pk: fix alg selection in mbedtls_pk_sign_ext() for opaque keys
This commit also fixes pk_psa_wrap_sign_ext() setting the RSA padding mode so that mbedtls_pk_get_psa_attributes() correctly guesses the PSA alg to be used. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
parent
23e637a7c7
commit
b484e37d91
2 changed files with 28 additions and 13 deletions
25
library/pk.c
25
library/pk.c
|
@ -1188,9 +1188,32 @@ int mbedtls_pk_sign_ext(mbedtls_pk_type_t pk_type,
|
||||||
}
|
}
|
||||||
|
|
||||||
if (mbedtls_pk_get_type(ctx) == MBEDTLS_PK_OPAQUE) {
|
if (mbedtls_pk_get_type(ctx) == MBEDTLS_PK_OPAQUE) {
|
||||||
|
psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT;
|
||||||
|
psa_algorithm_t psa_alg, psa_enrollment_alg, sign_alg;
|
||||||
psa_status_t status;
|
psa_status_t status;
|
||||||
|
|
||||||
status = psa_sign_hash(ctx->priv_id, PSA_ALG_RSA_PSS(psa_md_alg),
|
status = psa_get_key_attributes(ctx->priv_id, &key_attr);
|
||||||
|
if (status != PSA_SUCCESS) {
|
||||||
|
return PSA_PK_RSA_TO_MBEDTLS_ERR(status);
|
||||||
|
}
|
||||||
|
psa_alg = psa_get_key_algorithm(&key_attr);
|
||||||
|
psa_enrollment_alg = psa_get_key_enrollment_algorithm(&key_attr);
|
||||||
|
psa_reset_key_attributes(&key_attr);
|
||||||
|
|
||||||
|
/* Since we're PK type is MBEDTLS_PK_RSASSA_PSS at least one between
|
||||||
|
* alg and enrollment alg should be of type RSA_PSS. */
|
||||||
|
if (PSA_ALG_IS_RSA_PSS(psa_alg)) {
|
||||||
|
sign_alg = psa_alg;
|
||||||
|
} else if (PSA_ALG_IS_RSA_PSS(psa_enrollment_alg)) {
|
||||||
|
sign_alg = psa_enrollment_alg;
|
||||||
|
} else {
|
||||||
|
/* The opaque key has no RSA PSS algorithm associated. */
|
||||||
|
return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
|
||||||
|
}
|
||||||
|
/* Adjust the hashing algorithm. */
|
||||||
|
sign_alg = (sign_alg & ~PSA_ALG_HASH_MASK) | PSA_ALG_GET_HASH(psa_md_alg);
|
||||||
|
|
||||||
|
status = psa_sign_hash(ctx->priv_id, sign_alg,
|
||||||
hash, hash_len,
|
hash, hash_len,
|
||||||
sig, sig_size, sig_len);
|
sig, sig_size, sig_len);
|
||||||
return PSA_PK_RSA_TO_MBEDTLS_ERR(status);
|
return PSA_PK_RSA_TO_MBEDTLS_ERR(status);
|
||||||
|
|
|
@ -1833,7 +1833,6 @@ void pk_psa_wrap_sign_ext(int pk_type, int key_bits, int key_pk_type, int md_alg
|
||||||
unsigned char *pkey_start;
|
unsigned char *pkey_start;
|
||||||
unsigned char hash[PSA_HASH_MAX_SIZE];
|
unsigned char hash[PSA_HASH_MAX_SIZE];
|
||||||
psa_algorithm_t psa_md_alg = mbedtls_md_psa_alg_from_type(md_alg);
|
psa_algorithm_t psa_md_alg = mbedtls_md_psa_alg_from_type(md_alg);
|
||||||
psa_algorithm_t psa_alg;
|
|
||||||
size_t hash_len = PSA_HASH_LENGTH(psa_md_alg);
|
size_t hash_len = PSA_HASH_LENGTH(psa_md_alg);
|
||||||
void const *options = NULL;
|
void const *options = NULL;
|
||||||
mbedtls_pk_rsassa_pss_options rsassa_pss_options;
|
mbedtls_pk_rsassa_pss_options rsassa_pss_options;
|
||||||
|
@ -1850,6 +1849,10 @@ void pk_psa_wrap_sign_ext(int pk_type, int key_bits, int key_pk_type, int md_alg
|
||||||
mbedtls_test_rnd_std_rand, NULL,
|
mbedtls_test_rnd_std_rand, NULL,
|
||||||
key_bits, 3), 0);
|
key_bits, 3), 0);
|
||||||
|
|
||||||
|
if (key_pk_type == MBEDTLS_PK_RSASSA_PSS) {
|
||||||
|
mbedtls_rsa_set_padding(mbedtls_pk_rsa(pk), MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_NONE);
|
||||||
|
}
|
||||||
|
|
||||||
/* Export underlying public key for re-importing in a legacy context. */
|
/* Export underlying public key for re-importing in a legacy context. */
|
||||||
ret = mbedtls_pk_write_pubkey_der(&pk, pkey, sizeof(pkey));
|
ret = mbedtls_pk_write_pubkey_der(&pk, pkey, sizeof(pkey));
|
||||||
TEST_ASSERT(ret >= 0);
|
TEST_ASSERT(ret >= 0);
|
||||||
|
@ -1858,19 +1861,8 @@ void pk_psa_wrap_sign_ext(int pk_type, int key_bits, int key_pk_type, int md_alg
|
||||||
/* mbedtls_pk_write_pubkey_der() writes backwards in the data buffer. */
|
/* mbedtls_pk_write_pubkey_der() writes backwards in the data buffer. */
|
||||||
pkey_start = pkey + sizeof(pkey) - pkey_len;
|
pkey_start = pkey + sizeof(pkey) - pkey_len;
|
||||||
|
|
||||||
if (key_pk_type == MBEDTLS_PK_RSA) {
|
|
||||||
psa_alg = PSA_ALG_RSA_PKCS1V15_SIGN(psa_md_alg);
|
|
||||||
} else if (key_pk_type == MBEDTLS_PK_RSASSA_PSS) {
|
|
||||||
psa_alg = PSA_ALG_RSA_PSS(psa_md_alg);
|
|
||||||
} else {
|
|
||||||
TEST_ASSUME(!"PK key type not supported in this configuration");
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Turn PK context into an opaque one. */
|
/* Turn PK context into an opaque one. */
|
||||||
TEST_EQUAL(mbedtls_pk_get_psa_attributes(&pk, PSA_KEY_USAGE_SIGN_HASH, &key_attr), 0);
|
TEST_EQUAL(mbedtls_pk_get_psa_attributes(&pk, PSA_KEY_USAGE_SIGN_HASH, &key_attr), 0);
|
||||||
/* Tweak the algorithm associated with the PSA key because get_psa_attributes() returns
|
|
||||||
* a PSA_ALG_RSA_PSS_ANY_SALT(), but mbedtls_pk_sign_ext() requires a PSA_ALG_RSA_PSS().*/
|
|
||||||
psa_set_key_algorithm(&key_attr, psa_alg);
|
|
||||||
TEST_EQUAL(mbedtls_pk_import_into_psa(&pk, &key_attr, &key_id), 0);
|
TEST_EQUAL(mbedtls_pk_import_into_psa(&pk, &key_attr, &key_id), 0);
|
||||||
mbedtls_pk_free(&pk);
|
mbedtls_pk_free(&pk);
|
||||||
mbedtls_pk_init(&pk);
|
mbedtls_pk_init(&pk);
|
||||||
|
|
Loading…
Reference in a new issue