TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 0189e7512d9d3df9e7db84672a8b01f94da38f01 / . / library / psa_crypto.c
blob: 256523271fe8f4deeedc08eb33a91d3e0397d50d [file] [log] [blame]
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]1/*
2 * PSA crypto layer on top of Mbed TLS crypto
3 */
4/* Copyright (C) 2018, ARM Limited, All Rights Reserved
5 * SPDX-License-Identifier: Apache-2.0
6 *
7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
8 * not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 *
19 * This file is part of mbed TLS (https://tls.mbed.org)
20 */
21
22#if !defined(MBEDTLS_CONFIG_FILE)
23#include "mbedtls/config.h"
24#else
25#include MBEDTLS_CONFIG_FILE
26#endif
27
28#if defined(MBEDTLS_PSA_CRYPTO_C)
29
30#include "psa/crypto.h"
31
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]32#include <stdlib.h>
33#include <string.h>
34#if defined(MBEDTLS_PLATFORM_C)
35#include "mbedtls/platform.h"
36#else
37#define mbedtls_calloc calloc
38#define mbedtls_free free
39#endif
40
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]41#include "mbedtls/ctr_drbg.h"
Gilles Peskine969ac722018-01-28 18:16:59 +0100[diff] [blame]42#include "mbedtls/ecp.h"
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]43#include "mbedtls/entropy.h"
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]44#include "mbedtls/md.h"
45#include "mbedtls/md_internal.h"
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]46#include "mbedtls/pk.h"
Gilles Peskine969ac722018-01-28 18:16:59 +0100[diff] [blame]47#include "mbedtls/pk_internal.h"
48#include "mbedtls/rsa.h"
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]49
50
51/* Implementation that should never be optimized out by the compiler */
52static void mbedtls_zeroize( void *v, size_t n )
53{
54 volatile unsigned char *p = v; while( n-- ) *p++ = 0;
55}
56
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]57/****************************************************************/
58/* Global data, support functions and library management */
59/****************************************************************/
60
61/* Number of key slots (plus one because 0 is not used).
62 * The value is a compile-time constant for now, for simplicity. */
63#define MBEDTLS_PSA_KEY_SLOT_COUNT 32
64
65typedef struct {
66 psa_key_type_t type;
67 union {
68 struct raw_data {
69 uint8_t *data;
70 size_t bytes;
71 } raw;
Gilles Peskine969ac722018-01-28 18:16:59 +0100[diff] [blame]72#if defined(MBEDTLS_RSA_C)
73 mbedtls_rsa_context *rsa;
74#endif /* MBEDTLS_RSA_C */
75#if defined(MBEDTLS_ECP_C)
76 mbedtls_ecp_keypair *ecp;
77#endif /* MBEDTLS_ECP_C */
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]78 } data;
79} key_slot_t;
80
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]81typedef struct {
82 int initialized;
83 mbedtls_entropy_context entropy;
84 mbedtls_ctr_drbg_context ctr_drbg;
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]85 key_slot_t key_slots[MBEDTLS_PSA_KEY_SLOT_COUNT];
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]86} psa_global_data_t;
87
88static psa_global_data_t global_data;
89
90static psa_status_t mbedtls_to_psa_error( int ret )
91{
92 switch( ret )
93 {
94 case 0:
95 return( PSA_SUCCESS );
96 case MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED:
97 case MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE:
98 case MBEDTLS_ERR_ENTROPY_SOURCE_FAILED:
99 return( PSA_ERROR_INSUFFICIENT_ENTROPY );
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]100 case MBEDTLS_ERR_PK_ALLOC_FAILED:
101 return( PSA_ERROR_INSUFFICIENT_MEMORY );
102 case MBEDTLS_ERR_PK_TYPE_MISMATCH:
103 case MBEDTLS_ERR_PK_BAD_INPUT_DATA:
104 return( PSA_ERROR_INVALID_ARGUMENT );
105 case MBEDTLS_ERR_PK_FILE_IO_ERROR:
106 return( PSA_ERROR_TAMPERING_DETECTED );
107 case MBEDTLS_ERR_PK_KEY_INVALID_VERSION:
108 case MBEDTLS_ERR_PK_KEY_INVALID_FORMAT:
109 return( PSA_ERROR_INVALID_ARGUMENT );
110 case MBEDTLS_ERR_PK_UNKNOWN_PK_ALG:
111 return( PSA_ERROR_NOT_SUPPORTED );
112 case MBEDTLS_ERR_PK_PASSWORD_REQUIRED:
113 case MBEDTLS_ERR_PK_PASSWORD_MISMATCH:
114 return( PSA_ERROR_NOT_PERMITTED );
115 case MBEDTLS_ERR_PK_INVALID_PUBKEY:
116 return( PSA_ERROR_INVALID_ARGUMENT );
117 case MBEDTLS_ERR_PK_INVALID_ALG:
118 case MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE:
119 case MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE:
120 return( PSA_ERROR_NOT_SUPPORTED );
121 case MBEDTLS_ERR_PK_SIG_LEN_MISMATCH:
122 return( PSA_ERROR_INVALID_SIGNATURE );
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]123 default:
124 return( PSA_ERROR_UNKNOWN_ERROR );
125 }
126}
127
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]128
129
130/****************************************************************/
131/* Key management */
132/****************************************************************/
133
134psa_status_t psa_import_key(psa_key_slot_t key,
135 psa_key_type_t type,
136 const uint8_t *data,
137 size_t data_length)
138{
139 key_slot_t *slot;
140
141 if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
142 return( PSA_ERROR_INVALID_ARGUMENT );
143 slot = &global_data.key_slots[key];
144 if( slot->type != PSA_KEY_TYPE_NONE )
145 return( PSA_ERROR_OCCUPIED_SLOT );
146
147 if( type == PSA_KEY_TYPE_RAW_DATA )
148 {
149 if( data_length > SIZE_MAX / 8 )
150 return( PSA_ERROR_NOT_SUPPORTED );
151 slot->data.raw.data = mbedtls_calloc( 1, data_length );
152 if( slot->data.raw.data == NULL )
153 return( PSA_ERROR_INSUFFICIENT_MEMORY );
154 memcpy( slot->data.raw.data, data, data_length );
155 slot->data.raw.bytes = data_length;
156 }
157 else
Gilles Peskine969ac722018-01-28 18:16:59 +0100[diff] [blame]158#if defined(MBEDTLS_PK_PARSE_C)
Gilles Peskinec66ea6a2018-02-03 22:43:28 +0100[diff] [blame]159 if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
160 type == PSA_KEY_TYPE_RSA_KEYPAIR ||
161 PSA_KEY_TYPE_IS_ECC( type ) )
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]162 {
163 int ret;
Gilles Peskine969ac722018-01-28 18:16:59 +0100[diff] [blame]164 mbedtls_pk_context pk;
165 mbedtls_pk_init( &pk );
Gilles Peskinec66ea6a2018-02-03 22:43:28 +0100[diff] [blame]166 if( PSA_KEY_TYPE_IS_KEYPAIR( type ) )
167 ret = mbedtls_pk_parse_key( &pk, data, data_length, NULL, 0 );
168 else
169 ret = mbedtls_pk_parse_public_key( &pk, data, data_length );
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]170 if( ret != 0 )
171 return( mbedtls_to_psa_error( ret ) );
Gilles Peskine969ac722018-01-28 18:16:59 +0100[diff] [blame]172 switch( mbedtls_pk_get_type( &pk ) )
173 {
174#if defined(MBEDTLS_RSA_C)
175 case MBEDTLS_PK_RSA:
Gilles Peskinec66ea6a2018-02-03 22:43:28 +0100[diff] [blame]176 if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
177 type == PSA_KEY_TYPE_RSA_KEYPAIR )
Gilles Peskine969ac722018-01-28 18:16:59 +0100[diff] [blame]178 slot->data.rsa = pk.pk_ctx;
179 else
180 return( PSA_ERROR_INVALID_ARGUMENT );
181 break;
182#endif /* MBEDTLS_RSA_C */
183#if defined(MBEDTLS_ECP_C)
184 case MBEDTLS_PK_ECKEY:
185 if( PSA_KEY_TYPE_IS_ECC( type ) )
186 {
187 // TODO: check curve
188 slot->data.ecp = pk.pk_ctx;
189 }
190 else
191 return( PSA_ERROR_INVALID_ARGUMENT );
192 break;
193#endif /* MBEDTLS_ECP_C */
194 default:
195 return( PSA_ERROR_INVALID_ARGUMENT );
196 }
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]197 }
198 else
Gilles Peskine969ac722018-01-28 18:16:59 +0100[diff] [blame]199#endif /* defined(MBEDTLS_PK_PARSE_C) */
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]200 {
201 return( PSA_ERROR_NOT_SUPPORTED );
202 }
203
204 slot->type = type;
205 return( PSA_SUCCESS );
206}
207
208psa_status_t psa_destroy_key(psa_key_slot_t key)
209{
210 key_slot_t *slot;
211
212 if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
213 return( PSA_ERROR_INVALID_ARGUMENT );
214 slot = &global_data.key_slots[key];
215 if( slot->type == PSA_KEY_TYPE_NONE )
216 return( PSA_ERROR_EMPTY_SLOT );
217
218 if( slot->type == PSA_KEY_TYPE_RAW_DATA )
219 {
220 mbedtls_free( slot->data.raw.data );
221 }
222 else
Gilles Peskine969ac722018-01-28 18:16:59 +0100[diff] [blame]223#if defined(MBEDTLS_RSA_C)
Gilles Peskinec66ea6a2018-02-03 22:43:28 +0100[diff] [blame]224 if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
225 slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]226 {
Gilles Peskine969ac722018-01-28 18:16:59 +0100[diff] [blame]227 mbedtls_rsa_free( slot->data.rsa );
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]228 }
229 else
Gilles Peskine969ac722018-01-28 18:16:59 +0100[diff] [blame]230#endif /* defined(MBEDTLS_RSA_C) */
231#if defined(MBEDTLS_ECP_C)
232 if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
233 {
234 mbedtls_ecp_keypair_free( slot->data.ecp );
235 }
236 else
237#endif /* defined(MBEDTLS_ECP_C) */
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]238 {
239 /* Shouldn't happen: the key type is not any type that we
240 * put it. */
241 return( PSA_ERROR_TAMPERING_DETECTED );
242 }
243
244 mbedtls_zeroize( slot, sizeof( *slot ) );
245 return( PSA_SUCCESS );
246}
247
248psa_status_t psa_get_key_information(psa_key_slot_t key,
249 psa_key_type_t *type,
250 size_t *bits)
251{
252 key_slot_t *slot;
253
254 if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
Gilles Peskinec66ea6a2018-02-03 22:43:28 +0100[diff] [blame]255 return( PSA_ERROR_EMPTY_SLOT );
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]256 slot = &global_data.key_slots[key];
257 if( type != NULL )
258 *type = slot->type;
259 if( bits != NULL )
260 *bits = 0;
261 if( slot->type == PSA_KEY_TYPE_NONE )
262 return( PSA_ERROR_EMPTY_SLOT );
263
264 if( slot->type == PSA_KEY_TYPE_RAW_DATA )
265 {
266 if( bits != NULL )
267 *bits = slot->data.raw.bytes * 8;
268 }
269 else
Gilles Peskine969ac722018-01-28 18:16:59 +0100[diff] [blame]270#if defined(MBEDTLS_RSA_C)
Gilles Peskinec66ea6a2018-02-03 22:43:28 +0100[diff] [blame]271 if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
272 slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]273 {
274 if( bits != NULL )
Gilles Peskine969ac722018-01-28 18:16:59 +0100[diff] [blame]275 *bits = mbedtls_rsa_get_bitlen( slot->data.rsa );
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]276 }
277 else
Gilles Peskine969ac722018-01-28 18:16:59 +0100[diff] [blame]278#endif /* defined(MBEDTLS_RSA_C) */
279#if defined(MBEDTLS_ECP_C)
280 if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
281 {
282 if( bits != NULL )
283 *bits = slot->data.ecp->grp.pbits;
284 }
285 else
286#endif /* defined(MBEDTLS_ECP_C) */
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]287 {
288 /* Shouldn't happen: the key type is not any type that we
289 * put it. */
290 return( PSA_ERROR_TAMPERING_DETECTED );
291 }
292
293 return( PSA_SUCCESS );
294}
295
296psa_status_t psa_export_key(psa_key_slot_t key,
297 uint8_t *data,
298 size_t data_size,
299 size_t *data_length)
300{
301 key_slot_t *slot;
302
303 if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
Gilles Peskinec66ea6a2018-02-03 22:43:28 +0100[diff] [blame]304 return( PSA_ERROR_EMPTY_SLOT );
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]305 slot = &global_data.key_slots[key];
306 if( slot->type == PSA_KEY_TYPE_NONE )
307 return( PSA_ERROR_EMPTY_SLOT );
308
309 if( slot->type == PSA_KEY_TYPE_RAW_DATA )
310 {
311 if( slot->data.raw.bytes > data_size )
312 return( PSA_ERROR_BUFFER_TOO_SMALL );
313 memcpy( data, slot->data.raw.data, slot->data.raw.bytes );
314 *data_length = slot->data.raw.bytes;
315 return( PSA_SUCCESS );
316 }
317 else
Gilles Peskine969ac722018-01-28 18:16:59 +0100[diff] [blame]318#if defined(MBEDTLS_PK_WRITE_C)
Gilles Peskinec66ea6a2018-02-03 22:43:28 +0100[diff] [blame]319 if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
320 slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ||
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]321 PSA_KEY_TYPE_IS_ECC( slot->type ) )
322 {
Gilles Peskine969ac722018-01-28 18:16:59 +0100[diff] [blame]323 mbedtls_pk_context pk;
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]324 int ret;
Gilles Peskine969ac722018-01-28 18:16:59 +0100[diff] [blame]325 mbedtls_pk_init( &pk );
Gilles Peskinec66ea6a2018-02-03 22:43:28 +0100[diff] [blame]326 if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
327 slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
Gilles Peskine969ac722018-01-28 18:16:59 +0100[diff] [blame]328 {
329 pk.pk_info = &mbedtls_rsa_info;
330 pk.pk_ctx = slot->data.rsa;
331 }
332 else
333 {
334 pk.pk_info = &mbedtls_eckey_info;
335 pk.pk_ctx = slot->data.ecp;
336 }
Gilles Peskinec66ea6a2018-02-03 22:43:28 +0100[diff] [blame]337 if( PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
338 ret = mbedtls_pk_write_key_der( &pk, data, data_size );
339 else
340 ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size );
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]341 if( ret < 0 )
342 return( mbedtls_to_psa_error( ret ) );
343 *data_length = ret;
344 return( PSA_SUCCESS );
345 }
346 else
Gilles Peskine969ac722018-01-28 18:16:59 +0100[diff] [blame]347#endif /* definedMBEDTLS_PK_WRITE_C) */
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]348 {
349 return( PSA_ERROR_NOT_SUPPORTED );
350 }
351}
352
353
354
355/****************************************************************/
Gilles Peskine20035e32018-02-03 22:44:14 +0100[diff] [blame]356/* Message digests */
357/****************************************************************/
358
359static const mbedtls_md_info_t *mbedtls_md_info_of_psa( psa_algorithm_t alg )
360{
361 switch( alg )
362 {
363#if defined(MBEDTLS_MD2_C)
364 case PSA_ALG_MD2:
365 return( &mbedtls_md2_info );
366#endif
367#if defined(MBEDTLS_MD4_C)
368 case PSA_ALG_MD4:
369 return( &mbedtls_md4_info );
370#endif
371#if defined(MBEDTLS_MD5_C)
372 case PSA_ALG_MD5:
373 return( &mbedtls_md5_info );
374#endif
375#if defined(MBEDTLS_RIPEMD160_C)
376 case PSA_ALG_RIPEMD160:
377 return( &mbedtls_ripemd160_info );
378#endif
379#if defined(MBEDTLS_SHA1_C)
380 case PSA_ALG_SHA_1:
381 return( &mbedtls_sha1_info );
382#endif
383#if defined(MBEDTLS_SHA256_C)
384 case PSA_ALG_SHA_224:
385 return( &mbedtls_sha224_info );
386 case PSA_ALG_SHA_256:
387 return( &mbedtls_sha256_info );
388#endif
389#if defined(MBEDTLS_SHA512_C)
390 case PSA_ALG_SHA_384:
391 return( &mbedtls_sha384_info );
392 case PSA_ALG_SHA_512:
393 return( &mbedtls_sha512_info );
394#endif
395 default:
396 return( NULL );
397 }
398}
399
400#if 0
401static psa_algorithm_t mbedtls_md_alg_to_psa( mbedtls_md_type_t md_alg )
402{
403 switch( md_alg )
404 {
405 case MBEDTLS_MD_NONE:
406 return( 0 );
407 case MBEDTLS_MD_MD2:
408 return( PSA_ALG_MD2 );
409 case MBEDTLS_MD_MD4:
410 return( PSA_ALG_MD4 );
411 case MBEDTLS_MD_MD5:
412 return( PSA_ALG_MD5 );
413 case MBEDTLS_MD_SHA1:
414 return( PSA_ALG_SHA_1 );
415 case MBEDTLS_MD_SHA224:
416 return( PSA_ALG_SHA_224 );
417 case MBEDTLS_MD_SHA256:
418 return( PSA_ALG_SHA_256 );
419 case MBEDTLS_MD_SHA384:
420 return( PSA_ALG_SHA_384 );
421 case MBEDTLS_MD_SHA512:
422 return( PSA_ALG_SHA_512 );
423 case MBEDTLS_MD_RIPEMD160:
424 return( PSA_ALG_RIPEMD160 );
425 default:
426 return( MBEDTLS_MD_NOT_SUPPORTED );
427 }
428}
429#endif
430
431
432
433/****************************************************************/
434/* Asymmetric cryptography */
435/****************************************************************/
436
437psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
438 psa_algorithm_t alg,
439 const uint8_t *hash,
440 size_t hash_length,
441 const uint8_t *salt,
442 size_t salt_length,
443 uint8_t *signature,
444 size_t signature_size,
445 size_t *signature_length)
446{
447 key_slot_t *slot;
448
449 if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
450 return( PSA_ERROR_EMPTY_SLOT );
451 slot = &global_data.key_slots[key];
452 if( slot->type == PSA_KEY_TYPE_NONE )
453 return( PSA_ERROR_EMPTY_SLOT );
454 if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
455 return( PSA_ERROR_INVALID_ARGUMENT );
456
457 (void) salt;
458 (void) salt_length;
459
460#if defined(MBEDTLS_RSA_C)
461 if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
462 {
463 mbedtls_rsa_context *rsa = slot->data.rsa;
464 int ret;
465 psa_algorithm_t hash_alg = PSA_ALG_RSA_GET_HASH( alg );
466 const mbedtls_md_info_t *md_info = mbedtls_md_info_of_psa( hash_alg );
467 mbedtls_md_type_t md_alg =
468 hash_alg == 0 ? MBEDTLS_MD_NONE : mbedtls_md_get_type( md_info );
469 if( md_alg == MBEDTLS_MD_NONE )
470 {
471#if SIZE_MAX > UINT_MAX
472 if( hash_length > UINT_MAX )
473 return( PSA_ERROR_INVALID_ARGUMENT );
474#endif
475 }
476 else
477 {
478 if( mbedtls_md_get_size( md_info ) != hash_length )
479 return( PSA_ERROR_INVALID_ARGUMENT );
480 if( md_info == NULL )
481 return( PSA_ERROR_NOT_SUPPORTED );
482 }
483 if( signature_size < rsa->len )
484 return( PSA_ERROR_BUFFER_TOO_SMALL );
485#if defined(MBEDTLS_PKCS1_V15)
486 if( PSA_ALG_IS_RSA_PKCS1V15( alg ) )
487 {
488 mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
489 MBEDTLS_MD_NONE );
490 ret = mbedtls_rsa_pkcs1_sign( rsa,
491 mbedtls_ctr_drbg_random,
492 &global_data.ctr_drbg,
493 MBEDTLS_RSA_PRIVATE,
494 md_alg, hash_length, hash,
495 signature );
496 }
497 else
498#endif /* MBEDTLS_PKCS1_V15 */
499#if defined(MBEDTLS_PKCS1_V21)
500 if( alg == PSA_ALG_RSA_PSS_MGF1 )
501 {
502 mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
503 ret = mbedtls_rsa_rsassa_pss_sign( rsa,
504 mbedtls_ctr_drbg_random,
505 &global_data.ctr_drbg,
506 MBEDTLS_RSA_PRIVATE,
507 md_alg, hash_length, hash,
508 signature );
509 }
510 else
511#endif /* MBEDTLS_PKCS1_V21 */
512 {
513 return( PSA_ERROR_INVALID_ARGUMENT );
514 }
515 *signature_length = ( ret == 0 ? rsa->len : 0 );
516 return( mbedtls_to_psa_error( ret ) );
517 }
518 else
519#endif /* defined(MBEDTLS_RSA_C) */
520#if defined(MBEDTLS_ECP_C)
521 if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
522 {
523 // TODO
524 return( PSA_ERROR_NOT_SUPPORTED );
525 }
526 else
527#endif /* defined(MBEDTLS_ECP_C) */
528 {
529 return( PSA_ERROR_NOT_SUPPORTED );
530 }
531}
532
533
534
535/****************************************************************/
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]536/* Module setup */
537/****************************************************************/
538
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]539void mbedtls_psa_crypto_free( void )
540{
Gilles Peskine2f9c4dc2018-01-28 13:16:24 +0100[diff] [blame]541 size_t key;
542 for( key = 1; key < MBEDTLS_PSA_KEY_SLOT_COUNT; key++ )
543 psa_destroy_key( key );
Gilles Peskinee59236f2018-01-27 23:32:46 +0100[diff] [blame]544 mbedtls_ctr_drbg_free( &global_data.ctr_drbg );
545 mbedtls_entropy_free( &global_data.entropy );
546 mbedtls_zeroize( &global_data, sizeof( global_data ) );
547}
548
549psa_status_t psa_crypto_init( void )
550{
551 int ret;
552 const unsigned char drbg_seed[] = "PSA";
553
554 if( global_data.initialized != 0 )
555 return( PSA_SUCCESS );
556
557 mbedtls_zeroize( &global_data, sizeof( global_data ) );
558 mbedtls_entropy_init( &global_data.entropy );
559 mbedtls_ctr_drbg_init( &global_data.ctr_drbg );
560
561 ret = mbedtls_ctr_drbg_seed( &global_data.ctr_drbg,
562 mbedtls_entropy_func,
563 &global_data.entropy,
564 drbg_seed, sizeof( drbg_seed ) - 1 );
565 if( ret != 0 )
566 goto exit;
567
568exit:
569 if( ret != 0 )
570 mbedtls_psa_crypto_free( );
571 return( mbedtls_to_psa_error( ret ) );
572}
573
574#endif /* MBEDTLS_PSA_CRYPTO_C */