mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-25 13:43:31 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #5634 from superna9999/5625-pk-opaque-rsa-basics

Browse Source 
PK Opaque RSA sign
This commit is contained in:
Manuel Pégourié-Gonnard 2022-04-13 09:55:42 +02:00 committed by GitHub
commit 6c242a01f7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 317 additions and 116 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
include/mbedtls/pk.h
View File

@ -330,8 +330,8 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info );
* storing and manipulating the key material directly. * storing and manipulating the key material directly.
* *
* \param ctx The context to initialize. It must be empty (type NONE). * \param ctx The context to initialize. It must be empty (type NONE).
* \param key The PSA key to wrap, which must hold an ECC key pair * \param key The PSA key to wrap, which must hold an ECC or RSA key
* (see notes below). * pair (see notes below).
* *
* \note The wrapped key must remain valid as long as the * \note The wrapped key must remain valid as long as the
* wrapping PK context is in use, that is at least between * wrapping PK context is in use, that is at least between
@ -339,8 +339,8 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info );
* mbedtls_pk_free() is called on this context. The wrapped * mbedtls_pk_free() is called on this context. The wrapped
* key might then be independently used or destroyed. * key might then be independently used or destroyed.
* *
* \note This function is currently only available for ECC key * \note This function is currently only available for ECC or RSA
* pairs (that is, ECC keys containing private key material). * key pairs (that is, keys containing private key material).
* Support for other key types may be added later. * Support for other key types may be added later.
* *
* \return \c 0 on success. * \return \c 0 on success.

125
library/pk.c
View File

@ -22,6 +22,7 @@
#if defined(MBEDTLS_PK_C) #if defined(MBEDTLS_PK_C)
#include "mbedtls/pk.h" #include "mbedtls/pk.h"
#include "pk_wrap.h" #include "pk_wrap.h"
#include "pkwrite.h"
#include "mbedtls/platform_util.h" #include "mbedtls/platform_util.h"
#include "mbedtls/error.h" #include "mbedtls/error.h"
@ -153,7 +154,7 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info )
int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx,
const mbedtls_svc_key_id_t key ) const mbedtls_svc_key_id_t key )
{ {
const mbedtls_pk_info_t * const info = &mbedtls_pk_opaque_info; const mbedtls_pk_info_t *info = NULL;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
mbedtls_svc_key_id_t *pk_ctx; mbedtls_svc_key_id_t *pk_ctx;
psa_key_type_t type; psa_key_type_t type;
@ -166,9 +167,12 @@ int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx,
type = psa_get_key_type( &attributes ); type = psa_get_key_type( &attributes );
psa_reset_key_attributes( &attributes ); psa_reset_key_attributes( &attributes );
/* Current implementation of can_do() relies on this. */ if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) )
if( ! PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) ) info = &mbedtls_pk_ecdsa_opaque_info;
return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE) ; else if( type == PSA_KEY_TYPE_RSA_KEY_PAIR )
info = &mbedtls_pk_rsa_opaque_info;
else
return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL ) if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
return( MBEDTLS_ERR_PK_ALLOC_FAILED ); return( MBEDTLS_ERR_PK_ALLOC_FAILED );
@ -699,57 +703,100 @@ mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx )
* Load the key to a PSA key slot, * Load the key to a PSA key slot,
* then turn the PK context into a wrapper for that key slot. * then turn the PK context into a wrapper for that key slot.
* *
* Currently only works for EC private keys. * Currently only works for EC & RSA private keys.
*/ */
int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk,
mbedtls_svc_key_id_t *key, mbedtls_svc_key_id_t *key,
psa_algorithm_t hash_alg ) psa_algorithm_t hash_alg )
{ {
#if !defined(MBEDTLS_ECP_C) #if !defined(MBEDTLS_ECP_C) && !defined(MBEDTLS_RSA_C)
((void) pk); ((void) pk);
((void) key); ((void) key);
((void) hash_alg); ((void) hash_alg);
return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
#else #else
const mbedtls_ecp_keypair *ec; #if defined(MBEDTLS_ECP_C)
unsigned char d[MBEDTLS_ECP_MAX_BYTES]; if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECKEY )
size_t d_len; {
psa_ecc_family_t curve_id; const mbedtls_ecp_keypair *ec;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; unsigned char d[MBEDTLS_ECP_MAX_BYTES];
psa_key_type_t key_type; size_t d_len;
size_t bits; psa_ecc_family_t curve_id;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_type_t key_type;
size_t bits;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
psa_status_t status;
/* export the private key material in the format PSA wants */ /* export the private key material in the format PSA wants */
if( mbedtls_pk_get_type( pk ) != MBEDTLS_PK_ECKEY ) ec = mbedtls_pk_ec( *pk );
return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); d_len = PSA_BITS_TO_BYTES( ec->grp.nbits );
if( ( ret = mbedtls_mpi_write_binary( &ec->d, d, d_len ) ) != 0 )
return( ret );
ec = mbedtls_pk_ec( *pk ); curve_id = mbedtls_ecc_group_to_psa( ec->grp.id, &bits );
d_len = ( ec->grp.nbits + 7 ) / 8; key_type = PSA_KEY_TYPE_ECC_KEY_PAIR( curve_id );
if( ( ret = mbedtls_mpi_write_binary( &ec->d, d, d_len ) ) != 0 )
return( ret );
curve_id = mbedtls_ecc_group_to_psa( ec->grp.id, &bits ); /* prepare the key attributes */
key_type = PSA_KEY_TYPE_ECC_KEY_PAIR( curve_id ); psa_set_key_type( &attributes, key_type );
psa_set_key_bits( &attributes, bits );
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH |
PSA_KEY_USAGE_DERIVE);
psa_set_key_algorithm( &attributes, PSA_ALG_ECDSA( hash_alg ) );
psa_set_key_enrollment_algorithm( &attributes, PSA_ALG_ECDH );
/* prepare the key attributes */ /* import private key into PSA */
psa_set_key_type( &attributes, key_type ); status = psa_import_key( &attributes, d, d_len, key );
psa_set_key_bits( &attributes, bits ); if( status != PSA_SUCCESS )
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH | return( mbedtls_pk_error_from_psa( status ) );
PSA_KEY_USAGE_DERIVE);
psa_set_key_algorithm( &attributes, PSA_ALG_ECDSA(hash_alg) );
psa_set_key_enrollment_algorithm( &attributes, PSA_ALG_ECDH );
/* import private key into PSA */ /* make PK context wrap the key slot */
if( PSA_SUCCESS != psa_import_key( &attributes, d, d_len, key ) ) mbedtls_pk_free( pk );
return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED ); mbedtls_pk_init( pk );
/* make PK context wrap the key slot */ return( mbedtls_pk_setup_opaque( pk, *key ) );
mbedtls_pk_free( pk ); }
mbedtls_pk_init( pk ); else
return( mbedtls_pk_setup_opaque( pk, *key ) );
#endif /* MBEDTLS_ECP_C */ #endif /* MBEDTLS_ECP_C */
#if defined(MBEDTLS_RSA_C)
if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_RSA )
{
unsigned char buf[MBEDTLS_PK_RSA_PRV_DER_MAX_BYTES];
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
int key_len;
psa_status_t status;
/* export the private key material in the format PSA wants */
key_len = mbedtls_pk_write_key_der( pk, buf, sizeof( buf ) );
if( key_len <= 0 )
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
/* prepare the key attributes */
psa_set_key_type( &attributes, PSA_KEY_TYPE_RSA_KEY_PAIR );
psa_set_key_bits( &attributes, mbedtls_pk_get_bitlen( pk ) );
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH );
psa_set_key_algorithm( &attributes,
PSA_ALG_RSA_PKCS1V15_SIGN( hash_alg ) );
/* import private key into PSA */
status = psa_import_key( &attributes,
buf + sizeof( buf ) - key_len,
key_len, key);
mbedtls_platform_zeroize( buf, sizeof( buf ) );
if( status != PSA_SUCCESS )
return( mbedtls_pk_error_from_psa( status ) );
/* make PK context wrap the key slot */
mbedtls_pk_free( pk );
mbedtls_pk_init( pk );
return( mbedtls_pk_setup_opaque( pk, *key ) );
}
else
#endif /* MBEDTLS_RSA_C */
#endif /* !MBEDTLS_ECP_C && !MBEDTLS_RSA_C */
return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
} }
#endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_USE_PSA_CRYPTO */
#endif /* MBEDTLS_PK_C */ #endif /* MBEDTLS_PK_C */

89
library/pk_wrap.c
View File

@ -1493,21 +1493,23 @@ static size_t pk_opaque_get_bitlen( const void *ctx )
return( bits ); return( bits );
} }
static int pk_opaque_can_do( mbedtls_pk_type_t type ) static int pk_opaque_ecdsa_can_do( mbedtls_pk_type_t type )
{ {
/* For now opaque PSA keys can only wrap ECC keypairs,
* as checked by setup_psa().
* Also, ECKEY_DH does not really make sense with the current API. */
return( type == MBEDTLS_PK_ECKEY || return( type == MBEDTLS_PK_ECKEY ||
type == MBEDTLS_PK_ECDSA ); type == MBEDTLS_PK_ECDSA );
} }
static int pk_opaque_rsa_can_do( mbedtls_pk_type_t type )
{
return( type == MBEDTLS_PK_RSA );
}
static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len, const unsigned char *hash, size_t hash_len,
unsigned char *sig, size_t sig_size, size_t *sig_len, unsigned char *sig, size_t sig_size, size_t *sig_len,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{ {
#if !defined(MBEDTLS_ECDSA_C) #if !defined(MBEDTLS_ECDSA_C) && !defined(MBEDTLS_RSA_C)
((void) ctx); ((void) ctx);
((void) md_alg); ((void) md_alg);
((void) hash); ((void) hash);
@ -1518,31 +1520,92 @@ static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
((void) f_rng); ((void) f_rng);
((void) p_rng); ((void) p_rng);
return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
#else /* !MBEDTLS_ECDSA_C */ #else /* !MBEDTLS_ECDSA_C && !MBEDTLS_RSA_C */
const mbedtls_svc_key_id_t *key = (const mbedtls_svc_key_id_t *) ctx; const mbedtls_svc_key_id_t *key = (const mbedtls_svc_key_id_t *) ctx;
psa_algorithm_t alg = PSA_ALG_ECDSA( mbedtls_psa_translate_md( md_alg ) ); psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_algorithm_t alg;
psa_key_type_t type;
psa_status_t status; psa_status_t status;
/* PSA has its own RNG */ /* PSA has its own RNG */
(void) f_rng; (void) f_rng;
(void) p_rng; (void) p_rng;
status = psa_get_key_attributes( *key, &attributes );
if( status != PSA_SUCCESS )
return( mbedtls_pk_error_from_psa( status ) );
type = psa_get_key_type( &attributes );
psa_reset_key_attributes( &attributes );
#if defined(MBEDTLS_ECDSA_C)
if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) )
alg = PSA_ALG_ECDSA( mbedtls_psa_translate_md( md_alg ) );
else
#endif /* MBEDTLS_ECDSA_C */
#if defined(MBEDTLS_RSA_C)
if( PSA_KEY_TYPE_IS_RSA( type ) )
alg = PSA_ALG_RSA_PKCS1V15_SIGN( mbedtls_psa_translate_md( md_alg ) );
else
#endif /* MBEDTLS_RSA_C */
return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
/* make the signature */ /* make the signature */
status = psa_sign_hash( *key, alg, hash, hash_len, status = psa_sign_hash( *key, alg, hash, hash_len,
sig, sig_size, sig_len ); sig, sig_size, sig_len );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
return( mbedtls_pk_error_from_psa_ecdsa( status ) ); {
#if defined(MBEDTLS_ECDSA_C)
if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) )
return( mbedtls_pk_error_from_psa_ecdsa( status ) );
else
#endif /* MBEDTLS_ECDSA_C */
#if defined(MBEDTLS_RSA_C)
if( PSA_KEY_TYPE_IS_RSA( type ) )
return( mbedtls_pk_error_from_psa_rsa( status ) );
else
#endif /* MBEDTLS_RSA_C */
return( mbedtls_pk_error_from_psa( status ) );
}
/* transcode it to ASN.1 sequence */ #if defined(MBEDTLS_ECDSA_C)
return( pk_ecdsa_sig_asn1_from_psa( sig, sig_len, sig_size ) ); if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) )
#endif /* !MBEDTLS_ECDSA_C */ /* transcode it to ASN.1 sequence */
return( pk_ecdsa_sig_asn1_from_psa( sig, sig_len, sig_size ) );
#endif /* MBEDTLS_ECDSA_C */
return 0;
#endif /* !MBEDTLS_ECDSA_C && !MBEDTLS_RSA_C */
} }
const mbedtls_pk_info_t mbedtls_pk_opaque_info = { const mbedtls_pk_info_t mbedtls_pk_ecdsa_opaque_info = {
MBEDTLS_PK_OPAQUE, MBEDTLS_PK_OPAQUE,
"Opaque", "Opaque",
pk_opaque_get_bitlen, pk_opaque_get_bitlen,
pk_opaque_can_do, pk_opaque_ecdsa_can_do,
NULL, /* verify - will be done later */
pk_opaque_sign_wrap,
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
NULL, /* restartable verify - not relevant */
NULL, /* restartable sign - not relevant */
#endif
NULL, /* decrypt - not relevant */
NULL, /* encrypt - not relevant */
NULL, /* check_pair - could be done later or left NULL */
pk_opaque_alloc_wrap,
pk_opaque_free_wrap,
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
NULL, /* restart alloc - not relevant */
NULL, /* restart free - not relevant */
#endif
NULL, /* debug - could be done later, or even left NULL */
};
const mbedtls_pk_info_t mbedtls_pk_rsa_opaque_info = {
MBEDTLS_PK_OPAQUE,
"Opaque",
pk_opaque_get_bitlen,
pk_opaque_rsa_can_do,
NULL, /* verify - will be done later */ NULL, /* verify - will be done later */
pk_opaque_sign_wrap, pk_opaque_sign_wrap,
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)

3
library/pk_wrap.h
View File

@ -136,7 +136,8 @@ extern const mbedtls_pk_info_t mbedtls_rsa_alt_info;
#endif #endif
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
extern const mbedtls_pk_info_t mbedtls_pk_opaque_info; extern const mbedtls_pk_info_t mbedtls_pk_ecdsa_opaque_info;
extern const mbedtls_pk_info_t mbedtls_pk_rsa_opaque_info;
#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) #if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
int mbedtls_pk_error_from_psa_ecdsa( psa_status_t status ); int mbedtls_pk_error_from_psa_ecdsa( psa_status_t status );

42
library/pkwrite.c
View File

@ -279,21 +279,35 @@ int mbedtls_pk_write_pubkey_der( const mbedtls_pk_context *key, unsigned char *b
bits = psa_get_key_bits( &attributes ); bits = psa_get_key_bits( &attributes );
psa_reset_key_attributes( &attributes ); psa_reset_key_attributes( &attributes );
curve = PSA_KEY_TYPE_ECC_GET_FAMILY( key_type ); if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( key_type ) )
if( curve == 0 ) {
curve = PSA_KEY_TYPE_ECC_GET_FAMILY( key_type );
if( curve == 0 )
return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
ret = mbedtls_psa_get_ecc_oid_from_id( curve, bits,
&oid, &oid_len );
if( ret != 0 )
return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
/* Write EC algorithm parameters; that's akin
* to pk_write_ec_param() above. */
MBEDTLS_ASN1_CHK_ADD( par_len, mbedtls_asn1_write_oid( &c, buf,
oid,
oid_len ) );
/* The rest of the function works as for legacy EC contexts. */
pk_type = MBEDTLS_PK_ECKEY;
}
else if( PSA_KEY_TYPE_IS_RSA( key_type ) )
{
/* The rest of the function works as for legacy RSA contexts. */
pk_type = MBEDTLS_PK_RSA;
}
else
{
return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
}
ret = mbedtls_psa_get_ecc_oid_from_id( curve, bits, &oid, &oid_len );
if( ret != 0 )
return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
/* Write EC algorithm parameters; that's akin
* to pk_write_ec_param() above. */
MBEDTLS_ASN1_CHK_ADD( par_len, mbedtls_asn1_write_oid( &c, buf,
oid, oid_len ) );
/* The rest of the function works as for legacy EC contexts. */
pk_type = MBEDTLS_PK_ECKEY;
} }
#endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_USE_PSA_CRYPTO */

49
tests/suites/test_suite_pk.data
View File

@ -41,8 +41,13 @@ PK utils: ECDSA SECP521R1
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
pk_utils:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP521R1:521:66:"ECDSA" pk_utils:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP521R1:521:66:"ECDSA"
PK PSA utilities: setup/free, info functions, unsupported operations PK PSA utilities: ECDSA setup/free, info functions, unsupported operations
pk_psa_utils: depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
pk_psa_utils:0
PK PSA utilities: RSA setup/free, info functions, unsupported operations
depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
pk_psa_utils:1
RSA verify test vector #1 (good) RSA verify test vector #1 (good)
depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15 depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
@ -305,41 +310,45 @@ depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
pk_sign_verify_restart:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":250:2:64 pk_sign_verify_restart:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":250:2:64
PSA wrapped sign: SECP256R1 PSA wrapped sign: SECP256R1
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
pk_psa_sign:MBEDTLS_ECP_DP_SECP256R1:PSA_ECC_FAMILY_SECP_R1:256 pk_psa_sign:MBEDTLS_ECP_DP_SECP256R1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256
PSA wrapped sign: SECP384R1 PSA wrapped sign: SECP384R1
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
pk_psa_sign:MBEDTLS_ECP_DP_SECP384R1:PSA_ECC_FAMILY_SECP_R1:384 pk_psa_sign:MBEDTLS_ECP_DP_SECP384R1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384
PSA wrapped sign: SECP521R1 PSA wrapped sign: SECP521R1
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
pk_psa_sign:MBEDTLS_ECP_DP_SECP521R1:PSA_ECC_FAMILY_SECP_R1:521 pk_psa_sign:MBEDTLS_ECP_DP_SECP521R1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521
PSA wrapped sign: SECP192K1 PSA wrapped sign: SECP192K1
depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192K1_ENABLED
pk_psa_sign:MBEDTLS_ECP_DP_SECP192K1:PSA_ECC_FAMILY_SECP_K1:192 pk_psa_sign:MBEDTLS_ECP_DP_SECP192K1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192
## Currently buggy: https://github.com/ARMmbed/mbed-crypto/issues/336 ## Currently buggy: https://github.com/ARMmbed/mbed-crypto/issues/336
# PSA wrapped sign: SECP224K1 # PSA wrapped sign: SECP224K1
# depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED # depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP224K1_ENABLED
# pk_psa_sign:MBEDTLS_ECP_DP_SECP224K1:PSA_ECC_FAMILY_SECP_K1:224 # pk_psa_sign:MBEDTLS_ECP_DP_SECP224K1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224
PSA wrapped sign: SECP256K1 PSA wrapped sign: SECP256K1
depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256K1_ENABLED
pk_psa_sign:MBEDTLS_ECP_DP_SECP256K1:PSA_ECC_FAMILY_SECP_K1:256 pk_psa_sign:MBEDTLS_ECP_DP_SECP256K1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256
PSA wrapped sign: BP256R1 PSA wrapped sign: BP256R1
depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_BP256R1_ENABLED
pk_psa_sign:MBEDTLS_ECP_DP_BP256R1:PSA_ECC_FAMILY_BRAINPOOL_P_R1:256 pk_psa_sign:MBEDTLS_ECP_DP_BP256R1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256
PSA wrapped sign: BP384R1 PSA wrapped sign: BP384R1
depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_BP384R1_ENABLED
pk_psa_sign:MBEDTLS_ECP_DP_BP384R1:PSA_ECC_FAMILY_BRAINPOOL_P_R1:384 pk_psa_sign:MBEDTLS_ECP_DP_BP384R1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384
PSA wrapped sign: BP512R1 PSA wrapped sign: BP512R1
depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_BP512R1_ENABLED
pk_psa_sign:MBEDTLS_ECP_DP_BP512R1:PSA_ECC_FAMILY_BRAINPOOL_P_R1:512 pk_psa_sign:MBEDTLS_ECP_DP_BP512R1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512
PSA wrapped sign: RSA PKCS1 v1.5
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_GENPRIME
pk_psa_sign:1024:PSA_KEY_TYPE_RSA_KEY_PAIR:1024
PK Sign ext:RSA2048,PK_RSA,MD_SHA256 PK Sign ext:RSA2048,PK_RSA,MD_SHA256
depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_RSA_C depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C:MBEDTLS_RSA_C

117
tests/suites/test_suite_pk.function
View File

@ -88,11 +88,11 @@ size_t mbedtls_rsa_key_len_func( void *ctx )
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
/* /*
* Generate a key using PSA and return the key identifier of that key, * Generate an ECC key using PSA and return the key identifier of that key,
* or 0 if the key generation failed. * or 0 if the key generation failed.
* The key uses NIST P-256 and is usable for signing with SHA-256. * The key uses NIST P-256 and is usable for signing with SHA-256.
*/ */
mbedtls_svc_key_id_t pk_psa_genkey( void ) mbedtls_svc_key_id_t pk_psa_genkey_ecc( void )
{ {
mbedtls_svc_key_id_t key; mbedtls_svc_key_id_t key;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@ -106,6 +106,27 @@ mbedtls_svc_key_id_t pk_psa_genkey( void )
psa_set_key_bits( &attributes, bits ); psa_set_key_bits( &attributes, bits );
PSA_ASSERT( psa_generate_key( &attributes, &key ) ); PSA_ASSERT( psa_generate_key( &attributes, &key ) );
exit:
return( key );
}
/*
* Generate an RSA key using PSA and return the key identifier of that key,
* or 0 if the key generation failed.
*/
mbedtls_svc_key_id_t pk_psa_genkey_rsa( void )
{
mbedtls_svc_key_id_t key;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
const psa_key_type_t type = PSA_KEY_TYPE_RSA_KEY_PAIR;
const size_t bits = 1024;
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH );
psa_set_key_algorithm( &attributes, PSA_ALG_RSA_PKCS1V15_SIGN_RAW );
psa_set_key_type( &attributes, type );
psa_set_key_bits( &attributes, bits );
PSA_ASSERT( psa_generate_key( &attributes, &key ) );
exit: exit:
return( key ); return( key );
} }
@ -117,15 +138,15 @@ exit:
* END_DEPENDENCIES * END_DEPENDENCIES
*/ */
/* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */ /* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO */
void pk_psa_utils( ) void pk_psa_utils( int key_is_rsa )
{ {
mbedtls_pk_context pk, pk2; mbedtls_pk_context pk, pk2;
mbedtls_svc_key_id_t key; mbedtls_svc_key_id_t key;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
const char * const name = "Opaque"; const char * const name = "Opaque";
const size_t bitlen = 256; /* harcoded in genkey() */ size_t bitlen;
mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE; mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE;
unsigned char b1[1], b2[1]; unsigned char b1[1], b2[1];
@ -145,7 +166,16 @@ void pk_psa_utils( )
mbedtls_pk_free( &pk ); mbedtls_pk_free( &pk );
mbedtls_pk_init( &pk ); mbedtls_pk_init( &pk );
key = pk_psa_genkey(); if( key_is_rsa )
{
bitlen = 1024; /* harcoded in genkey() */
key = pk_psa_genkey_rsa();
}
else
{
bitlen = 256; /* harcoded in genkey() */
key = pk_psa_genkey_ecc();
}
if( mbedtls_svc_key_id_is_null( key ) ) if( mbedtls_svc_key_id_is_null( key ) )
goto exit; goto exit;
@ -157,9 +187,18 @@ void pk_psa_utils( )
TEST_ASSERT( mbedtls_pk_get_bitlen( &pk ) == bitlen ); TEST_ASSERT( mbedtls_pk_get_bitlen( &pk ) == bitlen );
TEST_ASSERT( mbedtls_pk_get_len( &pk ) == bitlen / 8 ); TEST_ASSERT( mbedtls_pk_get_len( &pk ) == bitlen / 8 );
TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECKEY ) == 1 ); if( key_is_rsa )
TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECDSA ) == 1 ); {
TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_RSA ) == 0 ); TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECKEY ) == 0 );
TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECDSA ) == 0 );
TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_RSA ) == 1 );
}
else
{
TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECKEY ) == 1 );
TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECDSA ) == 1 );
TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_RSA ) == 0 );
}
/* unsupported operations: verify, decrypt, encrypt */ /* unsupported operations: verify, decrypt, encrypt */
TEST_ASSERT( mbedtls_pk_verify( &pk, md_alg, TEST_ASSERT( mbedtls_pk_verify( &pk, md_alg,
@ -175,8 +214,12 @@ void pk_psa_utils( )
== MBEDTLS_ERR_PK_TYPE_MISMATCH ); == MBEDTLS_ERR_PK_TYPE_MISMATCH );
/* unsupported functions: check_pair, debug */ /* unsupported functions: check_pair, debug */
TEST_ASSERT( mbedtls_pk_setup( &pk2, if( key_is_rsa )
mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == 0 ); TEST_ASSERT( mbedtls_pk_setup( &pk2,
mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
else
TEST_ASSERT( mbedtls_pk_setup( &pk2,
mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == 0 );
TEST_ASSERT( mbedtls_pk_check_pair( &pk, &pk2, TEST_ASSERT( mbedtls_pk_check_pair( &pk, &pk2,
mbedtls_test_rnd_std_rand, NULL ) mbedtls_test_rnd_std_rand, NULL )
== MBEDTLS_ERR_PK_TYPE_MISMATCH ); == MBEDTLS_ERR_PK_TYPE_MISMATCH );
@ -1006,14 +1049,13 @@ exit:
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_ECDSA_C */ /* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_USE_PSA_CRYPTO */
void pk_psa_sign( int grpid_arg, void pk_psa_sign( int parameter_arg,
int psa_curve_arg, int expected_bits_arg ) int psa_type_arg, int expected_bits_arg )
{ {
mbedtls_ecp_group_id grpid = grpid_arg;
mbedtls_pk_context pk; mbedtls_pk_context pk;
unsigned char hash[32]; unsigned char hash[32];
unsigned char sig[MBEDTLS_ECDSA_MAX_LEN]; unsigned char sig[MBEDTLS_PK_SIGNATURE_MAX_SIZE];
unsigned char pkey_legacy[200]; unsigned char pkey_legacy[200];
unsigned char pkey_psa[200]; unsigned char pkey_psa[200];
unsigned char *pkey_legacy_start, *pkey_psa_start; unsigned char *pkey_legacy_start, *pkey_psa_start;
@ -1021,12 +1063,12 @@ void pk_psa_sign( int grpid_arg,
int ret; int ret;
mbedtls_svc_key_id_t key_id; mbedtls_svc_key_id_t key_id;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_type_t expected_type = PSA_KEY_TYPE_ECC_KEY_PAIR( psa_curve_arg ); psa_key_type_t expected_type = psa_type_arg;
size_t expected_bits = expected_bits_arg; size_t expected_bits = expected_bits_arg;
/* /*
* This tests making signatures with a wrapped PSA key: * This tests making signatures with a wrapped PSA key:
* - generate a fresh ECP legacy PK context * - generate a fresh ECP/RSA legacy PK context
* - wrap it in a PK context and make a signature this way * - wrap it in a PK context and make a signature this way
* - extract the public key * - extract the public key
* - parse it to a PK context and verify the signature this way * - parse it to a PK context and verify the signature this way
@ -1034,13 +1076,38 @@ void pk_psa_sign( int grpid_arg,
PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_crypto_init( ) );
/* Create legacy EC public/private key in PK context. */ #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
mbedtls_pk_init( &pk ); if( PSA_KEY_TYPE_IS_RSA( psa_type_arg ) )
TEST_ASSERT( mbedtls_pk_setup( &pk, {
mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == 0 ); /* Create legacy RSA public/private key in PK context. */
TEST_ASSERT( mbedtls_ecp_gen_key( grpid, mbedtls_pk_init( &pk );
(mbedtls_ecp_keypair*) pk.pk_ctx, TEST_ASSERT( mbedtls_pk_setup( &pk,
mbedtls_test_rnd_std_rand, NULL ) == 0 ); mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
TEST_ASSERT( mbedtls_rsa_gen_key( mbedtls_pk_rsa( pk ),
mbedtls_test_rnd_std_rand, NULL,
parameter_arg, 3 ) == 0 );
}
else
#endif /* MBEDTLS_RSA_C && MBEDTLS_GENPRIME */
#if defined(MBEDTLS_ECDSA_C)
if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( psa_type_arg ) )
{
mbedtls_ecp_group_id grpid = parameter_arg;
/* Create legacy EC public/private key in PK context. */
mbedtls_pk_init( &pk );
TEST_ASSERT( mbedtls_pk_setup( &pk,
mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == 0 );
TEST_ASSERT( mbedtls_ecp_gen_key( grpid,
(mbedtls_ecp_keypair*) pk.pk_ctx,
mbedtls_test_rnd_std_rand, NULL ) == 0 );
}
else
#endif /* MBEDTLS_ECDSA_C */
{
(void) parameter_arg;
TEST_ASSUME( ! "Opaque PK key not supported in this configuration" );
}
/* Export underlying public key for re-importing in a legacy context. */ /* Export underlying public key for re-importing in a legacy context. */
ret = mbedtls_pk_write_pubkey_der( &pk, pkey_legacy, ret = mbedtls_pk_write_pubkey_der( &pk, pkey_legacy,