Refactor of key_derivation

Signed-off-by: Samuel Bailey <samuel.bailey@arm.com>
parallaxsecond · Aug 12, 2020 · d3a903c · d3a903c
1 parent a007a30
commit d3a903c
Show file tree

Hide file tree

Showing 3 changed files with 206 additions and 19 deletions.
diff --git a/psa-crypto/src/operations/key_derivation.rs b/psa-crypto/src/operations/key_derivation.rs
@@ -19,7 +19,7 @@ use core::convert::{TryFrom, TryInto};
 /// use psa_crypto::operations::{key_derivation, key_management};
 /// use psa_crypto::types::key::{Attributes, Type, Lifetime, Policy, UsageFlags};
 /// use psa_crypto::types::algorithm::{Hash, KeyDerivation};
-/// use psa_crypto::types::key_derivation::{Operation, Inputs, Input};
+/// use psa_crypto::types::key_derivation::{Operation, Inputs, Input, InputSecret};
 ///
 /// # const KEY_DATA: [u8; 23] = [0; 23];
 /// # let mut attributes = Attributes {
@@ -59,7 +59,7 @@ use core::convert::{TryFrom, TryInto};
 ///     inputs: Inputs::Hkdf {
 ///         hash_alg: Hash::Sha256,
 ///         salt: None,
-///         secret: Input::Key(my_key),
+///         secret: InputSecret::Input(Input::Key(my_key)),
 ///         info: Input::Bytes(&info),
 /// },
 ///     capacity: None,

diff --git a/psa-crypto/src/types/key_derivation.rs b/psa-crypto/src/types/key_derivation.rs
@@ -3,7 +3,7 @@
 
 //! # PSA Key Derivation Operation types
 
-use super::algorithm::{Hash, KeyDerivation};
+use super::algorithm::{Hash, KeyDerivation, RawKeyAgreement};
 use super::key::Id;
 #[cfg(feature = "interface")]
 use super::status::{Error, Result, Status};
@@ -32,7 +32,7 @@ pub enum Inputs<'a> {
         /// Secret, used in the "extract" step. This is typically a key of type `Derive` , or the shared secret
         /// resulting from a key agreement, using `Input::KeyAgreement`.
         /// Must be a key or key agreement input if used with `psa_key_derivation_output_key`.
-        secret: Input<'a>,
+        secret: InputSecret<'a>,
         /// Info, used in the "expand" step. Typically a direct input, can also be a key of type `RawData`.
         info: Input<'a>,
     },
@@ -45,7 +45,7 @@ pub enum Inputs<'a> {
         /// Secret, used in the "extract" step. This is typically a key of type `Derive` , or the shared secret
         /// resulting from a key agreement, using `Input::KeyAgreement`.
         /// Must be a key or key agreement input if used with `psa_key_derivation_output_key`.
-        secret: Input<'a>,
+        secret: InputSecret<'a>,
         /// Label. Typically a direct input, can also be a key of type `RawData`.
         label: Input<'a>,
     },
@@ -59,7 +59,7 @@ pub enum Inputs<'a> {
         /// resulting from a key agreement, using `Input::KeyAgreement`.
         /// Must be a key or key agreement input if used with `psa_key_derivation_output_key`.
         /// Must not be larger than `PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE`.
-        secret: Input<'a>,
+        secret: InputSecret<'a>,
         /// Label. Typically a direct input, can also be a key of type `RawData`.
         label: Input<'a>,
     },
@@ -133,7 +133,7 @@ impl Inputs<'_> {
                 if let Some(salt) = salt {
                     Inputs::apply_input_step_to_op(op, DerivationStep::Salt, salt)?;
                 }
-                Inputs::apply_input_step_to_op(op, DerivationStep::Secret, secret)?;
+                Inputs::apply_input_secret_step_to_op(op, secret)?;
                 Inputs::apply_input_step_to_op(op, DerivationStep::Info, info)
             }
             Inputs::Tls12Prf {
@@ -149,7 +149,7 @@ impl Inputs<'_> {
                 ..
             } => {
                 Inputs::apply_input_step_to_op(op, DerivationStep::Seed, seed)?;
-                Inputs::apply_input_step_to_op(op, DerivationStep::Secret, secret)?;
+                Inputs::apply_input_secret_step_to_op(op, secret)?;
                 Inputs::apply_input_step_to_op(op, DerivationStep::Label, label)
             }
         }
@@ -179,22 +179,37 @@ impl Inputs<'_> {
                 .to_result()?;
                 key_id.close_handle(handle)
             }
-            Input::KeyAgreement {
+        }
+    }
+
+    #[cfg(feature = "interface")]
+    fn apply_input_secret_step_to_op(
+        op: &mut psa_crypto_sys::psa_key_derivation_operation_t,
+        secret: &InputSecret,
+    ) -> Result<()> {
+        match secret {
+            InputSecret::Input(input) => {
+                Inputs::apply_input_step_to_op(op, DerivationStep::Secret, &input)
+            }
+            InputSecret::KeyAgreement {
                 private_key,
                 peer_key,
+                ..
             } => {
                 let handle = private_key.handle()?;
-                Status::from(unsafe {
+                let key_agreement_res = Status::from(unsafe {
                     psa_crypto_sys::psa_key_derivation_key_agreement(
                         op,
-                        step.into(),
+                        DerivationStep::Secret.into(),
                         handle,
-                        peer_key.as_ptr(),
+                        (**peer_key).as_ptr(),
                         peer_key.len(),
                     )
                 })
-                .to_result()?;
-                private_key.close_handle(handle)
+                .to_result();
+                let close_handle_res = private_key.close_handle(handle);
+                key_agreement_res?;
+                close_handle_res
             }
         }
     }
@@ -207,28 +222,55 @@ pub enum Input<'a> {
     Bytes(&'a [u8]),
     /// Key input for key derivation
     Key(Id),
+}
+
+/// Enumeration of supported input data for different input steps
+#[derive(Debug, Clone, Copy)]
+pub enum InputSecret<'a> {
+    /// Regular input of bytes or a key ID
+    Input(Input<'a>),
     /// Output of a key agreement
     KeyAgreement {
+        /// Key agreement algorithm to use
+        alg: RawKeyAgreement,
         /// Private key to use in key agreement
         private_key: Id,
-        /// Public key data of peer key to use. Must be in the same format that `psa_import_key()` accepts for the public key
+        /// Public key data of peer key to use. Must be in the same format that `key_management::import` accepts for the public key
         /// corresponding to the type of private key.
         peer_key: &'a [u8],
     },
 }
 
+impl<'a> From<Input<'a>> for InputSecret<'a> {
+    fn from(input: Input<'a>) -> Self {
+        InputSecret::<'a>::Input(input)
+    }
+}
+
 #[cfg(feature = "interface")]
 impl TryFrom<Operation<'_>> for psa_crypto_sys::psa_key_derivation_operation_t {
     type Error = Error;
 
     fn try_from(operation: Operation) -> Result<Self> {
         let mut op = psa_crypto_sys::psa_key_derivation_operation_init();
         let mut setup_deriv_op = || -> Result<()> {
+            let mut key_derivation_alg: psa_crypto_sys::psa_algorithm_t =
+                operation.inputs.key_derivation().into();
+
+            // If key agreement is used as the input for secret step, extract key agreement alg and combine it with key derivation alg
+            let secret = match operation.inputs {
+                Inputs::Hkdf { secret, .. }
+                | Inputs::Tls12Prf { secret, .. }
+                | Inputs::Tls12PskToMs { secret, .. } => secret,
+            };
+            if let InputSecret::KeyAgreement { alg, .. } = secret {
+                key_derivation_alg = unsafe {
+                    psa_crypto_sys::PSA_ALG_KEY_AGREEMENT(alg.into(), key_derivation_alg)
+                };
+            }
+
             Status::from(unsafe {
-                psa_crypto_sys::psa_key_derivation_setup(
-                    &mut op,
-                    operation.inputs.key_derivation().into(),
-                )
+                psa_crypto_sys::psa_key_derivation_setup(&mut op, key_derivation_alg)
             })
             .to_result()?;
             operation.inputs.apply_inputs_to_op(&mut op)

