1 /*
2 * Test driver for generating and verifying keys.
3 * Currently only supports generating and verifying ECC keys.
4 */
5 /* Copyright The Mbed TLS Contributors
6 * SPDX-License-Identifier: Apache-2.0
7 *
8 * Licensed under the Apache License, Version 2.0 (the "License"); you may
9 * not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
11 *
12 * http://www.apache.org/licenses/LICENSE-2.0
13 *
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 */
20
21 #include <test/helpers.h>
22
23 #if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
24 #include "psa/crypto.h"
25 #include "psa_crypto_core.h"
26 #include "psa_crypto_ecp.h"
27 #include "psa_crypto_rsa.h"
28 #include "mbedtls/ecp.h"
29 #include "mbedtls/error.h"
30
31 #include "test/drivers/key_management.h"
32 #include "test/drivers/test_driver.h"
33
34 #include "test/random.h"
35
36 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
37 #include "libtestdriver1/library/psa_crypto_ecp.h"
38 #include "libtestdriver1/library/psa_crypto_rsa.h"
39 #endif
40
41 #include <string.h>
42
43 mbedtls_test_driver_key_management_hooks_t
44 mbedtls_test_driver_key_management_hooks = MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT;
45
46 const uint8_t mbedtls_test_driver_aes_key[16] =
47 { 0x36, 0x77, 0x39, 0x7A, 0x24, 0x43, 0x26, 0x46,
48 0x29, 0x4A, 0x40, 0x4E, 0x63, 0x52, 0x66, 0x55 };
49 const uint8_t mbedtls_test_driver_ecdsa_key[32] =
50 { 0xdc, 0x7d, 0x9d, 0x26, 0xd6, 0x7a, 0x4f, 0x63,
51 0x2c, 0x34, 0xc2, 0xdc, 0x0b, 0x69, 0x86, 0x18,
52 0x38, 0x82, 0xc2, 0x06, 0xdf, 0x04, 0xcd, 0xb7,
53 0xd6, 0x9a, 0xab, 0xe2, 0x8b, 0xe4, 0xf8, 0x1a };
54 const uint8_t mbedtls_test_driver_ecdsa_pubkey[65] =
55 { 0x04,
56 0x85, 0xf6, 0x4d, 0x89, 0xf0, 0x0b, 0xe6, 0x6c,
57 0x88, 0xdd, 0x93, 0x7e, 0xfd, 0x6d, 0x7c, 0x44,
58 0x56, 0x48, 0xdc, 0xb7, 0x01, 0x15, 0x0b, 0x8a,
59 0x95, 0x09, 0x29, 0x58, 0x50, 0xf4, 0x1c, 0x19,
60 0x31, 0xe5, 0x71, 0xfb, 0x8f, 0x8c, 0x78, 0x31,
61 0x7a, 0x20, 0xb3, 0x80, 0xe8, 0x66, 0x58, 0x4b,
62 0xbc, 0x25, 0x16, 0xc3, 0xd2, 0x70, 0x2d, 0x79,
63 0x2f, 0x13, 0x1a, 0x92, 0x20, 0x95, 0xfd, 0x6c };
64
mbedtls_test_transparent_init(void)65 psa_status_t mbedtls_test_transparent_init(void)
66 {
67 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
68
69 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
70 status = libtestdriver1_psa_crypto_init();
71 if (status != PSA_SUCCESS) {
72 return status;
73 }
74 #endif
75
76 (void) status;
77 return PSA_SUCCESS;
78 }
79
mbedtls_test_transparent_free(void)80 void mbedtls_test_transparent_free(void)
81 {
82 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
83 libtestdriver1_mbedtls_psa_crypto_free();
84 #endif
85
86 return;
87 }
88
mbedtls_test_opaque_init(void)89 psa_status_t mbedtls_test_opaque_init(void)
90 {
91 return PSA_SUCCESS;
92 }
93
mbedtls_test_opaque_free(void)94 void mbedtls_test_opaque_free(void)
95 {
96 return;
97 }
98
99 /*
100 * This macro returns the base size for the key context when SE does not
101 * support storage. It is the size of the metadata that gets added to the
102 * wrapped key. In its test functionality the metadata is just some padded
103 * prefixing to the key.
104 */
105 #define TEST_DRIVER_KEY_CONTEXT_BASE_SIZE \
106 PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX_SIZE
107
108
mbedtls_test_opaque_size_function(const psa_key_type_t key_type,const size_t key_bits)109 size_t mbedtls_test_opaque_size_function(
110 const psa_key_type_t key_type,
111 const size_t key_bits)
112 {
113 size_t key_buffer_size = 0;
114
115 key_buffer_size = PSA_EXPORT_KEY_OUTPUT_SIZE(key_type, key_bits);
116 if (key_buffer_size == 0) {
117 return 0;
118 }
119 /* Include spacing for base size overhead over the key size
120 * */
121 key_buffer_size += TEST_DRIVER_KEY_CONTEXT_BASE_SIZE;
122 return key_buffer_size;
123 }
124
mbedtls_test_opaque_get_base_size()125 static size_t mbedtls_test_opaque_get_base_size()
126 {
127 return TEST_DRIVER_KEY_CONTEXT_BASE_SIZE;
128 }
129
130 /*
131 * The wrap function mbedtls_test_opaque_wrap_key pads and wraps the
132 * clear key. It expects the clear and wrap buffers to be passed in.
133 * key_length is the size of the clear key to be wrapped.
134 * wrapped_key_buffer_size is the size of the output buffer wrap_key.
135 * The argument wrapped_key_buffer_length is filled with the wrapped
136 * key_size on success.
137 * */
mbedtls_test_opaque_wrap_key(const uint8_t * key,size_t key_length,uint8_t * wrapped_key_buffer,size_t wrapped_key_buffer_size,size_t * wrapped_key_buffer_length)138 static psa_status_t mbedtls_test_opaque_wrap_key(
139 const uint8_t *key,
140 size_t key_length,
141 uint8_t *wrapped_key_buffer,
142 size_t wrapped_key_buffer_size,
143 size_t *wrapped_key_buffer_length)
144 {
145 size_t opaque_key_base_size = mbedtls_test_opaque_get_base_size();
146 uint64_t prefix = PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX;
147
148 if (key_length + opaque_key_base_size > wrapped_key_buffer_size) {
149 return PSA_ERROR_BUFFER_TOO_SMALL;
150 }
151
152 /* Write in the opaque pad prefix */
153 memcpy(wrapped_key_buffer, &prefix, opaque_key_base_size);
154 wrapped_key_buffer += opaque_key_base_size;
155 *wrapped_key_buffer_length = key_length + opaque_key_base_size;
156
157 while (key_length--) {
158 wrapped_key_buffer[key_length] = key[key_length] ^ 0xFF;
159 }
160 return PSA_SUCCESS;
161 }
162
163 /*
164 * The unwrap function mbedtls_test_opaque_unwrap_key removes a pad prefix
165 * and unwraps the wrapped key. It expects the clear and wrap buffers to be
166 * passed in.
167 * wrapped_key_length is the size of the wrapped key,
168 * key_buffer_size is the size of the output buffer clear_key.
169 * The argument key_buffer_length is filled with the unwrapped(clear)
170 * key_size on success.
