TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / 1a0fbacde1f2fbc85eded52eed917dbb5131b804 / . / tests / src / drivers / key_management.c
blob: e908daf46595c28d29544c8c339062743c3fb95f [file] [log] [blame]
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]1/*
Steven Cooreman04524762020-10-13 17:43:44 +0200[diff] [blame]2 * Test driver for generating and verifying keys.
3 * Currently only supports generating and verifying ECC keys.
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]4 */
Steven Cooreman2c7b2f82020-09-02 13:43:46 +0200[diff] [blame]5/* Copyright The Mbed TLS Contributors
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]6 * SPDX-License-Identifier: Apache-2.0
7 *
8 * Licensed under the Apache License, Version 2.0 (the "License"); you may
9 * not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
11 *
12 * http://www.apache.org/licenses/LICENSE-2.0
13 *
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]19 */
20
21#if !defined(MBEDTLS_CONFIG_FILE)
22#include "mbedtls/config.h"
23#else
24#include MBEDTLS_CONFIG_FILE
25#endif
26
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]27#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]28#include "psa/crypto.h"
Steven Cooreman15f58d22020-09-04 13:05:23 +0200[diff] [blame]29#include "psa_crypto_core.h"
Ronald Cronf1057d32020-11-26 19:19:10 +0100[diff] [blame]30#include "psa_crypto_ecp.h"
31#include "psa_crypto_rsa.h"
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]32#include "mbedtls/ecp.h"
33#include "mbedtls/error.h"
34
Steven Cooremanc4813a62020-10-23 11:45:43 +0200[diff] [blame]35#include "test/drivers/key_management.h"
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]36
37#include "test/random.h"
38
39#include <string.h>
40
Steven Cooremanc4813a62020-10-23 11:45:43 +0200[diff] [blame]41test_driver_key_management_hooks_t test_driver_key_management_hooks =
42 TEST_DRIVER_KEY_MANAGEMENT_INIT;
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]43
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]44const uint8_t test_driver_aes_key[16] =
45 { 0x36, 0x77, 0x39, 0x7A, 0x24, 0x43, 0x26, 0x46,
46 0x29, 0x4A, 0x40, 0x4E, 0x63, 0x52, 0x66, 0x55 };
47const uint8_t test_driver_ecdsa_key[32] =
48 { 0xdc, 0x7d, 0x9d, 0x26, 0xd6, 0x7a, 0x4f, 0x63,
49 0x2c, 0x34, 0xc2, 0xdc, 0x0b, 0x69, 0x86, 0x18,
50 0x38, 0x82, 0xc2, 0x06, 0xdf, 0x04, 0xcd, 0xb7,
51 0xd6, 0x9a, 0xab, 0xe2, 0x8b, 0xe4, 0xf8, 0x1a };
52const uint8_t test_driver_ecdsa_pubkey[65] =
53 { 0x04,
54 0x85, 0xf6, 0x4d, 0x89, 0xf0, 0x0b, 0xe6, 0x6c,
55 0x88, 0xdd, 0x93, 0x7e, 0xfd, 0x6d, 0x7c, 0x44,
56 0x56, 0x48, 0xdc, 0xb7, 0x01, 0x15, 0x0b, 0x8a,
57 0x95, 0x09, 0x29, 0x58, 0x50, 0xf4, 0x1c, 0x19,
58 0x31, 0xe5, 0x71, 0xfb, 0x8f, 0x8c, 0x78, 0x31,
59 0x7a, 0x20, 0xb3, 0x80, 0xe8, 0x66, 0x58, 0x4b,
60 0xbc, 0x25, 0x16, 0xc3, 0xd2, 0x70, 0x2d, 0x79,
61 0x2f, 0x13, 0x1a, 0x92, 0x20, 0x95, 0xfd, 0x6c };
62
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]63psa_status_t test_transparent_generate_key(
64 const psa_key_attributes_t *attributes,
65 uint8_t *key, size_t key_size, size_t *key_length )
66{
Steven Cooremanc4813a62020-10-23 11:45:43 +0200[diff] [blame]67 ++test_driver_key_management_hooks.hits;
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]68
Steven Cooremanc4813a62020-10-23 11:45:43 +0200[diff] [blame]69 if( test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
70 return( test_driver_key_management_hooks.forced_status );
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]71
Steven Cooremanc4813a62020-10-23 11:45:43 +0200[diff] [blame]72 if( test_driver_key_management_hooks.forced_output != NULL )
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]73 {
Steven Cooremanc4813a62020-10-23 11:45:43 +0200[diff] [blame]74 if( test_driver_key_management_hooks.forced_output_length > key_size )
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]75 return( PSA_ERROR_BUFFER_TOO_SMALL );
Steven Cooremanc4813a62020-10-23 11:45:43 +0200[diff] [blame]76 memcpy( key, test_driver_key_management_hooks.forced_output,
77 test_driver_key_management_hooks.forced_output_length );
78 *key_length = test_driver_key_management_hooks.forced_output_length;
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]79 return( PSA_SUCCESS );
80 }
81
82 /* Copied from psa_crypto.c */
Ronald Cronbbe5cbb2020-11-20 19:42:24 +0100[diff] [blame]83#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR)
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]84 if ( PSA_KEY_TYPE_IS_ECC( psa_get_key_type( attributes ) )
85 && PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) )
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]86 {
Ronald Cronbbe5cbb2020-11-20 19:42:24 +0100[diff] [blame]87 return( mbedtls_transparent_test_driver_ecp_generate_key(
88 attributes, key, key_size, key_length ) );
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]89 }
90 else
Ronald Cronbbe5cbb2020-11-20 19:42:24 +0100[diff] [blame]91#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) */
Ronald Cron3a9c46b2020-11-06 09:38:35 +0100[diff] [blame]92
93#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR)
94 if ( psa_get_key_type( attributes ) == PSA_KEY_TYPE_RSA_KEY_PAIR )
95 return( mbedtls_transparent_test_driver_rsa_generate_key(
96 attributes, key, key_size, key_length ) );
97 else
98#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) */
99 {
100 (void)attributes;
101 return( PSA_ERROR_NOT_SUPPORTED );
102 }
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]103}
104
105psa_status_t test_opaque_generate_key(
106 const psa_key_attributes_t *attributes,
107 uint8_t *key, size_t key_size, size_t *key_length )
108{
109 (void) attributes;
110 (void) key;
111 (void) key_size;
112 (void) key_length;
113 return( PSA_ERROR_NOT_SUPPORTED );
114}
115
Ronald Cron83282872020-11-22 14:02:39 +0100[diff] [blame]116psa_status_t test_transparent_import_key(
Steven Cooremanb9b84422020-10-14 14:39:20 +0200[diff] [blame]117 const psa_key_attributes_t *attributes,
118 const uint8_t *data,
119 size_t data_length,
Ronald Cron83282872020-11-22 14:02:39 +0100[diff] [blame]120 uint8_t *key_buffer,
121 size_t key_buffer_size,
122 size_t *key_buffer_length,
123 size_t *bits)
Steven Cooreman04524762020-10-13 17:43:44 +0200[diff] [blame]124{
Steven Cooremanc4813a62020-10-23 11:45:43 +0200[diff] [blame]125 ++test_driver_key_management_hooks.hits;
Steven Cooreman04524762020-10-13 17:43:44 +0200[diff] [blame]126
Steven Cooremanc4813a62020-10-23 11:45:43 +0200[diff] [blame]127 if( test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
128 return( test_driver_key_management_hooks.forced_status );
Steven Cooreman04524762020-10-13 17:43:44 +0200[diff] [blame]129
Ronald Cron784fb322020-11-30 13:55:05 +0100[diff] [blame]130 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
131 psa_key_type_t type = psa_get_key_type( attributes );
132
John Durkop6ba40d12020-11-10 08:50:04 -0800[diff] [blame]133#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
134 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
Ronald Cron784fb322020-11-30 13:55:05 +0100[diff] [blame]135 if( PSA_KEY_TYPE_IS_ECC( type ) )
Steven Cooreman04524762020-10-13 17:43:44 +0200[diff] [blame]136 {
Ronald Cron784fb322020-11-30 13:55:05 +0100[diff] [blame]137 status = mbedtls_transparent_test_driver_ecp_import_key(
138 attributes,
139 data, data_length,
140 key_buffer, key_buffer_size,
141 key_buffer_length, bits );
Steven Cooreman04524762020-10-13 17:43:44 +0200[diff] [blame]142 }
Ronald Cron784fb322020-11-30 13:55:05 +0100[diff] [blame]143 else
144#endif
145#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \
146 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
147 if( PSA_KEY_TYPE_IS_RSA( type ) )
148 {
149 status = mbedtls_transparent_test_driver_rsa_import_key(
150 attributes,
151 data, data_length,
152 key_buffer, key_buffer_size,
153 key_buffer_length, bits );
154 }
155 else
156#endif
157 {
158 status = PSA_ERROR_NOT_SUPPORTED;
159 (void)data;
160 (void)data_length;
161 (void)key_buffer;
162 (void)key_buffer_size;
163 (void)key_buffer_length;
164 (void)bits;
165 (void)type;
166 }
167
168 return( status );
Steven Cooreman04524762020-10-13 17:43:44 +0200[diff] [blame]169}
170
Ronald Cron67227982020-11-26 15:16:05 +0100[diff] [blame]171psa_status_t test_opaque_export_key(
172 const psa_key_attributes_t *attributes,
173 const uint8_t *key, size_t key_length,
174 uint8_t *data, size_t data_size, size_t *data_length )
175{
Steven Cooreman1a0fbac2021-03-18 19:19:53 +0100[diff] [blame^]176 if( key_length == sizeof( psa_drv_slot_number_t ) )
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]177 {
Steven Cooreman1a0fbac2021-03-18 19:19:53 +0100[diff] [blame^]178 /* Assume this is a builtin key based on the key material length. */
179 psa_drv_slot_number_t slot_number = *( ( psa_drv_slot_number_t* ) key );
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]180
Steven Cooreman1a0fbac2021-03-18 19:19:53 +0100[diff] [blame^]181 switch( slot_number )
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]182 {
Steven Cooreman1a0fbac2021-03-18 19:19:53 +0100[diff] [blame^]183 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT:
184 /* This is the ECDSA slot. Verify the key's attributes before
185 * returning the private key. */
186 if( psa_get_key_type( attributes ) !=
187 PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) )
188 return( PSA_ERROR_CORRUPTION_DETECTED );
189 if( psa_get_key_bits( attributes ) != 256 )
190 return( PSA_ERROR_CORRUPTION_DETECTED );
191 if( psa_get_key_algorithm( attributes ) !=
192 PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) )
193 return( PSA_ERROR_CORRUPTION_DETECTED );
194 if( ( psa_get_key_usage_flags( attributes ) &
195 PSA_KEY_USAGE_EXPORT ) == 0 )
196 return( PSA_ERROR_CORRUPTION_DETECTED );
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]197
Steven Cooreman1a0fbac2021-03-18 19:19:53 +0100[diff] [blame^]198 if( data_size < sizeof( test_driver_ecdsa_key ) )
199 return( PSA_ERROR_BUFFER_TOO_SMALL );
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]200
Steven Cooreman1a0fbac2021-03-18 19:19:53 +0100[diff] [blame^]201 memcpy( data, test_driver_ecdsa_key,
202 sizeof( test_driver_ecdsa_key ) );
203 *data_length = sizeof( test_driver_ecdsa_key );
204 return( PSA_SUCCESS );
205
206 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT:
207 /* This is the AES slot. Verify the key's attributes before
208 * returning the key. */
209 if( psa_get_key_type( attributes ) != PSA_KEY_TYPE_AES )
210 return( PSA_ERROR_CORRUPTION_DETECTED );
211 if( psa_get_key_bits( attributes ) != 128 )
212 return( PSA_ERROR_CORRUPTION_DETECTED );
213 if( psa_get_key_algorithm( attributes ) != PSA_ALG_CTR )
214 return( PSA_ERROR_CORRUPTION_DETECTED );
215 if( ( psa_get_key_usage_flags( attributes ) &
216 PSA_KEY_USAGE_EXPORT ) == 0 )
217 return( PSA_ERROR_CORRUPTION_DETECTED );
218
219 if( data_size < sizeof( test_driver_aes_key ) )
220 return( PSA_ERROR_BUFFER_TOO_SMALL );
221
222 memcpy( data, test_driver_aes_key,
223 sizeof( test_driver_aes_key ) );
224 *data_length = sizeof( test_driver_aes_key );
225 return( PSA_SUCCESS );
226
227 default:
228 return( PSA_ERROR_DOES_NOT_EXIST );
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]229 }
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]230 }
Steven Cooreman1a0fbac2021-03-18 19:19:53 +0100[diff] [blame^]231 else
232 {
233 /* Test driver does not support generic opaque key handling yet. */
234 return( PSA_ERROR_NOT_SUPPORTED );
235 }
Ronald Cron67227982020-11-26 15:16:05 +0100[diff] [blame]236}
Ronald Cronf1057d32020-11-26 19:19:10 +0100[diff] [blame]237
Steven Cooremanb9b84422020-10-14 14:39:20 +0200[diff] [blame]238psa_status_t test_transparent_export_public_key(
239 const psa_key_attributes_t *attributes,
Ronald Cronf1057d32020-11-26 19:19:10 +0100[diff] [blame]240 const uint8_t *key_buffer, size_t key_buffer_size,
Steven Cooremanb9b84422020-10-14 14:39:20 +0200[diff] [blame]241 uint8_t *data, size_t data_size, size_t *data_length )
242{
Gilles Peskinec2402362020-11-22 18:47:43 +0100[diff] [blame]243 ++test_driver_key_management_hooks.hits;
Steven Cooremanb9b84422020-10-14 14:39:20 +0200[diff] [blame]244
Gilles Peskinec2402362020-11-22 18:47:43 +0100[diff] [blame]245 if( test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
246 return( test_driver_key_management_hooks.forced_status );
Steven Cooremanb9b84422020-10-14 14:39:20 +0200[diff] [blame]247
Gilles Peskinec2402362020-11-22 18:47:43 +0100[diff] [blame]248 if( test_driver_key_management_hooks.forced_output != NULL )
Steven Cooremanb9b84422020-10-14 14:39:20 +0200[diff] [blame]249 {
Gilles Peskinec2402362020-11-22 18:47:43 +0100[diff] [blame]250 if( test_driver_key_management_hooks.forced_output_length > data_size )
Steven Cooremanb9b84422020-10-14 14:39:20 +0200[diff] [blame]251 return( PSA_ERROR_BUFFER_TOO_SMALL );
Gilles Peskinec2402362020-11-22 18:47:43 +0100[diff] [blame]252 memcpy( data, test_driver_key_management_hooks.forced_output,
253 test_driver_key_management_hooks.forced_output_length );
254 *data_length = test_driver_key_management_hooks.forced_output_length;
Steven Cooremanb9b84422020-10-14 14:39:20 +0200[diff] [blame]255 return( PSA_SUCCESS );
256 }
257
Ronald Cronf1057d32020-11-26 19:19:10 +0100[diff] [blame]258 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
259 psa_key_type_t key_type = psa_get_key_type( attributes );
Steven Cooremanb9b84422020-10-14 14:39:20 +0200[diff] [blame]260
261#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
262 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
Ronald Cronf1057d32020-11-26 19:19:10 +0100[diff] [blame]263 if( PSA_KEY_TYPE_IS_ECC( key_type ) )
Steven Cooremanb9b84422020-10-14 14:39:20 +0200[diff] [blame]264 {
Ronald Cronf1057d32020-11-26 19:19:10 +0100[diff] [blame]265 status = mbedtls_transparent_test_driver_ecp_export_public_key(
266 attributes,
267 key_buffer, key_buffer_size,
268 data, data_size, data_length );
Steven Cooremanb9b84422020-10-14 14:39:20 +0200[diff] [blame]269 }
Ronald Cronf1057d32020-11-26 19:19:10 +0100[diff] [blame]270 else
271#endif
272#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \
273 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
274 if( PSA_KEY_TYPE_IS_RSA( key_type ) )
275 {
276 status = mbedtls_transparent_test_driver_rsa_export_public_key(
277 attributes,
278 key_buffer, key_buffer_size,
279 data, data_size, data_length );
280 }
281 else
282#endif
283 {
284 status = PSA_ERROR_NOT_SUPPORTED;
285 (void)key_buffer;
286 (void)key_buffer_size;
287 (void)key_type;
288 }
Steven Cooremanb9b84422020-10-14 14:39:20 +0200[diff] [blame]289
Ronald Cronf1057d32020-11-26 19:19:10 +0100[diff] [blame]290 return( status );
Steven Cooremanb9b84422020-10-14 14:39:20 +0200[diff] [blame]291}
292
293psa_status_t test_opaque_export_public_key(
294 const psa_key_attributes_t *attributes,
295 const uint8_t *key, size_t key_length,
296 uint8_t *data, size_t data_size, size_t *data_length )
297{
Steven Cooreman1a0fbac2021-03-18 19:19:53 +0100[diff] [blame^]298 if( key_length == sizeof( psa_drv_slot_number_t ) )
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]299 {
Steven Cooreman1a0fbac2021-03-18 19:19:53 +0100[diff] [blame^]300 /* Assume this is a builtin key based on the key material length. */
301 psa_drv_slot_number_t slot_number = *( ( psa_drv_slot_number_t* ) key );
302 switch( slot_number )
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]303 {
Steven Cooreman1a0fbac2021-03-18 19:19:53 +0100[diff] [blame^]304 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT:
305 /* This is the ECDSA slot. Verify the key's attributes before
306 * returning the public key. */
307 if( psa_get_key_type( attributes ) !=
308 PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) )
309 return( PSA_ERROR_CORRUPTION_DETECTED );
310 if( psa_get_key_bits( attributes ) != 256 )
311 return( PSA_ERROR_CORRUPTION_DETECTED );
312 if( psa_get_key_algorithm( attributes ) !=
313 PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) )
314 return( PSA_ERROR_CORRUPTION_DETECTED );
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]315
Steven Cooreman1a0fbac2021-03-18 19:19:53 +0100[diff] [blame^]316 if( data_size < sizeof( test_driver_ecdsa_pubkey ) )
317 return( PSA_ERROR_BUFFER_TOO_SMALL );
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]318
Steven Cooreman1a0fbac2021-03-18 19:19:53 +0100[diff] [blame^]319 memcpy( data, test_driver_ecdsa_pubkey,
320 sizeof( test_driver_ecdsa_pubkey ) );
321 *data_length = sizeof( test_driver_ecdsa_pubkey );
322 return( PSA_SUCCESS );
323
324 default:
325 return( PSA_ERROR_DOES_NOT_EXIST );
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]326 }
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]327 }
Steven Cooreman1a0fbac2021-03-18 19:19:53 +0100[diff] [blame^]328 else
329 {
330 /* Test driver does not support generic opaque key handling yet. */
331 return( PSA_ERROR_NOT_SUPPORTED );
332 }
Steven Cooremanb9b84422020-10-14 14:39:20 +0200[diff] [blame]333}
334
Steven Cooremanf9a55ff2021-02-19 18:04:59 +0100[diff] [blame]335/* The opaque test driver exposes two built-in keys when builtin key support is
336 * compiled in.
Steven Cooreman203bcbb2021-03-18 17:17:40 +0100[diff] [blame]337 * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT is an AES-128
338 * key which allows CTR mode.
339 * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT is a secp256r1
340 * private key which allows ECDSA sign & verify.
Steven Cooremanf9a55ff2021-02-19 18:04:59 +0100[diff] [blame]341 * The key buffer format for these is the raw format of psa_drv_slot_number_t
Steven Cooreman203bcbb2021-03-18 17:17:40 +0100[diff] [blame]342 * (i.e. for an actual driver this would mean 'builtin_key_size' =
343 * sizeof(psa_drv_slot_number_t)).
Steven Cooremanf9a55ff2021-02-19 18:04:59 +0100[diff] [blame]344 */
345psa_status_t test_opaque_get_builtin_key(
346 psa_drv_slot_number_t slot_number,
347 psa_key_attributes_t *attributes,
348 uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
349{
Steven Cooreman1a0fbac2021-03-18 19:19:53 +0100[diff] [blame^]350 if( key_buffer_size < sizeof( psa_drv_slot_number_t ) )
351 return( PSA_ERROR_BUFFER_TOO_SMALL );
352
Steven Cooremanf9a55ff2021-02-19 18:04:59 +0100[diff] [blame]353 switch( slot_number )
354 {
355 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT:
Steven Cooremanf9a55ff2021-02-19 18:04:59 +0100[diff] [blame]356 psa_set_key_type( attributes, PSA_KEY_TYPE_AES );
357 psa_set_key_bits( attributes, 128 );
Steven Cooreman203bcbb2021-03-18 17:17:40 +0100[diff] [blame]358 psa_set_key_usage_flags(
359 attributes,
360 PSA_KEY_USAGE_ENCRYPT |
361 PSA_KEY_USAGE_DECRYPT |
362 PSA_KEY_USAGE_EXPORT );
Steven Cooremanf9a55ff2021-02-19 18:04:59 +0100[diff] [blame]363 psa_set_key_algorithm( attributes, PSA_ALG_CTR );
364
365 *( (psa_drv_slot_number_t*) key_buffer ) =
366 PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT;
367 *key_buffer_length = sizeof( psa_drv_slot_number_t );
368 return( PSA_SUCCESS );
369 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT:
Steven Cooreman203bcbb2021-03-18 17:17:40 +0100[diff] [blame]370 psa_set_key_type(
371 attributes,
372 PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) );
Steven Cooremanf9a55ff2021-02-19 18:04:59 +0100[diff] [blame]373 psa_set_key_bits( attributes, 256 );
Steven Cooreman203bcbb2021-03-18 17:17:40 +0100[diff] [blame]374 psa_set_key_usage_flags(
375 attributes,
376 PSA_KEY_USAGE_SIGN_HASH |
377 PSA_KEY_USAGE_VERIFY_HASH |
378 PSA_KEY_USAGE_EXPORT );
379 psa_set_key_algorithm(
380 attributes, PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) );
Steven Cooremanf9a55ff2021-02-19 18:04:59 +0100[diff] [blame]381
Steven Cooreman203bcbb2021-03-18 17:17:40 +0100[diff] [blame]382 *( (psa_drv_slot_number_t*) key_buffer ) =
Steven Cooremanf9a55ff2021-02-19 18:04:59 +0100[diff] [blame]383 PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT;
384 *key_buffer_length = sizeof( psa_drv_slot_number_t );
385 return( PSA_SUCCESS );
386 default:
Steven Cooreman1a0fbac2021-03-18 19:19:53 +0100[diff] [blame^]387 return( PSA_ERROR_DOES_NOT_EXIST );
Steven Cooremanf9a55ff2021-02-19 18:04:59 +0100[diff] [blame]388 }
Steven Cooremanf9a55ff2021-02-19 18:04:59 +0100[diff] [blame]389}
390
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]391#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */