psa: Remove test code in the library

The current testing of the PSA configuration is
based on test code located in the library itself.

Remove this code as we are moving to using a
test library instead.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2021-03-13 18:50:11 +01:00
parent b814bdabe4
commit cfc3c7b593
7 changed files with 273 additions and 1251 deletions

View file

@ -31,34 +31,6 @@
#include <string.h> #include <string.h>
#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES) || \
( defined(PSA_CRYPTO_DRIVER_TEST) && \
defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \
defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES) ) )
#define BUILTIN_KEY_TYPE_DES 1
#endif
#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \
( defined(PSA_CRYPTO_DRIVER_TEST) && \
defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \
defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) ) )
#define BUILTIN_ALG_CBC_NO_PADDING 1
#endif
#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7) || \
( defined(PSA_CRYPTO_DRIVER_TEST) && \
defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \
defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7) ) )
#define BUILTIN_ALG_CBC_PKCS7 1
#endif
#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20) || \
( defined(PSA_CRYPTO_DRIVER_TEST) && \
defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \
defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20) ) )
#define BUILTIN_KEY_TYPE_CHACHA20 1
#endif
const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
psa_algorithm_t alg, psa_algorithm_t alg,
psa_key_type_t key_type, psa_key_type_t key_type,
@ -154,10 +126,9 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
(int) key_bits, mode ) ); (int) key_bits, mode ) );
} }
#if defined(MBEDTLS_PSA_BUILTIN_CIPHER) || \ #if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) )
static psa_status_t cipher_setup( static psa_status_t psa_cipher_setup(
mbedtls_psa_cipher_operation_t *operation, mbedtls_psa_cipher_operation_t *operation,
const psa_key_attributes_t *attributes, const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size, const uint8_t *key_buffer, size_t key_buffer_size,
@ -184,7 +155,7 @@ static psa_status_t cipher_setup(
if( ret != 0 ) if( ret != 0 )
goto exit; goto exit;
#if defined(BUILTIN_KEY_TYPE_DES) #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES)
if( key_type == PSA_KEY_TYPE_DES && key_bits == 128 ) if( key_type == PSA_KEY_TYPE_DES && key_bits == 128 )
{ {
/* Two-key Triple-DES is 3-key Triple-DES with K1=K3 */ /* Two-key Triple-DES is 3-key Triple-DES with K1=K3 */
@ -204,8 +175,8 @@ static psa_status_t cipher_setup(
if( ret != 0 ) if( ret != 0 )
goto exit; goto exit;
#if defined(BUILTIN_ALG_CBC_NO_PADDING) || \ #if defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \
defined(BUILTIN_ALG_CBC_PKCS7) defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7)
switch( alg ) switch( alg )
{ {
case PSA_ALG_CBC_NO_PADDING: case PSA_ALG_CBC_NO_PADDING:
@ -223,7 +194,8 @@ static psa_status_t cipher_setup(
} }
if( ret != 0 ) if( ret != 0 )
goto exit; goto exit;
#endif /* BUILTIN_ALG_CBC_NO_PADDING || BUILTIN_ALG_CBC_PKCS7 */ #endif /* MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING ||
MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 */
operation->block_length = ( PSA_ALG_IS_STREAM_CIPHER( alg ) ? 1 : operation->block_length = ( PSA_ALG_IS_STREAM_CIPHER( alg ) ? 1 :
PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) );
@ -233,29 +205,30 @@ exit:
return( mbedtls_to_psa_error( ret ) ); return( mbedtls_to_psa_error( ret ) );
} }
static psa_status_t cipher_encrypt_setup( psa_status_t mbedtls_psa_cipher_encrypt_setup(
mbedtls_psa_cipher_operation_t *operation, mbedtls_psa_cipher_operation_t *operation,
const psa_key_attributes_t *attributes, const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size, const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg ) psa_algorithm_t alg )
{ {
return( cipher_setup( operation, attributes, return( psa_cipher_setup( operation, attributes,
key_buffer, key_buffer_size, key_buffer, key_buffer_size,
alg, MBEDTLS_ENCRYPT ) ); alg, MBEDTLS_ENCRYPT ) );
} }
static psa_status_t cipher_decrypt_setup( psa_status_t mbedtls_psa_cipher_decrypt_setup(
mbedtls_psa_cipher_operation_t *operation, mbedtls_psa_cipher_operation_t *operation,
const psa_key_attributes_t *attributes, const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size, const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg ) psa_algorithm_t alg )
{ {
return( cipher_setup( operation, attributes, return( psa_cipher_setup( operation, attributes,
key_buffer, key_buffer_size, key_buffer, key_buffer_size,
alg, MBEDTLS_DECRYPT ) ); alg, MBEDTLS_DECRYPT ) );
} }
static psa_status_t cipher_set_iv( mbedtls_psa_cipher_operation_t *operation, psa_status_t mbedtls_psa_cipher_set_iv(
mbedtls_psa_cipher_operation_t *operation,
const uint8_t *iv, size_t iv_length ) const uint8_t *iv, size_t iv_length )
{ {
if( iv_length != operation->iv_length ) if( iv_length != operation->iv_length )
@ -370,12 +343,10 @@ exit:
return( status ); return( status );
} }
static psa_status_t cipher_update( mbedtls_psa_cipher_operation_t *operation, psa_status_t mbedtls_psa_cipher_update(
const uint8_t *input, mbedtls_psa_cipher_operation_t *operation,
size_t input_length, const uint8_t *input, size_t input_length,
uint8_t *output, uint8_t *output, size_t output_size, size_t *output_length )
size_t output_size,
size_t *output_length )
{ {
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
size_t expected_output_size; size_t expected_output_size;
@ -422,10 +393,9 @@ static psa_status_t cipher_update( mbedtls_psa_cipher_operation_t *operation,
return( status ); return( status );
} }
static psa_status_t cipher_finish( mbedtls_psa_cipher_operation_t *operation, psa_status_t mbedtls_psa_cipher_finish(
uint8_t *output, mbedtls_psa_cipher_operation_t *operation,
size_t output_size, uint8_t *output, size_t output_size, size_t *output_length )
size_t *output_length )
{ {
psa_status_t status = PSA_ERROR_GENERIC_ERROR; psa_status_t status = PSA_ERROR_GENERIC_ERROR;
uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH]; uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH];
@ -461,7 +431,8 @@ exit:
return( status ); return( status );
} }
static psa_status_t cipher_abort( mbedtls_psa_cipher_operation_t *operation ) psa_status_t mbedtls_psa_cipher_abort(
mbedtls_psa_cipher_operation_t *operation )
{ {
/* Sanity check (shouldn't happen: operation->alg should /* Sanity check (shouldn't happen: operation->alg should
* always have been initialized to a valid value). */ * always have been initialized to a valid value). */
@ -473,7 +444,8 @@ static psa_status_t cipher_abort( mbedtls_psa_cipher_operation_t *operation )
return( PSA_SUCCESS ); return( PSA_SUCCESS );
} }
static psa_status_t cipher_encrypt( const psa_key_attributes_t *attributes, psa_status_t mbedtls_psa_cipher_encrypt(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, const uint8_t *key_buffer,
size_t key_buffer_size, size_t key_buffer_size,
psa_algorithm_t alg, psa_algorithm_t alg,
@ -487,22 +459,24 @@ static psa_status_t cipher_encrypt( const psa_key_attributes_t *attributes,
mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT; mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT;
size_t olength, accumulated_length; size_t olength, accumulated_length;
status = cipher_encrypt_setup( &operation, attributes, status = mbedtls_psa_cipher_encrypt_setup( &operation, attributes,
key_buffer, key_buffer_size, alg ); key_buffer, key_buffer_size,
alg );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
goto exit; goto exit;
accumulated_length = 0; accumulated_length = 0;
if( operation.iv_length > 0 ) if( operation.iv_length > 0 )
{ {
status = cipher_set_iv( &operation, output, operation.iv_length ); status = mbedtls_psa_cipher_set_iv( &operation,
output, operation.iv_length );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
goto exit; goto exit;