171 * */
mbedtls_test_opaque_unwrap_key(const uint8_t * wrapped_key,size_t wrapped_key_length,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length)172 static psa_status_t mbedtls_test_opaque_unwrap_key(
173 const uint8_t *wrapped_key,
174 size_t wrapped_key_length,
175 uint8_t *key_buffer,
176 size_t key_buffer_size,
177 size_t *key_buffer_length)
178 {
179 /* Remove the pad prefix from the wrapped key */
180 size_t opaque_key_base_size = mbedtls_test_opaque_get_base_size();
181 size_t clear_key_size;
182
183 /* Check for underflow */
184 if (wrapped_key_length < opaque_key_base_size) {
185 return PSA_ERROR_DATA_CORRUPT;
186 }
187 clear_key_size = wrapped_key_length - opaque_key_base_size;
188
189 wrapped_key += opaque_key_base_size;
190 if (clear_key_size > key_buffer_size) {
191 return PSA_ERROR_BUFFER_TOO_SMALL;
192 }
193
194 *key_buffer_length = clear_key_size;
195 while (clear_key_size--) {
196 key_buffer[clear_key_size] = wrapped_key[clear_key_size] ^ 0xFF;
197 }
198 return PSA_SUCCESS;
199 }
200
mbedtls_test_transparent_generate_key(const psa_key_attributes_t * attributes,uint8_t * key,size_t key_size,size_t * key_length)201 psa_status_t mbedtls_test_transparent_generate_key(
202 const psa_key_attributes_t *attributes,
203 uint8_t *key, size_t key_size, size_t *key_length)
204 {
205 ++mbedtls_test_driver_key_management_hooks.hits;
206
207 if (mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS) {
208 return mbedtls_test_driver_key_management_hooks.forced_status;
209 }
210
211 if (mbedtls_test_driver_key_management_hooks.forced_output != NULL) {
212 if (mbedtls_test_driver_key_management_hooks.forced_output_length >
213 key_size) {
214 return PSA_ERROR_BUFFER_TOO_SMALL;
215 }
216 memcpy(key, mbedtls_test_driver_key_management_hooks.forced_output,
217 mbedtls_test_driver_key_management_hooks.forced_output_length);
218 *key_length = mbedtls_test_driver_key_management_hooks.forced_output_length;
219 return PSA_SUCCESS;
220 }
221
222 if (PSA_KEY_TYPE_IS_ECC(psa_get_key_type(attributes))
223 && PSA_KEY_TYPE_IS_KEY_PAIR(psa_get_key_type(attributes))) {
224 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
225 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR)
226 return libtestdriver1_mbedtls_psa_ecp_generate_key(
227 (const libtestdriver1_psa_key_attributes_t *) attributes,
228 key, key_size, key_length);
229 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR)
230 return mbedtls_psa_ecp_generate_key(
231 attributes, key, key_size, key_length);
232 #endif
233 } else if (psa_get_key_type(attributes) == PSA_KEY_TYPE_RSA_KEY_PAIR) {
234 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
235 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
236 return libtestdriver1_mbedtls_psa_rsa_generate_key(
237 (const libtestdriver1_psa_key_attributes_t *) attributes,
238 key, key_size, key_length);
239 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
240 return mbedtls_psa_rsa_generate_key(
241 attributes, key, key_size, key_length);
242 #endif
243 }
244
245 (void) attributes;
246 return PSA_ERROR_NOT_SUPPORTED;
247 }
248
mbedtls_test_opaque_generate_key(const psa_key_attributes_t * attributes,uint8_t * key,size_t key_size,size_t * key_length)249 psa_status_t mbedtls_test_opaque_generate_key(
250 const psa_key_attributes_t *attributes,
251 uint8_t *key, size_t key_size, size_t *key_length)
252 {
253 (void) attributes;
254 (void) key;
255 (void) key_size;
256 (void) key_length;
257 return PSA_ERROR_NOT_SUPPORTED;
258 }
259
mbedtls_test_transparent_import_key(const psa_key_attributes_t * attributes,const uint8_t * data,size_t data_length,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length,size_t * bits)260 psa_status_t mbedtls_test_transparent_import_key(
261 const psa_key_attributes_t *attributes,
