1 /*
2 * Test driver for generating and verifying keys.
3 * Currently only supports generating and verifying ECC keys.
4 */
5 /* Copyright The Mbed TLS Contributors
6 * SPDX-License-Identifier: Apache-2.0
7 *
8 * Licensed under the Apache License, Version 2.0 (the "License"); you may
9 * not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
11 *
12 * http://www.apache.org/licenses/LICENSE-2.0
13 *
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 */
20
21 #if !defined(MBEDTLS_CONFIG_FILE)
22 #include "mbedtls/config.h"
23 #else
24 #include MBEDTLS_CONFIG_FILE
25 #endif
26
27 #if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
28 #include "psa/crypto.h"
29 #include "psa_crypto_core.h"
30 #include "psa_crypto_ecp.h"
31 #include "psa_crypto_rsa.h"
32 #include "mbedtls/ecp.h"
33 #include "mbedtls/error.h"
34
35 #include "test/drivers/key_management.h"
36 #include "test/random.h"
37
38 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
39 #include "libtestdriver1/library/psa_crypto_ecp.h"
40 #include "libtestdriver1/library/psa_crypto_rsa.h"
41 #endif
42
43 #include <string.h>
44
45 mbedtls_test_driver_key_management_hooks_t
46 mbedtls_test_driver_key_management_hooks = MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT;
47
48 const uint8_t mbedtls_test_driver_aes_key[16] =
49 { 0x36, 0x77, 0x39, 0x7A, 0x24, 0x43, 0x26, 0x46,
50 0x29, 0x4A, 0x40, 0x4E, 0x63, 0x52, 0x66, 0x55 };
51 const uint8_t mbedtls_test_driver_ecdsa_key[32] =
52 { 0xdc, 0x7d, 0x9d, 0x26, 0xd6, 0x7a, 0x4f, 0x63,
53 0x2c, 0x34, 0xc2, 0xdc, 0x0b, 0x69, 0x86, 0x18,
54 0x38, 0x82, 0xc2, 0x06, 0xdf, 0x04, 0xcd, 0xb7,
55 0xd6, 0x9a, 0xab, 0xe2, 0x8b, 0xe4, 0xf8, 0x1a };
56 const uint8_t mbedtls_test_driver_ecdsa_pubkey[65] =
57 { 0x04,
58 0x85, 0xf6, 0x4d, 0x89, 0xf0, 0x0b, 0xe6, 0x6c,
59 0x88, 0xdd, 0x93, 0x7e, 0xfd, 0x6d, 0x7c, 0x44,
60 0x56, 0x48, 0xdc, 0xb7, 0x01, 0x15, 0x0b, 0x8a,
61 0x95, 0x09, 0x29, 0x58, 0x50, 0xf4, 0x1c, 0x19,
62 0x31, 0xe5, 0x71, 0xfb, 0x8f, 0x8c, 0x78, 0x31,
63 0x7a, 0x20, 0xb3, 0x80, 0xe8, 0x66, 0x58, 0x4b,
64 0xbc, 0x25, 0x16, 0xc3, 0xd2, 0x70, 0x2d, 0x79,
65 0x2f, 0x13, 0x1a, 0x92, 0x20, 0x95, 0xfd, 0x6c };
66
mbedtls_test_transparent_init(void)67 psa_status_t mbedtls_test_transparent_init( void )
68 {
69 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
70
71 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
72 status = libtestdriver1_psa_crypto_init( );
73 if( status != PSA_SUCCESS )
74 return( status );
75 #endif
76
77 (void)status;
78 return( PSA_SUCCESS );
79 }
80
mbedtls_test_transparent_free(void)81 void mbedtls_test_transparent_free( void )
82 {
83 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
84 libtestdriver1_mbedtls_psa_crypto_free( );
85 #endif
86
87 return;
88 }
89
mbedtls_test_opaque_init(void)90 psa_status_t mbedtls_test_opaque_init( void )
91 {
92 return( PSA_SUCCESS );
93 }
94
mbedtls_test_opaque_free(void)95 void mbedtls_test_opaque_free( void )
96 {
97 return;
98 }
99
mbedtls_test_transparent_generate_key(const psa_key_attributes_t * attributes,uint8_t * key,size_t key_size,size_t * key_length)100 psa_status_t mbedtls_test_transparent_generate_key(
101 const psa_key_attributes_t *attributes,
102 uint8_t *key, size_t key_size, size_t *key_length )
103 {
104 ++mbedtls_test_driver_key_management_hooks.hits;
105
106 if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
107 return( mbedtls_test_driver_key_management_hooks.forced_status );
108
109 if( mbedtls_test_driver_key_management_hooks.forced_output != NULL )
110 {
111 if( mbedtls_test_driver_key_management_hooks.forced_output_length >
112 key_size )
113 return( PSA_ERROR_BUFFER_TOO_SMALL );
114 memcpy( key, mbedtls_test_driver_key_management_hooks.forced_output,
115 mbedtls_test_driver_key_management_hooks.forced_output_length );
116 *key_length = mbedtls_test_driver_key_management_hooks.forced_output_length;
117 return( PSA_SUCCESS );
118 }
119
120 if( PSA_KEY_TYPE_IS_ECC( psa_get_key_type( attributes ) )
121 && PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) )
122 {
123 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
124 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR)
125 return( libtestdriver1_mbedtls_psa_ecp_generate_key(
126 (const libtestdriver1_psa_key_attributes_t *)attributes,
127 key, key_size, key_length ) );
128 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR)
129 return( mbedtls_psa_ecp_generate_key(
130 attributes, key, key_size, key_length ) );
131 #endif
132 }
133 else if( psa_get_key_type( attributes ) == PSA_KEY_TYPE_RSA_KEY_PAIR )
134 {
135 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
136 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
137 return( libtestdriver1_mbedtls_psa_rsa_generate_key(
138 (const libtestdriver1_psa_key_attributes_t *)attributes,
139 key, key_size, key_length ) );
140 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
141 return( mbedtls_psa_rsa_generate_key(
142 attributes, key, key_size, key_length ) );
143 #endif
144 }
145
146 (void)attributes;
147 return( PSA_ERROR_NOT_SUPPORTED );
148 }
149
mbedtls_test_opaque_generate_key(const psa_key_attributes_t * attributes,uint8_t * key,size_t key_size,size_t * key_length)150 psa_status_t mbedtls_test_opaque_generate_key(
151 const psa_key_attributes_t *attributes,
152 uint8_t *key, size_t key_size, size_t *key_length )
153 {
154 (void) attributes;
155 (void) key;
156 (void) key_size;
157 (void) key_length;
158 return( PSA_ERROR_NOT_SUPPORTED );
159 }
160
mbedtls_test_transparent_import_key(const psa_key_attributes_t * attributes,const uint8_t * data,size_t data_length,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length,size_t * bits)161 psa_status_t mbedtls_test_transparent_import_key(
162 const psa_key_attributes_t *attributes,
163 const uint8_t *data,
164 size_t data_length,
165 uint8_t *key_buffer,
166 size_t key_buffer_size,
167 size_t *key_buffer_length,
168 size_t *bits)
169 {
170 ++mbedtls_test_driver_key_management_hooks.hits;
171
172 if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
173 return( mbedtls_test_driver_key_management_hooks.forced_status );
174
175 psa_key_type_t type = psa_get_key_type( attributes );
176
177 if( PSA_KEY_TYPE_IS_ECC( type ) )
178 {
179 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
180 ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
181 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) )
182 return( libtestdriver1_mbedtls_psa_ecp_import_key(
183 (const libtestdriver1_psa_key_attributes_t *)attributes,
184 data, data_length,
185 key_buffer, key_buffer_size,
186 key_buffer_length, bits ) );
187 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
188 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
189 return( mbedtls_psa_ecp_import_key(
190 attributes,
191 data, data_length,
192 key_buffer, key_buffer_size,
193 key_buffer_length, bits ) );
194 #endif
195 }
196 else if( PSA_KEY_TYPE_IS_RSA( type ) )
197 {
198 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
199 ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
200 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) )
201 return( libtestdriver1_mbedtls_psa_rsa_import_key(
202 (const libtestdriver1_psa_key_attributes_t *)attributes,
203 data, data_length,
204 key_buffer, key_buffer_size,
205 key_buffer_length, bits ) );
206 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
207 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
208 return( mbedtls_psa_rsa_import_key(
209 attributes,
210 data, data_length,
211 key_buffer, key_buffer_size,
212 key_buffer_length, bits ) );
213 #endif
214 }
215
216 (void)data;
217 (void)data_length;
218 (void)key_buffer;
219 (void)key_buffer_size;
220 (void)key_buffer_length;
221 (void)bits;
222 (void)type;
223
224 return( PSA_ERROR_NOT_SUPPORTED );
225 }
226
mbedtls_test_opaque_export_key(const psa_key_attributes_t * attributes,const uint8_t * key,size_t key_length,uint8_t * data,size_t data_size,size_t * data_length)227 psa_status_t mbedtls_test_opaque_export_key(
228 const psa_key_attributes_t *attributes,
229 const uint8_t *key, size_t key_length,
230 uint8_t *data, size_t data_size, size_t *data_length )
231 {
232 if( key_length != sizeof( psa_drv_slot_number_t ) )
233 {
234 /* Test driver does not support generic opaque key handling yet. */
235 return( PSA_ERROR_NOT_SUPPORTED );
236 }
237
238 /* Assume this is a builtin key based on the key material length. */
239 psa_drv_slot_number_t slot_number = *( ( psa_drv_slot_number_t* ) key );
240
241 switch( slot_number )
242 {
243 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT:
244 /* This is the ECDSA slot. Verify the key's attributes before
245 * returning the private key. */
246 if( psa_get_key_type( attributes ) !=
247 PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) )
248 return( PSA_ERROR_CORRUPTION_DETECTED );
249 if( psa_get_key_bits( attributes ) != 256 )
250 return( PSA_ERROR_CORRUPTION_DETECTED );
251 if( psa_get_key_algorithm( attributes ) !=
252 PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) )
253 return( PSA_ERROR_CORRUPTION_DETECTED );
254 if( ( psa_get_key_usage_flags( attributes ) &
255 PSA_KEY_USAGE_EXPORT ) == 0 )
256 return( PSA_ERROR_CORRUPTION_DETECTED );
257
258 if( data_size < sizeof( mbedtls_test_driver_ecdsa_key ) )
259 return( PSA_ERROR_BUFFER_TOO_SMALL );
260
261 memcpy( data, mbedtls_test_driver_ecdsa_key,
262 sizeof( mbedtls_test_driver_ecdsa_key ) );
263 *data_length = sizeof( mbedtls_test_driver_ecdsa_key );
264 return( PSA_SUCCESS );
265
266 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT:
267 /* This is the AES slot. Verify the key's attributes before
268 * returning the key. */
269 if( psa_get_key_type( attributes ) != PSA_KEY_TYPE_AES )
270 return( PSA_ERROR_CORRUPTION_DETECTED );
271 if( psa_get_key_bits( attributes ) != 128 )
272 return( PSA_ERROR_CORRUPTION_DETECTED );
273 if( psa_get_key_algorithm( attributes ) != PSA_ALG_CTR )
274 return( PSA_ERROR_CORRUPTION_DETECTED );
275 if( ( psa_get_key_usage_flags( attributes ) &
276 PSA_KEY_USAGE_EXPORT ) == 0 )
277 return( PSA_ERROR_CORRUPTION_DETECTED );
278
279 if( data_size < sizeof( mbedtls_test_driver_aes_key ) )
280 return( PSA_ERROR_BUFFER_TOO_SMALL );
281
282 memcpy( data, mbedtls_test_driver_aes_key,
283 sizeof( mbedtls_test_driver_aes_key ) );
284 *data_length = sizeof( mbedtls_test_driver_aes_key );
285 return( PSA_SUCCESS );
286
287 default:
288 return( PSA_ERROR_DOES_NOT_EXIST );
289 }
290 }
291
mbedtls_test_transparent_export_public_key(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,uint8_t * data,size_t data_size,size_t * data_length)292 psa_status_t mbedtls_test_transparent_export_public_key(
293 const psa_key_attributes_t *attributes,
294 const uint8_t *key_buffer, size_t key_buffer_size,
295 uint8_t *data, size_t data_size, size_t *data_length )
296 {
297 ++mbedtls_test_driver_key_management_hooks.hits;
298
299 if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
300 return( mbedtls_test_driver_key_management_hooks.forced_status );
301
302 if( mbedtls_test_driver_key_management_hooks.forced_output != NULL )
303 {
304 if( mbedtls_test_driver_key_management_hooks.forced_output_length >
305 data_size )
306 return( PSA_ERROR_BUFFER_TOO_SMALL );
307 memcpy( data, mbedtls_test_driver_key_management_hooks.forced_output,
308 mbedtls_test_driver_key_management_hooks.forced_output_length );
309 *data_length = mbedtls_test_driver_key_management_hooks.forced_output_length;
310 return( PSA_SUCCESS );
311 }
312
313 psa_key_type_t key_type = psa_get_key_type( attributes );
314
315 if( PSA_KEY_TYPE_IS_ECC( key_type ) )
316 {
317 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
318 ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
319 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) )
320 return( libtestdriver1_mbedtls_psa_ecp_export_public_key(
321 (const libtestdriver1_psa_key_attributes_t *)attributes,
322 key_buffer, key_buffer_size,
323 data, data_size, data_length ) );
324 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
325 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
326 return( mbedtls_psa_ecp_export_public_key(
327 attributes,
328 key_buffer, key_buffer_size,
329 data, data_size, data_length ) );
330 #endif
331 }
332 else if( PSA_KEY_TYPE_IS_RSA( key_type ) )
333 {
334 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
335 ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
336 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) )
337 return( libtestdriver1_mbedtls_psa_rsa_export_public_key(
338 (const libtestdriver1_psa_key_attributes_t *)attributes,
339 key_buffer, key_buffer_size,
340 data, data_size, data_length ) );
341 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
342 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
343 return( mbedtls_psa_rsa_export_public_key(
344 attributes,
345 key_buffer, key_buffer_size,
346 data, data_size, data_length ) );
347 #endif
348 }
349
350 (void)key_buffer;
351 (void)key_buffer_size;
352 (void)key_type;
353
354 return( PSA_ERROR_NOT_SUPPORTED );
355 }
356
mbedtls_test_opaque_export_public_key(const psa_key_attributes_t * attributes,const uint8_t * key,size_t key_length,uint8_t * data,size_t data_size,size_t * data_length)357 psa_status_t mbedtls_test_opaque_export_public_key(
358 const psa_key_attributes_t *attributes,
359 const uint8_t *key, size_t key_length,
360 uint8_t *data, size_t data_size, size_t *data_length )
361 {
362 if( key_length != sizeof( psa_drv_slot_number_t ) )
363 {
364 /* Test driver does not support generic opaque key handling yet. */
365 return( PSA_ERROR_NOT_SUPPORTED );
366 }
367
368 /* Assume this is a builtin key based on the key material length. */
369 psa_drv_slot_number_t slot_number = *( ( psa_drv_slot_number_t* ) key );
370 switch( slot_number )
371 {
372 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT:
373 /* This is the ECDSA slot. Verify the key's attributes before
374 * returning the public key. */
375 if( psa_get_key_type( attributes ) !=
376 PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) )
377 return( PSA_ERROR_CORRUPTION_DETECTED );
378 if( psa_get_key_bits( attributes ) != 256 )
379 return( PSA_ERROR_CORRUPTION_DETECTED );
380 if( psa_get_key_algorithm( attributes ) !=
381 PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) )
382 return( PSA_ERROR_CORRUPTION_DETECTED );
383
384 if( data_size < sizeof( mbedtls_test_driver_ecdsa_pubkey ) )
385 return( PSA_ERROR_BUFFER_TOO_SMALL );
386
387 memcpy( data, mbedtls_test_driver_ecdsa_pubkey,
388 sizeof( mbedtls_test_driver_ecdsa_pubkey ) );
389 *data_length = sizeof( mbedtls_test_driver_ecdsa_pubkey );
390 return( PSA_SUCCESS );
391
392 default:
393 return( PSA_ERROR_DOES_NOT_EXIST );
394 }
395 }
396
397 /* The opaque test driver exposes two built-in keys when builtin key support is
398 * compiled in.
399 * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT is an AES-128
400 * key which allows CTR mode.
401 * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT is a secp256r1
402 * private key which allows ECDSA sign & verify.
403 * The key buffer format for these is the raw format of psa_drv_slot_number_t
404 * (i.e. for an actual driver this would mean 'builtin_key_size' =
405 * sizeof(psa_drv_slot_number_t)).
406 */
mbedtls_test_opaque_get_builtin_key(psa_drv_slot_number_t slot_number,psa_key_attributes_t * attributes,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length)407 psa_status_t mbedtls_test_opaque_get_builtin_key(
408 psa_drv_slot_number_t slot_number,
409 psa_key_attributes_t *attributes,
410 uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
411 {
412 switch( slot_number )
413 {
414 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT:
415 psa_set_key_type( attributes, PSA_KEY_TYPE_AES );
416 psa_set_key_bits( attributes, 128 );
417 psa_set_key_usage_flags(
418 attributes,
419 PSA_KEY_USAGE_ENCRYPT |
420 PSA_KEY_USAGE_DECRYPT |
421 PSA_KEY_USAGE_EXPORT );
422 psa_set_key_algorithm( attributes, PSA_ALG_CTR );
423
424 if( key_buffer_size < sizeof( psa_drv_slot_number_t ) )
425 return( PSA_ERROR_BUFFER_TOO_SMALL );
426
427 *( (psa_drv_slot_number_t*) key_buffer ) =
428 PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT;
429 *key_buffer_length = sizeof( psa_drv_slot_number_t );
430 return( PSA_SUCCESS );
431 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT:
432 psa_set_key_type(
433 attributes,
434 PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) );
435 psa_set_key_bits( attributes, 256 );
436 psa_set_key_usage_flags(
437 attributes,
438 PSA_KEY_USAGE_SIGN_HASH |
439 PSA_KEY_USAGE_VERIFY_HASH |
440 PSA_KEY_USAGE_EXPORT );
441 psa_set_key_algorithm(
442 attributes, PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) );
443
444 if( key_buffer_size < sizeof( psa_drv_slot_number_t ) )
445 return( PSA_ERROR_BUFFER_TOO_SMALL );
446
447 *( (psa_drv_slot_number_t*) key_buffer ) =
448 PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT;
449 *key_buffer_length = sizeof( psa_drv_slot_number_t );
450 return( PSA_SUCCESS );
451 default:
452 return( PSA_ERROR_DOES_NOT_EXIST );
453 }
454 }
455
456 #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
457
