mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-05 18:40:01 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #7930 from tomi-font/7583-non-PSA_pk_sign_ext

Browse Source 
Implement non-PSA pk_sign_ext()
This commit is contained in:
Manuel Pégourié-Gonnard 2023-12-20 14:30:08 +00:00 committed by GitHub
commit 35085c5e89
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
17 changed files with 274 additions and 313 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.gitignore vendored
View File

@ -63,5 +63,7 @@ massif-*
/cscope*.out /cscope*.out
/tags /tags
# Clangd compilation database # clangd compilation database
compile_commands.json compile_commands.json
# clangd index files
/.cache/clangd/index/

3
ChangeLog.d/non-psa-pk-implementation.txt Normal file
View File

@ -0,0 +1,3 @@
Changes
* mbedtls_pk_sign_ext() is now always available, not just when
PSA (MBEDTLS_PSA_CRYPTO_C) is enabled.

6
include/mbedtls/config_adjust_legacy_crypto.h
View File

@ -235,9 +235,9 @@
#define MBEDTLS_PSA_CRYPTO_CLIENT #define MBEDTLS_PSA_CRYPTO_CLIENT
#endif /* MBEDTLS_PSA_CRYPTO_C */ #endif /* MBEDTLS_PSA_CRYPTO_C */
/* The PK wrappers need pk_write functions to format RSA key objects /* The PK wrappers need pk_write/pk_parse functions to format RSA key objects
* when they are dispatching to the PSA API. This happens under USE_PSA_CRYPTO, * when they are dispatching to the PSA API. This happens under MBEDTLS_USE_PSA_CRYPTO,
* and also even without USE_PSA_CRYPTO for mbedtls_pk_sign_ext(). */ * and even under just MBEDTLS_PSA_CRYPTO_C in psa_crypto_rsa.c. */
#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_RSA_C)
#define MBEDTLS_PK_C #define MBEDTLS_PK_C
#define MBEDTLS_PK_WRITE_C #define MBEDTLS_PK_WRITE_C

2
include/mbedtls/debug.h
View File

@ -230,7 +230,7 @@ void mbedtls_debug_print_mpi(const mbedtls_ssl_context *ssl, int level,
const char *text, const mbedtls_mpi *X); const char *text, const mbedtls_mpi *X);
#endif #endif
#if defined(MBEDTLS_ECP_C) #if defined(MBEDTLS_ECP_LIGHT)
/** /**
* \brief Print an ECP point to the debug output. This function is always * \brief Print an ECP point to the debug output. This function is always
* used through the MBEDTLS_SSL_DEBUG_ECP() macro, which supplies the * used through the MBEDTLS_SSL_DEBUG_ECP() macro, which supplies the

2
include/mbedtls/mbedtls_config.h
View File

@ -2191,6 +2191,8 @@
* Enable parsing and verification of X.509 certificates, CRLs and CSRS * Enable parsing and verification of X.509 certificates, CRLs and CSRS
* signed with RSASSA-PSS (aka PKCS#1 v2.1). * signed with RSASSA-PSS (aka PKCS#1 v2.1).
* *
* Requires: MBEDTLS_PKCS1_V21
*
* Comment this macro to disallow using RSASSA-PSS in certificates. * Comment this macro to disallow using RSASSA-PSS in certificates.
*/ */
#define MBEDTLS_X509_RSASSA_PSS_SUPPORT #define MBEDTLS_X509_RSASSA_PSS_SUPPORT

17
include/mbedtls/pk.h
View File

@ -28,7 +28,7 @@
#include "mbedtls/ecdsa.h" #include "mbedtls/ecdsa.h"
#endif #endif
#if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_PSA_CRYPTO_C) #if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa/crypto.h" #include "psa/crypto.h"
#endif #endif
@ -229,7 +229,7 @@ typedef struct mbedtls_pk_context {
void *MBEDTLS_PRIVATE(pk_ctx); /**< Underlying public key context */ void *MBEDTLS_PRIVATE(pk_ctx); /**< Underlying public key context */
/* The following field is used to store the ID of a private key in the /* The following field is used to store the ID of a private key in the
* following cases: * following cases:
* - opaque key when MBEDTLS_PSA_CRYPTO_C is defined * - opaque key when MBEDTLS_USE_PSA_CRYPTO is defined
* - normal key when MBEDTLS_PK_USE_PSA_EC_DATA is defined. In this case: * - normal key when MBEDTLS_PK_USE_PSA_EC_DATA is defined. In this case:
* - the pk_ctx above is not not used to store the private key anymore. * - the pk_ctx above is not not used to store the private key anymore.
* Actually that field not populated at all in this case because also * Actually that field not populated at all in this case because also
@ -239,15 +239,10 @@ typedef struct mbedtls_pk_context {
* *
* Note: this private key storing solution only affects EC keys, not the * Note: this private key storing solution only affects EC keys, not the
* other ones. The latters still use the pk_ctx to store their own * other ones. The latters still use the pk_ctx to store their own
* context. * context. */
* #if defined(MBEDTLS_USE_PSA_CRYPTO)
* Note: this priv_id is guarded by MBEDTLS_PSA_CRYPTO_C and not by
* MBEDTLS_PK_USE_PSA_EC_DATA (as the public counterpart below) because,
* when working with opaque keys, it can be used also in
* mbedtls_pk_sign_ext for RSA keys. */
#if defined(MBEDTLS_PSA_CRYPTO_C)
mbedtls_svc_key_id_t MBEDTLS_PRIVATE(priv_id); /**< Key ID for opaque keys */ mbedtls_svc_key_id_t MBEDTLS_PRIVATE(priv_id); /**< Key ID for opaque keys */
#endif /* MBEDTLS_PSA_CRYPTO_C */ #endif /* MBEDTLS_USE_PSA_CRYPTO */
/* The following fields are meant for storing the public key in raw format /* The following fields are meant for storing the public key in raw format
* which is handy for: * which is handy for:
* - easily importing it into the PSA context * - easily importing it into the PSA context
@ -615,7 +610,6 @@ int mbedtls_pk_sign(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
unsigned char *sig, size_t sig_size, size_t *sig_len, unsigned char *sig, size_t sig_size, size_t *sig_len,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
#if defined(MBEDTLS_PSA_CRYPTO_C)
/** /**
* \brief Make signature given a signature type. * \brief Make signature given a signature type.
* *
@ -652,7 +646,6 @@ int mbedtls_pk_sign_ext(mbedtls_pk_type_t pk_type,
unsigned char *sig, size_t sig_size, size_t *sig_len, unsigned char *sig, size_t sig_size, size_t *sig_len,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng); void *p_rng);
#endif /* MBEDTLS_PSA_CRYPTO_C */
/** /**
* \brief Restartable version of \c mbedtls_pk_sign() * \brief Restartable version of \c mbedtls_pk_sign()

2
include/mbedtls/rsa.h
View File

@ -869,6 +869,7 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign(mbedtls_rsa_context *ctx,
const unsigned char *hash, const unsigned char *hash,
unsigned char *sig); unsigned char *sig);
#if defined(MBEDTLS_PKCS1_V21)
/** /**
* \brief This function performs a PKCS#1 v2.1 PSS signature * \brief This function performs a PKCS#1 v2.1 PSS signature
* operation (RSASSA-PSS-SIGN). * operation (RSASSA-PSS-SIGN).
@ -969,6 +970,7 @@ int mbedtls_rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
unsigned char *sig); unsigned char *sig);
#endif /* MBEDTLS_PKCS1_V21 */
/** /**
* \brief This function performs a public RSA operation and checks * \brief This function performs a public RSA operation and checks

50
library/pk.c
View File

@ -18,6 +18,9 @@
#if defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_RSA_C)
#include "mbedtls/rsa.h" #include "mbedtls/rsa.h"
#if defined(MBEDTLS_PKCS1_V21) && !defined(MBEDTLS_USE_PSA_CRYPTO)
#include "rsa_internal.h"
#endif
#endif #endif
#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) #if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
#include "mbedtls/ecp.h" #include "mbedtls/ecp.h"
@ -26,7 +29,7 @@
#include "mbedtls/ecdsa.h" #include "mbedtls/ecdsa.h"
#endif #endif
#if defined(MBEDTLS_PSA_CRYPTO_C) #if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa_util_internal.h" #include "psa_util_internal.h"
#include "md_psa.h" #include "md_psa.h"
#endif #endif
@ -41,9 +44,9 @@ void mbedtls_pk_init(mbedtls_pk_context *ctx)
{ {
ctx->pk_info = NULL; ctx->pk_info = NULL;
ctx->pk_ctx = NULL; ctx->pk_ctx = NULL;
#if defined(MBEDTLS_PSA_CRYPTO_C) #if defined(MBEDTLS_USE_PSA_CRYPTO)
ctx->priv_id = MBEDTLS_SVC_KEY_ID_INIT; ctx->priv_id = MBEDTLS_SVC_KEY_ID_INIT;
#endif /* MBEDTLS_PSA_CRYPTO_C */ #endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) #if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
memset(ctx->pub_raw, 0, sizeof(ctx->pub_raw)); memset(ctx->pub_raw, 0, sizeof(ctx->pub_raw));
ctx->pub_raw_len = 0; ctx->pub_raw_len = 0;
@ -579,7 +582,7 @@ int mbedtls_pk_verify_ext(mbedtls_pk_type_t type, const void *options,
return PSA_PK_RSA_TO_MBEDTLS_ERR(status); return PSA_PK_RSA_TO_MBEDTLS_ERR(status);
} else } else
#endif #endif /* MBEDTLS_USE_PSA_CRYPTO */
{ {
if (sig_len < mbedtls_pk_get_len(ctx)) { if (sig_len < mbedtls_pk_get_len(ctx)) {
return MBEDTLS_ERR_RSA_VERIFY_FAILED; return MBEDTLS_ERR_RSA_VERIFY_FAILED;
@ -672,7 +675,6 @@ int mbedtls_pk_sign(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
f_rng, p_rng, NULL); f_rng, p_rng, NULL);
} }
#if defined(MBEDTLS_PSA_CRYPTO_C)
/* /*
* Make a signature given a signature type. * Make a signature given a signature type.
*/ */
@ -684,11 +686,6 @@ int mbedtls_pk_sign_ext(mbedtls_pk_type_t pk_type,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng) void *p_rng)
{ {
#if defined(MBEDTLS_RSA_C)
psa_algorithm_t psa_md_alg;
#endif /* MBEDTLS_RSA_C */
*sig_len = 0;
if (ctx->pk_info == NULL) { if (ctx->pk_info == NULL) {
return MBEDTLS_ERR_PK_BAD_INPUT_DATA; return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
} }
@ -702,8 +699,10 @@ int mbedtls_pk_sign_ext(mbedtls_pk_type_t pk_type,
sig, sig_size, sig_len, f_rng, p_rng); sig, sig_size, sig_len, f_rng, p_rng);
} }
#if defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21)
psa_md_alg = mbedtls_md_psa_alg_from_type(md_alg);
#if defined(MBEDTLS_USE_PSA_CRYPTO)
const psa_algorithm_t psa_md_alg = mbedtls_md_psa_alg_from_type(md_alg);
if (psa_md_alg == 0) { if (psa_md_alg == 0) {
return MBEDTLS_ERR_PK_BAD_INPUT_DATA; return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
} }
@ -720,12 +719,31 @@ int mbedtls_pk_sign_ext(mbedtls_pk_type_t pk_type,
return mbedtls_pk_psa_rsa_sign_ext(PSA_ALG_RSA_PSS(psa_md_alg), return mbedtls_pk_psa_rsa_sign_ext(PSA_ALG_RSA_PSS(psa_md_alg),
ctx->pk_ctx, hash, hash_len, ctx->pk_ctx, hash, hash_len,
sig, sig_size, sig_len); sig, sig_size, sig_len);
#else /* MBEDTLS_RSA_C */ #else /* MBEDTLS_USE_PSA_CRYPTO */
return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
#endif /* !MBEDTLS_RSA_C */
if (sig_size < mbedtls_pk_get_len(ctx)) {
return MBEDTLS_ERR_PK_BUFFER_TOO_SMALL;
}
if (pk_hashlen_helper(md_alg, &hash_len) != 0) {
return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
}
mbedtls_rsa_context *const rsa_ctx = mbedtls_pk_rsa(*ctx);
const int ret = mbedtls_rsa_rsassa_pss_sign_no_mode_check(rsa_ctx, f_rng, p_rng, md_alg,
(unsigned int) hash_len, hash, sig);
if (ret == 0) {
*sig_len = rsa_ctx->len;
}
return ret;
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#else
return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
#endif /* MBEDTLS_RSA_C && MBEDTLS_PKCS1_V21 */
} }
#endif /* MBEDTLS_PSA_CRYPTO_C */
/* /*
* Decrypt message * Decrypt message

26
library/pk_internal.h
View File

@ -19,7 +19,16 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa/crypto.h" #include "psa/crypto.h"
#endif
#include "psa_util_internal.h"
#define PSA_PK_TO_MBEDTLS_ERR(status) psa_pk_status_to_mbedtls(status)
#define PSA_PK_RSA_TO_MBEDTLS_ERR(status) PSA_TO_MBEDTLS_ERR_LIST(status, \
psa_to_pk_rsa_errors, \
psa_pk_status_to_mbedtls)
#define PSA_PK_ECDSA_TO_MBEDTLS_ERR(status) PSA_TO_MBEDTLS_ERR_LIST(status, \
psa_to_pk_ecdsa_errors, \
psa_pk_status_to_mbedtls)
#endif /* MBEDTLS_USE_PSA_CRYPTO */
/* Headers/footers for PEM files */ /* Headers/footers for PEM files */
#define PEM_BEGIN_PUBLIC_KEY "-----BEGIN PUBLIC KEY-----" #define PEM_BEGIN_PUBLIC_KEY "-----BEGIN PUBLIC KEY-----"
@ -35,18 +44,7 @@
#define PEM_BEGIN_ENCRYPTED_PRIVATE_KEY_PKCS8 "-----BEGIN ENCRYPTED PRIVATE KEY-----" #define PEM_BEGIN_ENCRYPTED_PRIVATE_KEY_PKCS8 "-----BEGIN ENCRYPTED PRIVATE KEY-----"
#define PEM_END_ENCRYPTED_PRIVATE_KEY_PKCS8 "-----END ENCRYPTED PRIVATE KEY-----" #define PEM_END_ENCRYPTED_PRIVATE_KEY_PKCS8 "-----END ENCRYPTED PRIVATE KEY-----"
#if defined(MBEDTLS_PSA_CRYPTO_C) #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) && !defined(MBEDTLS_PK_USE_PSA_EC_DATA)
#include "psa_util_internal.h"
#define PSA_PK_TO_MBEDTLS_ERR(status) psa_pk_status_to_mbedtls(status)
#define PSA_PK_RSA_TO_MBEDTLS_ERR(status) PSA_TO_MBEDTLS_ERR_LIST(status, \
psa_to_pk_rsa_errors, \
psa_pk_status_to_mbedtls)
#define PSA_PK_ECDSA_TO_MBEDTLS_ERR(status) PSA_TO_MBEDTLS_ERR_LIST(status, \
psa_to_pk_ecdsa_errors, \
psa_pk_status_to_mbedtls)
#endif
#if !defined(MBEDTLS_PK_USE_PSA_EC_DATA)
/** /**
* Public function mbedtls_pk_ec() can be used to get direct access to the * Public function mbedtls_pk_ec() can be used to get direct access to the
* wrapped ecp_keypair structure pointed to the pk_ctx. However this is not * wrapped ecp_keypair structure pointed to the pk_ctx. However this is not
@ -82,7 +80,7 @@ static inline mbedtls_ecp_keypair *mbedtls_pk_ec_rw(const mbedtls_pk_context pk)
return NULL; return NULL;
} }
} }
#endif /* !MBEDTLS_PK_USE_PSA_EC_DATA */ #endif /* MBEDTLS_PK_HAVE_ECC_KEYS && !MBEDTLS_PK_USE_PSA_EC_DATA */
#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) #if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
static inline mbedtls_ecp_group_id mbedtls_pk_get_ec_group_id(const mbedtls_pk_context *pk) static inline mbedtls_ecp_group_id mbedtls_pk_get_ec_group_id(const mbedtls_pk_context *pk)