262 const uint8_t *data,
263 size_t data_length,
264 uint8_t *key_buffer,
265 size_t key_buffer_size,
266 size_t *key_buffer_length,
267 size_t *bits)
268 {
269 psa_key_type_t type = psa_get_key_type(attributes);
270
271 ++mbedtls_test_driver_key_management_hooks.hits;
272 mbedtls_test_driver_key_management_hooks.location = PSA_KEY_LOCATION_LOCAL_STORAGE;
273
274 if (mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS) {
275 return mbedtls_test_driver_key_management_hooks.forced_status;
276 }
277
278 if (PSA_KEY_TYPE_IS_ECC(type)) {
279 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
280 (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
281 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY))
282 return libtestdriver1_mbedtls_psa_ecp_import_key(
283 (const libtestdriver1_psa_key_attributes_t *) attributes,
284 data, data_length,
285 key_buffer, key_buffer_size,
286 key_buffer_length, bits);
287 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
288 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
289 return mbedtls_psa_ecp_import_key(
290 attributes,
291 data, data_length,
292 key_buffer, key_buffer_size,
293 key_buffer_length, bits);
294 #endif
295 } else if (PSA_KEY_TYPE_IS_RSA(type)) {
296 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
297 (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
298 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY))
299 return libtestdriver1_mbedtls_psa_rsa_import_key(
300 (const libtestdriver1_psa_key_attributes_t *) attributes,
301 data, data_length,
302 key_buffer, key_buffer_size,
303 key_buffer_length, bits);
304 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
305 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
306 return mbedtls_psa_rsa_import_key(
307 attributes,
308 data, data_length,
309 key_buffer, key_buffer_size,
310 key_buffer_length, bits);
311 #endif
312 }
313
314 (void) data;
315 (void) data_length;
316 (void) key_buffer;
317 (void) key_buffer_size;
318 (void) key_buffer_length;
319 (void) bits;
320 (void) type;
321
322 return PSA_ERROR_NOT_SUPPORTED;
323 }
324
325
mbedtls_test_opaque_import_key(const psa_key_attributes_t * attributes,const uint8_t * data,size_t data_length,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length,size_t * bits)326 psa_status_t mbedtls_test_opaque_import_key(
327 const psa_key_attributes_t *attributes,
328 const uint8_t *data,
329 size_t data_length,
330 uint8_t *key_buffer,
331 size_t key_buffer_size,
332 size_t *key_buffer_length,
333 size_t *bits)
334 {
335 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
336 psa_key_type_t type = psa_get_key_type(attributes);
337 /* This buffer will be used as an intermediate placeholder for
338 * the clear key till we wrap it */
339 uint8_t *key_buffer_temp;
340
341 ++mbedtls_test_driver_key_management_hooks.hits;
342 mbedtls_test_driver_key_management_hooks.location = PSA_CRYPTO_TEST_DRIVER_LOCATION;
343
344 if (mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS) {
345 return mbedtls_test_driver_key_management_hooks.forced_status;
346 }
347
348 key_buffer_temp = mbedtls_calloc(1, key_buffer_size);
349 if (key_buffer_temp == NULL) {
350 return PSA_ERROR_INSUFFICIENT_MEMORY;
351 }
352
353 if (PSA_KEY_TYPE_IS_UNSTRUCTURED(type)) {
354 *bits = PSA_BYTES_TO_BITS(data_length);
355
356 status = psa_validate_unstructured_key_bit_size(type,
357 *bits);
358 if (status != PSA_SUCCESS) {
359 goto exit;
360 }
361
362 if (data_length > key_buffer_size) {
363 return PSA_ERROR_BUFFER_TOO_SMALL;
364 }
365
366 /* Copy the key material accounting for opaque key padding. */
367 memcpy(key_buffer_temp, data, data_length);
368 *key_buffer_length = data_length;
369 } else if (PSA_KEY_TYPE_IS_ECC(type)) {
