psa_crypto_ecp: add helper for checking EC parameters

This commit also updates "test_suite_psa_crypto.data" replacing
PSA_ERROR_NOT_SUPPORTED with PSA_ERROR_INVALID_ARGUMENT when
a wrong bit size is provided while importing key.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
Valerio Setti 2023-12-21 14:48:31 +01:00
parent d36c313b53
commit 673868be5d
2 changed files with 63 additions and 21 deletions

View file

@ -32,6 +32,60 @@
defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH)
/* Helper function to verify if the provided EC's family and key bit size are
* valid. */
static int check_ecc_parameters(psa_ecc_family_t family, size_t bits, int allow_bit_size_roundup)
{
switch (family) {
case PSA_ECC_FAMILY_SECP_R1:
switch (bits) {
case 192:
case 224:
case 256:
case 384:
case 521:
return PSA_SUCCESS;
case 528:
if (allow_bit_size_roundup) {
return PSA_SUCCESS;
}
}
break;
case PSA_ECC_FAMILY_BRAINPOOL_P_R1:
switch (bits) {
case 256:
case 384:
case 512:
return PSA_SUCCESS;
}
break;
case PSA_ECC_FAMILY_MONTGOMERY:
switch (bits) {
case 448:
case 255:
return PSA_SUCCESS;
case 256:
if (allow_bit_size_roundup) {
return PSA_SUCCESS;
}
}
break;
case PSA_ECC_FAMILY_SECP_K1:
switch (bits) {
case 192:
case 224:
case 256:
return PSA_SUCCESS;
}
break;
}
return PSA_ERROR_INVALID_ARGUMENT;
}
psa_status_t mbedtls_psa_ecp_load_representation( psa_status_t mbedtls_psa_ecp_load_representation(
psa_key_type_t type, size_t curve_bits, psa_key_type_t type, size_t curve_bits,
const uint8_t *data, size_t data_length, const uint8_t *data, size_t data_length,
@ -41,7 +95,6 @@ psa_status_t mbedtls_psa_ecp_load_representation(
psa_status_t status; psa_status_t status;
mbedtls_ecp_keypair *ecp = NULL; mbedtls_ecp_keypair *ecp = NULL;
size_t curve_bytes = data_length; size_t curve_bytes = data_length;
size_t curve_bits_check;
int explicit_bits = (curve_bits != 0); int explicit_bits = (curve_bits != 0);
if (PSA_KEY_TYPE_IS_PUBLIC_KEY(type) && if (PSA_KEY_TYPE_IS_PUBLIC_KEY(type) &&
@ -83,27 +136,16 @@ psa_status_t mbedtls_psa_ecp_load_representation(
} }
mbedtls_ecp_keypair_init(ecp); mbedtls_ecp_keypair_init(ecp);
status = check_ecc_parameters(PSA_KEY_TYPE_ECC_GET_FAMILY(type), curve_bits,
!explicit_bits);
if (status != PSA_SUCCESS) {
goto exit;
}
/* Load the group. */ /* Load the group. */
grp_id = mbedtls_ecc_group_from_psa(PSA_KEY_TYPE_ECC_GET_FAMILY(type), grp_id = mbedtls_ecc_group_from_psa(PSA_KEY_TYPE_ECC_GET_FAMILY(type),
curve_bits); curve_bits);
if (grp_id == MBEDTLS_ECP_DP_NONE) { if (grp_id == MBEDTLS_ECP_DP_NONE) {
/* We can't distinguish between a nonsensical family/size combination
* (which would warrant PSA_ERROR_INVALID_ARGUMENT) and a
* well-regarded curve that Mbed TLS just doesn't know about (which
* would warrant PSA_ERROR_NOT_SUPPORTED). For uniformity with how
* curves that Mbed TLS knows about but for which support is disabled
* at build time, return NOT_SUPPORTED. */
status = PSA_ERROR_NOT_SUPPORTED;
goto exit;
}
/* Get the exact number of bits which are necessary for this key. This is
* used to validate the "curve_bits" input parameter (only in case it was
* provided).
* Note: we intentionally ignore the return value of mbedtls_ecc_group_to_psa()
* because we are only interested in the curve's bit size. */
mbedtls_ecc_group_to_psa(grp_id, &curve_bits_check);
if (explicit_bits && (curve_bits_check != curve_bits)) {
status = PSA_ERROR_NOT_SUPPORTED; status = PSA_ERROR_NOT_SUPPORTED;
goto exit; goto exit;
} }

View file

@ -684,7 +684,7 @@ import_with_data:"":PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT
PSA import EC keypair: explicit bit-size=255 for secp256r1 PSA import EC keypair: explicit bit-size=255 for secp256r1
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256
import_with_data:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):255:PSA_ERROR_NOT_SUPPORTED import_with_data:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):255:PSA_ERROR_INVALID_ARGUMENT
PSA import EC keypair: explicit bit-size=521 for secp521r1 (good) PSA import EC keypair: explicit bit-size=521 for secp521r1 (good)
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_521 depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_521
@ -692,7 +692,7 @@ import_with_data:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af
PSA import EC keypair: explicit bit-size=528 for secp521r1 (bad) PSA import EC keypair: explicit bit-size=528 for secp521r1 (bad)
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_521 depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_521
import_with_data:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):528:PSA_ERROR_NOT_SUPPORTED import_with_data:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):528:PSA_ERROR_INVALID_ARGUMENT
PSA import EC keypair: explicit bit-size, DER format PSA import EC keypair: explicit bit-size, DER format
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256
@ -716,7 +716,7 @@ import_with_data:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba0120
PSA import EC keypair: implicit bit-size, not a valid length PSA import EC keypair: implicit bit-size, not a valid length
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256
import_with_data:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_NOT_SUPPORTED import_with_data:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT
PSA import EC keypair: secp256r1, all-bits-zero (bad) PSA import EC keypair: secp256r1, all-bits-zero (bad)
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256