TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 7bdbca33b24bb161372cd6535fa254262af17c77 / . / library / psa_crypto_rsa.c
blob: 28861467088ee03a0722c2499671549f1824a9cc [file] [log] [blame]
Ronald Cron00b7bfc2020-11-25 15:25:26 +0100[diff] [blame]1/*
2 * PSA RSA layer on top of Mbed TLS crypto
3 */
4/*
5 * Copyright The Mbed TLS Contributors
6 * SPDX-License-Identifier: Apache-2.0
7 *
8 * Licensed under the Apache License, Version 2.0 (the "License"); you may
9 * not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
11 *
12 * http://www.apache.org/licenses/LICENSE-2.0
13 *
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 */
20
21#include "common.h"
22
23#if defined(MBEDTLS_PSA_CRYPTO_C)
24
25#include <psa/crypto.h>
26#include "psa_crypto_core.h"
Ronald Cron9e18fc12020-11-05 17:36:40 +0100[diff] [blame]27#include "psa_crypto_random_impl.h"
Ronald Cron00b7bfc2020-11-25 15:25:26 +0100[diff] [blame]28#include "psa_crypto_rsa.h"
29
30#include <stdlib.h>
31#include <string.h>
32#include "mbedtls/platform.h"
33#if !defined(MBEDTLS_PLATFORM_C)
34#define mbedtls_calloc calloc
35#define mbedtls_free free
36#endif
37
38#include <mbedtls/rsa.h>
39#include <mbedtls/error.h>
40#include <mbedtls/pk.h>
41#include <mbedtls/pk_internal.h>
42
Ronald Cronf1057d32020-11-26 19:19:10 +0100[diff] [blame]43#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
44 ( defined(PSA_CRYPTO_DRIVER_TEST) && \
45 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) ) )
46#define BUILTIN_KEY_TYPE_RSA_KEY_PAIR 1
47#endif
48
49#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) || \
50 ( defined(PSA_CRYPTO_DRIVER_TEST) && \
51 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) ) )
52#define BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1
53#endif
54
Ronald Cron00b7bfc2020-11-25 15:25:26 +0100[diff] [blame]55#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
56 defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
57 defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \
58 defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \
Ronald Cronf1057d32020-11-26 19:19:10 +0100[diff] [blame]59 defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
60 defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
Ronald Cron00b7bfc2020-11-25 15:25:26 +0100[diff] [blame]61
62/* Mbed TLS doesn't support non-byte-aligned key sizes (i.e. key sizes
63 * that are not a multiple of 8) well. For example, there is only
64 * mbedtls_rsa_get_len(), which returns a number of bytes, and no
65 * way to return the exact bit size of a key.
66 * To keep things simple, reject non-byte-aligned key sizes. */
67static psa_status_t psa_check_rsa_key_byte_aligned(
68 const mbedtls_rsa_context *rsa )
69{
70 mbedtls_mpi n;
71 psa_status_t status;
72 mbedtls_mpi_init( &n );
73 status = mbedtls_to_psa_error(
74 mbedtls_rsa_export( rsa, &n, NULL, NULL, NULL, NULL ) );
75 if( status == PSA_SUCCESS )
76 {
77 if( mbedtls_mpi_bitlen( &n ) % 8 != 0 )
78 status = PSA_ERROR_NOT_SUPPORTED;
79 }
80 mbedtls_mpi_free( &n );
81 return( status );
82}
83
84psa_status_t mbedtls_psa_rsa_load_representation(
85 psa_key_type_t type, const uint8_t *data, size_t data_length,
86 mbedtls_rsa_context **p_rsa )
87{
88 psa_status_t status;
89 mbedtls_pk_context ctx;
90 size_t bits;
91 mbedtls_pk_init( &ctx );
92
93 /* Parse the data. */
94 if( PSA_KEY_TYPE_IS_KEY_PAIR( type ) )
95 status = mbedtls_to_psa_error(
96 mbedtls_pk_parse_key( &ctx, data, data_length, NULL, 0 ) );
97 else
98 status = mbedtls_to_psa_error(
99 mbedtls_pk_parse_public_key( &ctx, data, data_length ) );
100 if( status != PSA_SUCCESS )
101 goto exit;
102
103 /* We have something that the pkparse module recognizes. If it is a
104 * valid RSA key, store it. */
105 if( mbedtls_pk_get_type( &ctx ) != MBEDTLS_PK_RSA )
106 {
107 status = PSA_ERROR_INVALID_ARGUMENT;
108 goto exit;
109 }
110
111 /* The size of an RSA key doesn't have to be a multiple of 8. Mbed TLS
112 * supports non-byte-aligned key sizes, but not well. For example,
113 * mbedtls_rsa_get_len() returns the key size in bytes, not in bits. */
114 bits = PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( mbedtls_pk_rsa( ctx ) ) );
115 if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS )
116 {
117 status = PSA_ERROR_NOT_SUPPORTED;
118 goto exit;
119 }
120 status = psa_check_rsa_key_byte_aligned( mbedtls_pk_rsa( ctx ) );
121 if( status != PSA_SUCCESS )
122 goto exit;
123
124 /* Copy out the pointer to the RSA context, and reset the PK context
125 * such that pk_free doesn't free the RSA context we just grabbed. */
126 *p_rsa = mbedtls_pk_rsa( ctx );
127 ctx.pk_info = NULL;
128
129exit:
130 mbedtls_pk_free( &ctx );
131 return( status );
132}
Ronald Cron00b7bfc2020-11-25 15:25:26 +0100[diff] [blame]133#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
134 * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
135 * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) ||
136 * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) ||
Ronald Cronf1057d32020-11-26 19:19:10 +0100[diff] [blame]137 * defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
138 * defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
Ronald Cron00b7bfc2020-11-25 15:25:26 +0100[diff] [blame]139
Ronald Cronf1057d32020-11-26 19:19:10 +0100[diff] [blame]140#if defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
141 defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
Ronald Cronabf2aef2020-11-27 18:13:44 +0100[diff] [blame]142
Ronald Cron784fb322020-11-30 13:55:05 +0100[diff] [blame]143static psa_status_t rsa_import_key(
Ronald Cronabf2aef2020-11-27 18:13:44 +0100[diff] [blame]144 const psa_key_attributes_t *attributes,
145 const uint8_t *data, size_t data_length,
146 uint8_t *key_buffer, size_t key_buffer_size,
147 size_t *key_buffer_length, size_t *bits )
148{
149 psa_status_t status;
150 mbedtls_rsa_context *rsa = NULL;
151
152 /* Parse input */
153 status = mbedtls_psa_rsa_load_representation( attributes->core.type,
154 data,
155 data_length,
156 &rsa );
157 if( status != PSA_SUCCESS )
158 goto exit;
159
160 *bits = (psa_key_bits_t) PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( rsa ) );
161
162 /* Re-export the data to PSA export format, such that we can store export
163 * representation in the key slot. Export representation in case of RSA is
164 * the smallest representation that's allowed as input, so a straight-up
165 * allocation of the same size as the input buffer will be large enough. */
166 status = mbedtls_psa_rsa_export_key( attributes->core.type,
167 rsa,
168 key_buffer,
169 key_buffer_size,
170 key_buffer_length );
171exit:
172 /* Always free the RSA object */
173 mbedtls_rsa_free( rsa );
174 mbedtls_free( rsa );
175
176 return( status );
177}
178
Ronald Crone5ca3d82020-11-26 16:36:16 +0100[diff] [blame]179psa_status_t mbedtls_psa_rsa_export_key( psa_key_type_t type,
180 mbedtls_rsa_context *rsa,
181 uint8_t *data,
182 size_t data_size,
183 size_t *data_length )
184{
185#if defined(MBEDTLS_PK_WRITE_C)
186 int ret;
187 mbedtls_pk_context pk;
188 uint8_t *pos = data + data_size;
189
190 mbedtls_pk_init( &pk );
191 pk.pk_info = &mbedtls_rsa_info;
192 pk.pk_ctx = rsa;
193
194 /* PSA Crypto API defines the format of an RSA key as a DER-encoded
195 * representation of the non-encrypted PKCS#1 RSAPrivateKey for a
196 * private key and of the RFC3279 RSAPublicKey for a public key. */
197 if( PSA_KEY_TYPE_IS_KEY_PAIR( type ) )
198 ret = mbedtls_pk_write_key_der( &pk, data, data_size );
199 else
200 ret = mbedtls_pk_write_pubkey( &pos, data, &pk );
201
202 if( ret < 0 )
203 {
204 /* Clean up in case pk_write failed halfway through. */
205 memset( data, 0, data_size );
206 return( mbedtls_to_psa_error( ret ) );
207 }
208
209 /* The mbedtls_pk_xxx functions write to the end of the buffer.
