 ++++++++--- 2 files changed, 9 insertions(+), 4 deletions(-) rename ChangeLog.d/{fix_kdf_correct_initial_capacity.txt => fix_kdf_incorrect_initial_capacity.txt} (92%) diff --git a/ChangeLog.d/fix_kdf_correct_initial_capacity.txt b/ChangeLog.d/fix_kdf_incorrect_initial_capacity.txt similarity index 92% rename from ChangeLog.d/fix_kdf_correct_initial_capacity.txt rename to ChangeLog.d/fix_kdf_incorrect_initial_capacity.txt index 6eeffd777..10e2795bb 100644 --- a/ChangeLog.d/fix_kdf_correct_initial_capacity.txt +++ b/ChangeLog.d/fix_kdf_incorrect_initial_capacity.txt @@ -1,3 +1,3 @@ Bugfix - * Correct initial capacities for key derivation algorithms:TLS12_PRF, + * Correct initial capacities for key derivation algorithms:TLS12_PRF, TLS12_PSK_TO_MS, PBKDF2-HMAC, PBKDF2-CMAC diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a116beff6..672a97d1a 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -6076,9 +6076,10 @@ static psa_status_t psa_key_derivation_set_maximum_capacity( #if defined(PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128) if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) { #if (SIZE_MAX > UINT32_MAX) - operation->capacity = UINT32_MAX * PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, - 128U, - PSA_ALG_CMAC); + operation->capacity = UINT32_MAX * (size_t)PSA_MAC_LENGTH( + PSA_KEY_TYPE_AES, + 128U, + PSA_ALG_CMAC); #else operation->capacity = SIZE_MAX; #endif @@ -6090,6 +6091,9 @@ static psa_status_t psa_key_derivation_set_maximum_capacity( * invalid or meaningless but it does not affect this function */ psa_algorithm_t hash_alg = PSA_ALG_GET_HASH(kdf_alg); size_t hash_size = PSA_HASH_LENGTH(hash_alg); + if (hash_size == 0) { + return PSA_ERROR_NOT_SUPPORTED; + } /* Make sure that hash_alg is a supported hash algorithm. Otherwise * we might fail later, which is somewhat unfriendly and potentially @@ -6138,6 +6142,7 @@ static psa_status_t psa_key_derivation_set_maximum_capacity( } else #endif /* PSA_WANT_ALG_PBKDF2_HMAC */ { + (void) hash_size; status = PSA_ERROR_NOT_SUPPORTED; } return status; From f4351c1a619859fe7215c9a5e7efd6dbfe6a1b18 Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Wed, 6 Dec 2023 16:20:47 +0530 Subject: [PATCH 13/17] correct test data Signed-off-by: Kusumit Ghoderao --- tests/suites/test_suite_psa_crypto.data | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 36f48f28d..71f5b8e42 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -5185,7 +5185,7 @@ derive_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT PSA key derivation setup: algorithm from bad hash depends_on:PSA_WANT_ALG_SHA_256 -derive_setup:PSA_ALG_HKDF(PSA_ALG_CATEGORY_HASH):PSA_ERROR_INVALID_ARGUMENT +derive_setup:PSA_ALG_HKDF(PSA_ALG_CATEGORY_HASH):PSA_ERROR_NOT_SUPPORTED PSA key derivation setup: bad algorithm depends_on:PSA_WANT_ALG_SHA_256 @@ -6329,25 +6329,28 @@ depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS derive_set_capacity:PSA_ALG_TLS12_ECJPAKE_TO_PMS:PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT # This test case will work correctly on 64-bit machines -#PSA key derivation: PBKDF2-HMAC-SHA256, request too much capacity -#depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 -#erive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):UINT32_MAX * PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT +PSA key derivation: PBKDF2-HMAC-SHA256, request too much capacity +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT +# This test case will work correctly on 64-bit machines PSA key derivation: PBKDF2-AES-CMAC-PRF-128, request too much capacity depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES -derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:UINT32_MAX * PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE + 1:PSA_ERROR_INVALID_ARGUMENT +derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:4294967295UL * PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE + 1:PSA_ERROR_INVALID_ARGUMENT PSA key derivation: TLS 1.2 PRF, request maximum capacity depends_on:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_SHA_256 derive_set_capacity:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):SIZE_MAX:PSA_SUCCESS +# This test case will work correctly on 64-bit machines PSA key derivation: PBKDF2-HMAC-SHA256, request maximum capacity depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 -derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):UINT32_MAX * PSA_HASH_LENGTH(PSA_ALG_SHA_256):PSA_SUCCESS +derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_256):PSA_SUCCESS +# This test case will work correctly on 64-bit machines PSA key derivation: PBKDF2-AES-CMAC-PRF-128, request maximum capacity depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES -derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:UINT32_MAX * PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE:PSA_SUCCESS +derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:4294967295UL * PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE:PSA_SUCCESS PSA key derivation: over capacity 42: output 42+1 depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 @@ -7078,7 +7081,7 @@ key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA PSA key agreement setup: ECDH, unknown KDF depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 -key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT +key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED PSA key agreement setup: bad key agreement algorithm depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 From 7d4db631cf7396e71473e690b9bd24d9aee4ff4b Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Thu, 7 Dec 2023 16:17:46 +0530 Subject: [PATCH 14/17] add depends on for capacity tests and fix code style Signed-off-by: Kusumit Ghoderao --- library/psa_crypto.c | 2 +- tests/suites/test_suite_psa_crypto.data | 20 ++++++++------------ 2 files changed, 9 insertions(+), 13 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 672a97d1a..8e6a75834 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -6076,7 +6076,7 @@ static psa_status_t psa_key_derivation_set_maximum_capacity( #if defined(PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128) if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) { #if (SIZE_MAX > UINT32_MAX) - operation->capacity = UINT32_MAX * (size_t)PSA_MAC_LENGTH( + operation->capacity = UINT32_MAX * (size_t) PSA_MAC_LENGTH( PSA_KEY_TYPE_AES, 128U, PSA_ALG_CMAC); diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 71f5b8e42..7f9fa3c7f 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -6328,28 +6328,24 @@ PSA key derivation: TLS 1.2 ECJPAKE-to-PMS, request too much capacity depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS derive_set_capacity:PSA_ALG_TLS12_ECJPAKE_TO_PMS:PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT -# This test case will work correctly on 64-bit machines -PSA key derivation: PBKDF2-HMAC-SHA256, request too much capacity -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 -derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT +#PSA key derivation: PBKDF2-HMAC-SHA256, request too much capacity +#depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256:SIZE_MAX>=0xffffffffffffffff +#derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT -# This test case will work correctly on 64-bit machines -PSA key derivation: PBKDF2-AES-CMAC-PRF-128, request too much capacity -depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES -derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:4294967295UL * PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE + 1:PSA_ERROR_INVALID_ARGUMENT +#PSA key derivation: PBKDF2-AES-CMAC-PRF-128, request too much capacity +#depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:SIZE_MAX>=0xffffffffffffffff +#derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:4294967295UL * PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE + 1:PSA_ERROR_INVALID_ARGUMENT PSA key derivation: TLS 1.2 PRF, request maximum capacity depends_on:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_SHA_256 derive_set_capacity:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):SIZE_MAX:PSA_SUCCESS -# This test case will work correctly on 64-bit machines PSA key derivation: PBKDF2-HMAC-SHA256, request maximum capacity -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256:SIZE_MAX>=0xffffffffffffffff derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_256):PSA_SUCCESS -# This test case will work correctly on 64-bit machines PSA key derivation: PBKDF2-AES-CMAC-PRF-128, request maximum capacity -depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:SIZE_MAX>=0xffffffffffffffff derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:4294967295UL * PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE:PSA_SUCCESS PSA key derivation: over capacity 42: output 42+1 From 179f33a1ea356f5bec04896efbdda8a6d5c8f2f5 Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Wed, 10 Jan 2024 21:48:38 +0530 Subject: [PATCH 15/17] add test cases with different hash algs Signed-off-by: Kusumit Ghoderao --- tests/suites/test_suite_psa_crypto.data | 85 ++++++++++++++++++++----- 1 file changed, 68 insertions(+), 17 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 7f9fa3c7f..bc35d32a0 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -5452,19 +5452,19 @@ depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: TLS12_ECJPAKE_TO_PMS, good input, output too short -depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS +depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS:PSA_WANT_ALG_SHA_256 derive_input:PSA_ALG_TLS12_ECJPAKE_TO_PMS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"04aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_SUCCESS:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_INVALID_ARGUMENT PSA key derivation: TLS12_ECJPAKE_TO_PMS, input[0]=0x02 -depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS +depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS:PSA_WANT_ALG_SHA_256 derive_input:PSA_ALG_TLS12_ECJPAKE_TO_PMS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"02aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ERROR_INVALID_ARGUMENT:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: TLS12_ECJPAKE_TO_PMS, input too short -depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS +depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS:PSA_WANT_ALG_SHA_256 derive_input:PSA_ALG_TLS12_ECJPAKE_TO_PMS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"04aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ERROR_INVALID_ARGUMENT:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: TLS12_ECJPAKE_TO_PMS, input too long -depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS +depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS:PSA_WANT_ALG_SHA_256 derive_input:PSA_ALG_TLS12_ECJPAKE_TO_PMS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"04aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ERROR_INVALID_ARGUMENT:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: PBKDF2-HMAC-SHA256, good case, direct output @@ -6320,33 +6320,52 @@ PSA key derivation: HKDF-Expand SHA-1, request too much capacity depends_on:PSA_WANT_ALG_HKDF_EXPAND:PSA_WANT_ALG_SHA_1 derive_set_capacity:PSA_ALG_HKDF_EXPAND(PSA_ALG_SHA_1):255 * PSA_HASH_LENGTH(PSA_ALG_SHA_1) + 1:PSA_ERROR_INVALID_ARGUMENT -PSA key derivation: TLS 1.2 PSK-to-MS, request too much capacity +# TLS 1.2 PRF does not have a maximum capacity therefore +# derive_set_capacity negative test case is not added + +PSA key derivation: TLS 1.2 PSK-to-MS SHA-256, request too much capacity depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS derive_set_capacity:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):48U + 1U:PSA_ERROR_INVALID_ARGUMENT +PSA key derivation: TLS 1.2 PSK-to-MS SHA-384, request too much capacity +depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS +derive_set_capacity:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):48U + 1U:PSA_ERROR_INVALID_ARGUMENT + PSA key derivation: TLS 1.2 ECJPAKE-to-PMS, request too much capacity -depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS +depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS:PSA_WANT_ALG_SHA_256 derive_set_capacity:PSA_ALG_TLS12_ECJPAKE_TO_PMS:PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT -#PSA key derivation: PBKDF2-HMAC-SHA256, request too much capacity -#depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256:SIZE_MAX>=0xffffffffffffffff -#derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT +PSA key derivation: PBKDF2-HMAC-SHA256, request too much capacity +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256:SIZE_MAX>=0xffffffffffffffff +derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT -#PSA key derivation: PBKDF2-AES-CMAC-PRF-128, request too much capacity -#depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:SIZE_MAX>=0xffffffffffffffff -#derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:4294967295UL * PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE + 1:PSA_ERROR_INVALID_ARGUMENT +PSA key derivation: PBKDF2-HMAC-SHA512, request too much capacity +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_512:SIZE_MAX>=0xffffffffffffffff +derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_512):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_512) + 1:PSA_ERROR_INVALID_ARGUMENT -PSA key derivation: TLS 1.2 PRF, request maximum capacity +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, request too much capacity +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:SIZE_MAX>=0xffffffffffffffff +derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:4294967295UL * 16 + 1:PSA_ERROR_INVALID_ARGUMENT + +PSA key derivation: TLS 1.2 PRF SHA-256, request maximum capacity depends_on:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_SHA_256 derive_set_capacity:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):SIZE_MAX:PSA_SUCCESS +PSA key derivation: TLS 1.2 PRF SHA-384, request maximum capacity +depends_on:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_SHA_384 +derive_set_capacity:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):SIZE_MAX:PSA_SUCCESS + PSA key derivation: PBKDF2-HMAC-SHA256, request maximum capacity depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256:SIZE_MAX>=0xffffffffffffffff derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_256):PSA_SUCCESS +PSA key derivation: PBKDF2-HMAC-SHA512, request maximum capacity +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_512:SIZE_MAX>=0xffffffffffffffff +derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_512):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_512):PSA_SUCCESS + PSA key derivation: PBKDF2-AES-CMAC-PRF-128, request maximum capacity depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:SIZE_MAX>=0xffffffffffffffff -derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:4294967295UL * PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE:PSA_SUCCESS +derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:4294967295UL * 16:PSA_SUCCESS PSA key derivation: over capacity 42: output 42+1 depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 @@ -6544,36 +6563,68 @@ PSA key derivation: HKDF SHA-256, read maximum capacity minus 1 depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_256) - 1 +PSA key derivation: HKDF SHA-512, read maximum capacity minus 1 +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512 +derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_512) - 1 + PSA key derivation: HKDF SHA-256, read maximum capacity depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_256) +PSA key derivation: HKDF SHA-512, read maximum capacity +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512 +derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_512) + PSA key derivation: HKDF-Extract SHA-256, read maximum capacity minus 1 depends_on:PSA_WANT_ALG_HKDF_EXTRACT:PSA_WANT_ALG_SHA_256 derive_full:PSA_ALG_HKDF_EXTRACT(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"":PSA_HASH_LENGTH(PSA_ALG_SHA_256) - 1 +PSA key derivation: HKDF-Extract SHA-512, read maximum capacity minus 1 +depends_on:PSA_WANT_ALG_HKDF_EXTRACT:PSA_WANT_ALG_SHA_512 +derive_full:PSA_ALG_HKDF_EXTRACT(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"":PSA_HASH_LENGTH(PSA_ALG_SHA_512) - 1 + PSA key derivation: HKDF-Extract SHA-256, read maximum capacity depends_on:PSA_WANT_ALG_HKDF_EXTRACT:PSA_WANT_ALG_SHA_256 derive_full:PSA_ALG_HKDF_EXTRACT(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"":PSA_HASH_LENGTH(PSA_ALG_SHA_256) +PSA key derivation: HKDF-Extract SHA-512, read maximum capacity +depends_on:PSA_WANT_ALG_HKDF_EXTRACT:PSA_WANT_ALG_SHA_512 +derive_full:PSA_ALG_HKDF_EXTRACT(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"":PSA_HASH_LENGTH(PSA_ALG_SHA_512) + PSA key derivation: HKDF-Expand SHA-256, read maximum capacity minus 1 depends_on:PSA_WANT_ALG_HKDF_EXPAND:PSA_WANT_ALG_SHA_256 derive_full:PSA_ALG_HKDF_EXPAND(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_256) - 1 +PSA key derivation: HKDF-Expand SHA-512, read maximum capacity minus 1 +depends_on:PSA_WANT_ALG_HKDF_EXPAND:PSA_WANT_ALG_SHA_512 +derive_full:PSA_ALG_HKDF_EXPAND(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_512) - 1 + PSA key derivation: HKDF-Expand SHA-256, read maximum capacity depends_on:PSA_WANT_ALG_HKDF_EXPAND:PSA_WANT_ALG_SHA_256 derive_full:PSA_ALG_HKDF_EXPAND(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_256) -PSA key derivation: TLS 1.2 PSK-to-MS, read maximum capacity minus 1 +PSA key derivation: HKDF-Expand SHA-512, read maximum capacity +depends_on:PSA_WANT_ALG_HKDF_EXPAND:PSA_WANT_ALG_SHA_512 +derive_full:PSA_ALG_HKDF_EXPAND(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_512) + +PSA key derivation: TLS 1.2 PSK-to-MS SHA-256, read maximum capacity minus 1 depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS derive_full:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":47 -PSA key derivation: TLS 1.2 PSK-to-MS, read maximum capacity +PSA key derivation: TLS 1.2 PSK-to-MS SHA-384, read maximum capacity minus 1 +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS +derive_full:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":47 + +PSA key derivation: TLS 1.2 PSK-to-MS SHA-256, read maximum capacity depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS derive_full:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48 +PSA key derivation: TLS 1.2 PSK-to-MS SHA-384, read maximum capacity +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS +derive_full:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48 + PSA key derivation: TLS 1.2 ECJPAKE-to-PMS, read maximum capacity -depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS +depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS:PSA_WANT_ALG_SHA_256 derive_full:PSA_ALG_TLS12_ECJPAKE_TO_PMS:"deadbeef":"0409fc1accc230a205e4a208e64a8f204291f581a12756392da4b8c0cf5ef02b950000000000000000000000000000000000000000000000000000000000000000":"":PSA_HASH_LENGTH(PSA_ALG_SHA_256) PSA key derivation: HKDF SHA-256, exercise AES128-CTR From a7c55d5a1484db6eb502712e5171043a1e395a75 Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Thu, 11 Jan 2024 00:43:48 +0530 Subject: [PATCH 16/17] fix depends on condition Signed-off-by: Kusumit Ghoderao --- tests/suites/test_suite_psa_crypto.data | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index bc35d32a0..660b73d5d 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -6361,7 +6361,7 @@ derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):4294967295UL * PSA_HASH PSA key derivation: PBKDF2-HMAC-SHA512, request maximum capacity depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_512:SIZE_MAX>=0xffffffffffffffff -derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_512):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_512):PSA_SUCCESS +derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_512):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_512):PSA_SUCCESS PSA key derivation: PBKDF2-AES-CMAC-PRF-128, request maximum capacity depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:SIZE_MAX>=0xffffffffffffffff @@ -6612,7 +6612,7 @@ depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS derive_full:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":47 PSA key derivation: TLS 1.2 PSK-to-MS SHA-384, read maximum capacity minus 1 -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS +depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS derive_full:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":47 PSA key derivation: TLS 1.2 PSK-to-MS SHA-256, read maximum capacity @@ -6620,7 +6620,7 @@ depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS derive_full:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48 PSA key derivation: TLS 1.2 PSK-to-MS SHA-384, read maximum capacity -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS +depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS derive_full:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48 PSA key derivation: TLS 1.2 ECJPAKE-to-PMS, read maximum capacity From 153586a3d56ea1ef19d24b899a7f9eac018b4ae0 Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Fri, 12 Jan 2024 11:19:16 +0530 Subject: [PATCH 17/17] change values to ULL Signed-off-by: Kusumit Ghoderao --- tests/suites/test_suite_psa_crypto.data | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 660b73d5d..cd6033308 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -6337,15 +6337,15 @@ derive_set_capacity:PSA_ALG_TLS12_ECJPAKE_TO_PMS:PSA_HASH_LENGTH(PSA_ALG_SHA_256 PSA key derivation: PBKDF2-HMAC-SHA256, request too much capacity depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256:SIZE_MAX>=0xffffffffffffffff -derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT +derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):4294967295ULL * PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT PSA key derivation: PBKDF2-HMAC-SHA512, request too much capacity depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_512:SIZE_MAX>=0xffffffffffffffff -derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_512):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_512) + 1:PSA_ERROR_INVALID_ARGUMENT +derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_512):4294967295ULL * PSA_HASH_LENGTH(PSA_ALG_SHA_512) + 1:PSA_ERROR_INVALID_ARGUMENT PSA key derivation: PBKDF2-AES-CMAC-PRF-128, request too much capacity depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:SIZE_MAX>=0xffffffffffffffff -derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:4294967295UL * 16 + 1:PSA_ERROR_INVALID_ARGUMENT +derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:4294967295ULL * 16 + 1:PSA_ERROR_INVALID_ARGUMENT PSA key derivation: TLS 1.2 PRF SHA-256, request maximum capacity depends_on:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_SHA_256 @@ -6357,15 +6357,15 @@ derive_set_capacity:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):SIZE_MAX:PSA_SUCCESS PSA key derivation: PBKDF2-HMAC-SHA256, request maximum capacity depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256:SIZE_MAX>=0xffffffffffffffff -derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_256):PSA_SUCCESS +derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):4294967295ULL * PSA_HASH_LENGTH(PSA_ALG_SHA_256):PSA_SUCCESS PSA key derivation: PBKDF2-HMAC-SHA512, request maximum capacity depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_512:SIZE_MAX>=0xffffffffffffffff -derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_512):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_512):PSA_SUCCESS +derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_512):4294967295ULL * PSA_HASH_LENGTH(PSA_ALG_SHA_512):PSA_SUCCESS PSA key derivation: PBKDF2-AES-CMAC-PRF-128, request maximum capacity depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:SIZE_MAX>=0xffffffffffffffff -derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:4294967295UL * 16:PSA_SUCCESS +derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:4294967295ULL * 16:PSA_SUCCESS PSA key derivation: over capacity 42: output 42+1 depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256