mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-24 17:15:35 +00:00
Merge pull request #4 from ARMmbed/psa-wrapper-apis-march-2
Interfaces: general framework for key types and algorithms; key import, export and destruction; multipart hash, MAC, cipher and AEAD operations; asymmetric sign/verify, key lifetimes and policies. Implementation: key import, export and destruction (RSA, symmetric keys); multipart hash and MAC operations. Tested only with a few smoke tests.
This commit is contained in:
commit
0eb6e97ac6
|
@ -403,6 +403,16 @@ void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding,
|
|||
*/
|
||||
size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx );
|
||||
|
||||
/**
|
||||
* \brief This function retrieves the length of the RSA modulus in bits.
|
||||
*
|
||||
* \param ctx The initialized RSA context.
|
||||
*
|
||||
* \return The length of the RSA modulus in bits.
|
||||
*
|
||||
*/
|
||||
size_t mbedtls_rsa_get_bitlen( const mbedtls_rsa_context *ctx );
|
||||
|
||||
/**
|
||||
* \brief This function generates an RSA keypair.
|
||||
*
|
||||
|
|
1266
include/psa/crypto.h
1266
include/psa/crypto.h
File diff suppressed because it is too large
Load diff
|
@ -36,4 +36,7 @@
|
|||
/* PSA requires several types which C99 provides in stdint.h. */
|
||||
#include <stdint.h>
|
||||
|
||||
/* Integral type representing a key slot number. */
|
||||
typedef uint16_t psa_key_slot_t;
|
||||
|
||||
#endif /* PSA_CRYPTO_PLATFORM_H */
|
||||
|
|
131
include/psa/crypto_struct.h
Normal file
131
include/psa/crypto_struct.h
Normal file
|
@ -0,0 +1,131 @@
|
|||
/**
|
||||
* \file psa/crypto_struct.h
|
||||
*
|
||||
* \brief PSA cryptography module: Mbed TLS structured type implementations
|
||||
*/
|
||||
/*
|
||||
* Copyright (C) 2018, ARM Limited, All Rights Reserved
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
* not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
* This file is part of mbed TLS (https://tls.mbed.org)
|
||||
*/
|
||||
|
||||
#ifndef PSA_CRYPTO_STRUCT_H
|
||||
#define PSA_CRYPTO_STRUCT_H
|
||||
|
||||
/* Include the Mbed TLS configuration file, the way Mbed TLS does it
|
||||
* in each of its header files. */
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "../mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "mbedtls/cipher.h"
|
||||
#include "mbedtls/cmac.h"
|
||||
#include "mbedtls/gcm.h"
|
||||
#include "mbedtls/md.h"
|
||||
#include "mbedtls/md2.h"
|
||||
#include "mbedtls/md4.h"
|
||||
#include "mbedtls/md5.h"
|
||||
#include "mbedtls/ripemd160.h"
|
||||
#include "mbedtls/sha1.h"
|
||||
#include "mbedtls/sha256.h"
|
||||
#include "mbedtls/sha512.h"
|
||||
|
||||
struct psa_hash_operation_s
|
||||
{
|
||||
psa_algorithm_t alg;
|
||||
union
|
||||
{
|
||||
unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
|
||||
#if defined(MBEDTLS_MD2_C)
|
||||
mbedtls_md2_context md2;
|
||||
#endif
|
||||
#if defined(MBEDTLS_MD4_C)
|
||||
mbedtls_md4_context md4;
|
||||
#endif
|
||||
#if defined(MBEDTLS_MD5_C)
|
||||
mbedtls_md5_context md5;
|
||||
#endif
|
||||
#if defined(MBEDTLS_RIPEMD160_C)
|
||||
mbedtls_ripemd160_context ripemd160;
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
mbedtls_sha1_context sha1;
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
mbedtls_sha256_context sha256;
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
mbedtls_sha512_context sha512;
|
||||
#endif
|
||||
} ctx;
|
||||
};
|
||||
|
||||
struct psa_mac_operation_s
|
||||
{
|
||||
psa_algorithm_t alg;
|
||||
int key_set : 1;
|
||||
int iv_required : 1;
|
||||
int iv_set : 1;
|
||||
int has_input : 1;
|
||||
uint8_t mac_size;
|
||||
union
|
||||
{
|
||||
unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
mbedtls_md_context_t hmac;
|
||||
#endif
|
||||
#if defined(MBEDTLS_CMAC_C)
|
||||
mbedtls_cipher_context_t cmac;
|
||||
#endif
|
||||
} ctx;
|
||||
};
|
||||
|
||||
struct psa_cipher_operation_s
|
||||
{
|
||||
psa_algorithm_t alg;
|
||||
int key_set : 1;
|
||||
int iv_set : 1;
|
||||
uint8_t iv_size;
|
||||
uint8_t block_size;
|
||||
union
|
||||
{
|
||||
unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
|
||||
} ctx;
|
||||
};
|
||||
|
||||
struct psa_aead_operation_s
|
||||
{
|
||||
psa_algorithm_t alg;
|
||||
int key_set : 1;
|
||||
int iv_set : 1;
|
||||
int ad_set : 1;
|
||||
uint8_t iv_size;
|
||||
uint8_t block_size;
|
||||
union
|
||||
{
|
||||
unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
|
||||
} ctx;
|
||||
};
|
||||
|
||||
struct psa_key_policy_s
|
||||
{
|
||||
psa_key_usage_t usage;
|
||||
psa_algorithm_t alg;
|
||||
};
|
||||
|
||||
#endif /* PSA_CRYPTO_STRUCT_H */
|
|
@ -66,7 +66,7 @@ static int rsa_can_do( mbedtls_pk_type_t type )
|
|||
static size_t rsa_get_bitlen( const void *ctx )
|
||||
{
|
||||
const mbedtls_rsa_context * rsa = (const mbedtls_rsa_context *) ctx;
|
||||
return( 8 * mbedtls_rsa_get_len( rsa ) );
|
||||
return( mbedtls_rsa_get_bitlen( rsa ) );
|
||||
}
|
||||
|
||||
static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
|
||||
|
|
1210
library/psa_crypto.c
1210
library/psa_crypto.c
File diff suppressed because it is too large
Load diff
|
@ -480,12 +480,19 @@ void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, int hash_id
|
|||
/*
|
||||
* Get length in bytes of RSA modulus
|
||||
*/
|
||||
|
||||
size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx )
|
||||
{
|
||||
return( ctx->len );
|
||||
}
|
||||
|
||||
/*
|
||||
* Get length in bits of RSA modulus
|
||||
*/
|
||||
size_t mbedtls_rsa_get_bitlen( const mbedtls_rsa_context *ctx )
|
||||
{
|
||||
return( mbedtls_mpi_bitlen( &ctx->N ) );
|
||||
}
|
||||
|
||||
|
||||
#if defined(MBEDTLS_GENPRIME)
|
||||
|
||||
|
|
|
@ -1,7 +1,16 @@
|
|||
PK utils: RSA
|
||||
PK utils: RSA, 512 bits
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
|
||||
pk_utils:MBEDTLS_PK_RSA:512:64:"RSA"
|
||||
|
||||
## RSA key generation only supports even bit sizes
|
||||
#PK utils: RSA, 511 bits
|
||||
#depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
|
||||
#pk_utils:MBEDTLS_PK_RSA:511:64:"RSA"
|
||||
#
|
||||
PK utils: RSA, 510 bits
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
|
||||
pk_utils:MBEDTLS_PK_RSA:510:64:"RSA"
|
||||
|
||||
PK utils: ECKEY
|
||||
depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
|
||||
pk_utils:MBEDTLS_PK_ECKEY:192:24:"EC"
|
||||
|
|
|
@ -13,13 +13,18 @@ static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len );
|
|||
#define RSA_KEY_SIZE 512
|
||||
#define RSA_KEY_LEN 64
|
||||
|
||||
static int pk_genkey( mbedtls_pk_context *pk )
|
||||
static int pk_genkey( mbedtls_pk_context *pk, int size )
|
||||
{
|
||||
((void) pk);
|
||||
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
|
||||
if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_RSA )
|
||||
return mbedtls_rsa_gen_key( mbedtls_pk_rsa( *pk ), rnd_std_rand, NULL, RSA_KEY_SIZE, 3 );
|
||||
{
|
||||
if( size == 0 )
|
||||
size = RSA_KEY_SIZE;
|
||||
return( mbedtls_rsa_gen_key( mbedtls_pk_rsa( *pk ),
|
||||
rnd_std_rand, NULL, size, 3 ) );
|
||||
}
|
||||
#endif
|
||||
#if defined(MBEDTLS_ECP_C)
|
||||
if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECKEY ||
|
||||
|
@ -27,8 +32,30 @@ static int pk_genkey( mbedtls_pk_context *pk )
|
|||
mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECDSA )
|
||||
{
|
||||
int ret;
|
||||
mbedtls_ecp_group_id curve;
|
||||
switch( size )
|
||||
{
|
||||
case 0:
|
||||
case 192:
|
||||
curve = MBEDTLS_ECP_DP_SECP192R1;
|
||||
break;
|
||||
case 224:
|
||||
curve = MBEDTLS_ECP_DP_SECP224R1;
|
||||
break;
|
||||
case 256:
|
||||
curve = MBEDTLS_ECP_DP_SECP256R1;
|
||||
break;
|
||||
case 384:
|
||||
curve = MBEDTLS_ECP_DP_SECP384R1;
|
||||
break;
|
||||
case 521:
|
||||
curve = MBEDTLS_ECP_DP_SECP521R1;
|
||||
break;
|
||||
default:
|
||||
return( -1 );
|
||||
}
|
||||
if( ( ret = mbedtls_ecp_group_load( &mbedtls_pk_ec( *pk )->grp,
|
||||
MBEDTLS_ECP_DP_SECP192R1 ) ) != 0 )
|
||||
curve ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
return mbedtls_ecp_gen_keypair( &mbedtls_pk_ec( *pk )->grp, &mbedtls_pk_ec( *pk )->d,
|
||||
|
@ -77,7 +104,7 @@ void pk_utils( int type, int size, int len, char * name )
|
|||
mbedtls_pk_init( &pk );
|
||||
|
||||
TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
|
||||
TEST_ASSERT( pk_genkey( &pk ) == 0 );
|
||||
TEST_ASSERT( pk_genkey( &pk, size ) == 0 );
|
||||
|
||||
TEST_ASSERT( (int) mbedtls_pk_get_type( &pk ) == type );
|
||||
TEST_ASSERT( mbedtls_pk_can_do( &pk, type ) );
|
||||
|
@ -252,7 +279,7 @@ void pk_sign_verify( int type, int sign_ret, int verify_ret )
|
|||
memset( sig, 0, sizeof sig );
|
||||
|
||||
TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
|
||||
TEST_ASSERT( pk_genkey( &pk ) == 0 );
|
||||
TEST_ASSERT( pk_genkey( &pk, 0 ) == 0 );
|
||||
|
||||
TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, sizeof hash,
|
||||
sig, &sig_len, rnd_std_rand, NULL ) == sign_ret );
|
||||
|
@ -447,7 +474,7 @@ void pk_rsa_alt( )
|
|||
/* Initiliaze PK RSA context with random key */
|
||||
TEST_ASSERT( mbedtls_pk_setup( &rsa,
|
||||
mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
|
||||
TEST_ASSERT( pk_genkey( &rsa ) == 0 );
|
||||
TEST_ASSERT( pk_genkey( &rsa, RSA_KEY_SIZE ) == 0 );
|
||||
|
||||
/* Extract key to the raw rsa context */
|
||||
TEST_ASSERT( mbedtls_rsa_copy( &raw, mbedtls_pk_rsa( rsa ) ) == 0 );
|
||||
|
|
|
@ -1,2 +1,85 @@
|
|||
PSA init/deinit
|
||||
init_deinit:
|
||||
|
||||
PSA import/export raw: 0 bytes
|
||||
import_export:"":PSA_KEY_TYPE_RAW_DATA:0:0:PSA_SUCCESS:1
|
||||
|
||||
PSA import/export raw: 1 bytes
|
||||
import_export:"2a":PSA_KEY_TYPE_RAW_DATA:8:0:PSA_SUCCESS:1
|
||||
|
||||
PSA import/export raw: 1 bytes, larger buffer
|
||||
import_export:"2a":PSA_KEY_TYPE_RAW_DATA:8:1:PSA_SUCCESS:1
|
||||
|
||||
PSA import/export raw: 2 bytes, buffer too small
|
||||
import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1
|
||||
|
||||
PSA import/export RSA public key: good, 1024-bit
|
||||
depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
|
||||
import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:0:PSA_SUCCESS:1
|
||||
|
||||
PSA import/export RSA keypair: good, 1024-bit
|
||||
depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
|
||||
import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:0:PSA_SUCCESS:1
|
||||
|
||||
PSA import/export RSA keypair: trailing garbage ignored
|
||||
depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
|
||||
import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:1024:-1:PSA_SUCCESS:0
|
||||
|
||||
PSA import RSA keypair: truncated
|
||||
depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
|
||||
import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT
|
||||
|
||||
PSA import/export RSA keypair: good, 1023-bit
|
||||
depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
|
||||
import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:1023:0:PSA_SUCCESS:1
|
||||
|
||||
#PSA import/export EC secp256r1: good
|
||||
#depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
#import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_NISTP256R1:256:0:PSA_SUCCESS:1
|
||||
#
|
||||
PSA hash finish: SHA-256
|
||||
depends_on:MBEDTLS_SHA256_C
|
