Rename 'keygen' to 'key management'
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
diff --git a/tests/src/drivers/key_management.c b/tests/src/drivers/key_management.c
new file mode 100644
index 0000000..6ca03c6
--- /dev/null
+++ b/tests/src/drivers/key_management.c
@@ -0,0 +1,237 @@
+/*
+ * Test driver for generating and verifying keys.
+ * Currently only supports generating and verifying ECC keys.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
+#include "psa/crypto.h"
+#include "psa_crypto_core.h"
+#include "mbedtls/ecp.h"
+#include "mbedtls/error.h"
+
+#include "test/drivers/key_management.h"
+
+#include "test/random.h"
+
+#include <string.h>
+
+test_driver_key_management_hooks_t test_driver_key_management_hooks =
+ TEST_DRIVER_KEY_MANAGEMENT_INIT;
+
+psa_status_t test_transparent_generate_key(
+ const psa_key_attributes_t *attributes,
+ uint8_t *key, size_t key_size, size_t *key_length )
+{
+ ++test_driver_key_management_hooks.hits;
+
+ if( test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
+ return( test_driver_key_management_hooks.forced_status );
+
+ if( test_driver_key_management_hooks.forced_output != NULL )
+ {
+ if( test_driver_key_management_hooks.forced_output_length > key_size )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+ memcpy( key, test_driver_key_management_hooks.forced_output,
+ test_driver_key_management_hooks.forced_output_length );
+ *key_length = test_driver_key_management_hooks.forced_output_length;
+ return( PSA_SUCCESS );
+ }
+
+ /* Copied from psa_crypto.c */
+#if defined(MBEDTLS_ECP_C)
+ if ( PSA_KEY_TYPE_IS_ECC( psa_get_key_type( attributes ) )
+ && PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) )
+ {
+ psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY(
+ psa_get_key_type( attributes ) );
+ mbedtls_ecp_group_id grp_id =
+ mbedtls_ecc_group_of_psa(
+ curve,
+ PSA_BITS_TO_BYTES( psa_get_key_bits( attributes ) ) );
+ const mbedtls_ecp_curve_info *curve_info =
+ mbedtls_ecp_curve_info_from_grp_id( grp_id );
+ mbedtls_ecp_keypair ecp;
+ mbedtls_test_rnd_pseudo_info rnd_info;
+ memset( &rnd_info, 0x5A, sizeof( mbedtls_test_rnd_pseudo_info ) );
+
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ if( attributes->domain_parameters_size != 0 )
+ return( PSA_ERROR_NOT_SUPPORTED );
+ if( grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL )
+ return( PSA_ERROR_NOT_SUPPORTED );
+ if( curve_info->bit_size != psa_get_key_bits( attributes ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ mbedtls_ecp_keypair_init( &ecp );
+ ret = mbedtls_ecp_gen_key( grp_id, &ecp,
+ &mbedtls_test_rnd_pseudo_rand,
+ &rnd_info );
+ if( ret != 0 )
+ {
+ mbedtls_ecp_keypair_free( &ecp );
+ return( mbedtls_to_psa_error( ret ) );
+ }
+
+ /* Make sure to use export representation */
+ size_t bytes = PSA_BITS_TO_BYTES( psa_get_key_bits( attributes ) );
+ if( key_size < bytes )
+ {
+ mbedtls_ecp_keypair_free( &ecp );
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+ }
+ psa_status_t status = mbedtls_to_psa_error(
+ mbedtls_mpi_write_binary( &ecp.d, key, bytes ) );
+
+ if( status == PSA_SUCCESS )
+ {
+ *key_length = bytes;
+ }
+
+ mbedtls_ecp_keypair_free( &ecp );
+ return( status );
+ }
+ else
+#endif /* MBEDTLS_ECP_C */
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t test_opaque_generate_key(
+ const psa_key_attributes_t *attributes,
+ uint8_t *key, size_t key_size, size_t *key_length )
+{
+ (void) attributes;
+ (void) key;
+ (void) key_size;
+ (void) key_length;
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t test_transparent_validate_key(const psa_key_attributes_t *attributes,
+ const uint8_t *data,
+ size_t data_length,
+ size_t *bits)
+{
+ ++test_driver_key_management_hooks.hits;
+
+ if( test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
+ return( test_driver_key_management_hooks.forced_status );
+
+#if defined(MBEDTLS_ECP_C)
+ psa_key_type_t type = psa_get_key_type( attributes );
+ if ( PSA_KEY_TYPE_IS_ECC( type ) )
+ {
+ // Code mostly copied from psa_load_ecp_representation
+ psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY( type );
+ mbedtls_ecp_group_id grp_id;
+ mbedtls_ecp_keypair ecp;
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+ if( *bits == 0 )
+ {
+ // Attempt auto-detect of curve bit size
+ size_t curve_size = data_length;
+
+ if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) &&
+ PSA_KEY_TYPE_ECC_GET_FAMILY( type ) != PSA_ECC_FAMILY_MONTGOMERY )
+ {
+ /* A Weierstrass public key is represented as:
+ * - The byte 0x04;
+ * - `x_P` as a `ceiling(m/8)`-byte string, big-endian;
+ * - `y_P` as a `ceiling(m/8)`-byte string, big-endian.
+ * So its data length is 2m+1 where m is the curve size in bits.
+ */
+ if( ( data_length & 1 ) == 0 )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ curve_size = data_length / 2;
+
+ /* Montgomery public keys are represented in compressed format, meaning
+ * their curve_size is equal to the amount of input. */
+
+ /* Private keys are represented in uncompressed private random integer
+ * format, meaning their curve_size is equal to the amount of input. */
+ }
+
+ grp_id = mbedtls_ecc_group_of_psa( curve, curve_size );
+ }
+ else
+ {
+ grp_id = mbedtls_ecc_group_of_psa( curve,
+ PSA_BITS_TO_BYTES( psa_get_key_bits( attributes ) ) );
+ }
+
+ const mbedtls_ecp_curve_info *curve_info =
+ mbedtls_ecp_curve_info_from_grp_id( grp_id );
+
+ if( attributes->domain_parameters_size != 0 )
+ return( PSA_ERROR_NOT_SUPPORTED );
+ if( grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL )
+ return( PSA_ERROR_NOT_SUPPORTED );
+
+ *bits = curve_info->bit_size;
+
+ mbedtls_ecp_keypair_init( &ecp );
+
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_group_load( &ecp.grp, grp_id ) );
+ if( status != PSA_SUCCESS )
+ goto ecp_exit;
+
+ /* Load the key material. */
+ if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) )
+ {
+ /* Load the public value. */
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_point_read_binary( &ecp.grp, &ecp.Q,
+ data,
+ data_length ) );
+ if( status != PSA_SUCCESS )
+ goto ecp_exit;
+
+ /* Check that the point is on the curve. */
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_check_pubkey( &ecp.grp, &ecp.Q ) );
+ }
+ else
+ {
+ /* Load and validate the secret value. */
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_read_key( ecp.grp.id,
+ &ecp,
+ data,
+ data_length ) );
+ }
+
+ecp_exit:
+ mbedtls_ecp_keypair_free( &ecp );
+ return( status );
+ }
+ return( PSA_ERROR_NOT_SUPPORTED );
+#else
+ (void) data;
+ (void) data_length;
+ (void) bits;
+ return( PSA_ERROR_NOT_SUPPORTED );
+#endif /* MBEDTLS_ECP_C */
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */