Merge pull request #8840 from gilles-peskine-arm/domain_parameters-remove
Remove domain parameters
This commit is contained in:
commit
ca21b241bd
13 changed files with 120 additions and 498 deletions
9
ChangeLog.d/domain_parameters.txt
Normal file
9
ChangeLog.d/domain_parameters.txt
Normal file
|
@ -0,0 +1,9 @@
|
|||
New deprecations
|
||||
* In the PSA API, domain parameters are no longer used for anything.
|
||||
They are deprecated and will be removed in a future version of the
|
||||
library.
|
||||
|
||||
Removals
|
||||
* In the PSA API, the experimental way to encode the public exponent of
|
||||
an RSA key as a domain parameter is no longer supported. Use
|
||||
psa_generate_key_ext() instead.
|
|
@ -4144,7 +4144,7 @@ psa_status_t psa_generate_key(const psa_key_attributes_t *attributes,
|
|||
* When this is #PSA_KEY_PRODUCTION_PARAMETERS_INIT
|
||||
* with \p params_data_length = 0,
|
||||
* this function is equivalent to
|
||||
* psa_key_generation_output_key().
|
||||
* psa_generate_key().
|
||||
* \param params_data_length
|
||||
* Length of `params->data` in bytes.
|
||||
* \param[out] key On success, an identifier for the newly created
|
||||
|
|
|
@ -146,6 +146,83 @@ psa_status_t psa_open_key(mbedtls_svc_key_id_t key,
|
|||
*/
|
||||
psa_status_t psa_close_key(psa_key_handle_t handle);
|
||||
|
||||
/** \addtogroup attributes
|
||||
* @{
|
||||
*/
|
||||
|
||||
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
|
||||
/** Custom Diffie-Hellman group.
|
||||
*
|
||||
* Mbed TLS does not support custom DH groups.
|
||||
*
|
||||
* \deprecated This value is not useful, so this macro will be removed in
|
||||
* a future version of the library.
|
||||
*/
|
||||
#define PSA_DH_FAMILY_CUSTOM \
|
||||
((psa_dh_family_t) MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(0x7e))
|
||||
|
||||
/**
|
||||
* \brief Set domain parameters for a key.
|
||||
*
|
||||
* \deprecated Mbed TLS no longer supports any domain parameters.
|
||||
* This function only does the equivalent of
|
||||
* psa_set_key_type() and will be removed in a future version
|
||||
* of the library.
|
||||
*
|
||||
* \param[in,out] attributes Attribute structure where \p type will be set.
|
||||
* \param type Key type (a \c PSA_KEY_TYPE_XXX value).
|
||||
* \param[in] data Ignored.
|
||||
* \param data_length Must be 0.
|
||||
*
|
||||
* \retval #PSA_SUCCESS \emptydescription
|
||||
* \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
|
||||
*/
|
||||
static inline psa_status_t MBEDTLS_DEPRECATED psa_set_key_domain_parameters(
|
||||
psa_key_attributes_t *attributes,
|
||||
psa_key_type_t type, const uint8_t *data, size_t data_length)
|
||||
{
|
||||
(void) data;
|
||||
if (data_length != 0) {
|
||||
return PSA_ERROR_NOT_SUPPORTED;
|
||||
}
|
||||
psa_set_key_type(attributes, type);
|
||||
return PSA_SUCCESS;
|
||||
}
|
||||
|
||||
/**
|
||||
* \brief Get domain parameters for a key.
|
||||
*
|
||||
* \deprecated Mbed TLS no longer supports any domain parameters.
|
||||
* This function alwaya has an empty output and will be
|
||||
* removed in a future version of the library.
|
||||
|
||||
* \param[in] attributes Ignored.
|
||||
* \param[out] data Ignored.
|
||||
* \param data_size Ignored.
|
||||
* \param[out] data_length Set to 0.
|
||||
*
|
||||
* \retval #PSA_SUCCESS \emptydescription
|
||||
*/
|
||||
static inline psa_status_t MBEDTLS_DEPRECATED psa_get_key_domain_parameters(
|
||||
const psa_key_attributes_t *attributes,
|
||||
uint8_t *data, size_t data_size, size_t *data_length)
|
||||
{
|
||||
(void) attributes;
|
||||
(void) data;
|
||||
(void) data_size;
|
||||
*data_length = 0;
|
||||
return PSA_SUCCESS;
|
||||
}
|
||||
|
||||
/** Safe output buffer size for psa_get_key_domain_parameters().
