Merge pull request #5519 from superna9999/5150-pk-rsa-decryption

PK: RSA decryption
2022-03-17 11:02:13 +01:00 · 2022-03-17 11:02:13 +01:00 · 15c0e39fff
commit 15c0e39fff
parent 7c92fe966a 6b03a3de5c
2 changed files with 72 additions and 0 deletions
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@ -282,6 +282,74 @@ static int rsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
 }
 #endif

+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+static int rsa_decrypt_wrap( void *ctx,
+                    const unsigned char *input, size_t ilen,
+                    unsigned char *output, size_t *olen, size_t osize,
+                    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
+{
+    mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_status_t status;
+    mbedtls_pk_context key;
+    int key_len;
+    unsigned char buf[MBEDTLS_PK_RSA_PRV_DER_MAX_BYTES];
+
+    ((void) f_rng);
+    ((void) p_rng);
+
+#if !defined(MBEDTLS_RSA_ALT)
+    if( rsa->padding != MBEDTLS_RSA_PKCS_V15 )
+        return( MBEDTLS_ERR_RSA_INVALID_PADDING );
+#endif /* !MBEDTLS_RSA_ALT */
+
+    if( ilen != mbedtls_rsa_get_len( rsa ) )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    /* mbedtls_pk_write_key_der() expects a full PK context;
+     * re-construct one to make it happy */
+    key.pk_info = &mbedtls_rsa_info;
+    key.pk_ctx = ctx;
+    key_len = mbedtls_pk_write_key_der( &key, buf, sizeof( buf ) );
+    if( key_len <= 0 )
+        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+    psa_set_key_type( &attributes, PSA_KEY_TYPE_RSA_KEY_PAIR );
+    psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT );
+    psa_set_key_algorithm( &attributes, PSA_ALG_RSA_PKCS1V15_CRYPT );
+
+    status = psa_import_key( &attributes,
+                             buf + sizeof( buf ) - key_len, key_len,
+                             &key_id );
+    if( status != PSA_SUCCESS )
+    {
+        ret = mbedtls_pk_error_from_psa( status );
+        goto cleanup;
+    }
+
+    status = psa_asymmetric_decrypt( key_id, PSA_ALG_RSA_PKCS1V15_CRYPT,
+                                     input, ilen,
+                                     NULL, 0,
+                                     output, osize, olen );
+    if( status != PSA_SUCCESS )
+    {
+        ret = mbedtls_pk_error_from_psa_rsa( status );
+        goto cleanup;
+    }
+
+    ret = 0;
+
+cleanup:
+    mbedtls_platform_zeroize( buf, sizeof( buf ) );
+    status = psa_destroy_key( key_id );
+    if( ret == 0 && status != PSA_SUCCESS )
+        ret = mbedtls_pk_error_from_psa( status );
+
+    return( ret );
+}
+#else
 static int rsa_decrypt_wrap( void *ctx,
                    const unsigned char *input, size_t ilen,
                    unsigned char *output, size_t *olen, size_t osize,
@ -295,6 +363,7 @@ static int rsa_decrypt_wrap( void *ctx,
    return( mbedtls_rsa_pkcs1_decrypt( rsa, f_rng, p_rng,
                olen, input, output, osize ) );
 }
+#endif

 static int rsa_encrypt_wrap( void *ctx,
                    const unsigned char *input, size_t ilen,
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@ -756,6 +756,8 @@ void pk_rsa_decrypt_test_vec( data_t * cipher, int mod, int radix_P,
    mbedtls_pk_context pk;
    size_t olen;

+    USE_PSA_INIT( );
+
    mbedtls_pk_init( &pk );
    mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
    mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
@ -794,6 +796,7 @@ exit:
    mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
    mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
    mbedtls_pk_free( &pk );
+    USE_PSA_DONE( );
 }
 /* END_CASE */