diff --git a/psa-crypto/tests/key_derivation.rs b/psa-crypto/tests/key_derivation.rs
@@ -0,0 +1,145 @@
+use psa_crypto::operations::{key_derivation, key_management};
+use psa_crypto::types::algorithm::{Hash, KeyAgreement, KeyDerivation, RawKeyAgreement};
+use psa_crypto::types::key::{Attributes, EccFamily, Lifetime, Policy, Type, UsageFlags};
+use psa_crypto::types::key_derivation::{Input, InputSecret, Inputs, Operation};
+
+const PEER_PUBLIC_KEY: [u8; 65] = [
+    0x04, 0xd1, 0x2d, 0xfb, 0x52, 0x89, 0xc8, 0xd4, 0xf8, 0x12, 0x08, 0xb7, 0x02, 0x70, 0x39, 0x8c,
+    0x34, 0x22, 0x96, 0x97, 0x0a, 0x0b, 0xcc, 0xb7, 0x4c, 0x73, 0x6f, 0xc7, 0x55, 0x44, 0x94, 0xbf,
+    0x63, 0x56, 0xfb, 0xf3, 0xca, 0x36, 0x6c, 0xc2, 0x3e, 0x81, 0x57, 0x85, 0x4c, 0x13, 0xc5, 0x8d,
+    0x6a, 0xac, 0x23, 0xf0, 0x46, 0xad, 0xa3, 0x0f, 0x83, 0x53, 0xe7, 0x4f, 0x33, 0x03, 0x98, 0x72,
+    0xab,
+];
+const PRIVATE_KEY_DATA: [u8; 32] = [
+    0xc8, 0x8f, 0x01, 0xf5, 0x10, 0xd9, 0xac, 0x3f, 0x70, 0xa2, 0x92, 0xda, 0xa2, 0x31, 0x6d, 0xe5,
+    0x44, 0xe9, 0xaa, 0xb8, 0xaf, 0xe8, 0x40, 0x49, 0xc6, 0x2a, 0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33,
+];
+
+#[test]
+fn output_key() {
+    const KEY_DATA: [u8; 23] = [0; 23];
+    let attributes = Attributes {
+        key_type: Type::Derive,
+        bits: 0,
+        lifetime: Lifetime::Volatile,
+        policy: Policy {
+            usage_flags: UsageFlags {
+                derive: true,
+                ..Default::default()
+            },
+            permitted_algorithms: KeyDerivation::Hkdf {
+                hash_alg: Hash::Sha256,
+            }
+            .into(),
+        },
+    };
+
+    let derived_key_attributes = Attributes {
+        key_type: Type::RawData,
+        bits: 8,
+        lifetime: Lifetime::Volatile,
+        policy: Policy {
+            usage_flags: UsageFlags {
+                derive: true,
+                ..Default::default()
+            },
+            permitted_algorithms: KeyDerivation::Hkdf {
+                hash_alg: Hash::Sha256,
+            }
+            .into(),
+        },
+    };
+
+    psa_crypto::init().unwrap();
+    let my_key = key_management::import(attributes, None, &KEY_DATA).unwrap();
+    let info = vec![20; 0x3f];
+    let operation = Operation {
+        inputs: Inputs::Hkdf {
+            hash_alg: Hash::Sha256,
+            salt: None,
+            secret: InputSecret::Input(Input::Key(my_key)),
+            info: Input::Bytes(&info),
+        },
+        capacity: None,
+    };
+    let _new_key = key_derivation::output_key(operation, derived_key_attributes, None).unwrap();
+}
+
+#[test]
+#[ignore]
+fn output_key_with_key_agreement() {
+    let key_agreement_alg = RawKeyAgreement::Ecdh;
+    let key_agr_attributes = Attributes {
+        key_type: Type::EccKeyPair {
+            curve_family: EccFamily::SecpR1,
+        },
+        bits: 0,
+        lifetime: Lifetime::Volatile,
+        policy: Policy {
+            usage_flags: UsageFlags {
+                derive: true,
+                ..Default::default()
+            },
+            permitted_algorithms: KeyAgreement::WithKeyDerivation {
+                ka_alg: key_agreement_alg,
+                kdf_alg: KeyDerivation::Hkdf {
+                    hash_alg: Hash::Sha256,
+                },
+            }
+            .into(),
+        },
+    };
+    const KEY_DATA: [u8; 23] = [0; 23];
+    let attributes = Attributes {
+        key_type: Type::RawData,
+        bits: 0,
+        lifetime: Lifetime::Volatile,
+        policy: Policy {
+            usage_flags: UsageFlags {
+                derive: true,
+                ..Default::default()
+            },
+            permitted_algorithms: KeyAgreement::WithKeyDerivation {
+                ka_alg: key_agreement_alg,
+                kdf_alg: KeyDerivation::Hkdf {
+                    hash_alg: Hash::Sha256,
+                },
+            }
+            .into(),
+        },
+    };
+    let derived_key_attributes = Attributes {
+        key_type: Type::RawData,
+        bits: 8,
+        lifetime: Lifetime::Volatile,
+        policy: Policy {
+            usage_flags: UsageFlags {
+                derive: true,
+                ..Default::default()
+            },
+            permitted_algorithms: KeyDerivation::Hkdf {
+                hash_alg: Hash::Sha256,
+            }
+            .into(),
+        },
+    };
+
+    psa_crypto::init().unwrap();
+    let key_agreement_key =
+        key_management::import(key_agr_attributes, None, &PRIVATE_KEY_DATA).unwrap();
+    let my_key = key_management::import(attributes, None, &KEY_DATA).unwrap();
+    let operation = Operation {
+        inputs: Inputs::Hkdf {
+            hash_alg: Hash::Sha256,
+            salt: None,
+            secret: InputSecret::KeyAgreement {
+                alg: key_agreement_alg,
+                private_key: key_agreement_key,
+                peer_key: &PEER_PUBLIC_KEY,
+            },
+            info: Input::Key(my_key),
+        },
+        capacity: None,
+    };
+    let _new_key = key_derivation::output_key(operation, derived_key_attributes, None).unwrap();
+}