210 * Move the data to the beginning and erase remaining data
211 * at the original location. */
212 if( 2 * (size_t) ret <= data_size )
213 {
214 memcpy( data, data + data_size - ret, ret );
215 memset( data + data_size - ret, 0, ret );
216 }
217 else if( (size_t) ret < data_size )
218 {
219 memmove( data, data + data_size - ret, ret );
220 memset( data + ret, 0, data_size - ret );
221 }
222
223 *data_length = ret;
224 return( PSA_SUCCESS );
225#else
226 (void) type;
227 (void) rsa;
228 (void) data;
229 (void) data_size;
230 (void) data_length;
231 return( PSA_ERROR_NOT_SUPPORTED );
232#endif /* MBEDTLS_PK_WRITE_C */
233}
234
Ronald Cronf1057d32020-11-26 19:19:10 +0100[diff] [blame]235static psa_status_t rsa_export_public_key(
Ronald Crone5ca3d82020-11-26 16:36:16 +0100[diff] [blame]236 const psa_key_attributes_t *attributes,
237 const uint8_t *key_buffer, size_t key_buffer_size,
238 uint8_t *data, size_t data_size, size_t *data_length )
239{
240 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
241 mbedtls_rsa_context *rsa = NULL;
242
243 status = mbedtls_psa_rsa_load_representation(
244 attributes->core.type, key_buffer, key_buffer_size, &rsa );
245 if( status != PSA_SUCCESS )
246 return( status );
247
248 status = mbedtls_psa_rsa_export_key( PSA_KEY_TYPE_RSA_PUBLIC_KEY,
249 rsa,
250 data,
251 data_size,
252 data_length );
253
254 mbedtls_rsa_free( rsa );
255 mbedtls_free( rsa );
256
257 return( status );
258}
Ronald Cronf1057d32020-11-26 19:19:10 +0100[diff] [blame]259#endif /* defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
260 * defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
261
Ronald Cron9e18fc12020-11-05 17:36:40 +0100[diff] [blame]262#if defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
Ronald Cron2365fde2021-02-08 09:52:24 +0100[diff] [blame]263static psa_status_t psa_rsa_read_exponent( const uint8_t *domain_parameters,
Ronald Cron9e18fc12020-11-05 17:36:40 +0100[diff] [blame]264 size_t domain_parameters_size,
265 int *exponent )
266{
267 size_t i;
268 uint32_t acc = 0;
269
270 if( domain_parameters_size == 0 )
271 {
272 *exponent = 65537;
273 return( PSA_SUCCESS );
274 }
275
276 /* Mbed TLS encodes the public exponent as an int. For simplicity, only
277 * support values that fit in a 32-bit integer, which is larger than
278 * int on just about every platform anyway. */
279 if( domain_parameters_size > sizeof( acc ) )
280 return( PSA_ERROR_NOT_SUPPORTED );
281 for( i = 0; i < domain_parameters_size; i++ )
282 acc = ( acc << 8 ) | domain_parameters[i];
283 if( acc > INT_MAX )
284 return( PSA_ERROR_NOT_SUPPORTED );
285 *exponent = acc;
286 return( PSA_SUCCESS );
287}
288
Ronald Cron3a9c46b2020-11-06 09:38:35 +0100[diff] [blame]289static psa_status_t rsa_generate_key(
Ronald Cron9e18fc12020-11-05 17:36:40 +0100[diff] [blame]290 const psa_key_attributes_t *attributes,
291 uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
292{
293 psa_status_t status;
294 mbedtls_rsa_context rsa;
295 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
296 int exponent;
297
Ronald Cron2365fde2021-02-08 09:52:24 +0100[diff] [blame]298 status = psa_rsa_read_exponent( attributes->domain_parameters,
Ronald Cron9e18fc12020-11-05 17:36:40 +0100[diff] [blame]299 attributes->domain_parameters_size,
300 &exponent );
301 if( status != PSA_SUCCESS )
302 return( status );
303
304 mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE );
305 ret = mbedtls_rsa_gen_key( &rsa,
306 mbedtls_psa_get_random,
307 MBEDTLS_PSA_RANDOM_STATE,
308 (unsigned int)attributes->core.bits,
309 exponent );
310 if( ret != 0 )
311 return( mbedtls_to_psa_error( ret ) );
312
313 status = mbedtls_psa_rsa_export_key( attributes->core.type,
314 &rsa, key_buffer, key_buffer_size,
315 key_buffer_length );
316 mbedtls_rsa_free( &rsa );
317
318 return( status );
319}
Ronald Cron3a9c46b2020-11-06 09:38:35 +0100[diff] [blame]320#endif /* defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) */
Ronald Cron9e18fc12020-11-05 17:36:40 +0100[diff] [blame]321
Ronald Cron7bdbca32020-12-09 13:34:54 +0100[diff] [blame^]322/****************************************************************/
323/* Sign/verify hashes */
324/****************************************************************/
325
326#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
327 defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
328
329/* Decode the hash algorithm from alg and store the mbedtls encoding in
330 * md_alg. Verify that the hash length is acceptable. */
331static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg,
332 size_t hash_length,
333 mbedtls_md_type_t *md_alg )
334{
335 psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
336 const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
337 *md_alg = mbedtls_md_get_type( md_info );
338
339 /* The Mbed TLS RSA module uses an unsigned int for hash length
340 * parameters. Validate that it fits so that we don't risk an
341 * overflow later. */
342#if SIZE_MAX > UINT_MAX
343 if( hash_length > UINT_MAX )
344 return( PSA_ERROR_INVALID_ARGUMENT );
345#endif
346
347#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN)
348 /* For PKCS#1 v1.5 signature, if using a hash, the hash length
349 * must be correct. */
350 if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) &&
351 alg != PSA_ALG_RSA_PKCS1V15_SIGN_RAW )
352 {
353 if( md_info == NULL )
354 return( PSA_ERROR_NOT_SUPPORTED );
355 if( mbedtls_md_get_size( md_info ) != hash_length )
356 return( PSA_ERROR_INVALID_ARGUMENT );
357 }
358#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN */
359
360#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
361 /* PSS requires a hash internally. */
362 if( PSA_ALG_IS_RSA_PSS( alg ) )
363 {
364 if( md_info == NULL )
365 return( PSA_ERROR_NOT_SUPPORTED );
366 }
367#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */
368
369 return( PSA_SUCCESS );
370}
371
372psa_status_t mbedtls_psa_rsa_sign_hash(
373 const psa_key_attributes_t *attributes,
374 const uint8_t *key_buffer, size_t key_buffer_size,
375 psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
376 uint8_t *signature, size_t signature_size, size_t *signature_length )
377{
378 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
379 mbedtls_rsa_context *rsa = NULL;
380 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
381 mbedtls_md_type_t md_alg;
382
383 status = mbedtls_psa_rsa_load_representation( attributes->core.type,
384 key_buffer,
385 key_buffer_size,
386 &rsa );
387 if( status != PSA_SUCCESS )
388 return( status );
389
390 status = psa_rsa_decode_md_type( alg, hash_length, &md_alg );
391 if( status != PSA_SUCCESS )
392 goto exit;
393
394 if( signature_size < mbedtls_rsa_get_len( rsa ) )
395 {
396 status = PSA_ERROR_BUFFER_TOO_SMALL;
397 goto exit;
398 }
399
400#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN)
401 if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
402 {
403 mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
404 MBEDTLS_MD_NONE );
405 ret = mbedtls_rsa_pkcs1_sign( rsa,
406 mbedtls_psa_get_random,
407 MBEDTLS_PSA_RANDOM_STATE,
408 MBEDTLS_RSA_PRIVATE,
409 md_alg,
410 (unsigned int) hash_length,
411 hash,
412 signature );
413 }
414 else
415#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN */
416#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
417 if( PSA_ALG_IS_RSA_PSS( alg ) )
418 {
419 mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
420 ret = mbedtls_rsa_rsassa_pss_sign( rsa,
421 mbedtls_psa_get_random,
422 MBEDTLS_PSA_RANDOM_STATE,
423 MBEDTLS_RSA_PRIVATE,
424 MBEDTLS_MD_NONE,
425 (unsigned int) hash_length,
426 hash,
427 signature );
428 }
429 else
430#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */
431 {
432 status = PSA_ERROR_INVALID_ARGUMENT;
433 goto exit;
434 }
435
436 if( ret == 0 )
437 *signature_length = mbedtls_rsa_get_len( rsa );
438 status = mbedtls_to_psa_error( ret );
439
440exit:
441 mbedtls_rsa_free( rsa );
442 mbedtls_free( rsa );
443
444 return( status );
445}
446
447psa_status_t mbedtls_psa_rsa_verify_hash(
448 const psa_key_attributes_t *attributes,
449 const uint8_t *key_buffer, size_t key_buffer_size,
450 psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
451 const uint8_t *signature, size_t signature_length )
452{
453 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
454 mbedtls_rsa_context *rsa = NULL;
455 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
456 mbedtls_md_type_t md_alg;
457
458 status = mbedtls_psa_rsa_load_representation( attributes->core.type,
459 key_buffer,
460 key_buffer_size,
461 &rsa );
462 if( status != PSA_SUCCESS )
463 goto exit;
464
465 status = psa_rsa_decode_md_type( alg, hash_length, &md_alg );
466 if( status != PSA_SUCCESS )
467 goto exit;
468
469 if( signature_length != mbedtls_rsa_get_len( rsa ) )
470 {
471 status = PSA_ERROR_INVALID_SIGNATURE;
472 goto exit;
473 }
474
475#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN)
476 if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
477 {
478 mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
479 MBEDTLS_MD_NONE );
480 ret = mbedtls_rsa_pkcs1_verify( rsa,
481 mbedtls_psa_get_random,
482 MBEDTLS_PSA_RANDOM_STATE,
483 MBEDTLS_RSA_PUBLIC,
484 md_alg,
485 (unsigned int) hash_length,
486 hash,
487 signature );
488 }
489 else
490#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN */
491#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
492 if( PSA_ALG_IS_RSA_PSS( alg ) )
493 {
494 mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
495 ret = mbedtls_rsa_rsassa_pss_verify( rsa,
496 mbedtls_psa_get_random,
497 MBEDTLS_PSA_RANDOM_STATE,
498 MBEDTLS_RSA_PUBLIC,
499 MBEDTLS_MD_NONE,
500 (unsigned int) hash_length,
501 hash,
502 signature );
503 }
504 else
505#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */
506 {
507 status = PSA_ERROR_INVALID_ARGUMENT;
508 goto exit;
509 }
510
511 /* Mbed TLS distinguishes "invalid padding" from "valid padding but
512 * the rest of the signature is invalid". This has little use in
513 * practice and PSA doesn't report this distinction. */
514 status = ( ret == MBEDTLS_ERR_RSA_INVALID_PADDING ) ?
515 PSA_ERROR_INVALID_SIGNATURE :
516 mbedtls_to_psa_error( ret );
517
518exit:
519 mbedtls_rsa_free( rsa );
520 mbedtls_free( rsa );
521
522 return( status );
523}
524
525#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
526 * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) */
527
Ronald Cronf1057d32020-11-26 19:19:10 +0100[diff] [blame]528#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
529 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
530
Ronald Cron784fb322020-11-30 13:55:05 +0100[diff] [blame]531psa_status_t mbedtls_psa_rsa_import_key(
532 const psa_key_attributes_t *attributes,
533 const uint8_t *data, size_t data_length,
534 uint8_t *key_buffer, size_t key_buffer_size,
535 size_t *key_buffer_length, size_t *bits )
536{
537 return( rsa_import_key( attributes, data, data_length,
538 key_buffer, key_buffer_size,
539 key_buffer_length, bits ) );
540}
541
Ronald Cronf1057d32020-11-26 19:19:10 +0100[diff] [blame]542psa_status_t mbedtls_psa_rsa_export_public_key(
543 const psa_key_attributes_t *attributes,
544 const uint8_t *key_buffer, size_t key_buffer_size,
545 uint8_t *data, size_t data_size, size_t *data_length )
546{
547 return( rsa_export_public_key( attributes, key_buffer, key_buffer_size,
548 data, data_size, data_length ) );
549}
550
Ronald Crone5ca3d82020-11-26 16:36:16 +0100[diff] [blame]551#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
552 * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
553
Ronald Cron3a9c46b2020-11-06 09:38:35 +0100[diff] [blame]554#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
555psa_status_t mbedtls_psa_rsa_generate_key(
556 const psa_key_attributes_t *attributes,
557 uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
558{
559 return( rsa_generate_key( attributes, key_buffer, key_buffer_size,
560 key_buffer_length ) );
561}
562#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) */
563
Ronald Cronf1057d32020-11-26 19:19:10 +0100[diff] [blame]564/*
565 * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
566 */
567
568#if defined(PSA_CRYPTO_DRIVER_TEST)
569
570#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \
571 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
Ronald Cron784fb322020-11-30 13:55:05 +0100[diff] [blame]572
573psa_status_t mbedtls_transparent_test_driver_rsa_import_key(
574 const psa_key_attributes_t *attributes,
575 const uint8_t *data, size_t data_length,
576 uint8_t *key_buffer, size_t key_buffer_size,
577 size_t *key_buffer_length, size_t *bits )
578{
579 return( rsa_import_key( attributes, data, data_length,
580 key_buffer, key_buffer_size,
581 key_buffer_length, bits ) );
582}
583
Ronald Cronf1057d32020-11-26 19:19:10 +0100[diff] [blame]584psa_status_t mbedtls_transparent_test_driver_rsa_export_public_key(
585 const psa_key_attributes_t *attributes,
586 const uint8_t *key_buffer, size_t key_buffer_size,
587 uint8_t *data, size_t data_size, size_t *data_length )
588{
589 return( rsa_export_public_key( attributes, key_buffer, key_buffer_size,
590 data, data_size, data_length ) );
591}
Ronald Cron784fb322020-11-30 13:55:05 +0100[diff] [blame]592
Ronald Cronf1057d32020-11-26 19:19:10 +0100[diff] [blame]593#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) ||
594 defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) */
595
Ronald Cron3a9c46b2020-11-06 09:38:35 +0100[diff] [blame]596#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR)
597psa_status_t mbedtls_transparent_test_driver_rsa_generate_key(
598 const psa_key_attributes_t *attributes,
599 uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
600{
601 return( rsa_generate_key( attributes, key_buffer, key_buffer_size,
602 key_buffer_length ) );
603}
604#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) */
605
Ronald Cronf1057d32020-11-26 19:19:10 +0100[diff] [blame]606#endif /* PSA_CRYPTO_DRIVER_TEST */
607
Ronald Cron00b7bfc2020-11-25 15:25:26 +0100[diff] [blame]608#endif /* MBEDTLS_PSA_CRYPTO_C */