TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / 203bcbbc47d824b12c95e7d8e3aa9cde3d0b410f / . / tests / src / drivers / key_management.c
blob: ca00fe0e8a69ca5f38d8693afb6f88502135baab [file] [log] [blame]
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]1/*
Steven Cooreman04524762020-10-13 17:43:44 +0200[diff] [blame]2 * Test driver for generating and verifying keys.
3 * Currently only supports generating and verifying ECC keys.
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]4 */
Steven Cooreman2c7b2f82020-09-02 13:43:46 +0200[diff] [blame]5/* Copyright The Mbed TLS Contributors
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]6 * SPDX-License-Identifier: Apache-2.0
7 *
8 * Licensed under the Apache License, Version 2.0 (the "License"); you may
9 * not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
11 *
12 * http://www.apache.org/licenses/LICENSE-2.0
13 *
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]19 */
20
21#if !defined(MBEDTLS_CONFIG_FILE)
22#include "mbedtls/config.h"
23#else
24#include MBEDTLS_CONFIG_FILE
25#endif
26
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]27#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]28#include "psa/crypto.h"
Steven Cooreman15f58d22020-09-04 13:05:23 +0200[diff] [blame]29#include "psa_crypto_core.h"
Ronald Cronf1057d32020-11-26 19:19:10 +0100[diff] [blame]30#include "psa_crypto_ecp.h"
31#include "psa_crypto_rsa.h"
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]32#include "mbedtls/ecp.h"
33#include "mbedtls/error.h"
34
Steven Cooremanc4813a62020-10-23 11:45:43 +0200[diff] [blame]35#include "test/drivers/key_management.h"
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]36
37#include "test/random.h"
38
39#include <string.h>
40
Steven Cooremanc4813a62020-10-23 11:45:43 +0200[diff] [blame]41test_driver_key_management_hooks_t test_driver_key_management_hooks =
42 TEST_DRIVER_KEY_MANAGEMENT_INIT;
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]43
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]44#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
45const uint8_t test_driver_aes_key[16] =
46 { 0x36, 0x77, 0x39, 0x7A, 0x24, 0x43, 0x26, 0x46,
47 0x29, 0x4A, 0x40, 0x4E, 0x63, 0x52, 0x66, 0x55 };
48const uint8_t test_driver_ecdsa_key[32] =
49 { 0xdc, 0x7d, 0x9d, 0x26, 0xd6, 0x7a, 0x4f, 0x63,
50 0x2c, 0x34, 0xc2, 0xdc, 0x0b, 0x69, 0x86, 0x18,
51 0x38, 0x82, 0xc2, 0x06, 0xdf, 0x04, 0xcd, 0xb7,
52 0xd6, 0x9a, 0xab, 0xe2, 0x8b, 0xe4, 0xf8, 0x1a };
53const uint8_t test_driver_ecdsa_pubkey[65] =
54 { 0x04,
55 0x85, 0xf6, 0x4d, 0x89, 0xf0, 0x0b, 0xe6, 0x6c,
56 0x88, 0xdd, 0x93, 0x7e, 0xfd, 0x6d, 0x7c, 0x44,
57 0x56, 0x48, 0xdc, 0xb7, 0x01, 0x15, 0x0b, 0x8a,
58 0x95, 0x09, 0x29, 0x58, 0x50, 0xf4, 0x1c, 0x19,
59 0x31, 0xe5, 0x71, 0xfb, 0x8f, 0x8c, 0x78, 0x31,
60 0x7a, 0x20, 0xb3, 0x80, 0xe8, 0x66, 0x58, 0x4b,
61 0xbc, 0x25, 0x16, 0xc3, 0xd2, 0x70, 0x2d, 0x79,
62 0x2f, 0x13, 0x1a, 0x92, 0x20, 0x95, 0xfd, 0x6c };
63
Steven Cooreman203bcbb2021-03-18 17:17:40 +0100[diff] [blame^]64static const psa_drv_slot_number_t aes_slot =
65 PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT;
66static const psa_drv_slot_number_t ecdsa_slot =
67 PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT;
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]68#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
69
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]70psa_status_t test_transparent_generate_key(
71 const psa_key_attributes_t *attributes,
72 uint8_t *key, size_t key_size, size_t *key_length )
73{
Steven Cooremanc4813a62020-10-23 11:45:43 +0200[diff] [blame]74 ++test_driver_key_management_hooks.hits;
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]75
Steven Cooremanc4813a62020-10-23 11:45:43 +0200[diff] [blame]76 if( test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
77 return( test_driver_key_management_hooks.forced_status );
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]78
Steven Cooremanc4813a62020-10-23 11:45:43 +0200[diff] [blame]79 if( test_driver_key_management_hooks.forced_output != NULL )
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]80 {
Steven Cooremanc4813a62020-10-23 11:45:43 +0200[diff] [blame]81 if( test_driver_key_management_hooks.forced_output_length > key_size )
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]82 return( PSA_ERROR_BUFFER_TOO_SMALL );
Steven Cooremanc4813a62020-10-23 11:45:43 +0200[diff] [blame]83 memcpy( key, test_driver_key_management_hooks.forced_output,
84 test_driver_key_management_hooks.forced_output_length );
85 *key_length = test_driver_key_management_hooks.forced_output_length;
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]86 return( PSA_SUCCESS );
87 }
88
89 /* Copied from psa_crypto.c */
Ronald Cronbbe5cbb2020-11-20 19:42:24 +0100[diff] [blame]90#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR)
Steven Cooreman56250fd2020-09-04 13:07:15 +0200[diff] [blame]91 if ( PSA_KEY_TYPE_IS_ECC( psa_get_key_type( attributes ) )
92 && PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) )
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]93 {
Ronald Cronbbe5cbb2020-11-20 19:42:24 +0100[diff] [blame]94 return( mbedtls_transparent_test_driver_ecp_generate_key(
95 attributes, key, key_size, key_length ) );
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]96 }
97 else
Ronald Cronbbe5cbb2020-11-20 19:42:24 +0100[diff] [blame]98#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) */
Ronald Cron3a9c46b2020-11-06 09:38:35 +0100[diff] [blame]99
100#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR)
101 if ( psa_get_key_type( attributes ) == PSA_KEY_TYPE_RSA_KEY_PAIR )
102 return( mbedtls_transparent_test_driver_rsa_generate_key(
103 attributes, key, key_size, key_length ) );
104 else
105#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) */
106 {
107 (void)attributes;
108 return( PSA_ERROR_NOT_SUPPORTED );
109 }
Steven Cooreman2a1664c2020-07-20 15:33:08 +0200[diff] [blame]110}
111
112psa_status_t test_opaque_generate_key(
113 const psa_key_attributes_t *attributes,
114 uint8_t *key, size_t key_size, size_t *key_length )
115{
116 (void) attributes;
117 (void) key;
118 (void) key_size;
119 (void) key_length;
120 return( PSA_ERROR_NOT_SUPPORTED );
121}
122
Ronald Cron83282872020-11-22 14:02:39 +0100[diff] [blame]123psa_status_t test_transparent_import_key(
Steven Cooremanb9b84422020-10-14 14:39:20 +0200[diff] [blame]124 const psa_key_attributes_t *attributes,
125 const uint8_t *data,
126 size_t data_length,
Ronald Cron83282872020-11-22 14:02:39 +0100[diff] [blame]127 uint8_t *key_buffer,
128 size_t key_buffer_size,
129 size_t *key_buffer_length,
130 size_t *bits)
Steven Cooreman04524762020-10-13 17:43:44 +0200[diff] [blame]131{
Steven Cooremanc4813a62020-10-23 11:45:43 +0200[diff] [blame]132 ++test_driver_key_management_hooks.hits;
Steven Cooreman04524762020-10-13 17:43:44 +0200[diff] [blame]133
Steven Cooremanc4813a62020-10-23 11:45:43 +0200[diff] [blame]134 if( test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
135 return( test_driver_key_management_hooks.forced_status );
Steven Cooreman04524762020-10-13 17:43:44 +0200[diff] [blame]136
Ronald Cron784fb322020-11-30 13:55:05 +0100[diff] [blame]137 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
138 psa_key_type_t type = psa_get_key_type( attributes );
139
John Durkop6ba40d12020-11-10 08:50:04 -0800[diff] [blame]140#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
141 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
Ronald Cron784fb322020-11-30 13:55:05 +0100[diff] [blame]142 if( PSA_KEY_TYPE_IS_ECC( type ) )
Steven Cooreman04524762020-10-13 17:43:44 +0200[diff] [blame]143 {
Ronald Cron784fb322020-11-30 13:55:05 +0100[diff] [blame]144 status = mbedtls_transparent_test_driver_ecp_import_key(
145 attributes,
146 data, data_length,
147 key_buffer, key_buffer_size,
148 key_buffer_length, bits );
Steven Cooreman04524762020-10-13 17:43:44 +0200[diff] [blame]149 }
Ronald Cron784fb322020-11-30 13:55:05 +0100[diff] [blame]150 else
151#endif
152#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \
153 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
154 if( PSA_KEY_TYPE_IS_RSA( type ) )
155 {
156 status = mbedtls_transparent_test_driver_rsa_import_key(
157 attributes,
158 data, data_length,
159 key_buffer, key_buffer_size,
160 key_buffer_length, bits );
161 }
162 else
163#endif
164 {
165 status = PSA_ERROR_NOT_SUPPORTED;
166 (void)data;
167 (void)data_length;
168 (void)key_buffer;
169 (void)key_buffer_size;
170 (void)key_buffer_length;
171 (void)bits;
172 (void)type;
173 }
174
175 return( status );
Steven Cooreman04524762020-10-13 17:43:44 +0200[diff] [blame]176}
177
Ronald Cron67227982020-11-26 15:16:05 +0100[diff] [blame]178psa_status_t test_opaque_export_key(
179 const psa_key_attributes_t *attributes,
180 const uint8_t *key, size_t key_length,
181 uint8_t *data, size_t data_size, size_t *data_length )
182{
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]183#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
Steven Cooreman203bcbb2021-03-18 17:17:40 +0100[diff] [blame^]184 if( psa_key_id_is_builtin(
185 MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( attributes ) ) ) )
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]186 {
187 if( key_length != sizeof( psa_drv_slot_number_t ) )
188 return( PSA_ERROR_INVALID_ARGUMENT );
189
190 if( memcmp( key, &ecdsa_slot, sizeof( psa_drv_slot_number_t ) ) == 0 )
191 {
Steven Cooreman203bcbb2021-03-18 17:17:40 +0100[diff] [blame^]192 /* This is the ECDSA slot. Verify key attributes before returning
193 * the private key. */
194 if( psa_get_key_type( attributes ) !=
195 PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) )
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]196 return( PSA_ERROR_CORRUPTION_DETECTED );
197 if( psa_get_key_bits( attributes ) != 256 )
198 return( PSA_ERROR_CORRUPTION_DETECTED );
Steven Cooreman203bcbb2021-03-18 17:17:40 +0100[diff] [blame^]199 if( psa_get_key_algorithm( attributes ) !=
200 PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) )
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]201 return( PSA_ERROR_CORRUPTION_DETECTED );
Steven Cooreman203bcbb2021-03-18 17:17:40 +0100[diff] [blame^]202 if( ( psa_get_key_usage_flags( attributes ) &
203 PSA_KEY_USAGE_EXPORT ) == 0 )
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]204 return( PSA_ERROR_CORRUPTION_DETECTED );
205
206 if( data_size < sizeof( test_driver_ecdsa_key ) )
207 return( PSA_ERROR_BUFFER_TOO_SMALL );
208
Steven Cooreman203bcbb2021-03-18 17:17:40 +0100[diff] [blame^]209 memcpy( data, test_driver_ecdsa_key,
210 sizeof( test_driver_ecdsa_key ) );
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]211 *data_length = sizeof( test_driver_ecdsa_key );
212 return( PSA_SUCCESS );
213 }
214
215 if( memcmp( key, &aes_slot, sizeof( psa_drv_slot_number_t ) ) == 0 )
216 {
Steven Cooreman203bcbb2021-03-18 17:17:40 +0100[diff] [blame^]217 /* This is the AES slot. Verify key attributes before returning
218 * the key. */
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]219 if( psa_get_key_type( attributes ) != PSA_KEY_TYPE_AES )
220 return( PSA_ERROR_CORRUPTION_DETECTED );
221 if( psa_get_key_bits( attributes ) != 128 )
222 return( PSA_ERROR_CORRUPTION_DETECTED );
223 if( psa_get_key_algorithm( attributes ) != PSA_ALG_CTR )
224 return( PSA_ERROR_CORRUPTION_DETECTED );
Steven Cooreman203bcbb2021-03-18 17:17:40 +0100[diff] [blame^]225 if( ( psa_get_key_usage_flags( attributes ) &
226 PSA_KEY_USAGE_EXPORT ) == 0 )
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]227 return( PSA_ERROR_CORRUPTION_DETECTED );
228
229 if( data_size < sizeof( test_driver_aes_key ) )
230 return( PSA_ERROR_BUFFER_TOO_SMALL );
231
232 memcpy( data, test_driver_aes_key, sizeof( test_driver_aes_key ) );
233 *data_length = sizeof( test_driver_aes_key );
234 return( PSA_SUCCESS );
235 }
236
237 /* Potentially add more slots here */
238
239 return( PSA_ERROR_DOES_NOT_EXIST );
240 }
241#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
Ronald Cron67227982020-11-26 15:16:05 +0100[diff] [blame]242 (void) attributes;
243 (void) key;
244 (void) key_length;
245 (void) data;
246 (void) data_size;
247 (void) data_length;
248 return( PSA_ERROR_NOT_SUPPORTED );
249}
Ronald Cronf1057d32020-11-26 19:19:10 +0100[diff] [blame]250
Steven Cooremanb9b84422020-10-14 14:39:20 +0200[diff] [blame]251psa_status_t test_transparent_export_public_key(
252 const psa_key_attributes_t *attributes,
Ronald Cronf1057d32020-11-26 19:19:10 +0100[diff] [blame]253 const uint8_t *key_buffer, size_t key_buffer_size,
Steven Cooremanb9b84422020-10-14 14:39:20 +0200[diff] [blame]254 uint8_t *data, size_t data_size, size_t *data_length )
255{
Gilles Peskinec2402362020-11-22 18:47:43 +0100[diff] [blame]256 ++test_driver_key_management_hooks.hits;
Steven Cooremanb9b84422020-10-14 14:39:20 +0200[diff] [blame]257
Gilles Peskinec2402362020-11-22 18:47:43 +0100[diff] [blame]258 if( test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
259 return( test_driver_key_management_hooks.forced_status );
Steven Cooremanb9b84422020-10-14 14:39:20 +0200[diff] [blame]260
Gilles Peskinec2402362020-11-22 18:47:43 +0100[diff] [blame]261 if( test_driver_key_management_hooks.forced_output != NULL )
Steven Cooremanb9b84422020-10-14 14:39:20 +0200[diff] [blame]262 {
Gilles Peskinec2402362020-11-22 18:47:43 +0100[diff] [blame]263 if( test_driver_key_management_hooks.forced_output_length > data_size )
Steven Cooremanb9b84422020-10-14 14:39:20 +0200[diff] [blame]264 return( PSA_ERROR_BUFFER_TOO_SMALL );
Gilles Peskinec2402362020-11-22 18:47:43 +0100[diff] [blame]265 memcpy( data, test_driver_key_management_hooks.forced_output,
266 test_driver_key_management_hooks.forced_output_length );
267 *data_length = test_driver_key_management_hooks.forced_output_length;
Steven Cooremanb9b84422020-10-14 14:39:20 +0200[diff] [blame]268 return( PSA_SUCCESS );
269 }
270
Ronald Cronf1057d32020-11-26 19:19:10 +0100[diff] [blame]271 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
272 psa_key_type_t key_type = psa_get_key_type( attributes );
Steven Cooremanb9b84422020-10-14 14:39:20 +0200[diff] [blame]273
274#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
275 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
Ronald Cronf1057d32020-11-26 19:19:10 +0100[diff] [blame]276 if( PSA_KEY_TYPE_IS_ECC( key_type ) )
Steven Cooremanb9b84422020-10-14 14:39:20 +0200[diff] [blame]277 {
Ronald Cronf1057d32020-11-26 19:19:10 +0100[diff] [blame]278 status = mbedtls_transparent_test_driver_ecp_export_public_key(
279 attributes,
280 key_buffer, key_buffer_size,
281 data, data_size, data_length );
Steven Cooremanb9b84422020-10-14 14:39:20 +0200[diff] [blame]282 }
Ronald Cronf1057d32020-11-26 19:19:10 +0100[diff] [blame]283 else
284#endif
285#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \
286 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
287 if( PSA_KEY_TYPE_IS_RSA( key_type ) )
288 {
289 status = mbedtls_transparent_test_driver_rsa_export_public_key(
290 attributes,
291 key_buffer, key_buffer_size,
292 data, data_size, data_length );
293 }
294 else
295#endif
296 {
297 status = PSA_ERROR_NOT_SUPPORTED;
298 (void)key_buffer;
299 (void)key_buffer_size;
300 (void)key_type;
301 }
Steven Cooremanb9b84422020-10-14 14:39:20 +0200[diff] [blame]302
Ronald Cronf1057d32020-11-26 19:19:10 +0100[diff] [blame]303 return( status );
Steven Cooremanb9b84422020-10-14 14:39:20 +0200[diff] [blame]304}
305
306psa_status_t test_opaque_export_public_key(
307 const psa_key_attributes_t *attributes,
308 const uint8_t *key, size_t key_length,
309 uint8_t *data, size_t data_size, size_t *data_length )
310{
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]311#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
Steven Cooreman203bcbb2021-03-18 17:17:40 +0100[diff] [blame^]312 if( psa_key_id_is_builtin(
313 MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( attributes ) ) ) )
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]314 {
315 if( key_length != sizeof( psa_drv_slot_number_t ) )
316 return( PSA_ERROR_INVALID_ARGUMENT );
317
318 if( memcmp( key, &ecdsa_slot, sizeof( psa_drv_slot_number_t ) ) == 0 )
319 {
Steven Cooreman203bcbb2021-03-18 17:17:40 +0100[diff] [blame^]320 /* This is the ECDSA slot. Verify key attributes before returning
321 * the public key. */
322 if( psa_get_key_type( attributes ) !=
323 PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) )
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]324 return( PSA_ERROR_CORRUPTION_DETECTED );
325 if( psa_get_key_bits( attributes ) != 256 )
326 return( PSA_ERROR_CORRUPTION_DETECTED );
Steven Cooreman203bcbb2021-03-18 17:17:40 +0100[diff] [blame^]327 if( psa_get_key_algorithm( attributes ) !=
328 PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) )
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]329 return( PSA_ERROR_CORRUPTION_DETECTED );
330
331 if( data_size < sizeof( test_driver_ecdsa_pubkey ) )
332 return( PSA_ERROR_BUFFER_TOO_SMALL );
333
Steven Cooreman203bcbb2021-03-18 17:17:40 +0100[diff] [blame^]334 memcpy( data, test_driver_ecdsa_pubkey,
335 sizeof( test_driver_ecdsa_pubkey ) );
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]336 *data_length = sizeof( test_driver_ecdsa_pubkey );
337 return( PSA_SUCCESS );
338 }
339
340 /* Potentially add more slots here */
341
342 return( PSA_ERROR_DOES_NOT_EXIST );
343 }
344#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
Steven Cooremanb9b84422020-10-14 14:39:20 +0200[diff] [blame]345 (void) attributes;
346 (void) key;
347 (void) key_length;
348 (void) data;
349 (void) data_size;
350 (void) data_length;
351 return( PSA_ERROR_NOT_SUPPORTED );
352}
353
Steven Cooremanf9a55ff2021-02-19 18:04:59 +0100[diff] [blame]354/* The opaque test driver exposes two built-in keys when builtin key support is
355 * compiled in.
Steven Cooreman203bcbb2021-03-18 17:17:40 +0100[diff] [blame^]356 * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT is an AES-128
357 * key which allows CTR mode.
358 * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT is a secp256r1
359 * private key which allows ECDSA sign & verify.
Steven Cooremanf9a55ff2021-02-19 18:04:59 +0100[diff] [blame]360 * The key buffer format for these is the raw format of psa_drv_slot_number_t
Steven Cooreman203bcbb2021-03-18 17:17:40 +0100[diff] [blame^]361 * (i.e. for an actual driver this would mean 'builtin_key_size' =
362 * sizeof(psa_drv_slot_number_t)).
Steven Cooremanf9a55ff2021-02-19 18:04:59 +0100[diff] [blame]363 */
364psa_status_t test_opaque_get_builtin_key(
365 psa_drv_slot_number_t slot_number,
366 psa_key_attributes_t *attributes,
367 uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
368{
369#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
370 switch( slot_number )
371 {
372 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT:
373 if( key_buffer_size < sizeof( psa_drv_slot_number_t ) )
374 return( PSA_ERROR_BUFFER_TOO_SMALL );
375
376 psa_set_key_type( attributes, PSA_KEY_TYPE_AES );
377 psa_set_key_bits( attributes, 128 );
Steven Cooreman203bcbb2021-03-18 17:17:40 +0100[diff] [blame^]378 psa_set_key_usage_flags(
379 attributes,
380 PSA_KEY_USAGE_ENCRYPT |
381 PSA_KEY_USAGE_DECRYPT |
382 PSA_KEY_USAGE_EXPORT );
Steven Cooremanf9a55ff2021-02-19 18:04:59 +0100[diff] [blame]383 psa_set_key_algorithm( attributes, PSA_ALG_CTR );
384
385 *( (psa_drv_slot_number_t*) key_buffer ) =
386 PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT;
387 *key_buffer_length = sizeof( psa_drv_slot_number_t );
388 return( PSA_SUCCESS );
389 case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT:
390 if( key_buffer_size < sizeof( psa_drv_slot_number_t ) )
391 return( PSA_ERROR_BUFFER_TOO_SMALL );
392
Steven Cooreman203bcbb2021-03-18 17:17:40 +0100[diff] [blame^]393 psa_set_key_type(
394 attributes,
395 PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) );
Steven Cooremanf9a55ff2021-02-19 18:04:59 +0100[diff] [blame]396 psa_set_key_bits( attributes, 256 );
Steven Cooreman203bcbb2021-03-18 17:17:40 +0100[diff] [blame^]397 psa_set_key_usage_flags(
398 attributes,
399 PSA_KEY_USAGE_SIGN_HASH |
400 PSA_KEY_USAGE_VERIFY_HASH |
401 PSA_KEY_USAGE_EXPORT );
402 psa_set_key_algorithm(
403 attributes, PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) );
Steven Cooremanf9a55ff2021-02-19 18:04:59 +0100[diff] [blame]404
Steven Cooreman203bcbb2021-03-18 17:17:40 +0100[diff] [blame^]405 *( (psa_drv_slot_number_t*) key_buffer ) =
Steven Cooremanf9a55ff2021-02-19 18:04:59 +0100[diff] [blame]406 PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT;
407 *key_buffer_length = sizeof( psa_drv_slot_number_t );
408 return( PSA_SUCCESS );
409 default:
410 (void) slot_number;
411 (void) attributes;
412 (void) key_buffer;
413 (void) key_buffer_size;
414 (void) key_buffer_length;
415 return( PSA_ERROR_INVALID_ARGUMENT );
416 }
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]417#else /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
Steven Cooremanf9a55ff2021-02-19 18:04:59 +0100[diff] [blame]418 (void) slot_number;
419 (void) attributes;
420 (void) key_buffer;
421 (void) key_buffer_size;
422 (void) key_buffer_length;
423 return( PSA_ERROR_DOES_NOT_EXIST );
Steven Cooreman437fcfc2021-02-22 12:44:15 +0100[diff] [blame]424#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
Steven Cooremanf9a55ff2021-02-19 18:04:59 +0100[diff] [blame]425}
426
Steven Cooremanf1720ea2020-07-24 18:41:58 +0200[diff] [blame]427#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */