mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-01-30 06:33:06 +00:00
pk: pk_copy_from_psa() performs the conversion even if the algorithm doesn't match
This commit also: - fixes existing tests and add new ones - updates documentation. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
Valerio Setti
parent
1015985d8a
commit
a657ae388a
@ -394,7 +394,7 @@ int mbedtls_pk_setup_opaque(mbedtls_pk_context *ctx,
|
||||
/**
|
||||
* \brief Create a PK context starting from a key stored in PSA.
|
||||
* This key:
|
||||
* - must be exportabel and
|
||||
* - must be exportable and
|
||||
* - must be a either an RSA or EC key (DH is not managed in PK) and
|
||||
* - must be either a key pair or a public key.
|
||||
*
|
||||
@ -407,19 +407,16 @@ int mbedtls_pk_setup_opaque(mbedtls_pk_context *ctx,
|
||||
* from.
|
||||
* Calling mbedtls_pk_sign(), mbedtls_pk_verify(),
|
||||
* mbedtls_pk_encrypt(), mbedtls_pk_decrypt() on the resulting
|
||||
* PK context will perform an algorithm that is compatible with
|
||||
* the PSA key's primary algorithm policy if that is a matching
|
||||
* operation type (sign/verify, encrypt/decrypt), but with no
|
||||
* restriction on the hash (as if the policy had
|
||||
* #PSA_ALG_ANY_HASH instead of a specific hash, and with
|
||||
* #PSA_ALG_RSA_PKCS1V15_SIGN_RAW merged with
|
||||
* #PSA_ALG_RSA_PKCS1V15_SIGN(\c hash_alg)).
|
||||
* PK context will perform the corresponding algorithm for that
|
||||
* PK context type.
|
||||
* * For ECDSA, the choice of deterministic vs randomized will
|
||||
* be based on the compile-time setting #MBEDTLS_ECDSA_DETERMINISTIC.
|
||||
* * For an RSA key, the output key will allow both encrypt/decrypt
|
||||
* and sign/verify regardless of the original key's policy.
|
||||
* * For an RSA key, the output PK context will allow both
|
||||
* encrypt/decrypt and sign/verify regardless of the original
|
||||
* key's policy.
|
||||
* The original key's policy determines the output key's padding
|
||||
* mode.
|
||||
* mode: PCKS1 v2.1 is set if the PSA key policy is OAEP or PSS,
|
||||
* otherwise PKCS1 v1.5 is set.
|
||||
*
|
||||
* \param key_id The key identifier of the key stored in PSA.
|
||||
* \param pk The PK context that will be filled. It must be initialized,
|
||||
|
||||
15
library/pk.c
15
library/pk.c
@ -27,7 +27,7 @@
|
||||
#include "mbedtls/ecdsa.h"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_C)
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_CLIENT)
|
||||
#include "psa_util_internal.h"
|
||||
#include "mbedtls/psa_util.h"
|
||||
#endif
|
||||
@ -1413,12 +1413,6 @@ int mbedtls_pk_copy_from_psa(mbedtls_svc_key_id_t key_id, mbedtls_pk_context *pk
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
if ((key_type == PSA_KEY_TYPE_RSA_KEY_PAIR) ||
|
||||
(key_type == PSA_KEY_TYPE_RSA_PUBLIC_KEY)) {
|
||||
if (!PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg_type) &&
|
||||
(alg_type != PSA_ALG_RSA_PKCS1V15_CRYPT) &&
|
||||
!PSA_ALG_IS_RSA_OAEP(alg_type) &&
|
||||
!PSA_ALG_IS_RSA_PSS(alg_type)) {
|
||||
return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
|
||||
}
|
||||
|
||||
ret = mbedtls_pk_setup(pk, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA));
|
||||
if (ret != 0) {
|
||||
@ -1435,7 +1429,7 @@ int mbedtls_pk_copy_from_psa(mbedtls_svc_key_id_t key_id, mbedtls_pk_context *pk
|
||||
}
|
||||
|
||||
mbedtls_md_type_t md_type = MBEDTLS_MD_NONE;
|
||||
if ((alg_type != PSA_ALG_RSA_PKCS1V15_CRYPT) &&
|
||||
if ((PSA_ALG_GET_HASH(alg_type) != PSA_ALG_NONE) &&
|
||||
(PSA_ALG_GET_HASH(alg_type) != PSA_ALG_ANY_HASH)) {
|
||||
md_type = mbedtls_md_type_from_psa_alg(alg_type);
|
||||
}
|
||||
@ -1455,11 +1449,6 @@ int mbedtls_pk_copy_from_psa(mbedtls_svc_key_id_t key_id, mbedtls_pk_context *pk
|
||||
PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(key_type)) {
|
||||
mbedtls_ecp_group_id grp_id;
|
||||
|
||||
if (!PSA_ALG_IS_ECDSA(alg_type)) {
|
||||
ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ret = mbedtls_pk_setup(pk, mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY));
|
||||
if (ret != 0) {
|
||||
goto exit;
|
||||
|
||||
@ -1495,6 +1495,18 @@ Copy from PSA: valid EC (SECP_K1_256 + ECDSA + SHA_256)
|
||||
depends_on:MBEDTLS_ECP_HAVE_SECP256K1:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256
|
||||
pk_copy_from_psa_success:"7154f04fcc79ac9df1652dcf99031610592b2b27f74f5985690a987357ba0428":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):PSA_ALG_ECDSA(PSA_ALG_SHA_256)
|
||||
|
||||
# The key's algorithm only allows ECDH, but pk_copy_from_psa() ignores this information
|
||||
# when building the PK context.
|
||||
Copy from PSA: valid EC, wrong alg (SECP_R1_256 + ECDH)
|
||||
depends_on:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256
|
||||
pk_copy_from_psa_success:"587CF7C57EB7C6254CBF80CC59846521B4FBCBA8BC4B362A9B043F0DEB49CCA1":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDH
|
||||
|
||||
# The key's algorithm is absolutely wrong for an EC key, but pk_copy_from_psa()
|
||||
# ignores this information when building the PK context.
|
||||
Copy from PSA: valid EC, wrong alg (SECP_R1_256 + CMAC)
|
||||
depends_on:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_PK_CAN_ECDSA_VERIFY
|
||||
pk_copy_from_psa_success:"587CF7C57EB7C6254CBF80CC59846521B4FBCBA8BC4B362A9B043F0DEB49CCA1":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_CMAC
|
||||
|
||||
Copy from PSA: valid RSA (PKCS1V15_SIGN + ANY_HASH)
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256
|
||||
pk_copy_from_psa_success:"308204a40201000282010100ef24d80f6b7a0f62ab2f750a8370c1c39781abe2f7ae5cbc698ebbc51067af68c8b02e5bfafe0b296a2fdca8ee5327bf3370bd26c529d173c4356d8ad51f606ac730e3be509d8535c9c51927222d6c4e770efec4d9b0bd11410e5e2e01e093700d358aab8292297483c65870ea6d4ca9299f4347790f6223480732726a97b34bb4d53cb3f188e3c97115b029fa9a2cce4c6d935977a90737ac8b2a2c5691ad928b22681ca05ee38ddba2278c854f51281c5e4856090aca59bf719a167e63bb932580ae2b599e1a297194696e637a919bc9d2caf214e59d46ed1a12e591b608f2031744111551430d9ac39082957ae1ce03a88068896701e6ce19a83890ff5761020301000102820100706fb53a02c13fcc9749d7d09a9e002c12e6bfc715c6a00961e3defab74cd896fe8c7f2f75e1cda3aa2e58a400718e65822d0671dd0f5d4ffdb7550a8a4b974c7cdccaa72745f864a2ba0daa6d9247b2d89d6f41644c89883c3b2222a5754e3cc7a91dcaa7b84acf6249763998aeccf558016e638352ad44835006f2ee94e691d0070ce561677f2a22a12f357bd762c57f80f1f4921f0f26b3ed758478d11086c182874355ef5039e8d854291b9ce7f8b284ec81f141b7255313507f5ea159d6b1c0ee176e7743d3c65d536e1e4aaf24089c1e00c8021012b8846a4971a0695030504ace362077e8b2fcb4fbdd70bfb734a3fe7d9e1a25bdd0cb0f2fcb56ecc502818100f8fdfbac1c033911b5a184980d081f700f4d450cebf18cbdc68f160a5abd580e6f8f5800fd0b60521dbe2d549e82617afe70d2ad004c2f45405d94e4418e8c2b8da6bcaa407bbfa5477b5a6fceccfcb99f51c6c16bd17202d997bdcaec83b870e3e101acc05e0754020ec207ef5ec9934ac81cd617af72cd94b2bb400eb2078302818100f5dfe74a548c04950178f50130d5aadbe5d1f4b52527c0bfad9aa0d73731fb24219cb5ea5c4b4fa56133d5ea9225fa7d0ccc9bdcc78b77303a2e73c17e9a46b9b09020604496a849f069d0d87713e06a5d374271b2629f5ba220506b606a101828d20da9fcfa3a7e75b135987260be6d37622fc3f4bf4fd2dfd9655da5ff0c4b02818100d4d797c959f0cf59fa1f65ceec64e32ad189c5daf3ddf9e747d28c8eb15e65e5812bd19896b6a0d1d126fe6cf54a92b5a6c71ef04feed001acb1d253044f2c3716d14f396201e6a30c65bfbb0fd65ebaf61bdb80ffff7c2c3f80dcf69813491907531231700770d0392a1066e411ecd201fce9d98149b32355572b85e889faad028181009d898bc165709d52f7b18f91e6bf508d3ab08ed12df04da0c2d40b7039ce4d72b61299c082c8424cdd7dfff71f13346ec12fac42069cc68e6108f86427012485bfaa6904258e3e5fb9a9a305bf2e3e21087eea94bcce51fabd63650397affd85ed49c1358480b3cfe90ad5234b4dcf555d220d26c9ff765ecfcc94152fd1be070281804bf77b4bae8386772de830cc75f2d1d4b8221b3f817208e08c002ac0549902677e4f0e7bce5ba1b3da74fbbe138758e6853b4a5b7bf0672bc1170c64fa502a5e24e3472db433b4e30761eab6ebb9e207235fd88b97b1b30e14f364b628219d6e17056543a4e29a4de1e41ad37927ce23d0442623744bc35a1874296960029044":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH)
|
||||
@ -1542,3 +1554,9 @@ pk_copy_from_psa_success:"308204a40201000282010100ef24d80f6b7a0f62ab2f750a8370c1
|
||||
Copy from PSA: valid RSA (PSS + SHA_512)
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA512
|
||||
pk_copy_from_psa_success:"308204a40201000282010100ef24d80f6b7a0f62ab2f750a8370c1c39781abe2f7ae5cbc698ebbc51067af68c8b02e5bfafe0b296a2fdca8ee5327bf3370bd26c529d173c4356d8ad51f606ac730e3be509d8535c9c51927222d6c4e770efec4d9b0bd11410e5e2e01e093700d358aab8292297483c65870ea6d4ca9299f4347790f6223480732726a97b34bb4d53cb3f188e3c97115b029fa9a2cce4c6d935977a90737ac8b2a2c5691ad928b22681ca05ee38ddba2278c854f51281c5e4856090aca59bf719a167e63bb932580ae2b599e1a297194696e637a919bc9d2caf214e59d46ed1a12e591b608f2031744111551430d9ac39082957ae1ce03a88068896701e6ce19a83890ff5761020301000102820100706fb53a02c13fcc9749d7d09a9e002c12e6bfc715c6a00961e3defab74cd896fe8c7f2f75e1cda3aa2e58a400718e65822d0671dd0f5d4ffdb7550a8a4b974c7cdccaa72745f864a2ba0daa6d9247b2d89d6f41644c89883c3b2222a5754e3cc7a91dcaa7b84acf6249763998aeccf558016e638352ad44835006f2ee94e691d0070ce561677f2a22a12f357bd762c57f80f1f4921f0f26b3ed758478d11086c182874355ef5039e8d854291b9ce7f8b284ec81f141b7255313507f5ea159d6b1c0ee176e7743d3c65d536e1e4aaf24089c1e00c8021012b8846a4971a0695030504ace362077e8b2fcb4fbdd70bfb734a3fe7d9e1a25bdd0cb0f2fcb56ecc502818100f8fdfbac1c033911b5a184980d081f700f4d450cebf18cbdc68f160a5abd580e6f8f5800fd0b60521dbe2d549e82617afe70d2ad004c2f45405d94e4418e8c2b8da6bcaa407bbfa5477b5a6fceccfcb99f51c6c16bd17202d997bdcaec83b870e3e101acc05e0754020ec207ef5ec9934ac81cd617af72cd94b2bb400eb2078302818100f5dfe74a548c04950178f50130d5aadbe5d1f4b52527c0bfad9aa0d73731fb24219cb5ea5c4b4fa56133d5ea9225fa7d0ccc9bdcc78b77303a2e73c17e9a46b9b09020604496a849f069d0d87713e06a5d374271b2629f5ba220506b606a101828d20da9fcfa3a7e75b135987260be6d37622fc3f4bf4fd2dfd9655da5ff0c4b02818100d4d797c959f0cf59fa1f65ceec64e32ad189c5daf3ddf9e747d28c8eb15e65e5812bd19896b6a0d1d126fe6cf54a92b5a6c71ef04feed001acb1d253044f2c3716d14f396201e6a30c65bfbb0fd65ebaf61bdb80ffff7c2c3f80dcf69813491907531231700770d0392a1066e411ecd201fce9d98149b32355572b85e889faad028181009d898bc165709d52f7b18f91e6bf508d3ab08ed12df04da0c2d40b7039ce4d72b61299c082c8424cdd7dfff71f13346ec12fac42069cc68e6108f86427012485bfaa6904258e3e5fb9a9a305bf2e3e21087eea94bcce51fabd63650397affd85ed49c1358480b3cfe90ad5234b4dcf555d220d26c9ff765ecfcc94152fd1be070281804bf77b4bae8386772de830cc75f2d1d4b8221b3f817208e08c002ac0549902677e4f0e7bce5ba1b3da74fbbe138758e6853b4a5b7bf0672bc1170c64fa502a5e24e3472db433b4e30761eab6ebb9e207235fd88b97b1b30e14f364b628219d6e17056543a4e29a4de1e41ad37927ce23d0442623744bc35a1874296960029044":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512)
|
||||
|
||||
# Key's algorithm is wrong for an RSA key, but pk_copy_from_psa() ignores
|
||||
# this information when building the PK context.
|
||||
Copy from PSA: valid RSA, wrong alg (CMAC)
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||
pk_copy_from_psa_success:"308204a40201000282010100ef24d80f6b7a0f62ab2f750a8370c1c39781abe2f7ae5cbc698ebbc51067af68c8b02e5bfafe0b296a2fdca8ee5327bf3370bd26c529d173c4356d8ad51f606ac730e3be509d8535c9c51927222d6c4e770efec4d9b0bd11410e5e2e01e093700d358aab8292297483c65870ea6d4ca9299f4347790f6223480732726a97b34bb4d53cb3f188e3c97115b029fa9a2cce4c6d935977a90737ac8b2a2c5691ad928b22681ca05ee38ddba2278c854f51281c5e4856090aca59bf719a167e63bb932580ae2b599e1a297194696e637a919bc9d2caf214e59d46ed1a12e591b608f2031744111551430d9ac39082957ae1ce03a88068896701e6ce19a83890ff5761020301000102820100706fb53a02c13fcc9749d7d09a9e002c12e6bfc715c6a00961e3defab74cd896fe8c7f2f75e1cda3aa2e58a400718e65822d0671dd0f5d4ffdb7550a8a4b974c7cdccaa72745f864a2ba0daa6d9247b2d89d6f41644c89883c3b2222a5754e3cc7a91dcaa7b84acf6249763998aeccf558016e638352ad44835006f2ee94e691d0070ce561677f2a22a12f357bd762c57f80f1f4921f0f26b3ed758478d11086c182874355ef5039e8d854291b9ce7f8b284ec81f141b7255313507f5ea159d6b1c0ee176e7743d3c65d536e1e4aaf24089c1e00c8021012b8846a4971a0695030504ace362077e8b2fcb4fbdd70bfb734a3fe7d9e1a25bdd0cb0f2fcb56ecc502818100f8fdfbac1c033911b5a184980d081f700f4d450cebf18cbdc68f160a5abd580e6f8f5800fd0b60521dbe2d549e82617afe70d2ad004c2f45405d94e4418e8c2b8da6bcaa407bbfa5477b5a6fceccfcb99f51c6c16bd17202d997bdcaec83b870e3e101acc05e0754020ec207ef5ec9934ac81cd617af72cd94b2bb400eb2078302818100f5dfe74a548c04950178f50130d5aadbe5d1f4b52527c0bfad9aa0d73731fb24219cb5ea5c4b4fa56133d5ea9225fa7d0ccc9bdcc78b77303a2e73c17e9a46b9b09020604496a849f069d0d87713e06a5d374271b2629f5ba220506b606a101828d20da9fcfa3a7e75b135987260be6d37622fc3f4bf4fd2dfd9655da5ff0c4b02818100d4d797c959f0cf59fa1f65ceec64e32ad189c5daf3ddf9e747d28c8eb15e65e5812bd19896b6a0d1d126fe6cf54a92b5a6c71ef04feed001acb1d253044f2c3716d14f396201e6a30c65bfbb0fd65ebaf61bdb80ffff7c2c3f80dcf69813491907531231700770d0392a1066e411ecd201fce9d98149b32355572b85e889faad028181009d898bc165709d52f7b18f91e6bf508d3ab08ed12df04da0c2d40b7039ce4d72b61299c082c8424cdd7dfff71f13346ec12fac42069cc68e6108f86427012485bfaa6904258e3e5fb9a9a305bf2e3e21087eea94bcce51fabd63650397affd85ed49c1358480b3cfe90ad5234b4dcf555d220d26c9ff765ecfcc94152fd1be070281804bf77b4bae8386772de830cc75f2d1d4b8221b3f817208e08c002ac0549902677e4f0e7bce5ba1b3da74fbbe138758e6853b4a5b7bf0672bc1170c64fa502a5e24e3472db433b4e30761eab6ebb9e207235fd88b97b1b30e14f364b628219d6e17056543a4e29a4de1e41ad37927ce23d0442623744bc35a1874296960029044":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_CMAC
|
||||
|
||||
@ -2360,13 +2360,27 @@ void pk_copy_from_psa_success(data_t *priv_key_data, int key_type_arg,
|
||||
pub_key_id = psa_pub_key_from_priv(priv_key_id);
|
||||
TEST_EQUAL(mbedtls_pk_copy_from_psa(pub_key_id, &pk_pub), 0);
|
||||
|
||||
/* Test #1: check that the generated PK contexts are of the correct type. */
|
||||
/* Test #1:
|
||||
* - check that the generated PK contexts are of the correct type.
|
||||
* - [only for RSA] check that the padding mode is correct.
|
||||
*/
|
||||
if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(key_type)) {
|
||||
TEST_EQUAL(mbedtls_pk_get_type(&pk_priv), MBEDTLS_PK_ECKEY);
|
||||
TEST_EQUAL(mbedtls_pk_get_type(&pk_pub), MBEDTLS_PK_ECKEY);
|
||||
} else {
|
||||
TEST_EQUAL(mbedtls_pk_get_type(&pk_priv), MBEDTLS_PK_RSA);
|
||||
TEST_EQUAL(mbedtls_pk_get_type(&pk_pub), MBEDTLS_PK_RSA);
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
mbedtls_rsa_context *rsa_priv = mbedtls_pk_rsa(pk_priv);
|
||||
mbedtls_rsa_context *rsa_pub = mbedtls_pk_rsa(pk_pub);
|
||||
if (PSA_ALG_IS_RSA_OAEP(key_alg) || PSA_ALG_IS_RSA_PSS(key_alg)) {
|
||||
TEST_EQUAL(mbedtls_rsa_get_padding_mode(rsa_priv), MBEDTLS_RSA_PKCS_V21);
|
||||
TEST_EQUAL(mbedtls_rsa_get_padding_mode(rsa_pub), MBEDTLS_RSA_PKCS_V21);
|
||||
} else {
|
||||
TEST_EQUAL(mbedtls_rsa_get_padding_mode(rsa_priv), MBEDTLS_RSA_PKCS_V15);
|
||||
TEST_EQUAL(mbedtls_rsa_get_padding_mode(rsa_pub), MBEDTLS_RSA_PKCS_V15);
|
||||
}
|
||||
#endif /* MBEDTLS_RSA_C */
|
||||
}
|
||||
|
||||
/* Test #2: check that the 2 generated PK contexts form a valid private/public key pair. */
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user