1 /*
2 * Test driver for generating and verifying keys.
3 * Currently only supports generating and verifying ECC keys.
4 */
5 /* Copyright The Mbed TLS Contributors
6 * SPDX-License-Identifier: Apache-2.0
7 *
8 * Licensed under the Apache License, Version 2.0 (the "License"); you may
9 * not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
11 *
12 * http://www.apache.org/licenses/LICENSE-2.0
13 *
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 */
20
21 #include <test/helpers.h>
22
23 #if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
24 #include "psa/crypto.h"
25 #include "psa_crypto_core.h"
26 #include "psa_crypto_ecp.h"
27 #include "psa_crypto_rsa.h"
28 #include "mbedtls/ecp.h"
29 #include "mbedtls/error.h"
30
31 #include "test/drivers/key_management.h"
32 #include "test/drivers/test_driver.h"
33
34 #include "test/random.h"
35
36 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
37 #include "libtestdriver1/library/psa_crypto_ecp.h"
38 #include "libtestdriver1/library/psa_crypto_rsa.h"
39 #endif
40
41 #include <string.h>
42
43 mbedtls_test_driver_key_management_hooks_t
44 mbedtls_test_driver_key_management_hooks = MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT;
45
46 const uint8_t mbedtls_test_driver_aes_key[16] =
47 { 0x36, 0x77, 0x39, 0x7A, 0x24, 0x43, 0x26, 0x46,
48 0x29, 0x4A, 0x40, 0x4E, 0x63, 0x52, 0x66, 0x55 };
49 const uint8_t mbedtls_test_driver_ecdsa_key[32] =
50 { 0xdc, 0x7d, 0x9d, 0x26, 0xd6, 0x7a, 0x4f, 0x63,
51 0x2c, 0x34, 0xc2, 0xdc, 0x0b, 0x69, 0x86, 0x18,
52 0x38, 0x82, 0xc2, 0x06, 0xdf, 0x04, 0xcd, 0xb7,
53 0xd6, 0x9a, 0xab, 0xe2, 0x8b, 0xe4, 0xf8, 0x1a };
54 const uint8_t mbedtls_test_driver_ecdsa_pubkey[65] =
55 { 0x04,
56 0x85, 0xf6, 0x4d, 0x89, 0xf0, 0x0b, 0xe6, 0x6c,
57 0x88, 0xdd, 0x93, 0x7e, 0xfd, 0x6d, 0x7c, 0x44,
58 0x56, 0x48, 0xdc, 0xb7, 0x01, 0x15, 0x0b, 0x8a,
59 0x95, 0x09, 0x29, 0x58, 0x50, 0xf4, 0x1c, 0x19,
60 0x31, 0xe5, 0x71, 0xfb, 0x8f, 0x8c, 0x78, 0x31,
61 0x7a, 0x20, 0xb3, 0x80, 0xe8, 0x66, 0x58, 0x4b,
62 0xbc, 0x25, 0x16, 0xc3, 0xd2, 0x70, 0x2d, 0x79,
63 0x2f, 0x13, 0x1a, 0x92, 0x20, 0x95, 0xfd, 0x6c };
64
mbedtls_test_transparent_init(void)65 psa_status_t mbedtls_test_transparent_init( void )
66 {
67 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
68
69 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
70 status = libtestdriver1_psa_crypto_init( );
71 if( status != PSA_SUCCESS )
72 return( status );
73 #endif
74
75 (void)status;
76 return( PSA_SUCCESS );
77 }
78
mbedtls_test_transparent_free(void)79 void mbedtls_test_transparent_free( void )
80 {
81 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
82 libtestdriver1_mbedtls_psa_crypto_free( );
83 #endif
84
85 return;
86 }
87
mbedtls_test_opaque_init(void)88 psa_status_t mbedtls_test_opaque_init( void )
89 {
90 return( PSA_SUCCESS );
91 }
92
mbedtls_test_opaque_free(void)93 void mbedtls_test_opaque_free( void )
94 {
95 return;
96 }
97
98 /*
99 * This macro returns the base size for the key context when SE does not
100 * support storage. It is the size of the metadata that gets added to the
101 * wrapped key. In its test functionality the metadata is just some padded
102 * prefixing to the key.
103 */
104 #define TEST_DRIVER_KEY_CONTEXT_BASE_SIZE \
105 PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX_SIZE
106
107
mbedtls_test_opaque_size_function(const psa_key_type_t key_type,const size_t key_bits)108 size_t mbedtls_test_opaque_size_function(
109 const psa_key_type_t key_type,
110 const size_t key_bits )
111 {
112 size_t key_buffer_size = 0;
113
114 key_buffer_size = PSA_EXPORT_KEY_OUTPUT_SIZE( key_type, key_bits );
115 if( key_buffer_size == 0 )
116 return( 0 );
117 /* Include spacing for base size overhead over the key size
118 * */
119 key_buffer_size += TEST_DRIVER_KEY_CONTEXT_BASE_SIZE;
120 return( key_buffer_size );
121 }
122
mbedtls_test_opaque_get_base_size()123 static size_t mbedtls_test_opaque_get_base_size()
124 {
125 return TEST_DRIVER_KEY_CONTEXT_BASE_SIZE;
126 }
127
128 /*
129 * The wrap function mbedtls_test_opaque_wrap_key pads and wraps the
130 * clear key. It expects the clear and wrap buffers to be passed in.
131 * key_length is the size of the clear key to be wrapped.
132 * wrapped_key_buffer_size is the size of the output buffer wrap_key.
133 * The argument wrapped_key_buffer_length is filled with the wrapped
134 * key_size on success.
135 * */
mbedtls_test_opaque_wrap_key(const uint8_t * key,size_t key_length,uint8_t * wrapped_key_buffer,size_t wrapped_key_buffer_size,size_t * wrapped_key_buffer_length)136 static psa_status_t mbedtls_test_opaque_wrap_key(
137 const uint8_t *key,
138 size_t key_length,
139 uint8_t *wrapped_key_buffer,
140 size_t wrapped_key_buffer_size,
141 size_t *wrapped_key_buffer_length )
142 {
143 size_t opaque_key_base_size = mbedtls_test_opaque_get_base_size();
144 uint64_t prefix = PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX;
145
146 if( key_length + opaque_key_base_size > wrapped_key_buffer_size )
147 return( PSA_ERROR_BUFFER_TOO_SMALL );
148
149 /* Write in the opaque pad prefix */
150 memcpy( wrapped_key_buffer, &prefix, opaque_key_base_size );
151 wrapped_key_buffer += opaque_key_base_size;
152 *wrapped_key_buffer_length = key_length + opaque_key_base_size;
153
154 while( key_length-- )
155 wrapped_key_buffer[key_length] = key[key_length] ^ 0xFF;
156 return( PSA_SUCCESS );
157 }
158
159 /*
160 * The unwrap function mbedtls_test_opaque_unwrap_key removes a pad prefix
161 * and unwraps the wrapped key. It expects the clear and wrap buffers to be
162 * passed in.
163 * wrapped_key_length is the size of the wrapped key,
164 * key_buffer_size is the size of the output buffer clear_key.
165 * The argument key_buffer_length is filled with the unwrapped(clear)
166 * key_size on success.
167 * */
mbedtls_test_opaque_unwrap_key(const uint8_t * wrapped_key,size_t wrapped_key_length,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length)168 static psa_status_t mbedtls_test_opaque_unwrap_key(
169 const uint8_t *wrapped_key,
170 size_t wrapped_key_length,
171 uint8_t *key_buffer,
172 size_t key_buffer_size,
173 size_t *key_buffer_length)
174 {
175 /* Remove the pad prefix from the wrapped key */
176 size_t opaque_key_base_size = mbedtls_test_opaque_get_base_size();
177 size_t clear_key_size;
178
179 /* Check for underflow */
180 if( wrapped_key_length < opaque_key_base_size )
181 return( PSA_ERROR_DATA_CORRUPT );
182 clear_key_size = wrapped_key_length - opaque_key_base_size;
183
184 wrapped_key += opaque_key_base_size;
185 if( clear_key_size > key_buffer_size )
186 return( PSA_ERROR_BUFFER_TOO_SMALL );
187
188 *key_buffer_length = clear_key_size;
189 while( clear_key_size-- )
190 key_buffer[clear_key_size] = wrapped_key[clear_key_size] ^ 0xFF;
191 return( PSA_SUCCESS );
192 }
193
mbedtls_test_transparent_generate_key(const psa_key_attributes_t * attributes,uint8_t * key,size_t key_size,size_t * key_length)194 psa_status_t mbedtls_test_transparent_generate_key(
195 const psa_key_attributes_t *attributes,
196 uint8_t *key, size_t key_size, size_t *key_length )
197 {
198 ++mbedtls_test_driver_key_management_hooks.hits;
199
200 if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
201 return( mbedtls_test_driver_key_management_hooks.forced_status );
202
203 if( mbedtls_test_driver_key_management_hooks.forced_output != NULL )
204 {
205 if( mbedtls_test_driver_key_management_hooks.forced_output_length >
206 key_size )
207 return( PSA_ERROR_BUFFER_TOO_SMALL );
208 memcpy( key, mbedtls_test_driver_key_management_hooks.forced_output,
209 mbedtls_test_driver_key_management_hooks.forced_output_length );
210 *key_length = mbedtls_test_driver_key_management_hooks.forced_output_length;
211 return( PSA_SUCCESS );
212 }
213
214 if( PSA_KEY_TYPE_IS_ECC( psa_get_key_type( attributes ) )
215 && PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) )
216 {
217 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
218 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR)
219 return( libtestdriver1_mbedtls_psa_ecp_generate_key(
220 (const libtestdriver1_psa_key_attributes_t *)attributes,
221 key, key_size, key_length ) );
222 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR)
223 return( mbedtls_psa_ecp_generate_key(
224 attributes, key, key_size, key_length ) );
225 #endif
226 }
227 else if( psa_get_key_type( attributes ) == PSA_KEY_TYPE_RSA_KEY_PAIR )
228 {
229 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
230 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
231 return( libtestdriver1_mbedtls_psa_rsa_generate_key(
232 (const libtestdriver1_psa_key_attributes_t *)attributes,
233 key, key_size, key_length ) );
234 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
235 return( mbedtls_psa_rsa_generate_key(
236 attributes, key, key_size, key_length ) );
237 #endif
238 }
239
240 (void)attributes;
241 return( PSA_ERROR_NOT_SUPPORTED );
242 }
243
mbedtls_test_opaque_generate_key(const psa_key_attributes_t * attributes,uint8_t * key,size_t key_size,size_t * key_length)244 psa_status_t mbedtls_test_opaque_generate_key(
245 const psa_key_attributes_t *attributes,
246 uint8_t *key, size_t key_size, size_t *key_length )
247 {
248 (void) attributes;
249 (void) key;
250 (void) key_size;
251 (void) key_length;
252 return( PSA_ERROR_NOT_SUPPORTED );
253 }
254
mbedtls_test_transparent_import_key(const psa_key_attributes_t * attributes,const uint8_t * data,size_t data_length,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length,size_t * bits)255 psa_status_t mbedtls_test_transparent_import_key(
256 const psa_key_attributes_t *attributes,
257 const uint8_t *data,
258 size_t data_length,
259 uint8_t *key_buffer,
260 size_t key_buffer_size,
261 size_t *key_buffer_length,
262 size_t *bits)
263 {
264 psa_key_type_t type = psa_get_key_type( attributes );
265
266 ++mbedtls_test_driver_key_management_hooks.hits;
267 mbedtls_test_driver_key_management_hooks.location = PSA_KEY_LOCATION_LOCAL_STORAGE;
268
269 if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
270 return( mbedtls_test_driver_key_management_hooks.forced_status );
271
272 if( PSA_KEY_TYPE_IS_ECC( type ) )
273 {
274 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
275 ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
276 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) )
277 return( libtestdriver1_mbedtls_psa_ecp_import_key(
278 (const libtestdriver1_psa_key_attributes_t *)attributes,
279 data, data_length,
280 key_buffer, key_buffer_size,
281 key_buffer_length, bits ) );
282 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
283 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
284 return( mbedtls_psa_ecp_import_key(
285 attributes,
286 data, data_length,
287 key_buffer, key_buffer_size,
288 key_buffer_length, bits ) );
289 #endif
290 }
291 else if( PSA_KEY_TYPE_IS_RSA( type ) )
292 {
293 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
294 ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
295 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) )
296 return( libtestdriver1_mbedtls_psa_rsa_import_key(
297 (const libtestdriver1_psa_key_attributes_t *)attributes,
298 data, data_length,
299 key_buffer, key_buffer_size,
300 key_buffer_length, bits ) );
301 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
302 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
303 return( mbedtls_psa_rsa_import_key(
304 attributes,
305 data, data_length,
306 key_buffer, key_buffer_size,
307 key_buffer_length, bits ) );
308 #endif
309 }
310
311 (void)data;
312 (void)data_length;
313 (void)key_buffer;
314 (void)key_buffer_size;
315 (void)key_buffer_length;
316 (void)bits;
317 (void)type;
318
319 return( PSA_ERROR_NOT_SUPPORTED );
320 }
321
322
mbedtls_test_opaque_import_key(const psa_key_attributes_t * attributes,const uint8_t * data,size_t data_length,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length,size_t * bits)323 psa_status_t mbedtls_test_opaque_import_key(
324 const psa_key_attributes_t *attributes,
325 const uint8_t *data,
326 size_t data_length,
327 uint8_t *key_buffer,
328 size_t key_buffer_size,
329 size_t *key_buffer_length,
330 size_t *bits)
331 {
332 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
333 psa_key_type_t type = psa_get_key_type( attributes );
334 /* This buffer will be used as an intermediate placeholder for
335 * the clear key till we wrap it */
336 uint8_t *key_buffer_temp;
337
338 ++mbedtls_test_driver_key_management_hooks.hits;
339 mbedtls_test_driver_key_management_hooks.location = PSA_CRYPTO_TEST_DRIVER_LOCATION;
340
341 if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
342 return( mbedtls_test_driver_key_management_hooks.forced_status );
343
344 key_buffer_temp = mbedtls_calloc( 1, key_buffer_size );
345 if( key_buffer_temp == NULL )
346 return( PSA_ERROR_INSUFFICIENT_MEMORY );
347
348 if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) )
349 {
350 *bits = PSA_BYTES_TO_BITS( data_length );
351
352 status = psa_validate_unstructured_key_bit_size( type,
353 *bits );
354 if( status != PSA_SUCCESS )
355 goto exit;
356
357 if( data_length > key_buffer_size )
358 return( PSA_ERROR_BUFFER_TOO_SMALL );
359
360 /* Copy the key material accounting for opaque key padding. */
361 memcpy( key_buffer_temp, data, data_length );
362 *key_buffer_length = data_length;
363 }
364 else if( PSA_KEY_TYPE_IS_ECC( type ) )
365 {
366 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
367 ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
368 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) )
369 status = libtestdriver1_mbedtls_psa_ecp_import_key(
370 (const libtestdriver1_psa_key_attributes_t *)attributes,
371 data, data_length,
372 key_buffer_temp, key_buffer_size,
373 key_buffer_length, bits );
374 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
375 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
376 status = mbedtls_psa_ecp_import_key(
377 attributes,
378 data, data_length,
379 key_buffer_temp, key_buffer_size,
380 key_buffer_length, bits );
381 #else
382 status = PSA_ERROR_NOT_SUPPORTED;
383 #endif
384 if( status != PSA_SUCCESS )
385 goto exit;
386 }
387 else if( PSA_KEY_TYPE_IS_RSA( type ) )
388 {
389 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
390 ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \
391 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) )
392 status = libtestdriver1_mbedtls_psa_rsa_import_key(
393 (const libtestdriver1_psa_key_attributes_t *)attributes,
394 data, data_length,
395 key_buffer_temp, key_buffer_size,
396 key_buffer_length, bits );
397 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
398 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
399 status = mbedtls_psa_rsa_import_key(
400 attributes,
401 data, data_length,
402 key_buffer_temp, key_buffer_size,
403 key_buffer_length, bits );
404 #else
405 status = PSA_ERROR_NOT_SUPPORTED;
406 #endif
407 if( status != PSA_SUCCESS )
408 goto exit;
409 }
410 else
411 {
412 status = PSA_ERROR_INVALID_ARGUMENT;
413 goto exit;
414 }
415
416 status = mbedtls_test_opaque_wrap_key( key_buffer_temp, *key_buffer_length,
417 key_buffer, key_buffer_size, key_buffer_length );
418 exit:
419 mbedtls_free( key_buffer_temp );
420 return( status );
421 }
422
mbedtls_test_opaque_export_key(const psa_key_attributes_t * attributes,const uint8_t * key,size_t key_length,uint8_t * data,size_t data_size,size_t * data_length)423 psa_status_t mbedtls_test_opaque_export_key(
424 const psa_key_attributes_t *attributes,
425 const uint8_t *key, size_t key_length,
426 uint8_t *data, size_t data_size, size_t *data_length )
427 {
428 if( key_length == sizeof( psa_drv_slot_number_t ) )
429 {
430 /* Assume this is a builtin key based on the key material length. */
431 psa_drv_slot_number_t slot_number = *( ( psa_drv_slot_number_t* ) key );
432
433 switch( slot_number )
434 {
435 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT:
436 /* This is the ECDSA slot. Verify the key's attributes before
437 * returning the private key. */
438 if( psa_get_key_type( attributes ) !=
439 PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) )
440 return( PSA_ERROR_CORRUPTION_DETECTED );
441 if( psa_get_key_bits( attributes ) != 256 )
442 return( PSA_ERROR_CORRUPTION_DETECTED );
443 if( psa_get_key_algorithm( attributes ) !=
444 PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) )
445 return( PSA_ERROR_CORRUPTION_DETECTED );
446 if( ( psa_get_key_usage_flags( attributes ) &
447 PSA_KEY_USAGE_EXPORT ) == 0 )
448 return( PSA_ERROR_CORRUPTION_DETECTED );
449
450 if( data_size < sizeof( mbedtls_test_driver_ecdsa_key ) )
451 return( PSA_ERROR_BUFFER_TOO_SMALL );
452
453 memcpy( data, mbedtls_test_driver_ecdsa_key,
454 sizeof( mbedtls_test_driver_ecdsa_key ) );
455 *data_length = sizeof( mbedtls_test_driver_ecdsa_key );
456 return( PSA_SUCCESS );
457
458 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT:
459 /* This is the AES slot. Verify the key's attributes before
460 * returning the key. */
461 if( psa_get_key_type( attributes ) != PSA_KEY_TYPE_AES )
462 return( PSA_ERROR_CORRUPTION_DETECTED );
463 if( psa_get_key_bits( attributes ) != 128 )
464 return( PSA_ERROR_CORRUPTION_DETECTED );
465 if( psa_get_key_algorithm( attributes ) != PSA_ALG_CTR )
466 return( PSA_ERROR_CORRUPTION_DETECTED );
467 if( ( psa_get_key_usage_flags( attributes ) &
468 PSA_KEY_USAGE_EXPORT ) == 0 )
469 return( PSA_ERROR_CORRUPTION_DETECTED );
470
471 if( data_size < sizeof( mbedtls_test_driver_aes_key ) )
472 return( PSA_ERROR_BUFFER_TOO_SMALL );
473
474 memcpy( data, mbedtls_test_driver_aes_key,
475 sizeof( mbedtls_test_driver_aes_key ) );
476 *data_length = sizeof( mbedtls_test_driver_aes_key );
477 return( PSA_SUCCESS );
478
479 default:
480 return( PSA_ERROR_DOES_NOT_EXIST );
481 }
482 }
483 else
484 {
485 /* This buffer will be used as an intermediate placeholder for
486 * the opaque key till we unwrap the key into key_buffer */
487 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
488 psa_key_type_t type = psa_get_key_type( attributes );
489
490 if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) ||
491 PSA_KEY_TYPE_IS_RSA( type ) ||
492 PSA_KEY_TYPE_IS_ECC( type ) )
493 {
494 status = mbedtls_test_opaque_unwrap_key( key, key_length,
495 data, data_size, data_length );
496 return( status );
497 }
498 }
499 return( PSA_ERROR_NOT_SUPPORTED );
500 }
501
mbedtls_test_transparent_export_public_key(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,uint8_t * data,size_t data_size,size_t * data_length)502 psa_status_t mbedtls_test_transparent_export_public_key(
503 const psa_key_attributes_t *attributes,
504 const uint8_t *key_buffer, size_t key_buffer_size,
505 uint8_t *data, size_t data_size, size_t *data_length )
506 {
507 ++mbedtls_test_driver_key_management_hooks.hits;
508
509 if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
510 return( mbedtls_test_driver_key_management_hooks.forced_status );
511
512 if( mbedtls_test_driver_key_management_hooks.forced_output != NULL )
513 {
514 if( mbedtls_test_driver_key_management_hooks.forced_output_length >
515 data_size )
516 return( PSA_ERROR_BUFFER_TOO_SMALL );
517 memcpy( data, mbedtls_test_driver_key_management_hooks.forced_output,
518 mbedtls_test_driver_key_management_hooks.forced_output_length );
519 *data_length = mbedtls_test_driver_key_management_hooks.forced_output_length;
520 return( PSA_SUCCESS );
521 }
522
523 psa_key_type_t key_type = psa_get_key_type( attributes );
524
525 if( PSA_KEY_TYPE_IS_ECC( key_type ) )
526 {
527 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
528 ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
529 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) )
530 return( libtestdriver1_mbedtls_psa_ecp_export_public_key(
531 (const libtestdriver1_psa_key_attributes_t *)attributes,
532 key_buffer, key_buffer_size,
533 data, data_size, data_length ) );
534 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
535 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
536 return( mbedtls_psa_ecp_export_public_key(
537 attributes,
538 key_buffer, key_buffer_size,
539 data, data_size, data_length ) );
540 #endif
541 }
542 else if( PSA_KEY_TYPE_IS_RSA( key_type ) )
543 {
544 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
545 ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
546 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) )
547 return( libtestdriver1_mbedtls_psa_rsa_export_public_key(
548 (const libtestdriver1_psa_key_attributes_t *)attributes,
549 key_buffer, key_buffer_size,
550 data, data_size, data_length ) );
551 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
552 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
553 return( mbedtls_psa_rsa_export_public_key(
554 attributes,
555 key_buffer, key_buffer_size,
556 data, data_size, data_length ) );
557 #endif
558 }
559
560 (void)key_buffer;
561 (void)key_buffer_size;
562 (void)key_type;
563
564 return( PSA_ERROR_NOT_SUPPORTED );
565 }
566
mbedtls_test_opaque_export_public_key(const psa_key_attributes_t * attributes,const uint8_t * key,size_t key_length,uint8_t * data,size_t data_size,size_t * data_length)567 psa_status_t mbedtls_test_opaque_export_public_key(
568 const psa_key_attributes_t *attributes,
569 const uint8_t *key, size_t key_length,
570 uint8_t *data, size_t data_size, size_t *data_length )
571 {
572 if( key_length != sizeof( psa_drv_slot_number_t ) )
573 {
574 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
575 psa_key_type_t key_type = psa_get_key_type( attributes );
576 uint8_t *key_buffer_temp;
577
578 key_buffer_temp = mbedtls_calloc( 1, key_length );
579 if( key_buffer_temp == NULL )
580 return( PSA_ERROR_INSUFFICIENT_MEMORY );
581
582 if( PSA_KEY_TYPE_IS_ECC( key_type ) )
583 {
584 status = mbedtls_test_opaque_unwrap_key( key, key_length,
585 key_buffer_temp, key_length, data_length );
586 if( status == PSA_SUCCESS )
587 {
588 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
589 ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
590 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) )
591 status = libtestdriver1_mbedtls_psa_ecp_export_public_key(
592 (const libtestdriver1_psa_key_attributes_t *)attributes,
593 key_buffer_temp, *data_length,
594 data, data_size, data_length );
595 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
596 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
597 status = mbedtls_psa_ecp_export_public_key(
598 attributes,
599 key_buffer_temp, *data_length,
600 data, data_size, data_length );
601 #else
602 status = PSA_ERROR_NOT_SUPPORTED;
603 #endif
604 }
605 }
606 else if( PSA_KEY_TYPE_IS_RSA( key_type ) )
607 {
608 status = mbedtls_test_opaque_unwrap_key( key, key_length,
609 key_buffer_temp, key_length, data_length );
610 if( status == PSA_SUCCESS )
611 {
612 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
613 ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \
614 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) )
615 status = libtestdriver1_mbedtls_psa_rsa_export_public_key(
616 (const libtestdriver1_psa_key_attributes_t *)attributes,
617 key_buffer_temp, *data_length,
618 data, data_size, data_length );
619 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
620 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
621 status = mbedtls_psa_rsa_export_public_key(
622 attributes,
623 key_buffer_temp, *data_length,
624 data, data_size, data_length );
625 #else
626 status = PSA_ERROR_NOT_SUPPORTED;
627 #endif
628 }
629 }
630 else
631 {
632 status = PSA_ERROR_NOT_SUPPORTED;
633 (void)key;
634 (void)key_type;
635 }
636 mbedtls_free( key_buffer_temp );
637 return( status );
638 }
639
640 /* Assume this is a builtin key based on the key material length. */
641 psa_drv_slot_number_t slot_number = *( ( psa_drv_slot_number_t* ) key );
642 switch( slot_number )
643 {
644 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT:
645 /* This is the ECDSA slot. Verify the key's attributes before
646 * returning the public key. */
647 if( psa_get_key_type( attributes ) !=
648 PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) )
649 return( PSA_ERROR_CORRUPTION_DETECTED );
650 if( psa_get_key_bits( attributes ) != 256 )
651 return( PSA_ERROR_CORRUPTION_DETECTED );
652 if( psa_get_key_algorithm( attributes ) !=
653 PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) )
654 return( PSA_ERROR_CORRUPTION_DETECTED );
655
656 if( data_size < sizeof( mbedtls_test_driver_ecdsa_pubkey ) )
657 return( PSA_ERROR_BUFFER_TOO_SMALL );
658
659 memcpy( data, mbedtls_test_driver_ecdsa_pubkey,
660 sizeof( mbedtls_test_driver_ecdsa_pubkey ) );
661 *data_length = sizeof( mbedtls_test_driver_ecdsa_pubkey );
662 return( PSA_SUCCESS );
663
664 default:
665 return( PSA_ERROR_DOES_NOT_EXIST );
666 }
667 }
668
669 /* The opaque test driver exposes two built-in keys when builtin key support is
670 * compiled in.
671 * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT is an AES-128
672 * key which allows CTR mode.
673 * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT is a secp256r1
674 * private key which allows ECDSA sign & verify.
675 * The key buffer format for these is the raw format of psa_drv_slot_number_t
676 * (i.e. for an actual driver this would mean 'builtin_key_size' =
677 * sizeof(psa_drv_slot_number_t)).
678 */
mbedtls_test_opaque_get_builtin_key(psa_drv_slot_number_t slot_number,psa_key_attributes_t * attributes,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length)679 psa_status_t mbedtls_test_opaque_get_builtin_key(
680 psa_drv_slot_number_t slot_number,
681 psa_key_attributes_t *attributes,
682 uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
683 {
684 switch( slot_number )
685 {
686 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT:
687 psa_set_key_type( attributes, PSA_KEY_TYPE_AES );
688 psa_set_key_bits( attributes, 128 );
689 psa_set_key_usage_flags(
690 attributes,
691 PSA_KEY_USAGE_ENCRYPT |
692 PSA_KEY_USAGE_DECRYPT |
693 PSA_KEY_USAGE_EXPORT );
694 psa_set_key_algorithm( attributes, PSA_ALG_CTR );
695
696 if( key_buffer_size < sizeof( psa_drv_slot_number_t ) )
697 return( PSA_ERROR_BUFFER_TOO_SMALL );
698
699 *( (psa_drv_slot_number_t*) key_buffer ) =
700 PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT;
701 *key_buffer_length = sizeof( psa_drv_slot_number_t );
702 return( PSA_SUCCESS );
703 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT:
704 psa_set_key_type(
705 attributes,
706 PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) );
707 psa_set_key_bits( attributes, 256 );
708 psa_set_key_usage_flags(
709 attributes,
710 PSA_KEY_USAGE_SIGN_HASH |
711 PSA_KEY_USAGE_VERIFY_HASH |
712 PSA_KEY_USAGE_EXPORT );
713 psa_set_key_algorithm(
714 attributes, PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) );
715
716 if( key_buffer_size < sizeof( psa_drv_slot_number_t ) )
717 return( PSA_ERROR_BUFFER_TOO_SMALL );
718
719 *( (psa_drv_slot_number_t*) key_buffer ) =
720 PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT;
721 *key_buffer_length = sizeof( psa_drv_slot_number_t );
722 return( PSA_SUCCESS );
723 default:
724 return( PSA_ERROR_DOES_NOT_EXIST );
725 }
726 }
727
mbedtls_test_opaque_copy_key(psa_key_attributes_t * attributes,const uint8_t * source_key,size_t source_key_length,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length)728 psa_status_t mbedtls_test_opaque_copy_key(
729 psa_key_attributes_t *attributes,
730 const uint8_t *source_key, size_t source_key_length,
731 uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length)
732 {
733 /* This is a case where the opaque test driver emulates an SE without storage.
734 * With that all key context is stored in the wrapped buffer.
735 * So no additional house keeping is necessary to reference count the
736 * copied keys. This could change when the opaque test driver is extended
737 * to support SE with storage, or to emulate an SE without storage but
738 * still holding some slot references */
739 if( source_key_length > key_buffer_size )
740 return( PSA_ERROR_BUFFER_TOO_SMALL );
741
742 memcpy( key_buffer, source_key, source_key_length );
743 *key_buffer_length = source_key_length;
744 (void)attributes;
745 return( PSA_SUCCESS );
746 }
747
748 #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
749
