TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 7b9934dcdd6efc88ad9419f1d12a614dcffcdbcb / . / 3rdparty / p256-m / p256-m_driver_entrypoints.c
blob: 8df640cba8fd7acfe7374d65e2fcdb29df37a812 [file] [log] [blame]
Aditya Deshpande045b3702023-02-20 17:08:30 +0000[diff] [blame]1/*
2 * Driver entry points for p256-m
3 */
4/*
5 * Copyright The Mbed TLS Contributors
6 * SPDX-License-Identifier: Apache-2.0
7 *
8 * Licensed under the Apache License, Version 2.0 (the "License"); you may
9 * not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
11 *
12 * http://www.apache.org/licenses/LICENSE-2.0
13 *
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 */
20
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]21#include "mbedtls/platform.h"
22#include "p256-m_driver_entrypoints.h"
23#include "p256-m/p256-m.h"
24#include "psa/crypto.h"
25#include "psa_crypto_driver_wrappers.h"
Aditya Deshpande7b9934d2023-04-18 17:00:17 +0100[diff] [blame^]26#include <stddef.h>
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]27
28#if defined(MBEDTLS_P256M_EXAMPLE_DRIVER_ENABLED)
29
Aditya Deshpandeac363d82023-03-21 18:56:31 +0000[diff] [blame]30psa_status_t p256_to_psa_error(int ret)
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]31{
Aditya Deshpandeac363d82023-03-21 18:56:31 +0000[diff] [blame]32 switch (ret) {
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]33 case P256_SUCCESS:
Aditya Deshpandeac363d82023-03-21 18:56:31 +0000[diff] [blame]34 return PSA_SUCCESS;
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]35 case P256_INVALID_PUBKEY:
36 case P256_INVALID_PRIVKEY:
Aditya Deshpandeac363d82023-03-21 18:56:31 +0000[diff] [blame]37 return PSA_ERROR_INVALID_ARGUMENT;
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]38 case P256_INVALID_SIGNATURE:
Aditya Deshpandeac363d82023-03-21 18:56:31 +0000[diff] [blame]39 return PSA_ERROR_INVALID_SIGNATURE;
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]40 case P256_RANDOM_FAILED:
41 default:
Aditya Deshpandeac363d82023-03-21 18:56:31 +0000[diff] [blame]42 return PSA_ERROR_GENERIC_ERROR;
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]43 }
44}
45
Aditya Deshpande695e44b2023-01-23 14:59:29 +0000[diff] [blame]46psa_status_t p256_transparent_generate_key(
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]47 const psa_key_attributes_t *attributes,
48 uint8_t *key_buffer,
49 size_t key_buffer_size,
Aditya Deshpandeac363d82023-03-21 18:56:31 +0000[diff] [blame]50 size_t *key_buffer_length)
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]51{
52 /* We don't use this argument, but the specification mandates the signature
53 * of driver entry-points. (void) used to avoid compiler warning. */
54 (void) attributes;
55
56 psa_status_t status = PSA_ERROR_NOT_SUPPORTED;
57
58 /*
59 * p256-m generates a 32 byte private key, and expects to write to a buffer
60 * that is of that size. */
Aditya Deshpandeac363d82023-03-21 18:56:31 +0000[diff] [blame]61 if (key_buffer_size != 32) {
62 return status;
63 }
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]64
65 /*
66 * p256-m's keypair generation function outputs both public and private
67 * keys. Allocate a buffer to which the public key will be written. The
68 * private key will be written to key_buffer, which is passed to this
69 * function as an argument. */
Aditya Deshpande7b9934d2023-04-18 17:00:17 +0100[diff] [blame^]70 uint8_t public_key_buffer[64];
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]71
Aditya Deshpande695e44b2023-01-23 14:59:29 +0000[diff] [blame]72 status = p256_to_psa_error(
Aditya Deshpandeac363d82023-03-21 18:56:31 +0000[diff] [blame]73 p256_gen_keypair(key_buffer, public_key_buffer));
74 if (status == PSA_SUCCESS) {
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]75 *key_buffer_length = 32;
Aditya Deshpandeac363d82023-03-21 18:56:31 +0000[diff] [blame]76 }
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]77
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]78 return status;
79}
80
Aditya Deshpande695e44b2023-01-23 14:59:29 +0000[diff] [blame]81psa_status_t p256_transparent_key_agreement(
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]82 const psa_key_attributes_t *attributes,
83 const uint8_t *key_buffer,
84 size_t key_buffer_size,
85 psa_algorithm_t alg,
86 const uint8_t *peer_key,
87 size_t peer_key_length,
88 uint8_t *shared_secret,
89 size_t shared_secret_size,
Aditya Deshpandeac363d82023-03-21 18:56:31 +0000[diff] [blame]90 size_t *shared_secret_length)
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]91{
92 /* We don't use these arguments, but the specification mandates the
93 * sginature of driver entry-points. (void) used to avoid compiler
94 * warning. */
95 (void) attributes;
96 (void) alg;
97
98 /*
99 * Check that private key = 32 bytes, peer public key = 65 bytes,
100 * and that the shared secret buffer is big enough. */
101 psa_status_t status = PSA_ERROR_NOT_SUPPORTED;
Aditya Deshpandeac363d82023-03-21 18:56:31 +0000[diff] [blame]102 if (key_buffer_size != 32 || shared_secret_size < 32 ||
103 peer_key_length != 65) {
104 return status;
105 }
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]106
Aditya Deshpande695e44b2023-01-23 14:59:29 +0000[diff] [blame]107 status = p256_to_psa_error(
Aditya Deshpandeac363d82023-03-21 18:56:31 +0000[diff] [blame]108 p256_ecdh_shared_secret(shared_secret, key_buffer, peer_key+1));
109 if (status == PSA_SUCCESS) {
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]110 *shared_secret_length = 32;
Aditya Deshpandeac363d82023-03-21 18:56:31 +0000[diff] [blame]111 }
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]112
113 return status;
114}
115
Aditya Deshpande695e44b2023-01-23 14:59:29 +0000[diff] [blame]116psa_status_t p256_transparent_sign_hash(
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]117 const psa_key_attributes_t *attributes,
118 const uint8_t *key_buffer,
119 size_t key_buffer_size,
120 psa_algorithm_t alg,
121 const uint8_t *hash,
122 size_t hash_length,
123 uint8_t *signature,
124 size_t signature_size,
Aditya Deshpandeac363d82023-03-21 18:56:31 +0000[diff] [blame]125 size_t *signature_length)
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]126{
127 /* We don't use these arguments, but the specification mandates the
128 * sginature of driver entry-points. (void) used to avoid compiler
129 * warning. */
130 (void) attributes;
131 (void) alg;
132
133 psa_status_t status = PSA_ERROR_NOT_SUPPORTED;
Aditya Deshpandeac363d82023-03-21 18:56:31 +0000[diff] [blame]134 if (key_buffer_size != 32 || signature_size != 64) {
135 return status;
136 }
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]137
Aditya Deshpande695e44b2023-01-23 14:59:29 +0000[diff] [blame]138 status = p256_to_psa_error(
Aditya Deshpandeac363d82023-03-21 18:56:31 +0000[diff] [blame]139 p256_ecdsa_sign(signature, key_buffer, hash, hash_length));
140 if (status == PSA_SUCCESS) {
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]141 *signature_length = 64;
Aditya Deshpandeac363d82023-03-21 18:56:31 +0000[diff] [blame]142 }
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]143
144 return status;
145}
146
147/* This function expects the key buffer to contain a 65 byte public key,
148 * as exported by psa_export_public_key() */
Aditya Deshpande695e44b2023-01-23 14:59:29 +0000[diff] [blame]149static psa_status_t p256_verify_hash_with_public_key(
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]150 const uint8_t *key_buffer,
151 size_t key_buffer_size,
152 const uint8_t *hash,
153 size_t hash_length,
154 const uint8_t *signature,
Aditya Deshpandeac363d82023-03-21 18:56:31 +0000[diff] [blame]155 size_t signature_length)
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]156{
157 psa_status_t status = PSA_ERROR_NOT_SUPPORTED;
Aditya Deshpandeac363d82023-03-21 18:56:31 +0000[diff] [blame]158 if (key_buffer_size != 65 || signature_length != 64 || *key_buffer != 0x04) {
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]159 return status;
Aditya Deshpandeac363d82023-03-21 18:56:31 +0000[diff] [blame]160 }
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]161
162 const uint8_t *public_key_buffer = key_buffer + 1;
Aditya Deshpande695e44b2023-01-23 14:59:29 +0000[diff] [blame]163 status = p256_to_psa_error(
Aditya Deshpandeac363d82023-03-21 18:56:31 +0000[diff] [blame]164 p256_ecdsa_verify(signature, public_key_buffer, hash, hash_length));
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]165
166 return status;
167}
168
Aditya Deshpande695e44b2023-01-23 14:59:29 +0000[diff] [blame]169psa_status_t p256_transparent_verify_hash(
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]170 const psa_key_attributes_t *attributes,
171 const uint8_t *key_buffer,
172 size_t key_buffer_size,
173 psa_algorithm_t alg,
174 const uint8_t *hash,
175 size_t hash_length,
176 const uint8_t *signature,
Aditya Deshpandeac363d82023-03-21 18:56:31 +0000[diff] [blame]177 size_t signature_length)
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]178{
179 /* We don't use this argument, but the specification mandates the signature
180 * of driver entry-points. (void) used to avoid compiler warning. */
181 (void) alg;
182
183 psa_status_t status;
Aditya Deshpande7b9934d2023-04-18 17:00:17 +0100[diff] [blame^]184 uint8_t public_key_buffer[65];
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]185 size_t public_key_buffer_size = 65;
Aditya Deshpande7b9934d2023-04-18 17:00:17 +0100[diff] [blame^]186
187 size_t public_key_length = 65;
188 /* As p256-m doesn't require dynamic allocation, we want to avoid it in
189 * the entrypoint functions as well. psa_driver_wrapper_export_public_key()
190 * requires size_t*, so we use a pointer to a stack variable. */
191 size_t *public_key_length_ptr = &public_key_length;
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]192
193 /* The contents of key_buffer may either be the 32 byte private key
194 * (keypair representation), or the 65 byte public key. To ensure the
195 * latter is obtained, the public key is exported. */
196 status = psa_driver_wrapper_export_public_key(
Aditya Deshpandeac363d82023-03-21 18:56:31 +0000[diff] [blame]197 attributes,
198 key_buffer,
199 key_buffer_size,
200 public_key_buffer,
201 public_key_buffer_size,
Aditya Deshpande7b9934d2023-04-18 17:00:17 +0100[diff] [blame^]202 public_key_length_ptr);
Aditya Deshpandeac363d82023-03-21 18:56:31 +0000[diff] [blame]203 if (status != PSA_SUCCESS) {
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]204 goto exit;
Aditya Deshpandeac363d82023-03-21 18:56:31 +0000[diff] [blame]205 }
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]206
Aditya Deshpande695e44b2023-01-23 14:59:29 +0000[diff] [blame]207 status = p256_verify_hash_with_public_key(
Aditya Deshpandeac363d82023-03-21 18:56:31 +0000[diff] [blame]208 public_key_buffer,
209 public_key_buffer_size,
210 hash,
211 hash_length,
212 signature,
213 signature_length);
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]214
215exit:
Aditya Deshpandeac363d82023-03-21 18:56:31 +0000[diff] [blame]216 return status;
Aditya Deshpandee41f7e42023-01-12 16:29:02 +0000[diff] [blame]217}
218
219#endif /* MBEDTLS_P256M_EXAMPLE_DRIVER_ENABLED */