370 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
371 (defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
372 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY))
373 status = libtestdriver1_mbedtls_psa_ecp_import_key(
374 (const libtestdriver1_psa_key_attributes_t *) attributes,
375 data, data_length,
376 key_buffer_temp, key_buffer_size,
377 key_buffer_length, bits);
378 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
379 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
380 status = mbedtls_psa_ecp_import_key(
381 attributes,
382 data, data_length,
383 key_buffer_temp, key_buffer_size,
384 key_buffer_length, bits);
385 #else
386 status = PSA_ERROR_NOT_SUPPORTED;
387 #endif
388 if (status != PSA_SUCCESS) {
389 goto exit;
390 }
391 } else if (PSA_KEY_TYPE_IS_RSA(type)) {
392 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
393 (defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \
394 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY))
395 status = libtestdriver1_mbedtls_psa_rsa_import_key(
396 (const libtestdriver1_psa_key_attributes_t *) attributes,
397 data, data_length,
398 key_buffer_temp, key_buffer_size,
399 key_buffer_length, bits);
400 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
401 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
402 status = mbedtls_psa_rsa_import_key(
403 attributes,
404 data, data_length,
405 key_buffer_temp, key_buffer_size,
406 key_buffer_length, bits);
407 #else
408 status = PSA_ERROR_NOT_SUPPORTED;
409 #endif
410 if (status != PSA_SUCCESS) {
411 goto exit;
412 }
413 } else {
414 status = PSA_ERROR_INVALID_ARGUMENT;
415 goto exit;
416 }
417
418 status = mbedtls_test_opaque_wrap_key(key_buffer_temp, *key_buffer_length,
419 key_buffer, key_buffer_size, key_buffer_length);
420 exit:
421 mbedtls_free(key_buffer_temp);
422 return status;
423 }
424
mbedtls_test_opaque_export_key(const psa_key_attributes_t * attributes,const uint8_t * key,size_t key_length,uint8_t * data,size_t data_size,size_t * data_length)425 psa_status_t mbedtls_test_opaque_export_key(
426 const psa_key_attributes_t *attributes,
427 const uint8_t *key, size_t key_length,
428 uint8_t *data, size_t data_size, size_t *data_length)
429 {
430 if (key_length == sizeof(psa_drv_slot_number_t)) {
431 /* Assume this is a builtin key based on the key material length. */
432 psa_drv_slot_number_t slot_number = *((psa_drv_slot_number_t *) key);
433
434 switch (slot_number) {
435 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT:
436 /* This is the ECDSA slot. Verify the key's attributes before
437 * returning the private key. */
438 if (psa_get_key_type(attributes) !=
439 PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)) {
440 return PSA_ERROR_CORRUPTION_DETECTED;
441 }
442 if (psa_get_key_bits(attributes) != 256) {
443 return PSA_ERROR_CORRUPTION_DETECTED;
444 }
445 if (psa_get_key_algorithm(attributes) !=
446 PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)) {
447 return PSA_ERROR_CORRUPTION_DETECTED;
448 }
449 if ((psa_get_key_usage_flags(attributes) &
450 PSA_KEY_USAGE_EXPORT) == 0) {
451 return PSA_ERROR_CORRUPTION_DETECTED;
452 }
453
454 if (data_size < sizeof(mbedtls_test_driver_ecdsa_key)) {
455 return PSA_ERROR_BUFFER_TOO_SMALL;
456 }
457
458 memcpy(data, mbedtls_test_driver_ecdsa_key,
459 sizeof(mbedtls_test_driver_ecdsa_key));
460 *data_length = sizeof(mbedtls_test_driver_ecdsa_key);
461 return PSA_SUCCESS;
462
463 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT:
464 /* This is the AES slot. Verify the key's attributes before
465 * returning the key. */
466 if (psa_get_key_type(attributes) != PSA_KEY_TYPE_AES) {
467 return PSA_ERROR_CORRUPTION_DETECTED;
468 }
469 if (psa_get_key_bits(attributes) != 128) {
470 return PSA_ERROR_CORRUPTION_DETECTED;
