Ignore domain parameters in RSA key generation
Remove the ability to select a custom public exponent via domain parameters in RSA key generation. The only way to select a custom public exponent is now to pass custom production parameters to psa_generate_key_ext(). A subsequent commit will remove domain parameters altogether from the API, thus this commit does not bother to update the documentation. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
6a2c400b8c
commit
4c32b69f37
6 changed files with 23 additions and 116 deletions
|
@ -7576,11 +7576,8 @@ psa_status_t psa_generate_key_internal(
|
||||||
* that mbedtls_psa_rsa_generate_key() gets e via a new
|
* that mbedtls_psa_rsa_generate_key() gets e via a new
|
||||||
* parameter instead. */
|
* parameter instead. */
|
||||||
psa_key_attributes_t override_attributes = *attributes;
|
psa_key_attributes_t override_attributes = *attributes;
|
||||||
if (params_data_length != 0) {
|
|
||||||
override_attributes.domain_parameters_size = params_data_length;
|
|
||||||
override_attributes.domain_parameters = (uint8_t *) ¶ms->data;
|
|
||||||
}
|
|
||||||
return mbedtls_psa_rsa_generate_key(&override_attributes,
|
return mbedtls_psa_rsa_generate_key(&override_attributes,
|
||||||
|
params, params_data_length,
|
||||||
key_buffer,
|
key_buffer,
|
||||||
key_buffer_size,
|
key_buffer_size,
|
||||||
key_buffer_length);
|
key_buffer_length);
|
||||||
|
|
|
@ -223,11 +223,6 @@ static psa_status_t psa_rsa_read_exponent(const uint8_t *domain_parameters,
|
||||||
size_t i;
|
size_t i;
|
||||||
uint32_t acc = 0;
|
uint32_t acc = 0;
|
||||||
|
|
||||||
if (domain_parameters_size == 0) {
|
|
||||||
*exponent = 65537;
|
|
||||||
return PSA_SUCCESS;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Mbed TLS encodes the public exponent as an int. For simplicity, only
|
/* Mbed TLS encodes the public exponent as an int. For simplicity, only
|
||||||
* support values that fit in a 32-bit integer, which is larger than
|
* support values that fit in a 32-bit integer, which is larger than
|
||||||
* int on just about every platform anyway. */
|
* int on just about every platform anyway. */
|
||||||
|
@ -246,19 +241,21 @@ static psa_status_t psa_rsa_read_exponent(const uint8_t *domain_parameters,
|
||||||
|
|
||||||
psa_status_t mbedtls_psa_rsa_generate_key(
|
psa_status_t mbedtls_psa_rsa_generate_key(
|
||||||
const psa_key_attributes_t *attributes,
|
const psa_key_attributes_t *attributes,
|
||||||
|
const psa_key_production_parameters_t *params, size_t params_data_length,
|
||||||
uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length)
|
uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length)
|
||||||
{
|
{
|
||||||
psa_status_t status;
|
psa_status_t status;
|
||||||
mbedtls_rsa_context rsa;
|
mbedtls_rsa_context rsa;
|
||||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||||
int exponent;
|
int exponent = 65537;
|
||||||
|
|
||||||
status = psa_rsa_read_exponent(attributes->domain_parameters,
|
if (params_data_length != 0) {
|
||||||
attributes->domain_parameters_size,
|
status = psa_rsa_read_exponent(params->data, params_data_length,
|
||||||
&exponent);
|
&exponent);
|
||||||
if (status != PSA_SUCCESS) {
|
if (status != PSA_SUCCESS) {
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
mbedtls_rsa_init(&rsa);
|
mbedtls_rsa_init(&rsa);
|
||||||
ret = mbedtls_rsa_gen_key(&rsa,
|
ret = mbedtls_rsa_gen_key(&rsa,
|
||||||
|
|
|
@ -109,6 +109,15 @@ psa_status_t mbedtls_psa_rsa_export_public_key(
|
||||||
* entry point.
|
* entry point.
|
||||||
*
|
*
|
||||||
* \param[in] attributes The attributes for the RSA key to generate.
|
* \param[in] attributes The attributes for the RSA key to generate.
|
||||||
|
* \param[in] params Production parameters for the key
|
||||||
|
* generation. This function only uses
|
||||||
|
* `params->data`,
|
||||||
|
* which contains the public exponent.
|
||||||
|
* This can be a null pointer if
|
||||||
|
* \c params_data_length is 0.
|
||||||
|
* \param params_data_length Length of `params->data` in bytes.
|
||||||
|
* This can be 0, in which case the
|
||||||
|
* public exponent will be 65537.
|
||||||
* \param[out] key_buffer Buffer where the key data is to be written.
|
* \param[out] key_buffer Buffer where the key data is to be written.
|
||||||
* \param[in] key_buffer_size Size of \p key_buffer in bytes.
|
* \param[in] key_buffer_size Size of \p key_buffer in bytes.
|
||||||
* \param[out] key_buffer_length On success, the number of bytes written in
|
* \param[out] key_buffer_length On success, the number of bytes written in
|
||||||
|
@ -123,6 +132,7 @@ psa_status_t mbedtls_psa_rsa_export_public_key(
|
||||||
*/
|
*/
|
||||||
psa_status_t mbedtls_psa_rsa_generate_key(
|
psa_status_t mbedtls_psa_rsa_generate_key(
|
||||||
const psa_key_attributes_t *attributes,
|
const psa_key_attributes_t *attributes,
|
||||||
|
const psa_key_production_parameters_t *params, size_t params_data_length,
|
||||||
uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length);
|
uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length);
|
||||||
|
|
||||||
/** Sign an already-calculated hash with an RSA private key.
|
/** Sign an already-calculated hash with an RSA private key.
|
||||||
|
|
|
@ -225,10 +225,13 @@ psa_status_t mbedtls_test_transparent_generate_key(
|
||||||
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
|
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
|
||||||
return libtestdriver1_mbedtls_psa_rsa_generate_key(
|
return libtestdriver1_mbedtls_psa_rsa_generate_key(
|
||||||
(const libtestdriver1_psa_key_attributes_t *) attributes,
|
(const libtestdriver1_psa_key_attributes_t *) attributes,
|
||||||
|
NULL, 0, /* We don't support custom e in the test driver yet */
|
||||||
key, key_size, key_length);
|
key, key_size, key_length);
|
||||||
#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
|
#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
|
||||||
return mbedtls_psa_rsa_generate_key(
|
return mbedtls_psa_rsa_generate_key(
|
||||||
attributes, key, key_size, key_length);
|
attributes,
|
||||||
|
NULL, 0, /* We don't support custom e in the test driver yet */
|
||||||
|
key, key_size, key_length);
|
||||||
#endif
|
#endif
|
||||||
} else if (PSA_KEY_TYPE_IS_DH(psa_get_key_type(attributes))
|
} else if (PSA_KEY_TYPE_IS_DH(psa_get_key_type(attributes))
|
||||||
&& PSA_KEY_TYPE_IS_KEY_PAIR(psa_get_key_type(attributes))) {
|
&& PSA_KEY_TYPE_IS_KEY_PAIR(psa_get_key_type(attributes))) {
|
||||||
|
|
|
@ -7431,24 +7431,6 @@ PSA generate key: ECC, Curve448, good
|
||||||
depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_MONTGOMERY_448
|
depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_MONTGOMERY_448
|
||||||
generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_SUCCESS:0
|
generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_SUCCESS:0
|
||||||
|
|
||||||
PSA generate key: RSA, domain parameters: default e
|
|
||||||
generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"":PSA_SUCCESS
|
|
||||||
|
|
||||||
PSA generate key: RSA, domain parameters: e=3
|
|
||||||
generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"03":PSA_SUCCESS
|
|
||||||
|
|
||||||
PSA generate key: RSA, domain parameters: e=65537
|
|
||||||
generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"010001":PSA_SUCCESS
|
|
||||||
|
|
||||||
PSA generate key: RSA, domain parameters: e=513
|
|
||||||
generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"0201":PSA_SUCCESS
|
|
||||||
|
|
||||||
PSA generate key: RSA, domain parameters: e=1
|
|
||||||
generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"01":PSA_ERROR_INVALID_ARGUMENT
|
|
||||||
|
|
||||||
PSA generate key: RSA, domain parameters: e=2
|
|
||||||
generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"02":PSA_ERROR_INVALID_ARGUMENT
|
|
||||||
|
|
||||||
PSA generate key: FFDH, 2048 bits, good
|
PSA generate key: FFDH, 2048 bits, good
|
||||||
depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE:PSA_WANT_DH_RFC7919_2048
|
depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE:PSA_WANT_DH_RFC7919_2048
|
||||||
generate_key:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):2048:PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:PSA_SUCCESS:0
|
generate_key:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):2048:PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:PSA_SUCCESS:0
|
||||||
|
|
|
@ -9840,88 +9840,6 @@ exit:
|
||||||
}
|
}
|
||||||
/* END_CASE */
|
/* END_CASE */
|
||||||
|
|
||||||
/* BEGIN_CASE depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ALG_RSA_PKCS1V15_SIGN */
|
|
||||||
void generate_key_rsa(int bits_arg,
|
|
||||||
data_t *e_arg,
|
|
||||||
int expected_status_arg)
|
|
||||||
{
|
|
||||||
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
|
|
||||||
psa_key_type_t type = PSA_KEY_TYPE_RSA_KEY_PAIR;
|
|
||||||
size_t bits = bits_arg;
|
|
||||||
psa_key_usage_t usage = PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT;
|
|
||||||
psa_algorithm_t alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW;
|
|
||||||
psa_status_t expected_status = expected_status_arg;
|
|
||||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
|
||||||
uint8_t *e_read_buffer = NULL;
|
|
||||||
int is_default_public_exponent = 0;
|
|
||||||
size_t e_read_size = PSA_KEY_DOMAIN_PARAMETERS_SIZE(type, bits);
|
|
||||||
size_t e_read_length = SIZE_MAX;
|
|
||||||
|
|
||||||
if (e_arg->len == 0 ||
|
|
||||||
(e_arg->len == 3 &&
|
|
||||||
e_arg->x[0] == 1 && e_arg->x[1] == 0 && e_arg->x[2] == 1)) {
|
|
||||||
is_default_public_exponent = 1;
|
|
||||||
e_read_size = 0;
|
|
||||||
}
|
|
||||||
TEST_CALLOC(e_read_buffer, e_read_size);
|
|
||||||
|
|
||||||
PSA_ASSERT(psa_crypto_init());
|
|
||||||
|
|
||||||
psa_set_key_usage_flags(&attributes, usage);
|
|
||||||
psa_set_key_algorithm(&attributes, alg);
|
|
||||||
PSA_ASSERT(psa_set_key_domain_parameters(&attributes, type,
|
|
||||||
e_arg->x, e_arg->len));
|
|
||||||
psa_set_key_bits(&attributes, bits);
|
|
||||||
|
|
||||||
/* Generate a key */
|
|
||||||
TEST_EQUAL(psa_generate_key(&attributes, &key), expected_status);
|
|
||||||
if (expected_status != PSA_SUCCESS) {
|
|
||||||
goto exit;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Test the key information */
|
|
||||||
PSA_ASSERT(psa_get_key_attributes(key, &attributes));
|
|
||||||
TEST_EQUAL(psa_get_key_type(&attributes), type);
|
|
||||||
TEST_EQUAL(psa_get_key_bits(&attributes), bits);
|
|
||||||
psa_status_t status = psa_get_key_domain_parameters(&attributes,
|
|
||||||
e_read_buffer, e_read_size,
|
|
||||||
&e_read_length);
|
|
||||||
|
|
||||||
|
|
||||||
#if (defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) && \
|
|
||||||
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT)) || \
|
|
||||||
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
|
|
||||||
if (is_default_public_exponent) {
|
|
||||||
TEST_EQUAL(e_read_length, 0);
|
|
||||||
} else {
|
|
||||||
TEST_EQUAL(status, PSA_SUCCESS);
|
|
||||||
TEST_MEMORY_COMPARE(e_read_buffer, e_read_length, e_arg->x, e_arg->len);
|
|
||||||
}
|
|
||||||
#else
|
|
||||||
(void) is_default_public_exponent;
|
|
||||||
TEST_EQUAL(status, PSA_ERROR_NOT_SUPPORTED);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* Do something with the key according to its type and permitted usage. */
|
|
||||||
if (!mbedtls_test_psa_exercise_key(key, usage, alg)) {
|
|
||||||
goto exit;
|
|
||||||
}
|
|
||||||
|
|
||||||
TEST_ASSERT(rsa_test_e(key, bits, e_arg));
|
|
||||||
|
|
||||||
exit:
|
|
||||||
/*
|
|
||||||
* Key attributes may have been returned by psa_get_key_attributes() or
|
|
||||||
* set by psa_set_key_domain_parameters() thus reset them as required.
|
|
||||||
*/
|
|
||||||
psa_reset_key_attributes(&attributes);
|
|
||||||
|
|
||||||
psa_destroy_key(key);
|
|
||||||
PSA_DONE();
|
|
||||||
mbedtls_free(e_read_buffer);
|
|
||||||
}
|
|
||||||
/* END_CASE */
|
|
||||||
|
|
||||||
/* BEGIN_CASE */
|
/* BEGIN_CASE */
|
||||||
void generate_key_ext(int type_arg,
|
void generate_key_ext(int type_arg,
|
||||||
int bits_arg,
|
int bits_arg,
|
||||||
|
|
Loading…
Reference in a new issue