Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Avoid parse/unparse public ECC keys in PK with USE_PSA #7202

Closed
wants to merge 35 commits into from
Closed

Avoid parse/unparse public ECC keys in PK with USE_PSA #7202

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
35 commits
Select commit Hold shift + click to select a range
a800feb
pk: keep public key in raw format
valeriosetti Mar 2, 2023
59d8bd8
test: fix tests for the new EC public key management
valeriosetti Mar 10, 2023
1d8d8ad
pk_parse: fix cleared buffer size in pk_get_ecpubkey
valeriosetti Mar 10, 2023
b8b013f
ssl_context_info: add psa_crypto_init when USE_PSA_CRYPTO is enabled
valeriosetti Mar 10, 2023
1a72a55
pk/test fix: add missing guards
valeriosetti Mar 13, 2023
c3a9a74
fix code style
valeriosetti Mar 13, 2023
c183cea
pk: removing unnecessary function for EC keypair generation
valeriosetti Mar 16, 2023
490366b
pk: add missing functions descriptions and return/parameter checks
valeriosetti Mar 16, 2023
d7128b5
pk: minor code restyling
valeriosetti Mar 16, 2023
3dbd653
pk: fix return value checks
valeriosetti Mar 20, 2023
b624d10
pk: do not use MBEDTLS_PRIVATE in library code
valeriosetti Mar 20, 2023
33aa8f9
pk: minor fix to code and comments
valeriosetti Mar 20, 2023
e77ea30
test: fix a PSA init/end guard in test_suite_debug
valeriosetti Mar 24, 2023
d56ccf3
pk: fix comments/typos
valeriosetti Mar 27, 2023
4cdbf35
pk: minor code improvements
valeriosetti Mar 27, 2023
34de833
pkparse: minor code improvement
valeriosetti Mar 28, 2023
f3abad1
pkparse: optimize failure cases in pk_convert_compressed_ec()
valeriosetti Mar 28, 2023
3fbbeab
pk: move some functions to an internal header
valeriosetti Apr 6, 2023
7565547
pk: replace platform_zeroize with memset
valeriosetti Apr 6, 2023
5cb8084
pk: check for correct key type when trying the new public key management
valeriosetti Apr 6, 2023
2362194
pk: always keep "old" ecp_keypair updated with the new raw format
valeriosetti Apr 6, 2023
ec153b0
pkwrite: use a single pk_write_ec_pubkey() function
valeriosetti Apr 6, 2023
2088ab7
test: use USE_PSA_INIT/DONE macros instead of USE_PSA/DONE
valeriosetti Apr 6, 2023
43584b5
pk_wrap: eckey_check_pair_psa() to use raw buffer for public key
valeriosetti Apr 11, 2023
10b4fff
test: fix missing USE_PSA_INIT/DONE
valeriosetti Apr 11, 2023
89aba1c
remove extra white spaces
valeriosetti Apr 11, 2023
a0011bd
remove some leftover changes from previous design
valeriosetti Apr 13, 2023
14b8094
pk: move internal function out of public header file
valeriosetti Apr 13, 2023
71c7eb9
test: improve pk_genkey_ec() function
valeriosetti Apr 13, 2023
9bedc2b
pk: use the same calling convention for all key types
valeriosetti Apr 13, 2023
0ea4c87
removing leftovers from initial development
valeriosetti Apr 13, 2023
5a02721
revert change to mbedtls_pk_rsa()
valeriosetti Apr 17, 2023
337a348
pk: use same calling convention for pk_wrap functions
valeriosetti Apr 17, 2023
d838adb
pk: fix some rebase issue related to ECP_LIGHT
valeriosetti Apr 17, 2023
0edd108
minor optimizations
valeriosetti Apr 19, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 9 additions & 1 deletion include/mbedtls/pk.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@
#include "mbedtls/rsa.h"
#endif

#if defined(MBEDTLS_ECP_C)
#if defined(MBEDTLS_ECP_LIGHT)
#include "mbedtls/ecp.h"
#endif

Expand Down Expand Up @@ -232,12 +232,20 @@ typedef struct mbedtls_pk_debug_item {
*/
typedef struct mbedtls_pk_info_t mbedtls_pk_info_t;

#define MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN \
PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS)
/**
* \brief Public key container
*/
typedef struct mbedtls_pk_context {
const mbedtls_pk_info_t *MBEDTLS_PRIVATE(pk_info); /**< Public key information */
void *MBEDTLS_PRIVATE(pk_ctx); /**< Underlying public key context */
#if defined(MBEDTLS_ECP_LIGHT) && defined(MBEDTLS_USE_PSA_CRYPTO)
uint8_t MBEDTLS_PRIVATE(pk_raw)[MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN]; /**< Raw public key */
mpg marked this conversation as resolved.
Show resolved Hide resolved
size_t MBEDTLS_PRIVATE(pk_raw_len); /**< Valid bytes in "pk_raw" */
psa_ecc_family_t MBEDTLS_PRIVATE(pk_ec_family); /**< EC family of pk */
size_t MBEDTLS_PRIVATE(pk_bits); /**< Curve's bits of pk */
#endif /* MBEDTLS_ECP_LIGHT && MBEDTLS_USE_PSA_CRYPTO */
} mbedtls_pk_context;

#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
Expand Down
107 changes: 98 additions & 9 deletions library/pk.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@
#include "mbedtls/pk.h"
#include "pk_wrap.h"
#include "pkwrite.h"
#include "pk_internal.h"

#include "hash_info.h"

Expand Down Expand Up @@ -60,6 +61,12 @@ void mbedtls_pk_init(mbedtls_pk_context *ctx)
{
ctx->pk_info = NULL;
ctx->pk_ctx = NULL;
#if defined(MBEDTLS_ECP_LIGHT) && defined(MBEDTLS_USE_PSA_CRYPTO)
memset(ctx->pk_raw, 0, sizeof(ctx->pk_raw));
ctx->pk_raw_len = 0;
ctx->pk_ec_family = 0;
ctx->pk_bits = 0;
#endif /* MBEDTLS_ECP_LIGHT && MBEDTLS_USE_PSA_CRYPTO */
}

/*
Expand Down Expand Up @@ -443,8 +450,8 @@ int mbedtls_pk_verify_restartable(mbedtls_pk_context *ctx,
return ret;
}

ret = ctx->pk_info->verify_rs_func(ctx->pk_ctx,
md_alg, hash, hash_len, sig, sig_len, rs_ctx->rs_ctx);
ret = ctx->pk_info->verify_rs_func(ctx, md_alg, hash, hash_len,
sig, sig_len, rs_ctx->rs_ctx);

if (ret != MBEDTLS_ERR_ECP_IN_PROGRESS) {
mbedtls_pk_restart_free(rs_ctx);
Expand All @@ -460,7 +467,7 @@ int mbedtls_pk_verify_restartable(mbedtls_pk_context *ctx,
return MBEDTLS_ERR_PK_TYPE_MISMATCH;
}

return ctx->pk_info->verify_func(ctx->pk_ctx, md_alg, hash, hash_len,
return ctx->pk_info->verify_func(ctx, md_alg, hash, hash_len,
sig, sig_len);
}

Expand Down Expand Up @@ -626,7 +633,7 @@ int mbedtls_pk_sign_restartable(mbedtls_pk_context *ctx,
return ret;
}

ret = ctx->pk_info->sign_rs_func(ctx->pk_ctx, md_alg,
ret = ctx->pk_info->sign_rs_func(ctx, md_alg,
hash, hash_len,
sig, sig_size, sig_len,
f_rng, p_rng, rs_ctx->rs_ctx);
Expand All @@ -645,7 +652,7 @@ int mbedtls_pk_sign_restartable(mbedtls_pk_context *ctx,
return MBEDTLS_ERR_PK_TYPE_MISMATCH;
}

return ctx->pk_info->sign_func(ctx->pk_ctx, md_alg,
return ctx->pk_info->sign_func(ctx, md_alg,
hash, hash_len,
sig, sig_size, sig_len,
f_rng, p_rng);
Expand Down Expand Up @@ -736,7 +743,7 @@ int mbedtls_pk_decrypt(mbedtls_pk_context *ctx,
return MBEDTLS_ERR_PK_TYPE_MISMATCH;
}

return ctx->pk_info->decrypt_func(ctx->pk_ctx, input, ilen,
return ctx->pk_info->decrypt_func(ctx, input, ilen,
output, olen, osize, f_rng, p_rng);
}

Expand All @@ -756,7 +763,7 @@ int mbedtls_pk_encrypt(mbedtls_pk_context *ctx,
return MBEDTLS_ERR_PK_TYPE_MISMATCH;
}

return ctx->pk_info->encrypt_func(ctx->pk_ctx, input, ilen,
return ctx->pk_info->encrypt_func(ctx, input, ilen,
output, olen, osize, f_rng, p_rng);
}

Expand Down Expand Up @@ -791,7 +798,7 @@ int mbedtls_pk_check_pair(const mbedtls_pk_context *pub,
}
}

return prv->pk_info->check_pair_func(pub->pk_ctx, prv->pk_ctx, f_rng, p_rng);
return prv->pk_info->check_pair_func(pub, prv, f_rng, p_rng);
}

/*
Expand All @@ -805,7 +812,7 @@ size_t mbedtls_pk_get_bitlen(const mbedtls_pk_context *ctx)
return 0;
}

return ctx->pk_info->get_bitlen(ctx->pk_ctx);
return ctx->pk_info->get_bitlen((mbedtls_pk_context *) ctx);
}

/*
Expand Down Expand Up @@ -850,6 +857,88 @@ mbedtls_pk_type_t mbedtls_pk_get_type(const mbedtls_pk_context *ctx)
}

#if defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(MBEDTLS_ECP_LIGHT)
int mbedtls_pk_get_ec_public_key_props(mbedtls_pk_context *pk,
psa_ecc_family_t *ec_curve, size_t *bits)
{
if ((pk == NULL) || (ec_curve == NULL) || (bits == NULL)) {
return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
}
if ((pk->pk_ec_family == 0) ||
(pk->pk_bits == 0)) {
return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
}

*ec_curve = pk->pk_ec_family;
*bits = pk->pk_bits;

return 0;
}

int mbedtls_pk_update_public_key_from_keypair(mbedtls_pk_context *pk)
{
int ret = MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
mbedtls_ecp_keypair *ecp_keypair;

if (pk == NULL) {
return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
}
/* RSA does not support raw public keys inside the pk_context structure,
* so we quit silently in this case */
if ((pk->pk_info->type != MBEDTLS_PK_ECKEY) &&
(pk->pk_info->type != MBEDTLS_PK_ECKEY_DH) &&
(pk->pk_info->type != MBEDTLS_PK_ECDSA)) {
return 0;
}

ecp_keypair = mbedtls_pk_ec(*pk);

ret = mbedtls_ecp_point_write_binary(&ecp_keypair->grp, &ecp_keypair->Q,
MBEDTLS_ECP_PF_UNCOMPRESSED,
&pk->pk_raw_len,
pk->pk_raw,
MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN);
if (ret != 0) {
return ret;
}

pk->pk_ec_family = mbedtls_ecc_group_to_psa(ecp_keypair->grp.id,
&pk->pk_bits);

return 0;
}

int mbedtls_pk_update_keypair_from_public_key(mbedtls_pk_context *pk)
{
int ret = MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
mbedtls_ecp_keypair *ecp_keypair;
mbedtls_ecp_group_id group_id;

if (pk == NULL) {
return MBEDTLS_PK_NONE;
}
/* RSA does not support raw public keys inside the pk_context structure,
* so we quit silently in this case */
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Like mbedtls_pk_update_public_key_from_keypair() above, we should list types that are supported instead.

if ((pk->pk_info->type != MBEDTLS_PK_ECKEY) &&
(pk->pk_info->type != MBEDTLS_PK_ECKEY_DH) &&
(pk->pk_info->type != MBEDTLS_PK_ECDSA)) {
return 0;
}

ecp_keypair = mbedtls_pk_ec(*pk);

group_id = mbedtls_ecc_group_of_psa(pk->pk_ec_family, pk->pk_bits, 0);
ret = mbedtls_ecp_group_load(&(ecp_keypair->grp), group_id);
if (ret != 0) {
return ret;
}
ret = mbedtls_ecp_point_read_binary(&(ecp_keypair->grp), &(ecp_keypair->Q),
pk->pk_raw, pk->pk_raw_len);

return ret;
}
#endif /* MBEDTLS_ECP_LIGHT */

/*
* Load the key to a PSA key slot,
* then turn the PK context into a wrapper for that key slot.
Expand Down
80 changes: 80 additions & 0 deletions library/pk_internal.h
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,80 @@
/**
* \file pk_internal.h
*
* \brief Public Key abstraction layer: internal (i.e. library only) functions
* and definitions.
*/
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef MBEDTLS_PK_INTERNAL_H
#define MBEDTLS_PK_INTERNAL_H

#include "mbedtls/pk.h"

#if defined(MBEDTLS_ECP_LIGHT)
#include "mbedtls/ecp.h"
#endif

#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa/crypto.h"
#endif

#if defined(MBEDTLS_ECP_LIGHT) && defined(MBEDTLS_USE_PSA_CRYPTO)
/**
* Return EC parameter used in the given PK context.
*
* \param pk The PK context that from which the EC's key properties will
* be get.
* \param ec_curve Output variable that will get the EC family.
* \param bits Output variable that will get the number of bits used for
* the EC curve.
*
* \return 0, on success;
* MBEDTLS_ERR_PK_BAD_INPUT_DATA if the provided pointers are
* not valid or if the provided PK context has no valid
* EC properties set.
*/
int mbedtls_pk_get_ec_public_key_props(mbedtls_pk_context *pk,
psa_ecc_family_t *ec_curve,
size_t *bits);

/**
* \brief Copy the public key content in raw format from "ctx->pk_ctx"
* (which is an ecp_keypair) into the internal "ctx->pk_raw" buffer.
*
* \note This is a temporary function that can be removed as soon as the pk
* module is free from ECP_C
*
* \param pk It is the pk_context which is going to be updated. It acts both
* as input and output.
*/
int mbedtls_pk_update_public_key_from_keypair(mbedtls_pk_context *pk);

/**
* \brief Copy the public key content from the internal raw buffer, "ctx->pk_raw",
* to the ecp_keypair structure, "ctx->pk_ctx".
*
* \note This is a temporary function that can be removed as soon as the pk
* module is free from ECP_C
*
* \param pk It is the pk_context which is going to be updated. It acts both
* as input and output.
*/
int mbedtls_pk_update_keypair_from_public_key(mbedtls_pk_context *pk);
#endif /* MBEDTLS_ECP_LIGHT && MBEDTLS_USE_PSA_CRYPTO */

#endif /* MBEDTLS_PK_INTERNAL_H */
Loading