134
library/pk_wrap.c
View File

@ -26,17 +26,14 @@
#include "mbedtls/ecdsa.h" #include "mbedtls/ecdsa.h"
#endif #endif
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PSA_CRYPTO_C) #if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa_util_internal.h"
#include "psa/crypto.h"
#if defined(MBEDTLS_RSA_C)
#include "pkwrite.h" #include "pkwrite.h"
#endif #endif
#if defined(MBEDTLS_PSA_CRYPTO_C)
#include "psa_util_internal.h"
#endif
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa/crypto.h"
#if defined(MBEDTLS_PK_CAN_ECDSA_SOME) #if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
#include "mbedtls/asn1write.h" #include "mbedtls/asn1write.h"
#include "mbedtls/asn1.h" #include "mbedtls/asn1.h"
@ -49,123 +46,6 @@
#include <stdint.h> #include <stdint.h>
#include <string.h> #include <string.h>
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_PSA_CRYPTO_C)
int mbedtls_pk_error_from_psa(psa_status_t status)
{
switch (status) {
case PSA_SUCCESS:
return 0;
case PSA_ERROR_INVALID_HANDLE:
return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT;
case PSA_ERROR_NOT_PERMITTED:
return MBEDTLS_ERR_ERROR_GENERIC_ERROR;
case PSA_ERROR_BUFFER_TOO_SMALL:
return MBEDTLS_ERR_PK_BUFFER_TOO_SMALL;
case PSA_ERROR_NOT_SUPPORTED:
return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
case PSA_ERROR_INVALID_ARGUMENT:
return MBEDTLS_ERR_PK_INVALID_ALG;
case PSA_ERROR_INSUFFICIENT_MEMORY:
return MBEDTLS_ERR_PK_ALLOC_FAILED;
case PSA_ERROR_BAD_STATE:
return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
case PSA_ERROR_COMMUNICATION_FAILURE:
case PSA_ERROR_HARDWARE_FAILURE:
return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED;
case PSA_ERROR_DATA_CORRUPT:
case PSA_ERROR_DATA_INVALID:
case PSA_ERROR_STORAGE_FAILURE:
return MBEDTLS_ERR_PK_FILE_IO_ERROR;
case PSA_ERROR_CORRUPTION_DETECTED:
return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
default:
return MBEDTLS_ERR_ERROR_GENERIC_ERROR;
}
}
#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) || \
defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC)
int mbedtls_pk_error_from_psa_rsa(psa_status_t status)
{
switch (status) {
case PSA_ERROR_NOT_PERMITTED:
case PSA_ERROR_INVALID_ARGUMENT:
case PSA_ERROR_INVALID_HANDLE:
return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
case PSA_ERROR_BUFFER_TOO_SMALL:
return MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE;
case PSA_ERROR_INSUFFICIENT_ENTROPY:
return MBEDTLS_ERR_RSA_RNG_FAILED;
case PSA_ERROR_INVALID_SIGNATURE:
return MBEDTLS_ERR_RSA_VERIFY_FAILED;
case PSA_ERROR_INVALID_PADDING:
return MBEDTLS_ERR_RSA_INVALID_PADDING;
case PSA_SUCCESS:
return 0;
case PSA_ERROR_NOT_SUPPORTED:
return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
case PSA_ERROR_INSUFFICIENT_MEMORY:
return MBEDTLS_ERR_PK_ALLOC_FAILED;
case PSA_ERROR_BAD_STATE:
return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
case PSA_ERROR_COMMUNICATION_FAILURE:
case PSA_ERROR_HARDWARE_FAILURE:
return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED;
case PSA_ERROR_DATA_CORRUPT:
case PSA_ERROR_DATA_INVALID:
case PSA_ERROR_STORAGE_FAILURE:
return MBEDTLS_ERR_PK_FILE_IO_ERROR;
case PSA_ERROR_CORRUPTION_DETECTED:
return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
default:
return MBEDTLS_ERR_ERROR_GENERIC_ERROR;
}
}
#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY || PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC */
#endif /* MBEDTLS_PSA_CRYPTO_C */
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
int mbedtls_pk_error_from_psa_ecdsa(psa_status_t status)
{
switch (status) {
case PSA_ERROR_NOT_PERMITTED:
case PSA_ERROR_INVALID_ARGUMENT:
return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
case PSA_ERROR_INVALID_HANDLE:
return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
case PSA_ERROR_BUFFER_TOO_SMALL:
return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
case PSA_ERROR_INSUFFICIENT_ENTROPY:
return MBEDTLS_ERR_ECP_RANDOM_FAILED;
case PSA_ERROR_INVALID_SIGNATURE:
return MBEDTLS_ERR_ECP_VERIFY_FAILED;
case PSA_SUCCESS:
return 0;
case PSA_ERROR_NOT_SUPPORTED:
return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
case PSA_ERROR_INSUFFICIENT_MEMORY:
return MBEDTLS_ERR_PK_ALLOC_FAILED;
case PSA_ERROR_BAD_STATE:
return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
case PSA_ERROR_COMMUNICATION_FAILURE:
case PSA_ERROR_HARDWARE_FAILURE:
return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED;
case PSA_ERROR_DATA_CORRUPT:
case PSA_ERROR_DATA_INVALID:
case PSA_ERROR_STORAGE_FAILURE:
return MBEDTLS_ERR_PK_FILE_IO_ERROR;
case PSA_ERROR_CORRUPTION_DETECTED:
return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
default:
return MBEDTLS_ERR_ERROR_GENERIC_ERROR;
}
}
#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
#if defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_RSA_C)
static int rsa_can_do(mbedtls_pk_type_t type) static int rsa_can_do(mbedtls_pk_type_t type)
{ {
@ -281,7 +161,7 @@ static int rsa_verify_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg,
} }
#endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_PSA_CRYPTO_C) #if defined(MBEDTLS_USE_PSA_CRYPTO)
int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t alg, int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t alg,
mbedtls_rsa_context *rsa_ctx, mbedtls_rsa_context *rsa_ctx,
const unsigned char *hash, size_t hash_len, const unsigned char *hash, size_t hash_len,
@ -344,7 +224,7 @@ cleanup:
} }
return ret; return ret;
} }
#endif /* MBEDTLS_PSA_CRYPTO_C */ #endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
static int rsa_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, static int rsa_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg,

24
library/pk_wrap.h
View File

@ -15,9 +15,9 @@
#include "mbedtls/pk.h" #include "mbedtls/pk.h"
#if defined(MBEDTLS_PSA_CRYPTO_C) #if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa/crypto.h" #include "psa/crypto.h"
#endif /* MBEDTLS_PSA_CRYPTO_C */ #endif
struct mbedtls_pk_info_t { struct mbedtls_pk_info_t {
/** Public key type */ /** Public key type */
@ -125,24 +125,6 @@ extern const mbedtls_pk_info_t mbedtls_rsa_alt_info;
extern const mbedtls_pk_info_t mbedtls_ecdsa_opaque_info; extern const mbedtls_pk_info_t mbedtls_ecdsa_opaque_info;
extern const mbedtls_pk_info_t mbedtls_rsa_opaque_info; extern const mbedtls_pk_info_t mbedtls_rsa_opaque_info;
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
int MBEDTLS_DEPRECATED mbedtls_pk_error_from_psa_ecdsa(psa_status_t status);
#endif
#endif
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_PSA_CRYPTO_C)
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
int MBEDTLS_DEPRECATED mbedtls_pk_error_from_psa(psa_status_t status);
#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) || \
defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC)
int MBEDTLS_DEPRECATED mbedtls_pk_error_from_psa_rsa(psa_status_t status);
#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY || PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC */
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
#if defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_RSA_C)
int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t psa_alg_md, int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t psa_alg_md,
mbedtls_rsa_context *rsa_ctx, mbedtls_rsa_context *rsa_ctx,
@ -151,6 +133,6 @@ int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t psa_alg_md,
size_t *sig_len); size_t *sig_len);
#endif /* MBEDTLS_RSA_C */ #endif /* MBEDTLS_RSA_C */
#endif /* MBEDTLS_PSA_CRYPTO_C */ #endif /* MBEDTLS_USE_PSA_CRYPTO */
#endif /* MBEDTLS_PK_WRAP_H */ #endif /* MBEDTLS_PK_WRAP_H */

4
library/pkparse.c
View File

@ -15,6 +15,7 @@
#include "mbedtls/platform_util.h" #include "mbedtls/platform_util.h"
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
#include "mbedtls/error.h" #include "mbedtls/error.h"
#include "mbedtls/ecp.h"
#include "pk_internal.h" #include "pk_internal.h"
#include <string.h> #include <string.h>
@ -28,9 +29,6 @@
#if defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_RSA_C)
#include "mbedtls/rsa.h" #include "mbedtls/rsa.h"
#endif #endif
#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
#include "mbedtls/ecp.h"
#endif
/* Extended formats */ /* Extended formats */
#if defined(MBEDTLS_PEM_PARSE_C) #if defined(MBEDTLS_PEM_PARSE_C)

65
library/rsa.c
View File

@ -29,6 +29,7 @@
#include "mbedtls/rsa.h" #include "mbedtls/rsa.h"
#include "rsa_alt_helpers.h" #include "rsa_alt_helpers.h"
#include "rsa_internal.h"
#include "mbedtls/oid.h" #include "mbedtls/oid.h"
#include "mbedtls/platform_util.h" #include "mbedtls/platform_util.h"
#include "mbedtls/error.h" #include "mbedtls/error.h"
@ -1712,14 +1713,14 @@ int mbedtls_rsa_pkcs1_decrypt(mbedtls_rsa_context *ctx,
} }
#if defined(MBEDTLS_PKCS1_V21) #if defined(MBEDTLS_PKCS1_V21)
static int rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx, static int rsa_rsassa_pss_sign_no_mode_check(mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
int saltlen, int saltlen,
unsigned char *sig) unsigned char *sig)
{ {
size_t olen; size_t olen;
unsigned char *p = sig; unsigned char *p = sig;
@ -1727,15 +1728,12 @@ static int rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx,
size_t slen, min_slen, hlen, offset = 0; size_t slen, min_slen, hlen, offset = 0;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t msb; size_t msb;
mbedtls_md_type_t hash_id;
if ((md_alg != MBEDTLS_MD_NONE || hashlen != 0) && hash == NULL) { if ((md_alg != MBEDTLS_MD_NONE || hashlen != 0) && hash == NULL) {
return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
} }
if (ctx->padding != MBEDTLS_RSA_PKCS_V21) {
return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
}
if (f_rng == NULL) { if (f_rng == NULL) {
return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
} }
@ -1754,7 +1752,11 @@ static int rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx,
} }
} }
hlen = mbedtls_md_get_size_from_type((mbedtls_md_type_t) ctx->hash_id); hash_id = (mbedtls_md_type_t) ctx->hash_id;
if (hash_id == MBEDTLS_MD_NONE) {
hash_id = md_alg;
}
hlen = mbedtls_md_get_size_from_type(hash_id);
if (hlen == 0) { if (hlen == 0) {
return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
} }
@ -1797,7 +1799,7 @@ static int rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx,
p += slen; p += slen;
/* Generate H = Hash( M' ) */ /* Generate H = Hash( M' ) */
ret = hash_mprime(hash, hashlen, salt, slen, p, (mbedtls_md_type_t) ctx->hash_id); ret = hash_mprime(hash, hashlen, salt, slen, p, hash_id);
if (ret != 0) { if (ret != 0) {
return ret; return ret;
} }
@ -1808,8 +1810,7 @@ static int rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx,
} }
/* maskedDB: Apply dbMask to DB */ /* maskedDB: Apply dbMask to DB */
ret = mgf_mask(sig + offset, olen - hlen - 1 - offset, p, hlen, ret = mgf_mask(sig + offset, olen - hlen - 1 - offset, p, hlen, hash_id);
(mbedtls_md_type_t) ctx->hash_id);
if (ret != 0) { if (ret != 0) {
return ret; return ret;
} }
@ -1823,6 +1824,37 @@ static int rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx,
return mbedtls_rsa_private(ctx, f_rng, p_rng, sig, sig); return mbedtls_rsa_private(ctx, f_rng, p_rng, sig, sig);
} }
static int rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
mbedtls_md_type_t md_alg,
unsigned int hashlen,
const unsigned char *hash,
int saltlen,
unsigned char *sig)
{
if (ctx->padding != MBEDTLS_RSA_PKCS_V21) {
return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
}
if (ctx->hash_id == MBEDTLS_MD_NONE) {
return MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
}
return rsa_rsassa_pss_sign_no_mode_check(ctx, f_rng, p_rng, md_alg, hashlen, hash, saltlen,
sig);
}
int mbedtls_rsa_rsassa_pss_sign_no_mode_check(mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
mbedtls_md_type_t md_alg,
unsigned int hashlen,
const unsigned char *hash,
unsigned char *sig)
{
return rsa_rsassa_pss_sign_no_mode_check(ctx, f_rng, p_rng, md_alg,
hashlen, hash, MBEDTLS_RSA_SALT_LEN_ANY, sig);
}
/* /*
* Implementation of the PKCS#1 v2.1 RSASSA-PSS-SIGN function with * Implementation of the PKCS#1 v2.1 RSASSA-PSS-SIGN function with
* the option to pass in the salt length. * the option to pass in the salt length.
@ -1840,7 +1872,6 @@ int mbedtls_rsa_rsassa_pss_sign_ext(mbedtls_rsa_context *ctx,
hashlen, hash, saltlen, sig); hashlen, hash, saltlen, sig);
} }
/* /*
* Implementation of the PKCS#1 v2.1 RSASSA-PSS-SIGN function * Implementation of the PKCS#1 v2.1 RSASSA-PSS-SIGN function
*/ */

6
library/rsa_alt_helpers.h
View File

@ -37,11 +37,9 @@
/* /*
* Copyright The Mbed TLS Contributors * Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*
*/ */
#ifndef MBEDTLS_RSA_ALT_HELPERS_H
#ifndef MBEDTLS_RSA_INTERNAL_H #define MBEDTLS_RSA_ALT_HELPERS_H
#define MBEDTLS_RSA_INTERNAL_H
#include "mbedtls/build_info.h" #include "mbedtls/build_info.h"

42
library/rsa_internal.h Normal file
View File

@ -0,0 +1,42 @@
/**
* \file rsa_internal.h
*
* \brief Internal-only RSA public-key cryptosystem API.
*
* This file declares RSA-related functions that are to be used
* only from within the Mbed TLS library itself.
*
*/
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
#ifndef MBEDTLS_RSA_INTERNAL_H
#define MBEDTLS_RSA_INTERNAL_H
#include "mbedtls/rsa.h"
#if defined(MBEDTLS_PKCS1_V21)
/**
* \brief This function is analogue to \c mbedtls_rsa_rsassa_pss_sign().
* The only difference between them is that this function is more flexible
* on the parameters of \p ctx that are set with \c mbedtls_rsa_set_padding().
*
* \note Compared to its counterpart, this function:
* - does not check the padding setting of \p ctx.
* - allows the hash_id of \p ctx to be MBEDTLS_MD_NONE,
* in which case it uses \p md_alg as the hash_id.
*
* \note Refer to \c mbedtls_rsa_rsassa_pss_sign() for a description
* of the functioning and parameters of this function.
*/
int mbedtls_rsa_rsassa_pss_sign_no_mode_check(mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
mbedtls_md_type_t md_alg,
unsigned int hashlen,
const unsigned char *hash,
unsigned char *sig);
#endif /* MBEDTLS_PKCS1_V21 */
#endif /* rsa_internal.h */

48
tests/suites/test_suite_pk.data
View File

@ -621,62 +621,62 @@ PSA wrapped sign: RSA PKCS1 v1.5
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_GENPRIME:MBEDTLS_PK_WRITE_C depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_GENPRIME:MBEDTLS_PK_WRITE_C
pk_psa_sign:1024:PSA_KEY_TYPE_RSA_KEY_PAIR:1024 pk_psa_sign:1024:PSA_KEY_TYPE_RSA_KEY_PAIR:1024
PK Sign ext:RSA2048,PK_RSA,MD_SHA256 PK sign ext: RSA2048, PK_RSA, MD_SHA256
depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048 depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048
pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA256 pk_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA256
PK Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA256 PK sign ext: RSA2048, PK_RSASSA_PSS, MD_SHA256
depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048 depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048
pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256 pk_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256
PK Sign ext:RSA2048,PK_RSA,MD_SHA384 PK sign ext: RSA2048, PK_RSA, MD_SHA384
depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA384:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048 depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA384:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048
pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA384 pk_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA384
PK Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA384 PK sign ext: RSA2048, PK_RSASSA_PSS, MD_SHA384
depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA384:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048 depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA384:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048
pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA384 pk_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA384
PK Sign ext:RSA2048,PK_RSA,MD_SHA512 PK sign ext: RSA2048, PK_RSA, MD_SHA512
depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA512:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048 depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA512:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048
pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA512 pk_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA512
PK Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA512 PK sign ext: RSA2048, PK_RSASSA_PSS, MD_SHA512
depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA512:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048 depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA512:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048
pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA512 pk_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA512
PK Sign ext:SECP256R1,PK_ECDSA,MD_SHA256 PK sign ext: SECP256R1, PK_ECDSA, MD_SHA256
depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256
pk_psa_sign_ext:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:MBEDTLS_PK_ECDSA:MBEDTLS_MD_SHA256 pk_sign_ext:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:MBEDTLS_PK_ECDSA:MBEDTLS_MD_SHA256
PK Sign ext:SECP384R1,PK_ECDSA,MD_SHA384 PK sign ext: SECP384R1, PK_ECDSA, MD_SHA384
depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA384 depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA384
pk_psa_sign_ext:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP384R1:MBEDTLS_PK_ECDSA:MBEDTLS_MD_SHA384 pk_sign_ext:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP384R1:MBEDTLS_PK_ECDSA:MBEDTLS_MD_SHA384
PK Sign ext:SECP521R1,PK_ECDSA,MD_SHA512 PK sign ext: SECP521R1, PK_ECDSA, MD_SHA512
depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP521R1:MBEDTLS_MD_CAN_SHA512 depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP521R1:MBEDTLS_MD_CAN_SHA512
pk_psa_sign_ext:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP521R1:MBEDTLS_PK_ECDSA:MBEDTLS_MD_SHA512 pk_sign_ext:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP521R1:MBEDTLS_PK_ECDSA:MBEDTLS_MD_SHA512
PK wrapped Sign ext:RSA2048,PK_RSA,MD_SHA256 PSA wrapped sign ext: RSA2048, PK_RSA, MD_SHA256
depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C
pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA256 pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA256
PK wrapped Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA256 PSA wrapped sign ext: RSA2048, PK_RSASSA_PSS, MD_SHA256
depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C
pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256 pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256
PK wrapped Sign ext:RSA2048,PK_RSA,MD_SHA384 PSA wrapped sign ext: RSA2048, PK_RSA, MD_SHA384
depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA384:MBEDTLS_RSA_C depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA384:MBEDTLS_RSA_C
pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA384 pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA384
PK wrapped Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA384 PSA wrapped sign ext: RSA2048, PK_RSASSA_PSS, MD_SHA384
depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA384:MBEDTLS_RSA_C depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA384:MBEDTLS_RSA_C
pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA384 pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA384
PK wrapped Sign ext:RSA2048,PK_RSA,MD_SHA512 PSA wrapped sign ext: RSA2048, PK_RSA, MD_SHA512
depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA512:MBEDTLS_RSA_C depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA512:MBEDTLS_RSA_C
pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA512 pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA512
PK wrapped Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA512 PSA wrapped sign ext: RSA2048, PK_RSASSA_PSS, MD_SHA512
depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA512:MBEDTLS_RSA_C depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA512:MBEDTLS_RSA_C
pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA512 pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA512

152
tests/suites/test_suite_pk.function
View File

@ -84,25 +84,25 @@ exit:
/** Generate a key of the desired type. /** Generate a key of the desired type.
* *
* \param pk The PK object to fill. It must have been initialized * \param pk The PK object to fill. It must have been initialized
* with mbedtls_pk_setup(). * with mbedtls_pk_setup().
* \param parameter - For RSA keys, the key size in bits. * \param curve_or_keybits - For RSA keys, the key size in bits.
* - For EC keys, the curve (\c MBEDTLS_ECP_DP_xxx). * - For EC keys, the curve (\c MBEDTLS_ECP_DP_xxx).
* *
* \return The status from the underlying type-specific key * \return The status from the underlying type-specific key
* generation function. * generation function.
* \return -1 if the key type is not recognized. * \return -1 if the key type is not recognized.
*/ */
static int pk_genkey(mbedtls_pk_context *pk, int parameter) static int pk_genkey(mbedtls_pk_context *pk, int curve_or_keybits)
{ {
((void) pk); (void) pk;
(void) parameter; (void) curve_or_keybits;
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME) #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_RSA) { if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_RSA) {
return mbedtls_rsa_gen_key(mbedtls_pk_rsa(*pk), return mbedtls_rsa_gen_key(mbedtls_pk_rsa(*pk),
mbedtls_test_rnd_std_rand, NULL, mbedtls_test_rnd_std_rand, NULL,
parameter, 3); curve_or_keybits, 3);
} }
#endif #endif
#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) #if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
@ -112,7 +112,7 @@ static int pk_genkey(mbedtls_pk_context *pk, int parameter)
int ret; int ret;
#if defined(MBEDTLS_ECP_C) #if defined(MBEDTLS_ECP_C)
ret = mbedtls_ecp_group_load(&mbedtls_pk_ec_rw(*pk)->grp, parameter); ret = mbedtls_ecp_group_load(&mbedtls_pk_ec_rw(*pk)->grp, curve_or_keybits);
if (ret != 0) { if (ret != 0) {
return ret; return ret;
} }
@ -123,7 +123,7 @@ static int pk_genkey(mbedtls_pk_context *pk, int parameter)
#endif /* MBEDTLS_ECP_C */ #endif /* MBEDTLS_ECP_C */
#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) #if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
ret = pk_genkey_ec(pk, parameter); ret = pk_genkey_ec(pk, curve_or_keybits);
if (ret != 0) { if (ret != 0) {
return ret; return ret;
} }
@ -319,7 +319,7 @@ exit:
/* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO */ /* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO */
void pk_can_do_ext(int opaque_key, int key_type, int key_usage, int key_alg, void pk_can_do_ext(int opaque_key, int key_type, int key_usage, int key_alg,
int key_alg2, int parameter, int alg_check, int usage_check, int key_alg2, int curve_or_keybits, int alg_check, int usage_check,
int result) int result)
{ {
mbedtls_pk_context pk; mbedtls_pk_context pk;
@ -336,7 +336,7 @@ void pk_can_do_ext(int opaque_key, int key_type, int key_usage, int key_alg,
psa_set_key_enrollment_algorithm(&attributes, key_alg2); psa_set_key_enrollment_algorithm(&attributes, key_alg2);
} }
psa_set_key_type(&attributes, key_type); psa_set_key_type(&attributes, key_type);
psa_set_key_bits(&attributes, parameter); psa_set_key_bits(&attributes, curve_or_keybits);
PSA_ASSERT(psa_generate_key(&attributes, &key)); PSA_ASSERT(psa_generate_key(&attributes, &key));
@ -350,7 +350,7 @@ void pk_can_do_ext(int opaque_key, int key_type, int key_usage, int key_alg,
} else { } else {
TEST_EQUAL(mbedtls_pk_setup(&pk, TEST_EQUAL(mbedtls_pk_setup(&pk,
mbedtls_pk_info_from_type(key_type)), 0); mbedtls_pk_info_from_type(key_type)), 0);
TEST_EQUAL(pk_genkey(&pk, parameter), 0); TEST_EQUAL(pk_genkey(&pk, curve_or_keybits), 0);
TEST_EQUAL(mbedtls_pk_get_type(&pk), key_type); TEST_EQUAL(mbedtls_pk_get_type(&pk), key_type);
} }
@ -407,6 +407,16 @@ void pk_invalid_param()
buf, buf_size, &buf_size, buf, buf_size, &buf_size,
NULL, NULL, NULL, NULL,
NULL)); NULL));
TEST_EQUAL(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
mbedtls_pk_sign_ext(pk_type, &ctx, MBEDTLS_MD_NONE,
NULL, buf_size,
buf, buf_size, &buf_size,
NULL, NULL));
TEST_EQUAL(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
mbedtls_pk_sign_ext(pk_type, &ctx, MBEDTLS_MD_SHA256,
NULL, 0,
buf, buf_size, &buf_size,
NULL, NULL));
exit: exit:
mbedtls_pk_free(&ctx); mbedtls_pk_free(&ctx);
USE_PSA_DONE(); USE_PSA_DONE();
@ -435,14 +445,6 @@ void valid_parameters()
TEST_ASSERT(mbedtls_pk_get_len(NULL) == 0); TEST_ASSERT(mbedtls_pk_get_len(NULL) == 0);
TEST_ASSERT(mbedtls_pk_can_do(NULL, MBEDTLS_PK_NONE) == 0); TEST_ASSERT(mbedtls_pk_can_do(NULL, MBEDTLS_PK_NONE) == 0);
TEST_ASSERT(mbedtls_pk_sign_restartable(&pk,
MBEDTLS_MD_NONE,
NULL, 0,
buf, sizeof(buf), &len,
mbedtls_test_rnd_std_rand, NULL,
NULL) ==
MBEDTLS_ERR_PK_BAD_INPUT_DATA);
TEST_ASSERT(mbedtls_pk_sign_restartable(&pk, TEST_ASSERT(mbedtls_pk_sign_restartable(&pk,
MBEDTLS_MD_NONE, MBEDTLS_MD_NONE,
NULL, 0, NULL, 0,
@ -458,6 +460,13 @@ void valid_parameters()
mbedtls_test_rnd_std_rand, NULL) == mbedtls_test_rnd_std_rand, NULL) ==
MBEDTLS_ERR_PK_BAD_INPUT_DATA); MBEDTLS_ERR_PK_BAD_INPUT_DATA);
TEST_ASSERT(mbedtls_pk_sign_ext(MBEDTLS_PK_NONE, &pk,
MBEDTLS_MD_NONE,
NULL, 0,
buf, sizeof(buf), &len,
mbedtls_test_rnd_std_rand, NULL) ==
MBEDTLS_ERR_PK_BAD_INPUT_DATA);
TEST_ASSERT(mbedtls_pk_verify_restartable(&pk, TEST_ASSERT(mbedtls_pk_verify_restartable(&pk,
MBEDTLS_MD_NONE, MBEDTLS_MD_NONE,
NULL, 0, NULL, 0,
@ -536,7 +545,7 @@ exit:
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE */ /* BEGIN_CASE */
void pk_utils(int type, int parameter, int bitlen, int len, char *name) void pk_utils(int type, int curve_or_keybits, int bitlen, int len, char *name)
{ {
mbedtls_pk_context pk; mbedtls_pk_context pk;
@ -544,7 +553,7 @@ void pk_utils(int type, int parameter, int bitlen, int len, char *name)
USE_PSA_INIT(); USE_PSA_INIT();
TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(type)) == 0); TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(type)) == 0);
TEST_ASSERT(pk_genkey(&pk, parameter) == 0); TEST_ASSERT(pk_genkey(&pk, curve_or_keybits) == 0);
TEST_ASSERT((int) mbedtls_pk_get_type(&pk) == type); TEST_ASSERT((int) mbedtls_pk_get_type(&pk) == type);
TEST_ASSERT(mbedtls_pk_can_do(&pk, type)); TEST_ASSERT(mbedtls_pk_can_do(&pk, type));
@ -848,7 +857,7 @@ exit:
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_MD_CAN_SHA256 */ /* BEGIN_CASE depends_on:MBEDTLS_MD_CAN_SHA256 */
void pk_sign_verify(int type, int parameter, int sign_ret, int verify_ret) void pk_sign_verify(int type, int curve_or_keybits, int sign_ret, int verify_ret)
{ {
mbedtls_pk_context pk; mbedtls_pk_context pk;
size_t sig_len; size_t sig_len;
@ -874,7 +883,7 @@ void pk_sign_verify(int type, int parameter, int sign_ret, int verify_ret)
memset(sig, 0, sizeof(sig)); memset(sig, 0, sizeof(sig));
TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(type)) == 0); TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(type)) == 0);
TEST_ASSERT(pk_genkey(&pk, parameter) == 0); TEST_ASSERT(pk_genkey(&pk, curve_or_keybits) == 0);
TEST_ASSERT(mbedtls_pk_sign_restartable(&pk, MBEDTLS_MD_SHA256, TEST_ASSERT(mbedtls_pk_sign_restartable(&pk, MBEDTLS_MD_SHA256,
hash, hash_len, hash, hash_len,
@ -1175,22 +1184,31 @@ void pk_rsa_overflow()
memset(hash, 0x2a, sizeof(hash)); memset(hash, 0x2a, sizeof(hash));
memset(sig, 0, sizeof(sig)); memset(sig, 0, sizeof(sig));
TEST_ASSERT(mbedtls_pk_setup(&pk, TEST_EQUAL(mbedtls_pk_setup(&pk,
mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0); mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)), 0);
#if defined(MBEDTLS_PKCS1_V21) #if defined(MBEDTLS_PKCS1_V21)
TEST_ASSERT(mbedtls_pk_verify_ext(MBEDTLS_PK_RSASSA_PSS, NULL, &pk, TEST_EQUAL(mbedtls_pk_verify_ext(MBEDTLS_PK_RSASSA_PSS, NULL, &pk,
MBEDTLS_MD_NONE, hash, hash_len, sig, sig_len) == MBEDTLS_MD_NONE, hash, hash_len, sig, sig_len),
MBEDTLS_ERR_PK_BAD_INPUT_DATA); MBEDTLS_ERR_PK_BAD_INPUT_DATA);
#endif /* MBEDTLS_PKCS1_V21 */ #endif /* MBEDTLS_PKCS1_V21 */
TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_NONE, hash, hash_len, TEST_EQUAL(mbedtls_pk_verify(&pk, MBEDTLS_MD_NONE, hash, hash_len,
sig, sig_len) == MBEDTLS_ERR_PK_BAD_INPUT_DATA); sig, sig_len),
MBEDTLS_ERR_PK_BAD_INPUT_DATA);
TEST_ASSERT(mbedtls_pk_sign(&pk, MBEDTLS_MD_NONE, hash, hash_len, #if defined(MBEDTLS_PKCS1_V21)
sig, sizeof(sig), &sig_len, TEST_EQUAL(mbedtls_pk_sign_ext(MBEDTLS_PK_RSASSA_PSS, &pk,
mbedtls_test_rnd_std_rand, NULL) MBEDTLS_MD_NONE, hash, hash_len,
== MBEDTLS_ERR_PK_BAD_INPUT_DATA); sig, sizeof(sig), &sig_len,
mbedtls_test_rnd_std_rand, NULL),
MBEDTLS_ERR_PK_BAD_INPUT_DATA);
#endif /* MBEDTLS_PKCS1_V21 */
TEST_EQUAL(mbedtls_pk_sign(&pk, MBEDTLS_MD_NONE, hash, hash_len,
sig, sizeof(sig), &sig_len,
mbedtls_test_rnd_std_rand, NULL),
MBEDTLS_ERR_PK_BAD_INPUT_DATA);
exit: exit:
mbedtls_pk_free(&pk); mbedtls_pk_free(&pk);
@ -1286,8 +1304,7 @@ exit:
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_PK_PSA_SIGN */ /* BEGIN_CASE depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_PK_PSA_SIGN */
void pk_psa_sign(int parameter_arg, void pk_psa_sign(int curve_or_keybits, int psa_type, int expected_bits)
int psa_type_arg, int expected_bits_arg)
{ {
mbedtls_pk_context pk; mbedtls_pk_context pk;
unsigned char hash[32]; unsigned char hash[32];
@ -1300,8 +1317,6 @@ void pk_psa_sign(int parameter_arg,
int ret; int ret;
mbedtls_svc_key_id_t key_id; mbedtls_svc_key_id_t key_id;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_type_t expected_type = psa_type_arg;
size_t expected_bits = expected_bits_arg;
/* /*
* This tests making signatures with a wrapped PSA key: * This tests making signatures with a wrapped PSA key:
@ -1315,19 +1330,19 @@ void pk_psa_sign(int parameter_arg,
USE_PSA_INIT(); USE_PSA_INIT();
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME) #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
if (PSA_KEY_TYPE_IS_RSA(psa_type_arg)) { if (PSA_KEY_TYPE_IS_RSA(psa_type)) {
/* Create legacy RSA public/private key in PK context. */ /* Create legacy RSA public/private key in PK context. */
TEST_ASSERT(mbedtls_pk_setup(&pk, TEST_ASSERT(mbedtls_pk_setup(&pk,
mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0); mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0);
TEST_ASSERT(mbedtls_rsa_gen_key(mbedtls_pk_rsa(pk), TEST_ASSERT(mbedtls_rsa_gen_key(mbedtls_pk_rsa(pk),
mbedtls_test_rnd_std_rand, NULL, mbedtls_test_rnd_std_rand, NULL,
parameter_arg, 3) == 0); curve_or_keybits, 3) == 0);
alg_psa = PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256); alg_psa = PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256);
} else } else
#endif /* MBEDTLS_RSA_C && MBEDTLS_GENPRIME */ #endif /* MBEDTLS_RSA_C && MBEDTLS_GENPRIME */
#if defined(MBEDTLS_PK_CAN_ECDSA_SIGN) #if defined(MBEDTLS_PK_CAN_ECDSA_SIGN)
if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(psa_type_arg)) { if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(psa_type)) {
mbedtls_ecp_group_id grpid = parameter_arg; mbedtls_ecp_group_id grpid = curve_or_keybits;
/* Create legacy EC public/private key in PK context. */ /* Create legacy EC public/private key in PK context. */
TEST_ASSERT(mbedtls_pk_setup(&pk, TEST_ASSERT(mbedtls_pk_setup(&pk,
@ -1338,7 +1353,7 @@ void pk_psa_sign(int parameter_arg,
} else } else
#endif /* MBEDTLS_PK_CAN_ECDSA_SIGN */ #endif /* MBEDTLS_PK_CAN_ECDSA_SIGN */
{ {
(void) parameter_arg; (void) curve_or_keybits;
TEST_ASSUME(!"Opaque PK key not supported in this configuration"); TEST_ASSUME(!"Opaque PK key not supported in this configuration");
} }
@ -1366,8 +1381,8 @@ void pk_psa_sign(int parameter_arg,
PSA_ALG_NONE) == 0); PSA_ALG_NONE) == 0);
PSA_ASSERT(psa_get_key_attributes(key_id, &attributes)); PSA_ASSERT(psa_get_key_attributes(key_id, &attributes));
TEST_EQUAL(psa_get_key_type(&attributes), expected_type); TEST_EQUAL(psa_get_key_type(&attributes), (psa_key_type_t) psa_type);
TEST_EQUAL(psa_get_key_bits(&attributes), expected_bits); TEST_EQUAL(psa_get_key_bits(&attributes), (size_t) expected_bits);
TEST_EQUAL(psa_get_key_lifetime(&attributes), TEST_EQUAL(psa_get_key_lifetime(&attributes),
PSA_KEY_LIFETIME_VOLATILE); PSA_KEY_LIFETIME_VOLATILE);
@ -1378,7 +1393,7 @@ void pk_psa_sign(int parameter_arg,
hash, sizeof(hash), sig, sizeof(sig), &sig_len, hash, sizeof(hash), sig, sizeof(sig), &sig_len,
NULL, NULL) == 0); NULL, NULL) == 0);
/* Only opaque EC keys support verification. */ /* Only opaque EC keys support verification. */
if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(psa_type_arg)) { if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(psa_type)) {
TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_SHA256, TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_SHA256,
hash, sizeof(hash), sig, sig_len) == 0); hash, sizeof(hash), sig, sig_len) == 0);
} }
@ -1420,7 +1435,7 @@ void pk_psa_sign(int parameter_arg,
mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY)), 0); mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY)), 0);
TEST_EQUAL(mbedtls_ecp_group_load( TEST_EQUAL(mbedtls_ecp_group_load(
&(mbedtls_pk_ec_rw(pk)->grp), &(mbedtls_pk_ec_rw(pk)->grp),
(mbedtls_ecp_group_id) parameter_arg), 0); (mbedtls_ecp_group_id) curve_or_keybits), 0);
TEST_EQUAL(mbedtls_ecp_point_read_binary(&(mbedtls_pk_ec_ro(pk)->grp), TEST_EQUAL(mbedtls_ecp_point_read_binary(&(mbedtls_pk_ec_ro(pk)->grp),
&(mbedtls_pk_ec_rw(pk)->Q), &(mbedtls_pk_ec_rw(pk)->Q),
pkey_legacy_start, klen_legacy), 0); pkey_legacy_start, klen_legacy), 0);
@ -1440,14 +1455,13 @@ exit:
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_GENPRIME */ /* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */
void pk_psa_sign_ext(int pk_type, int parameter, int key_pk_type, int md_alg) void pk_sign_ext(int pk_type, int curve_or_keybits, int key_pk_type, int md_alg)
{ {
/* See the description of pk_genkey() for the description of the `parameter` argument. */
mbedtls_pk_context pk; mbedtls_pk_context pk;
size_t sig_len; size_t sig_len;
unsigned char sig[MBEDTLS_PK_SIGNATURE_MAX_SIZE]; unsigned char sig[MBEDTLS_PK_SIGNATURE_MAX_SIZE];
unsigned char hash[PSA_HASH_MAX_SIZE]; unsigned char hash[MBEDTLS_MD_MAX_SIZE];
size_t hash_len = mbedtls_md_get_size_from_type(md_alg); size_t hash_len = mbedtls_md_get_size_from_type(md_alg);
void const *options = NULL; void const *options = NULL;
mbedtls_pk_rsassa_pss_options rsassa_pss_options; mbedtls_pk_rsassa_pss_options rsassa_pss_options;
@ -1455,16 +1469,15 @@ void pk_psa_sign_ext(int pk_type, int parameter, int key_pk_type, int md_alg)
memset(sig, 0, sizeof(sig)); memset(sig, 0, sizeof(sig));
mbedtls_pk_init(&pk); mbedtls_pk_init(&pk);
PSA_INIT(); MD_OR_USE_PSA_INIT();
TEST_ASSERT(mbedtls_pk_setup(&pk, TEST_EQUAL(mbedtls_pk_setup(&pk,
mbedtls_pk_info_from_type(pk_type)) == 0); mbedtls_pk_info_from_type(pk_type)), 0);
TEST_EQUAL(pk_genkey(&pk, curve_or_keybits), 0);
TEST_ASSERT(pk_genkey(&pk, parameter) == 0); TEST_EQUAL(mbedtls_pk_sign_ext(key_pk_type, &pk, md_alg, hash, hash_len,
sig, sizeof(sig), &sig_len,
TEST_ASSERT(mbedtls_pk_sign_ext(key_pk_type, &pk, md_alg, hash, hash_len, mbedtls_test_rnd_std_rand, NULL), 0);
sig, sizeof(sig), &sig_len,
mbedtls_test_rnd_std_rand, NULL) == 0);
if (key_pk_type == MBEDTLS_PK_RSASSA_PSS) { if (key_pk_type == MBEDTLS_PK_RSASSA_PSS) {
rsassa_pss_options.mgf1_hash_id = md_alg; rsassa_pss_options.mgf1_hash_id = md_alg;
@ -1472,18 +1485,17 @@ void pk_psa_sign_ext(int pk_type, int parameter, int key_pk_type, int md_alg)
rsassa_pss_options.expected_salt_len = hash_len; rsassa_pss_options.expected_salt_len = hash_len;
options = (const void *) &rsassa_pss_options; options = (const void *) &rsassa_pss_options;
} }
TEST_ASSERT(mbedtls_pk_verify_ext(key_pk_type, options, &pk, md_alg, TEST_EQUAL(mbedtls_pk_verify_ext(key_pk_type, options, &pk, md_alg,
hash, hash_len, sig, sig_len) == 0); hash, hash_len, sig, sig_len), 0);
exit: exit:
mbedtls_pk_free(&pk); mbedtls_pk_free(&pk);
PSA_DONE(); MD_OR_USE_PSA_DONE();
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_USE_PSA_CRYPTO */ /* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_USE_PSA_CRYPTO */
void pk_psa_wrap_sign_ext(int pk_type, int parameter, int key_pk_type, int md_alg) void pk_psa_wrap_sign_ext(int pk_type, int key_bits, int key_pk_type, int md_alg)
{ {
/* See the description of mbedtls_rsa_gen_key() for the description of the `parameter` argument. */
mbedtls_pk_context pk; mbedtls_pk_context pk;
size_t sig_len, pkey_len; size_t sig_len, pkey_len;
mbedtls_svc_key_id_t key_id; mbedtls_svc_key_id_t key_id;
@ -1507,7 +1519,7 @@ void pk_psa_wrap_sign_ext(int pk_type, int parameter, int key_pk_type, int md_al
mbedtls_pk_info_from_type(pk_type)), 0); mbedtls_pk_info_from_type(pk_type)), 0);
TEST_EQUAL(mbedtls_rsa_gen_key(mbedtls_pk_rsa(pk), TEST_EQUAL(mbedtls_rsa_gen_key(mbedtls_pk_rsa(pk),
mbedtls_test_rnd_std_rand, NULL, mbedtls_test_rnd_std_rand, NULL,
parameter, 3), 0); key_bits, 3), 0);
/* Export underlying public key for re-importing in a legacy context. */ /* Export underlying public key for re-importing in a legacy context. */
ret = mbedtls_pk_write_pubkey_der(&pk, pkey, sizeof(pkey)); ret = mbedtls_pk_write_pubkey_der(&pk, pkey, sizeof(pkey));