diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index d03c31d71..90da0f980 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -38,6 +38,60 @@ #include "mbedtls/threading.h" #endif +#if defined(PSA_CRYPTO_DRIVER_TEST) +#include +#include + +typedef struct { + /* If non-null, on success, copy this to the output. */ + void *forced_output; + size_t forced_output_length; + /* If not PSA_SUCCESS, return this error code instead of processing the + * function call. */ + psa_status_t forced_status; + /* Count the amount of times one of the rsa driver functions is called. */ + unsigned long hits; +} mbedtls_test_driver_rsa_hooks_t; + +#define MBEDTLS_TEST_DRIVER_RSA_INIT { NULL, 0, PSA_SUCCESS, 0 } + +static inline mbedtls_test_driver_rsa_hooks_t + mbedtls_test_driver_rsa_hooks_init( void ) +{ + const mbedtls_test_driver_rsa_hooks_t v = MBEDTLS_TEST_DRIVER_RSA_INIT; + return( v ); +} + +extern mbedtls_test_driver_rsa_hooks_t mbedtls_test_driver_rsa_hooks; + +psa_status_t mbedtls_test_transparent_asymmetric_encrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length ); + +psa_status_t mbedtls_test_opaque_asymmetric_encrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length); + +#endif /* PSA_CRYPTO_DRIVER_TEST */ + /* * RSA Error codes */ diff --git a/library/psa_crypto_driver_wrappers.h b/library/psa_crypto_driver_wrappers.h index b6620a371..5051ed677 100644 --- a/library/psa_crypto_driver_wrappers.h +++ b/library/psa_crypto_driver_wrappers.h @@ -328,6 +328,22 @@ psa_status_t psa_driver_wrapper_mac_verify_finish( psa_status_t psa_driver_wrapper_mac_abort( psa_mac_operation_t *operation ); +/* + * Asymmetric cryptography + */ +psa_status_t psa_driver_wrapper_asymmetric_encrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length ); + #endif /* PSA_CRYPTO_DRIVER_WRAPPERS_H */ /* End of automatically generated file. */ diff --git a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja index 8d8647862..c1ad5d217 100644 --- a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja +++ b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja @@ -26,6 +26,7 @@ #include "psa_crypto_driver_wrappers.h" #include "psa_crypto_hash.h" #include "psa_crypto_mac.h" +#include "psa_crypto_rsa.h" #include "mbedtls/platform.h" @@ -2332,4 +2333,93 @@ psa_status_t psa_driver_wrapper_mac_abort( } } +/* + * Asymmetric cryptography + */ +psa_status_t psa_driver_wrapper_asymmetric_encrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + + switch( location ) + { + case PSA_KEY_LOCATION_LOCAL_STORAGE: + /* Key is stored in the slot in export representation, so + * cycle through all known transparent accelerators */ +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) +#if defined(PSA_CRYPTO_DRIVER_TEST) + status = mbedtls_test_transparent_asymmetric_encrypt( attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + salt, + salt_length, + output, + output_size, + output_length ); + /* Declared with fallback == true */ + if( status != PSA_ERROR_NOT_SUPPORTED ) + return( status ); +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + return( mbedtls_psa_asymmetric_encrypt( attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + salt, + salt_length, + output, + output_size, + output_length ) ); + /* Add cases for opaque driver here */ +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) +#if defined(PSA_CRYPTO_DRIVER_TEST) + case PSA_CRYPTO_TEST_DRIVER_LOCATION: + return( mbedtls_test_opaque_asymmetric_encrypt( attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + salt, + salt_length, + output, + output_size, + output_length ) ); +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + + default: + /* Key is declared with a lifetime not known to us */ + (void)status; + (void)key_buffer; + (void)key_buffer_size; + (void)alg; + (void)input; + (void)input_length; + (void)salt; + (void)salt_length; + (void)output; + (void)output_size; + (void)output_length; + return( PSA_ERROR_INVALID_ARGUMENT ); + } +} + #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/tests/src/drivers/test_driver_rsa.c b/tests/src/drivers/test_driver_rsa.c new file mode 100644 index 000000000..5cdaa33ae --- /dev/null +++ b/tests/src/drivers/test_driver_rsa.c @@ -0,0 +1,114 @@ +/* + * Test driver for rsa functions. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST) +#include "psa/crypto.h" +#include "mbedtls/rsa.h" +#include "psa_crypto_rsa.h" +#include "string.h" + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#include "libtestdriver1/library/psa_crypto_rsa_crypto.h" +#endif + +mbedtls_test_driver_rsa_hooks_t mbedtls_test_driver_rsa_hooks = + MBEDTLS_TEST_DRIVER_RSA_INIT; + +psa_status_t mbedtls_test_transparent_asymmetric_encrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) +{ + mbedtls_test_driver_rsa_hooks.hits++; + + if( mbedtls_test_driver_rsa_hooks.forced_output != NULL ) + { + if( output_size < mbedtls_test_driver_rsa_hooks.forced_output_length ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + + memcpy( output, + mbedtls_test_driver_rsa_hooks.forced_output, + mbedtls_test_driver_rsa_hooks.forced_output_length ); + *output_length = mbedtls_test_driver_rsa_hooks.forced_output_length; + + return( mbedtls_test_driver_rsa_hooks.forced_status ); + } + + if( mbedtls_test_driver_rsa_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_rsa_hooks.forced_status ); + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) + return( libtestdriver1_mbedtls_psa_asymmetric_encrypt( + (const libtestdriver1_psa_key_attributes_t *)attributes, + key_buffer, key_buffer_size, + alg, input, input_length, salt, salt_length, + output, output_size, output_length ) ); +#else + return( mbedtls_psa_asymmetric_encrypt( + attributes, key_buffer, key_buffer_size, + alg, input, input_length, salt, salt_length, + output, output_size, output_length ) ); +#endif + + return( PSA_ERROR_NOT_SUPPORTED ); +} + +/* + * opaque versions, to do + */ +psa_status_t mbedtls_test_opaque_asymmetric_encrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length) +{ + (void) attributes; + (void) key; + (void) key_length; + (void) alg; + (void) input; + (void) input_length; + (void) salt; + (void) salt_length; + (void) output; + (void) output_size; + (void) output_length; + return( PSA_ERROR_NOT_SUPPORTED ); +} + + +#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */