Ignore domain parameters in RSA key generation
Remove the ability to select a custom public exponent via domain parameters in RSA key generation. The only way to select a custom public exponent is now to pass custom production parameters to psa_generate_key_ext(). A subsequent commit will remove domain parameters altogether from the API, thus this commit does not bother to update the documentation. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine
parent
6a2c400b8c
commit
4c32b69f37
6 changed files with 23 additions and 116 deletions
|
|
@ -7576,11 +7576,8 @@ psa_status_t psa_generate_key_internal(
|
|||
* that mbedtls_psa_rsa_generate_key() gets e via a new
|
||||
* parameter instead. */
|
||||
psa_key_attributes_t override_attributes = *attributes;
|
||||
if (params_data_length != 0) {
|
||||
override_attributes.domain_parameters_size = params_data_length;
|
||||
override_attributes.domain_parameters = (uint8_t *) ¶ms->data;
|
||||
}
|
||||
return mbedtls_psa_rsa_generate_key(&override_attributes,
|
||||
params, params_data_length,
|
||||
key_buffer,
|
||||
key_buffer_size,
|
||||
key_buffer_length);
|
||||
|
|
|
|||
|
|
@ -223,11 +223,6 @@ static psa_status_t psa_rsa_read_exponent(const uint8_t *domain_parameters,
|
|||
size_t i;
|
||||
uint32_t acc = 0;
|
||||
|
||||
if (domain_parameters_size == 0) {
|
||||
*exponent = 65537;
|
||||
return PSA_SUCCESS;
|
||||
}
|
||||
|
||||
/* Mbed TLS encodes the public exponent as an int. For simplicity, only
|
||||
* support values that fit in a 32-bit integer, which is larger than
|
||||
* int on just about every platform anyway. */
|
||||
|
|
@ -246,18 +241,20 @@ static psa_status_t psa_rsa_read_exponent(const uint8_t *domain_parameters,
|
|||
|
||||
psa_status_t mbedtls_psa_rsa_generate_key(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const psa_key_production_parameters_t *params, size_t params_data_length,
|
||||
uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length)
|
||||
{
|
||||
psa_status_t status;
|
||||
mbedtls_rsa_context rsa;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
int exponent;
|
||||
int exponent = 65537;
|
||||
|
||||
status = psa_rsa_read_exponent(attributes->domain_parameters,
|
||||
attributes->domain_parameters_size,
|
||||
&exponent);
|
||||
if (status != PSA_SUCCESS) {
|
||||
return status;
|
||||
if (params_data_length != 0) {
|
||||
status = psa_rsa_read_exponent(params->data, params_data_length,
|
||||
&exponent);
|
||||
if (status != PSA_SUCCESS) {
|
||||
return status;
|
||||
}
|
||||
}
|
||||
|
||||
mbedtls_rsa_init(&rsa);
|
||||
|
|
|
|||
|
|
@ -109,6 +109,15 @@ psa_status_t mbedtls_psa_rsa_export_public_key(
|
|||
* entry point.
|
||||
*
|
||||
* \param[in] attributes The attributes for the RSA key to generate.
|
||||
* \param[in] params Production parameters for the key
|
||||
* generation. This function only uses
|
||||
* `params->data`,
|
||||
* which contains the public exponent.
|
||||
* This can be a null pointer if
|
||||
* \c params_data_length is 0.
|
||||
* \param params_data_length Length of `params->data` in bytes.
|
||||
* This can be 0, in which case the
|
||||
* public exponent will be 65537.
|
||||
* \param[out] key_buffer Buffer where the key data is to be written.
|
||||
* \param[in] key_buffer_size Size of \p key_buffer in bytes.
|
||||
* \param[out] key_buffer_length On success, the number of bytes written in
|
||||
|
|
@ -123,6 +132,7 @@ psa_status_t mbedtls_psa_rsa_export_public_key(
|
|||
*/
|
||||
psa_status_t mbedtls_psa_rsa_generate_key(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const psa_key_production_parameters_t *params, size_t params_data_length,
|
||||
uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length);
|
||||
|
||||
/** Sign an already-calculated hash with an RSA private key.
|
||||
|
|
|
|||
|
|
@ -225,10 +225,13 @@ psa_status_t mbedtls_test_transparent_generate_key(
|
|||
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
|
||||
return libtestdriver1_mbedtls_psa_rsa_generate_key(
|
||||
(const libtestdriver1_psa_key_attributes_t *) attributes,
|
||||
NULL, 0, /* We don't support custom e in the test driver yet */
|
||||
key, key_size, key_length);
|
||||
#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
|
||||
return mbedtls_psa_rsa_generate_key(
|
||||
attributes, key, key_size, key_length);
|
||||
attributes,
|
||||
NULL, 0, /* We don't support custom e in the test driver yet */
|
||||
key, key_size, key_length);
|
||||
#endif
|
||||
} else if (PSA_KEY_TYPE_IS_DH(psa_get_key_type(attributes))
|
||||
&& PSA_KEY_TYPE_IS_KEY_PAIR(psa_get_key_type(attributes))) {
|
||||
|
|
|
|||
|
|
@ -7431,24 +7431,6 @@ PSA generate key: ECC, Curve448, good
|
|||
depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_MONTGOMERY_448
|
||||
generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_SUCCESS:0
|
||||
|
||||
PSA generate key: RSA, domain parameters: default e
|
||||
generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"":PSA_SUCCESS
|
||||
|
||||
PSA generate key: RSA, domain parameters: e=3
|
||||
generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"03":PSA_SUCCESS
|
||||
|
||||
PSA generate key: RSA, domain parameters: e=65537
|
||||
generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"010001":PSA_SUCCESS
|
||||
|
||||
PSA generate key: RSA, domain parameters: e=513
|
||||
generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"0201":PSA_SUCCESS
|
||||
|
||||
PSA generate key: RSA, domain parameters: e=1
|
||||
generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"01":PSA_ERROR_INVALID_ARGUMENT
|
||||
|
||||
PSA generate key: RSA, domain parameters: e=2
|
||||
generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"02":PSA_ERROR_INVALID_ARGUMENT
|
||||
|
||||
PSA generate key: FFDH, 2048 bits, good
|
||||
depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE:PSA_WANT_DH_RFC7919_2048
|
||||
generate_key:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):2048:PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:PSA_SUCCESS:0
|
||||
|
|
|
|||
|
|
@ -9840,88 +9840,6 @@ exit:
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ALG_RSA_PKCS1V15_SIGN */
|
||||
void generate_key_rsa(int bits_arg,
|
||||
data_t *e_arg,
|
||||
int expected_status_arg)
|
||||
{
|
||||
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
|
||||
psa_key_type_t type = PSA_KEY_TYPE_RSA_KEY_PAIR;
|
||||
size_t bits = bits_arg;
|
||||
psa_key_usage_t usage = PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT;
|
||||
psa_algorithm_t alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW;
|
||||
psa_status_t expected_status = expected_status_arg;
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
uint8_t *e_read_buffer = NULL;
|
||||
int is_default_public_exponent = 0;
|
||||
size_t e_read_size = PSA_KEY_DOMAIN_PARAMETERS_SIZE(type, bits);
|
||||
size_t e_read_length = SIZE_MAX;
|
||||
|
||||
if (e_arg->len == 0 ||
|
||||
(e_arg->len == 3 &&
|
||||
e_arg->x[0] == 1 && e_arg->x[1] == 0 && e_arg->x[2] == 1)) {
|
||||
is_default_public_exponent = 1;
|
||||
e_read_size = 0;
|
||||
}
|
||||
TEST_CALLOC(e_read_buffer, e_read_size);
|
||||
|
||||
PSA_ASSERT(psa_crypto_init());
|
||||
|
||||
psa_set_key_usage_flags(&attributes, usage);
|
||||
psa_set_key_algorithm(&attributes, alg);
|
||||
PSA_ASSERT(psa_set_key_domain_parameters(&attributes, type,
|
||||
e_arg->x, e_arg->len));
|
||||
psa_set_key_bits(&attributes, bits);
|
||||
|
||||
/* Generate a key */
|
||||
TEST_EQUAL(psa_generate_key(&attributes, &key), expected_status);
|
||||
if (expected_status != PSA_SUCCESS) {
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/* Test the key information */
|
||||
PSA_ASSERT(psa_get_key_attributes(key, &attributes));
|
||||
TEST_EQUAL(psa_get_key_type(&attributes), type);
|
||||
TEST_EQUAL(psa_get_key_bits(&attributes), bits);
|
||||
psa_status_t status = psa_get_key_domain_parameters(&attributes,
|
||||
e_read_buffer, e_read_size,
|
||||
&e_read_length);
|
||||
|
||||
|
||||
#if (defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) && \
|
||||
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT)) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
|
||||
if (is_default_public_exponent) {
|
||||
TEST_EQUAL(e_read_length, 0);
|
||||
} else {
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
TEST_MEMORY_COMPARE(e_read_buffer, e_read_length, e_arg->x, e_arg->len);
|
||||
}
|
||||
#else
|
||||
(void) is_default_public_exponent;
|
||||
TEST_EQUAL(status, PSA_ERROR_NOT_SUPPORTED);
|
||||
#endif
|
||||
|
||||
/* Do something with the key according to its type and permitted usage. */
|
||||
if (!mbedtls_test_psa_exercise_key(key, usage, alg)) {
|
||||
goto exit;
|
||||
}
|
||||
|
||||
TEST_ASSERT(rsa_test_e(key, bits, e_arg));
|
||||
|
||||
exit:
|
||||
/*
|
||||
* Key attributes may have been returned by psa_get_key_attributes() or
|
||||
* set by psa_set_key_domain_parameters() thus reset them as required.
|
||||
*/
|
||||
psa_reset_key_attributes(&attributes);
|
||||
|
||||
psa_destroy_key(key);
|
||||
PSA_DONE();
|
||||
mbedtls_free(e_read_buffer);
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void generate_key_ext(int type_arg,
|
||||
int bits_arg,
|
||||
|
|
|
|||
Loading…
Reference in a new issue