-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Rework PSA Crypto core to store keys in export representation #3492
Rework PSA Crypto core to store keys in export representation #3492
Commits on Jul 24, 2020
-
Re-define members of psa_key_slot_t
In preparation for the implementation of the accelerator APIs. This is ramping up to the goal of only storing the export representation in the key slot, and not keeping the crypto implementation-specific representations around. Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Configuration menu - View commit details
-
Copy full SHA for 71fd80d - Browse repository at this point
Copy the full SHA 71fd80dView commit details -
Pull apart slot memory allocation from key validation.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Configuration menu - View commit details
-
Copy full SHA for 81be2fa - Browse repository at this point
Copy the full SHA 81be2faView commit details -
Remove RSA internal representation from key slot
Change to on-demand loading of the internal representation when required in order to call an mbed TLS cryptography API. Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Configuration menu - View commit details
-
Copy full SHA for a01795d - Browse repository at this point
Copy the full SHA a01795dView commit details -
Remove ECP internal representation from key slot
Change to on-demand loading of the internal representation when required in order to call an mbed TLS cryptography API. Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Configuration menu - View commit details
-
Copy full SHA for acda834 - Browse repository at this point
Copy the full SHA acda834View commit details -
Now that both ECP and RSA keys are represented in export representation, they can be treated more uniformly. Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Configuration menu - View commit details
-
Copy full SHA for 560c28a - Browse repository at this point
Copy the full SHA 560c28aView commit details -
Disconnect knowing about a PSA key type from knowing the mbedTLS API
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Configuration menu - View commit details
-
Copy full SHA for 19fd574 - Browse repository at this point
Copy the full SHA 19fd574View commit details
Commits on Jul 28, 2020
-
Update after feedback on Mbed-TLS#3492
* Updated wording * Split out buffer allocation to a convenience function * Moved variable declarations to beginning of their code block Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Configuration menu - View commit details
-
Copy full SHA for 75b7436 - Browse repository at this point
Copy the full SHA 75b7436View commit details -
Update after feedback from Mbed-TLS#3492
* Allocate internal representation contexts on the heap (i.e. don't change where they're being allocated) * Unify load_xxx_representation in terms of allocation and init behaviour Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Configuration menu - View commit details
-
Copy full SHA for a2371e5 - Browse repository at this point
Copy the full SHA a2371e5View commit details
Commits on Jul 30, 2020
-
* No null-check before calling free * Close memory leak * No need for double check of privkey validity Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Configuration menu - View commit details
-
Copy full SHA for 6d839f0 - Browse repository at this point
Copy the full SHA 6d839f0View commit details -
Convert load_xxx_representation to take buffers instead of a whole slot
Avoids stack-allocating a key slot during ECDH, and mock-attaching a key to a key slot during key import. Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Configuration menu - View commit details
-
Copy full SHA for 7f39187 - Browse repository at this point
Copy the full SHA 7f39187View commit details -
Allow importing Montgomery public keys in PSA Crypto
PSA Crypto was checking the byte length of a to-be-imported public ECP key against the expected length for Weierstrass keys, forgetting that Curve25519/Curve448 exists. Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Configuration menu - View commit details
-
Copy full SHA for 3fa684e - Browse repository at this point
Copy the full SHA 3fa684eView commit details
Commits on Aug 3, 2020
-
* No need to check for NULL before free'ing * No need to reset variables that weren't touched * Set output buffer to zero if key output fails * Document internal functions and rearrange order of input arguments to better match other functions. * Clean up Montgomery fix to be less verbose code Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Configuration menu - View commit details
-
Copy full SHA for 4fed455 - Browse repository at this point
Copy the full SHA 4fed455View commit details
Commits on Aug 5, 2020
-
* return is treated as a function call * space between opening and closing parentheses * remove whiteline between assignment and checking of same variable Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Configuration menu - View commit details
-
Copy full SHA for 2914986 - Browse repository at this point
Copy the full SHA 2914986View commit details -
And zeroize key buffer before freeing to avoid keys hanging around on the heap. Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Configuration menu - View commit details
-
Copy full SHA for fd4d69a - Browse repository at this point
Copy the full SHA fd4d69aView commit details -
Add buffer zeroization when ecp_write_key fails
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Configuration menu - View commit details
-
Copy full SHA for b7f6dea - Browse repository at this point
Copy the full SHA b7f6deaView commit details -
Initialize key pointer in ecdh to NULL
Since it is being dereferenced by free on exit it should be inited to NULL. Also added a small test that would trigger the issue. Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Configuration menu - View commit details
-
Copy full SHA for d486787 - Browse repository at this point
Copy the full SHA d486787View commit details