||||
hash_finish:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
|
||||
|
||||
PSA hash verify: SHA-256
|
||||
depends_on:MBEDTLS_SHA256_C
|
||||
hash_verify:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
|
||||
|
||||
PSA MAC verify: HMAC-SHA-256
|
||||
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
|
||||
mac_verify:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"53616d706c65206d65737361676520666f72206b65796c656e3d626c6f636b6c656e":"8bb9a1db9806f20df7f77b82138c7914d174d59e13dc4d0169c9057b133e1d62"
|
||||
|
||||
PSA MAC verify: CMAC-AES-128
|
||||
depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
|
||||
mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
|
||||
|
||||
PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw
|
||||
signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_RAW:128
|
||||
|
||||
PSA signature size: RSA public key, 1024 bits, PKCS#1 v1.5 raw
|
||||
signature_size:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PKCS1V15_RAW:128
|
||||
|
||||
PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 SHA-256
|
||||
signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):128
|
||||
|
||||
PSA signature size: RSA keypair, 1024 bits, PSS
|
||||
signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PSS_MGF1:128
|
||||
|
||||
PSA signature size: RSA keypair, 1023 bits, PKCS#1 v1.5 raw
|
||||
signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1023:PSA_ALG_RSA_PKCS1V15_RAW:128
|
||||
|
||||
PSA signature size: RSA keypair, 1025 bits, PKCS#1 v1.5 raw
|
||||
signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1025:PSA_ALG_RSA_PKCS1V15_RAW:129
|
||||
|
||||
PSA sign RSA PKCS#1 v1.5, raw
|
||||
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||
sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a"
|
||||
|
||||
PSA sign RSA PKCS#1 v1.5 SHA-256
|
||||
sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
|
||||
|
||||
PSA sign RSA PKCS#1 v1.5 SHA-256, wrong hash size
|
||||
sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT
|
||||
|
||||
PSA sign RSA PKCS#1 v1.5 SHA-256, output buffer too small
|
||||
sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL
|
||||
|
|
|
@ -1,5 +1,7 @@
|
|||
/* BEGIN_HEADER */
|
||||
#include "psa/crypto.h"
|
||||
|
||||
#include "mbedtls/md.h"
|
||||
/* END_HEADER */
|
||||
|
||||
/* BEGIN_DEPENDENCIES
|
||||
|
@ -10,15 +12,351 @@
|
|||
/* BEGIN_CASE */
|
||||
void init_deinit()
|
||||
{
|
||||
psa_status_t ret;
|
||||
psa_status_t status;
|
||||
int i;
|
||||
for( i = 0; i <= 1; i++ )
|
||||
{
|
||||
ret = psa_crypto_init( );
|
||||
TEST_ASSERT( ret == PSA_SUCCESS );
|
||||
ret = psa_crypto_init( );
|
||||
TEST_ASSERT( ret == PSA_SUCCESS );
|
||||
status = psa_crypto_init( );
|
||||
TEST_ASSERT( status == PSA_SUCCESS );
|
||||
status = psa_crypto_init( );
|
||||
TEST_ASSERT( status == PSA_SUCCESS );
|
||||
mbedtls_psa_crypto_free( );
|
||||
}
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void import( char *hex, int type, int expected_status )
|
||||
{
|
||||
int slot = 1;
|
||||
psa_status_t status;
|
||||
unsigned char *data = NULL;
|
||||
size_t data_size;
|
||||
|
||||
data = unhexify_alloc( hex, &data_size );
|
||||
TEST_ASSERT( data != NULL );
|
||||
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
|
||||
|
||||
status = psa_import_key( slot, type, data, data_size );
|
||||
TEST_ASSERT( status == (psa_status_t) expected_status );
|
||||
if( status == PSA_SUCCESS )
|
||||
TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
|
||||
|
||||
exit:
|
||||
mbedtls_free( data );
|
||||
mbedtls_psa_crypto_free( );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void import_export( char *hex, int type_arg,
|
||||
int expected_bits,
|
||||
int export_size_delta,
|
||||
int expected_export_status,
|
||||
int canonical_input )
|
||||
{
|
||||
int slot = 1;
|
||||
int slot2 = slot + 1;
|
||||
psa_key_type_t type = type_arg;
|
||||
psa_status_t status;
|
||||
unsigned char *data = NULL;
|
||||
unsigned char *exported = NULL;
|
||||
unsigned char *reexported = NULL;
|
||||
size_t data_size;
|
||||
size_t export_size;
|
||||
size_t exported_length;
|
||||
size_t reexported_length;
|
||||
psa_key_type_t got_type;
|
||||
size_t got_bits;
|
||||
|
||||
data = unhexify_alloc( hex, &data_size );
|
||||
TEST_ASSERT( data != NULL );
|
||||
export_size = (ssize_t) data_size + export_size_delta;
|
||||
exported = mbedtls_calloc( 1, export_size );
|
||||
TEST_ASSERT( exported != NULL );
|
||||
if( ! canonical_input )
|
||||
{
|
||||
reexported = mbedtls_calloc( 1, export_size );
|
||||
TEST_ASSERT( reexported != NULL );
|
||||
}
|
||||
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
|
||||
|
||||
/* Import the key */
|
||||
TEST_ASSERT( psa_import_key( slot, type,
|
||||
data, data_size ) == PSA_SUCCESS );
|
||||
|
||||
/* Test the key information */
|
||||
TEST_ASSERT( psa_get_key_information( slot,
|
||||
&got_type, &got_bits ) ==
|
||||
PSA_SUCCESS );
|
||||
TEST_ASSERT( got_type == type );
|
||||
TEST_ASSERT( got_bits == (size_t) expected_bits );
|
||||
|
||||
/* Export the key */
|
||||
status = psa_export_key( slot,
|
||||
exported, export_size,
|
||||
&exported_length );
|
||||
TEST_ASSERT( status == (psa_status_t) expected_export_status );
|
||||
if( status != PSA_SUCCESS )
|
||||
goto destroy;
|
||||
|
||||
if( canonical_input )
|
||||
{
|
||||
TEST_ASSERT( exported_length == data_size );
|
||||
TEST_ASSERT( memcmp( exported, data, data_size ) == 0 );
|
||||
}
|
||||
else
|
||||
{
|
||||
TEST_ASSERT( psa_import_key( slot2, type,
|
||||
exported, export_size ) ==
|
||||
PSA_SUCCESS );
|
||||
TEST_ASSERT( psa_export_key( slot2,
|
||||
reexported, export_size,
|
||||
&reexported_length ) ==
|
||||
PSA_SUCCESS );
|
||||
TEST_ASSERT( reexported_length == exported_length );
|
||||
TEST_ASSERT( memcmp( reexported, exported,
|
||||
exported_length ) == 0 );
|
||||
}
|
||||
|
||||
destroy:
|
||||
/* Destroy the key */
|
||||
TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
|
||||
TEST_ASSERT( psa_get_key_information(
|
||||
slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT );
|
||||
|
||||
exit:
|
||||
mbedtls_free( data );
|
||||
mbedtls_psa_crypto_free( );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void hash_finish( int alg_arg, char *input_hex, char *hash_hex )
|
||||
{
|
||||
psa_algorithm_t alg = alg_arg;
|
||||
unsigned char *input = NULL;
|
||||
size_t input_size;
|
||||
unsigned char expected_hash[MBEDTLS_MD_MAX_SIZE];
|
||||
size_t expected_hash_length;
|
||||
unsigned char actual_hash[MBEDTLS_MD_MAX_SIZE];
|
||||
size_t actual_hash_length;
|
||||
psa_hash_operation_t operation;
|
||||
|
||||
input = unhexify_alloc( input_hex, &input_size );
|
||||
TEST_ASSERT( input != NULL );
|
||||
expected_hash_length = unhexify( expected_hash, hash_hex );
|
||||
|
||||
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
|
||||
|
||||
TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS );
|
||||
TEST_ASSERT( psa_hash_update( &operation,
|
||||
input, input_size ) == PSA_SUCCESS );
|
||||
TEST_ASSERT( psa_hash_finish( &operation,
|
||||
actual_hash, sizeof( actual_hash ),
|
||||
&actual_hash_length ) == PSA_SUCCESS );
|
||||
TEST_ASSERT( actual_hash_length == expected_hash_length );
|
||||
TEST_ASSERT( memcmp( expected_hash, actual_hash,
|
||||
expected_hash_length ) == 0 );
|
||||
|
||||
exit:
|
||||
mbedtls_free( input );
|
||||
mbedtls_psa_crypto_free( );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void hash_verify( int alg_arg, char *input_hex, char *hash_hex )
|
||||
{
|
||||
psa_algorithm_t alg = alg_arg;
|
||||
unsigned char *input = NULL;
|
||||
size_t input_size;
|
||||
unsigned char expected_hash[MBEDTLS_MD_MAX_SIZE];
|
||||
size_t expected_hash_length;
|
||||
psa_hash_operation_t operation;
|
||||
|
||||
input = unhexify_alloc( input_hex, &input_size );
|
||||
TEST_ASSERT( input != NULL );
|
||||
expected_hash_length = unhexify( expected_hash, hash_hex );
|
||||
|
||||
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
|
||||
|
||||
TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS );
|
||||
TEST_ASSERT( psa_hash_update( &operation,
|
||||
input, input_size ) == PSA_SUCCESS );
|
||||
TEST_ASSERT( psa_hash_verify( &operation,
|
||||
expected_hash,
|
||||
expected_hash_length ) == PSA_SUCCESS );
|
||||
|
||||
exit:
|
||||
mbedtls_free( input );
|
||||
mbedtls_psa_crypto_free( );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void mac_verify( int key_type_arg, char *key_hex,
|
||||
int alg_arg, char *iv_hex,
|
||||
char *input_hex, char *mac_hex )
|
||||
{
|
||||
int key_slot = 1;
|
||||
psa_key_type_t key_type = key_type_arg;
|
||||
psa_algorithm_t alg = alg_arg;
|
||||
unsigned char *key = NULL;
|
||||
size_t key_size;
|
||||
unsigned char *iv = NULL;
|
||||
size_t iv_size;
|
||||
unsigned char *input = NULL;
|
||||
size_t input_size;
|
||||
unsigned char *expected_mac = NULL;
|
||||
size_t expected_mac_size;
|
||||
psa_mac_operation_t operation;
|
||||
|
||||
key = unhexify_alloc( key_hex, &key_size );
|
||||
TEST_ASSERT( key != NULL );
|
||||
if( iv_hex[0] != 0 )
|
||||
{
|
||||
iv = unhexify_alloc( iv_hex, &iv_size );
|
||||
TEST_ASSERT( iv != NULL );
|
||||
}
|
||||
input = unhexify_alloc( input_hex, &input_size );
|
||||
TEST_ASSERT( input != NULL );
|
||||
expected_mac = unhexify_alloc( mac_hex, &expected_mac_size );
|
||||
TEST_ASSERT( expected_mac != NULL );
|
||||
|
||||
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
|
||||
|
||||
TEST_ASSERT( psa_import_key( key_slot, key_type,
|
||||
key, key_size ) == PSA_SUCCESS );
|
||||
// TODO: support IV
|
||||
TEST_ASSERT( psa_mac_start( &operation, key_slot, alg ) == PSA_SUCCESS );
|
||||
TEST_ASSERT( psa_destroy_key( key_slot ) == PSA_SUCCESS );
|
||||
TEST_ASSERT( psa_mac_update( &operation,
|
||||
input, input_size ) == PSA_SUCCESS );
|
||||
TEST_ASSERT( psa_mac_verify( &operation,
|
||||
expected_mac,
|
||||
expected_mac_size ) == PSA_SUCCESS );
|
||||
|
||||
exit:
|
||||
mbedtls_free( key );
|
||||
mbedtls_free( iv );
|
||||
mbedtls_free( input );
|
||||
mbedtls_free( expected_mac );
|
||||
psa_destroy_key( key_slot );
|
||||
mbedtls_psa_crypto_free( );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void signature_size( int type_arg, int bits, int alg_arg, int expected_size_arg )
|
||||
{
|
||||
psa_key_type_t type = type_arg;
|
||||
psa_algorithm_t alg = alg_arg;
|
||||
size_t actual_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(type, bits, alg);
|
||||
TEST_ASSERT( actual_size == (size_t) expected_size_arg );
|
||||
exit:
|
||||
;
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void sign_deterministic( int key_type_arg, char *key_hex,
|
||||
int alg_arg, char *input_hex, char *output_hex )
|
||||
{
|
||||
int slot = 1;
|
||||
psa_key_type_t key_type = key_type_arg;
|
||||
psa_algorithm_t alg = alg_arg;
|
||||
unsigned char *key_data = NULL;
|
||||
size_t key_size;
|
||||
size_t key_bits;
|
||||
unsigned char *input_data = NULL;
|
||||
size_t input_size;
|
||||
unsigned char *output_data = NULL;
|
||||
size_t output_size;
|
||||
unsigned char *signature = NULL;
|
||||
size_t signature_size;
|
||||
size_t signature_length = 0xdeadbeef;
|
||||
|
||||
key_data = unhexify_alloc( key_hex, &key_size );
|
||||
TEST_ASSERT( key_data != NULL );
|
||||
input_data = unhexify_alloc( input_hex, &input_size );
|
||||
TEST_ASSERT( input_data != NULL );
|
||||
output_data = unhexify_alloc( output_hex, &output_size );
|
||||
TEST_ASSERT( output_data != NULL );
|
||||
|
||||
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
|
||||
|
||||
TEST_ASSERT( psa_import_key( slot, key_type,
|
||||
key_data, key_size ) == PSA_SUCCESS );
|
||||
TEST_ASSERT( psa_get_key_information( slot,
|
||||
NULL,
|
||||
&key_bits ) == PSA_SUCCESS );
|
||||
|
||||
signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, alg, key_bits );
|
||||
TEST_ASSERT( signature_size != 0 );
|
||||
signature = mbedtls_calloc( 1, signature_size );
|
||||
TEST_ASSERT( signature != NULL );
|
||||
|
||||
TEST_ASSERT( psa_asymmetric_sign( slot, alg,
|
||||
input_data, input_size,
|
||||
NULL, 0,
|
||||
signature, signature_size,
|
||||
&signature_length ) == PSA_SUCCESS );
|
||||
TEST_ASSERT( signature_length == output_size );
|
||||
TEST_ASSERT( memcmp( signature, output_data, output_size ) == 0 );
|
||||
|
||||
exit:
|
||||
psa_destroy_key( slot );
|
||||
mbedtls_free( key_data );
|
||||
mbedtls_free( input_data );
|
||||
mbedtls_free( output_data );
|
||||
mbedtls_free( signature );
|
||||
mbedtls_psa_crypto_free( );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void sign_fail( int key_type_arg, char *key_hex,
|
||||
int alg_arg, char *input_hex,
|
||||
int signature_size, int expected_status_arg )
|
||||
{
|
||||
int slot = 1;
|
||||
psa_key_type_t key_type = key_type_arg;
|
||||
psa_algorithm_t alg = alg_arg;
|
||||
unsigned char *key_data = NULL;
|
||||
size_t key_size;
|
||||
unsigned char *input_data = NULL;
|
||||
size_t input_size;
|
||||
psa_status_t actual_status;
|
||||
psa_status_t expected_status = expected_status_arg;
|
||||
unsigned char *signature = NULL;
|
||||
size_t signature_length = 0xdeadbeef;
|
||||
|
||||
key_data = unhexify_alloc( key_hex, &key_size );
|
||||
TEST_ASSERT( key_data != NULL );
|
||||
input_data = unhexify_alloc( input_hex, &input_size );
|
||||
TEST_ASSERT( input_data != NULL );
|
||||
signature = mbedtls_calloc( 1, signature_size );
|
||||
TEST_ASSERT( signature != NULL );
|
||||
|
||||
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
|
||||
|
||||
TEST_ASSERT( psa_import_key( slot, key_type,
|
||||
key_data, key_size ) == PSA_SUCCESS );
|
||||
|
||||
actual_status = psa_asymmetric_sign( slot, alg,
|
||||
input_data, input_size,
|
||||
NULL, 0,
|
||||
signature, signature_size,
|
||||
&signature_length );
|
||||
TEST_ASSERT( actual_status == expected_status );
|
||||
TEST_ASSERT( signature_length == 0 );
|
||||
|
||||
exit:
|
||||
psa_destroy_key( slot );
|
||||
mbedtls_free( key_data );
|
||||
mbedtls_free( input_data );
|
||||
mbedtls_free( signature );
|
||||
mbedtls_psa_crypto_free( );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
|
|
@ -44,7 +44,8 @@ void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
|
|||
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
|
||||
|
||||
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
|
||||
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
|
||||
TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
|
||||
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
|
||||
TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
|
||||
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
|
||||
|
||||
|
@ -86,7 +87,8 @@ void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
|
|||
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
|
||||
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
|
||||
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
|
||||
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
|
||||
TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
|
||||
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
|
||||
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
|
||||
|
||||
|
||||
|
@ -127,7 +129,8 @@ void rsa_pkcs1_sign_raw( data_t * hash_result,
|
|||
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
|
||||
|
||||
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
|
||||
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
|
||||
TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
|
||||
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
|
||||
TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
|
||||
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
|
||||
|
||||
|
@ -192,7 +195,8 @@ void rsa_pkcs1_verify_raw( data_t * hash_result,
|
|||
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
|
||||
|
||||
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
|
||||
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
|
||||
TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
|
||||
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
|
||||
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
|
||||
|
||||
|
||||
|
@ -256,7 +260,8 @@ void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
|
|||
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
|
||||
|
||||
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
|
||||
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
|
||||
TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
|
||||
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
|
||||
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
|
||||
|
||||
|
||||
|
@ -294,7 +299,8 @@ void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
|
|||
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
|
||||
|
||||
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
|
||||
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
|
||||
TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
|
||||
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
|
||||
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
|
||||
|
||||
|
||||
|
@ -342,7 +348,8 @@ void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
|
|||
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
|
||||
|
||||
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
|
||||
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
|
||||
TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
|
||||
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
|
||||
TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
|
||||
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
|
||||
|
||||
|
@ -381,7 +388,8 @@ void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
|
|||
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
|
||||
|
||||
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
|
||||
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
|
||||
TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
|
||||
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
|
||||
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
|
||||
|
||||
|
||||
|
@ -440,7 +448,8 @@ void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
|
|||
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
|
||||
|
||||
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
|
||||
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
|
||||
TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
|
||||
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
|
||||
TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
|
||||
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
|
||||
|
||||
|
|
Loading…
Reference in a new issue