test_driver_key_management.c (30645B)
1 /* 2 * Test driver for generating and verifying keys. 3 * Currently only supports generating and verifying ECC keys. 4 */ 5 /* Copyright The Mbed TLS Contributors 6 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 7 */ 8 9 #include <test/helpers.h> 10 11 #if defined(PSA_CRYPTO_DRIVER_TEST) 12 #include "psa/crypto.h" 13 #include "psa_crypto_core.h" 14 #include "psa_crypto_ecp.h" 15 #include "psa_crypto_rsa.h" 16 #include "psa_crypto_ffdh.h" 17 #include "mbedtls/ecp.h" 18 #include "mbedtls/error.h" 19 20 #include "test/drivers/key_management.h" 21 #include "test/drivers/test_driver.h" 22 23 #include "test/random.h" 24 25 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) 26 #if MBEDTLS_VERSION_MAJOR < 4 27 #include "libtestdriver1/library/psa_crypto_ecp.h" 28 #include "libtestdriver1/library/psa_crypto_rsa.h" 29 #include "libtestdriver1/library/psa_crypto_ffdh.h" 30 #else 31 #include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.h" 32 #include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_rsa.h" 33 #include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_ffdh.h" 34 #endif 35 #endif 36 37 #include <string.h> 38 39 mbedtls_test_driver_key_management_hooks_t 40 mbedtls_test_driver_key_management_hooks = MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT; 41 42 const uint8_t mbedtls_test_driver_aes_key[16] = 43 { 0x36, 0x77, 0x39, 0x7A, 0x24, 0x43, 0x26, 0x46, 44 0x29, 0x4A, 0x40, 0x4E, 0x63, 0x52, 0x66, 0x55 }; 45 const uint8_t mbedtls_test_driver_ecdsa_key[32] = 46 { 0xdc, 0x7d, 0x9d, 0x26, 0xd6, 0x7a, 0x4f, 0x63, 47 0x2c, 0x34, 0xc2, 0xdc, 0x0b, 0x69, 0x86, 0x18, 48 0x38, 0x82, 0xc2, 0x06, 0xdf, 0x04, 0xcd, 0xb7, 49 0xd6, 0x9a, 0xab, 0xe2, 0x8b, 0xe4, 0xf8, 0x1a }; 50 const uint8_t mbedtls_test_driver_ecdsa_pubkey[65] = 51 { 0x04, 52 0x85, 0xf6, 0x4d, 0x89, 0xf0, 0x0b, 0xe6, 0x6c, 53 0x88, 0xdd, 0x93, 0x7e, 0xfd, 0x6d, 0x7c, 0x44, 54 0x56, 0x48, 0xdc, 0xb7, 0x01, 0x15, 0x0b, 0x8a, 55 0x95, 0x09, 0x29, 0x58, 0x50, 0xf4, 0x1c, 0x19, 56 0x31, 0xe5, 0x71, 0xfb, 0x8f, 0x8c, 0x78, 0x31, 57 0x7a, 0x20, 0xb3, 0x80, 0xe8, 0x66, 0x58, 0x4b, 58 0xbc, 0x25, 0x16, 0xc3, 0xd2, 0x70, 0x2d, 0x79, 59 0x2f, 0x13, 0x1a, 0x92, 0x20, 0x95, 0xfd, 0x6c }; 60 61 psa_status_t mbedtls_test_transparent_init(void) 62 { 63 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 64 65 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) 66 status = libtestdriver1_psa_crypto_init(); 67 if (status != PSA_SUCCESS) { 68 return status; 69 } 70 #endif 71 72 (void) status; 73 return PSA_SUCCESS; 74 } 75 76 void mbedtls_test_transparent_free(void) 77 { 78 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) 79 libtestdriver1_mbedtls_psa_crypto_free(); 80 #endif 81 82 return; 83 } 84 85 psa_status_t mbedtls_test_opaque_init(void) 86 { 87 return PSA_SUCCESS; 88 } 89 90 void mbedtls_test_opaque_free(void) 91 { 92 return; 93 } 94 95 /* 96 * This macro returns the base size for the key context when SE does not 97 * support storage. It is the size of the metadata that gets added to the 98 * wrapped key. In its test functionality the metadata is just some padded 99 * prefixing to the key. 100 */ 101 #define TEST_DRIVER_KEY_CONTEXT_BASE_SIZE \ 102 PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX_SIZE 103 104 105 size_t mbedtls_test_opaque_size_function( 106 const psa_key_type_t key_type, 107 const size_t key_bits) 108 { 109 size_t key_buffer_size = 0; 110 111 key_buffer_size = PSA_EXPORT_KEY_OUTPUT_SIZE(key_type, key_bits); 112 if (key_buffer_size == 0) { 113 return 0; 114 } 115 /* Include spacing for base size overhead over the key size 116 * */ 117 key_buffer_size += TEST_DRIVER_KEY_CONTEXT_BASE_SIZE; 118 return key_buffer_size; 119 } 120 121 static size_t mbedtls_test_opaque_get_base_size() 122 { 123 return TEST_DRIVER_KEY_CONTEXT_BASE_SIZE; 124 } 125 126 /* 127 * The wrap function mbedtls_test_opaque_wrap_key pads and wraps the 128 * clear key. It expects the clear and wrap buffers to be passed in. 129 * key_length is the size of the clear key to be wrapped. 130 * wrapped_key_buffer_size is the size of the output buffer wrap_key. 131 * The argument wrapped_key_buffer_length is filled with the wrapped 132 * key_size on success. 133 * */ 134 static psa_status_t mbedtls_test_opaque_wrap_key( 135 const uint8_t *key, 136 size_t key_length, 137 uint8_t *wrapped_key_buffer, 138 size_t wrapped_key_buffer_size, 139 size_t *wrapped_key_buffer_length) 140 { 141 size_t opaque_key_base_size = mbedtls_test_opaque_get_base_size(); 142 uint64_t prefix = PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX; 143 144 if (key_length + opaque_key_base_size > wrapped_key_buffer_size) { 145 return PSA_ERROR_BUFFER_TOO_SMALL; 146 } 147 148 /* Write in the opaque pad prefix */ 149 memcpy(wrapped_key_buffer, &prefix, opaque_key_base_size); 150 wrapped_key_buffer += opaque_key_base_size; 151 *wrapped_key_buffer_length = key_length + opaque_key_base_size; 152 153 while (key_length--) { 154 wrapped_key_buffer[key_length] = key[key_length] ^ 0xFF; 155 } 156 return PSA_SUCCESS; 157 } 158 159 /* 160 * The unwrap function mbedtls_test_opaque_unwrap_key removes a pad prefix 161 * and unwraps the wrapped key. It expects the clear and wrap buffers to be 162 * passed in. 163 * wrapped_key_length is the size of the wrapped key, 164 * key_buffer_size is the size of the output buffer clear_key. 165 * The argument key_buffer_length is filled with the unwrapped(clear) 166 * key_size on success. 167 * */ 168 psa_status_t mbedtls_test_opaque_unwrap_key( 169 const uint8_t *wrapped_key, 170 size_t wrapped_key_length, 171 uint8_t *key_buffer, 172 size_t key_buffer_size, 173 size_t *key_buffer_length) 174 { 175 /* Remove the pad prefix from the wrapped key */ 176 size_t opaque_key_base_size = mbedtls_test_opaque_get_base_size(); 177 size_t clear_key_size; 178 179 /* Check for underflow */ 180 if (wrapped_key_length < opaque_key_base_size) { 181 return PSA_ERROR_DATA_CORRUPT; 182 } 183 clear_key_size = wrapped_key_length - opaque_key_base_size; 184 185 wrapped_key += opaque_key_base_size; 186 if (clear_key_size > key_buffer_size) { 187 return PSA_ERROR_BUFFER_TOO_SMALL; 188 } 189 190 *key_buffer_length = clear_key_size; 191 while (clear_key_size--) { 192 key_buffer[clear_key_size] = wrapped_key[clear_key_size] ^ 0xFF; 193 } 194 return PSA_SUCCESS; 195 } 196 197 psa_status_t mbedtls_test_transparent_generate_key( 198 const psa_key_attributes_t *attributes, 199 uint8_t *key, size_t key_size, size_t *key_length) 200 { 201 ++mbedtls_test_driver_key_management_hooks.hits; 202 ++mbedtls_test_driver_key_management_hooks.hits_generate_key; 203 204 if (mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS) { 205 return mbedtls_test_driver_key_management_hooks.forced_status; 206 } 207 208 if (mbedtls_test_driver_key_management_hooks.forced_output != NULL) { 209 if (mbedtls_test_driver_key_management_hooks.forced_output_length > 210 key_size) { 211 return PSA_ERROR_BUFFER_TOO_SMALL; 212 } 213 memcpy(key, mbedtls_test_driver_key_management_hooks.forced_output, 214 mbedtls_test_driver_key_management_hooks.forced_output_length); 215 *key_length = mbedtls_test_driver_key_management_hooks.forced_output_length; 216 return PSA_SUCCESS; 217 } 218 219 if (PSA_KEY_TYPE_IS_ECC(psa_get_key_type(attributes)) 220 && PSA_KEY_TYPE_IS_KEY_PAIR(psa_get_key_type(attributes))) { 221 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ 222 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE) 223 return libtestdriver1_mbedtls_psa_ecp_generate_key( 224 (const libtestdriver1_psa_key_attributes_t *) attributes, 225 key, key_size, key_length); 226 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE) 227 return mbedtls_psa_ecp_generate_key( 228 attributes, key, key_size, key_length); 229 #endif 230 } else if (psa_get_key_type(attributes) == PSA_KEY_TYPE_RSA_KEY_PAIR) { 231 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ 232 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE) 233 return libtestdriver1_mbedtls_psa_rsa_generate_key( 234 (const libtestdriver1_psa_key_attributes_t *) attributes, 235 NULL, 0, /* We don't support custom e in the test driver yet */ 236 key, key_size, key_length); 237 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE) 238 return mbedtls_psa_rsa_generate_key( 239 attributes, 240 NULL, 0, /* We don't support custom e in the test driver yet */ 241 key, key_size, key_length); 242 #endif 243 } else if (PSA_KEY_TYPE_IS_DH(psa_get_key_type(attributes)) 244 && PSA_KEY_TYPE_IS_KEY_PAIR(psa_get_key_type(attributes))) { 245 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ 246 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE) 247 return libtestdriver1_mbedtls_psa_ffdh_generate_key( 248 (const libtestdriver1_psa_key_attributes_t *) attributes, 249 key, key_size, key_length); 250 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR) 251 return mbedtls_psa_ffdh_generate_key( 252 attributes, key, key_size, key_length); 253 #endif 254 } 255 256 (void) attributes; 257 return PSA_ERROR_NOT_SUPPORTED; 258 } 259 260 psa_status_t mbedtls_test_opaque_generate_key( 261 const psa_key_attributes_t *attributes, 262 uint8_t *key, size_t key_size, size_t *key_length) 263 { 264 (void) attributes; 265 (void) key; 266 (void) key_size; 267 (void) key_length; 268 return PSA_ERROR_NOT_SUPPORTED; 269 } 270 271 psa_status_t mbedtls_test_transparent_import_key( 272 const psa_key_attributes_t *attributes, 273 const uint8_t *data, 274 size_t data_length, 275 uint8_t *key_buffer, 276 size_t key_buffer_size, 277 size_t *key_buffer_length, 278 size_t *bits) 279 { 280 psa_key_type_t type = psa_get_key_type(attributes); 281 282 ++mbedtls_test_driver_key_management_hooks.hits; 283 mbedtls_test_driver_key_management_hooks.location = PSA_KEY_LOCATION_LOCAL_STORAGE; 284 285 if (mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS) { 286 return mbedtls_test_driver_key_management_hooks.forced_status; 287 } 288 289 if (PSA_KEY_TYPE_IS_ECC(type)) { 290 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ 291 (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ 292 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)) 293 return libtestdriver1_mbedtls_psa_ecp_import_key( 294 (const libtestdriver1_psa_key_attributes_t *) attributes, 295 data, data_length, 296 key_buffer, key_buffer_size, 297 key_buffer_length, bits); 298 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ 299 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) 300 return mbedtls_psa_ecp_import_key( 301 attributes, 302 data, data_length, 303 key_buffer, key_buffer_size, 304 key_buffer_length, bits); 305 #endif 306 } else if (PSA_KEY_TYPE_IS_RSA(type)) { 307 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ 308 (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) || \ 309 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)) 310 return libtestdriver1_mbedtls_psa_rsa_import_key( 311 (const libtestdriver1_psa_key_attributes_t *) attributes, 312 data, data_length, 313 key_buffer, key_buffer_size, 314 key_buffer_length, bits); 315 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) || \ 316 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) 317 return mbedtls_psa_rsa_import_key( 318 attributes, 319 data, data_length, 320 key_buffer, key_buffer_size, 321 key_buffer_length, bits); 322 #endif 323 } else if (PSA_KEY_TYPE_IS_DH(type)) { 324 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ 325 (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR) || \ 326 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY)) 327 return libtestdriver1_mbedtls_psa_ffdh_import_key( 328 (const libtestdriver1_psa_key_attributes_t *) attributes, 329 data, data_length, 330 key_buffer, key_buffer_size, 331 key_buffer_length, bits); 332 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ 333 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) 334 return mbedtls_psa_ffdh_import_key( 335 attributes, 336 data, data_length, 337 key_buffer, key_buffer_size, 338 key_buffer_length, bits); 339 #endif 340 } 341 (void) data; 342 (void) data_length; 343 (void) key_buffer; 344 (void) key_buffer_size; 345 (void) key_buffer_length; 346 (void) bits; 347 (void) type; 348 349 return PSA_ERROR_NOT_SUPPORTED; 350 } 351 352 353 psa_status_t mbedtls_test_opaque_import_key( 354 const psa_key_attributes_t *attributes, 355 const uint8_t *data, 356 size_t data_length, 357 uint8_t *key_buffer, 358 size_t key_buffer_size, 359 size_t *key_buffer_length, 360 size_t *bits) 361 { 362 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 363 psa_key_type_t type = psa_get_key_type(attributes); 364 /* This buffer will be used as an intermediate placeholder for 365 * the clear key till we wrap it */ 366 uint8_t *key_buffer_temp; 367 368 ++mbedtls_test_driver_key_management_hooks.hits; 369 mbedtls_test_driver_key_management_hooks.location = PSA_CRYPTO_TEST_DRIVER_LOCATION; 370 371 if (mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS) { 372 return mbedtls_test_driver_key_management_hooks.forced_status; 373 } 374 375 key_buffer_temp = mbedtls_calloc(1, key_buffer_size); 376 if (key_buffer_temp == NULL) { 377 return PSA_ERROR_INSUFFICIENT_MEMORY; 378 } 379 380 if (PSA_KEY_TYPE_IS_UNSTRUCTURED(type)) { 381 *bits = PSA_BYTES_TO_BITS(data_length); 382 383 status = psa_validate_unstructured_key_bit_size(type, 384 *bits); 385 if (status != PSA_SUCCESS) { 386 goto exit; 387 } 388 389 if (data_length > key_buffer_size) { 390 return PSA_ERROR_BUFFER_TOO_SMALL; 391 } 392 393 /* Copy the key material accounting for opaque key padding. */ 394 memcpy(key_buffer_temp, data, data_length); 395 *key_buffer_length = data_length; 396 } else if (PSA_KEY_TYPE_IS_ECC(type)) { 397 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ 398 (defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ 399 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)) 400 status = libtestdriver1_mbedtls_psa_ecp_import_key( 401 (const libtestdriver1_psa_key_attributes_t *) attributes, 402 data, data_length, 403 key_buffer_temp, key_buffer_size, 404 key_buffer_length, bits); 405 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ 406 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) 407 status = mbedtls_psa_ecp_import_key( 408 attributes, 409 data, data_length, 410 key_buffer_temp, key_buffer_size, 411 key_buffer_length, bits); 412 #else 413 status = PSA_ERROR_NOT_SUPPORTED; 414 #endif 415 if (status != PSA_SUCCESS) { 416 goto exit; 417 } 418 } else if (PSA_KEY_TYPE_IS_RSA(type)) { 419 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ 420 (defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ 421 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)) 422 status = libtestdriver1_mbedtls_psa_rsa_import_key( 423 (const libtestdriver1_psa_key_attributes_t *) attributes, 424 data, data_length, 425 key_buffer_temp, key_buffer_size, 426 key_buffer_length, bits); 427 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) || \ 428 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) 429 status = mbedtls_psa_rsa_import_key( 430 attributes, 431 data, data_length, 432 key_buffer_temp, key_buffer_size, 433 key_buffer_length, bits); 434 #else 435 status = PSA_ERROR_NOT_SUPPORTED; 436 #endif 437 if (status != PSA_SUCCESS) { 438 goto exit; 439 } 440 } else { 441 status = PSA_ERROR_INVALID_ARGUMENT; 442 goto exit; 443 } 444 445 status = mbedtls_test_opaque_wrap_key(key_buffer_temp, *key_buffer_length, 446 key_buffer, key_buffer_size, key_buffer_length); 447 exit: 448 mbedtls_free(key_buffer_temp); 449 return status; 450 } 451 452 psa_status_t mbedtls_test_opaque_export_key( 453 const psa_key_attributes_t *attributes, 454 const uint8_t *key, size_t key_length, 455 uint8_t *data, size_t data_size, size_t *data_length) 456 { 457 if (key_length == sizeof(psa_drv_slot_number_t)) { 458 /* Assume this is a builtin key based on the key material length. */ 459 psa_drv_slot_number_t slot_number = *((psa_drv_slot_number_t *) key); 460 461 switch (slot_number) { 462 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT: 463 /* This is the ECDSA slot. Verify the key's attributes before 464 * returning the private key. */ 465 if (psa_get_key_type(attributes) != 466 PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)) { 467 return PSA_ERROR_CORRUPTION_DETECTED; 468 } 469 if (psa_get_key_bits(attributes) != 256) { 470 return PSA_ERROR_CORRUPTION_DETECTED; 471 } 472 if (psa_get_key_algorithm(attributes) != 473 PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)) { 474 return PSA_ERROR_CORRUPTION_DETECTED; 475 } 476 if ((psa_get_key_usage_flags(attributes) & 477 PSA_KEY_USAGE_EXPORT) == 0) { 478 return PSA_ERROR_CORRUPTION_DETECTED; 479 } 480 481 if (data_size < sizeof(mbedtls_test_driver_ecdsa_key)) { 482 return PSA_ERROR_BUFFER_TOO_SMALL; 483 } 484 485 memcpy(data, mbedtls_test_driver_ecdsa_key, 486 sizeof(mbedtls_test_driver_ecdsa_key)); 487 *data_length = sizeof(mbedtls_test_driver_ecdsa_key); 488 return PSA_SUCCESS; 489 490 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT: 491 /* This is the AES slot. Verify the key's attributes before 492 * returning the key. */ 493 if (psa_get_key_type(attributes) != PSA_KEY_TYPE_AES) { 494 return PSA_ERROR_CORRUPTION_DETECTED; 495 } 496 if (psa_get_key_bits(attributes) != 128) { 497 return PSA_ERROR_CORRUPTION_DETECTED; 498 } 499 if (psa_get_key_algorithm(attributes) != PSA_ALG_CTR) { 500 return PSA_ERROR_CORRUPTION_DETECTED; 501 } 502 if ((psa_get_key_usage_flags(attributes) & 503 PSA_KEY_USAGE_EXPORT) == 0) { 504 return PSA_ERROR_CORRUPTION_DETECTED; 505 } 506 507 if (data_size < sizeof(mbedtls_test_driver_aes_key)) { 508 return PSA_ERROR_BUFFER_TOO_SMALL; 509 } 510 511 memcpy(data, mbedtls_test_driver_aes_key, 512 sizeof(mbedtls_test_driver_aes_key)); 513 *data_length = sizeof(mbedtls_test_driver_aes_key); 514 return PSA_SUCCESS; 515 516 default: 517 return PSA_ERROR_DOES_NOT_EXIST; 518 } 519 } else { 520 /* This buffer will be used as an intermediate placeholder for 521 * the opaque key till we unwrap the key into key_buffer */ 522 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 523 psa_key_type_t type = psa_get_key_type(attributes); 524 525 if (PSA_KEY_TYPE_IS_UNSTRUCTURED(type) || 526 PSA_KEY_TYPE_IS_RSA(type) || 527 PSA_KEY_TYPE_IS_ECC(type)) { 528 status = mbedtls_test_opaque_unwrap_key(key, key_length, 529 data, data_size, data_length); 530 return status; 531 } 532 } 533 return PSA_ERROR_NOT_SUPPORTED; 534 } 535 536 psa_status_t mbedtls_test_transparent_export_public_key( 537 const psa_key_attributes_t *attributes, 538 const uint8_t *key_buffer, size_t key_buffer_size, 539 uint8_t *data, size_t data_size, size_t *data_length) 540 { 541 ++mbedtls_test_driver_key_management_hooks.hits; 542 ++mbedtls_test_driver_key_management_hooks.hits_export_public_key; 543 544 if (mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS) { 545 return mbedtls_test_driver_key_management_hooks.forced_status; 546 } 547 548 if (mbedtls_test_driver_key_management_hooks.forced_output != NULL) { 549 if (mbedtls_test_driver_key_management_hooks.forced_output_length > 550 data_size) { 551 return PSA_ERROR_BUFFER_TOO_SMALL; 552 } 553 memcpy(data, mbedtls_test_driver_key_management_hooks.forced_output, 554 mbedtls_test_driver_key_management_hooks.forced_output_length); 555 *data_length = mbedtls_test_driver_key_management_hooks.forced_output_length; 556 return PSA_SUCCESS; 557 } 558 559 psa_key_type_t key_type = psa_get_key_type(attributes); 560 561 if (PSA_KEY_TYPE_IS_ECC(key_type)) { 562 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ 563 (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \ 564 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)) 565 return libtestdriver1_mbedtls_psa_ecp_export_public_key( 566 (const libtestdriver1_psa_key_attributes_t *) attributes, 567 key_buffer, key_buffer_size, 568 data, data_size, data_length); 569 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \ 570 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) 571 return mbedtls_psa_ecp_export_public_key( 572 attributes, 573 key_buffer, key_buffer_size, 574 data, data_size, data_length); 575 #endif 576 } else if (PSA_KEY_TYPE_IS_RSA(key_type)) { 577 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ 578 (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT) || \ 579 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)) 580 return libtestdriver1_mbedtls_psa_rsa_export_public_key( 581 (const libtestdriver1_psa_key_attributes_t *) attributes, 582 key_buffer, key_buffer_size, 583 data, data_size, data_length); 584 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT) || \ 585 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) 586 return mbedtls_psa_rsa_export_public_key( 587 attributes, 588 key_buffer, key_buffer_size, 589 data, data_size, data_length); 590 #endif 591 } else if (PSA_KEY_TYPE_IS_DH(key_type)) { 592 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ 593 (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR) || \ 594 defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY)) 595 return libtestdriver1_mbedtls_psa_ffdh_export_public_key( 596 (const libtestdriver1_psa_key_attributes_t *) attributes, 597 key_buffer, key_buffer_size, 598 data, data_size, data_length); 599 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR) || \ 600 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY) 601 return mbedtls_psa_ffdh_export_public_key( 602 attributes, 603 key_buffer, key_buffer_size, 604 data, data_size, data_length); 605 #endif 606 } 607 608 (void) key_buffer; 609 (void) key_buffer_size; 610 (void) key_type; 611 612 return PSA_ERROR_NOT_SUPPORTED; 613 } 614 615 psa_status_t mbedtls_test_opaque_export_public_key( 616 const psa_key_attributes_t *attributes, 617 const uint8_t *key, size_t key_length, 618 uint8_t *data, size_t data_size, size_t *data_length) 619 { 620 if (key_length != sizeof(psa_drv_slot_number_t)) { 621 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 622 psa_key_type_t key_type = psa_get_key_type(attributes); 623 uint8_t *key_buffer_temp; 624 625 key_buffer_temp = mbedtls_calloc(1, key_length); 626 if (key_buffer_temp == NULL) { 627 return PSA_ERROR_INSUFFICIENT_MEMORY; 628 } 629 630 if (PSA_KEY_TYPE_IS_ECC(key_type)) { 631 status = mbedtls_test_opaque_unwrap_key(key, key_length, 632 key_buffer_temp, key_length, data_length); 633 if (status == PSA_SUCCESS) { 634 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ 635 (defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ 636 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)) 637 status = libtestdriver1_mbedtls_psa_ecp_export_public_key( 638 (const libtestdriver1_psa_key_attributes_t *) attributes, 639 key_buffer_temp, *data_length, 640 data, data_size, data_length); 641 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \ 642 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) 643 status = mbedtls_psa_ecp_export_public_key( 644 attributes, 645 key_buffer_temp, *data_length, 646 data, data_size, data_length); 647 #else 648 status = PSA_ERROR_NOT_SUPPORTED; 649 #endif 650 } 651 } else if (PSA_KEY_TYPE_IS_RSA(key_type)) { 652 status = mbedtls_test_opaque_unwrap_key(key, key_length, 653 key_buffer_temp, key_length, data_length); 654 if (status == PSA_SUCCESS) { 655 #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ 656 (defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ 657 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)) 658 status = libtestdriver1_mbedtls_psa_rsa_export_public_key( 659 (const libtestdriver1_psa_key_attributes_t *) attributes, 660 key_buffer_temp, *data_length, 661 data, data_size, data_length); 662 #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT) || \ 663 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) 664 status = mbedtls_psa_rsa_export_public_key( 665 attributes, 666 key_buffer_temp, *data_length, 667 data, data_size, data_length); 668 #else 669 status = PSA_ERROR_NOT_SUPPORTED; 670 #endif 671 } 672 } else { 673 status = PSA_ERROR_NOT_SUPPORTED; 674 (void) key; 675 (void) key_type; 676 } 677 mbedtls_free(key_buffer_temp); 678 return status; 679 } 680 681 /* Assume this is a builtin key based on the key material length. */ 682 psa_drv_slot_number_t slot_number = *((psa_drv_slot_number_t *) key); 683 switch (slot_number) { 684 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT: 685 /* This is the ECDSA slot. Verify the key's attributes before 686 * returning the public key. */ 687 if (psa_get_key_type(attributes) != 688 PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)) { 689 return PSA_ERROR_CORRUPTION_DETECTED; 690 } 691 if (psa_get_key_bits(attributes) != 256) { 692 return PSA_ERROR_CORRUPTION_DETECTED; 693 } 694 if (psa_get_key_algorithm(attributes) != 695 PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)) { 696 return PSA_ERROR_CORRUPTION_DETECTED; 697 } 698 699 if (data_size < sizeof(mbedtls_test_driver_ecdsa_pubkey)) { 700 return PSA_ERROR_BUFFER_TOO_SMALL; 701 } 702 703 memcpy(data, mbedtls_test_driver_ecdsa_pubkey, 704 sizeof(mbedtls_test_driver_ecdsa_pubkey)); 705 *data_length = sizeof(mbedtls_test_driver_ecdsa_pubkey); 706 return PSA_SUCCESS; 707 708 default: 709 return PSA_ERROR_DOES_NOT_EXIST; 710 } 711 } 712 713 /* The opaque test driver exposes two built-in keys when builtin key support is 714 * compiled in. 715 * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT is an AES-128 716 * key which allows CTR mode. 717 * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT is a secp256r1 718 * private key which allows ECDSA sign & verify. 719 * The key buffer format for these is the raw format of psa_drv_slot_number_t 720 * (i.e. for an actual driver this would mean 'builtin_key_size' = 721 * sizeof(psa_drv_slot_number_t)). 722 */ 723 psa_status_t mbedtls_test_opaque_get_builtin_key( 724 psa_drv_slot_number_t slot_number, 725 psa_key_attributes_t *attributes, 726 uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length) 727 { 728 switch (slot_number) { 729 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT: 730 psa_set_key_type(attributes, PSA_KEY_TYPE_AES); 731 psa_set_key_bits(attributes, 128); 732 psa_set_key_usage_flags( 733 attributes, 734 PSA_KEY_USAGE_ENCRYPT | 735 PSA_KEY_USAGE_DECRYPT | 736 PSA_KEY_USAGE_EXPORT); 737 psa_set_key_algorithm(attributes, PSA_ALG_CTR); 738 739 if (key_buffer_size < sizeof(psa_drv_slot_number_t)) { 740 return PSA_ERROR_BUFFER_TOO_SMALL; 741 } 742 743 *((psa_drv_slot_number_t *) key_buffer) = 744 PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT; 745 *key_buffer_length = sizeof(psa_drv_slot_number_t); 746 return PSA_SUCCESS; 747 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT: 748 psa_set_key_type( 749 attributes, 750 PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)); 751 psa_set_key_bits(attributes, 256); 752 psa_set_key_usage_flags( 753 attributes, 754 PSA_KEY_USAGE_SIGN_HASH | 755 PSA_KEY_USAGE_VERIFY_HASH | 756 PSA_KEY_USAGE_EXPORT); 757 psa_set_key_algorithm( 758 attributes, PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)); 759 760 if (key_buffer_size < sizeof(psa_drv_slot_number_t)) { 761 return PSA_ERROR_BUFFER_TOO_SMALL; 762 } 763 764 *((psa_drv_slot_number_t *) key_buffer) = 765 PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT; 766 *key_buffer_length = sizeof(psa_drv_slot_number_t); 767 return PSA_SUCCESS; 768 default: 769 return PSA_ERROR_DOES_NOT_EXIST; 770 } 771 } 772 773 psa_status_t mbedtls_test_opaque_copy_key( 774 psa_key_attributes_t *attributes, 775 const uint8_t *source_key, size_t source_key_length, 776 uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length) 777 { 778 /* This is a case where the opaque test driver emulates an SE without storage. 779 * With that all key context is stored in the wrapped buffer. 780 * So no additional house keeping is necessary to reference count the 781 * copied keys. This could change when the opaque test driver is extended 782 * to support SE with storage, or to emulate an SE without storage but 783 * still holding some slot references */ 784 if (source_key_length > key_buffer_size) { 785 return PSA_ERROR_BUFFER_TOO_SMALL; 786 } 787 788 memcpy(key_buffer, source_key, source_key_length); 789 *key_buffer_length = source_key_length; 790 (void) attributes; 791 return PSA_SUCCESS; 792 } 793 794 #endif /* PSA_CRYPTO_DRIVER_TEST */