1 /*
2 * PSA RSA layer on top of Mbed TLS crypto
3 */
4 /*
5 * Copyright The Mbed TLS Contributors
6 * SPDX-License-Identifier: Apache-2.0
7 *
8 * Licensed under the Apache License, Version 2.0 (the "License"); you may
9 * not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
11 *
12 * http://www.apache.org/licenses/LICENSE-2.0
13 *
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 */
20
21 #include "common.h"
22
23 #if defined(MBEDTLS_PSA_CRYPTO_C)
24
25 #include <psa/crypto.h>
26 #include "psa_crypto_core.h"
27 #include "psa_crypto_random_impl.h"
28 #include "psa_crypto_rsa.h"
29
30 #include <stdlib.h>
31 #include <string.h>
32 #include "mbedtls/platform.h"
33 #if !defined(MBEDTLS_PLATFORM_C)
34 #define mbedtls_calloc calloc
35 #define mbedtls_free free
36 #endif
37
38 #include <mbedtls/rsa.h>
39 #include <mbedtls/error.h>
40 #include <mbedtls/pk.h>
41 #include <mbedtls/pk_internal.h>
42
43 #if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
44 ( defined(PSA_CRYPTO_DRIVER_TEST) && \
45 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) ) )
46 #define BUILTIN_KEY_TYPE_RSA_KEY_PAIR 1
47 #endif
48
49 #if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) || \
50 ( defined(PSA_CRYPTO_DRIVER_TEST) && \
51 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) ) )
52 #define BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1
53 #endif
54
55 #if ( defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
56 ( defined(PSA_CRYPTO_DRIVER_TEST) && \
57 defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) && \
58 defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V15) ) )
59 #define BUILTIN_ALG_RSA_PKCS1V15_SIGN 1
60 #endif
61
62 #if ( defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \
63 ( defined(PSA_CRYPTO_DRIVER_TEST) && \
64 defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) && \
65 defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21) ) )
66 #define BUILTIN_ALG_RSA_PSS 1
67 #endif
68
69 #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
70 defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \
71 defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
72 defined(BUILTIN_ALG_RSA_PSS) || \
73 defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
74 defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
75
76 /* Mbed TLS doesn't support non-byte-aligned key sizes (i.e. key sizes
77 * that are not a multiple of 8) well. For example, there is only
78 * mbedtls_rsa_get_len(), which returns a number of bytes, and no
79 * way to return the exact bit size of a key.
80 * To keep things simple, reject non-byte-aligned key sizes. */
psa_check_rsa_key_byte_aligned(const mbedtls_rsa_context * rsa)81 static psa_status_t psa_check_rsa_key_byte_aligned(
82 const mbedtls_rsa_context *rsa )
83 {
84 mbedtls_mpi n;
85 psa_status_t status;
86 mbedtls_mpi_init( &n );
87 status = mbedtls_to_psa_error(
88 mbedtls_rsa_export( rsa, &n, NULL, NULL, NULL, NULL ) );
89 if( status == PSA_SUCCESS )
90 {
91 if( mbedtls_mpi_bitlen( &n ) % 8 != 0 )
92 status = PSA_ERROR_NOT_SUPPORTED;
93 }
94 mbedtls_mpi_free( &n );
95 return( status );
96 }
97
mbedtls_psa_rsa_load_representation(psa_key_type_t type,const uint8_t * data,size_t data_length,mbedtls_rsa_context ** p_rsa)98 psa_status_t mbedtls_psa_rsa_load_representation(
99 psa_key_type_t type, const uint8_t *data, size_t data_length,
100 mbedtls_rsa_context **p_rsa )
101 {
102 psa_status_t status;
103 mbedtls_pk_context ctx;
104 size_t bits;
105 mbedtls_pk_init( &ctx );
106
107 /* Parse the data. */
108 if( PSA_KEY_TYPE_IS_KEY_PAIR( type ) )
109 status = mbedtls_to_psa_error(
110 mbedtls_pk_parse_key( &ctx, data, data_length, NULL, 0 ) );
111 else
112 status = mbedtls_to_psa_error(
113 mbedtls_pk_parse_public_key( &ctx, data, data_length ) );
114 if( status != PSA_SUCCESS )
115 goto exit;
116
117 /* We have something that the pkparse module recognizes. If it is a
118 * valid RSA key, store it. */
119 if( mbedtls_pk_get_type( &ctx ) != MBEDTLS_PK_RSA )
120 {
121 status = PSA_ERROR_INVALID_ARGUMENT;
122 goto exit;
123 }
124
125 /* The size of an RSA key doesn't have to be a multiple of 8. Mbed TLS
126 * supports non-byte-aligned key sizes, but not well. For example,
127 * mbedtls_rsa_get_len() returns the key size in bytes, not in bits. */
128 bits = PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( mbedtls_pk_rsa( ctx ) ) );
129 if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS )
130 {
131 status = PSA_ERROR_NOT_SUPPORTED;
132 goto exit;
133 }
134 status = psa_check_rsa_key_byte_aligned( mbedtls_pk_rsa( ctx ) );
135 if( status != PSA_SUCCESS )
136 goto exit;
137
138 /* Copy out the pointer to the RSA context, and reset the PK context
139 * such that pk_free doesn't free the RSA context we just grabbed. */
140 *p_rsa = mbedtls_pk_rsa( ctx );
141 ctx.pk_info = NULL;
142
143 exit:
144 mbedtls_pk_free( &ctx );
145 return( status );
146 }
147 #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
148 * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) ||
149 * defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
150 * defined(BUILTIN_ALG_RSA_PSS) ||
151 * defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
152 * defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
153
154 #if defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
155 defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
156
rsa_import_key(const psa_key_attributes_t * attributes,const uint8_t * data,size_t data_length,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length,size_t * bits)157 static psa_status_t rsa_import_key(
158 const psa_key_attributes_t *attributes,
159 const uint8_t *data, size_t data_length,
160 uint8_t *key_buffer, size_t key_buffer_size,
161 size_t *key_buffer_length, size_t *bits )
162 {
163 psa_status_t status;
164 mbedtls_rsa_context *rsa = NULL;
165
166 /* Parse input */
167 status = mbedtls_psa_rsa_load_representation( attributes->core.type,
168 data,
169 data_length,
170 &rsa );
171 if( status != PSA_SUCCESS )
172 goto exit;
173
174 *bits = (psa_key_bits_t) PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( rsa ) );
175
176 /* Re-export the data to PSA export format, such that we can store export
177 * representation in the key slot. Export representation in case of RSA is
178 * the smallest representation that's allowed as input, so a straight-up
179 * allocation of the same size as the input buffer will be large enough. */
180 status = mbedtls_psa_rsa_export_key( attributes->core.type,
181 rsa,
182 key_buffer,
183 key_buffer_size,
184 key_buffer_length );
185 exit:
186 /* Always free the RSA object */
187 mbedtls_rsa_free( rsa );
188 mbedtls_free( rsa );
189
190 return( status );
191 }
192
mbedtls_psa_rsa_export_key(psa_key_type_t type,mbedtls_rsa_context * rsa,uint8_t * data,size_t data_size,size_t * data_length)193 psa_status_t mbedtls_psa_rsa_export_key( psa_key_type_t type,
194 mbedtls_rsa_context *rsa,
195 uint8_t *data,
196 size_t data_size,
197 size_t *data_length )
198 {
199 #if defined(MBEDTLS_PK_WRITE_C)
200 int ret;
201 mbedtls_pk_context pk;
202 uint8_t *pos = data + data_size;
203
204 mbedtls_pk_init( &pk );
205 pk.pk_info = &mbedtls_rsa_info;
206 pk.pk_ctx = rsa;
207
208 /* PSA Crypto API defines the format of an RSA key as a DER-encoded
209 * representation of the non-encrypted PKCS#1 RSAPrivateKey for a
210 * private key and of the RFC3279 RSAPublicKey for a public key. */
211 if( PSA_KEY_TYPE_IS_KEY_PAIR( type ) )
212 ret = mbedtls_pk_write_key_der( &pk, data, data_size );
213 else
214 ret = mbedtls_pk_write_pubkey( &pos, data, &pk );
215
216 if( ret < 0 )
217 {
218 /* Clean up in case pk_write failed halfway through. */
219 memset( data, 0, data_size );
220 return( mbedtls_to_psa_error( ret ) );
221 }
222
223 /* The mbedtls_pk_xxx functions write to the end of the buffer.
224 * Move the data to the beginning and erase remaining data
225 * at the original location. */
226 if( 2 * (size_t) ret <= data_size )
227 {
228 memcpy( data, data + data_size - ret, ret );
229 memset( data + data_size - ret, 0, ret );
230 }
231 else if( (size_t) ret < data_size )
232 {
233 memmove( data, data + data_size - ret, ret );
234 memset( data + ret, 0, data_size - ret );
235 }
236
237 *data_length = ret;
238 return( PSA_SUCCESS );
239 #else
240 (void) type;
241 (void) rsa;
242 (void) data;
243 (void) data_size;
244 (void) data_length;
245 return( PSA_ERROR_NOT_SUPPORTED );
246 #endif /* MBEDTLS_PK_WRITE_C */
247 }
248
rsa_export_public_key(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,uint8_t * data,size_t data_size,size_t * data_length)249 static psa_status_t rsa_export_public_key(
250 const psa_key_attributes_t *attributes,
251 const uint8_t *key_buffer, size_t key_buffer_size,
252 uint8_t *data, size_t data_size, size_t *data_length )
253 {
254 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
255 mbedtls_rsa_context *rsa = NULL;
256
257 status = mbedtls_psa_rsa_load_representation(
258 attributes->core.type, key_buffer, key_buffer_size, &rsa );
259 if( status != PSA_SUCCESS )
260 return( status );
261
262 status = mbedtls_psa_rsa_export_key( PSA_KEY_TYPE_RSA_PUBLIC_KEY,
263 rsa,
264 data,
265 data_size,
266 data_length );
267
268 mbedtls_rsa_free( rsa );
269 mbedtls_free( rsa );
270
271 return( status );
272 }
273 #endif /* defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
274 * defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
275
276 #if defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
psa_rsa_read_exponent(const uint8_t * domain_parameters,size_t domain_parameters_size,int * exponent)277 static psa_status_t psa_rsa_read_exponent( const uint8_t *domain_parameters,
278 size_t domain_parameters_size,
279 int *exponent )
280 {
281 size_t i;
282 uint32_t acc = 0;
283
284 if( domain_parameters_size == 0 )
285 {
286 *exponent = 65537;
287 return( PSA_SUCCESS );
288 }
289
290 /* Mbed TLS encodes the public exponent as an int. For simplicity, only
291 * support values that fit in a 32-bit integer, which is larger than
292 * int on just about every platform anyway. */
293 if( domain_parameters_size > sizeof( acc ) )
294 return( PSA_ERROR_NOT_SUPPORTED );
295 for( i = 0; i < domain_parameters_size; i++ )
296 acc = ( acc << 8 ) | domain_parameters[i];
297 if( acc > INT_MAX )
298 return( PSA_ERROR_NOT_SUPPORTED );
299 *exponent = acc;
300 return( PSA_SUCCESS );
301 }
302
rsa_generate_key(const psa_key_attributes_t * attributes,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length)303 static psa_status_t rsa_generate_key(
304 const psa_key_attributes_t *attributes,
305 uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
306 {
307 psa_status_t status;
308 mbedtls_rsa_context rsa;
309 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
310 int exponent;
311
312 status = psa_rsa_read_exponent( attributes->domain_parameters,
313 attributes->domain_parameters_size,
314 &exponent );
315 if( status != PSA_SUCCESS )
316 return( status );
317
318 mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE );
319 ret = mbedtls_rsa_gen_key( &rsa,
320 mbedtls_psa_get_random,
321 MBEDTLS_PSA_RANDOM_STATE,
322 (unsigned int)attributes->core.bits,
323 exponent );
324 if( ret != 0 )
325 return( mbedtls_to_psa_error( ret ) );
326
327 status = mbedtls_psa_rsa_export_key( attributes->core.type,
328 &rsa, key_buffer, key_buffer_size,
329 key_buffer_length );
330 mbedtls_rsa_free( &rsa );
331
332 return( status );
333 }
334 #endif /* defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) */
335
336 /****************************************************************/
337 /* Sign/verify hashes */
338 /****************************************************************/
339
340 #if defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) || defined(BUILTIN_ALG_RSA_PSS)
341
342 /* Decode the hash algorithm from alg and store the mbedtls encoding in
343 * md_alg. Verify that the hash length is acceptable. */
psa_rsa_decode_md_type(psa_algorithm_t alg,size_t hash_length,mbedtls_md_type_t * md_alg)344 static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg,
345 size_t hash_length,
346 mbedtls_md_type_t *md_alg )
347 {
348 psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
349 const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
350 *md_alg = mbedtls_md_get_type( md_info );
351
352 /* The Mbed TLS RSA module uses an unsigned int for hash length
353 * parameters. Validate that it fits so that we don't risk an
354 * overflow later. */
355 #if SIZE_MAX > UINT_MAX
356 if( hash_length > UINT_MAX )
357 return( PSA_ERROR_INVALID_ARGUMENT );
358 #endif
359
360 #if defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN)
361 /* For PKCS#1 v1.5 signature, if using a hash, the hash length
362 * must be correct. */
363 if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) &&
364 alg != PSA_ALG_RSA_PKCS1V15_SIGN_RAW )
365 {
366 if( md_info == NULL )
367 return( PSA_ERROR_NOT_SUPPORTED );
368 if( mbedtls_md_get_size( md_info ) != hash_length )
369 return( PSA_ERROR_INVALID_ARGUMENT );
370 }
371 #endif /* BUILTIN_ALG_RSA_PKCS1V15_SIGN */
372
373 #if defined(BUILTIN_ALG_RSA_PSS)
374 /* PSS requires a hash internally. */
375 if( PSA_ALG_IS_RSA_PSS( alg ) )
376 {
377 if( md_info == NULL )
378 return( PSA_ERROR_NOT_SUPPORTED );
379 }
380 #endif /* BUILTIN_ALG_RSA_PSS */
381
382 return( PSA_SUCCESS );
383 }
384
rsa_sign_hash(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,uint8_t * signature,size_t signature_size,size_t * signature_length)385 static psa_status_t rsa_sign_hash(
386 const psa_key_attributes_t *attributes,
387 const uint8_t *key_buffer, size_t key_buffer_size,
388 psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
389 uint8_t *signature, size_t signature_size, size_t *signature_length )
390 {
391 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
392 mbedtls_rsa_context *rsa = NULL;
393 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
394 mbedtls_md_type_t md_alg;
395
396 status = mbedtls_psa_rsa_load_representation( attributes->core.type,
397 key_buffer,
398 key_buffer_size,
399 &rsa );
400 if( status != PSA_SUCCESS )
401 return( status );
402
403 status = psa_rsa_decode_md_type( alg, hash_length, &md_alg );
404 if( status != PSA_SUCCESS )
405 goto exit;
406
407 if( signature_size < mbedtls_rsa_get_len( rsa ) )
408 {
409 status = PSA_ERROR_BUFFER_TOO_SMALL;
410 goto exit;
411 }
412
413 #if defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN)
414 if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
415 {
416 mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
417 MBEDTLS_MD_NONE );
418 ret = mbedtls_rsa_pkcs1_sign( rsa,
419 mbedtls_psa_get_random,
420 MBEDTLS_PSA_RANDOM_STATE,
421 MBEDTLS_RSA_PRIVATE,
422 md_alg,
423 (unsigned int) hash_length,
424 hash,
425 signature );
426 }
427 else
428 #endif /* BUILTIN_ALG_RSA_PKCS1V15_SIGN */
429 #if defined(BUILTIN_ALG_RSA_PSS)
430 if( PSA_ALG_IS_RSA_PSS( alg ) )
431 {
432 mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
433 ret = mbedtls_rsa_rsassa_pss_sign( rsa,
434 mbedtls_psa_get_random,
435 MBEDTLS_PSA_RANDOM_STATE,
436 MBEDTLS_RSA_PRIVATE,
437 MBEDTLS_MD_NONE,
438 (unsigned int) hash_length,
439 hash,
440 signature );
441 }
442 else
443 #endif /* BUILTIN_ALG_RSA_PSS */
444 {
445 status = PSA_ERROR_INVALID_ARGUMENT;
446 goto exit;
447 }
448
449 if( ret == 0 )
450 *signature_length = mbedtls_rsa_get_len( rsa );
451 status = mbedtls_to_psa_error( ret );
452
453 exit:
454 mbedtls_rsa_free( rsa );
455 mbedtls_free( rsa );
456
457 return( status );
458 }
459
rsa_verify_hash(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,const uint8_t * signature,size_t signature_length)460 static psa_status_t rsa_verify_hash(
461 const psa_key_attributes_t *attributes,
462 const uint8_t *key_buffer, size_t key_buffer_size,
463 psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
464 const uint8_t *signature, size_t signature_length )
465 {
466 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
467 mbedtls_rsa_context *rsa = NULL;
468 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
469 mbedtls_md_type_t md_alg;
470
471 status = mbedtls_psa_rsa_load_representation( attributes->core.type,
472 key_buffer,
473 key_buffer_size,
474 &rsa );
475 if( status != PSA_SUCCESS )
476 goto exit;
477
478 status = psa_rsa_decode_md_type( alg, hash_length, &md_alg );
479 if( status != PSA_SUCCESS )
480 goto exit;
481
482 if( signature_length != mbedtls_rsa_get_len( rsa ) )
483 {
484 status = PSA_ERROR_INVALID_SIGNATURE;
485 goto exit;
486 }
487
488 #if defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN)
489 if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
490 {
491 mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
492 MBEDTLS_MD_NONE );
493 ret = mbedtls_rsa_pkcs1_verify( rsa,
494 mbedtls_psa_get_random,
495 MBEDTLS_PSA_RANDOM_STATE,
496 MBEDTLS_RSA_PUBLIC,
497 md_alg,
498 (unsigned int) hash_length,
499 hash,
500 signature );
501 }
502 else
503 #endif /* BUILTIN_ALG_RSA_PKCS1V15_SIGN */
504 #if defined(BUILTIN_ALG_RSA_PSS)
505 if( PSA_ALG_IS_RSA_PSS( alg ) )
506 {
507 mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
508 ret = mbedtls_rsa_rsassa_pss_verify( rsa,
509 mbedtls_psa_get_random,
510 MBEDTLS_PSA_RANDOM_STATE,
511 MBEDTLS_RSA_PUBLIC,
512 MBEDTLS_MD_NONE,
513 (unsigned int) hash_length,
514 hash,
515 signature );
516 }
517 else
518 #endif /* BUILTIN_ALG_RSA_PSS */
519 {
520 status = PSA_ERROR_INVALID_ARGUMENT;
521 goto exit;
522 }
523
524 /* Mbed TLS distinguishes "invalid padding" from "valid padding but
525 * the rest of the signature is invalid". This has little use in
526 * practice and PSA doesn't report this distinction. */
527 status = ( ret == MBEDTLS_ERR_RSA_INVALID_PADDING ) ?
528 PSA_ERROR_INVALID_SIGNATURE :
529 mbedtls_to_psa_error( ret );
530
531 exit:
532 mbedtls_rsa_free( rsa );
533 mbedtls_free( rsa );
534
535 return( status );
536 }
537
538 #endif /* defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
539 * defined(BUILTIN_ALG_RSA_PSS) */
540
541 #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
542 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
543
mbedtls_psa_rsa_import_key(const psa_key_attributes_t * attributes,const uint8_t * data,size_t data_length,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length,size_t * bits)544 psa_status_t mbedtls_psa_rsa_import_key(
545 const psa_key_attributes_t *attributes,
546 const uint8_t *data, size_t data_length,
547 uint8_t *key_buffer, size_t key_buffer_size,
548 size_t *key_buffer_length, size_t *bits )
549 {
550 return( rsa_import_key( attributes, data, data_length,
551 key_buffer, key_buffer_size,
552 key_buffer_length, bits ) );
553 }
554
mbedtls_psa_rsa_export_public_key(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,uint8_t * data,size_t data_size,size_t * data_length)555 psa_status_t mbedtls_psa_rsa_export_public_key(
556 const psa_key_attributes_t *attributes,
557 const uint8_t *key_buffer, size_t key_buffer_size,
558 uint8_t *data, size_t data_size, size_t *data_length )
559 {
560 return( rsa_export_public_key( attributes, key_buffer, key_buffer_size,
561 data, data_size, data_length ) );
562 }
563
564 #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
565 * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
566
567 #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
mbedtls_psa_rsa_generate_key(const psa_key_attributes_t * attributes,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length)568 psa_status_t mbedtls_psa_rsa_generate_key(
569 const psa_key_attributes_t *attributes,
570 uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
571 {
572 return( rsa_generate_key( attributes, key_buffer, key_buffer_size,
573 key_buffer_length ) );
574 }
575 #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) */
576
577 #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
578 defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
mbedtls_psa_rsa_sign_hash(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,uint8_t * signature,size_t signature_size,size_t * signature_length)579 psa_status_t mbedtls_psa_rsa_sign_hash(
580 const psa_key_attributes_t *attributes,
581 const uint8_t *key_buffer, size_t key_buffer_size,
582 psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
583 uint8_t *signature, size_t signature_size, size_t *signature_length )
584 {
585 return( rsa_sign_hash(
586 attributes,
587 key_buffer, key_buffer_size,
588 alg, hash, hash_length,
589 signature, signature_size, signature_length ) );
590 }
591
mbedtls_psa_rsa_verify_hash(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,const uint8_t * signature,size_t signature_length)592 psa_status_t mbedtls_psa_rsa_verify_hash(
593 const psa_key_attributes_t *attributes,
594 const uint8_t *key_buffer, size_t key_buffer_size,
595 psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
596 const uint8_t *signature, size_t signature_length )
597 {
598 return( rsa_verify_hash(
599 attributes,
600 key_buffer, key_buffer_size,
601 alg, hash, hash_length,
602 signature, signature_length ) );
603 }
604 #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
605 * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) */
606
607 /*
608 * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
609 */
610
611 #if defined(PSA_CRYPTO_DRIVER_TEST)
612
613 #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \
614 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
615
mbedtls_transparent_test_driver_rsa_import_key(const psa_key_attributes_t * attributes,const uint8_t * data,size_t data_length,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length,size_t * bits)616 psa_status_t mbedtls_transparent_test_driver_rsa_import_key(
617 const psa_key_attributes_t *attributes,
618 const uint8_t *data, size_t data_length,
619 uint8_t *key_buffer, size_t key_buffer_size,
620 size_t *key_buffer_length, size_t *bits )
621 {
622 return( rsa_import_key( attributes, data, data_length,
623 key_buffer, key_buffer_size,
624 key_buffer_length, bits ) );
625 }
626
mbedtls_transparent_test_driver_rsa_export_public_key(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,uint8_t * data,size_t data_size,size_t * data_length)627 psa_status_t mbedtls_transparent_test_driver_rsa_export_public_key(
628 const psa_key_attributes_t *attributes,
629 const uint8_t *key_buffer, size_t key_buffer_size,
630 uint8_t *data, size_t data_size, size_t *data_length )
631 {
632 return( rsa_export_public_key( attributes, key_buffer, key_buffer_size,
633 data, data_size, data_length ) );
634 }
635
636 #endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) ||
637 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) */
638
639 #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR)
mbedtls_transparent_test_driver_rsa_generate_key(const psa_key_attributes_t * attributes,uint8_t * key_buffer,size_t key_buffer_size,size_t * key_buffer_length)640 psa_status_t mbedtls_transparent_test_driver_rsa_generate_key(
641 const psa_key_attributes_t *attributes,
642 uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
643 {
644 return( rsa_generate_key( attributes, key_buffer, key_buffer_size,
645 key_buffer_length ) );
646 }
647 #endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) */
648
649 #if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
650 defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
mbedtls_transparent_test_driver_rsa_sign_hash(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,uint8_t * signature,size_t signature_size,size_t * signature_length)651 psa_status_t mbedtls_transparent_test_driver_rsa_sign_hash(
652 const psa_key_attributes_t *attributes,
653 const uint8_t *key_buffer, size_t key_buffer_size,
654 psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
655 uint8_t *signature, size_t signature_size, size_t *signature_length )
656 {
657 #if defined(MBEDTLS_RSA_C) && \
658 (defined(MBEDTLS_PKCS1_V15) || defined(MBEDTLS_PKCS1_V21))
659 return( rsa_sign_hash(
660 attributes,
661 key_buffer, key_buffer_size,
662 alg, hash, hash_length,
663 signature, signature_size, signature_length ) );
664 #else
665 (void)attributes;
666 (void)key_buffer;
667 (void)key_buffer_size;
668 (void)alg;
669 (void)hash;
670 (void)hash_length;
671 (void)signature;
672 (void)signature_size;
673 (void)signature_length;
674 return( PSA_ERROR_NOT_SUPPORTED );
675 #endif
676 }
677
mbedtls_transparent_test_driver_rsa_verify_hash(const psa_key_attributes_t * attributes,const uint8_t * key_buffer,size_t key_buffer_size,psa_algorithm_t alg,const uint8_t * hash,size_t hash_length,const uint8_t * signature,size_t signature_length)678 psa_status_t mbedtls_transparent_test_driver_rsa_verify_hash(
679 const psa_key_attributes_t *attributes,
680 const uint8_t *key_buffer, size_t key_buffer_size,
681 psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
682 const uint8_t *signature, size_t signature_length )
683 {
684 #if defined(MBEDTLS_RSA_C) && \
685 (defined(MBEDTLS_PKCS1_V15) || defined(MBEDTLS_PKCS1_V21))
686 return( rsa_verify_hash(
687 attributes,
688 key_buffer, key_buffer_size,
689 alg, hash, hash_length,
690 signature, signature_length ) );
691 #else
692 (void)attributes;
693 (void)key_buffer;
694 (void)key_buffer_size;
695 (void)alg;
696 (void)hash;
697 (void)hash_length;
698 (void)signature;
699 (void)signature_length;
700 return( PSA_ERROR_NOT_SUPPORTED );
701 #endif
702 }
703 #endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) ||
704 * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */
705
706 #endif /* PSA_CRYPTO_DRIVER_TEST */
707
708 #endif /* MBEDTLS_PSA_CRYPTO_C */
709