diff --git a/tf-psa-crypto/core/psa_crypto.c b/tf-psa-crypto/core/psa_crypto.c index d1c93fd215..c110ad2a21 100644 --- a/tf-psa-crypto/core/psa_crypto.c +++ b/tf-psa-crypto/core/psa_crypto.c @@ -8085,6 +8085,112 @@ psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, key); } +#if defined(MBEDTLS_ECP_RESTARTABLE) +static psa_status_t psa_generate_key_iop_abort_internal( + psa_generate_key_iop_t *operation) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + + if (operation->id == 0) { + return PSA_SUCCESS; + } + + status = mbedtls_psa_generate_key_iop_abort(&operation->ctx); + + operation->id = 0; + + return status; +} +#endif + +uint32_t psa_generate_key_iop_get_num_ops( + psa_generate_key_iop_t *operation) +{ + (void) operation; + return 0; +} + +psa_status_t psa_generate_key_iop_setup( + psa_generate_key_iop_t *operation, + const psa_key_attributes_t *attributes) +{ +#if defined(MBEDTLS_ECP_RESTARTABLE) + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_type_t type; + + if (operation->id != 0 || operation->error_occurred) { + status = PSA_ERROR_BAD_STATE; + goto exit; + } + + type = psa_get_key_type(attributes); + + if (!PSA_KEY_TYPE_IS_ECC(type)) { + status = PSA_ERROR_NOT_SUPPORTED; + goto exit; + } + + if (psa_get_key_bits(attributes) == 0) { + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; + } + + if (PSA_KEY_TYPE_IS_PUBLIC_KEY(type)) { + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; + } + + operation->attributes = *attributes; + + operation->num_ops = 0; + + /* To be removed later when driver dispatch is added. */ + operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; + + status = mbedtls_psa_generate_key_iop_setup(&operation->ctx, attributes); + +exit: + if (status != PSA_SUCCESS) { + operation->error_occurred = 1; + psa_generate_key_iop_abort_internal(operation); + } + + return status; +#else + (void) operation; + (void) attributes; + return PSA_ERROR_NOT_SUPPORTED; +#endif +} + +psa_status_t psa_generate_key_iop_complete( + psa_generate_key_iop_t *operation, + psa_key_id_t *key) +{ + (void) operation; + (void) key; + + return PSA_ERROR_NOT_SUPPORTED; +} + +psa_status_t psa_generate_key_iop_abort( + psa_generate_key_iop_t *operation) +{ +#if defined(MBEDTLS_ECP_RESTARTABLE) + psa_status_t status; + + status = psa_generate_key_iop_abort_internal(operation); + + operation->error_occurred = 0; + operation->num_ops = 0; + return status; +#else + (void) operation; + return PSA_SUCCESS; +#endif +} + + /****************************************************************/ /* Module setup */ /****************************************************************/ diff --git a/tf-psa-crypto/core/psa_crypto_core.h b/tf-psa-crypto/core/psa_crypto_core.h index 21e7559f01..7447c4399d 100644 --- a/tf-psa-crypto/core/psa_crypto_core.h +++ b/tf-psa-crypto/core/psa_crypto_core.h @@ -431,6 +431,50 @@ psa_status_t psa_generate_key_internal(const psa_key_attributes_t *attributes, size_t key_buffer_size, size_t *key_buffer_length); +/** + * \brief Setup a new interruptible key generation operation. + * + * \note The signature of this function is that of a PSA driver + * generate_key_setup entry point. This function behaves as a + * generate_key_setup entry point as defined in the PSA driver interface + * specification for transparent drivers. + * + * \param[in] operation The \c mbedtls_psa_generate_key_iop_t to use. + * This must be initialized first. + * \param[in] attributes The desired attributes of the generated key. + * + * \retval #PSA_SUCCESS + * The operation started successfully - call \c mbedtls_psa_generate_key_complete() + * with the same operation to complete the operation. + * * \retval #PSA_ERROR_NOT_SUPPORTED + * Either no internal interruptible operations are + * currently supported, or the key attributes are not unsupported. + * * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * There was insufficient memory to load the key representation. + * + */ +psa_status_t mbedtls_psa_generate_key_iop_setup( + mbedtls_psa_generate_key_iop_t *operation, + const psa_key_attributes_t *attributes); + +/** + * \brief Abort a key generation operation. + * + * \note The signature of this function is that of a PSA driver + * generate_key_abort entry point. This function behaves as a + * generate_key_abort entry point as defined in the PSA driver + * interface specification for transparent drivers. + * + * \param[in] operation The \c mbedtls_psa_generate_key_iop_t to abort. + * + * \retval #PSA_SUCCESS + * The operation was aborted successfully. + * + */ +psa_status_t mbedtls_psa_generate_key_iop_abort( + mbedtls_psa_generate_key_iop_t *operation); + + /** Sign a message with a private key. For hash-and-sign algorithms, * this includes the hashing step. * diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/bignum.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/bignum.h index 8367cd34e6..22d5d84840 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/bignum.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/bignum.h @@ -238,6 +238,8 @@ typedef struct mbedtls_mpi { } mbedtls_mpi; +#define MBEDTLS_MPI_INIT { 0, 0, 0 } + /** * \brief Initialize an MPI context. * diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/ecp.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/ecp.h index 7b0a80d93e..b3406142fe 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/ecp.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/ecp.h @@ -162,6 +162,8 @@ typedef struct mbedtls_ecp_point { } mbedtls_ecp_point; +#define MBEDTLS_ECP_POINT_INIT { MBEDTLS_MPI_INIT, MBEDTLS_MPI_INIT, MBEDTLS_MPI_INIT } + /** * \brief The ECP group structure. * @@ -250,6 +252,9 @@ typedef struct mbedtls_ecp_group { } mbedtls_ecp_group; +#define MBEDTLS_ECP_GROUP_INIT { MBEDTLS_ECP_DP_NONE, MBEDTLS_MPI_INIT, MBEDTLS_MPI_INIT, \ + MBEDTLS_MPI_INIT, MBEDTLS_ECP_POINT_INIT, MBEDTLS_MPI_INIT, \ + 0, 0, 0, NULL, NULL, NULL, NULL, NULL, 0 } /** * \name SECTION: Module settings * @@ -419,6 +424,9 @@ typedef struct mbedtls_ecp_keypair { } mbedtls_ecp_keypair; +#define MBEDTLS_ECP_KEYPAIR_INIT { MBEDTLS_ECP_GROUP_INIT, MBEDTLS_MPI_INIT, \ + MBEDTLS_ECP_POINT_INIT } + /** * The uncompressed point format for Short Weierstrass curves * (MBEDTLS_ECP_DP_SECP_XXX and MBEDTLS_ECP_DP_BP_XXX). diff --git a/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.c b/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.c index 749e11be03..33a97973c9 100644 --- a/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.c +++ b/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.c @@ -596,41 +596,38 @@ exit: /* Interruptible ECC Key Generation */ /****************************************************************/ -uint32_t psa_generate_key_iop_get_num_ops( - psa_generate_key_iop_t *operation) -{ - (void) operation; - return 0; -} +#if defined(MBEDTLS_ECP_RESTARTABLE) && defined(MBEDTLS_ECP_C) -psa_status_t psa_generate_key_iop_setup( - psa_generate_key_iop_t *operation, +psa_status_t mbedtls_psa_generate_key_iop_setup( + mbedtls_psa_generate_key_iop_t *operation, const psa_key_attributes_t *attributes) { - (void) operation; - (void) attributes; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - return PSA_ERROR_NOT_SUPPORTED; + mbedtls_ecp_keypair_init(&operation->ecp); + + psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY( + psa_get_key_type(attributes)); + mbedtls_ecp_group_id grp_id = + mbedtls_ecc_group_from_psa(curve, psa_get_key_bits(attributes)); + if (grp_id == MBEDTLS_ECP_DP_NONE) { + return PSA_ERROR_NOT_SUPPORTED; + } + + status = mbedtls_ecp_group_load(&operation->ecp.grp, grp_id); + + return mbedtls_to_psa_error(status); } -psa_status_t psa_generate_key_iop_complete( - psa_generate_key_iop_t *operation, - psa_key_id_t *key) +psa_status_t mbedtls_psa_generate_key_iop_abort( + mbedtls_psa_generate_key_iop_t *operation) { - (void) operation; - (void) key; - - return PSA_ERROR_NOT_SUPPORTED; -} - -psa_status_t psa_generate_key_iop_abort( - psa_generate_key_iop_t *operation) -{ - (void) operation; - - return PSA_ERROR_NOT_SUPPORTED; + mbedtls_ecp_keypair_free(&operation->ecp); + operation->num_ops = 0; + return PSA_SUCCESS; } +#endif /****************************************************************/ /* Interruptible ECC Key Agreement */ /****************************************************************/ diff --git a/tf-psa-crypto/include/psa/crypto_builtin_composites.h b/tf-psa-crypto/include/psa/crypto_builtin_composites.h index c14f5dd110..c9c0c6b870 100644 --- a/tf-psa-crypto/include/psa/crypto_builtin_composites.h +++ b/tf-psa-crypto/include/psa/crypto_builtin_composites.h @@ -211,4 +211,20 @@ typedef struct { #define MBEDTLS_PSA_PAKE_OPERATION_INIT { { 0 } } +typedef struct { +#if defined(MBEDTLS_ECP_C) + mbedtls_ecp_keypair MBEDTLS_PRIVATE(ecp); + uint32_t num_ops; +#else + /* Make the struct non-empty if algs not supported. */ + unsigned MBEDTLS_PRIVATE(dummy); +#endif +} mbedtls_psa_generate_key_iop_t; + +#if defined(MBEDTLS_ECP_C) +#define MBEDTLS_PSA_GENERATE_KEY_IOP_INIT { MBEDTLS_ECP_KEYPAIR_INIT, 0 } +#else +#define MBEDTLS_PSA_GENERATE_KEY_IOP_INIT { 0 } +#endif + #endif /* PSA_CRYPTO_BUILTIN_COMPOSITES_H */ diff --git a/tf-psa-crypto/include/psa/crypto_struct.h b/tf-psa-crypto/include/psa/crypto_struct.h index 2eec948119..76ef5c4394 100644 --- a/tf-psa-crypto/include/psa/crypto_struct.h +++ b/tf-psa-crypto/include/psa/crypto_struct.h @@ -542,14 +542,18 @@ struct psa_generate_key_iop_s { * any driver (i.e. none of the driver contexts are active). */ unsigned int MBEDTLS_PRIVATE(id); - + mbedtls_psa_generate_key_iop_t MBEDTLS_PRIVATE(ctx); + psa_key_attributes_t MBEDTLS_PRIVATE(attributes); + unsigned int MBEDTLS_PRIVATE(error_occurred) : 1; + uint32_t MBEDTLS_PRIVATE(num_ops); #endif }; #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C) #define PSA_GENERATE_KEY_IOP_INIT { 0 } #else -#define PSA_GENERATE_KEY_IOP_INIT { 0 } +#define PSA_GENERATE_KEY_IOP_INIT { 0, MBEDTLS_PSA_GENERATE_KEY_IOP_INIT, PSA_KEY_ATTRIBUTES_INIT, \ + 0, 0 } #endif static inline struct psa_generate_key_iop_s diff --git a/tf-psa-crypto/tests/suites/test_suite_psa_crypto.data b/tf-psa-crypto/tests/suites/test_suite_psa_crypto.data index e921c112da..e0a572e3cf 100644 --- a/tf-psa-crypto/tests/suites/test_suite_psa_crypto.data +++ b/tf-psa-crypto/tests/suites/test_suite_psa_crypto.data @@ -7488,6 +7488,14 @@ depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_ # doesn't fully relate the curve with its size. generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_ERROR_NOT_SUPPORTED:0 +PSA generate key: ECC, SECP256R1, zero bit size +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 +generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT:0 + +PSA generate key: ECC, SECP256R1, public key +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 +generate_key:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT:0 + PSA generate key: ECC, Curve25519, good depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_MONTGOMERY_255 generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_SUCCESS:0 diff --git a/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function b/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function index cee73b0861..cf035e1377 100644 --- a/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function +++ b/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function @@ -10096,6 +10096,7 @@ void generate_key(int type_arg, psa_status_t expected_status = expected_status_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_generate_key_iop_t operation = PSA_GENERATE_KEY_IOP_INIT; PSA_ASSERT(psa_crypto_init()); @@ -10111,21 +10112,40 @@ void generate_key(int type_arg, TEST_ASSUME(status != PSA_ERROR_INSUFFICIENT_MEMORY); } TEST_EQUAL(status, expected_status); + if (expected_status == PSA_SUCCESS) { + /* Test the key information */ + PSA_ASSERT(psa_get_key_attributes(key, &got_attributes)); + TEST_EQUAL(psa_get_key_type(&got_attributes), type); + TEST_EQUAL(psa_get_key_bits(&got_attributes), bits); + + /* Do something with the key according to its type and permitted usage. */ + TEST_EQUAL(mbedtls_test_psa_exercise_key(key, usage, alg, 0), 1); + } + + if (!PSA_KEY_TYPE_IS_ECC(type)) { + expected_status = PSA_ERROR_NOT_SUPPORTED; + } + +#if !defined(MBEDTLS_ECP_RESTARTABLE) + expected_status = PSA_ERROR_NOT_SUPPORTED; +#endif + + status = psa_generate_key_iop_setup(&operation, &attributes); + TEST_EQUAL(status, expected_status); if (expected_status != PSA_SUCCESS) { goto exit; } - /* Test the key information */ - PSA_ASSERT(psa_get_key_attributes(key, &got_attributes)); - TEST_EQUAL(psa_get_key_type(&got_attributes), type); - TEST_EQUAL(psa_get_key_bits(&got_attributes), bits); + status = psa_generate_key_iop_setup(&operation, &attributes); + TEST_EQUAL(status, PSA_ERROR_BAD_STATE); - /* Do something with the key according to its type and permitted usage. */ - if (!mbedtls_test_psa_exercise_key(key, usage, alg, 0)) { - goto exit; - } + status = psa_generate_key_iop_abort(&operation); + + status = psa_generate_key_iop_setup(&operation, &attributes); + TEST_EQUAL(status, PSA_SUCCESS); exit: + psa_generate_key_iop_abort(&operation); /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required.