New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
psa_key_derivation_output_bytes requires both PSA_KEY_DERIVATION_INPUT_SECRET and PSA_KEY_DERIVATION_INPUT_INFO as input #175
Comments
Please include details of the key derivation algorithm you are using and the sequence of calls and step parameters to each call. The requirements for the steps and inputs depend on the algorithm. |
|
Internal Jira reference: https://jira.arm.com/browse/IOTCRYPT-831 |
Hi @athoelke @gilles-peskine-arm
|
With a key agreement algorithm, the |
Hi all, what is the latest status in this issue? If we get a fail in the mentioned case, PSA Tests does not run the next cases. Just we are a bit confused which side (mbed-crypto or psa arch tests) behaves correctly? |
I wrote some unit tests in Mbed-TLS/mbedtls#4576 and they didn't reveal any bugs in the current version of Mbed TLS. Is this issue still relevant? Looking at #175 (comment) again, I'm not sure what you're testing. Steps 2, 5 and 6 are listed as conditional on an input step, but that doesn't really make sense: a key derivation takes multiple input steps. Please let me know if there's a specific sequence of input steps that doesn't work the way you expect. |
could you add a test like this:
only with step 'PSA_KEY_DERIVATION_INPUT_SECRET' and help to test ? The issue is that:
|
I don't understand: did you mean to add a step |
Thanks for your nice explanation, I got it! info step is mandatory for HKDF. |
It appears that in addition to missing bad-state checks that have been fixed in Mbed TLS since this issue was raised, the compliance tests were incorrectly requiring INFO to be optional for HKDF. Since all related bugs in Mbed TLS appear to have been fixed, I am closing this issue. Please open a new issue in the mbedtls project if more bugs appear. |
Description
Version: psa-crypto-api-1.0-beta
a. API: psa_key_derivation_output_bytes
b. Below were the procedure followed:
i. Call psa_import_key with proper arguments and attributes
ii. Call psa_key_derivation setup
iii. Call psa_key_derivation_set_capacity
iv. Call psa_key_derivation_input_key
v. Call psa_key_derivation_output_bytes
The return value is PSA_ERROR_BAD_STATE. It seems like both PSA_KEY_DERIVATION_INPUT_SECRET and PSA_KEY_DERIVATION_INPUT_INFO should be set before calling the psa_key_derivation_output_bytes. Should both be provisioned before generating the output bytes. Also for the step as seed, label or salt secret required both info and secret to be set.
This check is a part of PSA ACK (psa_arch_test)
Issue request type
The text was updated successfully, but these errors were encountered: