From 711d0f5e2949d4b4e1dcc05ed2253ca611cc43fd Mon Sep 17 00:00:00 2001 From: Przemek Stekiel Date: Fri, 18 Mar 2022 13:52:26 +0100 Subject: [PATCH 1/7] Add implemetation of ECP keypair export function Signed-off-by: Przemek Stekiel --- include/mbedtls/ecp.h | 20 ++++++++++++++++++++ library/ecp.c | 24 ++++++++++++++++++++++++ 2 files changed, 44 insertions(+) diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index 989557367..e71a44510 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -1278,6 +1278,26 @@ int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); +/** + * \brief This function exports generic key-pair parameters. + * + * \param kp The key pair to export from. + * \param grp Slot for exported ECP group. + * It must point to an initialized ECP group. + * \param d Slot for the exported secret value. + * It must point to an initialized mpi. + * \param Q Slot for the exported public value. + * It must point to an initialized ECP point. + * + * \return \c 0 on success, + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. + * \return #MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if key id doesn't + * correspond to a known group. + * \return Another negative error code on other kinds of failure. + */ +int mbedtls_ecp_export(const mbedtls_ecp_keypair *key, mbedtls_ecp_group *grp, + mbedtls_mpi *d, mbedtls_ecp_point *Q); + #if defined(MBEDTLS_SELF_TEST) /** diff --git a/library/ecp.c b/library/ecp.c index ba76abbd1..71114cd90 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -3356,6 +3356,30 @@ cleanup: return( ret ); } +/* + * Export generic key-pair parameters. + */ +int mbedtls_ecp_export(const mbedtls_ecp_keypair *key, mbedtls_ecp_group *grp, + mbedtls_mpi *d, mbedtls_ecp_point *Q) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + ECP_VALIDATE_RET( key != NULL ); + ECP_VALIDATE_RET( grp != NULL ); + ECP_VALIDATE_RET( d != NULL ); + ECP_VALIDATE_RET( Q != NULL ); + + if( ( ret = mbedtls_ecp_group_copy( grp, &key->grp ) ) != 0 ) + return ret; + + if( ( ret = mbedtls_mpi_copy( d, &key->d ) ) != 0 ) + return ret; + + if( ( ret = mbedtls_ecp_copy( Q, &key->Q ) ) != 0 ) + return ret; + + return 0; +} + #if defined(MBEDTLS_SELF_TEST) /* From 4b30feb32e6aef576c4bebeabc2a16e51b041a2e Mon Sep 17 00:00:00 2001 From: Przemek Stekiel Date: Fri, 18 Mar 2022 13:58:26 +0100 Subject: [PATCH 2/7] Add test for ECP export Signed-off-by: Przemek Stekiel --- tests/suites/test_suite_ecp.data | 8 +++ tests/suites/test_suite_ecp.function | 75 ++++++++++++++++++++++++++++ 2 files changed, 83 insertions(+) diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data index 0c30e4a2e..3c975cc88 100644 --- a/tests/suites/test_suite_ecp.data +++ b/tests/suites/test_suite_ecp.data @@ -882,3 +882,11 @@ fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff": # The first call to fix_negative in the test case of issue #4296. ECP fix_negative: #4296.1 fix_negative:"8A4DD4C8B42C5EAED15FE4F4579F4CE513EC90A94010BF000000000000000000":-1:256 + +ECP export key parameters #1 (OK) +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_export:MBEDTLS_ECP_DP_SECP256R1:"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"00f12a1320760270a83cbffd53f6031ef76a5d86c8a204f2c30ca9ebf51f0f0ea7":0:0 + +ECP export key parameters #2 (invalid group) +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_export:MBEDTLS_ECP_DP_SECP256R1:"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"00f12a1320760270a83cbffd53f6031ef76a5d86c8a204f2c30ca9ebf51f0f0ea7":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE:1 \ No newline at end of file diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index 2afc35534..b8b5d9adc 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -16,6 +16,44 @@ mbedtls_ecp_point_free( x ); \ mbedtls_ecp_point_init( x ); +/* Auxiliary function to compare two mbedtls_ecp_group objects. */ +inline static int mbedtls_ecp_group_cmp( mbedtls_ecp_group *P, + mbedtls_ecp_group *Q ) +{ + if( mbedtls_mpi_cmp_mpi( &P->P, &Q->P ) != 0 ) + return 1; + if( mbedtls_mpi_cmp_mpi( &P->A, &Q->A ) != 0 ) + return 1; + if( mbedtls_mpi_cmp_mpi( &P->B, &Q->B ) != 0 ) + return 1; + if( mbedtls_mpi_cmp_mpi( &P->N, &Q->N ) != 0 ) + return 1; + if( mbedtls_ecp_point_cmp( &P->G, &Q->G ) != 0 ) + return 1; + if( P->id != Q->id ) + return 1; + if( P->pbits != Q->pbits ) + return 1; + if( P->nbits != Q->nbits ) + return 1; + if( P->h != Q->h ) + return 1; + if( P->modp != Q->modp ) + return 1; + if( P->t_pre != Q->t_pre ) + return 1; + if( P->t_post != Q->t_post ) + return 1; + if( P->t_data != Q->t_data ) + return 1; + if( P->T_size != Q->T_size ) + return 1; + if( P->T != Q->T ) + return 1; + + return 0; +} + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -988,3 +1026,40 @@ void ecp_selftest( ) TEST_ASSERT( mbedtls_ecp_self_test( 1 ) == 0 ); } /* END_CASE */ + +/* BEGIN_CASE */ +void ecp_export( int id, char * Qx, char * Qy,char * d, int expected_ret, int invalid_grp ) +{ + mbedtls_ecp_keypair key; + mbedtls_ecp_group export_grp; + mbedtls_mpi export_d; + mbedtls_ecp_point export_Q; + + mbedtls_ecp_group_init( &export_grp ); + mbedtls_ecp_group_init( &key.grp ); + mbedtls_mpi_init( &export_d ); + mbedtls_ecp_point_init( &export_Q ); + + mbedtls_ecp_keypair_init( &key ); + if( invalid_grp == 0 ) + TEST_ASSERT( mbedtls_ecp_group_load( &key.grp, id ) == 0 ); + TEST_ASSERT( mbedtls_ecp_point_read_string( &key.Q, 16, Qx, Qy ) == 0 ); + TEST_ASSERT( mbedtls_test_read_mpi( &key.d, 16, d ) == 0 ); + + TEST_EQUAL( mbedtls_ecp_export( &key, &export_grp, + &export_d, &export_Q ), expected_ret ); + + if( expected_ret == 0 ) + { + TEST_EQUAL( mbedtls_ecp_point_cmp( &key.Q, &export_Q ), 0 ); + TEST_EQUAL( mbedtls_mpi_cmp_mpi( &key.d, &export_d ), 0 ); + TEST_EQUAL( mbedtls_ecp_group_cmp( &key.grp, &export_grp ), 0 ); + } + +exit: + mbedtls_ecp_keypair_free( &key ); + mbedtls_ecp_group_free( &export_grp ); + mbedtls_mpi_free( &export_d ); + mbedtls_ecp_point_free( &export_Q ); +} +/* END_CASE */ From 815af949056ba9b3e38bf7d0a3f5aa1968d1342c Mon Sep 17 00:00:00 2001 From: Przemek Stekiel Date: Fri, 18 Mar 2022 15:10:31 +0100 Subject: [PATCH 3/7] Add ChangeLog file Signed-off-by: Przemek Stekiel --- ChangeLog.d/mbedtls_ecp_export.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/mbedtls_ecp_export.txt diff --git a/ChangeLog.d/mbedtls_ecp_export.txt b/ChangeLog.d/mbedtls_ecp_export.txt new file mode 100644 index 000000000..50fa0b3c6 --- /dev/null +++ b/ChangeLog.d/mbedtls_ecp_export.txt @@ -0,0 +1,3 @@ +Features + * Add a function to export ECP keypair parameters. + Fixes #4838. From a677b5f6c7721fcca4a0b6506a3964c80d95d76d Mon Sep 17 00:00:00 2001 From: Przemek Stekiel Date: Mon, 21 Mar 2022 07:25:45 +0100 Subject: [PATCH 4/7] Fix minor issues - parameter name in function description - test_suite_ecp.data: add new line at the end of file Signed-off-by: Przemek Stekiel --- include/mbedtls/ecp.h | 2 +- tests/suites/test_suite_ecp.data | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index e71a44510..395db1477 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -1281,7 +1281,7 @@ int mbedtls_ecp_check_pub_priv( /** * \brief This function exports generic key-pair parameters. * - * \param kp The key pair to export from. + * \param key The key pair to export from. * \param grp Slot for exported ECP group. * It must point to an initialized ECP group. * \param d Slot for the exported secret value. diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data index 3c975cc88..2eb8c2dfe 100644 --- a/tests/suites/test_suite_ecp.data +++ b/tests/suites/test_suite_ecp.data @@ -889,4 +889,4 @@ ecp_export:MBEDTLS_ECP_DP_SECP256R1:"37cc56d976091e5a723ec7592dff206eee7cf906917 ECP export key parameters #2 (invalid group) depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED -ecp_export:MBEDTLS_ECP_DP_SECP256R1:"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"00f12a1320760270a83cbffd53f6031ef76a5d86c8a204f2c30ca9ebf51f0f0ea7":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE:1 \ No newline at end of file +ecp_export:MBEDTLS_ECP_DP_SECP256R1:"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"00f12a1320760270a83cbffd53f6031ef76a5d86c8a204f2c30ca9ebf51f0f0ea7":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE:1 From 2076cbe511ea35fae421f591a800f60c88d8f0a5 Mon Sep 17 00:00:00 2001 From: Przemek Stekiel Date: Mon, 28 Mar 2022 07:22:11 +0200 Subject: [PATCH 5/7] Add function name to changelog Signed-off-by: Przemek Stekiel --- ChangeLog.d/mbedtls_ecp_export.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ChangeLog.d/mbedtls_ecp_export.txt b/ChangeLog.d/mbedtls_ecp_export.txt index 50fa0b3c6..4b5d7d4a0 100644 --- a/ChangeLog.d/mbedtls_ecp_export.txt +++ b/ChangeLog.d/mbedtls_ecp_export.txt @@ -1,3 +1,3 @@ Features - * Add a function to export ECP keypair parameters. - Fixes #4838. + * Add mbedtls_ecp_export() function to export ECP + keypair parameters. Fixes #4838. From ab5274bb19637c8e744f583cd732a1ebafd8d187 Mon Sep 17 00:00:00 2001 From: Przemek Stekiel Date: Mon, 28 Mar 2022 07:23:08 +0200 Subject: [PATCH 6/7] Remove parameters validation using ECP_VALIDATE_RET Signed-off-by: Przemek Stekiel --- library/ecp.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/library/ecp.c b/library/ecp.c index 71114cd90..f39cb0293 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -3363,10 +3363,6 @@ int mbedtls_ecp_export(const mbedtls_ecp_keypair *key, mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ECP_VALIDATE_RET( key != NULL ); - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( d != NULL ); - ECP_VALIDATE_RET( Q != NULL ); if( ( ret = mbedtls_ecp_group_copy( grp, &key->grp ) ) != 0 ) return ret; From 6a478ef05430143ce528977455b5571bf3deabea Mon Sep 17 00:00:00 2001 From: Przemek Stekiel Date: Mon, 28 Mar 2022 07:25:12 +0200 Subject: [PATCH 7/7] mbedtls_ecp_group_cmp: change names of parameters to more suitable Signed-off-by: Przemek Stekiel --- tests/suites/test_suite_ecp.function | 34 ++++++++++++++-------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index b8b5d9adc..c3e6b05c1 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -17,38 +17,38 @@ mbedtls_ecp_point_init( x ); /* Auxiliary function to compare two mbedtls_ecp_group objects. */ -inline static int mbedtls_ecp_group_cmp( mbedtls_ecp_group *P, - mbedtls_ecp_group *Q ) +inline static int mbedtls_ecp_group_cmp( mbedtls_ecp_group *grp1, + mbedtls_ecp_group *grp2 ) { - if( mbedtls_mpi_cmp_mpi( &P->P, &Q->P ) != 0 ) + if( mbedtls_mpi_cmp_mpi( &grp1->P, &grp2->P ) != 0 ) return 1; - if( mbedtls_mpi_cmp_mpi( &P->A, &Q->A ) != 0 ) + if( mbedtls_mpi_cmp_mpi( &grp1->A, &grp2->A ) != 0 ) return 1; - if( mbedtls_mpi_cmp_mpi( &P->B, &Q->B ) != 0 ) + if( mbedtls_mpi_cmp_mpi( &grp1->B, &grp2->B ) != 0 ) return 1; - if( mbedtls_mpi_cmp_mpi( &P->N, &Q->N ) != 0 ) + if( mbedtls_mpi_cmp_mpi( &grp1->N, &grp2->N ) != 0 ) return 1; - if( mbedtls_ecp_point_cmp( &P->G, &Q->G ) != 0 ) + if( mbedtls_ecp_point_cmp( &grp1->G, &grp2->G ) != 0 ) return 1; - if( P->id != Q->id ) + if( grp1->id != grp2->id ) return 1; - if( P->pbits != Q->pbits ) + if( grp1->pbits != grp2->pbits ) return 1; - if( P->nbits != Q->nbits ) + if( grp1->nbits != grp2->nbits ) return 1; - if( P->h != Q->h ) + if( grp1->h != grp2->h ) return 1; - if( P->modp != Q->modp ) + if( grp1->modp != grp2->modp ) return 1; - if( P->t_pre != Q->t_pre ) + if( grp1->t_pre != grp2->t_pre ) return 1; - if( P->t_post != Q->t_post ) + if( grp1->t_post != grp2->t_post ) return 1; - if( P->t_data != Q->t_data ) + if( grp1->t_data != grp2->t_data ) return 1; - if( P->T_size != Q->T_size ) + if( grp1->T_size != grp2->T_size ) return 1; - if( P->T != Q->T ) + if( grp1->T != grp2->T ) return 1; return 0;