Add more ECC dispatch to a driver testing

core/constant_time_impl.h

@@ -12,10 +12,6 @@
 
 #include "tf_psa_crypto_common.h"
 
-#if defined(MBEDTLS_BIGNUM_C)
-#include "mbedtls/private/bignum.h"
-#endif
-
 /*
  * To improve readability of constant_time_internal.h, the static inline
  * definitions are here, and constant_time_internal.h has only the declarations.
@@ -430,19 +426,6 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool_if(mbedtls_ct_condition_t c
                                                   (mbedtls_ct_uint_t) if0);
 }
 
-#if defined(MBEDTLS_BIGNUM_C)
-
-static inline mbedtls_mpi_uint mbedtls_ct_mpi_uint_if(mbedtls_ct_condition_t condition,
-                                                      mbedtls_mpi_uint if1,
-                                                      mbedtls_mpi_uint if0)
-{
-    return (mbedtls_mpi_uint) mbedtls_ct_if(condition,
-                                            (mbedtls_ct_uint_t) if1,
-                                            (mbedtls_ct_uint_t) if0);
-}
-
-#endif
-
 static inline size_t mbedtls_ct_size_if_else_0(mbedtls_ct_condition_t condition, size_t if1)
 {
     return (size_t) (condition & if1);
@@ -459,16 +442,6 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool_if_else_0(mbedtls_ct_condit
     return (mbedtls_ct_condition_t) (condition & if1);
 }
 
-#if defined(MBEDTLS_BIGNUM_C)
-
-static inline mbedtls_mpi_uint mbedtls_ct_mpi_uint_if_else_0(mbedtls_ct_condition_t condition,
-                                                             mbedtls_mpi_uint if1)
-{
-    return (mbedtls_mpi_uint) (condition & if1);
-}
-
-#endif /* MBEDTLS_BIGNUM_C */
-
 static inline int mbedtls_ct_error_if(mbedtls_ct_condition_t condition, int if1, int if0)
 {
     /* Coverting int -> uint -> int here is safe, because we require if1 and if0 to be

core/constant_time_internal.h

@@ -13,9 +13,11 @@
 
 #include "tf_psa_crypto_common.h"
 
-#if defined(MBEDTLS_BIGNUM_C)
+/*
+ * bignum.h may define MBEDTLS_HAVE_INT64 that is used in the definition of
+ * mbedtls_ct_*_t types below.
+ */
 #include "mbedtls/private/bignum.h"
-#endif
 
 /* The constant-time interface provides various operations that are likely
  * to result in constant-time code that does not branch or use conditional
@@ -295,26 +297,6 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool_if(mbedtls_ct_condition_t c
                                                         mbedtls_ct_condition_t if1,
                                                         mbedtls_ct_condition_t if0);
 
-#if defined(MBEDTLS_BIGNUM_C)
-
-/** Choose between two mbedtls_mpi_uint values.
- *
- * Functionally equivalent to:
- *
- * condition ? if1 : if0.
- *
- * \param condition     Condition to test.
- * \param if1           Value to use if \p condition == MBEDTLS_CT_TRUE.
- * \param if0           Value to use if \p condition == MBEDTLS_CT_FALSE.
- *
- * \return  \c if1 if \p condition == MBEDTLS_CT_TRUE, otherwise \c if0.
- */
-static inline mbedtls_mpi_uint mbedtls_ct_mpi_uint_if(mbedtls_ct_condition_t condition, \
-                                                      mbedtls_mpi_uint if1, \
-                                                      mbedtls_mpi_uint if0);
-
-#endif
-
 /** Choose between an unsigned value and 0.
  *
  * Functionally equivalent to:
@@ -364,27 +346,6 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool_if_else_0(mbedtls_ct_condit
  */
 static inline size_t mbedtls_ct_size_if_else_0(mbedtls_ct_condition_t condition, size_t if1);
 
-#if defined(MBEDTLS_BIGNUM_C)
-
-/** Choose between an mbedtls_mpi_uint value and 0.
- *
- * Functionally equivalent to:
- *
- * condition ? if1 : 0.
- *
- * Functionally equivalent to mbedtls_ct_mpi_uint_if(condition, if1, 0) but
- * results in smaller code size.
- *
- * \param condition     Condition to test.
- * \param if1           Value to use if \p condition == MBEDTLS_CT_TRUE.
- *
- * \return  \c if1 if \p condition == MBEDTLS_CT_TRUE, otherwise 0.
- */
-static inline mbedtls_mpi_uint mbedtls_ct_mpi_uint_if_else_0(mbedtls_ct_condition_t condition,
-                                                             mbedtls_mpi_uint if1);
-
-#endif
-
 /** Constant-flow char selection
  *
  * \param low   Secret. Bottom of range

core/psa_crypto.c

@@ -480,19 +480,8 @@ psa_status_t mbedtls_to_psa_error(int ret)
             return PSA_ERROR_INSUFFICIENT_ENTROPY;
 #endif
 
-#if defined(MBEDTLS_ECP_LIGHT)
         case MBEDTLS_ERR_ECP_INVALID_KEY:
             return PSA_ERROR_INVALID_ARGUMENT;
-        case MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE:
-            return PSA_ERROR_NOT_SUPPORTED;
-        case MBEDTLS_ERR_ECP_RANDOM_FAILED:
-            return PSA_ERROR_INSUFFICIENT_ENTROPY;
-
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-        case MBEDTLS_ERR_ECP_IN_PROGRESS:
-            return PSA_OPERATION_INCOMPLETE;
-#endif
-#endif
 
         case MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED:
             return PSA_ERROR_CORRUPTION_DETECTED;

core/psa_crypto_core.h

@@ -631,110 +631,6 @@ psa_status_t psa_key_agreement_raw_builtin(
     size_t shared_secret_size,
     size_t *shared_secret_length);
 
-/**
- * \brief Get the total number of ops that a key agreement operation has taken
- *        since its start.
- *
- * \note The signature of this function is that of a PSA driver
- *       key_agreement_get_num_ops entry point. This function behaves as an
- *       key_agreement_get_num_ops entry point as defined in the PSA driver
- *       interface specification for transparent drivers.
- *
- * \param[in]   operation           The \c mbedtls_psa_key_agreement_interruptible_operation_t to use.
- *                                  This must be initialized first.
- *
- * \return                      Total number of operations.
- */
-uint32_t mbedtls_psa_key_agreement_iop_get_num_ops(
-    mbedtls_psa_key_agreement_interruptible_operation_t *operation);
-
-/**
- * \brief  Set up a new interruptible key agreement operation.
- *
- * \note The signature of this function is that of a PSA driver
- *       key_agreement_setup entry point. This function behaves as a
- *       key_agreement_setup entry point as defined in the PSA driver interface
- *       specification for transparent drivers.
- *
- *  \param[in] operation                 The \c psa_key_agreement_iop_t to use.
- *                                       This must be initialized first.
- *  \param[in] private_key_attributes    The attributes of the private key to use for the
- *                                       operation.
- *  \param[in] private_key_buffer        The buffer containing the private key
- *                                       context.
- *  \param[in] private_key_buffer_len    Size of the \p private_key_buffer buffer in
- *                                       bytes.
- *  \param[in] peer_key                  The buffer containing the key context
- *                                       of the peer's public key.
- *  \param[in]  peer_key_length          Size of the \p peer_key buffer in
- *                                       bytes.
- *  \retval #PSA_SUCCESS
- *         The operation started successfully - call \c psa_key_agreement_complete()
- *         with the same context to complete the operation
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         An unsupported, incorrectly formatted or incorrect type of key was
- *         used.
- * \retval #PSA_ERROR_NOT_SUPPORTED Either no internal interruptible operations
- *         are currently supported, or the key type is currently unsupported.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- *         There was insufficient memory to load the key representation.
- */
-psa_status_t mbedtls_psa_key_agreement_iop_setup(
-    mbedtls_psa_key_agreement_interruptible_operation_t *operation,
-    const psa_key_attributes_t *private_key_attributes,
-    const uint8_t *private_key_buffer,
-    size_t private_key_buffer_len,
-    const uint8_t *peer_key,
-    size_t peer_key_length);
-
-/**
- * \brief Continue and eventually complete a key agreement operation.
- *
- * \note The signature of this function is that of a PSA driver
- *       key_agreement_complete entry point. This function behaves as a
- *       key_agreement_complete entry point as defined in the PSA driver
- *       interface specification for transparent drivers.
- *
- * \param[in] operation                  The \c mbedtls_psa_key_agreement_interruptible_operation_t to use.
- *                                       This must be initialized first.
- * \param[out] shared_secret             The buffer to which the shared secret
- *                                       is to be written.
- * \param[in]  shared_secret_size        Size of the \p shared_secret buffer in
- *                                       bytes.
- * \param[out] shared_secret_length      On success, the number of bytes that make
- *                                       up the returned shared secret.
- * \retval #PSA_SUCCESS
- *         The shared secret was calculated successfully.
- * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- *         Internal interruptible operations are currently not supported.
- * \retval #PSA_ERROR_BUFFER_TOO_SMALL
- *         \p shared_secret_size is too small
- */
-psa_status_t mbedtls_psa_key_agreement_iop_complete(
-    mbedtls_psa_key_agreement_interruptible_operation_t *operation,
-    uint8_t *shared_secret,
-    size_t shared_secret_size,
-    size_t *shared_secret_length);
-
-/**
- * \brief Abort a key agreement operation.
- *
- * \note The signature of this function is that of a PSA driver
- *       key_agreement_abort entry point. This function behaves as a
- *       key_agreement_abort entry point as defined in the PSA driver
- *       interface specification for transparent drivers.
- *
- * \param[in] operation                  The \c mbedtls_psa_key_agreement_interruptible_operation_t to abort.
- *                                       This must be initialized first.
- *
- * \retval #PSA_SUCCESS
- *         The operation was aborted successfully.
- */
-psa_status_t mbedtls_psa_key_agreement_iop_abort(
-    mbedtls_psa_key_agreement_interruptible_operation_t *operation);
-
-
 /**
  * \brief Set the maximum number of ops allowed to be executed by an
  *        interruptible function in a single call.

drivers/builtin/include/mbedtls/private/ecp.h

@@ -36,13 +36,13 @@
 /** The buffer is too small to write to. */
 #define MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL                  PSA_ERROR_BUFFER_TOO_SMALL
 /** The requested feature is not available, for example, the requested curve is not supported. */
-#define MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE               -0x4E80
+#define MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE               PSA_ERROR_NOT_SUPPORTED
 /** The signature is not valid. */
 #define MBEDTLS_ERR_ECP_VERIFY_FAILED                     PSA_ERROR_INVALID_SIGNATURE
 /** Memory allocation failed. */
 #define MBEDTLS_ERR_ECP_ALLOC_FAILED                      PSA_ERROR_INSUFFICIENT_MEMORY
 /** Generation of random value, such as ephemeral key, failed. */
-#define MBEDTLS_ERR_ECP_RANDOM_FAILED                     -0x4D00
+#define MBEDTLS_ERR_ECP_RANDOM_FAILED                     PSA_ERROR_INSUFFICIENT_ENTROPY
 /** Invalid private or public key. */
 #define MBEDTLS_ERR_ECP_INVALID_KEY                       -0x4C80
 /** Operation in progress, call again with the same parameters to continue. */

drivers/builtin/src/bignum_core.c

@@ -19,6 +19,7 @@
 
 #include "bignum_core.h"
 #include "bignum_core_invasive.h"
+#include "bignum_internal.h"
 #include "bn_mul.h"
 #include "constant_time_internal.h"
 

drivers/builtin/src/bignum_internal.h

@@ -14,6 +14,8 @@
 #ifndef TF_PSA_CRYPTO_BIGNUM_INTERNAL_H
 #define TF_PSA_CRYPTO_BIGNUM_INTERNAL_H
 
+#include "constant_time_internal.h"
+
 /**
  * \brief          Perform a modular exponentiation: X = A^E mod N
  *
@@ -119,4 +121,44 @@ int mbedtls_mpi_inv_mod_even_in_range(mbedtls_mpi *X,
                                       mbedtls_mpi const *A,
                                       mbedtls_mpi const *N);
 
+/** Choose between two mbedtls_mpi_uint values.
+ *
+ * Functionally equivalent to:
+ *
+ * condition ? if1 : if0.
+ *
+ * \param condition     Condition to test.
+ * \param if1           Value to use if \p condition == MBEDTLS_CT_TRUE.
+ * \param if0           Value to use if \p condition == MBEDTLS_CT_FALSE.
+ *
+ * \return  \c if1 if \p condition == MBEDTLS_CT_TRUE, otherwise \c if0.
+ */
+static inline mbedtls_mpi_uint mbedtls_ct_mpi_uint_if(mbedtls_ct_condition_t condition,
+                                                      mbedtls_mpi_uint if1,
+                                                      mbedtls_mpi_uint if0)
+{
+    return (mbedtls_mpi_uint) mbedtls_ct_if(condition,
+                                            (mbedtls_ct_uint_t) if1,
+                                            (mbedtls_ct_uint_t) if0);
+}
+
+/** Choose between an mbedtls_mpi_uint value and 0.
+ *
+ * Functionally equivalent to:
+ *
+ * condition ? if1 : 0.
+ *
+ * Functionally equivalent to mbedtls_ct_mpi_uint_if(condition, if1, 0) but
+ * results in smaller code size.
+ *
+ * \param condition     Condition to test.
+ * \param if1           Value to use if \p condition == MBEDTLS_CT_TRUE.
+ *
+ * \return  \c if1 if \p condition == MBEDTLS_CT_TRUE, otherwise 0.
+ */
+static inline mbedtls_mpi_uint mbedtls_ct_mpi_uint_if_else_0(
+    mbedtls_ct_condition_t condition, mbedtls_mpi_uint if1)
+{
+    return (mbedtls_mpi_uint) (condition & if1);
+}
 #endif /* TF_PSA_CRYPTO_BIGNUM_INTERNAL_H */