From a83d9bf0dbd4ff9cfc6703c189d17d4b8ed945ca Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 27 Jul 2023 18:15:20 +0200 Subject: [PATCH 1/8] crypto_sizes: size PSA max symbols according to actual support Signed-off-by: Valerio Setti --- include/psa/crypto_sizes.h | 86 ++++++++++++++++++++++++++++++-------- 1 file changed, 69 insertions(+), 17 deletions(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 8cc965b09..278370c6a 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -633,10 +633,18 @@ * This macro expands to a compile-time constant integer. This value * is the maximum size of a signature in bytes. */ -#define PSA_SIGNATURE_MAX_SIZE \ - (PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS) > PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE ? \ - PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS) : \ - PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE) +#define PSA_SIGNATURE_MAX_SIZE 0 + +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \ + (PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE > PSA_SIGNATURE_MAX_SIZE) +#undef PSA_SIGNATURE_MAX_SIZE +#define PSA_SIGNATURE_MAX_SIZE PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE +#endif +#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) && \ + (PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS) > PSA_SIGNATURE_MAX_SIZE) +#undef PSA_SIGNATURE_MAX_SIZE +#define PSA_SIGNATURE_MAX_SIZE PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS) +#endif /** Sufficient output buffer size for psa_asymmetric_encrypt(). * @@ -948,10 +956,29 @@ * * See also #PSA_EXPORT_KEY_OUTPUT_SIZE(\p key_type, \p key_bits). */ -#define PSA_EXPORT_KEY_PAIR_MAX_SIZE \ - PSA_MAX_OF_THREE(PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS), \ - PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS), \ - PSA_KEY_EXPORT_FFDH_KEY_PAIR_MAX_SIZE(PSA_VENDOR_FFDH_MAX_KEY_BITS)) +#define PSA_EXPORT_KEY_PAIR_MAX_SIZE 0 + +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \ + (PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) > \ + PSA_EXPORT_KEY_PAIR_MAX_SIZE) +#undef PSA_EXPORT_KEY_PAIR_MAX_SIZE +#define PSA_EXPORT_KEY_PAIR_MAX_SIZE \ + PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) +#endif +#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) && \ + (PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS) > \ + PSA_EXPORT_KEY_PAIR_MAX_SIZE) +#undef PSA_EXPORT_KEY_PAIR_MAX_SIZE +#define PSA_EXPORT_KEY_PAIR_MAX_SIZE \ + PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS) +#endif +#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC) && \ + (PSA_KEY_EXPORT_FFDH_KEY_PAIR_MAX_SIZE(PSA_VENDOR_FFDH_MAX_KEY_BITS) > \ + PSA_EXPORT_KEY_PAIR_MAX_SIZE) +#undef PSA_EXPORT_KEY_PAIR_MAX_SIZE +#define PSA_EXPORT_KEY_PAIR_MAX_SIZE \ + PSA_KEY_EXPORT_DH_KEY_PAIR_MAX_SIZE(PSA_VENDOR_FFDH_MAX_KEY_BITS) +#endif /** Sufficient buffer size for exporting any asymmetric public key. * @@ -962,11 +989,29 @@ * * See also #PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(\p key_type, \p key_bits). */ -#define PSA_EXPORT_PUBLIC_KEY_MAX_SIZE \ - PSA_MAX_OF_THREE(PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS), \ - PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS), \ - PSA_KEY_EXPORT_FFDH_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_FFDH_MAX_KEY_BITS)) +#define PSA_EXPORT_PUBLIC_KEY_MAX_SIZE 0 +#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) && \ + (PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) > \ + PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) +#undef PSA_EXPORT_PUBLIC_KEY_MAX_SIZE +#define PSA_EXPORT_PUBLIC_KEY_MAX_SIZE \ + PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) +#endif +#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) && \ + (PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS) > \ + PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) +#undef PSA_EXPORT_PUBLIC_KEY_MAX_SIZE +#define PSA_EXPORT_PUBLIC_KEY_MAX_SIZE \ + PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS) +#endif +#if defined(PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY) && \ + (PSA_KEY_EXPORT_FFDH_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_FFDH_MAX_KEY_BITS) > \ + PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) +#undef PSA_EXPORT_PUBLIC_KEY_MAX_SIZE +#define PSA_EXPORT_PUBLIC_KEY_MAX_SIZE \ + PSA_KEY_EXPORT_FFDH_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_FFDH_MAX_KEY_BITS) +#endif /** Sufficient output buffer size for psa_raw_key_agreement(). * @@ -1002,11 +1047,18 @@ * * See also #PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(\p key_type, \p key_bits). */ -#define PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE \ - (PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS) > \ - PSA_BITS_TO_BYTES(PSA_VENDOR_FFDH_MAX_KEY_BITS) ? \ - PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS) : \ - PSA_BITS_TO_BYTES(PSA_VENDOR_FFDH_MAX_KEY_BITS)) +#define PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE 0 + +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \ + (PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS) > PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE) +#undef PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE +#define PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS) +#endif +#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC) && \ + (PSA_BITS_TO_BYTES(PSA_VENDOR_FFDH_MAX_KEY_BITS) > PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE) +#undef PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE +#define PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE PSA_BITS_TO_BYTES(PSA_VENDOR_FFDH_MAX_KEY_BITS) +#endif /** The default IV size for a cipher algorithm, in bytes. * From 644e01d767ae23a0f45ec63b6938acfc69dbb902 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 28 Jul 2023 09:31:51 +0200 Subject: [PATCH 2/8] crypto_sizes: fix typo Signed-off-by: Valerio Setti --- include/psa/crypto_sizes.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 278370c6a..db3766a9d 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -977,7 +977,7 @@ PSA_EXPORT_KEY_PAIR_MAX_SIZE) #undef PSA_EXPORT_KEY_PAIR_MAX_SIZE #define PSA_EXPORT_KEY_PAIR_MAX_SIZE \ - PSA_KEY_EXPORT_DH_KEY_PAIR_MAX_SIZE(PSA_VENDOR_FFDH_MAX_KEY_BITS) + PSA_KEY_EXPORT_FFDH_KEY_PAIR_MAX_SIZE(PSA_VENDOR_FFDH_MAX_KEY_BITS) #endif /** Sufficient buffer size for exporting any asymmetric public key. From c012a2de7ce180b062016a979df2dda519f18ac4 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 28 Jul 2023 09:34:44 +0200 Subject: [PATCH 3/8] crypto_sizes: change initial MAX_SIZE value to 1 Signed-off-by: Valerio Setti --- include/psa/crypto_sizes.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index db3766a9d..eeb460eb6 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -633,7 +633,7 @@ * This macro expands to a compile-time constant integer. This value * is the maximum size of a signature in bytes. */ -#define PSA_SIGNATURE_MAX_SIZE 0 +#define PSA_SIGNATURE_MAX_SIZE 1 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \ (PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE > PSA_SIGNATURE_MAX_SIZE) @@ -956,7 +956,7 @@ * * See also #PSA_EXPORT_KEY_OUTPUT_SIZE(\p key_type, \p key_bits). */ -#define PSA_EXPORT_KEY_PAIR_MAX_SIZE 0 +#define PSA_EXPORT_KEY_PAIR_MAX_SIZE 1 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \ (PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) > \ @@ -989,7 +989,7 @@ * * See also #PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(\p key_type, \p key_bits). */ -#define PSA_EXPORT_PUBLIC_KEY_MAX_SIZE 0 +#define PSA_EXPORT_PUBLIC_KEY_MAX_SIZE 1 #if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) && \ (PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) > \ @@ -1047,7 +1047,7 @@ * * See also #PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(\p key_type, \p key_bits). */ -#define PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE 0 +#define PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE 1 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \ (PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS) > PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE) From 478c236938bdd0d201a68d66f423df32b74203e0 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 28 Jul 2023 16:05:53 +0200 Subject: [PATCH 4/8] crypto_sizes: check also if DH is enabled for PSA_SIGNATURE_MAX_SIZE Signed-off-by: Valerio Setti --- include/psa/crypto_sizes.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index eeb460eb6..4f4a187eb 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -645,6 +645,11 @@ #undef PSA_SIGNATURE_MAX_SIZE #define PSA_SIGNATURE_MAX_SIZE PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS) #endif +#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC) && \ + (PSA_BITS_TO_BYTES(PSA_VENDOR_FFDH_MAX_KEY_BITS) > PSA_SIGNATURE_MAX_SIZE) +#undef PSA_SIGNATURE_MAX_SIZE +#define PSA_SIGNATURE_MAX_SIZE PSA_BITS_TO_BYTES(PSA_VENDOR_FFDH_MAX_KEY_BITS) +#endif /** Sufficient output buffer size for psa_asymmetric_encrypt(). * From 1eacae865ef4fe060f88580f0fa9ba622c828d90 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 28 Jul 2023 16:07:03 +0200 Subject: [PATCH 5/8] test: check exported length against proper MAX_SIZE Signed-off-by: Valerio Setti --- tests/suites/test_suite_psa_crypto.function | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index b9dadcff5..b58077ba2 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1590,7 +1590,11 @@ void import_export(data_t *data, TEST_LE_U(exported_length, PSA_EXPORT_KEY_OUTPUT_SIZE(type, psa_get_key_bits(&got_attributes))); - TEST_LE_U(exported_length, PSA_EXPORT_KEY_PAIR_MAX_SIZE); + if (PSA_KEY_TYPE_IS_KEY_PAIR(type)) { + TEST_LE_U(exported_length, PSA_EXPORT_KEY_PAIR_MAX_SIZE); + } else if (PSA_KEY_TYPE_IS_PUBLIC_KEY(type)) { + TEST_LE_U(exported_length, PSA_EXPORT_PUBLIC_KEY_MAX_SIZE); + } destroy: /* Destroy the key */ From 8b27decc6a51b1ef7d19588d7ed56fd5e4d56853 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 31 Jul 2023 10:15:42 +0200 Subject: [PATCH 6/8] Revert "crypto_sizes: check also if DH is enabled for PSA_SIGNATURE_MAX_SIZE" This reverts commit 478c236938bdd0d201a68d66f423df32b74203e0. Signed-off-by: Valerio Setti --- include/psa/crypto_sizes.h | 5 ----- 1 file changed, 5 deletions(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 4f4a187eb..eeb460eb6 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -645,11 +645,6 @@ #undef PSA_SIGNATURE_MAX_SIZE #define PSA_SIGNATURE_MAX_SIZE PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS) #endif -#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC) && \ - (PSA_BITS_TO_BYTES(PSA_VENDOR_FFDH_MAX_KEY_BITS) > PSA_SIGNATURE_MAX_SIZE) -#undef PSA_SIGNATURE_MAX_SIZE -#define PSA_SIGNATURE_MAX_SIZE PSA_BITS_TO_BYTES(PSA_VENDOR_FFDH_MAX_KEY_BITS) -#endif /** Sufficient output buffer size for psa_asymmetric_encrypt(). * From f5051efa81e9f361ab355ececdd30e9ad5d2d214 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 31 Jul 2023 11:00:43 +0200 Subject: [PATCH 7/8] test: properly size output buffer in key_agreement_fail() Signed-off-by: Valerio Setti --- tests/suites/test_suite_psa_crypto_op_fail.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto_op_fail.function b/tests/suites/test_suite_psa_crypto_op_fail.function index 55dce8931..20942bf81 100644 --- a/tests/suites/test_suite_psa_crypto_op_fail.function +++ b/tests/suites/test_suite_psa_crypto_op_fail.function @@ -360,7 +360,7 @@ void key_agreement_fail(int key_type_arg, data_t *key_data, mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; uint8_t public_key[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE] = { 0 }; size_t public_key_length = SIZE_MAX; - uint8_t output[PSA_SIGNATURE_MAX_SIZE] = { 0 }; + uint8_t output[PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE] = { 0 }; size_t length = SIZE_MAX; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; From 43c5bf4f888b4f189f2c28cfa2456350fb4af37a Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 31 Jul 2023 11:06:50 +0200 Subject: [PATCH 8/8] crypto_sizes: use PSA_WANT_ALG for MAX signatures and key agreement sizes Signed-off-by: Valerio Setti --- include/psa/crypto_sizes.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index eeb460eb6..0d0300dbc 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -635,12 +635,12 @@ */ #define PSA_SIGNATURE_MAX_SIZE 1 -#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \ +#if (defined(PSA_WANT_ALG_ECDSA) || defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)) && \ (PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE > PSA_SIGNATURE_MAX_SIZE) #undef PSA_SIGNATURE_MAX_SIZE #define PSA_SIGNATURE_MAX_SIZE PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE #endif -#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) && \ +#if (defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) || defined(PSA_WANT_ALG_RSA_PSS)) && \ (PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS) > PSA_SIGNATURE_MAX_SIZE) #undef PSA_SIGNATURE_MAX_SIZE #define PSA_SIGNATURE_MAX_SIZE PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS) @@ -1049,12 +1049,12 @@ */ #define PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE 1 -#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \ +#if defined(PSA_WANT_ALG_ECDH) && \ (PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS) > PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE) #undef PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE #define PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS) #endif -#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC) && \ +#if defined(PSA_WANT_ALG_FFDH) && \ (PSA_BITS_TO_BYTES(PSA_VENDOR_FFDH_MAX_KEY_BITS) > PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE) #undef PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE #define PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE PSA_BITS_TO_BYTES(PSA_VENDOR_FFDH_MAX_KEY_BITS)