Merge pull request #10213 from valeriosetti/issue298-development

[development] PK: try storing all private RSA keys in PSA (2/3)

library/debug.c

@@ -220,20 +220,21 @@ void mbedtls_debug_print_mpi(const mbedtls_ssl_context *ssl, int level,
 
 #if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_INFO)
 
-#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
-static void mbedtls_debug_print_ec_coord(const mbedtls_ssl_context *ssl, int level,
-                                         const char *file, int line, const char *text,
-                                         const unsigned char *buf, size_t len)
+/* no-check-names will be removed in mbedtls#10229. */
+#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) || defined(MBEDTLS_PK_USE_PSA_RSA_DATA) //no-check-names
+static void mbedtls_debug_print_integer(const mbedtls_ssl_context *ssl, int level,
+                                        const char *file, int line, const char *text,
+                                        const unsigned char *buf, size_t bitlen)
 {
     char str[DEBUG_BUF_SIZE];
-    size_t i, idx = 0;
+    size_t i, len_bytes = PSA_BITS_TO_BYTES(bitlen), idx = 0;
 
     mbedtls_snprintf(str + idx, sizeof(str) - idx, "value of '%s' (%u bits) is:\n",
-                     text, (unsigned int) len * 8);
+                     text, (unsigned int) bitlen);
 
     debug_send_line(ssl, level, file, line, str);
 
-    for (i = 0; i < len; i++) {
+    for (i = 0; i < len_bytes; i++) {
         if (i >= 4096) {
             break;
         }
@@ -251,16 +252,15 @@ static void mbedtls_debug_print_ec_coord(const mbedtls_ssl_context *ssl, int lev
                                 (unsigned int) buf[i]);
     }
 
-    if (len > 0) {
-        for (/* i = i */; i % 16 != 0; i++) {
-            idx += mbedtls_snprintf(str + idx, sizeof(str) - idx, "   ");
-        }
-
+    if (len_bytes > 0) {
         mbedtls_snprintf(str + idx, sizeof(str) - idx, "\n");
         debug_send_line(ssl, level, file, line, str);
     }
 }
+/* no-check-names will be removed in mbedtls#10229. */
+#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY || MBEDTLS_PK_USE_PSA_RSA_DATA */ //no-check-names
 
+#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
 static void mbedtls_debug_print_psa_ec(const mbedtls_ssl_context *ssl, int level,
                                        const char *file, int line,
                                        const char *text, const mbedtls_pk_context *pk)
@@ -283,15 +283,115 @@ static void mbedtls_debug_print_psa_ec(const mbedtls_ssl_context *ssl, int level
     /* X coordinate */
     coord_start = pk->pub_raw + 1;
     mbedtls_snprintf(str, sizeof(str), "%s(X)", text);
-    mbedtls_debug_print_ec_coord(ssl, level, file, line, str, coord_start, coord_len);
+    mbedtls_debug_print_integer(ssl, level, file, line, str, coord_start, coord_len * 8);
 
     /* Y coordinate */
     coord_start = coord_start + coord_len;
     mbedtls_snprintf(str, sizeof(str), "%s(Y)", text);
-    mbedtls_debug_print_ec_coord(ssl, level, file, line, str, coord_start, coord_len);
+    mbedtls_debug_print_integer(ssl, level, file, line, str, coord_start, coord_len * 8);
 }
 #endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
 
+/* no-check-names will be removed in mbedtls#10229. */
+#if defined(MBEDTLS_PK_USE_PSA_RSA_DATA) //no-check-names
+static size_t debug_count_valid_bits(unsigned char **buf, size_t len)
+{
+    size_t i, bits;
+
+    /* Ignore initial null bytes (if any). */
+    while ((len > 0) && (**buf == 0x00)) {
+        (*buf)++;
+        len--;
+    }
+
+    if (len == 0) {
+        return 0;
+    }
+
+    bits = len * 8;
+
+    /* Ignore initial null bits (if any). */
+    for (i = 7; i > 0; i--) {
+        if ((**buf & (0x1 << i)) != 0) {
+            break;
+        }
+        bits--;
+    }
+
+    return bits;
+}
+
+static void mbedtls_debug_print_psa_rsa(const mbedtls_ssl_context *ssl, int level,
+                                        const char *file, int line,
+                                        const char *text, const mbedtls_pk_context *pk)
+{
+    char str[DEBUG_BUF_SIZE];
+    /* no-check-names will be removed in mbedtls#10229. */
+    unsigned char key_der[MBEDTLS_PK_MAX_RSA_PUBKEY_RAW_LEN]; //no-check-names
+    unsigned char *start_cur;
+    unsigned char *end_cur;
+    size_t len, bits;
+    int ret;
+
+    if (NULL == ssl              ||
+        NULL == ssl->conf        ||
+        NULL == ssl->conf->f_dbg ||
+        level > debug_threshold) {
+        return;
+    }
+
+    if (pk->pub_raw_len > sizeof(key_der)) {
+        snprintf(str, sizeof(str),
+                 "RSA public key too large: %" MBEDTLS_PRINTF_SIZET " > %" MBEDTLS_PRINTF_SIZET,
+                 pk->pub_raw_len, sizeof(key_der));
+        debug_send_line(ssl, level, file, line, str);
+        return;
+    }
+
+    memcpy(key_der, pk->pub_raw, pk->pub_raw_len);
+    start_cur = key_der;
+    end_cur = key_der + pk->pub_raw_len;
+
+    /* This integer parsing solution should be replaced with mbedtls_asn1_get_integer().
+     * See #10238. */
+    ret = mbedtls_asn1_get_tag(&start_cur, end_cur, &len,
+                               MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED);
+    if (ret != 0) {
+        return;
+    }
+
+    ret = mbedtls_asn1_get_tag(&start_cur, end_cur, &len, MBEDTLS_ASN1_INTEGER);
+    if (ret != 0) {
+        return;
+    }
+
+    bits = debug_count_valid_bits(&start_cur, len);
+    if (bits == 0) {
+        return;
+    }
+    len = PSA_BITS_TO_BYTES(bits);
+
+    mbedtls_snprintf(str, sizeof(str), "%s.N", text);
+    mbedtls_debug_print_integer(ssl, level, file, line, str, start_cur, bits);
+
+    start_cur += len;
+
+    ret = mbedtls_asn1_get_tag(&start_cur, end_cur, &len, MBEDTLS_ASN1_INTEGER);
+    if (ret != 0) {
+        return;
+    }
+
+    bits = debug_count_valid_bits(&start_cur, len);
+    if (bits == 0) {
+        return;
+    }
+
+    mbedtls_snprintf(str, sizeof(str), "%s.E", text);
+    mbedtls_debug_print_integer(ssl, level, file, line, str, start_cur, bits);
+}
+/* no-check-names will be removed in mbedtls#10229. */
+#endif /* MBEDTLS_PK_USE_PSA_RSA_DATA */ //no-check-names
+
 static void debug_print_pk(const mbedtls_ssl_context *ssl, int level,
                            const char *file, int line,
                            const char *text, const mbedtls_pk_context *pk)
@@ -321,6 +421,12 @@ static void debug_print_pk(const mbedtls_ssl_context *ssl, int level,
             mbedtls_debug_print_mpi(ssl, level, file, line, name, items[i].value);
         } else
 #endif /* MBEDTLS_RSA_C */
+/* no-check-names will be removed in mbedtls#10229. */
+#if defined(MBEDTLS_PK_USE_PSA_RSA_DATA) //no-check-names
+        if (items[i].type == MBEDTLS_PK_DEBUG_PSA_RSA) { //no-check-names
+            mbedtls_debug_print_psa_rsa(ssl, level, file, line, name, items[i].value);
+        } else
+#endif /* MBEDTLS_PK_USE_PSA_RSA_DATA */ //no-check-names
 #if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
         if (items[i].type == MBEDTLS_PK_DEBUG_PSA_EC) {
             mbedtls_debug_print_psa_ec(ssl, level, file, line, name, items[i].value);

tests/suites/test_suite_x509parse.function

@@ -1120,15 +1120,29 @@ void x509parse_crt(data_t *buf, char *result_str, int result)
     mbedtls_x509_crt   crt;
 #if !defined(MBEDTLS_X509_REMOVE_INFO)
     unsigned char output[2000] = { 0 };
-    int res;
 #else
     ((void) result_str);
 #endif
+    /* Tests whose result is MBEDTLS_ERR_PK_INVALID_PUBKEY might return
+     * MBEDTLS_ERR_ASN1_UNEXPECTED_TAG until psa#308 is merged. This variable
+     * is therefore used for backward compatiblity and will be removed in
+     * mbedtls#10229. */
+    int result_back_comp = result;
+    int res;
+
+#if !defined(MBEDTLS_PK_USE_PSA_RSA_DATA)
+    /* Support for mbedtls#10213 before psa#308. Once psa#308 will be
+     * merged this dirty fix can be removed. */
+    if (result == MBEDTLS_ERR_PK_INVALID_PUBKEY) {
+        result_back_comp = MBEDTLS_ERR_ASN1_UNEXPECTED_TAG;
+    }
+#endif /* MBEDTLS_PK_USE_PSA_RSA_DATA */
 
     mbedtls_x509_crt_init(&crt);
     USE_PSA_INIT();
 
-    TEST_EQUAL(mbedtls_x509_crt_parse_der(&crt, buf->x, buf->len), result);
+    res = mbedtls_x509_crt_parse_der(&crt, buf->x, buf->len);
+    TEST_ASSERT((res == result) || (res == result_back_comp));
 #if !defined(MBEDTLS_X509_REMOVE_INFO)
     if ((result) == 0) {
         res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt);
@@ -1143,7 +1157,8 @@ void x509parse_crt(data_t *buf, char *result_str, int result)
     mbedtls_x509_crt_free(&crt);
     mbedtls_x509_crt_init(&crt);
 
-    TEST_EQUAL(mbedtls_x509_crt_parse_der_nocopy(&crt, buf->x, buf->len), result);
+    res = mbedtls_x509_crt_parse_der_nocopy(&crt, buf->x, buf->len);
+    TEST_ASSERT((res == result) || (res == result_back_comp));
 #if !defined(MBEDTLS_X509_REMOVE_INFO)
     if ((result) == 0) {
         memset(output, 0, 2000);
@@ -1161,8 +1176,8 @@ void x509parse_crt(data_t *buf, char *result_str, int result)
     mbedtls_x509_crt_free(&crt);
     mbedtls_x509_crt_init(&crt);
 
-    TEST_EQUAL(mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 0, NULL, NULL),
-               result);
+    res = mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 0, NULL, NULL);
+    TEST_ASSERT((res == result) || (res == result_back_comp));
 #if !defined(MBEDTLS_X509_REMOVE_INFO)
     if ((result) == 0) {
         res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt);
@@ -1178,8 +1193,8 @@ void x509parse_crt(data_t *buf, char *result_str, int result)
     mbedtls_x509_crt_free(&crt);
     mbedtls_x509_crt_init(&crt);
 
-    TEST_EQUAL(mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 1, NULL, NULL),
-               result);
+    res = mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 1, NULL, NULL);
+    TEST_ASSERT((res == result) || (res == result_back_comp));
 #if !defined(MBEDTLS_X509_REMOVE_INFO)
     if ((result) == 0) {
         res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt);