Merge pull request #4151 from ronald-cron-arm/psa-sign_verify-hash
PSA sign and verify hash rework
This commit is contained in:
commit
17605f072b
13 changed files with 1130 additions and 677 deletions
|
@ -2145,7 +2145,7 @@ exit:
|
|||
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
|
||||
static const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg )
|
||||
const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg )
|
||||
{
|
||||
switch( alg )
|
||||
{
|
||||
|
@ -3280,275 +3280,59 @@ cleanup:
|
|||
/* Asymmetric cryptography */
|
||||
/****************************************************************/
|
||||
|
||||
psa_status_t psa_sign_hash_internal(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
uint8_t *signature, size_t signature_size, size_t *signature_length )
|
||||
{
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
|
||||
/* Decode the hash algorithm from alg and store the mbedtls encoding in
|
||||
* md_alg. Verify that the hash length is acceptable. */
|
||||
static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg,
|
||||
size_t hash_length,
|
||||
mbedtls_md_type_t *md_alg )
|
||||
{
|
||||
psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
|
||||
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
|
||||
*md_alg = mbedtls_md_get_type( md_info );
|
||||
|
||||
/* The Mbed TLS RSA module uses an unsigned int for hash length
|
||||
* parameters. Validate that it fits so that we don't risk an
|
||||
* overflow later. */
|
||||
#if SIZE_MAX > UINT_MAX
|
||||
if( hash_length > UINT_MAX )
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN)
|
||||
/* For PKCS#1 v1.5 signature, if using a hash, the hash length
|
||||
* must be correct. */
|
||||
if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) &&
|
||||
alg != PSA_ALG_RSA_PKCS1V15_SIGN_RAW )
|
||||
if( attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
|
||||
{
|
||||
if( md_info == NULL )
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
if( mbedtls_md_get_size( md_info ) != hash_length )
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
}
|
||||
#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN */
|
||||
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
|
||||
/* PSS requires a hash internally. */
|
||||
if( PSA_ALG_IS_RSA_PSS( alg ) )
|
||||
{
|
||||
if( md_info == NULL )
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
}
|
||||
#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */
|
||||
|
||||
return( PSA_SUCCESS );
|
||||
}
|
||||
|
||||
static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa,
|
||||
psa_algorithm_t alg,
|
||||
const uint8_t *hash,
|
||||
size_t hash_length,
|
||||
uint8_t *signature,
|
||||
size_t signature_size,
|
||||
size_t *signature_length )
|
||||
{
|
||||
psa_status_t status;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_md_type_t md_alg;
|
||||
|
||||
status = psa_rsa_decode_md_type( alg, hash_length, &md_alg );
|
||||
if( status != PSA_SUCCESS )
|
||||
return( status );
|
||||
|
||||
if( signature_size < mbedtls_rsa_get_len( rsa ) )
|
||||
return( PSA_ERROR_BUFFER_TOO_SMALL );
|
||||
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN)
|
||||
if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
|
||||
{
|
||||
mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
|
||||
MBEDTLS_MD_NONE );
|
||||
ret = mbedtls_rsa_pkcs1_sign( rsa,
|
||||
mbedtls_psa_get_random,
|
||||
MBEDTLS_PSA_RANDOM_STATE,
|
||||
MBEDTLS_RSA_PRIVATE,
|
||||
md_alg,
|
||||
(unsigned int) hash_length,
|
||||
hash,
|
||||
signature );
|
||||
return( mbedtls_psa_rsa_sign_hash(
|
||||
attributes,
|
||||
key_buffer, key_buffer_size,
|
||||
alg, hash, hash_length,
|
||||
signature, signature_size, signature_length ) );
|
||||
}
|
||||
else
|
||||
#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN */
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
|
||||
if( PSA_ALG_IS_RSA_PSS( alg ) )
|
||||
{
|
||||
mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
|
||||
ret = mbedtls_rsa_rsassa_pss_sign( rsa,
|
||||
mbedtls_psa_get_random,
|
||||
MBEDTLS_PSA_RANDOM_STATE,
|
||||
MBEDTLS_RSA_PRIVATE,
|
||||
MBEDTLS_MD_NONE,
|
||||
(unsigned int) hash_length,
|
||||
hash,
|
||||
signature );
|
||||
}
|
||||
else
|
||||
#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */
|
||||
{
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
}
|
||||
|
||||
if( ret == 0 )
|
||||
*signature_length = mbedtls_rsa_get_len( rsa );
|
||||
return( mbedtls_to_psa_error( ret ) );
|
||||
}
|
||||
|
||||
static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa,
|
||||
psa_algorithm_t alg,
|
||||
const uint8_t *hash,
|
||||
size_t hash_length,
|
||||
const uint8_t *signature,
|
||||
size_t signature_length )
|
||||
{
|
||||
psa_status_t status;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_md_type_t md_alg;
|
||||
|
||||
status = psa_rsa_decode_md_type( alg, hash_length, &md_alg );
|
||||
if( status != PSA_SUCCESS )
|
||||
return( status );
|
||||
|
||||
if( signature_length != mbedtls_rsa_get_len( rsa ) )
|
||||
return( PSA_ERROR_INVALID_SIGNATURE );
|
||||
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN)
|
||||
if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
|
||||
{
|
||||
mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
|
||||
MBEDTLS_MD_NONE );
|
||||
ret = mbedtls_rsa_pkcs1_verify( rsa,
|
||||
mbedtls_psa_get_random,
|
||||
MBEDTLS_PSA_RANDOM_STATE,
|
||||
MBEDTLS_RSA_PUBLIC,
|
||||
md_alg,
|
||||
(unsigned int) hash_length,
|
||||
hash,
|
||||
signature );
|
||||
}
|
||||
else
|
||||
#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN */
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
|
||||
if( PSA_ALG_IS_RSA_PSS( alg ) )
|
||||
{
|
||||
mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
|
||||
ret = mbedtls_rsa_rsassa_pss_verify( rsa,
|
||||
mbedtls_psa_get_random,
|
||||
MBEDTLS_PSA_RANDOM_STATE,
|
||||
MBEDTLS_RSA_PUBLIC,
|
||||
MBEDTLS_MD_NONE,
|
||||
(unsigned int) hash_length,
|
||||
hash,
|
||||
signature );
|
||||
}
|
||||
else
|
||||
#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */
|
||||
{
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
}
|
||||
|
||||
/* Mbed TLS distinguishes "invalid padding" from "valid padding but
|
||||
* the rest of the signature is invalid". This has little use in
|
||||
* practice and PSA doesn't report this distinction. */
|
||||
if( ret == MBEDTLS_ERR_RSA_INVALID_PADDING )
|
||||
return( PSA_ERROR_INVALID_SIGNATURE );
|
||||
return( mbedtls_to_psa_error( ret ) );
|
||||
}
|
||||
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
|
||||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) */
|
||||
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
|
||||
/* `ecp` cannot be const because `ecp->grp` needs to be non-const
|
||||
* for mbedtls_ecdsa_sign() and mbedtls_ecdsa_sign_det()
|
||||
* (even though these functions don't modify it). */
|
||||
static psa_status_t psa_ecdsa_sign( mbedtls_ecp_keypair *ecp,
|
||||
psa_algorithm_t alg,
|
||||
const uint8_t *hash,
|
||||
size_t hash_length,
|
||||
uint8_t *signature,
|
||||
size_t signature_size,
|
||||
size_t *signature_length )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_mpi r, s;
|
||||
size_t curve_bytes = PSA_BITS_TO_BYTES( ecp->grp.pbits );
|
||||
mbedtls_mpi_init( &r );
|
||||
mbedtls_mpi_init( &s );
|
||||
|
||||
if( signature_size < 2 * curve_bytes )
|
||||
if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
|
||||
{
|
||||
ret = MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
|
||||
if( PSA_ALG_DSA_IS_DETERMINISTIC( alg ) )
|
||||
{
|
||||
psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
|
||||
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
|
||||
mbedtls_md_type_t md_alg = mbedtls_md_get_type( md_info );
|
||||
MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign_det_ext( &ecp->grp, &r, &s,
|
||||
&ecp->d, hash,
|
||||
hash_length, md_alg,
|
||||
mbedtls_psa_get_random,
|
||||
MBEDTLS_PSA_RANDOM_STATE ) );
|
||||
if( PSA_ALG_IS_ECDSA( alg ) )
|
||||
{
|
||||
return( mbedtls_psa_ecdsa_sign_hash(
|
||||
attributes,
|
||||
key_buffer, key_buffer_size,
|
||||
alg, hash, hash_length,
|
||||
signature, signature_size, signature_length ) );
|
||||
}
|
||||
else
|
||||
{
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
}
|
||||
}
|
||||
else
|
||||
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
|
||||
{
|
||||
(void) alg;
|
||||
MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ecp->grp, &r, &s, &ecp->d,
|
||||
hash, hash_length,
|
||||
mbedtls_psa_get_random,
|
||||
MBEDTLS_PSA_RANDOM_STATE ) );
|
||||
}
|
||||
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &r,
|
||||
signature,
|
||||
curve_bytes ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &s,
|
||||
signature + curve_bytes,
|
||||
curve_bytes ) );
|
||||
|
||||
cleanup:
|
||||
mbedtls_mpi_free( &r );
|
||||
mbedtls_mpi_free( &s );
|
||||
if( ret == 0 )
|
||||
*signature_length = 2 * curve_bytes;
|
||||
return( mbedtls_to_psa_error( ret ) );
|
||||
}
|
||||
|
||||
static psa_status_t psa_ecdsa_verify( mbedtls_ecp_keypair *ecp,
|
||||
const uint8_t *hash,
|
||||
size_t hash_length,
|
||||
const uint8_t *signature,
|
||||
size_t signature_length )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_mpi r, s;
|
||||
size_t curve_bytes = PSA_BITS_TO_BYTES( ecp->grp.pbits );
|
||||
mbedtls_mpi_init( &r );
|
||||
mbedtls_mpi_init( &s );
|
||||
|
||||
if( signature_length != 2 * curve_bytes )
|
||||
return( PSA_ERROR_INVALID_SIGNATURE );
|
||||
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &r,
|
||||
signature,
|
||||
curve_bytes ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &s,
|
||||
signature + curve_bytes,
|
||||
curve_bytes ) );
|
||||
|
||||
/* Check whether the public part is loaded. If not, load it. */
|
||||
if( mbedtls_ecp_is_zero( &ecp->Q ) )
|
||||
{
|
||||
MBEDTLS_MPI_CHK(
|
||||
mbedtls_ecp_mul( &ecp->grp, &ecp->Q, &ecp->d, &ecp->grp.G,
|
||||
mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE ) );
|
||||
}
|
||||
|
||||
ret = mbedtls_ecdsa_verify( &ecp->grp, hash, hash_length,
|
||||
&ecp->Q, &r, &s );
|
||||
|
||||
cleanup:
|
||||
mbedtls_mpi_free( &r );
|
||||
mbedtls_mpi_free( &s );
|
||||
return( mbedtls_to_psa_error( ret ) );
|
||||
}
|
||||
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
|
||||
* defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
|
||||
{
|
||||
(void)attributes;
|
||||
(void)key_buffer;
|
||||
(void)key_buffer_size;
|
||||
(void)alg;
|
||||
(void)hash;
|
||||
(void)hash_length;
|
||||
(void)signature;
|
||||
(void)signature_size;
|
||||
(void)signature_length;
|
||||
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
}
|
||||
}
|
||||
|
||||
psa_status_t psa_sign_hash( mbedtls_svc_key_id_t key,
|
||||
psa_algorithm_t alg,
|
||||
|
@ -3581,83 +3365,14 @@ psa_status_t psa_sign_hash( mbedtls_svc_key_id_t key,
|
|||
goto exit;
|
||||
}
|
||||
|
||||
/* Try any of the available accelerators first */
|
||||
status = psa_driver_wrapper_sign_hash( slot,
|
||||
alg,
|
||||
hash,
|
||||
hash_length,
|
||||
signature,
|
||||
signature_size,
|
||||
signature_length );
|
||||
if( status != PSA_ERROR_NOT_SUPPORTED ||
|
||||
psa_key_lifetime_is_external( slot->attr.lifetime ) )
|
||||
goto exit;
|
||||
psa_key_attributes_t attributes = {
|
||||
.core = slot->attr
|
||||
};
|
||||
|
||||
/* If the operation was not supported by any accelerator, try fallback. */
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
|
||||
if( slot->attr.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
|
||||
{
|
||||
mbedtls_rsa_context *rsa = NULL;
|
||||
|
||||
status = mbedtls_psa_rsa_load_representation( slot->attr.type,
|
||||
slot->key.data,
|
||||
slot->key.bytes,
|
||||
&rsa );
|
||||
if( status != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
status = psa_rsa_sign( rsa,
|
||||
alg,
|
||||
hash, hash_length,
|
||||
signature, signature_size,
|
||||
signature_length );
|
||||
|
||||
mbedtls_rsa_free( rsa );
|
||||
mbedtls_free( rsa );
|
||||
}
|
||||
else
|
||||
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
|
||||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) */
|
||||
if( PSA_KEY_TYPE_IS_ECC( slot->attr.type ) )
|
||||
{
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
|
||||
if(
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
|
||||
PSA_ALG_IS_ECDSA( alg )
|
||||
#else
|
||||
PSA_ALG_IS_RANDOMIZED_ECDSA( alg )
|
||||
#endif
|
||||
)
|
||||
{
|
||||
mbedtls_ecp_keypair *ecp = NULL;
|
||||
status = mbedtls_psa_ecp_load_representation( slot->attr.type,
|
||||
slot->attr.bits,
|
||||
slot->key.data,
|
||||
slot->key.bytes,
|
||||
&ecp );
|
||||
if( status != PSA_SUCCESS )
|
||||
goto exit;
|
||||
status = psa_ecdsa_sign( ecp,
|
||||
alg,
|
||||
hash, hash_length,
|
||||
signature, signature_size,
|
||||
signature_length );
|
||||
mbedtls_ecp_keypair_free( ecp );
|
||||
mbedtls_free( ecp );
|
||||
}
|
||||
else
|
||||
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
|
||||
* defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
|
||||
{
|
||||
status = PSA_ERROR_INVALID_ARGUMENT;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
status = PSA_ERROR_NOT_SUPPORTED;
|
||||
}
|
||||
status = psa_driver_wrapper_sign_hash(
|
||||
&attributes, slot->key.data, slot->key.bytes,
|
||||
alg, hash, hash_length,
|
||||
signature, signature_size, signature_length );
|
||||
|
||||
exit:
|
||||
/* Fill the unused part of the output buffer (the whole buffer on error,
|
||||
|
@ -3677,6 +3392,58 @@ exit:
|
|||
return( ( status == PSA_SUCCESS ) ? unlock_status : status );
|
||||
}
|
||||
|
||||
psa_status_t psa_verify_hash_internal(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
const uint8_t *signature, size_t signature_length )
|
||||
{
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
|
||||
if( PSA_KEY_TYPE_IS_RSA( attributes->core.type ) )
|
||||
{
|
||||
return( mbedtls_psa_rsa_verify_hash(
|
||||
attributes,
|
||||
key_buffer, key_buffer_size,
|
||||
alg, hash, hash_length,
|
||||
signature, signature_length ) );
|
||||
}
|
||||
else
|
||||
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
|
||||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) */
|
||||
if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
|
||||
{
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
|
||||
if( PSA_ALG_IS_ECDSA( alg ) )
|
||||
{
|
||||
return( mbedtls_psa_ecdsa_verify_hash(
|
||||
attributes,
|
||||
key_buffer, key_buffer_size,
|
||||
alg, hash, hash_length,
|
||||
signature, signature_length ) );
|
||||
}
|
||||
else
|
||||
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
|
||||
* defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
|
||||
{
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
(void)key_buffer;
|
||||
(void)key_buffer_size;
|
||||
(void)alg;
|
||||
(void)hash;
|
||||
(void)hash_length;
|
||||
(void)signature;
|
||||
(void)signature_length;
|
||||
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
}
|
||||
}
|
||||
|
||||
psa_status_t psa_verify_hash( mbedtls_svc_key_id_t key,
|
||||
psa_algorithm_t alg,
|
||||
const uint8_t *hash,
|
||||
|
@ -3694,76 +3461,15 @@ psa_status_t psa_verify_hash( mbedtls_svc_key_id_t key,
|
|||
if( status != PSA_SUCCESS )
|
||||
return( status );
|
||||
|
||||
/* Try any of the available accelerators first */
|
||||
status = psa_driver_wrapper_verify_hash( slot,
|
||||
alg,
|
||||
hash,
|
||||
hash_length,
|
||||
signature,
|
||||
signature_length );
|
||||
if( status != PSA_ERROR_NOT_SUPPORTED ||
|
||||
psa_key_lifetime_is_external( slot->attr.lifetime ) )
|
||||
goto exit;
|
||||
psa_key_attributes_t attributes = {
|
||||
.core = slot->attr
|
||||
};
|
||||
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
|
||||
if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) )
|
||||
{
|
||||
mbedtls_rsa_context *rsa = NULL;
|
||||
status = psa_driver_wrapper_verify_hash(
|
||||
&attributes, slot->key.data, slot->key.bytes,
|
||||
alg, hash, hash_length,
|
||||
signature, signature_length );
|
||||
|
||||
status = mbedtls_psa_rsa_load_representation( slot->attr.type,
|
||||
slot->key.data,
|
||||
slot->key.bytes,
|
||||
&rsa );
|
||||
if( status != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
status = psa_rsa_verify( rsa,
|
||||
alg,
|
||||
hash, hash_length,
|
||||
signature, signature_length );
|
||||
mbedtls_rsa_free( rsa );
|
||||
mbedtls_free( rsa );
|
||||
goto exit;
|
||||
}
|
||||
else
|
||||
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
|
||||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) */
|
||||
if( PSA_KEY_TYPE_IS_ECC( slot->attr.type ) )
|
||||
{
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
|
||||
if( PSA_ALG_IS_ECDSA( alg ) )
|
||||
{
|
||||
mbedtls_ecp_keypair *ecp = NULL;
|
||||
status = mbedtls_psa_ecp_load_representation( slot->attr.type,
|
||||
slot->attr.bits,
|
||||
slot->key.data,
|
||||
slot->key.bytes,
|
||||
&ecp );
|
||||
if( status != PSA_SUCCESS )
|
||||
goto exit;
|
||||
status = psa_ecdsa_verify( ecp,
|
||||
hash, hash_length,
|
||||
signature, signature_length );
|
||||
mbedtls_ecp_keypair_free( ecp );
|
||||
mbedtls_free( ecp );
|
||||
goto exit;
|
||||
}
|
||||
else
|
||||
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
|
||||
* defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
|
||||
{
|
||||
status = PSA_ERROR_INVALID_ARGUMENT;
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
status = PSA_ERROR_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
exit:
|
||||
unlock_status = psa_unlock_key_slot( slot );
|
||||
|
||||
return( ( status == PSA_SUCCESS ) ? unlock_status : status );
|
||||
|
|
|
@ -30,6 +30,8 @@
|
|||
#include "psa/crypto.h"
|
||||
#include "psa/crypto_se_driver.h"
|
||||
|
||||
#include <mbedtls/md_internal.h>
|
||||
|
||||
/** The data structure representing a key slot, containing key material
|
||||
* and metadata for one key.
|
||||
*/
|
||||
|
@ -212,6 +214,15 @@ psa_status_t psa_copy_key_material_into_slot( psa_key_slot_t *slot,
|
|||
*/
|
||||
psa_status_t mbedtls_to_psa_error( int ret );
|
||||
|
||||
/** Get Mbed TLS MD information of a hash algorithm given its PSA identifier
|
||||
*
|
||||
* \param[in] alg PSA hash algorithm identifier
|
||||
*
|
||||
* \return The Mbed TLS MD information of the hash algorithm. \c NULL if the
|
||||
* PSA hash algorithm is not supported.
|
||||
*/
|
||||
const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg );
|
||||
|
||||
/** Import a key in binary format.
|
||||
*
|
||||
* \note The signature of this function is that of a PSA driver
|
||||
|
@ -324,4 +335,80 @@ psa_status_t psa_generate_key_internal( const psa_key_attributes_t *attributes,
|
|||
size_t key_buffer_size,
|
||||
size_t *key_buffer_length );
|
||||
|
||||
/** Sign an already-calculated hash with a private key.
|
||||
*
|
||||
* \note The signature of this function is that of a PSA driver
|
||||
* sign_hash entry point. This function behaves as a sign_hash
|
||||
* entry point as defined in the PSA driver interface specification for
|
||||
* transparent drivers.
|
||||
*
|
||||
* \param[in] attributes The attributes of the key to use for the
|
||||
* operation.
|
||||
* \param[in] key_buffer The buffer containing the key context.
|
||||
* format.
|
||||
* \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes.
|
||||
* \param[in] alg A signature algorithm that is compatible with
|
||||
* the type of the key.
|
||||
* \param[in] hash The hash or message to sign.
|
||||
* \param[in] hash_length Size of the \p hash buffer in bytes.
|
||||
* \param[out] signature Buffer where the signature is to be written.
|
||||
* \param[in] signature_size Size of the \p signature buffer in bytes.
|
||||
* \param[out] signature_length On success, the number of bytes
|
||||
* that make up the returned signature value.
|
||||
*
|
||||
* \retval #PSA_SUCCESS
|
||||
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
|
||||
* The size of the \p signature buffer is too small. You can
|
||||
* determine a sufficient buffer size by calling
|
||||
* #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg)
|
||||
* where \c key_type and \c key_bits are the type and bit-size
|
||||
* respectively of the key.
|
||||
* \retval #PSA_ERROR_NOT_SUPPORTED
|
||||
* \retval #PSA_ERROR_INVALID_ARGUMENT
|
||||
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
|
||||
* \retval #PSA_ERROR_CORRUPTION_DETECTED
|
||||
* \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
|
||||
*/
|
||||
psa_status_t psa_sign_hash_internal(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
uint8_t *signature, size_t signature_size, size_t *signature_length );
|
||||
|
||||
/**
|
||||
* \brief Verify the signature a hash or short message using a public key.
|
||||
*
|
||||
* \note The signature of this function is that of a PSA driver
|
||||
* verify_hash entry point. This function behaves as a verify_hash
|
||||
* entry point as defined in the PSA driver interface specification for
|
||||
* transparent drivers.
|
||||
*
|
||||
* \param[in] attributes The attributes of the key to use for the
|
||||
* operation.
|
||||
* \param[in] key_buffer The buffer containing the key context.
|
||||
* format.
|
||||
* \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes.
|
||||
* \param[in] alg A signature algorithm that is compatible with
|
||||
* the type of the key.
|
||||
* \param[in] hash The hash or message whose signature is to be
|
||||
* verified.
|
||||
* \param[in] hash_length Size of the \p hash buffer in bytes.
|
||||
* \param[in] signature Buffer containing the signature to verify.
|
||||
* \param[in] signature_length Size of the \p signature buffer in bytes.
|
||||
*
|
||||
* \retval #PSA_SUCCESS
|
||||
* The signature is valid.
|
||||
* \retval #PSA_ERROR_INVALID_SIGNATURE
|
||||
* The calculation was performed successfully, but the passed
|
||||
* signature is not a valid signature.
|
||||
* \retval #PSA_ERROR_NOT_SUPPORTED
|
||||
* \retval #PSA_ERROR_INVALID_ARGUMENT
|
||||
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
|
||||
*/
|
||||
psa_status_t psa_verify_hash_internal(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
const uint8_t *signature, size_t signature_length );
|
||||
|
||||
#endif /* PSA_CRYPTO_CORE_H */
|
||||
|
|
|
@ -57,21 +57,18 @@
|
|||
#endif
|
||||
|
||||
/* Start delegation functions */
|
||||
psa_status_t psa_driver_wrapper_sign_hash( psa_key_slot_t *slot,
|
||||
psa_algorithm_t alg,
|
||||
const uint8_t *hash,
|
||||
size_t hash_length,
|
||||
uint8_t *signature,
|
||||
size_t signature_size,
|
||||
size_t *signature_length )
|
||||
psa_status_t psa_driver_wrapper_sign_hash(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
uint8_t *signature, size_t signature_size, size_t *signature_length )
|
||||
{
|
||||
#if defined(PSA_CRYPTO_DRIVER_PRESENT)
|
||||
/* Try dynamically-registered SE interface first */
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
|
||||
const psa_drv_se_t *drv;
|
||||
psa_drv_se_context_t *drv_context;
|
||||
|
||||
if( psa_get_se_driver( slot->attr.lifetime, &drv, &drv_context ) )
|
||||
if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) )
|
||||
{
|
||||
if( drv->asymmetric == NULL ||
|
||||
drv->asymmetric->p_sign == NULL )
|
||||
|
@ -79,32 +76,27 @@ psa_status_t psa_driver_wrapper_sign_hash( psa_key_slot_t *slot,
|
|||
/* Key is defined in SE, but we have no way to exercise it */
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
}
|
||||
return( drv->asymmetric->p_sign( drv_context,
|
||||
psa_key_slot_get_slot_number( slot ),
|
||||
alg,
|
||||
hash, hash_length,
|
||||
signature, signature_size,
|
||||
signature_length ) );
|
||||
return( drv->asymmetric->p_sign(
|
||||
drv_context, *( (psa_key_slot_number_t *)key_buffer ),
|
||||
alg, hash, hash_length,
|
||||
signature, signature_size, signature_length ) );
|
||||
}
|
||||
#endif /* PSA_CRYPTO_SE_C */
|
||||
|
||||
/* Then try accelerator API */
|
||||
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
|
||||
psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
|
||||
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
|
||||
psa_key_attributes_t attributes = {
|
||||
.core = slot->attr
|
||||
};
|
||||
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||
psa_key_location_t location =
|
||||
PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
|
||||
|
||||
switch( location )
|
||||
{
|
||||
case PSA_KEY_LOCATION_LOCAL_STORAGE:
|
||||
/* Key is stored in the slot in export representation, so
|
||||
* cycle through all known transparent accelerators */
|
||||
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
|
||||
#if defined(PSA_CRYPTO_DRIVER_TEST)
|
||||
status = test_transparent_signature_sign_hash( &attributes,
|
||||
slot->key.data,
|
||||
slot->key.bytes,
|
||||
status = test_transparent_signature_sign_hash( attributes,
|
||||
key_buffer,
|
||||
key_buffer_size,
|
||||
alg,
|
||||
hash,
|
||||
hash_length,
|
||||
|
@ -115,14 +107,25 @@ psa_status_t psa_driver_wrapper_sign_hash( psa_key_slot_t *slot,
|
|||
if( status != PSA_ERROR_NOT_SUPPORTED )
|
||||
return( status );
|
||||
#endif /* PSA_CRYPTO_DRIVER_TEST */
|
||||
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
|
||||
/* Fell through, meaning no accelerator supports this operation */
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
return( psa_sign_hash_internal( attributes,
|
||||
key_buffer,
|
||||
key_buffer_size,
|
||||
alg,
|
||||
hash,
|
||||
hash_length,
|
||||
signature,
|
||||
signature_size,
|
||||
signature_length ) );
|
||||
|
||||
/* Add cases for opaque driver here */
|
||||
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
|
||||
#if defined(PSA_CRYPTO_DRIVER_TEST)
|
||||
case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
|
||||
return( test_opaque_signature_sign_hash( &attributes,
|
||||
slot->key.data,
|
||||
slot->key.bytes,
|
||||
return( test_opaque_signature_sign_hash( attributes,
|
||||
key_buffer,
|
||||
key_buffer_size,
|
||||
alg,
|
||||
hash,
|
||||
hash_length,
|
||||
|
@ -130,40 +133,26 @@ psa_status_t psa_driver_wrapper_sign_hash( psa_key_slot_t *slot,
|
|||
signature_size,
|
||||
signature_length ) );
|
||||
#endif /* PSA_CRYPTO_DRIVER_TEST */
|
||||
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
|
||||
default:
|
||||
/* Key is declared with a lifetime not known to us */
|
||||
return( status );
|
||||
(void)status;
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
}
|
||||
#else /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
|
||||
#else /* PSA_CRYPTO_DRIVER_PRESENT */
|
||||
(void)slot;
|
||||
(void)alg;
|
||||
(void)hash;
|
||||
(void)hash_length;
|
||||
(void)signature;
|
||||
(void)signature_size;
|
||||
(void)signature_length;
|
||||
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
#endif /* PSA_CRYPTO_DRIVER_PRESENT */
|
||||
}
|
||||
|
||||
psa_status_t psa_driver_wrapper_verify_hash( psa_key_slot_t *slot,
|
||||
psa_algorithm_t alg,
|
||||
const uint8_t *hash,
|
||||
size_t hash_length,
|
||||
const uint8_t *signature,
|
||||
size_t signature_length )
|
||||
psa_status_t psa_driver_wrapper_verify_hash(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
const uint8_t *signature, size_t signature_length )
|
||||
{
|
||||
#if defined(PSA_CRYPTO_DRIVER_PRESENT)
|
||||
/* Try dynamically-registered SE interface first */
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
|
||||
const psa_drv_se_t *drv;
|
||||
psa_drv_se_context_t *drv_context;
|
||||
|
||||
if( psa_get_se_driver( slot->attr.lifetime, &drv, &drv_context ) )
|
||||
if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) )
|
||||
{
|
||||
if( drv->asymmetric == NULL ||
|
||||
drv->asymmetric->p_verify == NULL )
|
||||
|
@ -171,31 +160,27 @@ psa_status_t psa_driver_wrapper_verify_hash( psa_key_slot_t *slot,
|
|||
/* Key is defined in SE, but we have no way to exercise it */
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
}
|
||||
return( drv->asymmetric->p_verify( drv_context,
|
||||
psa_key_slot_get_slot_number( slot ),
|
||||
alg,
|
||||
hash, hash_length,
|
||||
signature, signature_length ) );
|
||||
return( drv->asymmetric->p_verify(
|
||||
drv_context, *( (psa_key_slot_number_t *)key_buffer ),
|
||||
alg, hash, hash_length,
|
||||
signature, signature_length ) );
|
||||
}
|
||||
#endif /* PSA_CRYPTO_SE_C */
|
||||
|
||||
/* Then try accelerator API */
|
||||
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
|
||||
psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
|
||||
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
|
||||
psa_key_attributes_t attributes = {
|
||||
.core = slot->attr
|
||||
};
|
||||
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||
psa_key_location_t location =
|
||||
PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
|
||||
|
||||
switch( location )
|
||||
{
|
||||
case PSA_KEY_LOCATION_LOCAL_STORAGE:
|
||||
/* Key is stored in the slot in export representation, so
|
||||
* cycle through all known transparent accelerators */
|
||||
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
|
||||
#if defined(PSA_CRYPTO_DRIVER_TEST)
|
||||
status = test_transparent_signature_verify_hash( &attributes,
|
||||
slot->key.data,
|
||||
slot->key.bytes,
|
||||
status = test_transparent_signature_verify_hash( attributes,
|
||||
key_buffer,
|
||||
key_buffer_size,
|
||||
alg,
|
||||
hash,
|
||||
hash_length,
|
||||
|
@ -205,37 +190,36 @@ psa_status_t psa_driver_wrapper_verify_hash( psa_key_slot_t *slot,
|
|||
if( status != PSA_ERROR_NOT_SUPPORTED )
|
||||
return( status );
|
||||
#endif /* PSA_CRYPTO_DRIVER_TEST */
|
||||
/* Fell through, meaning no accelerator supports this operation */
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
|
||||
|
||||
return( psa_verify_hash_internal( attributes,
|
||||
key_buffer,
|
||||
key_buffer_size,
|
||||
alg,
|
||||
hash,
|
||||
hash_length,
|
||||
signature,
|
||||
signature_length ) );
|
||||
|
||||
/* Add cases for opaque driver here */
|
||||
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
|
||||
#if defined(PSA_CRYPTO_DRIVER_TEST)
|
||||
case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
|
||||
return( test_opaque_signature_verify_hash( &attributes,
|
||||
slot->key.data,
|
||||
slot->key.bytes,
|
||||
return( test_opaque_signature_verify_hash( attributes,
|
||||
key_buffer,
|
||||
key_buffer_size,
|
||||
alg,
|
||||
hash,
|
||||
hash_length,
|
||||
signature,
|
||||
signature_length ) );
|
||||
#endif /* PSA_CRYPTO_DRIVER_TEST */
|
||||
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
|
||||
default:
|
||||
/* Key is declared with a lifetime not known to us */
|
||||
return( status );
|
||||
(void)status;
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
}
|
||||
#else /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
|
||||
#else /* PSA_CRYPTO_DRIVER_PRESENT */
|
||||
(void)slot;
|
||||
(void)alg;
|
||||
(void)hash;
|
||||
(void)hash_length;
|
||||
(void)signature;
|
||||
(void)signature_length;
|
||||
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
#endif /* PSA_CRYPTO_DRIVER_PRESENT */
|
||||
}
|
||||
|
||||
/** Get the key buffer size for the key material of a generated key in the
|
||||
|
|
|
@ -28,20 +28,17 @@
|
|||
/*
|
||||
* Signature functions
|
||||
*/
|
||||
psa_status_t psa_driver_wrapper_sign_hash( psa_key_slot_t *slot,
|
||||
psa_algorithm_t alg,
|
||||
const uint8_t *hash,
|
||||
size_t hash_length,
|
||||
uint8_t *signature,
|
||||
size_t signature_size,
|
||||
size_t *signature_length );
|
||||
psa_status_t psa_driver_wrapper_sign_hash(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
uint8_t *signature, size_t signature_size, size_t *signature_length );
|
||||
|
||||
psa_status_t psa_driver_wrapper_verify_hash( psa_key_slot_t *slot,
|
||||
psa_algorithm_t alg,
|
||||
const uint8_t *hash,
|
||||
size_t hash_length,
|
||||
const uint8_t *signature,
|
||||
size_t signature_length );
|
||||
psa_status_t psa_driver_wrapper_verify_hash(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
const uint8_t *signature, size_t signature_length );
|
||||
|
||||
/*
|
||||
* Key handling functions
|
||||
|
|
|
@ -35,6 +35,7 @@
|
|||
#define mbedtls_free free
|
||||
#endif
|
||||
|
||||
#include <mbedtls/ecdsa.h>
|
||||
#include <mbedtls/ecp.h>
|
||||
#include <mbedtls/error.h>
|
||||
|
||||
|
@ -50,11 +51,25 @@
|
|||
#define BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1
|
||||
#endif
|
||||
|
||||
#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
|
||||
( defined(PSA_CRYPTO_DRIVER_TEST) && \
|
||||
defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) && \
|
||||
defined(MBEDTLS_ECDSA_C) ) )
|
||||
#define BUILTIN_ALG_ECDSA 1
|
||||
#endif
|
||||
|
||||
#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \
|
||||
( defined(PSA_CRYPTO_DRIVER_TEST) && \
|
||||
defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) && \
|
||||
defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) ) )
|
||||
#define BUILTIN_ALG_DETERMINISTIC_ECDSA 1
|
||||
#endif
|
||||
|
||||
#if defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
|
||||
defined(BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
|
||||
defined(BUILTIN_ALG_ECDSA) || \
|
||||
defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH)
|
||||
psa_status_t mbedtls_psa_ecp_load_representation(
|
||||
psa_key_type_t type, size_t curve_bits,
|
||||
const uint8_t *data, size_t data_length,
|
||||
|
@ -167,9 +182,9 @@ exit:
|
|||
}
|
||||
#endif /* defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
|
||||
* defined(BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) ||
|
||||
* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
|
||||
* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) ||
|
||||
* defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
|
||||
* defined(BUILTIN_ALG_ECDSA) ||
|
||||
* defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) ||
|
||||
* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) */
|
||||
|
||||
#if defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
|
||||
defined(BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
|
||||
|
@ -337,6 +352,148 @@ static psa_status_t ecp_generate_key(
|
|||
}
|
||||
#endif /* defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) */
|
||||
|
||||
/****************************************************************/
|
||||
/* ECDSA sign/verify */
|
||||
/****************************************************************/
|
||||
|
||||
#if defined(BUILTIN_ALG_ECDSA) || \
|
||||
defined(BUILTIN_ALG_DETERMINISTIC_ECDSA)
|
||||
static psa_status_t ecdsa_sign_hash(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
uint8_t *signature, size_t signature_size, size_t *signature_length )
|
||||
{
|
||||
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_ecp_keypair *ecp = NULL;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t curve_bytes;
|
||||
mbedtls_mpi r, s;
|
||||
|
||||
status = mbedtls_psa_ecp_load_representation( attributes->core.type,
|
||||
attributes->core.bits,
|
||||
key_buffer,
|
||||
key_buffer_size,
|
||||
&ecp );
|
||||
if( status != PSA_SUCCESS )
|
||||
return( status );
|
||||
|
||||
curve_bytes = PSA_BITS_TO_BYTES( ecp->grp.pbits );
|
||||
mbedtls_mpi_init( &r );
|
||||
mbedtls_mpi_init( &s );
|
||||
|
||||
if( signature_size < 2 * curve_bytes )
|
||||
{
|
||||
ret = MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
if( PSA_ALG_ECDSA_IS_DETERMINISTIC( alg ) )
|
||||
{
|
||||
#if defined(BUILTIN_ALG_DETERMINISTIC_ECDSA)
|
||||
psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
|
||||
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
|
||||
mbedtls_md_type_t md_alg = mbedtls_md_get_type( md_info );
|
||||
MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign_det_ext(
|
||||
&ecp->grp, &r, &s,
|
||||
&ecp->d, hash,
|
||||
hash_length, md_alg,
|
||||
mbedtls_psa_get_random,
|
||||
MBEDTLS_PSA_RANDOM_STATE ) );
|
||||
#else
|
||||
ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
|
||||
goto cleanup;
|
||||
#endif /* defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) */
|
||||
}
|
||||
else
|
||||
{
|
||||
(void) alg;
|
||||
MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ecp->grp, &r, &s, &ecp->d,
|
||||
hash, hash_length,
|
||||
mbedtls_psa_get_random,
|
||||
MBEDTLS_PSA_RANDOM_STATE ) );
|
||||
}
|
||||
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &r,
|
||||
signature,
|
||||
curve_bytes ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &s,
|
||||
signature + curve_bytes,
|
||||
curve_bytes ) );
|
||||
cleanup:
|
||||
mbedtls_mpi_free( &r );
|
||||
mbedtls_mpi_free( &s );
|
||||
if( ret == 0 )
|
||||
*signature_length = 2 * curve_bytes;
|
||||
|
||||
mbedtls_ecp_keypair_free( ecp );
|
||||
mbedtls_free( ecp );
|
||||
|
||||
return( mbedtls_to_psa_error( ret ) );
|
||||
}
|
||||
|
||||
static psa_status_t ecdsa_verify_hash(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
const uint8_t *signature, size_t signature_length )
|
||||
{
|
||||
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_ecp_keypair *ecp = NULL;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t curve_bytes;
|
||||
mbedtls_mpi r, s;
|
||||
|
||||
(void)alg;
|
||||
|
||||
status = mbedtls_psa_ecp_load_representation( attributes->core.type,
|
||||
attributes->core.bits,
|
||||
key_buffer,
|
||||
key_buffer_size,
|
||||
&ecp );
|
||||
if( status != PSA_SUCCESS )
|
||||
return( status );
|
||||
|
||||
curve_bytes = PSA_BITS_TO_BYTES( ecp->grp.pbits );
|
||||
mbedtls_mpi_init( &r );
|
||||
mbedtls_mpi_init( &s );
|
||||
|
||||
if( signature_length != 2 * curve_bytes )
|
||||
{
|
||||
ret = MBEDTLS_ERR_ECP_VERIFY_FAILED;
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &r,
|
||||
signature,
|
||||
curve_bytes ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &s,
|
||||
signature + curve_bytes,
|
||||
curve_bytes ) );
|
||||
|
||||
/* Check whether the public part is loaded. If not, load it. */
|
||||
if( mbedtls_ecp_is_zero( &ecp->Q ) )
|
||||
{
|
||||
MBEDTLS_MPI_CHK(
|
||||
mbedtls_ecp_mul( &ecp->grp, &ecp->Q, &ecp->d, &ecp->grp.G,
|
||||
mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE ) );
|
||||
}
|
||||
|
||||
ret = mbedtls_ecdsa_verify( &ecp->grp, hash, hash_length,
|
||||
&ecp->Q, &r, &s );
|
||||
|
||||
cleanup:
|
||||
mbedtls_mpi_free( &r );
|
||||
mbedtls_mpi_free( &s );
|
||||
mbedtls_ecp_keypair_free( ecp );
|
||||
mbedtls_free( ecp );
|
||||
|
||||
return( mbedtls_to_psa_error( ret ) );
|
||||
}
|
||||
|
||||
#endif /* defined(BUILTIN_ALG_ECDSA) || \
|
||||
* defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) */
|
||||
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
|
||||
|
||||
|
@ -373,6 +530,38 @@ psa_status_t mbedtls_psa_ecp_generate_key(
|
|||
}
|
||||
#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) */
|
||||
|
||||
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
|
||||
|
||||
psa_status_t mbedtls_psa_ecdsa_sign_hash(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
uint8_t *signature, size_t signature_size, size_t *signature_length )
|
||||
{
|
||||
|
||||
return( ecdsa_sign_hash( attributes,
|
||||
key_buffer, key_buffer_size,
|
||||
alg, hash, hash_length,
|
||||
signature, signature_size, signature_length ) );
|
||||
}
|
||||
|
||||
psa_status_t mbedtls_psa_ecdsa_verify_hash(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
const uint8_t *signature, size_t signature_length )
|
||||
{
|
||||
return( ecdsa_verify_hash( attributes,
|
||||
key_buffer, key_buffer_size,
|
||||
alg, hash, hash_length,
|
||||
signature, signature_length ) );
|
||||
}
|
||||
|
||||
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
|
||||
* defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
|
||||
|
||||
/*
|
||||
* BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
|
||||
*/
|
||||
|
@ -417,6 +606,62 @@ psa_status_t mbedtls_transparent_test_driver_ecp_generate_key(
|
|||
#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) &&
|
||||
defined(MBEDTLS_GENPRIME) */
|
||||
|
||||
#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
|
||||
defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
|
||||
|
||||
psa_status_t mbedtls_transparent_test_driver_ecdsa_sign_hash(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
uint8_t *signature, size_t signature_size, size_t *signature_length )
|
||||
{
|
||||
|
||||
#if defined(MBEDTLS_ECDSA_C)
|
||||
return( ecdsa_sign_hash( attributes,
|
||||
key_buffer, key_buffer_size,
|
||||
alg, hash, hash_length,
|
||||
signature, signature_size, signature_length ) );
|
||||
#else
|
||||
(void)attributes;
|
||||
(void)key_buffer;
|
||||
(void)key_buffer_size;
|
||||
(void)alg;
|
||||
(void)hash;
|
||||
(void)hash_length;
|
||||
(void)signature;
|
||||
(void)signature_size;
|
||||
(void)signature_length;
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
#endif
|
||||
}
|
||||
|
||||
psa_status_t mbedtls_transparent_test_driver_ecdsa_verify_hash(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
const uint8_t *signature, size_t signature_length )
|
||||
{
|
||||
#if defined(MBEDTLS_ECDSA_C)
|
||||
return( ecdsa_verify_hash( attributes,
|
||||
key_buffer, key_buffer_size,
|
||||
alg, hash, hash_length,
|
||||
signature, signature_length ) );
|
||||
#else
|
||||
(void)attributes;
|
||||
(void)key_buffer;
|
||||
(void)key_buffer_size;
|
||||
(void)alg;
|
||||
(void)hash;
|
||||
(void)hash_length;
|
||||
(void)signature;
|
||||
(void)signature_length;
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
#endif
|
||||
}
|
||||
|
||||
#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) ||
|
||||
* defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */
|
||||
|
||||
#endif /* PSA_CRYPTO_DRIVER_TEST */
|
||||
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_C */
|
||||
|
|
|
@ -146,6 +146,78 @@ psa_status_t mbedtls_psa_ecp_generate_key(
|
|||
const psa_key_attributes_t *attributes,
|
||||
uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length );
|
||||
|
||||
/** Sign an already-calculated hash with ECDSA.
|
||||
*
|
||||
* \note The signature of this function is that of a PSA driver
|
||||
* sign_hash entry point. This function behaves as a sign_hash
|
||||
* entry point as defined in the PSA driver interface specification for
|
||||
* transparent drivers.
|
||||
*
|
||||
* \param[in] attributes The attributes of the ECC key to use for the
|
||||
* operation.
|
||||
* \param[in] key_buffer The buffer containing the ECC key context.
|
||||
* format.
|
||||
* \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes.
|
||||
* \param[in] alg Randomized or deterministic ECDSA algorithm.
|
||||
* \param[in] hash The hash or message to sign.
|
||||
* \param[in] hash_length Size of the \p hash buffer in bytes.
|
||||
* \param[out] signature Buffer where the signature is to be written.
|
||||
* \param[in] signature_size Size of the \p signature buffer in bytes.
|
||||
* \param[out] signature_length On success, the number of bytes
|
||||
* that make up the returned signature value.
|
||||
*
|
||||
* \retval #PSA_SUCCESS
|
||||
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
|
||||
* The size of the \p signature buffer is too small. You can
|
||||
* determine a sufficient buffer size by calling
|
||||
* #PSA_SIGN_OUTPUT_SIZE(\c PSA_KEY_TYPE_ECC_KEY_PAIR, \c key_bits,
|
||||
* \p alg) where \c key_bits is the bit-size of the ECC key.
|
||||
* \retval #PSA_ERROR_NOT_SUPPORTED
|
||||
* \retval #PSA_ERROR_INVALID_ARGUMENT
|
||||
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
|
||||
* \retval #PSA_ERROR_CORRUPTION_DETECTED
|
||||
* \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
|
||||
*/
|
||||
psa_status_t mbedtls_psa_ecdsa_sign_hash(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
uint8_t *signature, size_t signature_size, size_t *signature_length );
|
||||
|
||||
/**
|
||||
* \brief Verify an ECDSA hash or short message signature.
|
||||
*
|
||||
* \note The signature of this function is that of a PSA driver
|
||||
* verify_hash entry point. This function behaves as a verify_hash
|
||||
* entry point as defined in the PSA driver interface specification for
|
||||
* transparent drivers.
|
||||
*
|
||||
* \param[in] attributes The attributes of the ECC key to use for the
|
||||
* operation.
|
||||
* \param[in] key_buffer The buffer containing the ECC key context.
|
||||
* format.
|
||||
* \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes.
|
||||
* \param[in] alg Randomized or deterministic ECDSA algorithm.
|
||||
* \param[in] hash The hash or message whose signature is to be
|
||||
* verified.
|
||||
* \param[in] hash_length Size of the \p hash buffer in bytes.
|
||||
* \param[in] signature Buffer containing the signature to verify.
|
||||
* \param[in] signature_length Size of the \p signature buffer in bytes.
|
||||
*
|
||||
* \retval #PSA_SUCCESS
|
||||
* The signature is valid.
|
||||
* \retval #PSA_ERROR_INVALID_SIGNATURE
|
||||
* The calculation was performed successfully, but the passed
|
||||
* signature is not a valid signature.
|
||||
* \retval #PSA_ERROR_NOT_SUPPORTED
|
||||
* \retval #PSA_ERROR_INVALID_ARGUMENT
|
||||
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
|
||||
*/
|
||||
psa_status_t mbedtls_psa_ecdsa_verify_hash(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
const uint8_t *signature, size_t signature_length );
|
||||
/*
|
||||
* BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
|
||||
*/
|
||||
|
@ -167,6 +239,18 @@ psa_status_t mbedtls_transparent_test_driver_ecp_generate_key(
|
|||
const psa_key_attributes_t *attributes,
|
||||
uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length );
|
||||
|
||||
psa_status_t mbedtls_transparent_test_driver_ecdsa_sign_hash(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
uint8_t *signature, size_t signature_size, size_t *signature_length );
|
||||
|
||||
psa_status_t mbedtls_transparent_test_driver_ecdsa_verify_hash(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
const uint8_t *signature, size_t signature_length );
|
||||
|
||||
#endif /* PSA_CRYPTO_DRIVER_TEST */
|
||||
|
||||
#endif /* PSA_CRYPTO_ECP_H */
|
||||
|
|
|
@ -52,10 +52,24 @@
|
|||
#define BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1
|
||||
#endif
|
||||
|
||||
#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
|
||||
( defined(PSA_CRYPTO_DRIVER_TEST) && \
|
||||
defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) && \
|
||||
defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V15) ) )
|
||||
#define BUILTIN_ALG_RSA_PKCS1V15_SIGN 1
|
||||
#endif
|
||||
|
||||
#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \
|
||||
( defined(PSA_CRYPTO_DRIVER_TEST) && \
|
||||
defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) && \
|
||||
defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21) ) )
|
||||
#define BUILTIN_ALG_RSA_PSS 1
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \
|
||||
defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
|
||||
defined(BUILTIN_ALG_RSA_PSS) || \
|
||||
defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
|
||||
defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
|
||||
|
||||
|
@ -131,9 +145,9 @@ exit:
|
|||
return( status );
|
||||
}
|
||||
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
|
||||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
|
||||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) ||
|
||||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) ||
|
||||
* defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
|
||||
* defined(BUILTIN_ALG_RSA_PSS) ||
|
||||
* defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
|
||||
* defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
|
||||
|
||||
|
@ -319,6 +333,211 @@ static psa_status_t rsa_generate_key(
|
|||
}
|
||||
#endif /* defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) */
|
||||
|
||||
/****************************************************************/
|
||||
/* Sign/verify hashes */
|
||||
/****************************************************************/
|
||||
|
||||
#if defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) || defined(BUILTIN_ALG_RSA_PSS)
|
||||
|
||||
/* Decode the hash algorithm from alg and store the mbedtls encoding in
|
||||
* md_alg. Verify that the hash length is acceptable. */
|
||||
static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg,
|
||||
size_t hash_length,
|
||||
mbedtls_md_type_t *md_alg )
|
||||
{
|
||||
psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
|
||||
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
|
||||
*md_alg = mbedtls_md_get_type( md_info );
|
||||
|
||||
/* The Mbed TLS RSA module uses an unsigned int for hash length
|
||||
* parameters. Validate that it fits so that we don't risk an
|
||||
* overflow later. */
|
||||
#if SIZE_MAX > UINT_MAX
|
||||
if( hash_length > UINT_MAX )
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
#endif
|
||||
|
||||
#if defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN)
|
||||
/* For PKCS#1 v1.5 signature, if using a hash, the hash length
|
||||
* must be correct. */
|
||||
if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) &&
|
||||
alg != PSA_ALG_RSA_PKCS1V15_SIGN_RAW )
|
||||
{
|
||||
if( md_info == NULL )
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
if( mbedtls_md_get_size( md_info ) != hash_length )
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
}
|
||||
#endif /* BUILTIN_ALG_RSA_PKCS1V15_SIGN */
|
||||
|
||||
#if defined(BUILTIN_ALG_RSA_PSS)
|
||||
/* PSS requires a hash internally. */
|
||||
if( PSA_ALG_IS_RSA_PSS( alg ) )
|
||||
{
|
||||
if( md_info == NULL )
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
}
|
||||
#endif /* BUILTIN_ALG_RSA_PSS */
|
||||
|
||||
return( PSA_SUCCESS );
|
||||
}
|
||||
|
||||
static psa_status_t rsa_sign_hash(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
uint8_t *signature, size_t signature_size, size_t *signature_length )
|
||||
{
|
||||
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_rsa_context *rsa = NULL;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_md_type_t md_alg;
|
||||
|
||||
status = mbedtls_psa_rsa_load_representation( attributes->core.type,
|
||||
key_buffer,
|
||||
key_buffer_size,
|
||||
&rsa );
|
||||
if( status != PSA_SUCCESS )
|
||||
return( status );
|
||||
|
||||
status = psa_rsa_decode_md_type( alg, hash_length, &md_alg );
|
||||
if( status != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
if( signature_size < mbedtls_rsa_get_len( rsa ) )
|
||||
{
|
||||
status = PSA_ERROR_BUFFER_TOO_SMALL;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
#if defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN)
|
||||
if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
|
||||
{
|
||||
mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
|
||||
MBEDTLS_MD_NONE );
|
||||
ret = mbedtls_rsa_pkcs1_sign( rsa,
|
||||
mbedtls_psa_get_random,
|
||||
MBEDTLS_PSA_RANDOM_STATE,
|
||||
MBEDTLS_RSA_PRIVATE,
|
||||
md_alg,
|
||||
(unsigned int) hash_length,
|
||||
hash,
|
||||
signature );
|
||||
}
|
||||
else
|
||||
#endif /* BUILTIN_ALG_RSA_PKCS1V15_SIGN */
|
||||
#if defined(BUILTIN_ALG_RSA_PSS)
|
||||
if( PSA_ALG_IS_RSA_PSS( alg ) )
|
||||
{
|
||||
mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
|
||||
ret = mbedtls_rsa_rsassa_pss_sign( rsa,
|
||||
mbedtls_psa_get_random,
|
||||
MBEDTLS_PSA_RANDOM_STATE,
|
||||
MBEDTLS_RSA_PRIVATE,
|
||||
MBEDTLS_MD_NONE,
|
||||
(unsigned int) hash_length,
|
||||
hash,
|
||||
signature );
|
||||
}
|
||||
else
|
||||
#endif /* BUILTIN_ALG_RSA_PSS */
|
||||
{
|
||||
status = PSA_ERROR_INVALID_ARGUMENT;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ret == 0 )
|
||||
*signature_length = mbedtls_rsa_get_len( rsa );
|
||||
status = mbedtls_to_psa_error( ret );
|
||||
|
||||
exit:
|
||||
mbedtls_rsa_free( rsa );
|
||||
mbedtls_free( rsa );
|
||||
|
||||
return( status );
|
||||
}
|
||||
|
||||
static psa_status_t rsa_verify_hash(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
const uint8_t *signature, size_t signature_length )
|
||||
{
|
||||
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_rsa_context *rsa = NULL;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_md_type_t md_alg;
|
||||
|
||||
status = mbedtls_psa_rsa_load_representation( attributes->core.type,
|
||||
key_buffer,
|
||||
key_buffer_size,
|
||||
&rsa );
|
||||
if( status != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
status = psa_rsa_decode_md_type( alg, hash_length, &md_alg );
|
||||
if( status != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
if( signature_length != mbedtls_rsa_get_len( rsa ) )
|
||||
{
|
||||
status = PSA_ERROR_INVALID_SIGNATURE;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
#if defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN)
|
||||
if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
|
||||
{
|
||||
mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
|
||||
MBEDTLS_MD_NONE );
|
||||
ret = mbedtls_rsa_pkcs1_verify( rsa,
|
||||
mbedtls_psa_get_random,
|
||||
MBEDTLS_PSA_RANDOM_STATE,
|
||||
MBEDTLS_RSA_PUBLIC,
|
||||
md_alg,
|
||||
(unsigned int) hash_length,
|
||||
hash,
|
||||
signature );
|
||||
}
|
||||
else
|
||||
#endif /* BUILTIN_ALG_RSA_PKCS1V15_SIGN */
|
||||
#if defined(BUILTIN_ALG_RSA_PSS)
|
||||
if( PSA_ALG_IS_RSA_PSS( alg ) )
|
||||
{
|
||||
mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
|
||||
ret = mbedtls_rsa_rsassa_pss_verify( rsa,
|
||||
mbedtls_psa_get_random,
|
||||
MBEDTLS_PSA_RANDOM_STATE,
|
||||
MBEDTLS_RSA_PUBLIC,
|
||||
MBEDTLS_MD_NONE,
|
||||
(unsigned int) hash_length,
|
||||
hash,
|
||||
signature );
|
||||
}
|
||||
else
|
||||
#endif /* BUILTIN_ALG_RSA_PSS */
|
||||
{
|
||||
status = PSA_ERROR_INVALID_ARGUMENT;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/* Mbed TLS distinguishes "invalid padding" from "valid padding but
|
||||
* the rest of the signature is invalid". This has little use in
|
||||
* practice and PSA doesn't report this distinction. */
|
||||
status = ( ret == MBEDTLS_ERR_RSA_INVALID_PADDING ) ?
|
||||
PSA_ERROR_INVALID_SIGNATURE :
|
||||
mbedtls_to_psa_error( ret );
|
||||
|
||||
exit:
|
||||
mbedtls_rsa_free( rsa );
|
||||
mbedtls_free( rsa );
|
||||
|
||||
return( status );
|
||||
}
|
||||
|
||||
#endif /* defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
|
||||
* defined(BUILTIN_ALG_RSA_PSS) */
|
||||
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
|
||||
|
||||
|
@ -355,6 +574,36 @@ psa_status_t mbedtls_psa_rsa_generate_key(
|
|||
}
|
||||
#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) */
|
||||
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
|
||||
psa_status_t mbedtls_psa_rsa_sign_hash(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
uint8_t *signature, size_t signature_size, size_t *signature_length )
|
||||
{
|
||||
return( rsa_sign_hash(
|
||||
attributes,
|
||||
key_buffer, key_buffer_size,
|
||||
alg, hash, hash_length,
|
||||
signature, signature_size, signature_length ) );
|
||||
}
|
||||
|
||||
psa_status_t mbedtls_psa_rsa_verify_hash(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
const uint8_t *signature, size_t signature_length )
|
||||
{
|
||||
return( rsa_verify_hash(
|
||||
attributes,
|
||||
key_buffer, key_buffer_size,
|
||||
alg, hash, hash_length,
|
||||
signature, signature_length ) );
|
||||
}
|
||||
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
|
||||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) */
|
||||
|
||||
/*
|
||||
* BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
|
||||
*/
|
||||
|
@ -397,6 +646,63 @@ psa_status_t mbedtls_transparent_test_driver_rsa_generate_key(
|
|||
}
|
||||
#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) */
|
||||
|
||||
#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
|
||||
defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
|
||||
psa_status_t mbedtls_transparent_test_driver_rsa_sign_hash(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
uint8_t *signature, size_t signature_size, size_t *signature_length )
|
||||
{
|
||||
#if defined(MBEDTLS_RSA_C) && \
|
||||
(defined(MBEDTLS_PKCS1_V15) || defined(MBEDTLS_PKCS1_V21))
|
||||
return( rsa_sign_hash(
|
||||
attributes,
|
||||
key_buffer, key_buffer_size,
|
||||
alg, hash, hash_length,
|
||||
signature, signature_size, signature_length ) );
|
||||
#else
|
||||
(void)attributes;
|
||||
(void)key_buffer;
|
||||
(void)key_buffer_size;
|
||||
(void)alg;
|
||||
(void)hash;
|
||||
(void)hash_length;
|
||||
(void)signature;
|
||||
(void)signature_size;
|
||||
(void)signature_length;
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
#endif
|
||||
}
|
||||
|
||||
psa_status_t mbedtls_transparent_test_driver_rsa_verify_hash(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
const uint8_t *signature, size_t signature_length )
|
||||
{
|
||||
#if defined(MBEDTLS_RSA_C) && \
|
||||
(defined(MBEDTLS_PKCS1_V15) || defined(MBEDTLS_PKCS1_V21))
|
||||
return( rsa_verify_hash(
|
||||
attributes,
|
||||
key_buffer, key_buffer_size,
|
||||
alg, hash, hash_length,
|
||||
signature, signature_length ) );
|
||||
#else
|
||||
(void)attributes;
|
||||
(void)key_buffer;
|
||||
(void)key_buffer_size;
|
||||
(void)alg;
|
||||
(void)hash;
|
||||
(void)hash_length;
|
||||
(void)signature;
|
||||
(void)signature_length;
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
#endif
|
||||
}
|
||||
#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) ||
|
||||
* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */
|
||||
|
||||
#endif /* PSA_CRYPTO_DRIVER_TEST */
|
||||
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_C */
|
||||
|
|
|
@ -137,6 +137,81 @@ psa_status_t mbedtls_psa_rsa_generate_key(
|
|||
const psa_key_attributes_t *attributes,
|
||||
uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length );
|
||||
|
||||
/** Sign an already-calculated hash with an RSA private key.
|
||||
*
|
||||
* \note The signature of this function is that of a PSA driver
|
||||
* sign_hash entry point. This function behaves as a sign_hash
|
||||
* entry point as defined in the PSA driver interface specification for
|
||||
* transparent drivers.
|
||||
*
|
||||
* \param[in] attributes The attributes of the RSA key to use for the
|
||||
* operation.
|
||||
* \param[in] key_buffer The buffer containing the RSA key context.
|
||||
* format.
|
||||
* \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes.
|
||||
* \param[in] alg A signature algorithm that is compatible with
|
||||
* an RSA key.
|
||||
* \param[in] hash The hash or message to sign.
|
||||
* \param[in] hash_length Size of the \p hash buffer in bytes.
|
||||
* \param[out] signature Buffer where the signature is to be written.
|
||||
* \param[in] signature_size Size of the \p signature buffer in bytes.
|
||||
* \param[out] signature_length On success, the number of bytes
|
||||
* that make up the returned signature value.
|
||||
*
|
||||
* \retval #PSA_SUCCESS
|
||||
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
|
||||
* The size of the \p signature buffer is too small. You can
|
||||
* determine a sufficient buffer size by calling
|
||||
* #PSA_SIGN_OUTPUT_SIZE(\c PSA_KEY_TYPE_RSA_KEY_PAIR, \c key_bits,
|
||||
* \p alg) where \c key_bits is the bit-size of the RSA key.
|
||||
* \retval #PSA_ERROR_NOT_SUPPORTED
|
||||
* \retval #PSA_ERROR_INVALID_ARGUMENT
|
||||
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
|
||||
* \retval #PSA_ERROR_CORRUPTION_DETECTED
|
||||
* \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
|
||||
*/
|
||||
psa_status_t mbedtls_psa_rsa_sign_hash(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
uint8_t *signature, size_t signature_size, size_t *signature_length );
|
||||
|
||||
/**
|
||||
* \brief Verify the signature a hash or short message using a public RSA key.
|
||||
*
|
||||
* \note The signature of this function is that of a PSA driver
|
||||
* verify_hash entry point. This function behaves as a verify_hash
|
||||
* entry point as defined in the PSA driver interface specification for
|
||||
* transparent drivers.
|
||||
*
|
||||
* \param[in] attributes The attributes of the RSA key to use for the
|
||||
* operation.
|
||||
* \param[in] key_buffer The buffer containing the RSA key context.
|
||||
* format.
|
||||
* \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes.
|
||||
* \param[in] alg A signature algorithm that is compatible with
|
||||
* an RSA key.
|
||||
* \param[in] hash The hash or message whose signature is to be
|
||||
* verified.
|
||||
* \param[in] hash_length Size of the \p hash buffer in bytes.
|
||||
* \param[in] signature Buffer containing the signature to verify.
|
||||
* \param[in] signature_length Size of the \p signature buffer in bytes.
|
||||
*
|
||||
* \retval #PSA_SUCCESS
|
||||
* The signature is valid.
|
||||
* \retval #PSA_ERROR_INVALID_SIGNATURE
|
||||
* The calculation was performed successfully, but the passed
|
||||
* signature is not a valid signature.
|
||||
* \retval #PSA_ERROR_NOT_SUPPORTED
|
||||
* \retval #PSA_ERROR_INVALID_ARGUMENT
|
||||
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
|
||||
*/
|
||||
psa_status_t mbedtls_psa_rsa_verify_hash(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
const uint8_t *signature, size_t signature_length );
|
||||
|
||||
/*
|
||||
* BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
|
||||
*/
|
||||
|
@ -158,6 +233,18 @@ psa_status_t mbedtls_transparent_test_driver_rsa_generate_key(
|
|||
const psa_key_attributes_t *attributes,
|
||||
uint8_t *key, size_t key_size, size_t *key_length );
|
||||
|
||||
psa_status_t mbedtls_transparent_test_driver_rsa_sign_hash(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
uint8_t *signature, size_t signature_size, size_t *signature_length );
|
||||
|
||||
psa_status_t mbedtls_transparent_test_driver_rsa_verify_hash(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
const uint8_t *signature, size_t signature_length );
|
||||
|
||||
#endif /* PSA_CRYPTO_DRIVER_TEST */
|
||||
|
||||
#endif /* PSA_CRYPTO_RSA_H */
|
||||
|
|
|
@ -40,7 +40,7 @@ typedef struct {
|
|||
unsigned long hits;
|
||||
} test_driver_signature_hooks_t;
|
||||
|
||||
#define TEST_DRIVER_SIGNATURE_INIT { NULL, 0, PSA_ERROR_NOT_SUPPORTED, 0 }
|
||||
#define TEST_DRIVER_SIGNATURE_INIT { NULL, 0, PSA_SUCCESS, 0 }
|
||||
static inline test_driver_signature_hooks_t test_driver_signature_hooks_init( void )
|
||||
{
|
||||
const test_driver_signature_hooks_t v = TEST_DRIVER_SIGNATURE_INIT;
|
||||
|
|
|
@ -1450,7 +1450,17 @@ component_test_psa_crypto_config_basic() {
|
|||
scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
|
||||
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
|
||||
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
|
||||
make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
|
||||
loc_cflags="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST"
|
||||
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR"
|
||||
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR"
|
||||
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN"
|
||||
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_RSA_PSS"
|
||||
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_ECDSA"
|
||||
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA"
|
||||
loc_cflags="${loc_cflags} -I../tests/include -O2"
|
||||
|
||||
make CC=gcc CFLAGS="$loc_cflags" LDFLAGS="$ASAN_CFLAGS"
|
||||
unset loc_cflags
|
||||
|
||||
msg "test: full + MBEDTLS_PSA_CRYPTO_CONFIG"
|
||||
make test
|
||||
|
@ -2218,7 +2228,17 @@ component_test_psa_crypto_drivers () {
|
|||
msg "build: MBEDTLS_PSA_CRYPTO_DRIVERS w/ driver hooks"
|
||||
scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
|
||||
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
|
||||
make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR -DMBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
|
||||
loc_cflags="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST"
|
||||
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR"
|
||||
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR"
|
||||
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN"
|
||||
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_RSA_PSS"
|
||||
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_ECDSA"
|
||||
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA"
|
||||
loc_cflags="${loc_cflags} -I../tests/include -O2"
|
||||
|
||||
make CC=gcc CFLAGS="${loc_cflags}" LDFLAGS="$ASAN_CFLAGS"
|
||||
unset loc_cflags
|
||||
|
||||
msg "test: MBEDTLS_PSA_CRYPTO_DRIVERS, signature"
|
||||
make test
|
||||
|
|
|
@ -28,6 +28,8 @@
|
|||
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
|
||||
#include "psa/crypto.h"
|
||||
#include "psa_crypto_core.h"
|
||||
#include "psa_crypto_ecp.h"
|
||||
#include "psa_crypto_rsa.h"
|
||||
#include "mbedtls/ecp.h"
|
||||
|
||||
#include "test/drivers/signature.h"
|
||||
|
@ -44,7 +46,7 @@ test_driver_signature_hooks_t test_driver_signature_verify_hooks = TEST_DRIVER_S
|
|||
|
||||
psa_status_t test_transparent_signature_sign_hash(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key, size_t key_length,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg,
|
||||
const uint8_t *hash, size_t hash_length,
|
||||
uint8_t *signature, size_t signature_size, size_t *signature_length )
|
||||
|
@ -64,85 +66,58 @@ psa_status_t test_transparent_signature_sign_hash(
|
|||
return( PSA_SUCCESS );
|
||||
}
|
||||
|
||||
psa_status_t status = PSA_ERROR_NOT_SUPPORTED;
|
||||
#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
|
||||
defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
|
||||
if( attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
|
||||
{
|
||||
return( mbedtls_transparent_test_driver_rsa_sign_hash(
|
||||
attributes,
|
||||
key_buffer, key_buffer_size,
|
||||
alg, hash, hash_length,
|
||||
signature, signature_size, signature_length ) );
|
||||
}
|
||||
else
|
||||
#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) ||
|
||||
* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */
|
||||
|
||||
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) && \
|
||||
defined(MBEDTLS_SHA256_C)
|
||||
if( alg != PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ) )
|
||||
#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
|
||||
defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
|
||||
if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
|
||||
{
|
||||
if(
|
||||
#if defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
|
||||
PSA_ALG_IS_ECDSA( alg )
|
||||
#else
|
||||
PSA_ALG_IS_RANDOMIZED_ECDSA( alg )
|
||||
#endif
|
||||
)
|
||||
{
|
||||
return( mbedtls_transparent_test_driver_ecdsa_sign_hash(
|
||||
attributes,
|
||||
key_buffer, key_buffer_size,
|
||||
alg, hash, hash_length,
|
||||
signature, signature_size, signature_length ) );
|
||||
}
|
||||
else
|
||||
{
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
}
|
||||
}
|
||||
else
|
||||
#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) ||
|
||||
* defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */
|
||||
{
|
||||
(void)attributes;
|
||||
(void)key_buffer;
|
||||
(void)key_buffer_size;
|
||||
(void)alg;
|
||||
(void)hash;
|
||||
(void)hash_length;
|
||||
(void)signature;
|
||||
(void)signature_size;
|
||||
(void)signature_length;
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
mbedtls_ecp_group_id grp_id;
|
||||
switch( psa_get_key_type( attributes ) )
|
||||
{
|
||||
case PSA_ECC_CURVE_SECP_R1:
|
||||
switch( psa_get_key_bits( attributes ) )
|
||||
{
|
||||
case 256:
|
||||
grp_id = MBEDTLS_ECP_DP_SECP256R1;
|
||||
break;
|
||||
case 384:
|
||||
grp_id = MBEDTLS_ECP_DP_SECP384R1;
|
||||
break;
|
||||
case 521:
|
||||
grp_id = MBEDTLS_ECP_DP_SECP521R1;
|
||||
break;
|
||||
default:
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
}
|
||||
break;
|
||||
default:
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
}
|
||||
|
||||
/* Beyond this point, the driver is actually doing the work of
|
||||
* calculating the signature. */
|
||||
|
||||
status = PSA_ERROR_GENERIC_ERROR;
|
||||
int ret = 0;
|
||||
mbedtls_mpi r, s;
|
||||
mbedtls_mpi_init( &r );
|
||||
mbedtls_mpi_init( &s );
|
||||
mbedtls_ecp_keypair ecp;
|
||||
mbedtls_ecp_keypair_init( &ecp );
|
||||
size_t curve_bytes = PSA_BITS_TO_BYTES( ecp.grp.pbits );
|
||||
|
||||
MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &ecp.grp, grp_id ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_ecp_point_read_binary( &ecp.grp, &ecp.Q,
|
||||
key, key_length ) );
|
||||
|
||||
/* Code adapted from psa_ecdsa_sign() in psa_crypto.c. */
|
||||
mbedtls_md_type_t md_alg = MBEDTLS_MD_SHA256;
|
||||
if( signature_size < 2 * curve_bytes )
|
||||
{
|
||||
status = PSA_ERROR_BUFFER_TOO_SMALL;
|
||||
goto cleanup;
|
||||
}
|
||||
MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign_det( &ecp.grp, &r, &s, &ecp.d,
|
||||
hash, hash_length, md_alg ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &r,
|
||||
signature,
|
||||
curve_bytes ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &s,
|
||||
signature + curve_bytes,
|
||||
curve_bytes ) );
|
||||
cleanup:
|
||||
status = mbedtls_to_psa_error( ret );
|
||||
mbedtls_mpi_free( &r );
|
||||
mbedtls_mpi_free( &s );
|
||||
mbedtls_ecp_keypair_free( &ecp );
|
||||
if( status == PSA_SUCCESS )
|
||||
*signature_length = 2 * curve_bytes;
|
||||
#else /* defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) && \
|
||||
defined(MBEDTLS_SHA256_C) */
|
||||
(void) attributes;
|
||||
(void) key;
|
||||
(void) key_length;
|
||||
(void) alg;
|
||||
(void) hash;
|
||||
(void) hash_length;
|
||||
#endif /* defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) && \
|
||||
defined(MBEDTLS_SHA256_C) */
|
||||
|
||||
return( status );
|
||||
}
|
||||
|
||||
psa_status_t test_opaque_signature_sign_hash(
|
||||
|
@ -161,12 +136,13 @@ psa_status_t test_opaque_signature_sign_hash(
|
|||
(void) signature;
|
||||
(void) signature_size;
|
||||
(void) signature_length;
|
||||
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
}
|
||||
|
||||
psa_status_t test_transparent_signature_verify_hash(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const uint8_t *key, size_t key_length,
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
psa_algorithm_t alg,
|
||||
const uint8_t *hash, size_t hash_length,
|
||||
const uint8_t *signature, size_t signature_length )
|
||||
|
@ -176,98 +152,52 @@ psa_status_t test_transparent_signature_verify_hash(
|
|||
if( test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
|
||||
return( test_driver_signature_verify_hooks.forced_status );
|
||||
|
||||
psa_status_t status = PSA_ERROR_NOT_SUPPORTED;
|
||||
|
||||
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) && \
|
||||
defined(MBEDTLS_SHA256_C)
|
||||
if( alg != PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ) )
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
mbedtls_ecp_group_id grp_id;
|
||||
switch( psa_get_key_type( attributes ) )
|
||||
#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
|
||||
defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
|
||||
if( PSA_KEY_TYPE_IS_RSA( attributes->core.type ) )
|
||||
{
|
||||
case PSA_ECC_CURVE_SECP_R1:
|
||||
switch( psa_get_key_bits( attributes ) )
|
||||
{
|
||||
case 256:
|
||||
grp_id = MBEDTLS_ECP_DP_SECP256R1;
|
||||
break;
|
||||
case 384:
|
||||
grp_id = MBEDTLS_ECP_DP_SECP384R1;
|
||||
break;
|
||||
case 521:
|
||||
grp_id = MBEDTLS_ECP_DP_SECP521R1;
|
||||
break;
|
||||
default:
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
}
|
||||
break;
|
||||
default:
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
return( mbedtls_transparent_test_driver_rsa_verify_hash(
|
||||
attributes,
|
||||
key_buffer, key_buffer_size,
|
||||
alg, hash, hash_length,
|
||||
signature, signature_length ) );
|
||||
}
|
||||
|
||||
/* Beyond this point, the driver is actually doing the work of
|
||||
* calculating the signature. */
|
||||
|
||||
status = PSA_ERROR_GENERIC_ERROR;
|
||||
int ret = 0;
|
||||
mbedtls_mpi r, s;
|
||||
mbedtls_mpi_init( &r );
|
||||
mbedtls_mpi_init( &s );
|
||||
mbedtls_ecp_keypair ecp;
|
||||
mbedtls_ecp_keypair_init( &ecp );
|
||||
mbedtls_test_rnd_pseudo_info rnd_info;
|
||||
memset( &rnd_info, 0x5A, sizeof( mbedtls_test_rnd_pseudo_info ) );
|
||||
size_t curve_bytes = PSA_BITS_TO_BYTES( ecp.grp.pbits );
|
||||
|
||||
MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &ecp.grp, grp_id ) );
|
||||
|
||||
/* Code adapted from psa_ecdsa_verify() in psa_crypto.c. */
|
||||
if( signature_length < 2 * curve_bytes )
|
||||
{
|
||||
status = PSA_ERROR_BUFFER_TOO_SMALL;
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &r,
|
||||
signature,
|
||||
curve_bytes ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &s,
|
||||
signature + curve_bytes,
|
||||
curve_bytes ) );
|
||||
|
||||
if( PSA_KEY_TYPE_IS_PUBLIC_KEY( psa_get_key_type( attributes ) ) )
|
||||
MBEDTLS_MPI_CHK( mbedtls_ecp_point_read_binary( &ecp.grp, &ecp.Q,
|
||||
key, key_length ) );
|
||||
else
|
||||
#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) ||
|
||||
* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */
|
||||
|
||||
#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
|
||||
defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
|
||||
if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
|
||||
{
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ecp.d, key, key_length ) );
|
||||
MBEDTLS_MPI_CHK(
|
||||
mbedtls_ecp_mul( &ecp.grp, &ecp.Q, &ecp.d, &ecp.grp.G,
|
||||
&mbedtls_test_rnd_pseudo_rand,
|
||||
&rnd_info ) );
|
||||
if( PSA_ALG_IS_ECDSA( alg ) )
|
||||
{
|
||||
return( mbedtls_transparent_test_driver_ecdsa_verify_hash(
|
||||
attributes,
|
||||
key_buffer, key_buffer_size,
|
||||
alg, hash, hash_length,
|
||||
signature, signature_length ) );
|
||||
}
|
||||
else
|
||||
{
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
}
|
||||
}
|
||||
else
|
||||
#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) ||
|
||||
* defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */
|
||||
{
|
||||
(void)attributes;
|
||||
(void)key_buffer;
|
||||
(void)key_buffer_size;
|
||||
(void)alg;
|
||||
(void)hash;
|
||||
(void)hash_length;
|
||||
(void)signature;
|
||||
(void)signature_length;
|
||||
|
||||
MBEDTLS_MPI_CHK( mbedtls_ecdsa_verify( &ecp.grp, hash, hash_length,
|
||||
&ecp.Q, &r, &s ) );
|
||||
cleanup:
|
||||
status = mbedtls_to_psa_error( ret );
|
||||
mbedtls_mpi_free( &r );
|
||||
mbedtls_mpi_free( &s );
|
||||
mbedtls_ecp_keypair_free( &ecp );
|
||||
#else /* defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) && \
|
||||
defined(MBEDTLS_SHA256_C) */
|
||||
(void) attributes;
|
||||
(void) key;
|
||||
(void) key_length;
|
||||
(void) alg;
|
||||
(void) hash;
|
||||
(void) hash_length;
|
||||
(void) signature;
|
||||
(void) signature_length;
|
||||
#endif /* defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) && \
|
||||
defined(MBEDTLS_SHA256_C) */
|
||||
|
||||
return( status );
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
}
|
||||
}
|
||||
|
||||
psa_status_t test_opaque_signature_verify_hash(
|
||||
|
|
|
@ -2158,9 +2158,13 @@ depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDT
|
|||
sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
|
||||
|
||||
PSA sign: invalid algorithm for ECC key
|
||||
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_C
|
||||
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_C
|
||||
sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
|
||||
|
||||
PSA sign: deterministic ECDSA not supported
|
||||
depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_C
|
||||
sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824":96:PSA_ERROR_NOT_SUPPORTED
|
||||
|
||||
PSA sign/verify: RSA PKCS#1 v1.5, raw
|
||||
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
|
||||
sign_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263"
|
||||
|
|
|
@ -2,6 +2,7 @@ sign_hash through transparent driver: calculate in driver
|
|||
ecdsa_sign:PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0:PSA_SUCCESS
|
||||
|
||||
sign_hash through transparent driver: fallback
|
||||
depends_on:MBEDTLS_PSA_BUILTIN_ALG_ECDSA
|
||||
ecdsa_sign:PSA_ERROR_NOT_SUPPORTED:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0:PSA_SUCCESS
|
||||
|
||||
sign_hash through transparent driver: error
|
||||
|
@ -14,6 +15,7 @@ verify_hash using private key through transparent driver: calculate in driver
|
|||
ecdsa_verify:PSA_SUCCESS:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS
|
||||
|
||||
verify_hash using private key through transparent driver: fallback
|
||||
depends_on:MBEDTLS_PSA_BUILTIN_ALG_ECDSA
|
||||
ecdsa_verify:PSA_ERROR_NOT_SUPPORTED:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS
|
||||
|
||||
verify_hash using private key through transparent driver: error
|
||||
|
@ -23,6 +25,7 @@ verify_hash using public key through transparent driver: calculate in driver
|
|||
ecdsa_verify:PSA_SUCCESS:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS
|
||||
|
||||
verify_hash using public key through transparent driver: fallback
|
||||
depends_on:MBEDTLS_PSA_BUILTIN_ALG_ECDSA
|
||||
ecdsa_verify:PSA_ERROR_NOT_SUPPORTED:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS
|
||||
|
||||
verify_hash using public key through transparent driver: error
|
||||
|
|
Loading…
Reference in a new issue