mbedtls/tests/src/drivers/key_management.c

245 lines
8.7 KiB
C
Raw Normal View History

/*
* Test driver for generating and verifying keys.
* Currently only supports generating and verifying ECC keys.
*/
/* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
#include "psa/crypto.h"
#include "psa_crypto_core.h"
#include "mbedtls/ecp.h"
#include "mbedtls/error.h"
#include "test/drivers/key_management.h"
#include "test/random.h"
#include <string.h>
test_driver_key_management_hooks_t test_driver_key_management_hooks =
TEST_DRIVER_KEY_MANAGEMENT_INIT;
psa_status_t test_transparent_generate_key(
const psa_key_attributes_t *attributes,
uint8_t *key, size_t key_size, size_t *key_length )
{
#if !defined(MBEDTLS_PSA_BUILTIN_ECC_KEY_PAIR) && !defined(MBEDTLS_PSA_BUILTIN_ECC_PUBLIC_KEY)
(void)attributes;
#endif /* !MBEDTLS_PSA_BUILTIN_ECC_KEY_PAIR && !MBEDTLS_PSA_BUILTIN_ECC_PUBLIC_KEY */
++test_driver_key_management_hooks.hits;
if( test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
return( test_driver_key_management_hooks.forced_status );
if( test_driver_key_management_hooks.forced_output != NULL )
{
if( test_driver_key_management_hooks.forced_output_length > key_size )
return( PSA_ERROR_BUFFER_TOO_SMALL );
memcpy( key, test_driver_key_management_hooks.forced_output,
test_driver_key_management_hooks.forced_output_length );
*key_length = test_driver_key_management_hooks.forced_output_length;
return( PSA_SUCCESS );
}
/* Copied from psa_crypto.c */
#if defined(MBEDTLS_PSA_BUILTIN_ECC_KEY_PAIR) || defined(MBEDTLS_PSA_BUILTIN_ECC_PUBLIC_KEY)
if ( PSA_KEY_TYPE_IS_ECC( psa_get_key_type( attributes ) )
&& PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) )
{
psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY(
psa_get_key_type( attributes ) );
mbedtls_ecp_group_id grp_id =
mbedtls_ecc_group_of_psa(
curve,
PSA_BITS_TO_BYTES( psa_get_key_bits( attributes ) ) );
const mbedtls_ecp_curve_info *curve_info =
mbedtls_ecp_curve_info_from_grp_id( grp_id );
mbedtls_ecp_keypair ecp;
mbedtls_test_rnd_pseudo_info rnd_info;
memset( &rnd_info, 0x5A, sizeof( mbedtls_test_rnd_pseudo_info ) );
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
if( attributes->domain_parameters_size != 0 )
return( PSA_ERROR_NOT_SUPPORTED );
if( grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL )
return( PSA_ERROR_NOT_SUPPORTED );
if( curve_info->bit_size != psa_get_key_bits( attributes ) )
return( PSA_ERROR_INVALID_ARGUMENT );
mbedtls_ecp_keypair_init( &ecp );
ret = mbedtls_ecp_gen_key( grp_id, &ecp,
&mbedtls_test_rnd_pseudo_rand,
&rnd_info );
if( ret != 0 )
{
mbedtls_ecp_keypair_free( &ecp );
return( mbedtls_to_psa_error( ret ) );
}
/* Make sure to use export representation */
size_t bytes = PSA_BITS_TO_BYTES( psa_get_key_bits( attributes ) );
if( key_size < bytes )
{
mbedtls_ecp_keypair_free( &ecp );
return( PSA_ERROR_BUFFER_TOO_SMALL );
}
psa_status_t status = mbedtls_to_psa_error(
mbedtls_mpi_write_binary( &ecp.d, key, bytes ) );
if( status == PSA_SUCCESS )
{
*key_length = bytes;
}
else
{
memset( key, 0, bytes );
}
mbedtls_ecp_keypair_free( &ecp );
return( status );
}
else
#endif /* MBEDTLS_PSA_BUILTIN_ECC_KEY_PAIR || MBEDTLS_PSA_BUILTIN_ECC_PUBLIC_KEY */
return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t test_opaque_generate_key(
const psa_key_attributes_t *attributes,
uint8_t *key, size_t key_size, size_t *key_length )
{
(void) attributes;
(void) key;
(void) key_size;
(void) key_length;
return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t test_transparent_validate_key(const psa_key_attributes_t *attributes,
const uint8_t *data,
size_t data_length,
size_t *bits)
{
++test_driver_key_management_hooks.hits;
if( test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
return( test_driver_key_management_hooks.forced_status );
#if defined(MBEDTLS_ECP_C)
psa_key_type_t type = psa_get_key_type( attributes );
if ( PSA_KEY_TYPE_IS_ECC( type ) )
{
// Code mostly copied from psa_load_ecp_representation
psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY( type );
mbedtls_ecp_group_id grp_id;
mbedtls_ecp_keypair ecp;
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
if( psa_get_key_bits( attributes ) == 0 )
{
// Attempt auto-detect of curve bit size
size_t curve_size = data_length;
if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) &&
PSA_KEY_TYPE_ECC_GET_FAMILY( type ) != PSA_ECC_FAMILY_MONTGOMERY )
{
/* A Weierstrass public key is represented as:
* - The byte 0x04;
* - `x_P` as a `ceiling(m/8)`-byte string, big-endian;
* - `y_P` as a `ceiling(m/8)`-byte string, big-endian.
* So its data length is 2m+1 where m is the curve size in bits.
*/
if( ( data_length & 1 ) == 0 )
return( PSA_ERROR_INVALID_ARGUMENT );
curve_size = data_length / 2;
/* Montgomery public keys are represented in compressed format, meaning
* their curve_size is equal to the amount of input. */
/* Private keys are represented in uncompressed private random integer
* format, meaning their curve_size is equal to the amount of input. */
}
grp_id = mbedtls_ecc_group_of_psa( curve, curve_size );
}
else
{
grp_id = mbedtls_ecc_group_of_psa( curve,
PSA_BITS_TO_BYTES( psa_get_key_bits( attributes ) ) );
}
const mbedtls_ecp_curve_info *curve_info =
mbedtls_ecp_curve_info_from_grp_id( grp_id );
if( attributes->domain_parameters_size != 0 )
return( PSA_ERROR_NOT_SUPPORTED );
if( grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL )
return( PSA_ERROR_NOT_SUPPORTED );
*bits = curve_info->bit_size;
mbedtls_ecp_keypair_init( &ecp );
status = mbedtls_to_psa_error(
mbedtls_ecp_group_load( &ecp.grp, grp_id ) );
if( status != PSA_SUCCESS )
goto ecp_exit;
/* Load the key material. */
if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) )
{
/* Load the public value. */
status = mbedtls_to_psa_error(
mbedtls_ecp_point_read_binary( &ecp.grp, &ecp.Q,
data,
data_length ) );
if( status != PSA_SUCCESS )
goto ecp_exit;
/* Check that the point is on the curve. */
status = mbedtls_to_psa_error(
mbedtls_ecp_check_pubkey( &ecp.grp, &ecp.Q ) );
}
else
{
/* Load and validate the secret value. */
status = mbedtls_to_psa_error(
mbedtls_ecp_read_key( ecp.grp.id,
&ecp,
data,
data_length ) );
}
ecp_exit:
mbedtls_ecp_keypair_free( &ecp );
return( status );
}
return( PSA_ERROR_NOT_SUPPORTED );
#else
(void) data;
(void) data_length;
(void) bits;
return( PSA_ERROR_NOT_SUPPORTED );
#endif /* MBEDTLS_ECP_C */
}
#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */