lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-08 17:42:09 +03:00
Code Activity

Merge pull request #5292 from mprse/asym_encrypt

Browse Source 
Driver dispatch for PSA asymmetric encryption + RSA tests
This commit is contained in:
Gilles Peskine
2022-03-10 20:07:38 +01:00
committed by GitHub
parent 10e5cdbbbf f8614a0ec2
commit afb482897b
10 changed files with 1544 additions and 251 deletions
Download Patch File Download Diff File Expand all files Collapse all files

172
library/psa_crypto.c
View File

@@ -3025,18 +3025,6 @@ psa_status_t psa_verify_hash( mbedtls_svc_key_id_t key,
signature, signature_length );
}
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
static int psa_rsa_oaep_set_padding_mode( psa_algorithm_t alg,
mbedtls_rsa_context *rsa )
{
psa_algorithm_t hash_alg = PSA_ALG_RSA_OAEP_GET_HASH( alg );
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
mbedtls_md_type_t md_alg = mbedtls_md_get_type( md_info );
return( mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ) );
}
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */
psa_status_t psa_asymmetric_encrypt( mbedtls_svc_key_id_t key,
psa_algorithm_t alg,
const uint8_t *input,
@@ -3073,80 +3061,14 @@ psa_status_t psa_asymmetric_encrypt( mbedtls_svc_key_id_t key,
goto exit;
}
if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) )
{
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
mbedtls_rsa_context *rsa = NULL;
status = mbedtls_psa_rsa_load_representation( slot->attr.type,
slot->key.data,
slot->key.bytes,
&rsa );
if( status != PSA_SUCCESS )
goto rsa_exit;
if( output_size < mbedtls_rsa_get_len( rsa ) )
{
status = PSA_ERROR_BUFFER_TOO_SMALL;
goto rsa_exit;
}
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */
if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT )
{
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT)
status = mbedtls_to_psa_error(
mbedtls_rsa_pkcs1_encrypt( rsa,
mbedtls_psa_get_random,
MBEDTLS_PSA_RANDOM_STATE,
input_length,
input,
output ) );
#else
status = PSA_ERROR_NOT_SUPPORTED;
#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT */
}
else
if( PSA_ALG_IS_RSA_OAEP( alg ) )
{
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
status = mbedtls_to_psa_error(
psa_rsa_oaep_set_padding_mode( alg, rsa ) );
if( status != PSA_SUCCESS )
goto rsa_exit;
status = mbedtls_to_psa_error(
mbedtls_rsa_rsaes_oaep_encrypt( rsa,
mbedtls_psa_get_random,
MBEDTLS_PSA_RANDOM_STATE,
salt, salt_length,
input_length,
input,
output ) );
#else
status = PSA_ERROR_NOT_SUPPORTED;
#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP */
}
else
{
status = PSA_ERROR_INVALID_ARGUMENT;
}
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
rsa_exit:
if( status == PSA_SUCCESS )
*output_length = mbedtls_rsa_get_len( rsa );
mbedtls_rsa_free( rsa );
mbedtls_free( rsa );
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */
}
else
{
status = PSA_ERROR_NOT_SUPPORTED;
}
psa_key_attributes_t attributes = {
.core = slot->attr
};
status = psa_driver_wrapper_asymmetric_encrypt(
&attributes, slot->key.data, slot->key.bytes,
alg, input, input_length, salt, salt_length,
output, output_size, output_length );
exit:
unlock_status = psa_unlock_key_slot( slot );
@@ -3188,80 +3110,14 @@ psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key,
goto exit;
}
if( slot->attr.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
{
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
mbedtls_rsa_context *rsa = NULL;
status = mbedtls_psa_rsa_load_representation( slot->attr.type,
slot->key.data,
slot->key.bytes,
&rsa );
if( status != PSA_SUCCESS )
goto exit;
psa_key_attributes_t attributes = {
.core = slot->attr
};
if( input_length != mbedtls_rsa_get_len( rsa ) )
{
status = PSA_ERROR_INVALID_ARGUMENT;
goto rsa_exit;
}
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */
if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT )
{
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT)
status = mbedtls_to_psa_error(
mbedtls_rsa_pkcs1_decrypt( rsa,
mbedtls_psa_get_random,
MBEDTLS_PSA_RANDOM_STATE,
output_length,
input,
output,
output_size ) );
#else
status = PSA_ERROR_NOT_SUPPORTED;
#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT */
}
else
if( PSA_ALG_IS_RSA_OAEP( alg ) )
{
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
status = mbedtls_to_psa_error(
psa_rsa_oaep_set_padding_mode( alg, rsa ) );
if( status != PSA_SUCCESS )
goto rsa_exit;
status = mbedtls_to_psa_error(
mbedtls_rsa_rsaes_oaep_decrypt( rsa,
mbedtls_psa_get_random,
MBEDTLS_PSA_RANDOM_STATE,
salt, salt_length,
output_length,
input,
output,
output_size ) );
#else
status = PSA_ERROR_NOT_SUPPORTED;
#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP */
}
else
{
status = PSA_ERROR_INVALID_ARGUMENT;
}
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
rsa_exit:
mbedtls_rsa_free( rsa );
mbedtls_free( rsa );
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */
}
else
{
status = PSA_ERROR_NOT_SUPPORTED;
}
status = psa_driver_wrapper_asymmetric_decrypt(
&attributes, slot->key.data, slot->key.bytes,
alg, input, input_length, salt, salt_length,
output, output_size, output_length );
exit:
unlock_status = psa_unlock_key_slot( slot );