471 }
472 if (psa_get_key_algorithm(attributes) != PSA_ALG_CTR) {
473 return PSA_ERROR_CORRUPTION_DETECTED;
474 }
475 if ((psa_get_key_usage_flags(attributes) &
476 PSA_KEY_USAGE_EXPORT) == 0) {
477 return PSA_ERROR_CORRUPTION_DETECTED;
478 }
479
480 if (data_size < sizeof(mbedtls_test_driver_aes_key)) {
481 return PSA_ERROR_BUFFER_TOO_SMALL;
482 }
483
484 memcpy(data, mbedtls_test_driver_aes_key,
485 sizeof(mbedtls_test_driver_aes_key));
486 *data_length = sizeof(mbedtls_test_driver_aes_key);
487 return PSA_SUCCESS;
488
489 default:
490 return PSA_ERROR_DOES_NOT_EXIST;
491 }
492 } else {
493 /* This buffer will be used as an intermediate placeholder for
494 * the opaque key till we unwrap the key into key_buffer */
495 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
496 psa_key_type_t type = psa_get_key_type(attributes);
497
498 if (PSA_KEY_TYPE_IS_UNSTRUCTURED(type) ||
499 PSA_KEY_TYPE_IS_RSA(type) ||
500 PSA_KEY_TYPE_IS_ECC(type)) {
501 status = mbedtls_test_opaque_unwrap_key(key, key_length,
502 data, data_size, data_length);
503 return status;
504 }
505 }
506 return PSA_ERROR_NOT_SUPPORTED;
507 }
508
mbedtls_test_transparent_export_public_key(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,uint8_t * data,size_t data_size,size_t * data_length)509 psa_status_t mbedtls_test_transparent_export_public_key(
510 const psa_key_attributes_t *attributes,
511 const uint8_t *key_buffer, size_t key_buffer_size,
512 uint8_t *data, size_t data_size, size_t *data_length)
513 {
514 ++mbedtls_test_driver_key_management_hooks.hits;
515
516 if (mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS) {
517 return mbedtls_test_driver_key_management_hooks.forced_status;
518 }
519
520 if (mbedtls_test_driver_key_management_hooks.forced_output != NULL) {
521 if (mbedtls_test_driver_key_management_hooks.forced_output_length >
522 data_size) {
523 return PSA_ERROR_BUFFER_TOO_SMALL;
524 }
525 memcpy(data, mbedtls_test_driver_key_management_hooks.forced_output,
526 mbedtls_test_driver_key_management_hooks.forced_output_length);
527 *data_length = mbedtls_test_driver_key_management_hooks.forced_output_length;
528 return PSA_SUCCESS;
529 }
530
531 psa_key_type_t key_type = psa_get_key_type(attributes);
532
533 if (PSA_KEY_TYPE_IS_ECC(key_type)) {
534 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
535 (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
536 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY))
537 return libtestdriver1_mbedtls_psa_ecp_export_public_key(
538 (const libtestdriver1_psa_key_attributes_t *) attributes,
539 key_buffer, key_buffer_size,
540 data, data_size, data_length);
541 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
542 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
543 return mbedtls_psa_ecp_export_public_key(
544 attributes,
545 key_buffer, key_buffer_size,
546 data, data_size, data_length);
547 #endif
548 } else if (PSA_KEY_TYPE_IS_RSA(key_type)) {
549 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
550 (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
551 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY))
552 return libtestdriver1_mbedtls_psa_rsa_export_public_key(
553 (const libtestdriver1_psa_key_attributes_t *) attributes,
554 key_buffer, key_buffer_size,
555 data, data_size, data_length);
556 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
557 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
558 return mbedtls_psa_rsa_export_public_key(
559 attributes,
560 key_buffer, key_buffer_size,
561 data, data_size, data_length);
562 #endif
563 }
564
565 (void) key_buffer;
566 (void) key_buffer_size;
567 (void) key_type;
568
569 return PSA_ERROR_NOT_SUPPORTED;
570 }
571
