New function psa_hash_clone #18

gilles-peskine-arm · 2019-01-19T11:05:49Z

Clone a hash operation.

Test good cases as part as multipart tests. Add new test functions for
the state machine.

Clone a hash operation. Test good cases as part as multipart tests. Add new test functions for the state machine.

hanno-becker · 2019-01-21T13:11:02Z

include/psa/crypto.h

+ * \retval #PSA_ERROR_BAD_STATE
+ *         \p source_operation is not an active hash operation.
+ * \retval #PSA_ERROR_BAD_STATE
+ *         \p source_operation is active.


These two return value documentations seem to contradict each other.

Do you mean \p target_operation is active in the second \retval?

Yes. I fixed the copypasta.

hanno-becker · 2019-01-21T13:11:40Z

include/psa/crypto.h

@@ -921,6 +921,24 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
 */
 psa_status_t psa_hash_abort(psa_hash_operation_t *operation);

+/** Clone a hash operation.
+ *
+ * \param[in] source_operation      The active hash operation to clone.


It should be documented that this should be initialized and active.

Isn't the current wording sufficent? Active implies initialized.

That was an oversight on my side, because I was expecting the wording to be "The XXX. Must be YYY." instead of "The YYY XXX". I'd prefer the former, but that's not a blocker.

hanno-becker · 2019-01-21T13:21:21Z

library/psa_crypto.c

@@ -1421,6 +1421,67 @@ psa_status_t psa_hash_verify( psa_hash_operation_t *operation,
    return( PSA_SUCCESS );
 }

+psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation,


Usually, the context acted upon is listed as the first argument; I'd therefore prefer the destination context to come first.

There's no such convention in this API. There's a convention that input comes before output, and a convention that the context comes before other parameters. With an input context and an output context, the input context comes first.

hanno-becker · 2019-01-21T13:27:39Z

tests/suites/test_suite_psa_crypto.function

+    PSA_ASSERT( psa_hash_clone( &op_source, &op_init ) );
+    PSA_ASSERT( psa_hash_finish( &op_init,
+                                 hash, sizeof( hash ), &hash_len ) );
+    PSA_ASSERT( psa_hash_clone( &op_source, &op_finished ) );


Looking at this, I noticed that the documentation doesn't indicate the abstract state of a hash context after it has been terminated (through psa_hash_finish, psa_hash_abort, or psa_hash_verify). From my understanding, it's initialized but not setup/active. If so, you might consider documenting it, e.g. here.

This isn't critical to understanding the current behavior, and other types of operation should use consistent terminology, so I'll do that in a later writing pass. Tracked internally at
https://github.com/ARMmbed/psa-crypto/issues/132

hanno-becker · 2019-01-21T13:33:42Z

include/psa/crypto.h

@@ -921,6 +921,24 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
 */
 psa_status_t psa_hash_abort(psa_hash_operation_t *operation);

+/** Clone a hash operation.


Everything else wouldn't make sense, but we might still mention here that the target context is active and in the same internal state as the source after a successful call to this function.

I added a paragraph of English text that defines the behavior of the function.

hanno-becker

The code looks fine. I left a few suggestions on how to improve the documentation.

yanesca · 2019-01-22T13:17:17Z

library/psa_crypto.c

@@ -1421,6 +1421,67 @@ psa_status_t psa_hash_verify( psa_hash_operation_t *operation,
    return( PSA_SUCCESS );
 }

+psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation,
+                            psa_hash_operation_t *target_operation)


Style: spaces before and after the parentheses.

yanesca · 2019-01-22T13:35:18Z

Found a minor style issue, but other than that it looks good to me!

Patater · 2019-01-22T17:35:14Z

CI was flaky and failed DTLS proxy: 3d, gnutls server, fragmentation , a known issue.

Includes PRs ARMmbed#6, ARMmbed#18, ARMmbed#19.

New function psa_hash_clone

ebb2c3e

Clone a hash operation. Test good cases as part as multipart tests. Add new test functions for the state machine.

gilles-peskine-arm added enhancement New feature or request needs: review The pull request is ready for review. This generally means that it has no known issues. labels Jan 19, 2019

hanno-becker self-requested a review January 21, 2019 13:09

hanno-becker reviewed Jan 21, 2019

View reviewed changes

hanno-becker suggested changes Jan 21, 2019

View reviewed changes

hash_clone: Fix copypasta and add a functional description

e43aa39

hanno-becker previously approved these changes Jan 21, 2019

View reviewed changes

yanesca reviewed Jan 22, 2019

View reviewed changes

Style fix

eb35d78

gilles-peskine-arm dismissed hanno-becker’s stale review via eb35d78 January 22, 2019 16:56

hanno-becker approved these changes Jan 22, 2019

View reviewed changes

yanesca approved these changes Jan 22, 2019

View reviewed changes

yanesca removed the needs: review The pull request is ready for review. This generally means that it has no known issues. label Jan 22, 2019

Patater added the needs: ci Needs a passing full CI run label Jan 22, 2019

Patater merged commit 494624d into ARMmbed:development Jan 22, 2019

AndrzejKurek mentioned this pull request Jan 25, 2019

PSA: Submodule update: PSA hash clone API Mbed-TLS/mbedtls#2374

Closed

AndrzejKurek pushed a commit to AndrzejKurek/mbed-crypto that referenced this pull request Feb 7, 2019

Update crypto submodule

4a2949b

Includes PRs ARMmbed#6, ARMmbed#18, ARMmbed#19.

New function psa_hash_clone #18

New function psa_hash_clone #18

Uh oh!

Conversation

gilles-peskine-arm commented Jan 19, 2019

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

hanno-becker left a comment

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

yanesca commented Jan 22, 2019

Uh oh!

Patater commented Jan 22, 2019

Uh oh!

Uh oh!