diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 90da0f9804..02de176639 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -90,6 +90,32 @@ psa_status_t mbedtls_test_opaque_asymmetric_encrypt( size_t output_size, size_t *output_length); +psa_status_t mbedtls_test_transparent_asymmetric_decrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length ); + +psa_status_t mbedtls_test_opaque_asymmetric_decrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length); + #endif /* PSA_CRYPTO_DRIVER_TEST */ /* diff --git a/library/psa_crypto_driver_wrappers.h b/library/psa_crypto_driver_wrappers.h index 5051ed6777..ee23b6f3fe 100644 --- a/library/psa_crypto_driver_wrappers.h +++ b/library/psa_crypto_driver_wrappers.h @@ -344,6 +344,19 @@ psa_status_t psa_driver_wrapper_asymmetric_encrypt( size_t output_size, size_t *output_length ); +psa_status_t psa_driver_wrapper_asymmetric_decrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length ); + #endif /* PSA_CRYPTO_DRIVER_WRAPPERS_H */ /* End of automatically generated file. */ diff --git a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja index c1ad5d2179..dd1543a03f 100644 --- a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja +++ b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja @@ -2422,4 +2422,90 @@ psa_status_t psa_driver_wrapper_asymmetric_encrypt( } } +psa_status_t psa_driver_wrapper_asymmetric_decrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + + switch( location ) + { + case PSA_KEY_LOCATION_LOCAL_STORAGE: + /* Key is stored in the slot in export representation, so + * cycle through all known transparent accelerators */ +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) +#if defined(PSA_CRYPTO_DRIVER_TEST) + status = mbedtls_test_transparent_asymmetric_decrypt( attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + salt, + salt_length, + output, + output_size, + output_length ); + /* Declared with fallback == true */ + if( status != PSA_ERROR_NOT_SUPPORTED ) + return( status ); +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + return( mbedtls_psa_asymmetric_decrypt( attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + salt, + salt_length, + output, + output_size, + output_length ) ); + /* Add cases for opaque driver here */ +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) +#if defined(PSA_CRYPTO_DRIVER_TEST) + case PSA_CRYPTO_TEST_DRIVER_LOCATION: + return( mbedtls_test_opaque_asymmetric_decrypt( attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + salt, + salt_length, + output, + output_size, + output_length ) ); +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + + default: + /* Key is declared with a lifetime not known to us */ + (void)status; + (void)key_buffer; + (void)key_buffer_size; + (void)alg; + (void)input; + (void)input_length; + (void)salt; + (void)salt_length; + (void)output; + (void)output_size; + (void)output_length; + return( PSA_ERROR_INVALID_ARGUMENT ); + } +} + #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/tests/src/drivers/test_driver_rsa.c b/tests/src/drivers/test_driver_rsa.c index 5cdaa33ae7..6d84640b6b 100644 --- a/tests/src/drivers/test_driver_rsa.c +++ b/tests/src/drivers/test_driver_rsa.c @@ -80,6 +80,54 @@ psa_status_t mbedtls_test_transparent_asymmetric_encrypt( return( PSA_ERROR_NOT_SUPPORTED ); } +psa_status_t mbedtls_test_transparent_asymmetric_decrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) +{ + mbedtls_test_driver_rsa_hooks.hits++; + + if( mbedtls_test_driver_rsa_hooks.forced_output != NULL ) + { + if( output_size < mbedtls_test_driver_rsa_hooks.forced_output_length ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + + memcpy( output, + mbedtls_test_driver_rsa_hooks.forced_output, + mbedtls_test_driver_rsa_hooks.forced_output_length ); + *output_length = mbedtls_test_driver_rsa_hooks.forced_output_length; + + return( mbedtls_test_driver_rsa_hooks.forced_status ); + } + + if( mbedtls_test_driver_rsa_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_rsa_hooks.forced_status ); + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) + return( libtestdriver1_mbedtls_psa_asymmetric_decrypt( + (const libtestdriver1_psa_key_attributes_t *)attributes, + key_buffer, key_buffer_size, + alg, input, input_length, salt, salt_length, + output, output_size, output_length ) ); +#else + return( mbedtls_psa_asymmetric_decrypt( + attributes, key_buffer, key_buffer_size, + alg, input, input_length, salt, salt_length, + output, output_size, output_length ) ); +#endif + + return( PSA_ERROR_NOT_SUPPORTED ); +} + /* * opaque versions, to do */ @@ -110,5 +158,31 @@ psa_status_t mbedtls_test_opaque_asymmetric_encrypt( return( PSA_ERROR_NOT_SUPPORTED ); } +psa_status_t mbedtls_test_opaque_asymmetric_decrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length) +{ + (void) attributes; + (void) key; + (void) key_length; + (void) alg; + (void) input; + (void) input_length; + (void) salt; + (void) salt_length; + (void) output; + (void) output_size; + (void) output_length; + return( PSA_ERROR_NOT_SUPPORTED ); +} #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */