1 /*
2 * Test driver for generating and verifying keys.
3 * Currently only supports generating and verifying ECC keys.
4 */
5 /* Copyright The Mbed TLS Contributors
6 * SPDX-License-Identifier: Apache-2.0
7 *
8 * Licensed under the Apache License, Version 2.0 (the "License"); you may
9 * not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
11 *
12 * http://www.apache.org/licenses/LICENSE-2.0
13 *
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 */
20
21 #include <test/helpers.h>
22
23 #if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
24 #include "psa/crypto.h"
25 #include "psa_crypto_core.h"
26 #include "psa_crypto_ecp.h"
27 #include "psa_crypto_rsa.h"
28 #include "mbedtls/ecp.h"
29 #include "mbedtls/error.h"
30
31 #include "test/drivers/key_management.h"
32 #include "test/random.h"
33
34 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
35 #include "libtestdriver1/library/psa_crypto_ecp.h"
36 #include "libtestdriver1/library/psa_crypto_rsa.h"
37 #endif
38
39 #include <string.h>
40
41 mbedtls_test_driver_key_management_hooks_t
42 mbedtls_test_driver_key_management_hooks = MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT;
43
44 const uint8_t mbedtls_test_driver_aes_key[16] =
45 { 0x36, 0x77, 0x39, 0x7A, 0x24, 0x43, 0x26, 0x46,
46 0x29, 0x4A, 0x40, 0x4E, 0x63, 0x52, 0x66, 0x55 };
47 const uint8_t mbedtls_test_driver_ecdsa_key[32] =
48 { 0xdc, 0x7d, 0x9d, 0x26, 0xd6, 0x7a, 0x4f, 0x63,
49 0x2c, 0x34, 0xc2, 0xdc, 0x0b, 0x69, 0x86, 0x18,
50 0x38, 0x82, 0xc2, 0x06, 0xdf, 0x04, 0xcd, 0xb7,
51 0xd6, 0x9a, 0xab, 0xe2, 0x8b, 0xe4, 0xf8, 0x1a };
52 const uint8_t mbedtls_test_driver_ecdsa_pubkey[65] =
53 { 0x04,
54 0x85, 0xf6, 0x4d, 0x89, 0xf0, 0x0b, 0xe6, 0x6c,
55 0x88, 0xdd, 0x93, 0x7e, 0xfd, 0x6d, 0x7c, 0x44,
56 0x56, 0x48, 0xdc, 0xb7, 0x01, 0x15, 0x0b, 0x8a,
57 0x95, 0x09, 0x29, 0x58, 0x50, 0xf4, 0x1c, 0x19,
58 0x31, 0xe5, 0x71, 0xfb, 0x8f, 0x8c, 0x78, 0x31,
59 0x7a, 0x20, 0xb3, 0x80, 0xe8, 0x66, 0x58, 0x4b,
60 0xbc, 0x25, 0x16, 0xc3, 0xd2, 0x70, 0x2d, 0x79,
61 0x2f, 0x13, 0x1a, 0x92, 0x20, 0x95, 0xfd, 0x6c };
62
mbedtls_test_transparent_init(void)63 psa_status_t mbedtls_test_transparent_init( void )
64 {
65 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
66
67 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
68 status = libtestdriver1_psa_crypto_init( );
69 if( status != PSA_SUCCESS )
70 return( status );
71 #endif
72
73 (void)status;
74 return( PSA_SUCCESS );
75 }
76
mbedtls_test_transparent_free(void)77 void mbedtls_test_transparent_free( void )
78 {
79 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
80 libtestdriver1_mbedtls_psa_crypto_free( );
81 #endif
82
83 return;
84 }
85
mbedtls_test_opaque_init(void)86 psa_status_t mbedtls_test_opaque_init( void )
87 {
88 return( PSA_SUCCESS );
89 }
90
mbedtls_test_opaque_free(void)91 void mbedtls_test_opaque_free( void )
92 {
93 return;
94 }
95
96 /*
97 * This macro returns the base size for the key context when SE does not
98 * support storage. It is the size of the metadata that gets added to the
99 * wrapped key. In its test functionality the metadata is just some padded
100 * prefixing to the key.
101 */
102 #define TEST_DRIVER_KEY_CONTEXT_BASE_SIZE \
103 PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX_SIZE
104
105
mbedtls_test_opaque_size_function(const psa_key_type_t key_type,const size_t key_bits)106 size_t mbedtls_test_opaque_size_function(
107 const psa_key_type_t key_type,
108 const size_t key_bits )
109 {
110 size_t key_buffer_size = 0;
111
112 key_buffer_size = PSA_EXPORT_KEY_OUTPUT_SIZE( key_type, key_bits );
113 if( key_buffer_size == 0 )
114 return( 0 );
115 /* Include spacing for base size overhead over the key size
116 * */
117 key_buffer_size += TEST_DRIVER_KEY_CONTEXT_BASE_SIZE;
118 return( key_buffer_size );
119 }
120
mbedtls_test_opaque_get_base_size()121 static size_t mbedtls_test_opaque_get_base_size()
122 {
123 return TEST_DRIVER_KEY_CONTEXT_BASE_SIZE;
124 }
125
126 /*
127 * The wrap function mbedtls_test_opaque_wrap_key pads and wraps the
128 * clear key. It expects the clear and wrap buffers to be passed in.
129 * key_length is the size of the clear key to be wrapped.
130 * wrapped_key_buffer_size is the size of the output buffer wrap_key.
131 * The argument wrapped_key_buffer_length is filled with the wrapped
132 * key_size on success.
133 * */
mbedtls_test_opaque_wrap_key(const uint8_t * key,size_t key_length,uint8_t * wrapped_key_buffer,size_t wrapped_key_buffer_size,size_t * wrapped_key_buffer_length)134 static psa_status_t mbedtls_test_opaque_wrap_key(
135 const uint8_t *key,
136 size_t key_length,
137 uint8_t *wrapped_key_buffer,
138 size_t wrapped_key_buffer_size,
139 size_t *wrapped_key_buffer_length )
140 {
141 size_t opaque_key_base_size = mbedtls_test_opaque_get_base_size();
142 uint64_t prefix = PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX;
143
144 if( key_length + opaque_key_base_size > wrapped_key_buffer_size )
145 return( PSA_ERROR_BUFFER_TOO_SMALL );
146
147 /* Write in the opaque pad prefix */
148 memcpy( wrapped_key_buffer, &prefix, opaque_key_base_size );
149 wrapped_key_buffer += opaque_key_base_size;
150 *wrapped_key_buffer_length = key_length + opaque_key_base_size;
151
152 while( key_length-- )
153 wrapped_key_buffer[key_length] = key[key_length] ^ 0xFF;
154 return( PSA_SUCCESS );
155 }
156
157 /*
158 * The unwrap function mbedtls_test_opaque_unwrap_key removes a pad prefix
159 * and unwraps the wrapped key. It expects the clear and wrap buffers to be
160 * passed in.
161 * wrapped_key_length is the size of the wrapped key,
162 * key_buffer_size is the size of the output buffer clear_key.
163 * The argument key_buffer_length is filled with the unwrapped(clear)
164 * key_size on success.
165 * */
mbedtls_test_opaque_unwrap_key(const uint8_t * wrapped_key,size_t wrapped_key_length,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length)166 static psa_status_t mbedtls_test_opaque_unwrap_key(
167 const uint8_t *wrapped_key,
168 size_t wrapped_key_length,
169 uint8_t *key_buffer,
170 size_t key_buffer_size,
171 size_t *key_buffer_length)
172 {
173 /* Remove the pad prefix from the wrapped key */
174 size_t opaque_key_base_size = mbedtls_test_opaque_get_base_size();
175 size_t clear_key_size;
176
177 /* Check for underflow */
178 if( wrapped_key_length < opaque_key_base_size )
179 return( PSA_ERROR_DATA_CORRUPT );
180 clear_key_size = wrapped_key_length - opaque_key_base_size;
181
182 wrapped_key += opaque_key_base_size;
183 if( clear_key_size > key_buffer_size )
184 return( PSA_ERROR_BUFFER_TOO_SMALL );
185
186 *key_buffer_length = clear_key_size;
187 while( clear_key_size-- )
188 key_buffer[clear_key_size] = wrapped_key[clear_key_size] ^ 0xFF;
189 return( PSA_SUCCESS );
190 }
191
mbedtls_test_transparent_generate_key(const psa_key_attributes_t * attributes,uint8_t * key,size_t key_size,size_t * key_length)192 psa_status_t mbedtls_test_transparent_generate_key(
193 const psa_key_attributes_t *attributes,
194 uint8_t *key, size_t key_size, size_t *key_length )
195 {
196 ++mbedtls_test_driver_key_management_hooks.hits;
197
198 if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
199 return( mbedtls_test_driver_key_management_hooks.forced_status );
200
201 if( mbedtls_test_driver_key_management_hooks.forced_output != NULL )
202 {
203 if( mbedtls_test_driver_key_management_hooks.forced_output_length >
204 key_size )
205 return( PSA_ERROR_BUFFER_TOO_SMALL );
206 memcpy( key, mbedtls_test_driver_key_management_hooks.forced_output,
207 mbedtls_test_driver_key_management_hooks.forced_output_length );
208 *key_length = mbedtls_test_driver_key_management_hooks.forced_output_length;
209 return( PSA_SUCCESS );
210 }
211
212 if( PSA_KEY_TYPE_IS_ECC( psa_get_key_type( attributes ) )
213 && PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) )
214 {
215 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
216 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR)
217 return( libtestdriver1_mbedtls_psa_ecp_generate_key(
218 (const libtestdriver1_psa_key_attributes_t *)attributes,
219 key, key_size, key_length ) );
220 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR)
221 return( mbedtls_psa_ecp_generate_key(
222 attributes, key, key_size, key_length ) );
223 #endif
224 }
225 else if( psa_get_key_type( attributes ) == PSA_KEY_TYPE_RSA_KEY_PAIR )
226 {
227 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
228 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
229 return( libtestdriver1_mbedtls_psa_rsa_generate_key(
230 (const libtestdriver1_psa_key_attributes_t *)attributes,
231 key, key_size, key_length ) );
232 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
233 return( mbedtls_psa_rsa_generate_key(
234 attributes, key, key_size, key_length ) );
235 #endif
236 }
237
238 (void)attributes;
239 return( PSA_ERROR_NOT_SUPPORTED );
240 }
241
mbedtls_test_opaque_generate_key(const psa_key_attributes_t * attributes,uint8_t * key,size_t key_size,size_t * key_length)242 psa_status_t mbedtls_test_opaque_generate_key(
243 const psa_key_attributes_t *attributes,
244 uint8_t *key, size_t key_size, size_t *key_length )
245 {
246 (void) attributes;
247 (void) key;
248 (void) key_size;
249 (void) key_length;
250 return( PSA_ERROR_NOT_SUPPORTED );
251 }
252
mbedtls_test_transparent_import_key(const psa_key_attributes_t * attributes,const uint8_t * data,size_t data_length,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length,size_t * bits)253 psa_status_t mbedtls_test_transparent_import_key(
254 const psa_key_attributes_t *attributes,
255 const uint8_t *data,
256 size_t data_length,
257 uint8_t *key_buffer,
258 size_t key_buffer_size,
259 size_t *key_buffer_length,
260 size_t *bits)
261 {
262 ++mbedtls_test_driver_key_management_hooks.hits;
263
264 if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
265 return( mbedtls_test_driver_key_management_hooks.forced_status );
266
267 psa_key_type_t type = psa_get_key_type( attributes );
268
269 if( PSA_KEY_TYPE_IS_ECC( type ) )
270 {
271 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
272 ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
273 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) )
274 return( libtestdriver1_mbedtls_psa_ecp_import_key(
275 (const libtestdriver1_psa_key_attributes_t *)attributes,
276 data, data_length,
277 key_buffer, key_buffer_size,
278 key_buffer_length, bits ) );
279 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
280 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
281 return( mbedtls_psa_ecp_import_key(
282 attributes,
283 data, data_length,
284 key_buffer, key_buffer_size,
285 key_buffer_length, bits ) );
286 #endif
287 }
288 else if( PSA_KEY_TYPE_IS_RSA( type ) )
289 {
290 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
291 ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
292 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) )
293 return( libtestdriver1_mbedtls_psa_rsa_import_key(
294 (const libtestdriver1_psa_key_attributes_t *)attributes,
295 data, data_length,
296 key_buffer, key_buffer_size,
297 key_buffer_length, bits ) );
298 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
299 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
300 return( mbedtls_psa_rsa_import_key(
301 attributes,
302 data, data_length,
303 key_buffer, key_buffer_size,
304 key_buffer_length, bits ) );
305 #endif
306 }
307
308 (void)data;
309 (void)data_length;
310 (void)key_buffer;
311 (void)key_buffer_size;
312 (void)key_buffer_length;
313 (void)bits;
314 (void)type;
315
316 return( PSA_ERROR_NOT_SUPPORTED );
317 }
318
319
mbedtls_test_opaque_import_key(const psa_key_attributes_t * attributes,const uint8_t * data,size_t data_length,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length,size_t * bits)320 psa_status_t mbedtls_test_opaque_import_key(
321 const psa_key_attributes_t *attributes,
322 const uint8_t *data,
323 size_t data_length,
324 uint8_t *key_buffer,
325 size_t key_buffer_size,
326 size_t *key_buffer_length,
327 size_t *bits)
328 {
329 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
330 psa_key_type_t type = psa_get_key_type( attributes );
331 /* This buffer will be used as an intermediate placeholder for
332 * the clear key till we wrap it */
333 uint8_t *key_buffer_temp;
334
335 key_buffer_temp = mbedtls_calloc( 1, key_buffer_size );
336 if( key_buffer_temp == NULL )
337 return( PSA_ERROR_INSUFFICIENT_MEMORY );
338
339 if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) )
340 {
341 *bits = PSA_BYTES_TO_BITS( data_length );
342
343 status = psa_validate_unstructured_key_bit_size( type,
344 *bits );
345 if( status != PSA_SUCCESS )
346 goto exit;
347
348 if( data_length > key_buffer_size )
349 return( PSA_ERROR_BUFFER_TOO_SMALL );
350
351 /* Copy the key material accounting for opaque key padding. */
352 memcpy( key_buffer_temp, data, data_length );
353 *key_buffer_length = data_length;
354 }
355 else if( PSA_KEY_TYPE_IS_ECC( type ) )
356 {
357 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
358 ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
359 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) )
360 status = libtestdriver1_mbedtls_psa_ecp_import_key(
361 (const libtestdriver1_psa_key_attributes_t *)attributes,
362 data, data_length,
363 key_buffer_temp, key_buffer_size,
364 key_buffer_length, bits );
365 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
366 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
367 status = mbedtls_psa_ecp_import_key(
368 attributes,
369 data, data_length,
370 key_buffer_temp, key_buffer_size,
371 key_buffer_length, bits );
372 #else
373 status = PSA_ERROR_NOT_SUPPORTED;
374 #endif
375 if( status != PSA_SUCCESS )
376 goto exit;
377 }
378 else if( PSA_KEY_TYPE_IS_RSA( type ) )
379 {
380 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
381 ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \
382 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) )
383 status = libtestdriver1_mbedtls_psa_rsa_import_key(
384 (const libtestdriver1_psa_key_attributes_t *)attributes,
385 data, data_length,
386 key_buffer_temp, key_buffer_size,
387 key_buffer_length, bits );
388 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
389 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
390 status = mbedtls_psa_rsa_import_key(
391 attributes,
392 data, data_length,
393 key_buffer_temp, key_buffer_size,
394 key_buffer_length, bits );
395 #else
396 status = PSA_ERROR_NOT_SUPPORTED;
397 #endif
398 if( status != PSA_SUCCESS )
399 goto exit;
400 }
401 else
402 {
403 status = PSA_ERROR_INVALID_ARGUMENT;
404 goto exit;
405 }
406
407 status = mbedtls_test_opaque_wrap_key( key_buffer_temp, *key_buffer_length,
408 key_buffer, key_buffer_size, key_buffer_length );
409 exit:
410 mbedtls_free( key_buffer_temp );
411 return( status );
412 }
413
mbedtls_test_opaque_export_key(const psa_key_attributes_t * attributes,const uint8_t * key,size_t key_length,uint8_t * data,size_t data_size,size_t * data_length)414 psa_status_t mbedtls_test_opaque_export_key(
415 const psa_key_attributes_t *attributes,
416 const uint8_t *key, size_t key_length,
417 uint8_t *data, size_t data_size, size_t *data_length )
418 {
419 if( key_length == sizeof( psa_drv_slot_number_t ) )
420 {
421 /* Assume this is a builtin key based on the key material length. */
422 psa_drv_slot_number_t slot_number = *( ( psa_drv_slot_number_t* ) key );
423
424 switch( slot_number )
425 {
426 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT:
427 /* This is the ECDSA slot. Verify the key's attributes before
428 * returning the private key. */
429 if( psa_get_key_type( attributes ) !=
430 PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) )
431 return( PSA_ERROR_CORRUPTION_DETECTED );
432 if( psa_get_key_bits( attributes ) != 256 )
433 return( PSA_ERROR_CORRUPTION_DETECTED );
434 if( psa_get_key_algorithm( attributes ) !=
435 PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) )
436 return( PSA_ERROR_CORRUPTION_DETECTED );
437 if( ( psa_get_key_usage_flags( attributes ) &
438 PSA_KEY_USAGE_EXPORT ) == 0 )
439 return( PSA_ERROR_CORRUPTION_DETECTED );
440
441 if( data_size < sizeof( mbedtls_test_driver_ecdsa_key ) )
442 return( PSA_ERROR_BUFFER_TOO_SMALL );
443
444 memcpy( data, mbedtls_test_driver_ecdsa_key,
445 sizeof( mbedtls_test_driver_ecdsa_key ) );
446 *data_length = sizeof( mbedtls_test_driver_ecdsa_key );
447 return( PSA_SUCCESS );
448
449 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT:
450 /* This is the AES slot. Verify the key's attributes before
451 * returning the key. */
452 if( psa_get_key_type( attributes ) != PSA_KEY_TYPE_AES )
453 return( PSA_ERROR_CORRUPTION_DETECTED );
454 if( psa_get_key_bits( attributes ) != 128 )
455 return( PSA_ERROR_CORRUPTION_DETECTED );
456 if( psa_get_key_algorithm( attributes ) != PSA_ALG_CTR )
457 return( PSA_ERROR_CORRUPTION_DETECTED );
458 if( ( psa_get_key_usage_flags( attributes ) &
459 PSA_KEY_USAGE_EXPORT ) == 0 )
460 return( PSA_ERROR_CORRUPTION_DETECTED );
461
462 if( data_size < sizeof( mbedtls_test_driver_aes_key ) )
463 return( PSA_ERROR_BUFFER_TOO_SMALL );
464
465 memcpy( data, mbedtls_test_driver_aes_key,
466 sizeof( mbedtls_test_driver_aes_key ) );
467 *data_length = sizeof( mbedtls_test_driver_aes_key );
468 return( PSA_SUCCESS );
469
470 default:
471 return( PSA_ERROR_DOES_NOT_EXIST );
472 }
473 }
474 else
475 {
476 /* This buffer will be used as an intermediate placeholder for
477 * the opaque key till we unwrap the key into key_buffer */
478 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
479 psa_key_type_t type = psa_get_key_type( attributes );
480
481 if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) ||
482 PSA_KEY_TYPE_IS_RSA( type ) ||
483 PSA_KEY_TYPE_IS_ECC( type ) )
484 {
485 status = mbedtls_test_opaque_unwrap_key( key, key_length,
486 data, data_size, data_length );
487 return( status );
488 }
489 }
490 return( PSA_ERROR_NOT_SUPPORTED );
491 }
492
mbedtls_test_transparent_export_public_key(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,uint8_t * data,size_t data_size,size_t * data_length)493 psa_status_t mbedtls_test_transparent_export_public_key(
494 const psa_key_attributes_t *attributes,
495 const uint8_t *key_buffer, size_t key_buffer_size,
496 uint8_t *data, size_t data_size, size_t *data_length )
497 {
498 ++mbedtls_test_driver_key_management_hooks.hits;
499
500 if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
501 return( mbedtls_test_driver_key_management_hooks.forced_status );
502
503 if( mbedtls_test_driver_key_management_hooks.forced_output != NULL )
504 {
505 if( mbedtls_test_driver_key_management_hooks.forced_output_length >
506 data_size )
507 return( PSA_ERROR_BUFFER_TOO_SMALL );
508 memcpy( data, mbedtls_test_driver_key_management_hooks.forced_output,
509 mbedtls_test_driver_key_management_hooks.forced_output_length );
510 *data_length = mbedtls_test_driver_key_management_hooks.forced_output_length;
511 return( PSA_SUCCESS );
512 }
513
514 psa_key_type_t key_type = psa_get_key_type( attributes );
515
516 if( PSA_KEY_TYPE_IS_ECC( key_type ) )
517 {
518 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
519 ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
520 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) )
521 return( libtestdriver1_mbedtls_psa_ecp_export_public_key(
522 (const libtestdriver1_psa_key_attributes_t *)attributes,
523 key_buffer, key_buffer_size,
524 data, data_size, data_length ) );
525 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
526 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
527 return( mbedtls_psa_ecp_export_public_key(
528 attributes,
529 key_buffer, key_buffer_size,
530 data, data_size, data_length ) );
531 #endif
532 }
533 else if( PSA_KEY_TYPE_IS_RSA( key_type ) )
534 {
535 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
536 ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
537 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) )
538 return( libtestdriver1_mbedtls_psa_rsa_export_public_key(
539 (const libtestdriver1_psa_key_attributes_t *)attributes,
540 key_buffer, key_buffer_size,
541 data, data_size, data_length ) );
542 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
543 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
544 return( mbedtls_psa_rsa_export_public_key(
545 attributes,
546 key_buffer, key_buffer_size,
547 data, data_size, data_length ) );
548 #endif
549 }
550
551 (void)key_buffer;
552 (void)key_buffer_size;
553 (void)key_type;
554
555 return( PSA_ERROR_NOT_SUPPORTED );
556 }
557
mbedtls_test_opaque_export_public_key(const psa_key_attributes_t * attributes,const uint8_t * key,size_t key_length,uint8_t * data,size_t data_size,size_t * data_length)558 psa_status_t mbedtls_test_opaque_export_public_key(
559 const psa_key_attributes_t *attributes,
560 const uint8_t *key, size_t key_length,
561 uint8_t *data, size_t data_size, size_t *data_length )
562 {
563 if( key_length != sizeof( psa_drv_slot_number_t ) )
564 {
565 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
566 psa_key_type_t key_type = psa_get_key_type( attributes );
567 uint8_t *key_buffer_temp;
568
569 key_buffer_temp = mbedtls_calloc( 1, key_length );
570 if( key_buffer_temp == NULL )
571 return( PSA_ERROR_INSUFFICIENT_MEMORY );
572
573 if( PSA_KEY_TYPE_IS_ECC( key_type ) )
574 {
575 status = mbedtls_test_opaque_unwrap_key( key, key_length,
576 key_buffer_temp, key_length, data_length );
577 if( status == PSA_SUCCESS )
578 {
579 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
580 ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
581 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) )
582 status = libtestdriver1_mbedtls_psa_ecp_export_public_key(
583 (const libtestdriver1_psa_key_attributes_t *)attributes,
584 key_buffer_temp, *data_length,
585 data, data_size, data_length );
586 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
587 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
588 status = mbedtls_psa_ecp_export_public_key(
589 attributes,
590 key_buffer_temp, *data_length,
591 data, data_size, data_length );
592 #else
593 status = PSA_ERROR_NOT_SUPPORTED;
594 #endif
595 }
596 }
597 else if( PSA_KEY_TYPE_IS_RSA( key_type ) )
598 {
599 status = mbedtls_test_opaque_unwrap_key( key, key_length,
600 key_buffer_temp, key_length, data_length );
601 if( status == PSA_SUCCESS )
602 {
603 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
604 ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \
605 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) )
606 status = libtestdriver1_mbedtls_psa_rsa_export_public_key(
607 (const libtestdriver1_psa_key_attributes_t *)attributes,
608 key_buffer_temp, *data_length,
609 data, data_size, data_length );
610 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
611 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
612 status = mbedtls_psa_rsa_export_public_key(
613 attributes,
614 key_buffer_temp, *data_length,
615 data, data_size, data_length );
616 #else
617 status = PSA_ERROR_NOT_SUPPORTED;
618 #endif
619 }
620 }
621 else
622 {
623 status = PSA_ERROR_NOT_SUPPORTED;
624 (void)key;
625 (void)key_type;
626 }
627 mbedtls_free( key_buffer_temp );
628 return( status );
629 }
630
631 /* Assume this is a builtin key based on the key material length. */
632 psa_drv_slot_number_t slot_number = *( ( psa_drv_slot_number_t* ) key );
633 switch( slot_number )
634 {
635 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT:
636 /* This is the ECDSA slot. Verify the key's attributes before
637 * returning the public key. */
638 if( psa_get_key_type( attributes ) !=
639 PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) )
640 return( PSA_ERROR_CORRUPTION_DETECTED );
641 if( psa_get_key_bits( attributes ) != 256 )
642 return( PSA_ERROR_CORRUPTION_DETECTED );
643 if( psa_get_key_algorithm( attributes ) !=
644 PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) )
645 return( PSA_ERROR_CORRUPTION_DETECTED );
646
647 if( data_size < sizeof( mbedtls_test_driver_ecdsa_pubkey ) )
648 return( PSA_ERROR_BUFFER_TOO_SMALL );
649
650 memcpy( data, mbedtls_test_driver_ecdsa_pubkey,
651 sizeof( mbedtls_test_driver_ecdsa_pubkey ) );
652 *data_length = sizeof( mbedtls_test_driver_ecdsa_pubkey );
653 return( PSA_SUCCESS );
654
655 default:
656 return( PSA_ERROR_DOES_NOT_EXIST );
657 }
658 }
659
660 /* The opaque test driver exposes two built-in keys when builtin key support is
661 * compiled in.
662 * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT is an AES-128
663 * key which allows CTR mode.
664 * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT is a secp256r1
665 * private key which allows ECDSA sign & verify.
666 * The key buffer format for these is the raw format of psa_drv_slot_number_t
667 * (i.e. for an actual driver this would mean 'builtin_key_size' =
668 * sizeof(psa_drv_slot_number_t)).
669 */
mbedtls_test_opaque_get_builtin_key(psa_drv_slot_number_t slot_number,psa_key_attributes_t * attributes,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length)670 psa_status_t mbedtls_test_opaque_get_builtin_key(
671 psa_drv_slot_number_t slot_number,
672 psa_key_attributes_t *attributes,
673 uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
674 {
675 switch( slot_number )
676 {
677 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT:
678 psa_set_key_type( attributes, PSA_KEY_TYPE_AES );
679 psa_set_key_bits( attributes, 128 );
680 psa_set_key_usage_flags(
681 attributes,
682 PSA_KEY_USAGE_ENCRYPT |
683 PSA_KEY_USAGE_DECRYPT |
684 PSA_KEY_USAGE_EXPORT );
685 psa_set_key_algorithm( attributes, PSA_ALG_CTR );
686
687 if( key_buffer_size < sizeof( psa_drv_slot_number_t ) )
688 return( PSA_ERROR_BUFFER_TOO_SMALL );
689
690 *( (psa_drv_slot_number_t*) key_buffer ) =
691 PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT;
692 *key_buffer_length = sizeof( psa_drv_slot_number_t );
693 return( PSA_SUCCESS );
694 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT:
695 psa_set_key_type(
696 attributes,
697 PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) );
698 psa_set_key_bits( attributes, 256 );
699 psa_set_key_usage_flags(
700 attributes,
701 PSA_KEY_USAGE_SIGN_HASH |
702 PSA_KEY_USAGE_VERIFY_HASH |
703 PSA_KEY_USAGE_EXPORT );
704 psa_set_key_algorithm(
705 attributes, PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) );
706
707 if( key_buffer_size < sizeof( psa_drv_slot_number_t ) )
708 return( PSA_ERROR_BUFFER_TOO_SMALL );
709
710 *( (psa_drv_slot_number_t*) key_buffer ) =
711 PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT;
712 *key_buffer_length = sizeof( psa_drv_slot_number_t );
713 return( PSA_SUCCESS );
714 default:
715 return( PSA_ERROR_DOES_NOT_EXIST );
716 }
717 }
718
mbedtls_test_opaque_copy_key(psa_key_attributes_t * attributes,const uint8_t * source_key,size_t source_key_length,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length)719 psa_status_t mbedtls_test_opaque_copy_key(
720 psa_key_attributes_t *attributes,
721 const uint8_t *source_key, size_t source_key_length,
722 uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length)
723 {
724 /* This is a case where the opaque test driver emulates an SE without storage.
725 * With that all key context is stored in the wrapped buffer.
726 * So no additional house keeping is necessary to reference count the
727 * copied keys. This could change when the opaque test driver is extended
728 * to support SE with storage, or to emulate an SE without storage but
729 * still holding some slot references */
730 if( source_key_length > key_buffer_size )
731 return( PSA_ERROR_BUFFER_TOO_SMALL );
732
733 memcpy( key_buffer, source_key, source_key_length );
734 *key_buffer_length = source_key_length;
735 (void)attributes;
736 return( PSA_SUCCESS );
737 }
738
739 #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
740