From abd00d0be880547c5dbad2039a792d28d4ddf701 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 12 Jun 2023 17:51:33 +0200 Subject: [PATCH 01/14] test: adding new components for testing and driver coverage analysis without BN MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 108 ++++++++++++++++++++++++++++++ tests/scripts/analyze_outcomes.py | 55 +++++++++++++++ 2 files changed, 163 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 386a94950..bebad5a07 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2650,6 +2650,114 @@ component_test_psa_crypto_config_reference_ecc_no_ecp_at_all () { tests/ssl-opt.sh } +# This function is really similar to config_psa_crypto_no_ecp_at_all() above so +# its description is basically the same. The main difference in this case is +# that when the EC built-in implementation is disabled, then also Bignum module +# and its dependencies are disabled as well. +# +# This is the common helper between: +# - component_test_psa_crypto_config_accel_ecc_no_bignum +# - component_test_psa_crypto_config_reference_ecc_no_bignum +config_psa_crypto_config_accel_ecc_no_bignum() { + DRIVER_ONLY="$1" + # start with crypto_full config for maximum coverage (also enables USE_PSA), + # but excluding X509, TLS and key exchanges + helper_libtestdriver1_adjust_config "crypto_full" + + # enable support for drivers and configuring PSA-only algorithms + scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG + if [ "$DRIVER_ONLY" -eq 1 ]; then + # Disable modules that are accelerated + scripts/config.py unset MBEDTLS_ECDSA_C + scripts/config.py unset MBEDTLS_ECDH_C + scripts/config.py unset MBEDTLS_ECJPAKE_C + # Disable ECP module (entirely) + scripts/config.py unset MBEDTLS_ECP_C + # TODO: bignum + fi + + # Disable all the features that auto-enable ECP_LIGHT (see build_info.h) + scripts/config.py unset MBEDTLS_PK_PARSE_EC_EXTENDED + scripts/config.py unset MBEDTLS_PK_PARSE_EC_COMPRESSED + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE + + # Restartable feature is not yet supported by PSA. Once it will in + # the future, the following line could be removed (see issues + # 6061, 6332 and following ones) + scripts/config.py unset MBEDTLS_ECP_RESTARTABLE +} + +# Build and test a configuration where driver accelerates all EC algs while +# all support and dependencies from ECP and ECP_LIGHT are removed on the library +# side. +# +# Keep in sync with component_test_psa_crypto_config_reference_ecc_no_bignum() +component_test_psa_crypto_config_accel_ecc_no_bignum () { + msg "build: crypto_full + accelerated EC algs + USE_PSA - ECP" + + # Algorithms and key types to accelerate + loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \ + ALG_ECDH \ + ALG_JPAKE \ + KEY_TYPE_ECC_KEY_PAIR_BASIC \ + KEY_TYPE_ECC_KEY_PAIR_IMPORT \ + KEY_TYPE_ECC_KEY_PAIR_EXPORT \ + KEY_TYPE_ECC_KEY_PAIR_GENERATE \ + KEY_TYPE_ECC_PUBLIC_KEY" + + # Configure + # --------- + + # Set common configurations between library's and driver's builds + config_psa_crypto_config_accel_ecc_no_bignum 1 + + # Build + # ----- + + # Things we wanted supported in libtestdriver1, but not accelerated in the main library: + # SHA-1 and all SHA-2 variants, as they are used by ECDSA deterministic. + loc_extra_list="ALG_SHA_1 ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512" + + helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" + + helper_libtestdriver1_make_main "$loc_accel_list" + + # Make sure any built-in EC alg was not re-enabled by accident (additive config) + not grep mbedtls_ecdsa_ library/ecdsa.o + not grep mbedtls_ecdh_ library/ecdh.o + not grep mbedtls_ecjpake_ library/ecjpake.o + # Also ensure that ECP or RSA modules were not re-enabled + not grep mbedtls_ecp_ library/ecp.o + + # Run the tests + # ------------- + + msg "test suites: crypto_full + accelerated EC algs + USE_PSA - ECP" + make test + + # The following will be enabled in #7756 + #msg "ssl-opt: full + accelerated EC algs + USE_PSA - ECP" + #tests/ssl-opt.sh +} + +# Reference function used for driver's coverage analysis in analyze_outcomes.py +# in conjunction with component_test_psa_crypto_config_accel_ecc_no_bignum(). +# Keep in sync with its accelerated counterpart. +component_test_psa_crypto_config_reference_ecc_no_bignum () { + msg "build: crypto_full + non accelerated EC algs + USE_PSA" + + config_psa_crypto_config_accel_ecc_no_bignum 0 + + make + + msg "test suites: crypto_full + non accelerated EC algs + USE_PSA" + make test + + # The following will be enabled in #7756 + #msg "ssl-opt: full + non accelerated EC algs + USE_PSA" + #tests/ssl-opt.sh +} + # Helper function used in: # - component_test_psa_crypto_config_accel_all_curves_except_p192 # - component_test_psa_crypto_config_accel_all_curves_except_x25519 diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index f3a14a9d4..bb0c4509b 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -310,6 +310,61 @@ TASKS = { } } }, + 'analyze_driver_vs_reference_no_bignum': { + 'test_function': do_analyze_driver_vs_reference, + 'args': { + 'component_ref': 'test_psa_crypto_config_reference_ecc_no_bignum', + 'component_driver': 'test_psa_crypto_config_accel_ecc_no_bignum', + 'ignored_suites': [ + # Ignore test suites for the modules that are disabled in the + # accelerated test case. + 'ecp', + 'ecdsa', + 'ecdh', + 'ecjpake', + ], + 'ignored_tests': { + 'test_suite_random': [ + 'PSA classic wrapper: ECDSA signature (SECP256R1)', + ], + 'test_suite_psa_crypto': [ + 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 (1 redraw)', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1, exercise ECDSA', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp384r1', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #0', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #1', + 'PSA key derivation: bits=7 invalid for ECC BRAINPOOL_P_R1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECP_K1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECP_R1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECP_R2 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECT_K1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECT_R1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECT_R2 (ECC enabled)', + ], + 'test_suite_pkparse': [ + # See the description provided above in the + # analyze_driver_vs_reference_no_ecp_at_all component. + 'Parse EC Key #10a (SEC1 PEM, secp384r1, compressed)', + 'Parse EC Key #11a (SEC1 PEM, secp521r1, compressed)', + 'Parse EC Key #12a (SEC1 PEM, bp256r1, compressed)', + 'Parse EC Key #13a (SEC1 PEM, bp384r1, compressed)', + 'Parse EC Key #14a (SEC1 PEM, bp512r1, compressed)', + 'Parse EC Key #2a (SEC1 PEM, secp192r1, compressed)', + 'Parse EC Key #8a (SEC1 PEM, secp224r1, compressed)', + 'Parse EC Key #9a (SEC1 PEM, secp256r1, compressed)', + 'Parse Public EC Key #2a (RFC 5480, PEM, secp192r1, compressed)', + 'Parse Public EC Key #3a (RFC 5480, secp224r1, compressed)', + 'Parse Public EC Key #4a (RFC 5480, secp256r1, compressed)', + 'Parse Public EC Key #5a (RFC 5480, secp384r1, compressed)', + 'Parse Public EC Key #6a (RFC 5480, secp521r1, compressed)', + 'Parse Public EC Key #7a (RFC 5480, brainpoolP256r1, compressed)', + 'Parse Public EC Key #8a (RFC 5480, brainpoolP384r1, compressed)', + 'Parse Public EC Key #9a (RFC 5480, brainpoolP512r1, compressed)', + ], + } + } + }, 'analyze_driver_vs_reference_ffdh_alg': { 'test_function': do_analyze_driver_vs_reference, 'args': { From 7dccb66d4944bbcdec024303b7d597511964e6ac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 12 Jun 2023 18:28:42 +0200 Subject: [PATCH 02/14] test: disable RSA support on the test ecc_no_bignum component MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard Signed-off-by: Valerio Setti --- include/mbedtls/check_config.h | 3 ++- library/pkparse.c | 2 +- library/pkwrite.h | 4 ++-- tests/scripts/all.sh | 23 +++++++++++++++++++++++ 4 files changed, 28 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 7a8797107..e503fdff5 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -425,7 +425,8 @@ #endif #if defined(MBEDTLS_PK_C) && \ - !defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_ECP_LIGHT) + !defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_ECP_LIGHT) && \ + !( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) ) #error "MBEDTLS_PK_C defined, but not all prerequisites" #endif diff --git a/library/pkparse.c b/library/pkparse.c index f03ace261..78eb4bc62 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -34,7 +34,7 @@ #include "mbedtls/rsa.h" #endif #include "mbedtls/ecp.h" -#if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_PK_HAVE_ECC_KEYS) #include "pkwrite.h" #endif #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) diff --git a/library/pkwrite.h b/library/pkwrite.h index aa2f17b02..bc40437d5 100644 --- a/library/pkwrite.h +++ b/library/pkwrite.h @@ -85,7 +85,7 @@ * + 2 * ECP_MAX (coords) [1] * } */ -#define MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES (30 + 2 * MBEDTLS_ECP_MAX_BYTES) +#define MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES (30 + 2 * 66) /* * EC private keys: @@ -96,7 +96,7 @@ * publicKey [1] BIT STRING OPTIONAL 1 + 2 + [1] above * } */ -#define MBEDTLS_PK_ECP_PRV_DER_MAX_BYTES (29 + 3 * MBEDTLS_ECP_MAX_BYTES) +#define MBEDTLS_PK_ECP_PRV_DER_MAX_BYTES (29 + 3 * 66) #else /* MBEDTLS_PK_HAVE_ECC_KEYS */ diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index bebad5a07..295c34ab5 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2681,6 +2681,29 @@ config_psa_crypto_config_accel_ecc_no_bignum() { scripts/config.py unset MBEDTLS_PK_PARSE_EC_COMPRESSED scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE + # RSA support is intentionally disabled on this test because RSA_C depends + # on BIGNUM_C. + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY + for ALG in $(sed -n 's/^#define \(PSA_WANT_ALG_RSA_[0-9A-Z_a-z]*\).*/\1/p' <"$CRYPTO_CONFIG_H"); do + scripts/config.py -f include/psa/crypto_config.h unset $ALG + done + scripts/config.py unset MBEDTLS_RSA_C + scripts/config.py unset MBEDTLS_PKCS1_V15 + scripts/config.py unset MBEDTLS_PKCS1_V21 + scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT + # Also disable key exchanges that depend on RSA + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED + + # TODO: DHM and its reverse deps + # Restartable feature is not yet supported by PSA. Once it will in # the future, the following line could be removed (see issues # 6061, 6332 and following ones) From 06aebe4995e753f4bf8b0a9b758942e55f8c4478 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 12 Jun 2023 18:33:34 +0200 Subject: [PATCH 03/14] test: disable FFDH support on the test ecc_no_bignum component Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 295c34ab5..9823e420a 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2702,7 +2702,17 @@ config_psa_crypto_config_accel_ecc_no_bignum() { scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED - # TODO: DHM and its reverse deps + # Disable FFDH because it also depends on BIGNUM. + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_FFDH + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY + scripts/config.py unset MBEDTLS_DHM_C + # Also disable key exchanges that depend on FFDH + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED # Restartable feature is not yet supported by PSA. Once it will in # the future, the following line could be removed (see issues @@ -2749,8 +2759,10 @@ component_test_psa_crypto_config_accel_ecc_no_bignum () { not grep mbedtls_ecdsa_ library/ecdsa.o not grep mbedtls_ecdh_ library/ecdh.o not grep mbedtls_ecjpake_ library/ecjpake.o - # Also ensure that ECP or RSA modules were not re-enabled + # Also ensure that ECP, RSA, or DHM modules were not re-enabled not grep mbedtls_ecp_ library/ecp.o + not grep mbedtls_rsa_ library/rsa.o + not grep mbedtls_dhm_ library/dhm.o # Run the tests # ------------- From 660bbf24707afdf2bdd069950aeec504edd1976d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 12 Jun 2023 18:42:40 +0200 Subject: [PATCH 04/14] test: disable BIGNUM support on the test ecc_no_bignum component Signed-off-by: Valerio Setti --- programs/pkey/gen_key.c | 7 ++++++- programs/pkey/key_app_writer.c | 6 ++++++ tests/scripts/all.sh | 4 +++- 3 files changed, 15 insertions(+), 2 deletions(-) diff --git a/programs/pkey/gen_key.c b/programs/pkey/gen_key.c index 9bee27505..99e88505c 100644 --- a/programs/pkey/gen_key.c +++ b/programs/pkey/gen_key.c @@ -180,7 +180,9 @@ int main(int argc, char *argv[]) char buf[1024]; int i; char *p, *q; +#if defined(MBEDTLS_RSA_C) mbedtls_mpi N, P, Q, D, E, DP, DQ, QP; +#endif /* MBEDTLS_RSA_C */ mbedtls_entropy_context entropy; mbedtls_ctr_drbg_context ctr_drbg; const char *pers = "gen_key"; @@ -191,10 +193,11 @@ int main(int argc, char *argv[]) /* * Set to sane values */ - +#if defined(MBEDTLS_RSA_C) mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP); mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP); +#endif /* MBEDTLS_RSA_C */ mbedtls_pk_init(&key); mbedtls_ctr_drbg_init(&ctr_drbg); @@ -409,9 +412,11 @@ exit: #endif } +#if defined(MBEDTLS_RSA_C) mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP); mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP); +#endif /* MBEDTLS_RSA_C */ mbedtls_pk_free(&key); mbedtls_ctr_drbg_free(&ctr_drbg); diff --git a/programs/pkey/key_app_writer.c b/programs/pkey/key_app_writer.c index e8f3e85a9..179094cb5 100644 --- a/programs/pkey/key_app_writer.c +++ b/programs/pkey/key_app_writer.c @@ -203,7 +203,9 @@ int main(int argc, char *argv[]) mbedtls_ctr_drbg_context ctr_drbg; mbedtls_pk_context key; +#if defined(MBEDTLS_RSA_C) mbedtls_mpi N, P, Q, D, E, DP, DQ, QP; +#endif /* MBEDTLS_RSA_C */ /* * Set to sane values @@ -225,9 +227,11 @@ int main(int argc, char *argv[]) } #endif /* MBEDTLS_USE_PSA_CRYPTO */ +#if defined(MBEDTLS_RSA_C) mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP); mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP); +#endif /* MBEDTLS_RSA_C */ if (argc < 2) { usage: @@ -423,9 +427,11 @@ exit: #endif } +#if defined(MBEDTLS_RSA_C) mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP); mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP); +#endif /* MBEDTLS_RSA_C */ mbedtls_pk_free(&key); diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 9823e420a..38fbc2bf5 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2673,7 +2673,8 @@ config_psa_crypto_config_accel_ecc_no_bignum() { scripts/config.py unset MBEDTLS_ECJPAKE_C # Disable ECP module (entirely) scripts/config.py unset MBEDTLS_ECP_C - # TODO: bignum + # Also disable bignum + scripts/config.py unset MBEDTLS_BIGNUM_C fi # Disable all the features that auto-enable ECP_LIGHT (see build_info.h) @@ -2763,6 +2764,7 @@ component_test_psa_crypto_config_accel_ecc_no_bignum () { not grep mbedtls_ecp_ library/ecp.o not grep mbedtls_rsa_ library/rsa.o not grep mbedtls_dhm_ library/dhm.o + not grep mbedtls_mpi_ library/bignum.o # Run the tests # ------------- From 9b3dbcc2e31964d7d321d1a0672fe31a5e10c2e7 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 26 Jul 2023 18:00:31 +0200 Subject: [PATCH 05/14] analyze_outcomes: skip tests that unavoidably depend on bignum Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index bb0c4509b..ee51513b7 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -322,6 +322,12 @@ TASKS = { 'ecdsa', 'ecdh', 'ecjpake', + 'bignum_core', + 'bignum_random', + 'bignum_mod', + 'bignum_mod_raw', + 'bignum.generated', + 'bignum.misc', ], 'ignored_tests': { 'test_suite_random': [ @@ -362,6 +368,28 @@ TASKS = { 'Parse Public EC Key #8a (RFC 5480, brainpoolP384r1, compressed)', 'Parse Public EC Key #9a (RFC 5480, brainpoolP512r1, compressed)', ], + 'test_suite_asn1parse': [ + # This test depends on BIGNUM_C + 'INTEGER too large for mpi', + ], + 'test_suite_asn1write': [ + # Following tests depends on BIGNUM_C + 'ASN.1 Write mpi 0 (1 limb)', + 'ASN.1 Write mpi 0 (null)', + 'ASN.1 Write mpi 0x100', + 'ASN.1 Write mpi 0x7f', + 'ASN.1 Write mpi 0x7f with leading 0 limb', + 'ASN.1 Write mpi 0x80', + 'ASN.1 Write mpi 0x80 with leading 0 limb', + 'ASN.1 Write mpi 0xff', + 'ASN.1 Write mpi 1', + 'ASN.1 Write mpi, 127*8 bits', + 'ASN.1 Write mpi, 127*8+1 bits', + 'ASN.1 Write mpi, 127*8-1 bits', + 'ASN.1 Write mpi, 255*8 bits', + 'ASN.1 Write mpi, 255*8-1 bits', + 'ASN.1 Write mpi, 256*8-1 bits', + ], } } }, From c5d85e5eade217d39f09d33c6f3969c18e49fb67 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 26 Jul 2023 18:12:23 +0200 Subject: [PATCH 06/14] test: remove BIGNUM dependencies from pk[parse/write] suites Signed-off-by: Valerio Setti --- tests/suites/test_suite_pkparse.function | 2 +- tests/suites/test_suite_pkwrite.function | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_pkparse.function b/tests/suites/test_suite_pkparse.function index 7947d3c9f..0d9a0c8fc 100644 --- a/tests/suites/test_suite_pkparse.function +++ b/tests/suites/test_suite_pkparse.function @@ -8,7 +8,7 @@ /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_BIGNUM_C + * depends_on:MBEDTLS_PK_PARSE_C * END_DEPENDENCIES */ diff --git a/tests/suites/test_suite_pkwrite.function b/tests/suites/test_suite_pkwrite.function index e1be52ef4..37c06c85d 100644 --- a/tests/suites/test_suite_pkwrite.function +++ b/tests/suites/test_suite_pkwrite.function @@ -144,7 +144,7 @@ exit: /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_BIGNUM_C:MBEDTLS_FS_IO + * depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_FS_IO * END_DEPENDENCIES */ From fe7d96cff7feb1593686c1268157071622215232 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 27 Jul 2023 11:59:22 +0200 Subject: [PATCH 07/14] test: minor optimizations to ecc_no_bignum components Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 38fbc2bf5..1342e2eb0 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2684,10 +2684,9 @@ config_psa_crypto_config_accel_ecc_no_bignum() { # RSA support is intentionally disabled on this test because RSA_C depends # on BIGNUM_C. - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE + for KT in $(sed -n 's/^#define \(PSA_WANT_KEY_TYPE_RSA_[0-9A-Z_a-z]*\).*/\1/p' <"$CRYPTO_CONFIG_H"); do + scripts/config.py -f include/psa/crypto_config.h unset $KT + done scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY for ALG in $(sed -n 's/^#define \(PSA_WANT_ALG_RSA_[0-9A-Z_a-z]*\).*/\1/p' <"$CRYPTO_CONFIG_H"); do scripts/config.py -f include/psa/crypto_config.h unset $ALG @@ -2705,10 +2704,9 @@ config_psa_crypto_config_accel_ecc_no_bignum() { # Disable FFDH because it also depends on BIGNUM. scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_FFDH - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE + for KT in $(sed -n 's/^#define \(PSA_WANT_KEY_TYPE_DH_[0-9A-Z_a-z]*\).*/\1/p' <"$CRYPTO_CONFIG_H"); do + scripts/config.py -f include/psa/crypto_config.h unset $KT + done scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY scripts/config.py unset MBEDTLS_DHM_C # Also disable key exchanges that depend on FFDH @@ -2760,7 +2758,7 @@ component_test_psa_crypto_config_accel_ecc_no_bignum () { not grep mbedtls_ecdsa_ library/ecdsa.o not grep mbedtls_ecdh_ library/ecdh.o not grep mbedtls_ecjpake_ library/ecjpake.o - # Also ensure that ECP, RSA, or DHM modules were not re-enabled + # Also ensure that ECP, RSA, DHM or BIGNUM modules were not re-enabled not grep mbedtls_ecp_ library/ecp.o not grep mbedtls_rsa_ library/rsa.o not grep mbedtls_dhm_ library/dhm.o From 97b28f81d8a1f243f7cb6af500e7c74664e16eb2 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 27 Jul 2023 12:02:14 +0200 Subject: [PATCH 08/14] pkparse: remove unnecessary header Signed-off-by: Valerio Setti --- library/pkparse.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 78eb4bc62..fe01a1149 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -34,9 +34,6 @@ #include "mbedtls/rsa.h" #endif #include "mbedtls/ecp.h" -#if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_PK_HAVE_ECC_KEYS) -#include "pkwrite.h" -#endif #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) #include "pk_internal.h" #endif From a7c9e09dd0f59ee6a6773d71e34f6f5180605dae Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 27 Jul 2023 14:39:50 +0200 Subject: [PATCH 09/14] pkwrite: add new internal symbol to properly size DER buffer Signed-off-by: Valerio Setti --- library/pkwrite.h | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/library/pkwrite.h b/library/pkwrite.h index bc40437d5..8cfa64b8e 100644 --- a/library/pkwrite.h +++ b/library/pkwrite.h @@ -27,6 +27,10 @@ #include "mbedtls/pk.h" +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + /* * Max sizes of key per types. Shown as tag + len (+ content). */ @@ -74,6 +78,19 @@ #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) + +/* Find the maximum number of bytes necessary to store an EC point. When USE_PSA + * is defined this means looking for the maximum between PSA and built-in + * supported curves. */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#define MBEDTLS_PK_MAX_ECC_BYTES (PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS) > \ + MBEDTLS_ECP_MAX_BYTES ? \ + PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS) : \ + MBEDTLS_ECP_MAX_BYTES) +#else /* MBEDTLS_USE_PSA_CRYPTO */ +#define MBEDTLS_PK_MAX_ECC_BYTES MBEDTLS_ECP_MAX_BYTES +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + /* * EC public keys: * SubjectPublicKeyInfo ::= SEQUENCE { 1 + 2 @@ -85,7 +102,7 @@ * + 2 * ECP_MAX (coords) [1] * } */ -#define MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES (30 + 2 * 66) +#define MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES (30 + 2 * MBEDTLS_PK_MAX_ECC_BYTES) /* * EC private keys: @@ -96,7 +113,7 @@ * publicKey [1] BIT STRING OPTIONAL 1 + 2 + [1] above * } */ -#define MBEDTLS_PK_ECP_PRV_DER_MAX_BYTES (29 + 3 * 66) +#define MBEDTLS_PK_ECP_PRV_DER_MAX_BYTES (29 + 3 * MBEDTLS_PK_MAX_ECC_BYTES) #else /* MBEDTLS_PK_HAVE_ECC_KEYS */ From 7c494e7211437a443872f4caee7eb10b140ed03f Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 27 Jul 2023 14:58:53 +0200 Subject: [PATCH 10/14] pk: move PK_HAVE_ECC_KEYS to build_info.h This is usefuls to use PK_HAVE_ECC_KEYS in check_config.h instead of redefining it twice in different ways. Signed-off-by: Valerio Setti --- include/mbedtls/build_info.h | 29 +++++++++++++++++++++++++++++ include/mbedtls/check_config.h | 3 +-- 2 files changed, 30 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index 5b8a40df7..0b1ef1d91 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -208,6 +208,35 @@ #define MBEDTLS_PK_PARSE_C #endif +/* Internal helper to define which fields in the pk_context structure should + * be used for EC keys: legacy ecp_keypair or the raw (PSA friendly) format. + * It should be noticed that this only affect how data is stored, not which + * functions are used for various operations. The overall picture looks like + * this: + * - if USE_PSA is not defined and ECP_C is then use ecp_keypair data structure + * and legacy functions + * - if USE_PSA is defined and + * - if ECP_C then use ecp_keypair structure, convert data to a PSA friendly + * format and use PSA functions + * - if !ECP_C then use new raw data and PSA functions directly. + * + * The main reason for the "intermediate" (USE_PSA + ECP_C) above is that as long + * as ECP_C is defined mbedtls_pk_ec() gives the user a read/write access to the + * ecp_keypair structure inside the pk_context so he/she can modify it using + * ECP functions which are not under PK module's control. + */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) && \ + !defined(MBEDTLS_ECP_C) +#define MBEDTLS_PK_USE_PSA_EC_DATA +#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_ECP_C */ + +/* Helper symbol to state that the PK module has support for EC keys. This + * can either be provided through the legacy ECP solution or through the + * PSA friendly MBEDTLS_PK_USE_PSA_EC_DATA. */ +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) || defined(MBEDTLS_ECP_C) +#define MBEDTLS_PK_HAVE_ECC_KEYS +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA || MBEDTLS_ECP_C */ + /* The following blocks make it easier to disable all of TLS, * or of TLS 1.2 or 1.3 or DTLS, without having to manually disable all * key exchanges, options and extensions related to them. */ diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index e503fdff5..264c2c938 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -425,8 +425,7 @@ #endif #if defined(MBEDTLS_PK_C) && \ - !defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_ECP_LIGHT) && \ - !( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) ) + !defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_PK_HAVE_ECC_KEYS) #error "MBEDTLS_PK_C defined, but not all prerequisites" #endif From a8c655edb04998268e7030d3971e19d6c4352aa7 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 28 Jul 2023 16:24:19 +0200 Subject: [PATCH 11/14] test: remove redundant code setting MBEDTLS_PSA_CRYPTO_CONFIG Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 4 ---- 1 file changed, 4 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 1342e2eb0..1aa6490c4 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2559,8 +2559,6 @@ config_psa_crypto_no_ecp_at_all () { # start with full config for maximum coverage (also enables USE_PSA) helper_libtestdriver1_adjust_config "full" - # enable support for drivers and configuring PSA-only algorithms - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG if [ "$DRIVER_ONLY" -eq 1 ]; then # Disable modules that are accelerated scripts/config.py unset MBEDTLS_ECDSA_C @@ -2664,8 +2662,6 @@ config_psa_crypto_config_accel_ecc_no_bignum() { # but excluding X509, TLS and key exchanges helper_libtestdriver1_adjust_config "crypto_full" - # enable support for drivers and configuring PSA-only algorithms - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG if [ "$DRIVER_ONLY" -eq 1 ]; then # Disable modules that are accelerated scripts/config.py unset MBEDTLS_ECDSA_C From 2e0275d2a10d4833c4ef6069b6f39ee90e6eafd5 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 28 Jul 2023 16:33:13 +0200 Subject: [PATCH 12/14] test: use unset-all option in config.py to optimize test code Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 32 +++++++------------------------- 1 file changed, 7 insertions(+), 25 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 1aa6490c4..8e468bf29 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1796,9 +1796,7 @@ component_test_everest_curve25519_only () { scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED scripts/config.py unset MBEDTLS_ECJPAKE_C # Disable all curves - for c in $(sed -n 's/#define \(MBEDTLS_ECP_DP_[0-9A-Z_a-z]*_ENABLED\).*/\1/p' <"$CONFIG_H"); do - scripts/config.py unset "$c" - done + scripts/config.py unset-all "MBEDTLS_ECP_DP_[0-9A-Z_a-z]*_ENABLED" scripts/config.py set MBEDTLS_ECP_DP_CURVE25519_ENABLED make CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS" @@ -2680,13 +2678,8 @@ config_psa_crypto_config_accel_ecc_no_bignum() { # RSA support is intentionally disabled on this test because RSA_C depends # on BIGNUM_C. - for KT in $(sed -n 's/^#define \(PSA_WANT_KEY_TYPE_RSA_[0-9A-Z_a-z]*\).*/\1/p' <"$CRYPTO_CONFIG_H"); do - scripts/config.py -f include/psa/crypto_config.h unset $KT - done - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY - for ALG in $(sed -n 's/^#define \(PSA_WANT_ALG_RSA_[0-9A-Z_a-z]*\).*/\1/p' <"$CRYPTO_CONFIG_H"); do - scripts/config.py -f include/psa/crypto_config.h unset $ALG - done + scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_KEY_TYPE_RSA_[0-9A-Z_a-z]*" + scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_ALG_RSA_[0-9A-Z_a-z]*" scripts/config.py unset MBEDTLS_RSA_C scripts/config.py unset MBEDTLS_PKCS1_V15 scripts/config.py unset MBEDTLS_PKCS1_V21 @@ -2700,10 +2693,7 @@ config_psa_crypto_config_accel_ecc_no_bignum() { # Disable FFDH because it also depends on BIGNUM. scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_FFDH - for KT in $(sed -n 's/^#define \(PSA_WANT_KEY_TYPE_DH_[0-9A-Z_a-z]*\).*/\1/p' <"$CRYPTO_CONFIG_H"); do - scripts/config.py -f include/psa/crypto_config.h unset $KT - done - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY + scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_KEY_TYPE_DH_[0-9A-Z_a-z]*" scripts/config.py unset MBEDTLS_DHM_C # Also disable key exchanges that depend on FFDH scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED @@ -2830,14 +2820,8 @@ psa_crypto_config_accel_all_curves_except_one () { scripts/config.py unset MBEDTLS_PKCS1_V21 scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT # Disable RSA on the PSA side too - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY - for ALG in $(sed -n 's/^#define \(PSA_WANT_ALG_RSA_[0-9A-Z_a-z]*\).*/\1/p' <"$CRYPTO_CONFIG_H"); do - scripts/config.py -f "$CRYPTO_CONFIG_H" unset $ALG - done + scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_KEY_TYPE_RSA_[0-9A-Z_a-z]*" + scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_ALG_RSA_[0-9A-Z_a-z]*" # Also disable key exchanges that depend on RSA scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_ENABLED @@ -2846,9 +2830,7 @@ psa_crypto_config_accel_all_curves_except_one () { scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED # Explicitly disable all SW implementation for elliptic curves - for CURVE in $(sed -n 's/#define \(MBEDTLS_ECP_DP_[0-9A-Z_a-z]*_ENABLED\).*/\1/p' <"$CONFIG_H"); do - scripts/config.py unset "$CURVE" - done + scripts/config.py unset-all "MBEDTLS_ECP_DP_[0-9A-Z_a-z]*_ENABLED" # Just leave SW implementation for the specified curve for allowing to # build with ECP_C. scripts/config.py set $BUILTIN_CURVE From 0f6d565d2656711fe7c7e233872905801be38e1d Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 28 Jul 2023 16:42:58 +0200 Subject: [PATCH 13/14] pk: return PK_USE_PSA_EC_DATA to pk.h Signed-off-by: Valerio Setti --- include/mbedtls/build_info.h | 27 +++------------------------ include/mbedtls/pk.h | 22 ++++++++++++++++++++++ 2 files changed, 25 insertions(+), 24 deletions(-) diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index 0b1ef1d91..985edd233 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -208,32 +208,11 @@ #define MBEDTLS_PK_PARSE_C #endif -/* Internal helper to define which fields in the pk_context structure should - * be used for EC keys: legacy ecp_keypair or the raw (PSA friendly) format. - * It should be noticed that this only affect how data is stored, not which - * functions are used for various operations. The overall picture looks like - * this: - * - if USE_PSA is not defined and ECP_C is then use ecp_keypair data structure - * and legacy functions - * - if USE_PSA is defined and - * - if ECP_C then use ecp_keypair structure, convert data to a PSA friendly - * format and use PSA functions - * - if !ECP_C then use new raw data and PSA functions directly. - * - * The main reason for the "intermediate" (USE_PSA + ECP_C) above is that as long - * as ECP_C is defined mbedtls_pk_ec() gives the user a read/write access to the - * ecp_keypair structure inside the pk_context so he/she can modify it using - * ECP functions which are not under PK module's control. - */ -#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) && \ - !defined(MBEDTLS_ECP_C) -#define MBEDTLS_PK_USE_PSA_EC_DATA -#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_ECP_C */ - /* Helper symbol to state that the PK module has support for EC keys. This * can either be provided through the legacy ECP solution or through the - * PSA friendly MBEDTLS_PK_USE_PSA_EC_DATA. */ -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) || defined(MBEDTLS_ECP_C) + * PSA friendly MBEDTLS_PK_USE_PSA_EC_DATA (see pk.h for its description). */ +#if defined(MBEDTLS_ECP_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)) #define MBEDTLS_PK_HAVE_ECC_KEYS #endif /* MBEDTLS_PK_USE_PSA_EC_DATA || MBEDTLS_ECP_C */ diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index f56c94240..fc0ce7046 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -200,6 +200,28 @@ typedef struct mbedtls_pk_rsassa_pss_options { #define MBEDTLS_PK_HAVE_ECC_KEYS #endif /* MBEDTLS_PK_USE_PSA_EC_DATA || MBEDTLS_ECP_C */ +/* Internal helper to define which fields in the pk_context structure below + * should be used for EC keys: legacy ecp_keypair or the raw (PSA friendly) + * format. It should be noticed that this only affect how data is stored, not + * which functions are used for various operations. The overall picture looks + * like this: + * - if USE_PSA is not defined and ECP_C is then use ecp_keypair data structure + * and legacy functions + * - if USE_PSA is defined and + * - if ECP_C then use ecp_keypair structure, convert data to a PSA friendly + * format and use PSA functions + * - if !ECP_C then use new raw data and PSA functions directly. + * + * The main reason for the "intermediate" (USE_PSA + ECP_C) above is that as long + * as ECP_C is defined mbedtls_pk_ec() gives the user a read/write access to the + * ecp_keypair structure inside the pk_context so he/she can modify it using + * ECP functions which are not under PK module's control. + */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) && \ + !defined(MBEDTLS_ECP_C) +#define MBEDTLS_PK_USE_PSA_EC_DATA +#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_ECP_C */ + /** * \brief Types for interfacing with the debug module */ From e1d7c9dabd5867722ec24a2ef4c7beadd354197d Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 10 Aug 2023 07:40:18 +0200 Subject: [PATCH 14/14] pkwrite: fix internal buffer size in pk_write_ec_pubkey() Signed-off-by: Valerio Setti --- library/pkwrite.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/pkwrite.c b/library/pkwrite.c index 4ec0b81c5..439428cff 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -165,7 +165,7 @@ static int pk_write_ec_pubkey(unsigned char **p, unsigned char *start, const mbedtls_pk_context *pk) { size_t len = 0; - uint8_t buf[PSA_EXPORT_KEY_PAIR_MAX_SIZE]; + uint8_t buf[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE]; if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) { if (psa_export_public_key(pk->priv_id, buf, sizeof(buf), &len) != PSA_SUCCESS) {