|
||||
*
|
||||
*/
|
||||
#define PSA_KEY_DOMAIN_PARAMETERS_SIZE(key_type, key_bits) \
|
||||
MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(1u)
|
||||
#endif /* MBEDTLS_DEPRECATED_REMOVED */
|
||||
|
||||
/**@}*/
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
|
|
@ -409,140 +409,11 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed,
|
|||
* @{
|
||||
*/
|
||||
|
||||
/** Custom Diffie-Hellman group.
|
||||
*
|
||||
* For keys of type #PSA_KEY_TYPE_DH_PUBLIC_KEY(#PSA_DH_FAMILY_CUSTOM) or
|
||||
* #PSA_KEY_TYPE_DH_KEY_PAIR(#PSA_DH_FAMILY_CUSTOM), the group data comes
|
||||
* from domain parameters set by psa_set_key_domain_parameters().
|
||||
*/
|
||||
#define PSA_DH_FAMILY_CUSTOM ((psa_dh_family_t) 0x7e)
|
||||
|
||||
/** PAKE operation stages. */
|
||||
#define PSA_PAKE_OPERATION_STAGE_SETUP 0
|
||||
#define PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS 1
|
||||
#define PSA_PAKE_OPERATION_STAGE_COMPUTATION 2
|
||||
|
||||
/**
|
||||
* \brief Set domain parameters for a key.
|
||||
*
|
||||
* Some key types require additional domain parameters in addition to
|
||||
* the key type identifier and the key size. Use this function instead
|
||||
* of psa_set_key_type() when you need to specify domain parameters.
|
||||
*
|
||||
* The format for the required domain parameters varies based on the key type.
|
||||
* Mbed TLS supports the following key type with domain parameters:
|
||||
*
|
||||
* - For RSA keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY or #PSA_KEY_TYPE_RSA_KEY_PAIR),
|
||||
* the domain parameter data consists of the public exponent,
|
||||
* represented as a big-endian integer with no leading zeros.
|
||||
* This information is used when generating an RSA key pair.
|
||||
* When importing a key, the public exponent is read from the imported
|
||||
* key data and the exponent recorded in the attribute structure is ignored.
|
||||
* As an exception, the public exponent 65537 is represented by an empty
|
||||
* byte string.
|
||||
*
|
||||
* \note This function may allocate memory or other resources.
|
||||
* Once you have called this function on an attribute structure,
|
||||
* you must call psa_reset_key_attributes() to free these resources.
|
||||
*
|
||||
* \note This is an experimental extension to the interface. It may change
|
||||
* in future versions of the library.
|
||||
*
|
||||
* \note Due to an implementation limitation, domain parameters are ignored
|
||||
* for keys that are managed by a driver.
|
||||
*
|
||||
* \param[in,out] attributes Attribute structure where the specified domain
|
||||
* parameters will be stored.
|
||||
* If this function fails, the content of
|
||||
* \p attributes is not modified.
|
||||
* \param type Key type (a \c PSA_KEY_TYPE_XXX value).
|
||||
* \param[in] data Buffer containing the key domain parameters.
|
||||
* The content of this buffer is interpreted
|
||||
* according to \p type as described above.
|
||||
* \param data_length Size of the \p data buffer in bytes.
|
||||
*
|
||||
* \retval #PSA_SUCCESS \emptydescription
|
||||
* \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription
|
||||
* \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
|
||||
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
|
||||
*/
|
||||
#if !defined(PSA_SET_KEY_DOMAIN_PARAMETERS)
|
||||
#define PSA_SET_KEY_DOMAIN_PARAMETERS
|
||||
psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes,
|
||||
psa_key_type_t type,
|
||||
const uint8_t *data,
|
||||
size_t data_length);
|
||||
#endif /* PSA_SET_KEY_DOMAIN_PARAMETERS */
|
||||
|
||||
/**
|
||||
* \brief Get domain parameters for a key.
|
||||
*
|
||||
* Get the domain parameters for a key with this function, if any. The format
|
||||
* of the domain parameters written to \p data is specified in the
|
||||
* documentation for psa_set_key_domain_parameters().
|
||||
*
|
||||
* \note This is an experimental extension to the interface. It may change
|
||||
* in future versions of the library.
|
||||
*
|
||||
* \note Due to an implementation limitation, domain parameters are not
|
||||
* supported with keys that are managed by a driver.
|
||||
*
|
||||
* \param[in] attributes The key attribute structure to query.
|
||||
* \param[out] data On success, the key domain parameters.
|
||||
* \param data_size Size of the \p data buffer in bytes.
|
||||
* The buffer is guaranteed to be large
|
||||
* enough if its size in bytes is at least
|
||||
* the value given by
|
||||
* PSA_KEY_DOMAIN_PARAMETERS_SIZE().
|
||||
* \param[out] data_length On success, the number of bytes
|
||||
* that make up the key domain parameters data.
|
||||
*
|
||||
* \retval #PSA_SUCCESS \emptydescription
|
||||
* \retval #PSA_ERROR_BUFFER_TOO_SMALL \emptydescription
|
||||
* \retval #PSA_ERROR_NOT_SUPPORTED
|
||||
* The key is managed by a driver.
|
||||
*/
|
||||
psa_status_t psa_get_key_domain_parameters(
|
||||
const psa_key_attributes_t *attributes,
|
||||
uint8_t *data,
|
||||
size_t data_size,
|
||||
size_t *data_length);
|
||||
|
||||
/** Safe output buffer size for psa_get_key_domain_parameters().
|
||||
*
|
||||
* This macro returns a compile-time constant if its arguments are
|
||||
* compile-time constants.
|
||||
*
|
||||
* \warning This function may call its arguments multiple times or
|
||||
* zero times, so you should not pass arguments that contain
|
||||
* side effects.
|
||||
*
|
||||
* \note This is an experimental extension to the interface. It may change
|
||||
* in future versions of the library.
|
||||
*
|
||||
* \param key_type A supported key type.
|
||||
* \param key_bits The size of the key in bits.
|
||||
*
|
||||
* \return If the parameters are valid and supported, return
|
||||
* a buffer size in bytes that guarantees that
|
||||
* psa_get_key_domain_parameters() will not fail with
|
||||
* #PSA_ERROR_BUFFER_TOO_SMALL.
|
||||
* If the parameters are a valid combination that is not supported
|
||||
* by the implementation, this macro shall return either a
|
||||
* sensible size or 0.
|
||||
* If the parameters are not valid, the
|
||||
* return value is unspecified.
|
||||
*/
|
||||
#define PSA_KEY_DOMAIN_PARAMETERS_SIZE(key_type, key_bits) \
|
||||
(PSA_KEY_TYPE_IS_RSA(key_type) ? sizeof(int) : \
|
||||
PSA_KEY_TYPE_IS_DH(key_type) ? PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \
|
||||
PSA_KEY_TYPE_IS_DSA(key_type) ? PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) : \
|
||||
0)
|
||||
#define PSA_DH_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \
|
||||
(4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 3 /*without optional parts*/)
|
||||
#define PSA_DSA_KEY_DOMAIN_PARAMETERS_SIZE(key_bits) \
|
||||
(4 + (PSA_BITS_TO_BYTES(key_bits) + 5) * 2 /*p, g*/ + 34 /*q*/)
|
||||
|
||||
/**@}*/
|
||||
|
||||
|
||||
|
|
|
@ -318,20 +318,6 @@ struct psa_key_attributes_s {
|
|||
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
|
||||
psa_key_slot_number_t MBEDTLS_PRIVATE(slot_number);
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
|
||||
/* Unlike normal buffers, there are three cases for domain_parameters
|
||||
* and domain_parameters_size:
|
||||
* - domain_parameters_size == SIZE_MAX && domain_parameters == NULL:
|
||||
* Access to domain parameters is not supported for this key.
|
||||
* This is a hack which should not exist, intended for keys managed
|
||||
* by a driver, because drivers don't support domain parameters.
|
||||
* - domain_parameters_size == 0 && domain_parameters == NULL:
|
||||
* The domain parameters are empty.
|
||||
* - domain_parameters_size > 0 &&
|
||||
* domain_parameters == valid pointer to domain_parameters_size bytes:
|
||||
* The domain parameters are non-empty.
|
||||
*/
|
||||
void *MBEDTLS_PRIVATE(domain_parameters);
|
||||
size_t MBEDTLS_PRIVATE(domain_parameters_size);
|
||||
/* With client/service separation, struct psa_key_attributes_s is
|
||||
* marshalled through a transport channel between the client and
|
||||
* service side implementation of the PSA Crypto APIs, thus having
|
||||
|
@ -342,9 +328,9 @@ struct psa_key_attributes_s {
|
|||
};
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
|
||||
#define PSA_KEY_ATTRIBUTES_INIT { 0, NULL, 0, PSA_CORE_KEY_ATTRIBUTES_INIT }
|
||||
#define PSA_KEY_ATTRIBUTES_INIT { 0, PSA_CORE_KEY_ATTRIBUTES_INIT }
|
||||
#else
|
||||
#define PSA_KEY_ATTRIBUTES_INIT { NULL, 0, PSA_CORE_KEY_ATTRIBUTES_INIT }
|
||||
#define PSA_KEY_ATTRIBUTES_INIT { PSA_CORE_KEY_ATTRIBUTES_INIT }
|
||||
#endif
|
||||
|
||||
static inline struct psa_key_attributes_s psa_key_attributes_init(void)
|
||||
|
@ -437,29 +423,10 @@ static inline psa_algorithm_t psa_get_key_algorithm(
|
|||
return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg);
|
||||
}
|
||||
|
||||
/* This function is declared in crypto_extra.h, which comes after this
|
||||
* header file, but we need the function here, so repeat the declaration. */
|
||||
#if !defined(PSA_SET_KEY_DOMAIN_PARAMETERS)
|
||||
#define PSA_SET_KEY_DOMAIN_PARAMETERS
|
||||
psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes,
|
||||
psa_key_type_t type,
|
||||
const uint8_t *data,
|
||||
size_t data_length);
|
||||
#endif /* PSA_SET_KEY_DOMAIN_PARAMETERS */
|
||||
|
||||
static inline void psa_set_key_type(psa_key_attributes_t *attributes,
|
||||
psa_key_type_t type)
|
||||
{
|
||||
if (attributes->MBEDTLS_PRIVATE(domain_parameters) == NULL) {
|
||||
/* Common case: quick path */
|
||||
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(type) = type;
|
||||
} else {
|
||||
/* Call the bigger function to free the old domain parameters.
|
||||
* Ignore any errors which may arise due to type requiring
|
||||
* non-default domain parameters, since this function can't
|
||||
* report errors. */
|
||||
(void) psa_set_key_domain_parameters(attributes, type, NULL, 0);
|
||||
}
|
||||
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(type) = type;
|
||||
}
|
||||
|
||||
static inline psa_key_type_t psa_get_key_type(
|
||||
|
|
|
@ -1211,58 +1211,12 @@ exit:
|
|||
return overall_status;
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
|
||||
static psa_status_t psa_get_rsa_public_exponent(
|
||||
const mbedtls_rsa_context *rsa,
|
||||
psa_key_attributes_t *attributes)
|
||||
{
|
||||
mbedtls_mpi mpi;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
uint8_t *buffer = NULL;
|
||||
size_t buflen;
|
||||
mbedtls_mpi_init(&mpi);
|
||||
|
||||
ret = mbedtls_rsa_export(rsa, NULL, NULL, NULL, NULL, &mpi);
|
||||
if (ret != 0) {
|
||||
goto exit;
|
||||
}
|
||||
if (mbedtls_mpi_cmp_int(&mpi, 65537) == 0) {
|
||||
/* It's the default value, which is reported as an empty string,
|
||||
* so there's nothing to do. */
|
||||
goto exit;
|
||||
}
|
||||
|
||||
buflen = mbedtls_mpi_size(&mpi);
|
||||
buffer = mbedtls_calloc(1, buflen);
|
||||
if (buffer == NULL) {
|
||||
ret = MBEDTLS_ERR_MPI_ALLOC_FAILED;
|
||||
goto exit;
|
||||
}
|
||||
ret = mbedtls_mpi_write_binary(&mpi, buffer, buflen);
|
||||
if (ret != 0) {
|
||||
goto exit;
|
||||
}
|
||||
attributes->domain_parameters = buffer;
|
||||
attributes->domain_parameters_size = buflen;
|
||||
|
||||
exit:
|
||||
mbedtls_mpi_free(&mpi);
|
||||
if (ret != 0) {
|
||||
mbedtls_free(buffer);
|
||||
}
|
||||
return mbedtls_to_psa_error(ret);
|
||||
}
|
||||
#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT) ||
|
||||
* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
|
||||
|
||||
/** Retrieve all the publicly-accessible attributes of a key.
|
||||
*/
|
||||
psa_status_t psa_get_key_attributes(mbedtls_svc_key_id_t key,
|
||||
psa_key_attributes_t *attributes)
|
||||
{
|
||||
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||
psa_key_slot_t *slot;
|
||||
|
||||
psa_reset_key_attributes(attributes);
|
||||
|
@ -1283,55 +1237,7 @@ psa_status_t psa_get_key_attributes(mbedtls_svc_key_id_t key,
|
|||
}
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
|
||||
|
||||
switch (slot->attr.type) {
|
||||
#if (defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) && \
|
||||
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT)) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
|
||||
case PSA_KEY_TYPE_RSA_KEY_PAIR:
|
||||
case PSA_KEY_TYPE_RSA_PUBLIC_KEY:
|
||||
/* TODO: This is a temporary situation where domain parameters are deprecated,
|
||||
* but we need it for namely generating an RSA key with a non-default exponent.
|
||||
* This would be improved after https://github.com/Mbed-TLS/mbedtls/issues/6494.
|
||||
*/
|
||||
if (!psa_key_lifetime_is_external(slot->attr.lifetime)) {
|
||||
mbedtls_rsa_context *rsa = NULL;
|
||||
|
||||
status = mbedtls_psa_rsa_load_representation(
|
||||
slot->attr.type,
|
||||
slot->key.data,
|
||||
slot->key.bytes,
|
||||
&rsa);
|
||||
if (status != PSA_SUCCESS) {
|
||||
break;
|
||||
}
|
||||
|
||||
status = psa_get_rsa_public_exponent(rsa,
|
||||
attributes);
|
||||
mbedtls_rsa_free(rsa);
|
||||
mbedtls_free(rsa);
|
||||
}
|
||||
break;
|
||||
#else
|
||||
case PSA_KEY_TYPE_RSA_KEY_PAIR:
|
||||
case PSA_KEY_TYPE_RSA_PUBLIC_KEY:
|
||||
attributes->domain_parameters = NULL;
|
||||
attributes->domain_parameters_size = SIZE_MAX;
|
||||
break;
|
||||
#endif /* (defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) && \
|
||||
* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT)) ||
|
||||
* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
|
||||
default:
|
||||
/* Nothing else to do. */
|
||||
break;
|
||||
}
|
||||
|
||||
if (status != PSA_SUCCESS) {
|
||||
psa_reset_key_attributes(attributes);
|
||||
}
|
||||
|
||||
unlock_status = psa_unregister_read_under_mutex(slot);
|
||||
|
||||
return (status == PSA_SUCCESS) ? unlock_status : status;
|
||||
return psa_unregister_read_under_mutex(slot);
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
|
||||
|
@ -1959,57 +1865,6 @@ static psa_status_t psa_validate_optional_attributes(
|
|||
}
|
||||
}
|
||||
|
||||
if (attributes->domain_parameters_size != 0) {
|
||||
#if (defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) && \
|
||||
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT)) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
|
||||
if (PSA_KEY_TYPE_IS_RSA(slot->attr.type)) {
|
||||
mbedtls_rsa_context *rsa = NULL;
|
||||
mbedtls_mpi actual, required;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
psa_status_t status = mbedtls_psa_rsa_load_representation(
|
||||
slot->attr.type,
|
||||
slot->key.data,
|
||||
slot->key.bytes,
|
||||
&rsa);
|
||||
if (status != PSA_SUCCESS) {
|
||||
return status;
|
||||
}
|
||||
|
||||
mbedtls_mpi_init(&actual);
|
||||
mbedtls_mpi_init(&required);
|
||||
ret = mbedtls_rsa_export(rsa,
|
||||
NULL, NULL, NULL, NULL, &actual);
|
||||
mbedtls_rsa_free(rsa);
|
||||
mbedtls_free(rsa);
|
||||
if (ret != 0) {
|
||||
goto rsa_exit;
|
||||
}
|
||||
ret = mbedtls_mpi_read_binary(&required,
|
||||
attributes->domain_parameters,
|
||||
attributes->domain_parameters_size);
|
||||
if (ret != 0) {
|
||||
goto rsa_exit;
|
||||
}
|
||||
if (mbedtls_mpi_cmp_mpi(&actual, &required) != 0) {
|
||||
ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
|
||||
}
|
||||
rsa_exit:
|
||||
mbedtls_mpi_free(&actual);
|
||||
mbedtls_mpi_free(&required);
|
||||
if (ret != 0) {
|
||||
return mbedtls_to_psa_error(ret);
|
||||
}
|
||||
} else
|
||||
#endif /* (defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) &&
|
||||
* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT)) ||
|
||||
* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
|
||||
{
|
||||
return PSA_ERROR_INVALID_ARGUMENT;
|
||||
}
|
||||
}
|
||||
|
||||
if (attributes->core.bits != 0) {
|
||||
if (attributes->core.bits != slot->attr.bits) {
|
||||
return PSA_ERROR_INVALID_ARGUMENT;
|
||||
|
@ -7551,11 +7406,6 @@ psa_status_t psa_generate_key_internal(
|
|||
(void) params;
|
||||
(void) params_data_length;
|
||||
|
||||
if ((attributes->domain_parameters == NULL) &&
|
||||
(attributes->domain_parameters_size != 0)) {
|
||||
return PSA_ERROR_INVALID_ARGUMENT;
|
||||
}
|
||||
|
||||
if (key_type_is_raw_bytes(type)) {
|
||||
status = psa_generate_random(key_buffer, key_buffer_size);
|
||||
if (status != PSA_SUCCESS) {
|
||||
|
@ -7571,16 +7421,8 @@ psa_status_t psa_generate_key_internal(
|
|||
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
|
||||
if (type == PSA_KEY_TYPE_RSA_KEY_PAIR) {
|
||||
/* Hack: if the method specifies a non-default e, pass it
|
||||
* via the domain parameters. TODO: refactor this code so
|
||||
* that mbedtls_psa_rsa_generate_key() gets e via a new
|
||||
* parameter instead. */
|
||||
psa_key_attributes_t override_attributes = *attributes;
|
||||
if (params_data_length != 0) {
|
||||
override_attributes.domain_parameters_size = params_data_length;
|
||||
override_attributes.domain_parameters = (uint8_t *) ¶ms->data;
|
||||
}
|
||||
return mbedtls_psa_rsa_generate_key(&override_attributes,
|
||||
return mbedtls_psa_rsa_generate_key(attributes,
|
||||
params, params_data_length,
|
||||
key_buffer,
|
||||
key_buffer_size,
|
||||
key_buffer_length);
|
||||
|
|
|
@ -16,57 +16,7 @@
|
|||
|
||||
void psa_reset_key_attributes(psa_key_attributes_t *attributes)
|
||||
{
|
||||
mbedtls_free(attributes->domain_parameters);
|
||||
memset(attributes, 0, sizeof(*attributes));
|
||||
}
|
||||
|
||||
psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes,
|
||||
psa_key_type_t type,
|
||||
const uint8_t *data,
|
||||
size_t data_length)
|
||||
{
|
||||
uint8_t *copy = NULL;
|
||||
|
||||
if (data_length != 0) {
|
||||
copy = mbedtls_calloc(1, data_length);
|
||||
if (copy == NULL) {
|
||||
return PSA_ERROR_INSUFFICIENT_MEMORY;
|
||||
}
|
||||
memcpy(copy, data, data_length);
|
||||
}
|
||||
/* After this point, this function is guaranteed to succeed, so it
|
||||
* can start modifying `*attributes`. */
|
||||
|
||||
if (attributes->domain_parameters != NULL) {
|
||||
mbedtls_free(attributes->domain_parameters);
|
||||
attributes->domain_parameters = NULL;
|
||||
attributes->domain_parameters_size = 0;
|
||||
}
|
||||
|
||||
attributes->domain_parameters = copy;
|
||||
attributes->domain_parameters_size = data_length;
|
||||
attributes->core.type = type;
|
||||
return PSA_SUCCESS;
|
||||
}
|
||||
|
||||
psa_status_t psa_get_key_domain_parameters(
|
||||
const psa_key_attributes_t *attributes,
|
||||
uint8_t *data, size_t data_size, size_t *data_length)
|
||||
{
|
||||
if (attributes->domain_parameters == NULL &&
|
||||
attributes->domain_parameters_size == SIZE_MAX) {
|
||||
return PSA_ERROR_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
if (attributes->domain_parameters_size > data_size) {
|
||||
return PSA_ERROR_BUFFER_TOO_SMALL;
|
||||
}
|
||||
*data_length = attributes->domain_parameters_size;
|
||||
if (attributes->domain_parameters_size != 0) {
|
||||
memcpy(data, attributes->domain_parameters,
|
||||
attributes->domain_parameters_size);
|
||||
}
|
||||
return PSA_SUCCESS;
|
||||
}
|
||||
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */
|
||||
|
|
|
@ -345,10 +345,6 @@ psa_status_t mbedtls_psa_ecp_generate_key(
|
|||
mbedtls_ecp_curve_info_from_grp_id(grp_id);
|
||||
mbedtls_ecp_keypair ecp;
|
||||
|
||||
if (attributes->domain_parameters_size != 0) {
|
||||
return PSA_ERROR_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
if (grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL) {
|
||||
return PSA_ERROR_NOT_SUPPORTED;
|
||||
}
|
||||
|
|
|
@ -216,26 +216,21 @@ psa_status_t mbedtls_psa_rsa_export_public_key(
|
|||
* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
|
||||
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
|
||||
static psa_status_t psa_rsa_read_exponent(const uint8_t *domain_parameters,
|
||||
size_t domain_parameters_size,
|
||||
static psa_status_t psa_rsa_read_exponent(const uint8_t *e_bytes,
|
||||
size_t e_length,
|
||||
int *exponent)
|
||||
{
|
||||
size_t i;
|
||||
uint32_t acc = 0;
|
||||
|
||||
if (domain_parameters_size == 0) {
|
||||
*exponent = 65537;
|
||||
return PSA_SUCCESS;
|
||||
}
|
||||
|
||||
/* Mbed TLS encodes the public exponent as an int. For simplicity, only
|
||||
* support values that fit in a 32-bit integer, which is larger than
|
||||
* int on just about every platform anyway. */
|
||||
if (domain_parameters_size > sizeof(acc)) {
|
||||
if (e_length > sizeof(acc)) {
|
||||
return PSA_ERROR_NOT_SUPPORTED;
|
||||
}
|
||||
for (i = 0; i < domain_parameters_size; i++) {
|
||||
acc = (acc << 8) | domain_parameters[i];
|
||||
for (i = 0; i < e_length; i++) {
|
||||
acc = (acc << 8) | e_bytes[i];
|
||||
}
|
||||
if (acc > INT_MAX) {
|
||||
return PSA_ERROR_NOT_SUPPORTED;
|
||||
|
@ -246,18 +241,20 @@ static psa_status_t psa_rsa_read_exponent(const uint8_t *domain_parameters,
|
|||
|
||||
psa_status_t mbedtls_psa_rsa_generate_key(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const psa_key_production_parameters_t *params, size_t params_data_length,
|
||||
uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length)
|
||||
{
|
||||
psa_status_t status;
|
||||
mbedtls_rsa_context rsa;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
int exponent;
|
||||
int exponent = 65537;
|
||||
|
||||
status = psa_rsa_read_exponent(attributes->domain_parameters,
|
||||
attributes->domain_parameters_size,
|
||||
&exponent);
|
||||
if (status != PSA_SUCCESS) {
|
||||
return status;
|
||||
if (params_data_length != 0) {
|
||||
status = psa_rsa_read_exponent(params->data, params_data_length,
|
||||
&exponent);
|
||||
if (status != PSA_SUCCESS) {
|
||||
return status;
|
||||
}
|
||||
}
|
||||
|
||||
mbedtls_rsa_init(&rsa);
|
||||
|
|
|
@ -109,6 +109,15 @@ psa_status_t mbedtls_psa_rsa_export_public_key(
|
|||
* entry point.
|
||||
*
|
||||
* \param[in] attributes The attributes for the RSA key to generate.
|
||||
* \param[in] params Production parameters for the key
|
||||
* generation. This function only uses
|
||||
* `params->data`,
|
||||
* which contains the public exponent.
|
||||
* This can be a null pointer if
|
||||
* \c params_data_length is 0.
|
||||
* \param params_data_length Length of `params->data` in bytes.
|
||||
* This can be 0, in which case the
|
||||
* public exponent will be 65537.
|
||||
* \param[out] key_buffer Buffer where the key data is to be written.
|
||||
* \param[in] key_buffer_size Size of \p key_buffer in bytes.
|
||||
* \param[out] key_buffer_length On success, the number of bytes written in
|
||||
|
@ -123,6 +132,7 @@ psa_status_t mbedtls_psa_rsa_export_public_key(
|
|||
*/
|
||||
psa_status_t mbedtls_psa_rsa_generate_key(
|
||||
const psa_key_attributes_t *attributes,
|
||||
const psa_key_production_parameters_t *params, size_t params_data_length,
|
||||
uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length);
|
||||
|
||||
/** Sign an already-calculated hash with an RSA private key.
|
||||
|
|
|
@ -225,10 +225,13 @@ psa_status_t mbedtls_test_transparent_generate_key(
|
|||
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
|
||||
return libtestdriver1_mbedtls_psa_rsa_generate_key(
|
||||
(const libtestdriver1_psa_key_attributes_t *) attributes,
|
||||
NULL, 0, /* We don't support custom e in the test driver yet */
|
||||
key, key_size, key_length);
|
||||
#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
|
||||
return mbedtls_psa_rsa_generate_key(
|
||||
attributes, key, key_size, key_length);
|
||||
attributes,
|
||||
NULL, 0, /* We don't support custom e in the test driver yet */
|
||||
key, key_size, key_length);
|
||||
#endif
|
||||
} else if (PSA_KEY_TYPE_IS_DH(psa_get_key_type(attributes))
|
||||
&& PSA_KEY_TYPE_IS_KEY_PAIR(psa_get_key_type(attributes))) {
|
||||
|
|
|
@ -7431,24 +7431,6 @@ PSA generate key: ECC, Curve448, good
|
|||
depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_MONTGOMERY_448
|
||||
generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_SUCCESS:0
|
||||
|
||||
PSA generate key: RSA, domain parameters: default e
|
||||
generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"":PSA_SUCCESS
|
||||
|
||||
PSA generate key: RSA, domain parameters: e=3
|
||||
generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"03":PSA_SUCCESS
|
||||
|
||||
PSA generate key: RSA, domain parameters: e=65537
|
||||
generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"010001":PSA_SUCCESS
|
||||
|
||||
PSA generate key: RSA, domain parameters: e=513
|
||||
generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"0201":PSA_SUCCESS
|
||||
|
||||
PSA generate key: RSA, domain parameters: e=1
|
||||
generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"01":PSA_ERROR_INVALID_ARGUMENT
|
||||
|
||||
PSA generate key: RSA, domain parameters: e=2
|
||||
generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"02":PSA_ERROR_INVALID_ARGUMENT
|
||||
|
||||
PSA generate key: FFDH, 2048 bits, good
|
||||
depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE:PSA_WANT_DH_RFC7919_2048
|
||||
generate_key:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):2048:PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:PSA_SUCCESS:0
|
||||
|
|
|
@ -9840,88 +9840,6 @@ exit:
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ALG_RSA_PKCS1V15_SIGN */
|
||||
void generate_key_rsa(int bits_arg,
|
||||
data_t *e_arg,
|
||||
int expected_status_arg)
|
||||
{
|
||||
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
|
||||
psa_key_type_t type = PSA_KEY_TYPE_RSA_KEY_PAIR;
|
||||
size_t bits = bits_arg;
|
||||
psa_key_usage_t usage = PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT;
|
||||
psa_algorithm_t alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW;
|
||||
psa_status_t expected_status = expected_status_arg;
|
||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
uint8_t *e_read_buffer = NULL;
|
||||
int is_default_public_exponent = 0;
|
||||
size_t e_read_size = PSA_KEY_DOMAIN_PARAMETERS_SIZE(type, bits);
|
||||
size_t e_read_length = SIZE_MAX;
|
||||
|
||||
if (e_arg->len == 0 ||
|
||||
(e_arg->len == 3 &&
|
||||
e_arg->x[0] == 1 && e_arg->x[1] == 0 && e_arg->x[2] == 1)) {
|
||||
is_default_public_exponent = 1;
|
||||
e_read_size = 0;
|
||||
}
|
||||
TEST_CALLOC(e_read_buffer, e_read_size);
|
||||
|
||||
PSA_ASSERT(psa_crypto_init());
|
||||
|
||||
psa_set_key_usage_flags(&attributes, usage);
|
||||
psa_set_key_algorithm(&attributes, alg);
|
||||
PSA_ASSERT(psa_set_key_domain_parameters(&attributes, type,
|
||||
e_arg->x, e_arg->len));
|
||||
psa_set_key_bits(&attributes, bits);
|
||||
|
||||
/* Generate a key */
|
||||
TEST_EQUAL(psa_generate_key(&attributes, &key), expected_status);
|
||||
if (expected_status != PSA_SUCCESS) {
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/* Test the key information */
|
||||
PSA_ASSERT(psa_get_key_attributes(key, &attributes));
|
||||
TEST_EQUAL(psa_get_key_type(&attributes), type);
|
||||
TEST_EQUAL(psa_get_key_bits(&attributes), bits);
|
||||
psa_status_t status = psa_get_key_domain_parameters(&attributes,
|
||||
e_read_buffer, e_read_size,
|
||||
&e_read_length);
|
||||
|
||||
|
||||
#if (defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) && \
|
||||
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT)) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
|
||||
if (is_default_public_exponent) {
|
||||
TEST_EQUAL(e_read_length, 0);
|
||||
} else {
|
||||
TEST_EQUAL(status, PSA_SUCCESS);
|
||||
TEST_MEMORY_COMPARE(e_read_buffer, e_read_length, e_arg->x, e_arg->len);
|
||||
}
|
||||
#else
|
||||
(void) is_default_public_exponent;
|
||||
TEST_EQUAL(status, PSA_ERROR_NOT_SUPPORTED);
|
||||
#endif
|
||||
|
||||
/* Do something with the key according to its type and permitted usage. */
|
||||
if (!mbedtls_test_psa_exercise_key(key, usage, alg)) {
|
||||
goto exit;
|
||||
}
|
||||
|
||||
TEST_ASSERT(rsa_test_e(key, bits, e_arg));
|
||||
|
||||
exit:
|
||||
/*
|
||||
* Key attributes may have been returned by psa_get_key_attributes() or
|
||||
* set by psa_set_key_domain_parameters() thus reset them as required.
|
||||
*/
|
||||
psa_reset_key_attributes(&attributes);
|
||||
|
||||
psa_destroy_key(key);
|
||||
PSA_DONE();
|
||||
mbedtls_free(e_read_buffer);
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void generate_key_ext(int type_arg,
|
||||
int bits_arg,
|
||||
|
|
Loading…
Reference in a new issue