Blame - lib/libmbedtls/mbedtls/library/pk.c - OP-TEE/optee_os

blob: 8d13bc5ce35cc3ec13f4e5523d8c7aa533444b73 [file] [log] [blame]

Jens Wiklander	817466c	2018-05-22 13:49:31 +0200	[diff] [blame]	1	/*
				2	* Public Key abstraction layer
				3	*
				4	* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
				5	* SPDX-License-Identifier: Apache-2.0
				6	*
				7	* Licensed under the Apache License, Version 2.0 (the "License"); you may
				8	* not use this file except in compliance with the License.
				9	* You may obtain a copy of the License at
				10	*
				11	* http://www.apache.org/licenses/LICENSE-2.0
				12	*
				13	* Unless required by applicable law or agreed to in writing, software
				14	* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
				15	* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				16	* See the License for the specific language governing permissions and
				17	* limitations under the License.
				18	*
				19	* This file is part of mbed TLS (https://tls.mbed.org)
				20	*/
				21
				22	#if !defined(MBEDTLS_CONFIG_FILE)
				23	#include "mbedtls/config.h"
				24	#else
				25	#include MBEDTLS_CONFIG_FILE
				26	#endif
				27
				28	#if defined(MBEDTLS_PK_C)
				29	#include "mbedtls/pk.h"
				30	#include "mbedtls/pk_internal.h"
				31
				32	#include "mbedtls/bignum.h"
				33
				34	#if defined(MBEDTLS_RSA_C)
				35	#include "mbedtls/rsa.h"
				36	#endif
				37	#if defined(MBEDTLS_ECP_C)
				38	#include "mbedtls/ecp.h"
				39	#endif
				40	#if defined(MBEDTLS_ECDSA_C)
				41	#include "mbedtls/ecdsa.h"
				42	#endif
				43
				44	#include <limits.h>
				45
				46	/* Implementation that should never be optimized out by the compiler */
				47	static void mbedtls_zeroize( void *v, size_t n ) {
				48	volatile unsigned char p = v; while( n-- ) p++ = 0;
				49	}
				50
				51	/*
				52	* Initialise a mbedtls_pk_context
				53	*/
				54	void mbedtls_pk_init( mbedtls_pk_context *ctx )
				55	{
				56	if( ctx == NULL )
				57	return;
				58
				59	ctx->pk_info = NULL;
				60	ctx->pk_ctx = NULL;
				61	}
				62
				63	/*
				64	* Free (the components of) a mbedtls_pk_context
				65	*/
				66	void mbedtls_pk_free( mbedtls_pk_context *ctx )
				67	{
				68	if( ctx == NULL \|\| ctx->pk_info == NULL )
				69	return;
				70
				71	ctx->pk_info->ctx_free_func( ctx->pk_ctx );
				72
				73	mbedtls_zeroize( ctx, sizeof( mbedtls_pk_context ) );
				74	}
				75
				76	/*
				77	* Get pk_info structure from type
				78	*/
				79	const mbedtls_pk_info_t * mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type )
				80	{
				81	switch( pk_type ) {
				82	#if defined(MBEDTLS_RSA_C)
				83	case MBEDTLS_PK_RSA:
				84	return( &mbedtls_rsa_info );
				85	#endif
				86	#if defined(MBEDTLS_ECP_C)
				87	case MBEDTLS_PK_ECKEY:
				88	return( &mbedtls_eckey_info );
				89	case MBEDTLS_PK_ECKEY_DH:
				90	return( &mbedtls_eckeydh_info );
				91	#endif
				92	#if defined(MBEDTLS_ECDSA_C)
				93	case MBEDTLS_PK_ECDSA:
				94	return( &mbedtls_ecdsa_info );
				95	#endif
				96	/* MBEDTLS_PK_RSA_ALT omitted on purpose */
				97	default:
				98	return( NULL );
				99	}
				100	}
				101
				102	/*
				103	* Initialise context
				104	*/
				105	int mbedtls_pk_setup( mbedtls_pk_context ctx, const mbedtls_pk_info_t info )
				106	{
				107	if( ctx == NULL \|\| info == NULL \|\| ctx->pk_info != NULL )
				108	return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
				109
				110	if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
				111	return( MBEDTLS_ERR_PK_ALLOC_FAILED );
				112
				113	ctx->pk_info = info;
				114
				115	return( 0 );
				116	}
				117
				118	#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
				119	/*
				120	* Initialize an RSA-alt context
				121	*/
				122	int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context ctx, void key,
				123	mbedtls_pk_rsa_alt_decrypt_func decrypt_func,
				124	mbedtls_pk_rsa_alt_sign_func sign_func,
				125	mbedtls_pk_rsa_alt_key_len_func key_len_func )
				126	{
				127	mbedtls_rsa_alt_context *rsa_alt;
				128	const mbedtls_pk_info_t *info = &mbedtls_rsa_alt_info;
				129
				130	if( ctx == NULL \|\| ctx->pk_info != NULL )
				131	return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
				132
				133	if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
				134	return( MBEDTLS_ERR_PK_ALLOC_FAILED );
				135
				136	ctx->pk_info = info;
				137
				138	rsa_alt = (mbedtls_rsa_alt_context *) ctx->pk_ctx;
				139
				140	rsa_alt->key = key;
				141	rsa_alt->decrypt_func = decrypt_func;
				142	rsa_alt->sign_func = sign_func;
				143	rsa_alt->key_len_func = key_len_func;
				144
				145	return( 0 );
				146	}
				147	#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
				148
				149	/*
				150	* Tell if a PK can do the operations of the given type
				151	*/
				152	int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type )
				153	{
				154	/* null or NONE context can't do anything */
				155	if( ctx == NULL \|\| ctx->pk_info == NULL )
				156	return( 0 );
				157
				158	return( ctx->pk_info->can_do( type ) );
				159	}
				160
				161	/*
				162	* Helper for mbedtls_pk_sign and mbedtls_pk_verify
				163	*/
				164	static inline int pk_hashlen_helper( mbedtls_md_type_t md_alg, size_t *hash_len )
				165	{
				166	const mbedtls_md_info_t *md_info;
				167
				168	if( *hash_len != 0 )
				169	return( 0 );
				170
				171	if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL )
				172	return( -1 );
				173
				174	*hash_len = mbedtls_md_get_size( md_info );
				175	return( 0 );
				176	}
				177
				178	/*
				179	* Verify a signature
				180	*/
				181	int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
				182	const unsigned char *hash, size_t hash_len,
				183	const unsigned char *sig, size_t sig_len )
				184	{
				185	if( ctx == NULL \|\| ctx->pk_info == NULL \|\|
				186	pk_hashlen_helper( md_alg, &hash_len ) != 0 )
				187	return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
				188
				189	if( ctx->pk_info->verify_func == NULL )
				190	return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
				191
				192	return( ctx->pk_info->verify_func( ctx->pk_ctx, md_alg, hash, hash_len,
				193	sig, sig_len ) );
				194	}
				195
				196	/*
				197	* Verify a signature with options
				198	*/
				199	int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
				200	mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
				201	const unsigned char *hash, size_t hash_len,
				202	const unsigned char *sig, size_t sig_len )
				203	{
				204	if( ctx == NULL \|\| ctx->pk_info == NULL )
				205	return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
				206
				207	if( ! mbedtls_pk_can_do( ctx, type ) )
				208	return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
				209
				210	if( type == MBEDTLS_PK_RSASSA_PSS )
				211	{
				212	#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21)
				213	int ret;
				214	const mbedtls_pk_rsassa_pss_options *pss_opts;
				215
				216	#if defined(MBEDTLS_HAVE_INT64)
				217	if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len )
				218	return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
				219	#endif /* MBEDTLS_HAVE_INT64 */
				220
				221	if( options == NULL )
				222	return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
				223
				224	pss_opts = (const mbedtls_pk_rsassa_pss_options *) options;
				225
				226	if( sig_len < mbedtls_pk_get_len( ctx ) )
				227	return( MBEDTLS_ERR_RSA_VERIFY_FAILED );
				228
				229	ret = mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_pk_rsa( *ctx ),
				230	NULL, NULL, MBEDTLS_RSA_PUBLIC,
				231	md_alg, (unsigned int) hash_len, hash,
				232	pss_opts->mgf1_hash_id,
				233	pss_opts->expected_salt_len,
				234	sig );
				235	if( ret != 0 )
				236	return( ret );
				237
				238	if( sig_len > mbedtls_pk_get_len( ctx ) )
				239	return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
				240
				241	return( 0 );
				242	#else
				243	return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
				244	#endif /* MBEDTLS_RSA_C && MBEDTLS_PKCS1_V21 */
				245	}
				246
				247	/* General case: no options */
				248	if( options != NULL )
				249	return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
				250
				251	return( mbedtls_pk_verify( ctx, md_alg, hash, hash_len, sig, sig_len ) );
				252	}
				253
				254	/*
				255	* Make a signature
				256	*/
				257	int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
				258	const unsigned char *hash, size_t hash_len,
				259	unsigned char sig, size_t sig_len,
				260	int (f_rng)(void , unsigned char , size_t), void p_rng )
				261	{
				262	if( ctx == NULL \|\| ctx->pk_info == NULL \|\|
				263	pk_hashlen_helper( md_alg, &hash_len ) != 0 )
				264	return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
				265
				266	if( ctx->pk_info->sign_func == NULL )
				267	return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
				268
				269	return( ctx->pk_info->sign_func( ctx->pk_ctx, md_alg, hash, hash_len,
				270	sig, sig_len, f_rng, p_rng ) );
				271	}
				272
				273	/*
				274	* Decrypt message
				275	*/
				276	int mbedtls_pk_decrypt( mbedtls_pk_context *ctx,
				277	const unsigned char *input, size_t ilen,
				278	unsigned char output, size_t olen, size_t osize,
				279	int (f_rng)(void , unsigned char , size_t), void p_rng )
				280	{
				281	if( ctx == NULL \|\| ctx->pk_info == NULL )
				282	return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
				283
				284	if( ctx->pk_info->decrypt_func == NULL )
				285	return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
				286
				287	return( ctx->pk_info->decrypt_func( ctx->pk_ctx, input, ilen,
				288	output, olen, osize, f_rng, p_rng ) );
				289	}
				290
				291	/*
				292	* Encrypt message
				293	*/
				294	int mbedtls_pk_encrypt( mbedtls_pk_context *ctx,
				295	const unsigned char *input, size_t ilen,
				296	unsigned char output, size_t olen, size_t osize,
				297	int (f_rng)(void , unsigned char , size_t), void p_rng )
				298	{
				299	if( ctx == NULL \|\| ctx->pk_info == NULL )
				300	return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
				301
				302	if( ctx->pk_info->encrypt_func == NULL )
				303	return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
				304
				305	return( ctx->pk_info->encrypt_func( ctx->pk_ctx, input, ilen,
				306	output, olen, osize, f_rng, p_rng ) );
				307	}
				308
				309	/*
				310	* Check public-private key pair
				311	*/
				312	int mbedtls_pk_check_pair( const mbedtls_pk_context pub, const mbedtls_pk_context prv )
				313	{
				314	if( pub == NULL \|\| pub->pk_info == NULL \|\|
				315	prv == NULL \|\| prv->pk_info == NULL \|\|
				316	prv->pk_info->check_pair_func == NULL )
				317	{
				318	return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
				319	}
				320
				321	if( prv->pk_info->type == MBEDTLS_PK_RSA_ALT )
				322	{
				323	if( pub->pk_info->type != MBEDTLS_PK_RSA )
				324	return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
				325	}
				326	else
				327	{
				328	if( pub->pk_info != prv->pk_info )
				329	return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
				330	}
				331
				332	return( prv->pk_info->check_pair_func( pub->pk_ctx, prv->pk_ctx ) );
				333	}
				334
				335	/*
				336	* Get key size in bits
				337	*/
				338	size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx )
				339	{
				340	if( ctx == NULL \|\| ctx->pk_info == NULL )
				341	return( 0 );
				342
				343	return( ctx->pk_info->get_bitlen( ctx->pk_ctx ) );
				344	}
				345
				346	/*
				347	* Export debug information
				348	*/
				349	int mbedtls_pk_debug( const mbedtls_pk_context ctx, mbedtls_pk_debug_item items )
				350	{
				351	if( ctx == NULL \|\| ctx->pk_info == NULL )
				352	return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
				353
				354	if( ctx->pk_info->debug_func == NULL )
				355	return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
				356
				357	ctx->pk_info->debug_func( ctx->pk_ctx, items );
				358	return( 0 );
				359	}
				360
				361	/*
				362	* Access the PK type name
				363	*/
				364	const char mbedtls_pk_get_name( const mbedtls_pk_context ctx )
				365	{
				366	if( ctx == NULL \|\| ctx->pk_info == NULL )
				367	return( "invalid PK" );
				368
				369	return( ctx->pk_info->name );
				370	}
				371
				372	/*
				373	* Access the PK type
				374	*/
				375	mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx )
				376	{
				377	if( ctx == NULL \|\| ctx->pk_info == NULL )
				378	return( MBEDTLS_PK_NONE );
				379
				380	return( ctx->pk_info->type );
				381	}
				382
				383	#endif /* MBEDTLS_PK_C */