1 /*
2 * Test driver for generating and verifying keys.
3 * Currently only supports generating and verifying ECC keys.
4 */
5 /* Copyright The Mbed TLS Contributors
6 * SPDX-License-Identifier: Apache-2.0
7 *
8 * Licensed under the Apache License, Version 2.0 (the "License"); you may
9 * not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
11 *
12 * http://www.apache.org/licenses/LICENSE-2.0
13 *
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 */
20
21 #include <test/helpers.h>
22
23 #if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
24 #include "psa/crypto.h"
25 #include "psa_crypto_core.h"
26 #include "psa_crypto_ecp.h"
27 #include "psa_crypto_rsa.h"
28 #include "mbedtls/ecp.h"
29 #include "mbedtls/error.h"
30
31 #include "test/drivers/key_management.h"
32
33 #include "test/random.h"
34
35 #include <string.h>
36
37 mbedtls_test_driver_key_management_hooks_t
38 mbedtls_test_driver_key_management_hooks = MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT;
39
40 const uint8_t mbedtls_test_driver_aes_key[16] =
41 { 0x36, 0x77, 0x39, 0x7A, 0x24, 0x43, 0x26, 0x46,
42 0x29, 0x4A, 0x40, 0x4E, 0x63, 0x52, 0x66, 0x55 };
43 const uint8_t mbedtls_test_driver_ecdsa_key[32] =
44 { 0xdc, 0x7d, 0x9d, 0x26, 0xd6, 0x7a, 0x4f, 0x63,
45 0x2c, 0x34, 0xc2, 0xdc, 0x0b, 0x69, 0x86, 0x18,
46 0x38, 0x82, 0xc2, 0x06, 0xdf, 0x04, 0xcd, 0xb7,
47 0xd6, 0x9a, 0xab, 0xe2, 0x8b, 0xe4, 0xf8, 0x1a };
48 const uint8_t mbedtls_test_driver_ecdsa_pubkey[65] =
49 { 0x04,
50 0x85, 0xf6, 0x4d, 0x89, 0xf0, 0x0b, 0xe6, 0x6c,
51 0x88, 0xdd, 0x93, 0x7e, 0xfd, 0x6d, 0x7c, 0x44,
52 0x56, 0x48, 0xdc, 0xb7, 0x01, 0x15, 0x0b, 0x8a,
53 0x95, 0x09, 0x29, 0x58, 0x50, 0xf4, 0x1c, 0x19,
54 0x31, 0xe5, 0x71, 0xfb, 0x8f, 0x8c, 0x78, 0x31,
55 0x7a, 0x20, 0xb3, 0x80, 0xe8, 0x66, 0x58, 0x4b,
56 0xbc, 0x25, 0x16, 0xc3, 0xd2, 0x70, 0x2d, 0x79,
57 0x2f, 0x13, 0x1a, 0x92, 0x20, 0x95, 0xfd, 0x6c };
58
59
60 /*
61 * This macro returns the base size for the key context when SE does not
62 * support storage. It is the size of the metadata that gets added to the
63 * wrapped key. In its test functionality the metadata is just some padded
64 * prefixing to the key.
65 */
66 #define TEST_DRIVER_KEY_CONTEXT_BASE_SIZE \
67 PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX_SIZE
68
69
mbedtls_test_opaque_size_function(const psa_key_type_t key_type,const size_t key_bits)70 size_t mbedtls_test_opaque_size_function(
71 const psa_key_type_t key_type,
72 const size_t key_bits )
73 {
74 size_t key_buffer_size = 0;
75
76 key_buffer_size = PSA_EXPORT_KEY_OUTPUT_SIZE( key_type, key_bits );
77 if( key_buffer_size == 0 )
78 return( 0 );
79 /* Include spacing for base size overhead over the key size
80 * */
81 key_buffer_size += TEST_DRIVER_KEY_CONTEXT_BASE_SIZE;
82 return( key_buffer_size );
83 }
84
mbedtls_test_opaque_get_base_size()85 static size_t mbedtls_test_opaque_get_base_size()
86 {
87 return TEST_DRIVER_KEY_CONTEXT_BASE_SIZE;
88 }
89
90 /*
91 * The wrap function mbedtls_test_opaque_wrap_key pads and wraps the
92 * clear key. It expects the clear and wrap buffers to be passed in.
93 * key_length is the size of the clear key to be wrapped.
94 * wrapped_key_buffer_size is the size of the output buffer wrap_key.
95 * The argument wrapped_key_buffer_length is filled with the wrapped
96 * key_size on success.
97 * */
mbedtls_test_opaque_wrap_key(const uint8_t * key,size_t key_length,uint8_t * wrapped_key_buffer,size_t wrapped_key_buffer_size,size_t * wrapped_key_buffer_length)98 static psa_status_t mbedtls_test_opaque_wrap_key(
99 const uint8_t *key,
100 size_t key_length,
101 uint8_t *wrapped_key_buffer,
102 size_t wrapped_key_buffer_size,
103 size_t *wrapped_key_buffer_length )
104 {
105 size_t opaque_key_base_size = mbedtls_test_opaque_get_base_size();
106 uint64_t prefix = PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX;
107
108 if( key_length + opaque_key_base_size > wrapped_key_buffer_size )
109 return( PSA_ERROR_BUFFER_TOO_SMALL );
110
111 /* Write in the opaque pad prefix */
112 memcpy( wrapped_key_buffer, &prefix, opaque_key_base_size );
113 wrapped_key_buffer += opaque_key_base_size;
114 *wrapped_key_buffer_length = key_length + opaque_key_base_size;
115
116 while( key_length-- )
117 wrapped_key_buffer[key_length] = key[key_length] ^ 0xFF;
118 return( PSA_SUCCESS );
119 }
120
121 /*
122 * The unwrap function mbedtls_test_opaque_unwrap_key removes a pad prefix
123 * and unwraps the wrapped key. It expects the clear and wrap buffers to be
124 * passed in.
125 * wrapped_key_length is the size of the wrapped key,
126 * key_buffer_size is the size of the output buffer clear_key.
127 * The argument key_buffer_length is filled with the unwrapped(clear)
128 * key_size on success.
129 * */
mbedtls_test_opaque_unwrap_key(const uint8_t * wrapped_key,size_t wrapped_key_length,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length)130 static psa_status_t mbedtls_test_opaque_unwrap_key(
131 const uint8_t *wrapped_key,
132 size_t wrapped_key_length,
133 uint8_t *key_buffer,
134 size_t key_buffer_size,
135 size_t *key_buffer_length)
136 {
137 /* Remove the pad prefix from the wrapped key */
138 size_t opaque_key_base_size = mbedtls_test_opaque_get_base_size();
139 size_t clear_key_size;
140
141 /* Check for underflow */
142 if( wrapped_key_length < opaque_key_base_size )
143 return( PSA_ERROR_DATA_CORRUPT );
144 clear_key_size = wrapped_key_length - opaque_key_base_size;
145
146 wrapped_key += opaque_key_base_size;
147 if( clear_key_size > key_buffer_size )
148 return( PSA_ERROR_BUFFER_TOO_SMALL );
149
150 *key_buffer_length = clear_key_size;
151 while( clear_key_size-- )
152 key_buffer[clear_key_size] = wrapped_key[clear_key_size] ^ 0xFF;
153 return( PSA_SUCCESS );
154 }
155
mbedtls_test_transparent_generate_key(const psa_key_attributes_t * attributes,uint8_t * key,size_t key_size,size_t * key_length)156 psa_status_t mbedtls_test_transparent_generate_key(
157 const psa_key_attributes_t *attributes,
158 uint8_t *key, size_t key_size, size_t *key_length )
159 {
160 ++mbedtls_test_driver_key_management_hooks.hits;
161
162 if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
163 return( mbedtls_test_driver_key_management_hooks.forced_status );
164
165 if( mbedtls_test_driver_key_management_hooks.forced_output != NULL )
166 {
167 if( mbedtls_test_driver_key_management_hooks.forced_output_length >
168 key_size )
169 return( PSA_ERROR_BUFFER_TOO_SMALL );
170 memcpy( key, mbedtls_test_driver_key_management_hooks.forced_output,
171 mbedtls_test_driver_key_management_hooks.forced_output_length );
172 *key_length = mbedtls_test_driver_key_management_hooks.forced_output_length;
173 return( PSA_SUCCESS );
174 }
175
176 /* Copied from psa_crypto.c */
177 #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR)
178 if ( PSA_KEY_TYPE_IS_ECC( psa_get_key_type( attributes ) )
179 && PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) )
180 {
181 return( mbedtls_transparent_test_driver_ecp_generate_key(
182 attributes, key, key_size, key_length ) );
183 }
184 else
185 #endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) */
186
187 #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR)
188 if ( psa_get_key_type( attributes ) == PSA_KEY_TYPE_RSA_KEY_PAIR )
189 return( mbedtls_transparent_test_driver_rsa_generate_key(
190 attributes, key, key_size, key_length ) );
191 else
192 #endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) */
193 {
194 (void)attributes;
195 return( PSA_ERROR_NOT_SUPPORTED );
196 }
197 }
198
mbedtls_test_opaque_generate_key(const psa_key_attributes_t * attributes,uint8_t * key,size_t key_size,size_t * key_length)199 psa_status_t mbedtls_test_opaque_generate_key(
200 const psa_key_attributes_t *attributes,
201 uint8_t *key, size_t key_size, size_t *key_length )
202 {
203 (void) attributes;
204 (void) key;
205 (void) key_size;
206 (void) key_length;
207 return( PSA_ERROR_NOT_SUPPORTED );
208 }
209
mbedtls_test_transparent_import_key(const psa_key_attributes_t * attributes,const uint8_t * data,size_t data_length,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length,size_t * bits)210 psa_status_t mbedtls_test_transparent_import_key(
211 const psa_key_attributes_t *attributes,
212 const uint8_t *data,
213 size_t data_length,
214 uint8_t *key_buffer,
215 size_t key_buffer_size,
216 size_t *key_buffer_length,
217 size_t *bits)
218 {
219 ++mbedtls_test_driver_key_management_hooks.hits;
220
221 if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
222 return( mbedtls_test_driver_key_management_hooks.forced_status );
223
224 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
225 psa_key_type_t type = psa_get_key_type( attributes );
226
227 #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
228 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
229 if( PSA_KEY_TYPE_IS_ECC( type ) )
230 {
231 status = mbedtls_test_driver_ecp_import_key(
232 attributes,
233 data, data_length,
234 key_buffer, key_buffer_size,
235 key_buffer_length, bits );
236 }
237 else
238 #endif
239 #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \
240 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
241 if( PSA_KEY_TYPE_IS_RSA( type ) )
242 {
243 status = mbedtls_test_driver_rsa_import_key(
244 attributes,
245 data, data_length,
246 key_buffer, key_buffer_size,
247 key_buffer_length, bits );
248 }
249 else
250 #endif
251 {
252 status = PSA_ERROR_NOT_SUPPORTED;
253 (void)data;
254 (void)data_length;
255 (void)key_buffer;
256 (void)key_buffer_size;
257 (void)key_buffer_length;
258 (void)bits;
259 (void)type;
260 }
261
262 return( status );
263 }
264
265
mbedtls_test_opaque_import_key(const psa_key_attributes_t * attributes,const uint8_t * data,size_t data_length,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length,size_t * bits)266 psa_status_t mbedtls_test_opaque_import_key(
267 const psa_key_attributes_t *attributes,
268 const uint8_t *data,
269 size_t data_length,
270 uint8_t *key_buffer,
271 size_t key_buffer_size,
272 size_t *key_buffer_length,
273 size_t *bits)
274 {
275 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
276 psa_key_type_t type = psa_get_key_type( attributes );
277 /* This buffer will be used as an intermediate placeholder for
278 * the clear key till we wrap it */
279 uint8_t *key_buffer_temp;
280
281 key_buffer_temp = mbedtls_calloc( 1, key_buffer_size );
282 if( key_buffer_temp == NULL )
283 return( PSA_ERROR_INSUFFICIENT_MEMORY );
284
285 if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) )
286 {
287 *bits = PSA_BYTES_TO_BITS( data_length );
288
289 status = psa_validate_unstructured_key_bit_size( type,
290 *bits );
291 if( status != PSA_SUCCESS )
292 goto exit;
293
294 if( data_length > key_buffer_size )
295 return( PSA_ERROR_BUFFER_TOO_SMALL );
296
297 /* Copy the key material accounting for opaque key padding. */
298 memcpy( key_buffer_temp, data, data_length );
299 *key_buffer_length = data_length;
300 }
301 #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
302 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
303 else if( PSA_KEY_TYPE_IS_ECC( type ) )
304 {
305 status = mbedtls_test_driver_ecp_import_key(
306 attributes,
307 data, data_length,
308 key_buffer_temp,
309 key_buffer_size,
310 key_buffer_length, bits );
311 if( status != PSA_SUCCESS )
312 goto exit;
313 }
314 else
315 #endif
316 #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \
317 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
318 if( PSA_KEY_TYPE_IS_RSA( type ) )
319 {
320 status = mbedtls_test_driver_rsa_import_key(
321 attributes,
322 data, data_length,
323 key_buffer_temp,
324 key_buffer_size,
325 key_buffer_length, bits );
326 if( status != PSA_SUCCESS )
327 goto exit;
328 }
329 else
330 #endif
331 {
332 status = PSA_ERROR_INVALID_ARGUMENT;
333 goto exit;
334 }
335 status = mbedtls_test_opaque_wrap_key( key_buffer_temp, *key_buffer_length,
336 key_buffer, key_buffer_size, key_buffer_length );
337 exit:
338 mbedtls_free( key_buffer_temp );
339 return( status );
340 }
341
mbedtls_test_opaque_export_key(const psa_key_attributes_t * attributes,const uint8_t * key,size_t key_length,uint8_t * data,size_t data_size,size_t * data_length)342 psa_status_t mbedtls_test_opaque_export_key(
343 const psa_key_attributes_t *attributes,
344 const uint8_t *key, size_t key_length,
345 uint8_t *data, size_t data_size, size_t *data_length )
346 {
347 if( key_length == sizeof( psa_drv_slot_number_t ) )
348 {
349 /* Assume this is a builtin key based on the key material length. */
350 psa_drv_slot_number_t slot_number = *( ( psa_drv_slot_number_t* ) key );
351
352 switch( slot_number )
353 {
354 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT:
355 /* This is the ECDSA slot. Verify the key's attributes before
356 * returning the private key. */
357 if( psa_get_key_type( attributes ) !=
358 PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) )
359 return( PSA_ERROR_CORRUPTION_DETECTED );
360 if( psa_get_key_bits( attributes ) != 256 )
361 return( PSA_ERROR_CORRUPTION_DETECTED );
362 if( psa_get_key_algorithm( attributes ) !=
363 PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) )
364 return( PSA_ERROR_CORRUPTION_DETECTED );
365 if( ( psa_get_key_usage_flags( attributes ) &
366 PSA_KEY_USAGE_EXPORT ) == 0 )
367 return( PSA_ERROR_CORRUPTION_DETECTED );
368
369 if( data_size < sizeof( mbedtls_test_driver_ecdsa_key ) )
370 return( PSA_ERROR_BUFFER_TOO_SMALL );
371
372 memcpy( data, mbedtls_test_driver_ecdsa_key,
373 sizeof( mbedtls_test_driver_ecdsa_key ) );
374 *data_length = sizeof( mbedtls_test_driver_ecdsa_key );
375 return( PSA_SUCCESS );
376
377 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT:
378 /* This is the AES slot. Verify the key's attributes before
379 * returning the key. */
380 if( psa_get_key_type( attributes ) != PSA_KEY_TYPE_AES )
381 return( PSA_ERROR_CORRUPTION_DETECTED );
382 if( psa_get_key_bits( attributes ) != 128 )
383 return( PSA_ERROR_CORRUPTION_DETECTED );
384 if( psa_get_key_algorithm( attributes ) != PSA_ALG_CTR )
385 return( PSA_ERROR_CORRUPTION_DETECTED );
386 if( ( psa_get_key_usage_flags( attributes ) &
387 PSA_KEY_USAGE_EXPORT ) == 0 )
388 return( PSA_ERROR_CORRUPTION_DETECTED );
389
390 if( data_size < sizeof( mbedtls_test_driver_aes_key ) )
391 return( PSA_ERROR_BUFFER_TOO_SMALL );
392
393 memcpy( data, mbedtls_test_driver_aes_key,
394 sizeof( mbedtls_test_driver_aes_key ) );
395 *data_length = sizeof( mbedtls_test_driver_aes_key );
396 return( PSA_SUCCESS );
397
398 default:
399 return( PSA_ERROR_DOES_NOT_EXIST );
400 }
401 }
402 else
403 {
404 /* This buffer will be used as an intermediate placeholder for
405 * the opaque key till we unwrap the key into key_buffer */
406 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
407 psa_key_type_t type = psa_get_key_type( attributes );
408
409 if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) ||
410 PSA_KEY_TYPE_IS_RSA( type ) ||
411 PSA_KEY_TYPE_IS_ECC( type ) )
412 {
413 status = mbedtls_test_opaque_unwrap_key( key, key_length,
414 data, data_size, data_length );
415 return( status );
416 }
417 }
418 return( PSA_ERROR_NOT_SUPPORTED );
419 }
420
mbedtls_test_transparent_export_public_key(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,uint8_t * data,size_t data_size,size_t * data_length)421 psa_status_t mbedtls_test_transparent_export_public_key(
422 const psa_key_attributes_t *attributes,
423 const uint8_t *key_buffer, size_t key_buffer_size,
424 uint8_t *data, size_t data_size, size_t *data_length )
425 {
426 ++mbedtls_test_driver_key_management_hooks.hits;
427
428 if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
429 return( mbedtls_test_driver_key_management_hooks.forced_status );
430
431 if( mbedtls_test_driver_key_management_hooks.forced_output != NULL )
432 {
433 if( mbedtls_test_driver_key_management_hooks.forced_output_length >
434 data_size )
435 return( PSA_ERROR_BUFFER_TOO_SMALL );
436 memcpy( data, mbedtls_test_driver_key_management_hooks.forced_output,
437 mbedtls_test_driver_key_management_hooks.forced_output_length );
438 *data_length = mbedtls_test_driver_key_management_hooks.forced_output_length;
439 return( PSA_SUCCESS );
440 }
441
442 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
443 psa_key_type_t key_type = psa_get_key_type( attributes );
444
445 #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
446 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
447 if( PSA_KEY_TYPE_IS_ECC( key_type ) )
448 {
449 status = mbedtls_test_driver_ecp_export_public_key(
450 attributes,
451 key_buffer, key_buffer_size,
452 data, data_size, data_length );
453 }
454 else
455 #endif
456 #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \
457 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
458 if( PSA_KEY_TYPE_IS_RSA( key_type ) )
459 {
460 status = mbedtls_test_driver_rsa_export_public_key(
461 attributes,
462 key_buffer, key_buffer_size,
463 data, data_size, data_length );
464 }
465 else
466 #endif
467 {
468 status = PSA_ERROR_NOT_SUPPORTED;
469 (void)key_buffer;
470 (void)key_buffer_size;
471 (void)key_type;
472 }
473
474 return( status );
475 }
476
mbedtls_test_opaque_export_public_key(const psa_key_attributes_t * attributes,const uint8_t * key,size_t key_length,uint8_t * data,size_t data_size,size_t * data_length)477 psa_status_t mbedtls_test_opaque_export_public_key(
478 const psa_key_attributes_t *attributes,
479 const uint8_t *key, size_t key_length,
480 uint8_t *data, size_t data_size, size_t *data_length )
481 {
482 if( key_length != sizeof( psa_drv_slot_number_t ) )
483 {
484 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
485 psa_key_type_t key_type = psa_get_key_type( attributes );
486 uint8_t *key_buffer_temp;
487
488 key_buffer_temp = mbedtls_calloc( 1, key_length );
489 if( key_buffer_temp == NULL )
490 return( PSA_ERROR_INSUFFICIENT_MEMORY );
491
492 #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
493 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
494 if( PSA_KEY_TYPE_IS_ECC( key_type ) )
495 {
496 status = mbedtls_test_opaque_unwrap_key( key, key_length,
497 key_buffer_temp, key_length, data_length );
498 if( status == PSA_SUCCESS )
499 status = mbedtls_test_driver_ecp_export_public_key(
500 attributes,
501 key_buffer_temp, *data_length,
502 data, data_size, data_length );
503 }
504 else
505 #endif
506 #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \
507 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
508 if( PSA_KEY_TYPE_IS_RSA( key_type ) )
509 {
510 status = mbedtls_test_opaque_unwrap_key( key, key_length,
511 key_buffer_temp, key_length, data_length );
512 if( status == PSA_SUCCESS )
513 status = mbedtls_test_driver_rsa_export_public_key(
514 attributes,
515 key_buffer_temp, *data_length,
516 data, data_size, data_length );
517 }
518 else
519 #endif
520 {
521 status = PSA_ERROR_NOT_SUPPORTED;
522 (void)key;
523 (void)key_type;
524 }
525 mbedtls_free( key_buffer_temp );
526 return( status );
527 }
528
529 /* Assume this is a builtin key based on the key material length. */
530 psa_drv_slot_number_t slot_number = *( ( psa_drv_slot_number_t* ) key );
531 switch( slot_number )
532 {
533 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT:
534 /* This is the ECDSA slot. Verify the key's attributes before
535 * returning the public key. */
536 if( psa_get_key_type( attributes ) !=
537 PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) )
538 return( PSA_ERROR_CORRUPTION_DETECTED );
539 if( psa_get_key_bits( attributes ) != 256 )
540 return( PSA_ERROR_CORRUPTION_DETECTED );
541 if( psa_get_key_algorithm( attributes ) !=
542 PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) )
543 return( PSA_ERROR_CORRUPTION_DETECTED );
544
545 if( data_size < sizeof( mbedtls_test_driver_ecdsa_pubkey ) )
546 return( PSA_ERROR_BUFFER_TOO_SMALL );
547
548 memcpy( data, mbedtls_test_driver_ecdsa_pubkey,
549 sizeof( mbedtls_test_driver_ecdsa_pubkey ) );
550 *data_length = sizeof( mbedtls_test_driver_ecdsa_pubkey );
551 return( PSA_SUCCESS );
552
553 default:
554 return( PSA_ERROR_DOES_NOT_EXIST );
555 }
556 }
557
558 /* The opaque test driver exposes two built-in keys when builtin key support is
559 * compiled in.
560 * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT is an AES-128
561 * key which allows CTR mode.
562 * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT is a secp256r1
563 * private key which allows ECDSA sign & verify.
564 * The key buffer format for these is the raw format of psa_drv_slot_number_t
565 * (i.e. for an actual driver this would mean 'builtin_key_size' =
566 * sizeof(psa_drv_slot_number_t)).
567 */
mbedtls_test_opaque_get_builtin_key(psa_drv_slot_number_t slot_number,psa_key_attributes_t * attributes,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length)568 psa_status_t mbedtls_test_opaque_get_builtin_key(
569 psa_drv_slot_number_t slot_number,
570 psa_key_attributes_t *attributes,
571 uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
572 {
573 switch( slot_number )
574 {
575 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT:
576 psa_set_key_type( attributes, PSA_KEY_TYPE_AES );
577 psa_set_key_bits( attributes, 128 );
578 psa_set_key_usage_flags(
579 attributes,
580 PSA_KEY_USAGE_ENCRYPT |
581 PSA_KEY_USAGE_DECRYPT |
582 PSA_KEY_USAGE_EXPORT );
583 psa_set_key_algorithm( attributes, PSA_ALG_CTR );
584
585 if( key_buffer_size < sizeof( psa_drv_slot_number_t ) )
586 return( PSA_ERROR_BUFFER_TOO_SMALL );
587
588 *( (psa_drv_slot_number_t*) key_buffer ) =
589 PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT;
590 *key_buffer_length = sizeof( psa_drv_slot_number_t );
591 return( PSA_SUCCESS );
592 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT:
593 psa_set_key_type(
594 attributes,
595 PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) );
596 psa_set_key_bits( attributes, 256 );
597 psa_set_key_usage_flags(
598 attributes,
599 PSA_KEY_USAGE_SIGN_HASH |
600 PSA_KEY_USAGE_VERIFY_HASH |
601 PSA_KEY_USAGE_EXPORT );
602 psa_set_key_algorithm(
603 attributes, PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) );
604
605 if( key_buffer_size < sizeof( psa_drv_slot_number_t ) )
606 return( PSA_ERROR_BUFFER_TOO_SMALL );
607
608 *( (psa_drv_slot_number_t*) key_buffer ) =
609 PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT;
610 *key_buffer_length = sizeof( psa_drv_slot_number_t );
611 return( PSA_SUCCESS );
612 default:
613 return( PSA_ERROR_DOES_NOT_EXIST );
614 }
615 }
616
mbedtls_test_opaque_copy_key(psa_key_attributes_t * attributes,const uint8_t * source_key,size_t source_key_length,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length)617 psa_status_t mbedtls_test_opaque_copy_key(
618 psa_key_attributes_t *attributes,
619 const uint8_t *source_key, size_t source_key_length,
620 uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length)
621 {
622 /* This is a case where the opaque test driver emulates an SE without storage.
623 * With that all key context is stored in the wrapped buffer.
624 * So no additional house keeping is necessary to reference count the
625 * copied keys. This could change when the opaque test driver is extended
626 * to support SE with storage, or to emulate an SE without storage but
627 * still holding some slot references */
628 if( source_key_length > key_buffer_size )
629 return( PSA_ERROR_BUFFER_TOO_SMALL );
630
631 memcpy( key_buffer, source_key, source_key_length );
632 *key_buffer_length = source_key_length;
633 (void)attributes;
634 return( PSA_SUCCESS );
635 }
636
637 #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
638