diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index c579661b3f73..edd39361d3ce 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -32,7 +32,7 @@ #include "mbedtls/rsa.h" #endif -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_ECP_LIGHT) #include "mbedtls/ecp.h" #endif @@ -232,12 +232,20 @@ typedef struct mbedtls_pk_debug_item { */ typedef struct mbedtls_pk_info_t mbedtls_pk_info_t; +#define MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN \ + PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) /** * \brief Public key container */ typedef struct mbedtls_pk_context { const mbedtls_pk_info_t *MBEDTLS_PRIVATE(pk_info); /**< Public key information */ void *MBEDTLS_PRIVATE(pk_ctx); /**< Underlying public key context */ +#if defined(MBEDTLS_ECP_LIGHT) && defined(MBEDTLS_USE_PSA_CRYPTO) + uint8_t MBEDTLS_PRIVATE(pk_raw)[MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN]; /**< Raw public key */ + size_t MBEDTLS_PRIVATE(pk_raw_len); /**< Valid bytes in "pk_raw" */ + psa_ecc_family_t MBEDTLS_PRIVATE(pk_ec_family); /**< EC family of pk */ + size_t MBEDTLS_PRIVATE(pk_bits); /**< Curve's bits of pk */ +#endif /* MBEDTLS_ECP_LIGHT && MBEDTLS_USE_PSA_CRYPTO */ } mbedtls_pk_context; #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) diff --git a/library/pk.c b/library/pk.c index a93ed56eaaf1..0928e6432157 100644 --- a/library/pk.c +++ b/library/pk.c @@ -23,6 +23,7 @@ #include "mbedtls/pk.h" #include "pk_wrap.h" #include "pkwrite.h" +#include "pk_internal.h" #include "hash_info.h" @@ -60,6 +61,12 @@ void mbedtls_pk_init(mbedtls_pk_context *ctx) { ctx->pk_info = NULL; ctx->pk_ctx = NULL; +#if defined(MBEDTLS_ECP_LIGHT) && defined(MBEDTLS_USE_PSA_CRYPTO) + memset(ctx->pk_raw, 0, sizeof(ctx->pk_raw)); + ctx->pk_raw_len = 0; + ctx->pk_ec_family = 0; + ctx->pk_bits = 0; +#endif /* MBEDTLS_ECP_LIGHT && MBEDTLS_USE_PSA_CRYPTO */ } /* @@ -443,8 +450,8 @@ int mbedtls_pk_verify_restartable(mbedtls_pk_context *ctx, return ret; } - ret = ctx->pk_info->verify_rs_func(ctx->pk_ctx, - md_alg, hash, hash_len, sig, sig_len, rs_ctx->rs_ctx); + ret = ctx->pk_info->verify_rs_func(ctx, md_alg, hash, hash_len, + sig, sig_len, rs_ctx->rs_ctx); if (ret != MBEDTLS_ERR_ECP_IN_PROGRESS) { mbedtls_pk_restart_free(rs_ctx); @@ -460,7 +467,7 @@ int mbedtls_pk_verify_restartable(mbedtls_pk_context *ctx, return MBEDTLS_ERR_PK_TYPE_MISMATCH; } - return ctx->pk_info->verify_func(ctx->pk_ctx, md_alg, hash, hash_len, + return ctx->pk_info->verify_func(ctx, md_alg, hash, hash_len, sig, sig_len); } @@ -626,7 +633,7 @@ int mbedtls_pk_sign_restartable(mbedtls_pk_context *ctx, return ret; } - ret = ctx->pk_info->sign_rs_func(ctx->pk_ctx, md_alg, + ret = ctx->pk_info->sign_rs_func(ctx, md_alg, hash, hash_len, sig, sig_size, sig_len, f_rng, p_rng, rs_ctx->rs_ctx); @@ -645,7 +652,7 @@ int mbedtls_pk_sign_restartable(mbedtls_pk_context *ctx, return MBEDTLS_ERR_PK_TYPE_MISMATCH; } - return ctx->pk_info->sign_func(ctx->pk_ctx, md_alg, + return ctx->pk_info->sign_func(ctx, md_alg, hash, hash_len, sig, sig_size, sig_len, f_rng, p_rng); @@ -736,7 +743,7 @@ int mbedtls_pk_decrypt(mbedtls_pk_context *ctx, return MBEDTLS_ERR_PK_TYPE_MISMATCH; } - return ctx->pk_info->decrypt_func(ctx->pk_ctx, input, ilen, + return ctx->pk_info->decrypt_func(ctx, input, ilen, output, olen, osize, f_rng, p_rng); } @@ -756,7 +763,7 @@ int mbedtls_pk_encrypt(mbedtls_pk_context *ctx, return MBEDTLS_ERR_PK_TYPE_MISMATCH; } - return ctx->pk_info->encrypt_func(ctx->pk_ctx, input, ilen, + return ctx->pk_info->encrypt_func(ctx, input, ilen, output, olen, osize, f_rng, p_rng); } @@ -791,7 +798,7 @@ int mbedtls_pk_check_pair(const mbedtls_pk_context *pub, } } - return prv->pk_info->check_pair_func(pub->pk_ctx, prv->pk_ctx, f_rng, p_rng); + return prv->pk_info->check_pair_func(pub, prv, f_rng, p_rng); } /* @@ -805,7 +812,7 @@ size_t mbedtls_pk_get_bitlen(const mbedtls_pk_context *ctx) return 0; } - return ctx->pk_info->get_bitlen(ctx->pk_ctx); + return ctx->pk_info->get_bitlen((mbedtls_pk_context *) ctx); } /* @@ -850,6 +857,88 @@ mbedtls_pk_type_t mbedtls_pk_get_type(const mbedtls_pk_context *ctx) } #if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_ECP_LIGHT) +int mbedtls_pk_get_ec_public_key_props(mbedtls_pk_context *pk, + psa_ecc_family_t *ec_curve, size_t *bits) +{ + if ((pk == NULL) || (ec_curve == NULL) || (bits == NULL)) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + if ((pk->pk_ec_family == 0) || + (pk->pk_bits == 0)) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + + *ec_curve = pk->pk_ec_family; + *bits = pk->pk_bits; + + return 0; +} + +int mbedtls_pk_update_public_key_from_keypair(mbedtls_pk_context *pk) +{ + int ret = MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + mbedtls_ecp_keypair *ecp_keypair; + + if (pk == NULL) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + /* RSA does not support raw public keys inside the pk_context structure, + * so we quit silently in this case */ + if ((pk->pk_info->type != MBEDTLS_PK_ECKEY) && + (pk->pk_info->type != MBEDTLS_PK_ECKEY_DH) && + (pk->pk_info->type != MBEDTLS_PK_ECDSA)) { + return 0; + } + + ecp_keypair = mbedtls_pk_ec(*pk); + + ret = mbedtls_ecp_point_write_binary(&ecp_keypair->grp, &ecp_keypair->Q, + MBEDTLS_ECP_PF_UNCOMPRESSED, + &pk->pk_raw_len, + pk->pk_raw, + MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN); + if (ret != 0) { + return ret; + } + + pk->pk_ec_family = mbedtls_ecc_group_to_psa(ecp_keypair->grp.id, + &pk->pk_bits); + + return 0; +} + +int mbedtls_pk_update_keypair_from_public_key(mbedtls_pk_context *pk) +{ + int ret = MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + mbedtls_ecp_keypair *ecp_keypair; + mbedtls_ecp_group_id group_id; + + if (pk == NULL) { + return MBEDTLS_PK_NONE; + } + /* RSA does not support raw public keys inside the pk_context structure, + * so we quit silently in this case */ + if ((pk->pk_info->type != MBEDTLS_PK_ECKEY) && + (pk->pk_info->type != MBEDTLS_PK_ECKEY_DH) && + (pk->pk_info->type != MBEDTLS_PK_ECDSA)) { + return 0; + } + + ecp_keypair = mbedtls_pk_ec(*pk); + + group_id = mbedtls_ecc_group_of_psa(pk->pk_ec_family, pk->pk_bits, 0); + ret = mbedtls_ecp_group_load(&(ecp_keypair->grp), group_id); + if (ret != 0) { + return ret; + } + ret = mbedtls_ecp_point_read_binary(&(ecp_keypair->grp), &(ecp_keypair->Q), + pk->pk_raw, pk->pk_raw_len); + + return ret; +} +#endif /* MBEDTLS_ECP_LIGHT */ + /* * Load the key to a PSA key slot, * then turn the PK context into a wrapper for that key slot. diff --git a/library/pk_internal.h b/library/pk_internal.h new file mode 100644 index 000000000000..3f87b1248e4e --- /dev/null +++ b/library/pk_internal.h @@ -0,0 +1,80 @@ +/** + * \file pk_internal.h + * + * \brief Public Key abstraction layer: internal (i.e. library only) functions + * and definitions. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef MBEDTLS_PK_INTERNAL_H +#define MBEDTLS_PK_INTERNAL_H + +#include "mbedtls/pk.h" + +#if defined(MBEDTLS_ECP_LIGHT) +#include "mbedtls/ecp.h" +#endif + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#endif + +#if defined(MBEDTLS_ECP_LIGHT) && defined(MBEDTLS_USE_PSA_CRYPTO) +/** + * Return EC parameter used in the given PK context. + * + * \param pk The PK context that from which the EC's key properties will + * be get. + * \param ec_curve Output variable that will get the EC family. + * \param bits Output variable that will get the number of bits used for + * the EC curve. + * + * \return 0, on success; + * MBEDTLS_ERR_PK_BAD_INPUT_DATA if the provided pointers are + * not valid or if the provided PK context has no valid + * EC properties set. + */ +int mbedtls_pk_get_ec_public_key_props(mbedtls_pk_context *pk, + psa_ecc_family_t *ec_curve, + size_t *bits); + +/** + * \brief Copy the public key content in raw format from "ctx->pk_ctx" + * (which is an ecp_keypair) into the internal "ctx->pk_raw" buffer. + * + * \note This is a temporary function that can be removed as soon as the pk + * module is free from ECP_C + * + * \param pk It is the pk_context which is going to be updated. It acts both + * as input and output. + */ +int mbedtls_pk_update_public_key_from_keypair(mbedtls_pk_context *pk); + +/** + * \brief Copy the public key content from the internal raw buffer, "ctx->pk_raw", + * to the ecp_keypair structure, "ctx->pk_ctx". + * + * \note This is a temporary function that can be removed as soon as the pk + * module is free from ECP_C + * + * \param pk It is the pk_context which is going to be updated. It acts both + * as input and output. + */ +int mbedtls_pk_update_keypair_from_public_key(mbedtls_pk_context *pk); +#endif /* MBEDTLS_ECP_LIGHT && MBEDTLS_USE_PSA_CRYPTO */ + +#endif /* MBEDTLS_PK_INTERNAL_H */ diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 57bfdcaa220f..dbe2afd7f7a1 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -23,12 +23,13 @@ #if defined(MBEDTLS_PK_C) #include "pk_wrap.h" +#include "pk_internal.h" #include "mbedtls/error.h" /* Even if RSA not activated, for the sake of RSA-alt */ #include "mbedtls/rsa.h" -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_ECP_LIGHT) #include "mbedtls/ecp.h" #endif @@ -191,18 +192,18 @@ static int rsa_can_do(mbedtls_pk_type_t type) type == MBEDTLS_PK_RSASSA_PSS; } -static size_t rsa_get_bitlen(const void *ctx) +static size_t rsa_get_bitlen(mbedtls_pk_context *pk) { - const mbedtls_rsa_context *rsa = (const mbedtls_rsa_context *) ctx; + const mbedtls_rsa_context *rsa = (const mbedtls_rsa_context *) pk->pk_ctx; return 8 * mbedtls_rsa_get_len(rsa); } #if defined(MBEDTLS_USE_PSA_CRYPTO) -static int rsa_verify_wrap(void *ctx, mbedtls_md_type_t md_alg, +static int rsa_verify_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len) { - mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) ctx; + mbedtls_rsa_context *rsa = mbedtls_pk_rsa(*pk); int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; @@ -225,7 +226,7 @@ static int rsa_verify_wrap(void *ctx, mbedtls_md_type_t md_alg, /* mbedtls_pk_write_pubkey_der() expects a full PK context; * re-construct one to make it happy */ key.pk_info = &mbedtls_rsa_info; - key.pk_ctx = ctx; + key.pk_ctx = rsa; key_len = mbedtls_pk_write_pubkey_der(&key, buf, sizeof(buf)); if (key_len <= 0) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; @@ -260,12 +261,12 @@ static int rsa_verify_wrap(void *ctx, mbedtls_md_type_t md_alg, return ret; } #else -static int rsa_verify_wrap(void *ctx, mbedtls_md_type_t md_alg, +static int rsa_verify_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) ctx; + mbedtls_rsa_context *rsa = mbedtls_pk_rsa(*pk); size_t rsa_len = mbedtls_rsa_get_len(rsa); if (md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len) { @@ -354,7 +355,7 @@ int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t alg, #endif /* MBEDTLS_PSA_CRYPTO_C */ #if defined(MBEDTLS_USE_PSA_CRYPTO) -static int rsa_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, +static int rsa_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) @@ -370,16 +371,16 @@ static int rsa_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, return mbedtls_pk_psa_rsa_sign_ext(PSA_ALG_RSA_PKCS1V15_SIGN( psa_md_alg), - ctx, hash, hash_len, + pk->pk_ctx, hash, hash_len, sig, sig_size, sig_len); } #else -static int rsa_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, +static int rsa_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) ctx; + mbedtls_rsa_context *rsa = mbedtls_pk_rsa(*pk); if (md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; @@ -397,12 +398,12 @@ static int rsa_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, #endif #if defined(MBEDTLS_USE_PSA_CRYPTO) -static int rsa_decrypt_wrap(void *ctx, +static int rsa_decrypt_wrap(mbedtls_pk_context *pk, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) ctx; + mbedtls_rsa_context *rsa = mbedtls_pk_rsa(*pk); int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; @@ -427,7 +428,7 @@ static int rsa_decrypt_wrap(void *ctx, /* mbedtls_pk_write_key_der() expects a full PK context; * re-construct one to make it happy */ key.pk_info = &mbedtls_rsa_info; - key.pk_ctx = ctx; + key.pk_ctx = rsa; key_len = mbedtls_pk_write_key_der(&key, buf, sizeof(buf)); if (key_len <= 0) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; @@ -466,12 +467,12 @@ static int rsa_decrypt_wrap(void *ctx, return ret; } #else -static int rsa_decrypt_wrap(void *ctx, +static int rsa_decrypt_wrap(mbedtls_pk_context *pk, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) ctx; + mbedtls_rsa_context *rsa = mbedtls_pk_rsa(*pk); if (ilen != mbedtls_rsa_get_len(rsa)) { return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; @@ -483,12 +484,12 @@ static int rsa_decrypt_wrap(void *ctx, #endif #if defined(MBEDTLS_USE_PSA_CRYPTO) -static int rsa_encrypt_wrap(void *ctx, +static int rsa_encrypt_wrap(mbedtls_pk_context *pk, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) ctx; + mbedtls_rsa_context *rsa = mbedtls_pk_rsa(*pk); int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; @@ -513,7 +514,7 @@ static int rsa_encrypt_wrap(void *ctx, /* mbedtls_pk_write_pubkey_der() expects a full PK context; * re-construct one to make it happy */ key.pk_info = &mbedtls_rsa_info; - key.pk_ctx = ctx; + key.pk_ctx = rsa; key_len = mbedtls_pk_write_pubkey_der(&key, buf, sizeof(buf)); if (key_len <= 0) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; @@ -551,12 +552,12 @@ static int rsa_encrypt_wrap(void *ctx, return ret; } #else -static int rsa_encrypt_wrap(void *ctx, +static int rsa_encrypt_wrap(mbedtls_pk_context *pk, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) ctx; + mbedtls_rsa_context *rsa = mbedtls_pk_rsa(*pk); *olen = mbedtls_rsa_get_len(rsa); if (*olen > osize) { @@ -568,14 +569,15 @@ static int rsa_encrypt_wrap(void *ctx, } #endif -static int rsa_check_pair_wrap(const void *pub, const void *prv, +static int rsa_check_pair_wrap(const mbedtls_pk_context *pub, + const mbedtls_pk_context *prv, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { (void) f_rng; (void) p_rng; - return mbedtls_rsa_check_pub_priv((const mbedtls_rsa_context *) pub, - (const mbedtls_rsa_context *) prv); + return mbedtls_rsa_check_pub_priv(mbedtls_pk_rsa(*pub), + mbedtls_pk_rsa(*prv)); } static void *rsa_alloc_wrap(void) @@ -649,9 +651,9 @@ static int eckey_can_do(mbedtls_pk_type_t type) type == MBEDTLS_PK_ECDSA; } -static size_t eckey_get_bitlen(const void *ctx) +static size_t eckey_get_bitlen(mbedtls_pk_context *pk) { - return ((mbedtls_ecp_keypair *) ctx)->grp.pbits; + return ((mbedtls_ecp_keypair *) pk->pk_ctx)->grp.pbits; } #if defined(MBEDTLS_PK_CAN_ECDSA_VERIFY) @@ -716,47 +718,37 @@ static int extract_ecdsa_sig(unsigned char **p, const unsigned char *end, return 0; } -static int ecdsa_verify_wrap(void *ctx_arg, mbedtls_md_type_t md_alg, +static int ecdsa_verify_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len) { - mbedtls_ecp_keypair *ctx = ctx_arg; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t status; - size_t key_len; - /* This buffer will initially contain the public key and then the signature - * but at different points in time. For all curves except secp224k1, which - * is not currently supported in PSA, the public key is one byte longer - * (header byte + 2 numbers, while the signature is only 2 numbers), - * so use that as the buffer size. */ + /* For all curves except secp224k1, which is not currently supported in PSA, + * the public key is one byte longer (header byte + 2 numbers, while the + * signature is only 2 numbers), so use that as the buffer size. */ unsigned char buf[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH]; unsigned char *p; psa_algorithm_t psa_sig_md = PSA_ALG_ECDSA_ANY; size_t curve_bits; - psa_ecc_family_t curve = - mbedtls_ecc_group_to_psa(ctx->grp.id, &curve_bits); - const size_t signature_part_size = (ctx->grp.nbits + 7) / 8; + psa_ecc_family_t curve = 0; + size_t signature_part_size; ((void) md_alg); - if (curve == 0) { + if ((mbedtls_pk_get_ec_public_key_props(pk, &curve, &curve_bits) != 0) || + (pk->pk_raw_len == 0)) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } + signature_part_size = PSA_BITS_TO_BYTES(curve_bits); psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve)); psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH); psa_set_key_algorithm(&attributes, psa_sig_md); - ret = mbedtls_ecp_point_write_binary(&ctx->grp, &ctx->Q, - MBEDTLS_ECP_PF_UNCOMPRESSED, - &key_len, buf, sizeof(buf)); - if (ret != 0) { - goto cleanup; - } - status = psa_import_key(&attributes, - buf, key_len, + pk->pk_raw, pk->pk_raw_len, &key_id); if (status != PSA_SUCCESS) { ret = PSA_PK_TO_MBEDTLS_ERR(status); @@ -799,14 +791,14 @@ static int ecdsa_verify_wrap(void *ctx_arg, mbedtls_md_type_t md_alg, return ret; } #else /* MBEDTLS_USE_PSA_CRYPTO */ -static int ecdsa_verify_wrap(void *ctx, mbedtls_md_type_t md_alg, +static int ecdsa_verify_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ((void) md_alg); - ret = mbedtls_ecdsa_read_signature((mbedtls_ecdsa_context *) ctx, + ret = mbedtls_ecdsa_read_signature((mbedtls_ecdsa_context *) pk->pk_ctx, hash, hash_len, sig, sig_len); if (ret == MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH) { @@ -904,12 +896,12 @@ static int pk_ecdsa_sig_asn1_from_psa(unsigned char *sig, size_t *sig_len, return 0; } -static int ecdsa_sign_wrap(void *ctx_arg, mbedtls_md_type_t md_alg, +static int ecdsa_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - mbedtls_ecp_keypair *ctx = ctx_arg; + mbedtls_ecp_keypair *ctx = pk->pk_ctx; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; @@ -974,12 +966,12 @@ static int ecdsa_sign_wrap(void *ctx_arg, mbedtls_md_type_t md_alg, return ret; } #else /* MBEDTLS_USE_PSA_CRYPTO */ -static int ecdsa_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, +static int ecdsa_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - return mbedtls_ecdsa_write_signature((mbedtls_ecdsa_context *) ctx, + return mbedtls_ecdsa_write_signature((mbedtls_ecdsa_context *) pk->pk_ctx, md_alg, hash, hash_len, sig, sig_size, sig_len, f_rng, p_rng); @@ -989,12 +981,12 @@ static int ecdsa_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /* Forward declarations */ -static int ecdsa_verify_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, +static int ecdsa_verify_rs_wrap(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len, void *rs_ctx); -static int ecdsa_sign_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, +static int ecdsa_sign_rs_wrap(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, @@ -1041,7 +1033,7 @@ static void eckey_rs_free(void *ctx) mbedtls_free(ctx); } -static int eckey_verify_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, +static int eckey_verify_rs_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len, void *rs_ctx) @@ -1056,10 +1048,11 @@ static int eckey_verify_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, /* set up our own sub-context if needed (that is, on first run) */ if (rs->ecdsa_ctx.grp.pbits == 0) { - MBEDTLS_MPI_CHK(mbedtls_ecdsa_from_keypair(&rs->ecdsa_ctx, ctx)); + MBEDTLS_MPI_CHK(mbedtls_ecdsa_from_keypair(&rs->ecdsa_ctx, + mbedtls_pk_ec(*pk))); } - MBEDTLS_MPI_CHK(ecdsa_verify_rs_wrap(&rs->ecdsa_ctx, + MBEDTLS_MPI_CHK(ecdsa_verify_rs_wrap(pk, md_alg, hash, hash_len, sig, sig_len, &rs->ecdsa_rs)); @@ -1067,7 +1060,7 @@ static int eckey_verify_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, return ret; } -static int eckey_sign_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, +static int eckey_sign_rs_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, @@ -1083,10 +1076,11 @@ static int eckey_sign_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, /* set up our own sub-context if needed (that is, on first run) */ if (rs->ecdsa_ctx.grp.pbits == 0) { - MBEDTLS_MPI_CHK(mbedtls_ecdsa_from_keypair(&rs->ecdsa_ctx, ctx)); + MBEDTLS_MPI_CHK(mbedtls_ecdsa_from_keypair(&rs->ecdsa_ctx, + mbedtls_pk_ec(*pk))); } - MBEDTLS_MPI_CHK(ecdsa_sign_rs_wrap(&rs->ecdsa_ctx, md_alg, + MBEDTLS_MPI_CHK(ecdsa_sign_rs_wrap(pk, md_alg, hash, hash_len, sig, sig_size, sig_len, f_rng, p_rng, &rs->ecdsa_rs)); @@ -1104,31 +1098,28 @@ static int eckey_sign_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, * - write the raw content of public key "pub" to a local buffer * - compare the two buffers */ -static int eckey_check_pair_psa(const mbedtls_ecp_keypair *pub, - const mbedtls_ecp_keypair *prv) +static int eckey_check_pair_psa(const mbedtls_pk_context *pub, + const mbedtls_pk_context *prv) { - psa_status_t status, destruction_status; + psa_status_t status, destroy_status; psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; - mbedtls_ecp_keypair *prv_ctx = (mbedtls_ecp_keypair *) prv; - mbedtls_ecp_keypair *pub_ctx = (mbedtls_ecp_keypair *) pub; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* We are using MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH for the size of this * buffer because it will be used to hold the private key at first and * then its public part (but not at the same time). */ uint8_t prv_key_buf[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH]; size_t prv_key_len; - uint8_t pub_key_buf[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH]; - size_t pub_key_len; mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; size_t curve_bits; const psa_ecc_family_t curve = - mbedtls_ecc_group_to_psa(prv_ctx->grp.id, &curve_bits); + mbedtls_ecc_group_to_psa(mbedtls_pk_ec(*prv)->grp.id, &curve_bits); const size_t curve_bytes = PSA_BITS_TO_BYTES(curve_bits); psa_set_key_type(&key_attr, PSA_KEY_TYPE_ECC_KEY_PAIR(curve)); psa_set_key_usage_flags(&key_attr, PSA_KEY_USAGE_EXPORT); - ret = mbedtls_mpi_write_binary(&prv_ctx->d, prv_key_buf, curve_bytes); + ret = mbedtls_mpi_write_binary(&mbedtls_pk_ec(*prv)->d, + prv_key_buf, curve_bytes); if (ret != 0) { return ret; } @@ -1144,22 +1135,14 @@ static int eckey_check_pair_psa(const mbedtls_ecp_keypair *pub, status = psa_export_public_key(key_id, prv_key_buf, sizeof(prv_key_buf), &prv_key_len); ret = PSA_PK_TO_MBEDTLS_ERR(status); - destruction_status = psa_destroy_key(key_id); - if (ret != 0) { - return ret; - } else if (destruction_status != PSA_SUCCESS) { - return PSA_PK_TO_MBEDTLS_ERR(destruction_status); - } - - ret = mbedtls_ecp_point_write_binary(&pub_ctx->grp, &pub_ctx->Q, - MBEDTLS_ECP_PF_UNCOMPRESSED, - &pub_key_len, pub_key_buf, - sizeof(pub_key_buf)); + destroy_status = psa_destroy_key(key_id); if (ret != 0) { return ret; + } else if (destroy_status != PSA_SUCCESS) { + return PSA_PK_TO_MBEDTLS_ERR(status); } - if (memcmp(prv_key_buf, pub_key_buf, curve_bytes) != 0) { + if (memcmp(prv_key_buf, pub->pk_raw, pub->pk_raw_len) != 0) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } @@ -1167,7 +1150,8 @@ static int eckey_check_pair_psa(const mbedtls_ecp_keypair *pub, } #endif /* MBEDTLS_USE_PSA_CRYPTO */ -static int eckey_check_pair(const void *pub, const void *prv, +static int eckey_check_pair(const mbedtls_pk_context *pub, + const mbedtls_pk_context *prv, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { @@ -1176,8 +1160,8 @@ static int eckey_check_pair(const void *pub, const void *prv, (void) p_rng; return eckey_check_pair_psa(pub, prv); #elif defined(MBEDTLS_ECP_C) - return mbedtls_ecp_check_pub_priv((const mbedtls_ecp_keypair *) pub, - (const mbedtls_ecp_keypair *) prv, + return mbedtls_ecp_check_pub_priv((const mbedtls_ecp_keypair *) pub->pk_ctx, + (const mbedtls_ecp_keypair *) prv->pk_ctx, f_rng, p_rng); #else return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; @@ -1279,7 +1263,7 @@ static int ecdsa_can_do(mbedtls_pk_type_t type) } #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) -static int ecdsa_verify_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, +static int ecdsa_verify_rs_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len, void *rs_ctx) @@ -1288,7 +1272,7 @@ static int ecdsa_verify_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, ((void) md_alg); ret = mbedtls_ecdsa_read_signature_restartable( - (mbedtls_ecdsa_context *) ctx, + (mbedtls_ecdsa_context *) pk->pk_ctx, hash, hash_len, sig, sig_len, (mbedtls_ecdsa_restart_ctx *) rs_ctx); @@ -1299,14 +1283,14 @@ static int ecdsa_verify_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, return ret; } -static int ecdsa_sign_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, +static int ecdsa_sign_rs_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, void *rs_ctx) { return mbedtls_ecdsa_write_signature_restartable( - (mbedtls_ecdsa_context *) ctx, + (mbedtls_ecdsa_context *) pk->pk_ctx, md_alg, hash, hash_len, sig, sig_size, sig_len, f_rng, p_rng, (mbedtls_ecdsa_restart_ctx *) rs_ctx); @@ -1372,19 +1356,19 @@ static int rsa_alt_can_do(mbedtls_pk_type_t type) return type == MBEDTLS_PK_RSA; } -static size_t rsa_alt_get_bitlen(const void *ctx) +static size_t rsa_alt_get_bitlen(mbedtls_pk_context *pk) { - const mbedtls_rsa_alt_context *rsa_alt = (const mbedtls_rsa_alt_context *) ctx; + const mbedtls_rsa_alt_context *rsa_alt = pk->pk_ctx; return 8 * rsa_alt->key_len_func(rsa_alt->key); } -static int rsa_alt_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, +static int rsa_alt_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx; + mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) pk->pk_ctx; if (UINT_MAX < hash_len) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; @@ -1402,12 +1386,12 @@ static int rsa_alt_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, md_alg, (unsigned int) hash_len, hash, sig); } -static int rsa_alt_decrypt_wrap(void *ctx, +static int rsa_alt_decrypt_wrap(mbedtls_pk_context *pk, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx; + mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) pk->pk_ctx; ((void) f_rng); ((void) p_rng); @@ -1421,7 +1405,8 @@ static int rsa_alt_decrypt_wrap(void *ctx, } #if defined(MBEDTLS_RSA_C) -static int rsa_alt_check_pair(const void *pub, const void *prv, +static int rsa_alt_check_pair(const mbedtls_pk_context *pub, + const mbedtls_pk_context *prv, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { @@ -1430,20 +1415,21 @@ static int rsa_alt_check_pair(const void *pub, const void *prv, size_t sig_len = 0; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if (rsa_alt_get_bitlen(prv) != rsa_get_bitlen(pub)) { + if (rsa_alt_get_bitlen((mbedtls_pk_context *) prv) != + rsa_get_bitlen((mbedtls_pk_context *) pub)) { return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; } memset(hash, 0x2a, sizeof(hash)); - if ((ret = rsa_alt_sign_wrap((void *) prv, MBEDTLS_MD_NONE, + if ((ret = rsa_alt_sign_wrap((mbedtls_pk_context *) prv, MBEDTLS_MD_NONE, hash, sizeof(hash), sig, sizeof(sig), &sig_len, f_rng, p_rng)) != 0) { return ret; } - if (rsa_verify_wrap((void *) pub, MBEDTLS_MD_NONE, + if (rsa_verify_wrap((mbedtls_pk_context *) pub, MBEDTLS_MD_NONE, hash, sizeof(hash), sig, sig_len) != 0) { return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; } @@ -1515,9 +1501,9 @@ static void pk_opaque_free_wrap(void *ctx) mbedtls_free(ctx); } -static size_t pk_opaque_get_bitlen(const void *ctx) +static size_t pk_opaque_get_bitlen(mbedtls_pk_context *pk) { - const mbedtls_svc_key_id_t *key = (const mbedtls_svc_key_id_t *) ctx; + const mbedtls_svc_key_id_t *key = pk->pk_ctx; size_t bits; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -1542,13 +1528,14 @@ static int pk_opaque_rsa_can_do(mbedtls_pk_type_t type) type == MBEDTLS_PK_RSASSA_PSS; } -static int pk_opaque_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, +static int pk_opaque_sign_wrap(mbedtls_pk_context *pk, + mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { #if !defined(MBEDTLS_PK_CAN_ECDSA_SIGN) && !defined(MBEDTLS_RSA_C) - ((void) ctx); + ((void) pk); ((void) md_alg); ((void) hash); ((void) hash_len); @@ -1559,7 +1546,7 @@ static int pk_opaque_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, ((void) p_rng); return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; #else /* !MBEDTLS_PK_CAN_ECDSA_SIGN && !MBEDTLS_RSA_C */ - const mbedtls_svc_key_id_t *key = (const mbedtls_svc_key_id_t *) ctx; + const mbedtls_svc_key_id_t *key = pk->pk_ctx; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_algorithm_t alg; psa_key_type_t type; @@ -1641,12 +1628,12 @@ const mbedtls_pk_info_t mbedtls_pk_ecdsa_opaque_info = { }; #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) -static int pk_opaque_rsa_decrypt(void *ctx, +static int pk_opaque_rsa_decrypt(mbedtls_pk_context *pk, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - const mbedtls_svc_key_id_t *key = (const mbedtls_svc_key_id_t *) ctx; + const mbedtls_svc_key_id_t *key = pk->pk_ctx; psa_status_t status; /* PSA has its own RNG */ diff --git a/library/pk_wrap.h b/library/pk_wrap.h index 89bce40ebb42..5b98d9f1c4d1 100644 --- a/library/pk_wrap.h +++ b/library/pk_wrap.h @@ -39,18 +39,18 @@ struct mbedtls_pk_info_t { const char *name; /** Get key size in bits */ - size_t (*get_bitlen)(const void *); + size_t (*get_bitlen)(mbedtls_pk_context *ctx); /** Tell if the context implements this type (e.g. ECKEY can do ECDSA) */ int (*can_do)(mbedtls_pk_type_t type); /** Verify signature */ - int (*verify_func)(void *ctx, mbedtls_md_type_t md_alg, + int (*verify_func)(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len); /** Make signature */ - int (*sign_func)(void *ctx, mbedtls_md_type_t md_alg, + int (*sign_func)(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), @@ -58,13 +58,13 @@ struct mbedtls_pk_info_t { #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /** Verify signature (restartable) */ - int (*verify_rs_func)(void *ctx, mbedtls_md_type_t md_alg, + int (*verify_rs_func)(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len, void *rs_ctx); /** Make signature (restartable) */ - int (*sign_rs_func)(void *ctx, mbedtls_md_type_t md_alg, + int (*sign_rs_func)(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), @@ -72,19 +72,20 @@ struct mbedtls_pk_info_t { #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ /** Decrypt message */ - int (*decrypt_func)(void *ctx, const unsigned char *input, size_t ilen, + int (*decrypt_func)(mbedtls_pk_context *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); /** Encrypt message */ - int (*encrypt_func)(void *ctx, const unsigned char *input, size_t ilen, + int (*encrypt_func)(mbedtls_pk_context *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); /** Check public-private key pair */ - int (*check_pair_func)(const void *pub, const void *prv, + int (*check_pair_func)(const mbedtls_pk_context *pub, + const mbedtls_pk_context *prv, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); diff --git a/library/pkparse.c b/library/pkparse.c index 800e352da20f..54d950169394 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -32,7 +32,7 @@ #if defined(MBEDTLS_RSA_C) #include "mbedtls/rsa.h" #endif -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_ECP_LIGHT) #include "mbedtls/ecp.h" #endif #if defined(MBEDTLS_ECDSA_C) @@ -462,7 +462,7 @@ static int pk_group_id_from_specified(const mbedtls_asn1_buf *params, * specifiedCurve SpecifiedECDomain -- = SEQUENCE { ... } * -- implicitCurve NULL */ -static int pk_use_ecparams(const mbedtls_asn1_buf *params, mbedtls_ecp_group *grp) +static int pk_use_ecparams(const mbedtls_asn1_buf *params, mbedtls_pk_context *pk) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_group_id grp_id; @@ -476,25 +476,75 @@ static int pk_use_ecparams(const mbedtls_asn1_buf *params, mbedtls_ecp_group *gr if ((ret = pk_group_id_from_specified(params, &grp_id)) != 0) { return ret; } -#else +#else /* MBEDTLS_PK_PARSE_EC_EXTENDED */ return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; -#endif +#endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */ } - /* - * grp may already be initialized; if so, make sure IDs match - */ - if (grp->id != MBEDTLS_ECP_DP_NONE && grp->id != grp_id) { + /* grp may already be initialized; if so, make sure IDs match */ + if (mbedtls_pk_ec(*pk)->grp.id != MBEDTLS_ECP_DP_NONE && + mbedtls_pk_ec(*pk)->grp.id != grp_id) { return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; } - if ((ret = mbedtls_ecp_group_load(grp, grp_id)) != 0) { + if ((ret = mbedtls_ecp_group_load(&(mbedtls_pk_ec(*pk)->grp), + grp_id)) != 0) { return ret; } +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_ecc_family_t ec_family; + size_t bits; + + ec_family = mbedtls_ecc_group_to_psa(grp_id, &bits); + + if ((pk->pk_ec_family != 0) && (pk->pk_ec_family != ec_family)) { + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; + } + + pk->pk_ec_family = ec_family; + pk->pk_bits = bits; +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + return 0; } +#if defined(MBEDTLS_USE_PSA_CRYPTO) +/* + * Create a temporary ecp_keypair for converting an EC point in compressed + * format to an uncompressed one + */ +static int pk_convert_compressed_ec(mbedtls_pk_context *pk, + const unsigned char *in_start, size_t in_len, + size_t *out_buf_len, unsigned char *out_buf, + size_t out_buf_size) +{ + mbedtls_ecp_keypair ecp_key; + mbedtls_ecp_group_id ecp_group_id; + int ret; + + ecp_group_id = mbedtls_ecc_group_of_psa(pk->pk_ec_family, pk->pk_bits, 0); + + mbedtls_ecp_keypair_init(&ecp_key); + ret = mbedtls_ecp_group_load(&(ecp_key.grp), ecp_group_id); + if (ret != 0) { + return ret; + } + ret = mbedtls_ecp_point_read_binary(&(ecp_key.grp), &ecp_key.Q, + in_start, in_len); + if (ret != 0) { + goto exit; + } + ret = mbedtls_ecp_point_write_binary(&(ecp_key.grp), &ecp_key.Q, + MBEDTLS_ECP_PF_UNCOMPRESSED, + out_buf_len, out_buf, out_buf_size); + +exit: + mbedtls_ecp_keypair_free(&ecp_key); + return ret; +} +#endif /* MBEDTLS_USE_PSA_CRYPTO*/ + /* * EC public key is an EC point * @@ -503,15 +553,57 @@ static int pk_use_ecparams(const mbedtls_asn1_buf *params, mbedtls_ecp_group *gr * return code of mbedtls_ecp_point_read_binary() and leave p in a usable state. */ static int pk_get_ecpubkey(unsigned char **p, const unsigned char *end, - mbedtls_ecp_keypair *key) + mbedtls_pk_context *pk) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + mbedtls_ecp_keypair *ec_key = mbedtls_pk_ec(*pk); - if ((ret = mbedtls_ecp_point_read_binary(&key->grp, &key->Q, - (const unsigned char *) *p, end - *p)) == 0) { - ret = mbedtls_ecp_check_pubkey(&key->grp, &key->Q); + if ((ret = mbedtls_ecp_point_read_binary(&ec_key->grp, &ec_key->Q, + (const unsigned char *) *p, + end - *p)) == 0) { + ret = mbedtls_ecp_check_pubkey(&ec_key->grp, &ec_key->Q); } +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_svc_key_id_t key; + psa_key_attributes_t key_attrs = PSA_KEY_ATTRIBUTES_INIT; + size_t len = (end - *p); + + if (len > PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + + /* Compressed point format are not supported yet by PSA crypto. As a + * consequence ecp functions are used to "convert" the point to + * uncompressed format */ + if ((**p == 0x02) || (**p == 0x03)) { + ret = pk_convert_compressed_ec(pk, *p, len, + &(pk->pk_raw_len), pk->pk_raw, + PSA_EXPORT_PUBLIC_KEY_MAX_SIZE); + if (ret != 0) { + return ret; + } + } else { + /* Uncompressed format */ + memcpy(pk->pk_raw, *p, (end - *p)); + pk->pk_raw_len = end - *p; + } + + /* Validate the key by trying to importing it */ + psa_set_key_usage_flags(&key_attrs, 0); + psa_set_key_algorithm(&key_attrs, PSA_ALG_ECDSA_ANY); + psa_set_key_type(&key_attrs, PSA_KEY_TYPE_ECC_PUBLIC_KEY(pk->pk_ec_family)); + psa_set_key_bits(&key_attrs, pk->pk_bits); + + if ((psa_import_key(&key_attrs, pk->pk_raw, pk->pk_raw_len, + &key) != PSA_SUCCESS) || + (psa_destroy_key(key) != PSA_SUCCESS)) { + mbedtls_platform_zeroize(pk->pk_raw, MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN); + pk->pk_raw_len = 0; + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + /* * We know mbedtls_ecp_point_read_binary consumed all bytes or failed */ @@ -667,9 +759,9 @@ int mbedtls_pk_parse_subpubkey(unsigned char **p, const unsigned char *end, #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECP_LIGHT) if (pk_alg == MBEDTLS_PK_ECKEY_DH || pk_alg == MBEDTLS_PK_ECKEY) { - ret = pk_use_ecparams(&alg_params, &mbedtls_pk_ec(*pk)->grp); + ret = pk_use_ecparams(&alg_params, pk); if (ret == 0) { - ret = pk_get_ecpubkey(p, end, mbedtls_pk_ec(*pk)); + ret = pk_get_ecpubkey(p, end, pk); } } else #endif /* MBEDTLS_ECP_LIGHT */ @@ -931,7 +1023,7 @@ static int pk_derive_public_key(mbedtls_ecp_group *grp, mbedtls_ecp_point *Q, /* * Parse a SEC1 encoded private EC key */ -static int pk_parse_key_sec1_der(mbedtls_ecp_keypair *eck, +static int pk_parse_key_sec1_der(mbedtls_pk_context *pk, const unsigned char *key, size_t keylen, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { @@ -942,6 +1034,7 @@ static int pk_parse_key_sec1_der(mbedtls_ecp_keypair *eck, unsigned char *p = (unsigned char *) key; unsigned char *end = p + keylen; unsigned char *end2; + mbedtls_ecp_keypair *eck = mbedtls_pk_ec(*pk); /* * RFC 5915, or SEC1 Appendix C.4 @@ -988,7 +1081,7 @@ static int pk_parse_key_sec1_der(mbedtls_ecp_keypair *eck, MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0)) == 0) { if ((ret = pk_get_ecparams(&p, p + len, ¶ms)) != 0 || - (ret = pk_use_ecparams(¶ms, &eck->grp)) != 0) { + (ret = pk_use_ecparams(¶ms, pk)) != 0) { mbedtls_ecp_keypair_free(eck); return ret; } @@ -1017,7 +1110,7 @@ static int pk_parse_key_sec1_der(mbedtls_ecp_keypair *eck, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); } - if ((ret = pk_get_ecpubkey(&p, end2, eck)) == 0) { + if ((ret = pk_get_ecpubkey(&p, end2, pk)) == 0) { pubkey_done = 1; } else { /* @@ -1086,7 +1179,7 @@ static int pk_parse_key_pkcs8_unencrypted_der( mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE; const mbedtls_pk_info_t *pk_info; -#if !defined(MBEDTLS_ECP_C) +#if !defined(MBEDTLS_ECP_LIGHT) (void) f_rng; (void) p_rng; #endif @@ -1153,8 +1246,8 @@ static int pk_parse_key_pkcs8_unencrypted_der( #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECP_LIGHT) if (pk_alg == MBEDTLS_PK_ECKEY || pk_alg == MBEDTLS_PK_ECKEY_DH) { - if ((ret = pk_use_ecparams(¶ms, &mbedtls_pk_ec(*pk)->grp)) != 0 || - (ret = pk_parse_key_sec1_der(mbedtls_pk_ec(*pk), p, len, f_rng, p_rng)) != 0) { + if ((ret = pk_use_ecparams(¶ms, pk)) != 0 || + (ret = pk_parse_key_sec1_der(pk, p, len, f_rng, p_rng)) != 0) { mbedtls_pk_free(pk); return ret; } @@ -1340,7 +1433,7 @@ int mbedtls_pk_parse_key(mbedtls_pk_context *pk, pk_info = mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY); if ((ret = mbedtls_pk_setup(pk, pk_info)) != 0 || - (ret = pk_parse_key_sec1_der(mbedtls_pk_ec(*pk), + (ret = pk_parse_key_sec1_der(pk, pem.buf, pem.buflen, f_rng, p_rng)) != 0) { mbedtls_pk_free(pk); @@ -1464,18 +1557,18 @@ int mbedtls_pk_parse_key(mbedtls_pk_context *pk, #if defined(MBEDTLS_ECP_LIGHT) pk_info = mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY); if (mbedtls_pk_setup(pk, pk_info) == 0 && - pk_parse_key_sec1_der(mbedtls_pk_ec(*pk), + pk_parse_key_sec1_der(pk, key, keylen, f_rng, p_rng) == 0) { return 0; } mbedtls_pk_free(pk); #endif /* MBEDTLS_ECP_LIGHT */ - /* If MBEDTLS_RSA_C is defined but MBEDTLS_ECP_C isn't, + /* If MBEDTLS_RSA_C is defined but MBEDTLS_ECP_LIGHT isn't, * it is ok to leave the PK context initialized but not * freed: It is the caller's responsibility to call pk_init() * before calling this function, and to call pk_free() - * when it fails. If MBEDTLS_ECP_C is defined but MBEDTLS_RSA_C + * when it fails. If MBEDTLS_ECP_LIGHT is defined but MBEDTLS_RSA_C * isn't, this leads to mbedtls_pk_free() being called * twice, once here and once by the caller, but this is * also ok and in line with the mbedtls_pk_free() calls diff --git a/library/pkwrite.c b/library/pkwrite.c index 3c1a40809e6b..53924cf2cde0 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -32,12 +32,12 @@ #if defined(MBEDTLS_RSA_C) #include "mbedtls/rsa.h" #endif -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_ECP_LIGHT) #include "mbedtls/bignum.h" #include "mbedtls/ecp.h" #include "mbedtls/platform_util.h" #endif -#if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECP_LIGHT) #include "pkwrite.h" #endif #if defined(MBEDTLS_ECDSA_C) @@ -99,15 +99,29 @@ static int pk_write_rsa_pubkey(unsigned char **p, unsigned char *start, #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECP_LIGHT) -/* - * EC public key is an EC point - */ static int pk_write_ec_pubkey(unsigned char **p, unsigned char *start, - mbedtls_ecp_keypair *ec) + const mbedtls_pk_context *pk) { - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if ((*p == NULL) || (start == NULL) || + (pk == NULL)) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + + len = pk->pk_raw_len; + + if (*p < start || (size_t) (*p - start) < len) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } + + memcpy(*p - len, pk->pk_raw, len); + *p -= len; +#else /* MBEDTLS_USE_PSA_CRYPTO */ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char buf[MBEDTLS_ECP_MAX_PT_LEN]; + mbedtls_ecp_keypair *ec = mbedtls_pk_ec(*pk); if ((ret = mbedtls_ecp_point_write_binary(&ec->grp, &ec->Q, MBEDTLS_ECP_PF_UNCOMPRESSED, @@ -121,6 +135,7 @@ static int pk_write_ec_pubkey(unsigned char **p, unsigned char *start, *p -= len; memcpy(*p, buf, len); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ return (int) len; } @@ -182,7 +197,7 @@ int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start, #endif #if defined(MBEDTLS_ECP_LIGHT) if (mbedtls_pk_get_type(key) == MBEDTLS_PK_ECKEY) { - MBEDTLS_ASN1_CHK_ADD(len, pk_write_ec_pubkey(p, start, mbedtls_pk_ec(*key))); + MBEDTLS_ASN1_CHK_ADD(len, pk_write_ec_pubkey(p, start, key)); } else #endif #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -421,7 +436,7 @@ int mbedtls_pk_write_key_der(const mbedtls_pk_context *key, unsigned char *buf, */ /* publicKey */ - MBEDTLS_ASN1_CHK_ADD(pub_len, pk_write_ec_pubkey(&c, buf, ec)); + MBEDTLS_ASN1_CHK_ADD(pub_len, pk_write_ec_pubkey(&c, buf, key)); if (c - buf < 1) { return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; @@ -457,7 +472,7 @@ int mbedtls_pk_write_key_der(const mbedtls_pk_context *key, unsigned char *buf, MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)); } else -#endif /* MBEDTLS_ECP_C */ +#endif /* MBEDTLS_ECP_LIGHT */ return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; return (int) len; diff --git a/library/pkwrite.h b/library/pkwrite.h index 8aebd0c24dc6..7bc2e5e500a3 100644 --- a/library/pkwrite.h +++ b/library/pkwrite.h @@ -73,7 +73,7 @@ #endif /* MBEDTLS_RSA_C */ -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_ECP_LIGHT) /* * EC public keys: * SubjectPublicKeyInfo ::= SEQUENCE { 1 + 2 @@ -98,11 +98,11 @@ */ #define MBEDTLS_PK_ECP_PRV_DER_MAX_BYTES (29 + 3 * MBEDTLS_ECP_MAX_BYTES) -#else /* MBEDTLS_ECP_C */ +#else /* MBEDTLS_ECP_LIGHT */ #define MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES 0 #define MBEDTLS_PK_ECP_PRV_DER_MAX_BYTES 0 -#endif /* MBEDTLS_ECP_C */ +#endif /* MBEDTLS_ECP_LIGHT */ #endif /* MBEDTLS_PK_WRITE_H */ diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c index 0ba0d2c04c72..b5fbb553f666 100644 --- a/programs/ssl/ssl_context_info.c +++ b/programs/ssl/ssl_context_info.c @@ -937,6 +937,10 @@ int main(int argc, char *argv[]) * file name is correct */ parse_arguments(argc, argv); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_crypto_init(); +#endif + if (NULL != b64_file) { b64_buf = malloc(SSL_INIT_LEN); ssl_buf = malloc(SSL_INIT_LEN); diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function index da91f445469b..3f44b2617bd1 100644 --- a/tests/suites/test_suite_debug.function +++ b/tests/suites/test_suite_debug.function @@ -167,7 +167,7 @@ void mbedtls_debug_print_crt(char *crt_file, char *file, int line, mbedtls_ssl_config conf; struct buffer_data buffer; - MD_PSA_INIT(); + PSA_INIT(); mbedtls_ssl_init(&ssl); mbedtls_ssl_config_init(&conf); @@ -193,7 +193,7 @@ exit: mbedtls_x509_crt_free(&crt); mbedtls_ssl_free(&ssl); mbedtls_ssl_config_free(&conf); - MD_PSA_DONE(); + PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 5a4e77ff18f3..eb9c73c0e844 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -1,5 +1,6 @@ /* BEGIN_HEADER */ #include "mbedtls/pk.h" +#include "pk_internal.h" /* For error codes */ #include "mbedtls/asn1.h" @@ -24,14 +25,14 @@ #define RSA_KEY_LEN 64 #if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_ECP_LIGHT) -static int pk_genkey_ec(mbedtls_ecp_group *grp, - mbedtls_mpi *d, mbedtls_ecp_point *Q) +static int pk_genkey_ec(mbedtls_pk_context *pk) { psa_status_t status; + mbedtls_ecp_keypair *eck = mbedtls_pk_ec(*pk); psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; size_t curve_bits; - psa_ecc_family_t curve = mbedtls_ecc_group_to_psa(grp->id, + psa_ecc_family_t curve = mbedtls_ecc_group_to_psa(eck->grp.id, &curve_bits); unsigned char key_buf[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH]; size_t key_len; @@ -52,7 +53,7 @@ static int pk_genkey_ec(mbedtls_ecp_group *grp, goto exit; } - ret = mbedtls_mpi_read_binary(d, key_buf, key_len); + ret = mbedtls_mpi_read_binary(&eck->d, key_buf, key_len); if (ret != 0) { goto exit; } @@ -64,12 +65,26 @@ static int pk_genkey_ec(mbedtls_ecp_group *grp, goto exit; } - ret = mbedtls_ecp_point_read_binary(grp, Q, key_buf, key_len); + status = psa_destroy_key(key_id); + if (status != PSA_SUCCESS) { + return psa_pk_status_to_mbedtls(status); + } -exit: - psa_destroy_key(key_id); + ret = mbedtls_ecp_point_read_binary(&eck->grp, &eck->Q, key_buf, key_len); + if (ret != 0) { + return ret; + } - return ret; + ret = mbedtls_pk_update_public_key_from_keypair(pk); + if (ret != 0) { + return ret; + } + + return 0; + +exit: + status = psa_destroy_key(key_id); + return (ret != 0) ? ret : psa_pk_status_to_mbedtls(status); } #endif /* MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_ECP_LIGHT */ @@ -101,15 +116,13 @@ static int pk_genkey(mbedtls_pk_context *pk, int parameter) mbedtls_pk_get_type(pk) == MBEDTLS_PK_ECKEY_DH || mbedtls_pk_get_type(pk) == MBEDTLS_PK_ECDSA) { int ret; - if ((ret = mbedtls_ecp_group_load(&mbedtls_pk_ec(*pk)->grp, - parameter)) != 0) { + + ret = mbedtls_ecp_group_load(&mbedtls_pk_ec(*pk)->grp, parameter); + if (ret != 0) { return ret; } - #if defined(MBEDTLS_USE_PSA_CRYPTO) - return pk_genkey_ec(&mbedtls_pk_ec(*pk)->grp, - &mbedtls_pk_ec(*pk)->d, - &mbedtls_pk_ec(*pk)->Q); + return pk_genkey_ec(pk); #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_ECP_C) return mbedtls_ecp_gen_keypair(&mbedtls_pk_ec(*pk)->grp, @@ -580,6 +593,7 @@ void mbedtls_pk_check_pair(char *pub_file, char *prv_file, int ret) } #endif +exit: mbedtls_pk_free(&pub); mbedtls_pk_free(&prv); mbedtls_pk_free(&alt); @@ -713,6 +727,10 @@ void pk_ec_test_vec(int type, int id, data_t *key, data_t *hash, TEST_ASSERT(mbedtls_ecp_point_read_binary(&eckey->grp, &eckey->Q, key->x, key->len) == 0); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + TEST_ASSERT(mbedtls_pk_update_public_key_from_keypair(&pk) == 0); +#endif + // MBEDTLS_MD_NONE is used since it will be ignored. TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_NONE, hash->x, hash->len, sig->x, sig->len) == ret); @@ -749,6 +767,9 @@ void pk_sign_verify_restart(int pk_type, int grp_id, char *d_str, TEST_ASSERT(mbedtls_pk_setup(&pub, mbedtls_pk_info_from_type(pk_type)) == 0); TEST_ASSERT(mbedtls_ecp_group_load(&mbedtls_pk_ec(pub)->grp, grp_id) == 0); TEST_ASSERT(mbedtls_ecp_point_read_string(&mbedtls_pk_ec(pub)->Q, 16, QX_str, QY_str) == 0); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + TEST_ASSERT(mbedtls_pk_update_public_key_from_keypair(&pub) == 0); +#endif mbedtls_ecp_set_max_ops(max_ops); @@ -1298,6 +1319,9 @@ void pk_psa_sign(int parameter_arg, mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY)) == 0); TEST_ASSERT(pk_genkey(&pk, grpid) == 0); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + TEST_ASSERT(mbedtls_pk_update_public_key_from_keypair(&pk) == 0); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ alg_psa = PSA_ALG_ECDSA(PSA_ALG_SHA_256); } else #endif /* MBEDTLS_PK_CAN_ECDSA_SIGN */ @@ -1383,6 +1407,9 @@ void pk_psa_sign(int parameter_arg, TEST_EQUAL(mbedtls_ecp_point_read_binary(&(mbedtls_pk_ec(pk)->grp), &(mbedtls_pk_ec(pk)->Q), pkey_legacy_start, klen_legacy), 0); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + TEST_ASSERT(mbedtls_pk_update_public_key_from_keypair(&pk) == 0); +#endif #endif TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_SHA256, hash, sizeof(hash), sig, sig_len) == 0); diff --git a/tests/suites/test_suite_pkparse.function b/tests/suites/test_suite_pkparse.function index 751482a9e7d6..49e935db5c19 100644 --- a/tests/suites/test_suite_pkparse.function +++ b/tests/suites/test_suite_pkparse.function @@ -77,6 +77,8 @@ void pk_parse_public_keyfile_ec(char *key_file, int result) mbedtls_pk_context ctx; int res; + USE_PSA_INIT(); + mbedtls_pk_init(&ctx); res = mbedtls_pk_parse_public_keyfile(&ctx, key_file); @@ -84,14 +86,21 @@ void pk_parse_public_keyfile_ec(char *key_file, int result) TEST_ASSERT(res == result); if (res == 0) { - mbedtls_ecp_keypair *eckey; TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_ECKEY)); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + /* No need to check whether the parsed public point is on the curve or + * not because this is already done by the internal "pk_get_ecpubkey()" + * function */ +#else + mbedtls_ecp_keypair *eckey; eckey = mbedtls_pk_ec(ctx); TEST_ASSERT(mbedtls_ecp_check_pubkey(&eckey->grp, &eckey->Q) == 0); +#endif } exit: mbedtls_pk_free(&ctx); + USE_PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_pkwrite.function b/tests/suites/test_suite_pkwrite.function index 7e8a32d345c5..642773e811d5 100644 --- a/tests/suites/test_suite_pkwrite.function +++ b/tests/suites/test_suite_pkwrite.function @@ -22,6 +22,8 @@ void pk_write_pubkey_check(char *key_file) memset(buf, 0, sizeof(buf)); memset(check_buf, 0, sizeof(check_buf)); + USE_PSA_INIT(); + mbedtls_pk_init(&key); TEST_ASSERT(mbedtls_pk_parse_public_keyfile(&key, key_file) == 0); @@ -45,6 +47,7 @@ void pk_write_pubkey_check(char *key_file) exit: mbedtls_pk_free(&key); + USE_PSA_DONE(); } /* END_CASE */ @@ -61,6 +64,8 @@ void pk_write_key_check(char *key_file) memset(buf, 0, sizeof(buf)); memset(check_buf, 0, sizeof(check_buf)); + USE_PSA_INIT(); + mbedtls_pk_init(&key); TEST_ASSERT(mbedtls_pk_parse_keyfile(&key, key_file, NULL, mbedtls_test_rnd_std_rand, NULL) == 0); @@ -85,5 +90,6 @@ void pk_write_key_check(char *key_file) exit: mbedtls_pk_free(&key); + USE_PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 6bda6ca06589..2da78ba9eb82 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -2111,6 +2111,7 @@ void ssl_serialize_session_save_load(int ticket_len, char *crt_file, unsigned char *buf = NULL; size_t len; + USE_PSA_INIT(); /* * Test that a save-load pair is the identity */ @@ -2248,6 +2249,7 @@ exit: mbedtls_ssl_session_free(&original); mbedtls_ssl_session_free(&restored); mbedtls_free(buf); + USE_PSA_DONE(); } /* END_CASE */ @@ -2259,6 +2261,7 @@ void ssl_serialize_session_load_save(int ticket_len, char *crt_file, unsigned char *buf1 = NULL, *buf2 = NULL; size_t len0, len1, len2; + USE_PSA_INIT(); /* * Test that a load-save pair is the identity */ @@ -2310,6 +2313,7 @@ exit: mbedtls_ssl_session_free(&session); mbedtls_free(buf1); mbedtls_free(buf2); + USE_PSA_DONE(); } /* END_CASE */ @@ -2321,6 +2325,7 @@ void ssl_serialize_session_save_buf_size(int ticket_len, char *crt_file, unsigned char *buf = NULL; size_t good_len, bad_len, test_len; + USE_PSA_INIT(); /* * Test that session_save() fails cleanly on small buffers */ @@ -2357,6 +2362,7 @@ void ssl_serialize_session_save_buf_size(int ticket_len, char *crt_file, exit: mbedtls_ssl_session_free(&session); mbedtls_free(buf); + USE_PSA_DONE(); } /* END_CASE */ @@ -2368,6 +2374,7 @@ void ssl_serialize_session_load_buf_size(int ticket_len, char *crt_file, unsigned char *good_buf = NULL, *bad_buf = NULL; size_t good_len, bad_len; + USE_PSA_INIT(); /* * Test that session_load() fails cleanly on small buffers */ @@ -2410,6 +2417,7 @@ exit: mbedtls_ssl_session_free(&session); mbedtls_free(good_buf); mbedtls_free(bad_buf); + USE_PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index 177bc97ad365..c2cba2fd522c 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -447,6 +447,8 @@ void x509_parse_san(char *crt_file, char *result_str, int parse_result) char *p = buf; size_t n = sizeof(buf); + USE_PSA_INIT(); + mbedtls_x509_crt_init(&crt); memset(buf, 0, 2000); @@ -477,6 +479,7 @@ void x509_parse_san(char *crt_file, char *result_str, int parse_result) exit: mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); } /* END_CASE */ @@ -487,6 +490,8 @@ void x509_cert_info(char *crt_file, char *result_str) char buf[2000]; int res; + USE_PSA_INIT(); + mbedtls_x509_crt_init(&crt); memset(buf, 0, 2000); @@ -500,6 +505,7 @@ void x509_cert_info(char *crt_file, char *result_str) exit: mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); } /* END_CASE */ @@ -549,6 +555,8 @@ void mbedtls_x509_csr_info(char *csr_file, char *result_str) char buf[2000]; int res; + USE_PSA_INIT(); + mbedtls_x509_csr_init(&csr); memset(buf, 0, 2000); @@ -562,6 +570,7 @@ void mbedtls_x509_csr_info(char *csr_file, char *result_str) exit: mbedtls_x509_csr_free(&csr); + USE_PSA_DONE(); } /* END_CASE */ @@ -957,6 +966,8 @@ void mbedtls_x509_time_is_past(char *crt_file, char *entity, int result) { mbedtls_x509_crt crt; + USE_PSA_INIT(); + mbedtls_x509_crt_init(&crt); TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == 0); @@ -971,6 +982,7 @@ void mbedtls_x509_time_is_past(char *crt_file, char *entity, int result) exit: mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); } /* END_CASE */ @@ -978,6 +990,7 @@ exit: void mbedtls_x509_time_is_future(char *crt_file, char *entity, int result) { mbedtls_x509_crt crt; + USE_PSA_INIT(); mbedtls_x509_crt_init(&crt); @@ -993,6 +1006,7 @@ void mbedtls_x509_time_is_future(char *crt_file, char *entity, int result) exit: mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); } /* END_CASE */ @@ -1001,12 +1015,15 @@ void x509parse_crt_file(char *crt_file, int result) { mbedtls_x509_crt crt; + USE_PSA_INIT(); + mbedtls_x509_crt_init(&crt); TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == result); exit: mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); } /* END_CASE */ @@ -1021,6 +1038,8 @@ void x509parse_crt(data_t *buf, char *result_str, int result) ((void) result_str); #endif + USE_PSA_INIT(); + mbedtls_x509_crt_init(&crt); TEST_ASSERT(mbedtls_x509_crt_parse_der(&crt, buf->x, buf->len) == (result)); @@ -1088,6 +1107,7 @@ void x509parse_crt(data_t *buf, char *result_str, int result) exit: mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); } /* END_CASE */ @@ -1178,6 +1198,8 @@ void mbedtls_x509_csr_parse(data_t *csr_der, char *ref_out, int ref_ret) char my_out[1000]; int my_ret; + USE_PSA_INIT(); + mbedtls_x509_csr_init(&csr); memset(my_out, 0, sizeof(my_out)); @@ -1192,6 +1214,7 @@ void mbedtls_x509_csr_parse(data_t *csr_der, char *ref_out, int ref_ret) exit: mbedtls_x509_csr_free(&csr); + USE_PSA_DONE(); } /* END_CASE */ @@ -1225,6 +1248,8 @@ void mbedtls_x509_crt_parse_path(char *crt_path, int ret, int nb_crt) mbedtls_x509_crt chain, *cur; int i; + USE_PSA_INIT(); + mbedtls_x509_crt_init(&chain); TEST_ASSERT(mbedtls_x509_crt_parse_path(&chain, crt_path) == ret); @@ -1240,6 +1265,7 @@ void mbedtls_x509_crt_parse_path(char *crt_path, int ret, int nb_crt) exit: mbedtls_x509_crt_free(&chain); + USE_PSA_DONE(); } /* END_CASE */ @@ -1392,6 +1418,7 @@ void x509_check_key_usage(char *crt_file, int usage, int ret) exit: mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); } /* END_CASE */ @@ -1401,6 +1428,8 @@ void x509_check_extended_key_usage(char *crt_file, data_t *oid, int ret { mbedtls_x509_crt crt; + USE_PSA_INIT(); + mbedtls_x509_crt_init(&crt); @@ -1411,6 +1440,7 @@ void x509_check_extended_key_usage(char *crt_file, data_t *oid, int ret exit: mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); } /* END_CASE */