mbedtls_test_opaque_export_public_key(const psa_key_attributes_t * attributes,const uint8_t * key,size_t key_length,uint8_t * data,size_t data_size,size_t * data_length)572 psa_status_t mbedtls_test_opaque_export_public_key(
573 const psa_key_attributes_t *attributes,
574 const uint8_t *key, size_t key_length,
575 uint8_t *data, size_t data_size, size_t *data_length)
576 {
577 if (key_length != sizeof(psa_drv_slot_number_t)) {
578 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
579 psa_key_type_t key_type = psa_get_key_type(attributes);
580 uint8_t *key_buffer_temp;
581
582 key_buffer_temp = mbedtls_calloc(1, key_length);
583 if (key_buffer_temp == NULL) {
584 return PSA_ERROR_INSUFFICIENT_MEMORY;
585 }
586
587 if (PSA_KEY_TYPE_IS_ECC(key_type)) {
588 status = mbedtls_test_opaque_unwrap_key(key, key_length,
589 key_buffer_temp, key_length, data_length);
590 if (status == PSA_SUCCESS) {
591 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
592 (defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
593 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY))
594 status = libtestdriver1_mbedtls_psa_ecp_export_public_key(
595 (const libtestdriver1_psa_key_attributes_t *) attributes,
596 key_buffer_temp, *data_length,
597 data, data_size, data_length);
598 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
599 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
600 status = mbedtls_psa_ecp_export_public_key(
601 attributes,
602 key_buffer_temp, *data_length,
603 data, data_size, data_length);
604 #else
605 status = PSA_ERROR_NOT_SUPPORTED;
606 #endif
607 }
608 } else if (PSA_KEY_TYPE_IS_RSA(key_type)) {
609 status = mbedtls_test_opaque_unwrap_key(key, key_length,
610 key_buffer_temp, key_length, data_length);
611 if (status == PSA_SUCCESS) {
612 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
613 (defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \
614 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY))
615 status = libtestdriver1_mbedtls_psa_rsa_export_public_key(
616 (const libtestdriver1_psa_key_attributes_t *) attributes,
617 key_buffer_temp, *data_length,
618 data, data_size, data_length);
619 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
620 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
621 status = mbedtls_psa_rsa_export_public_key(
622 attributes,
623 key_buffer_temp, *data_length,
624 data, data_size, data_length);
625 #else
626 status = PSA_ERROR_NOT_SUPPORTED;
627 #endif
628 }
629 } else {
630 status = PSA_ERROR_NOT_SUPPORTED;
631 (void) key;
632 (void) key_type;
633 }
634 mbedtls_free(key_buffer_temp);
635 return status;
636 }
637
638 /* Assume this is a builtin key based on the key material length. */
639 psa_drv_slot_number_t slot_number = *((psa_drv_slot_number_t *) key);
640 switch (slot_number) {
641 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT:
642 /* This is the ECDSA slot. Verify the key's attributes before
643 * returning the public key. */
644 if (psa_get_key_type(attributes) !=
645 PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)) {
646 return PSA_ERROR_CORRUPTION_DETECTED;
647 }
648 if (psa_get_key_bits(attributes) != 256) {
649 return PSA_ERROR_CORRUPTION_DETECTED;
650 }
651 if (psa_get_key_algorithm(attributes) !=
652 PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)) {
653 return PSA_ERROR_CORRUPTION_DETECTED;
654 }
655
656 if (data_size < sizeof(mbedtls_test_driver_ecdsa_pubkey)) {
657 return PSA_ERROR_BUFFER_TOO_SMALL;
658 }
659
660 memcpy(data, mbedtls_test_driver_ecdsa_pubkey,
661 sizeof(mbedtls_test_driver_ecdsa_pubkey));
662 *data_length = sizeof(mbedtls_test_driver_ecdsa_pubkey);
663 return PSA_SUCCESS;
664
665 default:
666 return PSA_ERROR_DOES_NOT_EXIST;
667 }
668 }
669
670 /* The opaque test driver exposes two built-in keys when builtin key support is
671 * compiled in.
672 * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT is an AES-128
673 * key which allows CTR mode.
674 * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT is a secp256r1
675 * private key which allows ECDSA sign & verify.
676 * The key buffer format for these is the raw format of psa_drv_slot_number_t
677 * (i.e. for an actual driver this would mean 'builtin_key_size' =
678 * sizeof(psa_drv_slot_number_t)).
679 */
mbedtls_test_opaque_get_builtin_key(psa_drv_slot_number_t slot_number,psa_key_attributes_t * attributes,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length)680 psa_status_t mbedtls_test_opaque_get_builtin_key(
681 psa_drv_slot_number_t slot_number,
682 psa_key_attributes_t *attributes,
683 uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length)
684 {
685 switch (slot_number) {
686 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT:
687 psa_set_key_type(attributes, PSA_KEY_TYPE_AES);
688 psa_set_key_bits(attributes, 128);
689 psa_set_key_usage_flags(
690 attributes,
691 PSA_KEY_USAGE_ENCRYPT |
692 PSA_KEY_USAGE_DECRYPT |
693 PSA_KEY_USAGE_EXPORT);
694 psa_set_key_algorithm(attributes, PSA_ALG_CTR);
695
696 if (key_buffer_size < sizeof(psa_drv_slot_number_t)) {
697 return PSA_ERROR_BUFFER_TOO_SMALL;
698 }
699
700 *((psa_drv_slot_number_t *) key_buffer) =
701 PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT;
702 *key_buffer_length = sizeof(psa_drv_slot_number_t);
703 return PSA_SUCCESS;
704 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT:
705 psa_set_key_type(
706 attributes,
707 PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1));
708 psa_set_key_bits(attributes, 256);
709 psa_set_key_usage_flags(
710 attributes,
711 PSA_KEY_USAGE_SIGN_HASH |
712 PSA_KEY_USAGE_VERIFY_HASH |
713 PSA_KEY_USAGE_EXPORT);
714 psa_set_key_algorithm(
715 attributes, PSA_ALG_ECDSA(PSA_ALG_ANY_HASH));
716
717 if (key_buffer_size < sizeof(psa_drv_slot_number_t)) {
718 return PSA_ERROR_BUFFER_TOO_SMALL;
719 }
720
721 *((psa_drv_slot_number_t *) key_buffer) =
722 PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT;
723 *key_buffer_length = sizeof(psa_drv_slot_number_t);
724 return PSA_SUCCESS;
725 default:
726 return PSA_ERROR_DOES_NOT_EXIST;
727 }
728 }
729
mbedtls_test_opaque_copy_key(psa_key_attributes_t * attributes,const uint8_t * source_key,size_t source_key_length,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length)730 psa_status_t mbedtls_test_opaque_copy_key(
731 psa_key_attributes_t *attributes,
732 const uint8_t *source_key, size_t source_key_length,
733 uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length)
734 {
735 /* This is a case where the opaque test driver emulates an SE without storage.
736 * With that all key context is stored in the wrapped buffer.
737 * So no additional house keeping is necessary to reference count the
738 * copied keys. This could change when the opaque test driver is extended
739 * to support SE with storage, or to emulate an SE without storage but
740 * still holding some slot references */
741 if (source_key_length > key_buffer_size) {
742 return PSA_ERROR_BUFFER_TOO_SMALL;
743 }
744
745 memcpy(key_buffer, source_key, source_key_length);
746 *key_buffer_length = source_key_length;
747 (void) attributes;
748 return PSA_SUCCESS;
749 }
750
751 #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
752
