diff --git a/ChangeLog.d/mbedtls_ecp_export.txt b/ChangeLog.d/mbedtls_ecp_export.txt new file mode 100644 index 000000000000..4b5d7d4a0082 --- /dev/null +++ b/ChangeLog.d/mbedtls_ecp_export.txt @@ -0,0 +1,3 @@ +Features + * Add mbedtls_ecp_export() function to export ECP + keypair parameters. Fixes #4838. diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index 9895573671b5..395db14770d0 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -1278,6 +1278,26 @@ int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); +/** + * \brief This function exports generic key-pair parameters. + * + * \param key The key pair to export from. + * \param grp Slot for exported ECP group. + * It must point to an initialized ECP group. + * \param d Slot for the exported secret value. + * It must point to an initialized mpi. + * \param Q Slot for the exported public value. + * It must point to an initialized ECP point. + * + * \return \c 0 on success, + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. + * \return #MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if key id doesn't + * correspond to a known group. + * \return Another negative error code on other kinds of failure. + */ +int mbedtls_ecp_export(const mbedtls_ecp_keypair *key, mbedtls_ecp_group *grp, + mbedtls_mpi *d, mbedtls_ecp_point *Q); + #if defined(MBEDTLS_SELF_TEST) /** diff --git a/library/ecp.c b/library/ecp.c index ba76abbd15f1..f39cb0293231 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -3356,6 +3356,26 @@ int mbedtls_ecp_check_pub_priv( return( ret ); } +/* + * Export generic key-pair parameters. + */ +int mbedtls_ecp_export(const mbedtls_ecp_keypair *key, mbedtls_ecp_group *grp, + mbedtls_mpi *d, mbedtls_ecp_point *Q) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + + if( ( ret = mbedtls_ecp_group_copy( grp, &key->grp ) ) != 0 ) + return ret; + + if( ( ret = mbedtls_mpi_copy( d, &key->d ) ) != 0 ) + return ret; + + if( ( ret = mbedtls_ecp_copy( Q, &key->Q ) ) != 0 ) + return ret; + + return 0; +} + #if defined(MBEDTLS_SELF_TEST) /* diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data index 0c30e4a2ef91..2eb8c2dfe51b 100644 --- a/tests/suites/test_suite_ecp.data +++ b/tests/suites/test_suite_ecp.data @@ -882,3 +882,11 @@ fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff": # The first call to fix_negative in the test case of issue #4296. ECP fix_negative: #4296.1 fix_negative:"8A4DD4C8B42C5EAED15FE4F4579F4CE513EC90A94010BF000000000000000000":-1:256 + +ECP export key parameters #1 (OK) +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_export:MBEDTLS_ECP_DP_SECP256R1:"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"00f12a1320760270a83cbffd53f6031ef76a5d86c8a204f2c30ca9ebf51f0f0ea7":0:0 + +ECP export key parameters #2 (invalid group) +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_export:MBEDTLS_ECP_DP_SECP256R1:"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"00f12a1320760270a83cbffd53f6031ef76a5d86c8a204f2c30ca9ebf51f0f0ea7":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE:1 diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index 2afc355347e7..c3e6b05c198f 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -16,6 +16,44 @@ mbedtls_ecp_point_free( x ); \ mbedtls_ecp_point_init( x ); +/* Auxiliary function to compare two mbedtls_ecp_group objects. */ +inline static int mbedtls_ecp_group_cmp( mbedtls_ecp_group *grp1, + mbedtls_ecp_group *grp2 ) +{ + if( mbedtls_mpi_cmp_mpi( &grp1->P, &grp2->P ) != 0 ) + return 1; + if( mbedtls_mpi_cmp_mpi( &grp1->A, &grp2->A ) != 0 ) + return 1; + if( mbedtls_mpi_cmp_mpi( &grp1->B, &grp2->B ) != 0 ) + return 1; + if( mbedtls_mpi_cmp_mpi( &grp1->N, &grp2->N ) != 0 ) + return 1; + if( mbedtls_ecp_point_cmp( &grp1->G, &grp2->G ) != 0 ) + return 1; + if( grp1->id != grp2->id ) + return 1; + if( grp1->pbits != grp2->pbits ) + return 1; + if( grp1->nbits != grp2->nbits ) + return 1; + if( grp1->h != grp2->h ) + return 1; + if( grp1->modp != grp2->modp ) + return 1; + if( grp1->t_pre != grp2->t_pre ) + return 1; + if( grp1->t_post != grp2->t_post ) + return 1; + if( grp1->t_data != grp2->t_data ) + return 1; + if( grp1->T_size != grp2->T_size ) + return 1; + if( grp1->T != grp2->T ) + return 1; + + return 0; +} + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -988,3 +1026,40 @@ void ecp_selftest( ) TEST_ASSERT( mbedtls_ecp_self_test( 1 ) == 0 ); } /* END_CASE */ + +/* BEGIN_CASE */ +void ecp_export( int id, char * Qx, char * Qy,char * d, int expected_ret, int invalid_grp ) +{ + mbedtls_ecp_keypair key; + mbedtls_ecp_group export_grp; + mbedtls_mpi export_d; + mbedtls_ecp_point export_Q; + + mbedtls_ecp_group_init( &export_grp ); + mbedtls_ecp_group_init( &key.grp ); + mbedtls_mpi_init( &export_d ); + mbedtls_ecp_point_init( &export_Q ); + + mbedtls_ecp_keypair_init( &key ); + if( invalid_grp == 0 ) + TEST_ASSERT( mbedtls_ecp_group_load( &key.grp, id ) == 0 ); + TEST_ASSERT( mbedtls_ecp_point_read_string( &key.Q, 16, Qx, Qy ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &key.d, 16, d ) == 0 ); + + TEST_EQUAL( mbedtls_ecp_export( &key, &export_grp, + &export_d, &export_Q ), expected_ret ); + + if( expected_ret == 0 ) + { + TEST_EQUAL( mbedtls_ecp_point_cmp( &key.Q, &export_Q ), 0 ); + TEST_EQUAL( mbedtls_mpi_cmp_mpi( &key.d, &export_d ), 0 ); + TEST_EQUAL( mbedtls_ecp_group_cmp( &key.grp, &export_grp ), 0 ); + } + +exit: + mbedtls_ecp_keypair_free( &key ); + mbedtls_ecp_group_free( &export_grp ); + mbedtls_mpi_free( &export_d ); + mbedtls_ecp_point_free( &export_Q ); +} +/* END_CASE */