accumulated_length = operation.iv_length; accumulated_length = operation.iv_length;
} }
status = cipher_update( &operation, input, input_length, status = mbedtls_psa_cipher_update( &operation, input, input_length,
output + operation.iv_length, output + operation.iv_length,
output_size - operation.iv_length, output_size - operation.iv_length,
&olength ); &olength );
@ -511,8 +485,9 @@ static psa_status_t cipher_encrypt( const psa_key_attributes_t *attributes,
accumulated_length += olength; accumulated_length += olength;
status = cipher_finish( &operation, output + accumulated_length, status = mbedtls_psa_cipher_finish( &operation, output + accumulated_length,
output_size - accumulated_length, &olength ); output_size - accumulated_length,
&olength );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
goto exit; goto exit;
@ -520,13 +495,15 @@ static psa_status_t cipher_encrypt( const psa_key_attributes_t *attributes,
exit: exit:
if( status == PSA_SUCCESS ) if( status == PSA_SUCCESS )
status = cipher_abort( &operation ); status = mbedtls_psa_cipher_abort( &operation );
else else
cipher_abort( &operation ); mbedtls_psa_cipher_abort( &operation );
return( status ); return( status );
} }
static psa_status_t cipher_decrypt( const psa_key_attributes_t *attributes, psa_status_t mbedtls_psa_cipher_decrypt(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, const uint8_t *key_buffer,
size_t key_buffer_size, size_t key_buffer_size,
psa_algorithm_t alg, psa_algorithm_t alg,
@ -540,19 +517,21 @@ static psa_status_t cipher_decrypt( const psa_key_attributes_t *attributes,
mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT; mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT;
size_t olength, accumulated_length; size_t olength, accumulated_length;
status = cipher_decrypt_setup( &operation, attributes, status = mbedtls_psa_cipher_decrypt_setup( &operation, attributes,
key_buffer, key_buffer_size, alg ); key_buffer, key_buffer_size,
alg );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
goto exit; goto exit;
if( operation.iv_length > 0 ) if( operation.iv_length > 0 )
{ {
status = cipher_set_iv( &operation, input, operation.iv_length ); status = mbedtls_psa_cipher_set_iv( &operation,
input, operation.iv_length );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
goto exit; goto exit;
} }
status = cipher_update( &operation, input + operation.iv_length, status = mbedtls_psa_cipher_update( &operation, input + operation.iv_length,
input_length - operation.iv_length, input_length - operation.iv_length,
output, output_size, &olength ); output, output_size, &olength );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
@ -560,8 +539,9 @@ static psa_status_t cipher_decrypt( const psa_key_attributes_t *attributes,
accumulated_length = olength; accumulated_length = olength;
status = cipher_finish( &operation, output + accumulated_length, status = mbedtls_psa_cipher_finish( &operation, output + accumulated_length,
output_size - accumulated_length, &olength ); output_size - accumulated_length,
&olength );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
goto exit; goto exit;
@ -569,183 +549,12 @@ static psa_status_t cipher_decrypt( const psa_key_attributes_t *attributes,
exit: exit:
if ( status == PSA_SUCCESS ) if ( status == PSA_SUCCESS )
status = cipher_abort( &operation ); status = mbedtls_psa_cipher_abort( &operation );
else else
cipher_abort( &operation ); mbedtls_psa_cipher_abort( &operation );
return( status ); return( status );
} }
#endif /* MBEDTLS_PSA_BUILTIN_CIPHER ||
(PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG) */
#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
psa_status_t mbedtls_psa_cipher_encrypt_setup(
mbedtls_psa_cipher_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg )
{
return( cipher_encrypt_setup(
operation, attributes, key_buffer, key_buffer_size, alg ) );
}
psa_status_t mbedtls_psa_cipher_decrypt_setup(
mbedtls_psa_cipher_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg )
{
return( cipher_decrypt_setup(
operation, attributes, key_buffer, key_buffer_size, alg ) );
}
psa_status_t mbedtls_psa_cipher_set_iv( mbedtls_psa_cipher_operation_t *operation,
const uint8_t *iv,
size_t iv_length )
{
return( cipher_set_iv( operation, iv, iv_length ) );
}
psa_status_t mbedtls_psa_cipher_update( mbedtls_psa_cipher_operation_t *operation,
const uint8_t *input,
size_t input_length,
uint8_t *output,
size_t output_size,
size_t *output_length )
{
return( cipher_update( operation, input, input_length,
output, output_size, output_length ) );
}
psa_status_t mbedtls_psa_cipher_finish( mbedtls_psa_cipher_operation_t *operation,
uint8_t *output,
size_t output_size,
size_t *output_length )
{
return( cipher_finish( operation, output, output_size, output_length ) );
}
psa_status_t mbedtls_psa_cipher_abort( mbedtls_psa_cipher_operation_t *operation )
{
return( cipher_abort( operation ) );
}
psa_status_t mbedtls_psa_cipher_encrypt( const psa_key_attributes_t *attributes,
const uint8_t *key_buffer,
size_t key_buffer_size,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
uint8_t *output,
size_t output_size,
size_t *output_length )
{
return( cipher_encrypt( attributes, key_buffer, key_buffer_size,
alg, input, input_length,
output, output_size, output_length ) );
}
psa_status_t mbedtls_psa_cipher_decrypt( const psa_key_attributes_t *attributes,
const uint8_t *key_buffer,
size_t key_buffer_size,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
uint8_t *output,
size_t output_size,
size_t *output_length )
{
return( cipher_decrypt( attributes, key_buffer, key_buffer_size,
alg, input, input_length,
output, output_size, output_length ) );
}
#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
/*
* BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
*/
#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG)
psa_status_t libtestdriver1_mbedtls_psa_cipher_encrypt_setup(
mbedtls_psa_cipher_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg )
{
return( cipher_encrypt_setup(
operation, attributes, key_buffer, key_buffer_size, alg ) );
}
psa_status_t libtestdriver1_mbedtls_psa_cipher_decrypt_setup(
mbedtls_psa_cipher_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg )
{
return( cipher_decrypt_setup(
operation, attributes, key_buffer, key_buffer_size, alg ) );
}
psa_status_t libtestdriver1_mbedtls_psa_cipher_set_iv(
mbedtls_psa_cipher_operation_t *operation,
const uint8_t *iv, size_t iv_length )
{
return( cipher_set_iv( operation, iv, iv_length ) );
}
psa_status_t libtestdriver1_mbedtls_psa_cipher_update(
mbedtls_psa_cipher_operation_t *operation,
const uint8_t *input, size_t input_length,
uint8_t *output, size_t output_size, size_t *output_length )
{
return( cipher_update( operation, input, input_length,
output, output_size, output_length ) );
}
psa_status_t libtestdriver1_mbedtls_psa_cipher_finish(
mbedtls_psa_cipher_operation_t *operation,
uint8_t *output, size_t output_size, size_t *output_length )
{
return( cipher_finish( operation, output, output_size, output_length ) );
}
psa_status_t libtestdriver1_mbedtls_psa_cipher_abort(
mbedtls_psa_cipher_operation_t *operation )
{
return( cipher_abort( operation ) );
}
psa_status_t libtestdriver1_mbedtls_psa_cipher_encrypt(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer,
size_t key_buffer_size,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
uint8_t *output,
size_t output_size,
size_t *output_length )
{
return( cipher_encrypt( attributes, key_buffer, key_buffer_size,
alg, input, input_length,
output, output_size, output_length ) );
}
psa_status_t libtestdriver1_mbedtls_psa_cipher_decrypt(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer,
size_t key_buffer_size,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
uint8_t *output,
size_t output_size,
size_t *output_length )
{
return( cipher_decrypt( attributes, key_buffer, key_buffer_size,
alg, input, input_length,
output, output_size, output_length ) );
}
#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */
#endif /* MBEDTLS_PSA_CRYPTO_C */ #endif /* MBEDTLS_PSA_CRYPTO_C */

View file

@ -40,40 +40,10 @@
#include <mbedtls/ecp.h> #include <mbedtls/ecp.h>
#include <mbedtls/error.h> #include <mbedtls/error.h>
#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
( defined(PSA_CRYPTO_DRIVER_TEST) && \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \
defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) ) ) defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \
#define BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1
#endif
#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \
( defined(PSA_CRYPTO_DRIVER_TEST) && \
defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \
defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) ) )
#define BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1
#endif
#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
( defined(PSA_CRYPTO_DRIVER_TEST) && \
defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \
defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) && \
defined(MBEDTLS_ECDSA_C) ) )
#define BUILTIN_ALG_ECDSA 1
#endif
#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \
( defined(PSA_CRYPTO_DRIVER_TEST) && \
defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \
defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) && \
defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) ) )
#define BUILTIN_ALG_DETERMINISTIC_ECDSA 1
#endif
#if defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
defined(BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \
defined(BUILTIN_ALG_ECDSA) || \
defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH)
psa_status_t mbedtls_psa_ecp_load_representation( psa_status_t mbedtls_psa_ecp_load_representation(
psa_key_type_t type, size_t curve_bits, psa_key_type_t type, size_t curve_bits,
@ -185,16 +155,16 @@ exit:
return( status ); return( status );
} }
#endif /* defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
* defined(BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) ||
* defined(BUILTIN_ALG_ECDSA) || * defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
* defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) || * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) ||
* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) */ * defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) */
#if defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
defined(BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
static psa_status_t ecp_import_key( psa_status_t mbedtls_psa_ecp_import_key(
const psa_key_attributes_t *attributes, const psa_key_attributes_t *attributes,
const uint8_t *data, size_t data_length, const uint8_t *data, size_t data_length,
uint8_t *key_buffer, size_t key_buffer_size, uint8_t *key_buffer, size_t key_buffer_size,
@ -285,7 +255,7 @@ psa_status_t mbedtls_psa_ecp_export_key( psa_key_type_t type,
} }
} }
static psa_status_t ecp_export_public_key( psa_status_t mbedtls_psa_ecp_export_public_key(
const psa_key_attributes_t *attributes, const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size, const uint8_t *key_buffer, size_t key_buffer_size,
uint8_t *data, size_t data_size, size_t *data_length ) uint8_t *data, size_t data_size, size_t *data_length )
@ -309,11 +279,11 @@ static psa_status_t ecp_export_public_key(
return( status ); return( status );
} }
#endif /* defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
* defined(BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */ * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */
#if defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR)
static psa_status_t ecp_generate_key( psa_status_t mbedtls_psa_ecp_generate_key(
const psa_key_attributes_t *attributes, const psa_key_attributes_t *attributes,
uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
{ {
@ -355,15 +325,15 @@ static psa_status_t ecp_generate_key(
return( status ); return( status );
} }
#endif /* defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) */ #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) */
/****************************************************************/ /****************************************************************/
/* ECDSA sign/verify */ /* ECDSA sign/verify */
/****************************************************************/ /****************************************************************/
#if defined(BUILTIN_ALG_ECDSA) || \ #if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
static psa_status_t ecdsa_sign_hash( psa_status_t mbedtls_psa_ecdsa_sign_hash(
const psa_key_attributes_t *attributes, const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size, const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
@ -395,7 +365,7 @@ static psa_status_t ecdsa_sign_hash(
if( PSA_ALG_ECDSA_IS_DETERMINISTIC( alg ) ) if( PSA_ALG_ECDSA_IS_DETERMINISTIC( alg ) )
{ {
#if defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) #if defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg ); psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg ); const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
mbedtls_md_type_t md_alg = mbedtls_md_get_type( md_info ); mbedtls_md_type_t md_alg = mbedtls_md_get_type( md_info );
@ -408,7 +378,7 @@ static psa_status_t ecdsa_sign_hash(
#else #else
ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
goto cleanup; goto cleanup;
#endif /* defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) */ #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
} }
else else
{ {
@ -437,7 +407,7 @@ cleanup:
return( mbedtls_to_psa_error( ret ) ); return( mbedtls_to_psa_error( ret ) );
} }
static psa_status_t ecdsa_verify_hash( psa_status_t mbedtls_psa_ecdsa_verify_hash(
const psa_key_attributes_t *attributes, const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size, const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
@ -496,177 +466,7 @@ cleanup:
return( mbedtls_to_psa_error( ret ) ); return( mbedtls_to_psa_error( ret ) );
} }
#endif /* defined(BUILTIN_ALG_ECDSA) || \ #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
* defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) */
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
psa_status_t mbedtls_psa_ecp_import_key(
const psa_key_attributes_t *attributes,
const uint8_t *data, size_t data_length,
uint8_t *key_buffer, size_t key_buffer_size,
size_t *key_buffer_length, size_t *bits )
{
return( ecp_import_key( attributes, data, data_length,
key_buffer, key_buffer_size,
key_buffer_length, bits ) );
}
psa_status_t mbedtls_psa_ecp_export_public_key(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
uint8_t *data, size_t data_size, size_t *data_length )
{
return( ecp_export_public_key( attributes, key_buffer, key_buffer_size,
data, data_size, data_length ) );
}
#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR)
psa_status_t mbedtls_psa_ecp_generate_key(
const psa_key_attributes_t *attributes,
uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
{
return( ecp_generate_key( attributes, key_buffer, key_buffer_size,
key_buffer_length ) );
}
#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
psa_status_t mbedtls_psa_ecdsa_sign_hash(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
uint8_t *signature, size_t signature_size, size_t *signature_length )
{
return( ecdsa_sign_hash( attributes,
key_buffer, key_buffer_size,
alg, hash, hash_length,
signature, signature_size, signature_length ) );
}
psa_status_t mbedtls_psa_ecdsa_verify_hash(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
const uint8_t *signature, size_t signature_length )
{
return( ecdsa_verify_hash( attributes,
key_buffer, key_buffer_size,
alg, hash, hash_length,
signature, signature_length ) );
}
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
* defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */ * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
/*
* BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
*/
#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG)
#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
psa_status_t libtestdriver1_mbedtls_psa_ecp_import_key(
const psa_key_attributes_t *attributes,
const uint8_t *data, size_t data_length,
uint8_t *key_buffer, size_t key_buffer_size,
size_t *key_buffer_length, size_t *bits )
{
return( ecp_import_key( attributes, data, data_length,
key_buffer, key_buffer_size,
key_buffer_length, bits ) );
}
psa_status_t libtestdriver1_mbedtls_psa_ecp_export_public_key(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
uint8_t *data, size_t data_size, size_t *data_length )
{
return( ecp_export_public_key( attributes, key_buffer, key_buffer_size,
data, data_size, data_length ) );
}
#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) ||
defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) */
#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) && \
defined(MBEDTLS_GENPRIME)
psa_status_t libtestdriver1_mbedtls_psa_ecp_generate_key(
const psa_key_attributes_t *attributes,
uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
{
return( ecp_generate_key( attributes, key_buffer, key_buffer_size,
key_buffer_length ) );
}
#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) &&
defined(MBEDTLS_GENPRIME) */
#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
psa_status_t libtestdriver1_mbedtls_psa_ecdsa_sign_hash(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
uint8_t *signature, size_t signature_size, size_t *signature_length )
{
#if defined(MBEDTLS_ECDSA_C)
return( ecdsa_sign_hash( attributes,
key_buffer, key_buffer_size,
alg, hash, hash_length,
signature, signature_size, signature_length ) );
#else
(void)attributes;
(void)key_buffer;
(void)key_buffer_size;
(void)alg;
(void)hash;
(void)hash_length;
(void)signature;
(void)signature_size;
(void)signature_length;
return( PSA_ERROR_NOT_SUPPORTED );
#endif
}
psa_status_t libtestdriver1_mbedtls_psa_ecdsa_verify_hash(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
const uint8_t *signature, size_t signature_length )
{
#if defined(MBEDTLS_ECDSA_C)
return( ecdsa_verify_hash( attributes,
key_buffer, key_buffer_size,
alg, hash, hash_length,
signature, signature_length ) );
#else
(void)attributes;
(void)key_buffer;
(void)key_buffer_size;
(void)alg;
(void)hash;
(void)hash_length;
(void)signature;
(void)signature_length;
return( PSA_ERROR_NOT_SUPPORTED );
#endif
}
#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) ||
* defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */
#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */
#endif /* MBEDTLS_PSA_CRYPTO_C */ #endif /* MBEDTLS_PSA_CRYPTO_C */

View file

@ -29,63 +29,6 @@
#include <mbedtls/error.h> #include <mbedtls/error.h>
#include <string.h> #include <string.h>
/* Use builtin defines specific to this compilation unit, since the test driver
* relies on the software driver. */
#if( defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) || \
( defined(PSA_CRYPTO_DRIVER_TEST) && \
defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \
defined(MBEDTLS_PSA_ACCEL_ALG_MD2) ) )
#define BUILTIN_ALG_MD2 1
#endif
#if( defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) || \
( defined(PSA_CRYPTO_DRIVER_TEST) && \
defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \
defined(MBEDTLS_PSA_ACCEL_ALG_MD4) ) )
#define BUILTIN_ALG_MD4 1
#endif
#if( defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) || \
( defined(PSA_CRYPTO_DRIVER_TEST) && \
defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \
defined(MBEDTLS_PSA_ACCEL_ALG_MD5) ) )
#define BUILTIN_ALG_MD5 1
#endif
#if( defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) || \
( defined(PSA_CRYPTO_DRIVER_TEST) && \
defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \
defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) ) )
#define BUILTIN_ALG_RIPEMD160 1
#endif
#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) || \
( defined(PSA_CRYPTO_DRIVER_TEST) && \
defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \
defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) ) )
#define BUILTIN_ALG_SHA_1 1
#endif
#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) || \
( defined(PSA_CRYPTO_DRIVER_TEST) && \
defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \
defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) ) )
#define BUILTIN_ALG_SHA_224 1
#endif
#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \
( defined(PSA_CRYPTO_DRIVER_TEST) && \
defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \
defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) ) )
#define BUILTIN_ALG_SHA_256 1
#endif
#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) || \
( defined(PSA_CRYPTO_DRIVER_TEST) && \
defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \
defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) ) )
#define BUILTIN_ALG_SHA_384 1
#endif
#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \
( defined(PSA_CRYPTO_DRIVER_TEST) && \
defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \
defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) ) )
#define BUILTIN_ALG_SHA_512 1
#endif
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \
@ -141,9 +84,8 @@ const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg )
/* Implement the PSA driver hash interface on top of mbed TLS if either the /* Implement the PSA driver hash interface on top of mbed TLS if either the
* software driver or the test driver requires it. */ * software driver or the test driver requires it. */
#if defined(MBEDTLS_PSA_BUILTIN_HASH) || \ #if defined(MBEDTLS_PSA_BUILTIN_HASH)
( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) ) psa_status_t mbedtls_psa_hash_abort(
static psa_status_t hash_abort(
mbedtls_psa_hash_operation_t *operation ) mbedtls_psa_hash_operation_t *operation )
{ {
switch( operation->alg ) switch( operation->alg )
@ -153,47 +95,47 @@ static psa_status_t hash_abort(
* in use. It's ok to call abort on such an object, and there's * in use. It's ok to call abort on such an object, and there's
* nothing to do. */ * nothing to do. */
break; break;
#if defined(BUILTIN_ALG_MD2) #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2)
case PSA_ALG_MD2: case PSA_ALG_MD2:
mbedtls_md2_free( &operation->ctx.md2 ); mbedtls_md2_free( &operation->ctx.md2 );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_MD4) #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4)
case PSA_ALG_MD4: case PSA_ALG_MD4:
mbedtls_md4_free( &operation->ctx.md4 ); mbedtls_md4_free( &operation->ctx.md4 );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_MD5) #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
case PSA_ALG_MD5: case PSA_ALG_MD5:
mbedtls_md5_free( &operation->ctx.md5 ); mbedtls_md5_free( &operation->ctx.md5 );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_RIPEMD160) #if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
case PSA_ALG_RIPEMD160: case PSA_ALG_RIPEMD160:
mbedtls_ripemd160_free( &operation->ctx.ripemd160 ); mbedtls_ripemd160_free( &operation->ctx.ripemd160 );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_SHA_1) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
case PSA_ALG_SHA_1: case PSA_ALG_SHA_1:
mbedtls_sha1_free( &operation->ctx.sha1 ); mbedtls_sha1_free( &operation->ctx.sha1 );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_SHA_224) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
case PSA_ALG_SHA_224: case PSA_ALG_SHA_224:
mbedtls_sha256_free( &operation->ctx.sha256 ); mbedtls_sha256_free( &operation->ctx.sha256 );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_SHA_256) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
case PSA_ALG_SHA_256: case PSA_ALG_SHA_256:
mbedtls_sha256_free( &operation->ctx.sha256 ); mbedtls_sha256_free( &operation->ctx.sha256 );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_SHA_384) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
case PSA_ALG_SHA_384: case PSA_ALG_SHA_384:
mbedtls_sha512_free( &operation->ctx.sha512 ); mbedtls_sha512_free( &operation->ctx.sha512 );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_SHA_512) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
case PSA_ALG_SHA_512: case PSA_ALG_SHA_512:
mbedtls_sha512_free( &operation->ctx.sha512 ); mbedtls_sha512_free( &operation->ctx.sha512 );
break; break;
@ -205,7 +147,7 @@ static psa_status_t hash_abort(
return( PSA_SUCCESS ); return( PSA_SUCCESS );
} }
static psa_status_t hash_setup( psa_status_t mbedtls_psa_hash_setup(
mbedtls_psa_hash_operation_t *operation, mbedtls_psa_hash_operation_t *operation,
psa_algorithm_t alg ) psa_algorithm_t alg )
{ {
@ -219,55 +161,55 @@ static psa_status_t hash_setup(
switch( alg ) switch( alg )
{ {
#if defined(BUILTIN_ALG_MD2) #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2)
case PSA_ALG_MD2: case PSA_ALG_MD2:
mbedtls_md2_init( &operation->ctx.md2 ); mbedtls_md2_init( &operation->ctx.md2 );
ret = mbedtls_md2_starts_ret( &operation->ctx.md2 ); ret = mbedtls_md2_starts_ret( &operation->ctx.md2 );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_MD4) #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4)
case PSA_ALG_MD4: case PSA_ALG_MD4:
mbedtls_md4_init( &operation->ctx.md4 ); mbedtls_md4_init( &operation->ctx.md4 );
ret = mbedtls_md4_starts_ret( &operation->ctx.md4 ); ret = mbedtls_md4_starts_ret( &operation->ctx.md4 );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_MD5) #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
case PSA_ALG_MD5: case PSA_ALG_MD5:
mbedtls_md5_init( &operation->ctx.md5 ); mbedtls_md5_init( &operation->ctx.md5 );
ret = mbedtls_md5_starts_ret( &operation->ctx.md5 ); ret = mbedtls_md5_starts_ret( &operation->ctx.md5 );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_RIPEMD160) #if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
case PSA_ALG_RIPEMD160: case PSA_ALG_RIPEMD160:
mbedtls_ripemd160_init( &operation->ctx.ripemd160 ); mbedtls_ripemd160_init( &operation->ctx.ripemd160 );
ret = mbedtls_ripemd160_starts_ret( &operation->ctx.ripemd160 ); ret = mbedtls_ripemd160_starts_ret( &operation->ctx.ripemd160 );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_SHA_1) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
case PSA_ALG_SHA_1: case PSA_ALG_SHA_1:
mbedtls_sha1_init( &operation->ctx.sha1 ); mbedtls_sha1_init( &operation->ctx.sha1 );
ret = mbedtls_sha1_starts_ret( &operation->ctx.sha1 ); ret = mbedtls_sha1_starts_ret( &operation->ctx.sha1 );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_SHA_224) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
case PSA_ALG_SHA_224: case PSA_ALG_SHA_224:
mbedtls_sha256_init( &operation->ctx.sha256 ); mbedtls_sha256_init( &operation->ctx.sha256 );
ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 1 ); ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 1 );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_SHA_256) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
case PSA_ALG_SHA_256: case PSA_ALG_SHA_256:
mbedtls_sha256_init( &operation->ctx.sha256 ); mbedtls_sha256_init( &operation->ctx.sha256 );
ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 0 ); ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 0 );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_SHA_384) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
case PSA_ALG_SHA_384: case PSA_ALG_SHA_384:
mbedtls_sha512_init( &operation->ctx.sha512 ); mbedtls_sha512_init( &operation->ctx.sha512 );
ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 1 ); ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 1 );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_SHA_512) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
case PSA_ALG_SHA_512: case PSA_ALG_SHA_512:
mbedtls_sha512_init( &operation->ctx.sha512 ); mbedtls_sha512_init( &operation->ctx.sha512 );
ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 0 ); ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 0 );
@ -281,11 +223,11 @@ static psa_status_t hash_setup(
if( ret == 0 ) if( ret == 0 )
operation->alg = alg; operation->alg = alg;
else else
hash_abort( operation ); mbedtls_psa_hash_abort( operation );
return( mbedtls_to_psa_error( ret ) ); return( mbedtls_to_psa_error( ret ) );
} }
static psa_status_t hash_clone( psa_status_t mbedtls_psa_hash_clone(
const mbedtls_psa_hash_operation_t *source_operation, const mbedtls_psa_hash_operation_t *source_operation,
mbedtls_psa_hash_operation_t *target_operation ) mbedtls_psa_hash_operation_t *target_operation )
{ {
@ -293,55 +235,55 @@ static psa_status_t hash_clone(
{ {
case 0: case 0:
return( PSA_ERROR_BAD_STATE ); return( PSA_ERROR_BAD_STATE );
#if defined(BUILTIN_ALG_MD2) #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2)
case PSA_ALG_MD2: case PSA_ALG_MD2:
mbedtls_md2_clone( &target_operation->ctx.md2, mbedtls_md2_clone( &target_operation->ctx.md2,
&source_operation->ctx.md2 ); &source_operation->ctx.md2 );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_MD4) #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4)
case PSA_ALG_MD4: case PSA_ALG_MD4:
mbedtls_md4_clone( &target_operation->ctx.md4, mbedtls_md4_clone( &target_operation->ctx.md4,
&source_operation->ctx.md4 ); &source_operation->ctx.md4 );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_MD5) #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
case PSA_ALG_MD5: case PSA_ALG_MD5:
mbedtls_md5_clone( &target_operation->ctx.md5, mbedtls_md5_clone( &target_operation->ctx.md5,
&source_operation->ctx.md5 ); &source_operation->ctx.md5 );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_RIPEMD160) #if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
case PSA_ALG_RIPEMD160: case PSA_ALG_RIPEMD160:
mbedtls_ripemd160_clone( &target_operation->ctx.ripemd160, mbedtls_ripemd160_clone( &target_operation->ctx.ripemd160,
&source_operation->ctx.ripemd160 ); &source_operation->ctx.ripemd160 );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_SHA_1) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
case PSA_ALG_SHA_1: case PSA_ALG_SHA_1:
mbedtls_sha1_clone( &target_operation->ctx.sha1, mbedtls_sha1_clone( &target_operation->ctx.sha1,
&source_operation->ctx.sha1 ); &source_operation->ctx.sha1 );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_SHA_224) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
case PSA_ALG_SHA_224: case PSA_ALG_SHA_224:
mbedtls_sha256_clone( &target_operation->ctx.sha256, mbedtls_sha256_clone( &target_operation->ctx.sha256,
&source_operation->ctx.sha256 ); &source_operation->ctx.sha256 );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_SHA_256) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
case PSA_ALG_SHA_256: case PSA_ALG_SHA_256:
mbedtls_sha256_clone( &target_operation->ctx.sha256, mbedtls_sha256_clone( &target_operation->ctx.sha256,
&source_operation->ctx.sha256 ); &source_operation->ctx.sha256 );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_SHA_384) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
case PSA_ALG_SHA_384: case PSA_ALG_SHA_384:
mbedtls_sha512_clone( &target_operation->ctx.sha512, mbedtls_sha512_clone( &target_operation->ctx.sha512,
&source_operation->ctx.sha512 ); &source_operation->ctx.sha512 );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_SHA_512) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
case PSA_ALG_SHA_512: case PSA_ALG_SHA_512:
mbedtls_sha512_clone( &target_operation->ctx.sha512, mbedtls_sha512_clone( &target_operation->ctx.sha512,
&source_operation->ctx.sha512 ); &source_operation->ctx.sha512 );
@ -357,7 +299,7 @@ static psa_status_t hash_clone(
return( PSA_SUCCESS ); return( PSA_SUCCESS );
} }
static psa_status_t hash_update( psa_status_t mbedtls_psa_hash_update(
mbedtls_psa_hash_operation_t *operation, mbedtls_psa_hash_operation_t *operation,
const uint8_t *input, const uint8_t *input,
size_t input_length ) size_t input_length )
@ -366,55 +308,55 @@ static psa_status_t hash_update(
switch( operation->alg ) switch( operation->alg )
{ {
#if defined(BUILTIN_ALG_MD2) #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2)
case PSA_ALG_MD2: case PSA_ALG_MD2:
ret = mbedtls_md2_update_ret( &operation->ctx.md2, ret = mbedtls_md2_update_ret( &operation->ctx.md2,
input, input_length ); input, input_length );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_MD4) #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4)
case PSA_ALG_MD4: case PSA_ALG_MD4:
ret = mbedtls_md4_update_ret( &operation->ctx.md4, ret = mbedtls_md4_update_ret( &operation->ctx.md4,
input, input_length ); input, input_length );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_MD5) #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
case PSA_ALG_MD5: case PSA_ALG_MD5:
ret = mbedtls_md5_update_ret( &operation->ctx.md5, ret = mbedtls_md5_update_ret( &operation->ctx.md5,
input, input_length ); input, input_length );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_RIPEMD160) #if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
case PSA_ALG_RIPEMD160: case PSA_ALG_RIPEMD160:
ret = mbedtls_ripemd160_update_ret( &operation->ctx.ripemd160, ret = mbedtls_ripemd160_update_ret( &operation->ctx.ripemd160,
input, input_length ); input, input_length );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_SHA_1) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
case PSA_ALG_SHA_1: case PSA_ALG_SHA_1:
ret = mbedtls_sha1_update_ret( &operation->ctx.sha1, ret = mbedtls_sha1_update_ret( &operation->ctx.sha1,
input, input_length ); input, input_length );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_SHA_224) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
case PSA_ALG_SHA_224: case PSA_ALG_SHA_224:
ret = mbedtls_sha256_update_ret( &operation->ctx.sha256, ret = mbedtls_sha256_update_ret( &operation->ctx.sha256,
input, input_length ); input, input_length );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_SHA_256) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
case PSA_ALG_SHA_256: case PSA_ALG_SHA_256:
ret = mbedtls_sha256_update_ret( &operation->ctx.sha256, ret = mbedtls_sha256_update_ret( &operation->ctx.sha256,
input, input_length ); input, input_length );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_SHA_384) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
case PSA_ALG_SHA_384: case PSA_ALG_SHA_384:
ret = mbedtls_sha512_update_ret( &operation->ctx.sha512, ret = mbedtls_sha512_update_ret( &operation->ctx.sha512,
input, input_length ); input, input_length );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_SHA_512) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
case PSA_ALG_SHA_512: case PSA_ALG_SHA_512:
ret = mbedtls_sha512_update_ret( &operation->ctx.sha512, ret = mbedtls_sha512_update_ret( &operation->ctx.sha512,
input, input_length ); input, input_length );
@ -429,7 +371,7 @@ static psa_status_t hash_update(
return( mbedtls_to_psa_error( ret ) ); return( mbedtls_to_psa_error( ret ) );
} }
static psa_status_t hash_finish( psa_status_t mbedtls_psa_hash_finish(
mbedtls_psa_hash_operation_t *operation, mbedtls_psa_hash_operation_t *operation,
uint8_t *hash, uint8_t *hash,
size_t hash_size, size_t hash_size,
@ -456,47 +398,47 @@ static psa_status_t hash_finish(
switch( operation->alg ) switch( operation->alg )
{ {
#if defined(BUILTIN_ALG_MD2) #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2)
case PSA_ALG_MD2: case PSA_ALG_MD2:
ret = mbedtls_md2_finish_ret( &operation->ctx.md2, hash ); ret = mbedtls_md2_finish_ret( &operation->ctx.md2, hash );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_MD4) #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4)
case PSA_ALG_MD4: case PSA_ALG_MD4:
ret = mbedtls_md4_finish_ret( &operation->ctx.md4, hash ); ret = mbedtls_md4_finish_ret( &operation->ctx.md4, hash );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_MD5) #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
case PSA_ALG_MD5: case PSA_ALG_MD5:
ret = mbedtls_md5_finish_ret( &operation->ctx.md5, hash ); ret = mbedtls_md5_finish_ret( &operation->ctx.md5, hash );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_RIPEMD160) #if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
case PSA_ALG_RIPEMD160: case PSA_ALG_RIPEMD160:
ret = mbedtls_ripemd160_finish_ret( &operation->ctx.ripemd160, hash ); ret = mbedtls_ripemd160_finish_ret( &operation->ctx.ripemd160, hash );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_SHA_1) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
case PSA_ALG_SHA_1: case PSA_ALG_SHA_1:
ret = mbedtls_sha1_finish_ret( &operation->ctx.sha1, hash ); ret = mbedtls_sha1_finish_ret( &operation->ctx.sha1, hash );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_SHA_224) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
case PSA_ALG_SHA_224: case PSA_ALG_SHA_224:
ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash ); ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_SHA_256) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
case PSA_ALG_SHA_256: case PSA_ALG_SHA_256:
ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash ); ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_SHA_384) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
case PSA_ALG_SHA_384: case PSA_ALG_SHA_384:
ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash ); ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash );
break; break;
#endif #endif
#if defined(BUILTIN_ALG_SHA_512) #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
case PSA_ALG_SHA_512: case PSA_ALG_SHA_512:
ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash ); ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash );
break; break;
@ -513,7 +455,7 @@ exit:
return( status ); return( status );
} }
static psa_status_t hash_compute( psa_status_t mbedtls_psa_hash_compute(
psa_algorithm_t alg, psa_algorithm_t alg,
const uint8_t *input, const uint8_t *input,
size_t input_length, size_t input_length,
@ -526,192 +468,24 @@ static psa_status_t hash_compute(
psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED;
*hash_length = hash_size; *hash_length = hash_size;
status = hash_setup( &operation, alg ); status = mbedtls_psa_hash_setup( &operation, alg );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
goto exit; goto exit;
status = hash_update( &operation, input, input_length ); status = mbedtls_psa_hash_update( &operation, input, input_length );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
goto exit; goto exit;
status = hash_finish( &operation, hash, hash_size, hash_length ); status = mbedtls_psa_hash_finish( &operation, hash, hash_size, hash_length );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
goto exit; goto exit;
exit: exit:
abort_status = hash_abort( &operation ); abort_status = mbedtls_psa_hash_abort( &operation );
if( status == PSA_SUCCESS ) if( status == PSA_SUCCESS )
return( abort_status ); return( abort_status );
else else
return( status ); return( status );
} }
#endif /* MBEDTLS_PSA_BUILTIN_HASH ||
( PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG ) */
#if defined(MBEDTLS_PSA_BUILTIN_HASH)
psa_status_t mbedtls_psa_hash_compute(
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
uint8_t *hash,
size_t hash_size,
size_t *hash_length)
{
return( hash_compute( alg, input, input_length,
hash, hash_size, hash_length ) );
}
psa_status_t mbedtls_psa_hash_setup(
mbedtls_psa_hash_operation_t *operation,
psa_algorithm_t alg )
{
return( hash_setup( operation, alg ) );
}
psa_status_t mbedtls_psa_hash_clone(
const mbedtls_psa_hash_operation_t *source_operation,
mbedtls_psa_hash_operation_t *target_operation )
{
return( hash_clone( source_operation, target_operation ) );
}
psa_status_t mbedtls_psa_hash_update(
mbedtls_psa_hash_operation_t *operation,
const uint8_t *input,
size_t input_length )
{
return( hash_update( operation, input, input_length ) );
}
psa_status_t mbedtls_psa_hash_finish(
mbedtls_psa_hash_operation_t *operation,
uint8_t *hash,
size_t hash_size,
size_t *hash_length )
{
return( hash_finish( operation, hash, hash_size, hash_length ) );
}
psa_status_t mbedtls_psa_hash_abort(
mbedtls_psa_hash_operation_t *operation )
{
return( hash_abort( operation ) );
}
#endif /* MBEDTLS_PSA_BUILTIN_HASH */ #endif /* MBEDTLS_PSA_BUILTIN_HASH */
/*
* BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
*/
#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG)
static int is_hash_accelerated( psa_algorithm_t alg )
{
switch( alg )
{
#if defined(MBEDTLS_PSA_ACCEL_ALG_MD2)
case PSA_ALG_MD2:
return( 1 );
#endif
#if defined(MBEDTLS_PSA_ACCEL_ALG_MD4)
case PSA_ALG_MD4:
return( 1 );
#endif
#if defined(MBEDTLS_PSA_ACCEL_ALG_MD5)
case PSA_ALG_MD5:
return( 1 );
#endif
#if defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160)
case PSA_ALG_RIPEMD160:
return( 1 );
#endif
#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1)
case PSA_ALG_SHA_1:
return( 1 );
#endif
#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224)
case PSA_ALG_SHA_224:
return( 1 );
#endif
#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256)
case PSA_ALG_SHA_256:
return( 1 );
#endif
#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384)
case PSA_ALG_SHA_384:
return( 1 );
#endif
#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512)
case PSA_ALG_SHA_512:
return( 1 );
#endif
default:
return( 0 );
}
}
psa_status_t libtestdriver1_mbedtls_psa_hash_compute(
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
uint8_t *hash,
size_t hash_size,
size_t *hash_length)
{
if( is_hash_accelerated( alg ) )
return( hash_compute( alg, input, input_length,
hash, hash_size, hash_length ) );
else
return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t libtestdriver1_mbedtls_psa_hash_setup(
mbedtls_psa_hash_operation_t *operation,
psa_algorithm_t alg )
{
if( is_hash_accelerated( alg ) )
return( hash_setup( operation, alg ) );
else
return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t libtestdriver1_mbedtls_psa_hash_clone(
const mbedtls_psa_hash_operation_t *source_operation,
mbedtls_psa_hash_operation_t *target_operation )
{
if( is_hash_accelerated( source_operation->alg ) )
return( hash_clone( source_operation, target_operation ) );
else
return( PSA_ERROR_BAD_STATE );
}
psa_status_t libtestdriver1_mbedtls_psa_hash_update(
mbedtls_psa_hash_operation_t *operation,
const uint8_t *input,
size_t input_length )
{
if( is_hash_accelerated( operation->alg ) )
return( hash_update( operation, input, input_length ) );
else
return( PSA_ERROR_BAD_STATE );
}
psa_status_t libtestdriver1_mbedtls_psa_hash_finish(
mbedtls_psa_hash_operation_t *operation,
uint8_t *hash,
size_t hash_size,
size_t *hash_length )
{
if( is_hash_accelerated( operation->alg ) )
return( hash_finish( operation, hash, hash_size, hash_length ) );
else
return( PSA_ERROR_BAD_STATE );
}
psa_status_t libtestdriver1_mbedtls_psa_hash_abort(
mbedtls_psa_hash_operation_t *operation )
{
return( hash_abort( operation ) );
}
#endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* MBEDTLS_PSA_CRYPTO_C */ #endif /* MBEDTLS_PSA_CRYPTO_C */

View file

@ -30,22 +30,7 @@
#include <mbedtls/error.h> #include <mbedtls/error.h>
#include <string.h> #include <string.h>
/* Use builtin defines specific to this compilation unit, since the test driver #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
* relies on the software driver. */
#if( defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) || \
( defined(PSA_CRYPTO_DRIVER_TEST) && \
defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \
defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) ) )
#define BUILTIN_ALG_CMAC 1
#endif
#if( defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || \
( defined(PSA_CRYPTO_DRIVER_TEST) && \
defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \
defined(MBEDTLS_PSA_ACCEL_ALG_HMAC) ) )
#define BUILTIN_ALG_HMAC 1
#endif
#if defined(BUILTIN_ALG_HMAC)
static psa_status_t psa_hmac_abort_internal( static psa_status_t psa_hmac_abort_internal(
mbedtls_psa_hmac_operation_t *hmac ) mbedtls_psa_hmac_operation_t *hmac )
{ {
@ -164,9 +149,9 @@ exit:
mbedtls_platform_zeroize( tmp, hash_size ); mbedtls_platform_zeroize( tmp, hash_size );
return( status ); return( status );
} }
#endif /* BUILTIN_ALG_HMAC */ #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
#if defined(BUILTIN_ALG_CMAC) #if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC)
static psa_status_t cmac_setup( mbedtls_psa_mac_operation_t *operation, static psa_status_t cmac_setup( mbedtls_psa_mac_operation_t *operation,
const psa_key_attributes_t *attributes, const psa_key_attributes_t *attributes,
const uint8_t *key_buffer ) const uint8_t *key_buffer )
@ -202,11 +187,12 @@ static psa_status_t cmac_setup( mbedtls_psa_mac_operation_t *operation,
exit: exit:
return( mbedtls_to_psa_error( ret ) ); return( mbedtls_to_psa_error( ret ) );
} }
#endif /* BUILTIN_ALG_CMAC */ #endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */
/* Implement the PSA driver MAC interface on top of mbed TLS if either the /* Implement the PSA driver MAC interface on top of mbed TLS if either the
* software driver or the test driver requires it. */ * software driver or the test driver requires it. */
#if defined(BUILTIN_ALG_HMAC) || defined(BUILTIN_ALG_CMAC) #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC)
/* Initialize this driver's MAC operation structure. Once this function has been /* Initialize this driver's MAC operation structure. Once this function has been
* called, mbedtls_psa_mac_abort can run and will do the right thing. */ * called, mbedtls_psa_mac_abort can run and will do the right thing. */
@ -218,15 +204,15 @@ static psa_status_t mac_init(
operation->alg = alg; operation->alg = alg;
#if defined(BUILTIN_ALG_CMAC) #if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC)
if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC ) if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC )
{ {
mbedtls_cipher_init( &operation->ctx.cmac ); mbedtls_cipher_init( &operation->ctx.cmac );
status = PSA_SUCCESS; status = PSA_SUCCESS;
} }
else else
#endif /* BUILTIN_ALG_CMAC */ #endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */
#if defined(BUILTIN_ALG_HMAC) #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
if( PSA_ALG_IS_HMAC( operation->alg ) ) if( PSA_ALG_IS_HMAC( operation->alg ) )
{ {
/* We'll set up the hash operation later in psa_hmac_setup_internal. */ /* We'll set up the hash operation later in psa_hmac_setup_internal. */
@ -234,7 +220,7 @@ static psa_status_t mac_init(
status = PSA_SUCCESS; status = PSA_SUCCESS;
} }
else else
#endif /* BUILTIN_ALG_HMAC */ #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
{ {
(void) operation; (void) operation;
status = PSA_ERROR_NOT_SUPPORTED; status = PSA_ERROR_NOT_SUPPORTED;
@ -245,7 +231,7 @@ static psa_status_t mac_init(
return( status ); return( status );
} }
static psa_status_t mac_abort( mbedtls_psa_mac_operation_t *operation ) psa_status_t mbedtls_psa_mac_abort( mbedtls_psa_mac_operation_t *operation )
{ {
if( operation->alg == 0 ) if( operation->alg == 0 )
{ {
@ -255,20 +241,20 @@ static psa_status_t mac_abort( mbedtls_psa_mac_operation_t *operation )
return( PSA_SUCCESS ); return( PSA_SUCCESS );
} }
else else
#if defined(BUILTIN_ALG_CMAC) #if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC)
if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC ) if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC )
{ {
mbedtls_cipher_free( &operation->ctx.cmac ); mbedtls_cipher_free( &operation->ctx.cmac );
} }
else else
#endif /* BUILTIN_ALG_CMAC */ #endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */
#if defined(BUILTIN_ALG_HMAC) #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
if( PSA_ALG_IS_HMAC( operation->alg ) ) if( PSA_ALG_IS_HMAC( operation->alg ) )
{ {
psa_hmac_abort_internal( &operation->ctx.hmac ); psa_hmac_abort_internal( &operation->ctx.hmac );
} }
else else
#endif /* BUILTIN_ALG_HMAC */ #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
{ {
/* Sanity check (shouldn't happen: operation->alg should /* Sanity check (shouldn't happen: operation->alg should
* always have been initialized to a valid value). */ * always have been initialized to a valid value). */
@ -288,7 +274,7 @@ bad_state:
return( PSA_ERROR_BAD_STATE ); return( PSA_ERROR_BAD_STATE );
} }
static psa_status_t mac_setup( mbedtls_psa_mac_operation_t *operation, static psa_status_t psa_mac_setup( mbedtls_psa_mac_operation_t *operation,
const psa_key_attributes_t *attributes, const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, const uint8_t *key_buffer,
size_t key_buffer_size, size_t key_buffer_size,
@ -304,7 +290,7 @@ static psa_status_t mac_setup( mbedtls_psa_mac_operation_t *operation,
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
return( status ); return( status );
#if defined(BUILTIN_ALG_CMAC) #if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC)
if( PSA_ALG_FULL_LENGTH_MAC( alg ) == PSA_ALG_CMAC ) if( PSA_ALG_FULL_LENGTH_MAC( alg ) == PSA_ALG_CMAC )
{ {
/* Key buffer size for CMAC is dictated by the key bits set on the /* Key buffer size for CMAC is dictated by the key bits set on the
@ -313,8 +299,8 @@ static psa_status_t mac_setup( mbedtls_psa_mac_operation_t *operation,
status = cmac_setup( operation, attributes, key_buffer ); status = cmac_setup( operation, attributes, key_buffer );
} }
else else
#endif /* BUILTIN_ALG_CMAC */ #endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */
#if defined(BUILTIN_ALG_HMAC) #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
if( PSA_ALG_IS_HMAC( alg ) ) if( PSA_ALG_IS_HMAC( alg ) )
{ {
status = psa_hmac_setup_internal( &operation->ctx.hmac, status = psa_hmac_setup_internal( &operation->ctx.hmac,
@ -323,7 +309,7 @@ static psa_status_t mac_setup( mbedtls_psa_mac_operation_t *operation,
PSA_ALG_HMAC_GET_HASH( alg ) ); PSA_ALG_HMAC_GET_HASH( alg ) );
} }
else else
#endif /* BUILTIN_ALG_HMAC */ #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
{ {
(void) attributes; (void) attributes;
(void) key_buffer; (void) key_buffer;
@ -332,12 +318,34 @@ static psa_status_t mac_setup( mbedtls_psa_mac_operation_t *operation,
} }
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
mac_abort( operation ); mbedtls_psa_mac_abort( operation );
return( status ); return( status );
} }
static psa_status_t mac_update( psa_status_t mbedtls_psa_mac_sign_setup(
mbedtls_psa_mac_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer,
size_t key_buffer_size,
psa_algorithm_t alg )
{
return( psa_mac_setup( operation, attributes,
key_buffer, key_buffer_size, alg ) );
}
psa_status_t mbedtls_psa_mac_verify_setup(
mbedtls_psa_mac_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer,
size_t key_buffer_size,
psa_algorithm_t alg )
{
return( psa_mac_setup( operation, attributes,
key_buffer, key_buffer_size, alg ) );
}
psa_status_t mbedtls_psa_mac_update(
mbedtls_psa_mac_operation_t *operation, mbedtls_psa_mac_operation_t *operation,
const uint8_t *input, const uint8_t *input,
size_t input_length ) size_t input_length )
@ -345,7 +353,7 @@ static psa_status_t mac_update(
if( operation->alg == 0 ) if( operation->alg == 0 )
return( PSA_ERROR_BAD_STATE ); return( PSA_ERROR_BAD_STATE );
#if defined(BUILTIN_ALG_CMAC) #if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC)
if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC ) if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC )
{ {
return( mbedtls_to_psa_error( return( mbedtls_to_psa_error(
@ -353,15 +361,15 @@ static psa_status_t mac_update(
input, input_length ) ) ); input, input_length ) ) );
} }
else else
#endif /* BUILTIN_ALG_CMAC */ #endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */
#if defined(BUILTIN_ALG_HMAC) #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
if( PSA_ALG_IS_HMAC( operation->alg ) ) if( PSA_ALG_IS_HMAC( operation->alg ) )
{ {
return( psa_hmac_update_internal( &operation->ctx.hmac, return( psa_hmac_update_internal( &operation->ctx.hmac,
input, input_length ) ); input, input_length ) );
} }
else else
#endif /* BUILTIN_ALG_HMAC */ #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
{ {
/* This shouldn't happen if `operation` was initialized by /* This shouldn't happen if `operation` was initialized by
* a setup function. */ * a setup function. */
@ -371,11 +379,11 @@ static psa_status_t mac_update(
} }
} }
static psa_status_t mac_finish_internal( mbedtls_psa_mac_operation_t *operation, static psa_status_t psa_mac_finish_internal(
uint8_t *mac, mbedtls_psa_mac_operation_t *operation,
size_t mac_size ) uint8_t *mac, size_t mac_size )
{ {
#if defined(BUILTIN_ALG_CMAC) #if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC)
if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC ) if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC )
{ {
uint8_t tmp[PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE]; uint8_t tmp[PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE];
@ -386,15 +394,15 @@ static psa_status_t mac_finish_internal( mbedtls_psa_mac_operation_t *operation,
return( mbedtls_to_psa_error( ret ) ); return( mbedtls_to_psa_error( ret ) );
} }
else else
#endif /* BUILTIN_ALG_CMAC */ #endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */
#if defined(BUILTIN_ALG_HMAC) #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
if( PSA_ALG_IS_HMAC( operation->alg ) ) if( PSA_ALG_IS_HMAC( operation->alg ) )
{ {
return( psa_hmac_finish_internal( &operation->ctx.hmac, return( psa_hmac_finish_internal( &operation->ctx.hmac,
mac, mac_size ) ); mac, mac_size ) );
} }
else else
#endif /* BUILTIN_ALG_HMAC */ #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
{ {
/* This shouldn't happen if `operation` was initialized by /* This shouldn't happen if `operation` was initialized by
* a setup function. */ * a setup function. */
@ -405,7 +413,7 @@ static psa_status_t mac_finish_internal( mbedtls_psa_mac_operation_t *operation,
} }
} }
static psa_status_t mac_sign_finish( psa_status_t mbedtls_psa_mac_sign_finish(
mbedtls_psa_mac_operation_t *operation, mbedtls_psa_mac_operation_t *operation,
uint8_t *mac, uint8_t *mac,
size_t mac_size, size_t mac_size,
@ -416,15 +424,14 @@ static psa_status_t mac_sign_finish(
if( operation->alg == 0 ) if( operation->alg == 0 )
return( PSA_ERROR_BAD_STATE ); return( PSA_ERROR_BAD_STATE );
status = mac_finish_internal( operation, mac, mac_size ); status = psa_mac_finish_internal( operation, mac, mac_size );
if( status == PSA_SUCCESS ) if( status == PSA_SUCCESS )
*mac_length = mac_size; *mac_length = mac_size;
return( status ); return( status );
} }
static psa_status_t mac_verify_finish( psa_status_t mbedtls_psa_mac_verify_finish(
mbedtls_psa_mac_operation_t *operation, mbedtls_psa_mac_operation_t *operation,
const uint8_t *mac, const uint8_t *mac,
size_t mac_length ) size_t mac_length )
@ -439,7 +446,7 @@ static psa_status_t mac_verify_finish(
if( mac_length > sizeof( actual_mac ) ) if( mac_length > sizeof( actual_mac ) )
return( PSA_ERROR_INVALID_ARGUMENT ); return( PSA_ERROR_INVALID_ARGUMENT );
status = mac_finish_internal( operation, actual_mac, mac_length ); status = psa_mac_finish_internal( operation, actual_mac, mac_length );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
goto cleanup; goto cleanup;
@ -452,7 +459,7 @@ cleanup:
return( status ); return( status );
} }
static psa_status_t mac_compute( psa_status_t mbedtls_psa_mac_compute(
const psa_key_attributes_t *attributes, const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, const uint8_t *key_buffer,
size_t key_buffer_size, size_t key_buffer_size,
@ -466,7 +473,7 @@ static psa_status_t mac_compute(
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
mbedtls_psa_mac_operation_t operation = MBEDTLS_PSA_MAC_OPERATION_INIT; mbedtls_psa_mac_operation_t operation = MBEDTLS_PSA_MAC_OPERATION_INIT;
status = mac_setup( &operation, status = psa_mac_setup( &operation,
attributes, key_buffer, key_buffer_size, attributes, key_buffer, key_buffer_size,
alg ); alg );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
@ -474,204 +481,21 @@ static psa_status_t mac_compute(
if( input_length > 0 ) if( input_length > 0 )
{ {
status = mac_update( &operation, input, input_length ); status = mbedtls_psa_mac_update( &operation, input, input_length );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
goto exit; goto exit;
} }
status = mac_finish_internal( &operation, mac, mac_size ); status = psa_mac_finish_internal( &operation, mac, mac_size );
if( status == PSA_SUCCESS ) if( status == PSA_SUCCESS )
*mac_length = mac_size; *mac_length = mac_size;
exit: exit:
mac_abort( &operation ); mbedtls_psa_mac_abort( &operation );
return( status ); return( status );
} }
#endif /* BUILTIN_ALG_HMAC || BUILTIN_ALG_CMAC */ #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC || MBEDTLS_PSA_BUILTIN_ALG_CMAC */
#if defined(MBEDTLS_PSA_BUILTIN_MAC)
psa_status_t mbedtls_psa_mac_compute(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer,
size_t key_buffer_size,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
uint8_t *mac,
size_t mac_size,
size_t *mac_length )
{
return( mac_compute( attributes, key_buffer, key_buffer_size, alg,
input, input_length,
mac, mac_size, mac_length ) );
}
psa_status_t mbedtls_psa_mac_sign_setup(
mbedtls_psa_mac_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer,
size_t key_buffer_size,
psa_algorithm_t alg )
{
return( mac_setup( operation, attributes,
key_buffer, key_buffer_size, alg ) );
}
psa_status_t mbedtls_psa_mac_verify_setup(
mbedtls_psa_mac_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer,
size_t key_buffer_size,
psa_algorithm_t alg )
{
return( mac_setup( operation, attributes,
key_buffer, key_buffer_size, alg ) );
}
psa_status_t mbedtls_psa_mac_update(
mbedtls_psa_mac_operation_t *operation,
const uint8_t *input,
size_t input_length )
{
return( mac_update( operation, input, input_length ) );
}
psa_status_t mbedtls_psa_mac_sign_finish(
mbedtls_psa_mac_operation_t *operation,
uint8_t *mac,
size_t mac_size,
size_t *mac_length )
{
return( mac_sign_finish( operation, mac, mac_size, mac_length ) );
}
psa_status_t mbedtls_psa_mac_verify_finish(
mbedtls_psa_mac_operation_t *operation,
const uint8_t *mac,
size_t mac_length )
{
return( mac_verify_finish( operation, mac, mac_length ) );
}
psa_status_t mbedtls_psa_mac_abort(
mbedtls_psa_mac_operation_t *operation )
{
return( mac_abort( operation ) );
}
#endif /* MBEDTLS_PSA_BUILTIN_MAC */
/*
* BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
*/
#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG)
static int is_mac_accelerated( psa_algorithm_t alg )
{
#if defined(MBEDTLS_PSA_ACCEL_ALG_HMAC)
if( PSA_ALG_IS_HMAC( alg ) )
return( 1 );
#endif
switch( PSA_ALG_FULL_LENGTH_MAC( alg ) )
{
#if defined(MBEDTLS_PSA_ACCEL_ALG_CMAC)
case PSA_ALG_CMAC:
return( 1 );
#endif
default:
return( 0 );
}
}
psa_status_t libtestdriver1_mbedtls_psa_mac_compute(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer,
size_t key_buffer_size,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
uint8_t *mac,
size_t mac_size,
size_t *mac_length )
{
if( is_mac_accelerated( alg ) )
return( mac_compute( attributes, key_buffer, key_buffer_size, alg,
input, input_length,
mac, mac_size, mac_length ) );
else
return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t libtestdriver1_mbedtls_psa_mac_sign_setup(
mbedtls_psa_mac_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer,
size_t key_buffer_size,
psa_algorithm_t alg )
{
if( is_mac_accelerated( alg ) )
return( mac_setup( operation, attributes,
key_buffer, key_buffer_size, alg ) );
else
return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t libtestdriver1_mbedtls_psa_mac_verify_setup(
mbedtls_psa_mac_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer,
size_t key_buffer_size,
psa_algorithm_t alg )
{
if( is_mac_accelerated( alg ) )
return( mac_setup( operation, attributes,
key_buffer, key_buffer_size, alg ) );
else
return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t libtestdriver1_mbedtls_psa_mac_update(
mbedtls_psa_mac_operation_t *operation,
const uint8_t *input,
size_t input_length )
{
if( is_mac_accelerated( operation->alg ) )
return( mac_update( operation, input, input_length ) );
else
return( PSA_ERROR_BAD_STATE );
}
psa_status_t libtestdriver1_mbedtls_psa_mac_sign_finish(
mbedtls_psa_mac_operation_t *operation,
uint8_t *mac,
size_t mac_size,
size_t *mac_length )
{
if( is_mac_accelerated( operation->alg ) )
return( mac_sign_finish( operation, mac, mac_size, mac_length ) );
else
return( PSA_ERROR_BAD_STATE );
}
psa_status_t libtestdriver1_mbedtls_psa_mac_verify_finish(
mbedtls_psa_mac_operation_t *operation,
const uint8_t *mac,
size_t mac_length )
{
if( is_mac_accelerated( operation->alg ) )
return( mac_verify_finish( operation, mac, mac_length ) );
else
return( PSA_ERROR_BAD_STATE );
}
psa_status_t libtestdriver1_mbedtls_psa_mac_abort(
mbedtls_psa_mac_operation_t *operation )
{
return( mac_abort( operation ) );
}
#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */
#endif /* MBEDTLS_PSA_CRYPTO_C */ #endif /* MBEDTLS_PSA_CRYPTO_C */

View file

@ -41,42 +41,12 @@
#include <mbedtls/pk.h> #include <mbedtls/pk.h>
#include <mbedtls/pk_internal.h> #include <mbedtls/pk_internal.h>
#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
( defined(PSA_CRYPTO_DRIVER_TEST) && \
defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \
defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) ) )
#define BUILTIN_KEY_TYPE_RSA_KEY_PAIR 1
#endif
#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) || \
( defined(PSA_CRYPTO_DRIVER_TEST) && \
defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \
defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) ) )
#define BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1
#endif
#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
( defined(PSA_CRYPTO_DRIVER_TEST) && \
defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \
defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) && \
defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V15) ) )
#define BUILTIN_ALG_RSA_PKCS1V15_SIGN 1
#endif
#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \
( defined(PSA_CRYPTO_DRIVER_TEST) && \
defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \
defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) && \
defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21) ) )
#define BUILTIN_ALG_RSA_PSS 1
#endif
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \ #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \
defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
defined(BUILTIN_ALG_RSA_PSS) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \
defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
/* Mbed TLS doesn't support non-byte-aligned key sizes (i.e. key sizes /* Mbed TLS doesn't support non-byte-aligned key sizes (i.e. key sizes
* that are not a multiple of 8) well. For example, there is only * that are not a multiple of 8) well. For example, there is only
@ -151,15 +121,15 @@ exit:
} }
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) ||
* defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) || * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
* defined(BUILTIN_ALG_RSA_PSS) || * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) ||
* defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
* defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
#if defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
static psa_status_t rsa_import_key( psa_status_t mbedtls_psa_rsa_import_key(
const psa_key_attributes_t *attributes, const psa_key_attributes_t *attributes,
const uint8_t *data, size_t data_length, const uint8_t *data, size_t data_length,
uint8_t *key_buffer, size_t key_buffer_size, uint8_t *key_buffer, size_t key_buffer_size,
@ -251,7 +221,7 @@ psa_status_t mbedtls_psa_rsa_export_key( psa_key_type_t type,
#endif /* MBEDTLS_PK_WRITE_C */ #endif /* MBEDTLS_PK_WRITE_C */
} }
static psa_status_t rsa_export_public_key( psa_status_t mbedtls_psa_rsa_export_public_key(
const psa_key_attributes_t *attributes, const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size, const uint8_t *key_buffer, size_t key_buffer_size,
uint8_t *data, size_t data_size, size_t *data_length ) uint8_t *data, size_t data_size, size_t *data_length )
@ -275,10 +245,10 @@ static psa_status_t rsa_export_public_key(
return( status ); return( status );
} }
#endif /* defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
* defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
#if defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) && \ #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) && \
defined(MBEDTLS_GENPRIME) defined(MBEDTLS_GENPRIME)
static psa_status_t psa_rsa_read_exponent( const uint8_t *domain_parameters, static psa_status_t psa_rsa_read_exponent( const uint8_t *domain_parameters,
size_t domain_parameters_size, size_t domain_parameters_size,
@ -306,7 +276,7 @@ static psa_status_t psa_rsa_read_exponent( const uint8_t *domain_parameters,
return( PSA_SUCCESS ); return( PSA_SUCCESS );
} }
static psa_status_t rsa_generate_key( psa_status_t mbedtls_psa_rsa_generate_key(
const psa_key_attributes_t *attributes, const psa_key_attributes_t *attributes,
uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
{ {
@ -337,14 +307,15 @@ static psa_status_t rsa_generate_key(
return( status ); return( status );
} }
#endif /* defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
* defined(MBEDTLS_GENPRIME) */ * defined(MBEDTLS_GENPRIME) */
/****************************************************************/ /****************************************************************/
/* Sign/verify hashes */ /* Sign/verify hashes */
/****************************************************************/ /****************************************************************/
#if defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) || defined(BUILTIN_ALG_RSA_PSS) #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
/* Decode the hash algorithm from alg and store the mbedtls encoding in /* Decode the hash algorithm from alg and store the mbedtls encoding in
* md_alg. Verify that the hash length is acceptable. */ * md_alg. Verify that the hash length is acceptable. */
@ -376,7 +347,7 @@ static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg,
return( PSA_SUCCESS ); return( PSA_SUCCESS );
} }
static psa_status_t rsa_sign_hash( psa_status_t mbedtls_psa_rsa_sign_hash(
const psa_key_attributes_t *attributes, const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size, const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
@ -404,7 +375,7 @@ static psa_status_t rsa_sign_hash(
goto exit; goto exit;
} }
#if defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN)
if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ) if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
{ {
mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15, mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
@ -419,8 +390,8 @@ static psa_status_t rsa_sign_hash(
signature ); signature );
} }
else else
#endif /* BUILTIN_ALG_RSA_PKCS1V15_SIGN */ #endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN */
#if defined(BUILTIN_ALG_RSA_PSS) #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
if( PSA_ALG_IS_RSA_PSS( alg ) ) if( PSA_ALG_IS_RSA_PSS( alg ) )
{ {
mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ); mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
@ -434,7 +405,7 @@ static psa_status_t rsa_sign_hash(
signature ); signature );
} }
else else
#endif /* BUILTIN_ALG_RSA_PSS */ #endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */
{ {
status = PSA_ERROR_INVALID_ARGUMENT; status = PSA_ERROR_INVALID_ARGUMENT;
goto exit; goto exit;
@ -451,7 +422,7 @@ exit:
return( status ); return( status );
} }
#if defined(BUILTIN_ALG_RSA_PSS) #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
static int rsa_pss_expected_salt_len( psa_algorithm_t alg, static int rsa_pss_expected_salt_len( psa_algorithm_t alg,
const mbedtls_rsa_context *rsa, const mbedtls_rsa_context *rsa,
size_t hash_length ) size_t hash_length )
@ -470,9 +441,9 @@ static int rsa_pss_expected_salt_len( psa_algorithm_t alg,
else else
return( room ); return( room );
} }
#endif #endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */
static psa_status_t rsa_verify_hash( psa_status_t mbedtls_psa_rsa_verify_hash(
const psa_key_attributes_t *attributes, const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size, const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
@ -500,7 +471,7 @@ static psa_status_t rsa_verify_hash(
goto exit; goto exit;
} }
#if defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN)
if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ) if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
{ {
mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15, mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
@ -515,8 +486,8 @@ static psa_status_t rsa_verify_hash(
signature ); signature );
} }
else else
#endif /* BUILTIN_ALG_RSA_PKCS1V15_SIGN */ #endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN */
#if defined(BUILTIN_ALG_RSA_PSS) #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
if( PSA_ALG_IS_RSA_PSS( alg ) ) if( PSA_ALG_IS_RSA_PSS( alg ) )
{ {
int slen = rsa_pss_expected_salt_len( alg, rsa, hash_length ); int slen = rsa_pss_expected_salt_len( alg, rsa, hash_length );
@ -533,7 +504,7 @@ static psa_status_t rsa_verify_hash(
signature ); signature );
} }
else else
#endif /* BUILTIN_ALG_RSA_PSS */ #endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */
{ {
status = PSA_ERROR_INVALID_ARGUMENT; status = PSA_ERROR_INVALID_ARGUMENT;
goto exit; goto exit;
@ -553,176 +524,7 @@ exit:
return( status ); return( status );
} }
#endif /* defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
* defined(BUILTIN_ALG_RSA_PSS) */
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
psa_status_t mbedtls_psa_rsa_import_key(
const psa_key_attributes_t *attributes,
const uint8_t *data, size_t data_length,
uint8_t *key_buffer, size_t key_buffer_size,
size_t *key_buffer_length, size_t *bits )
{
return( rsa_import_key( attributes, data, data_length,
key_buffer, key_buffer_size,
key_buffer_length, bits ) );
}
psa_status_t mbedtls_psa_rsa_export_public_key(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
uint8_t *data, size_t data_size, size_t *data_length )
{
return( rsa_export_public_key( attributes, key_buffer, key_buffer_size,
data, data_size, data_length ) );
}
#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) && \
defined(MBEDTLS_GENPRIME)
psa_status_t mbedtls_psa_rsa_generate_key(
const psa_key_attributes_t *attributes,
uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
{
return( rsa_generate_key( attributes, key_buffer, key_buffer_size,
key_buffer_length ) );
}
#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
* defined(MBEDTLS_GENPRIME) */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
psa_status_t mbedtls_psa_rsa_sign_hash(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
uint8_t *signature, size_t signature_size, size_t *signature_length )
{
return( rsa_sign_hash(
attributes,
key_buffer, key_buffer_size,
alg, hash, hash_length,
signature, signature_size, signature_length ) );
}
psa_status_t mbedtls_psa_rsa_verify_hash(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
const uint8_t *signature, size_t signature_length )
{
return( rsa_verify_hash(
attributes,
key_buffer, key_buffer_size,
alg, hash, hash_length,
signature, signature_length ) );
}
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) */ * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) */
/*
* BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
*/
#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG)
#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \
defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
psa_status_t libtestdriver1_mbedtls_psa_rsa_import_key(
const psa_key_attributes_t *attributes,
const uint8_t *data, size_t data_length,
uint8_t *key_buffer, size_t key_buffer_size,
size_t *key_buffer_length, size_t *bits )
{
return( rsa_import_key( attributes, data, data_length,
key_buffer, key_buffer_size,
key_buffer_length, bits ) );
}
psa_status_t libtestdriver1_mbedtls_psa_rsa_export_public_key(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
uint8_t *data, size_t data_size, size_t *data_length )
{
return( rsa_export_public_key( attributes, key_buffer, key_buffer_size,
data, data_size, data_length ) );
}
#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) ||
defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) */
#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR)
psa_status_t libtestdriver1_mbedtls_psa_rsa_generate_key(
const psa_key_attributes_t *attributes,
uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
{
return( rsa_generate_key( attributes, key_buffer, key_buffer_size,
key_buffer_length ) );
}
#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) */
#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
psa_status_t libtestdriver1_mbedtls_psa_rsa_sign_hash(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
uint8_t *signature, size_t signature_size, size_t *signature_length )
{
#if defined(MBEDTLS_RSA_C) && \
(defined(MBEDTLS_PKCS1_V15) || defined(MBEDTLS_PKCS1_V21))
return( rsa_sign_hash(
attributes,
key_buffer, key_buffer_size,
alg, hash, hash_length,
signature, signature_size, signature_length ) );
#else
(void)attributes;
(void)key_buffer;
(void)key_buffer_size;
(void)alg;
(void)hash;
(void)hash_length;
(void)signature;
(void)signature_size;
(void)signature_length;
return( PSA_ERROR_NOT_SUPPORTED );
#endif
}
psa_status_t libtestdriver1_mbedtls_psa_rsa_verify_hash(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
const uint8_t *signature, size_t signature_length )
{
#if defined(MBEDTLS_RSA_C) && \
(defined(MBEDTLS_PKCS1_V15) || defined(MBEDTLS_PKCS1_V21))
return( rsa_verify_hash(
attributes,
key_buffer, key_buffer_size,
alg, hash, hash_length,
signature, signature_length ) );
#else
(void)attributes;
(void)key_buffer;
(void)key_buffer_size;
(void)alg;
(void)hash;
(void)hash_length;
(void)signature;
(void)signature_length;
return( PSA_ERROR_NOT_SUPPORTED );
#endif
}
#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) ||
* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */
#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */
#endif /* MBEDTLS_PSA_CRYPTO_C */ #endif /* MBEDTLS_PSA_CRYPTO_C */

View file

@ -74,7 +74,7 @@ psa_status_t mbedtls_test_transparent_hash_finish(
size_t *hash_length ); size_t *hash_length );
psa_status_t mbedtls_test_transparent_hash_abort( psa_status_t mbedtls_test_transparent_hash_abort(
mbedtls_psa_hash_operation_t *operation ); mbedtls_transparent_test_driver_hash_operation_t *operation );
#endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_TEST_DRIVERS_HASH_H */ #endif /* PSA_CRYPTO_TEST_DRIVERS_HASH_H */

View file

@ -66,11 +66,24 @@ const uint8_t mbedtls_test_driver_ecdsa_pubkey[65] =
psa_status_t mbedtls_test_transparent_init( void ) psa_status_t mbedtls_test_transparent_init( void )
{ {
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
status = libtestdriver1_psa_crypto_init( );
if( status != PSA_SUCCESS )
return( status );
#endif
(void)status;
return( PSA_SUCCESS ); return( PSA_SUCCESS );
} }
void mbedtls_test_transparent_free( void ) void mbedtls_test_transparent_free( void )
{ {
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
libtestdriver1_mbedtls_psa_crypto_free( );
#endif
return; return;
} }