diff --git a/components/mbedtls/esp_tee/esp_tee_mbedtls.cmake b/components/mbedtls/esp_tee/esp_tee_mbedtls.cmake index b312a9efd3..e180a6bfd7 100644 --- a/components/mbedtls/esp_tee/esp_tee_mbedtls.cmake +++ b/components/mbedtls/esp_tee/esp_tee_mbedtls.cmake @@ -60,11 +60,12 @@ foreach(target ${mbedtls_targets}) target_compile_options(${target} PRIVATE "-O2") endif() target_link_libraries(${target} PUBLIC idf::esp_hal_security) + target_link_libraries(${target} PRIVATE idf::esp_security) endforeach() target_link_libraries(${COMPONENT_LIB} INTERFACE ${mbedtls_targets}) -target_link_libraries(tfpsacrypto PRIVATE idf::esp_security) +target_link_libraries(tfpsacrypto PUBLIC idf::esp_security) target_include_directories(tfpsacrypto PRIVATE ${crypto_port_inc_dirs}) diff --git a/components/mbedtls/port/psa_driver/esp_ecdsa/psa_crypto_driver_esp_ecdsa.c b/components/mbedtls/port/psa_driver/esp_ecdsa/psa_crypto_driver_esp_ecdsa.c index ed9be47abe..c981aac0e7 100644 --- a/components/mbedtls/port/psa_driver/esp_ecdsa/psa_crypto_driver_esp_ecdsa.c +++ b/components/mbedtls/port/psa_driver/esp_ecdsa/psa_crypto_driver_esp_ecdsa.c @@ -20,6 +20,10 @@ #include "esp_efuse.h" #include "esp_efuse_chip.h" +#if SOC_KEY_MANAGER_SUPPORTED +#include "esp_key_mgr.h" +#endif /* SOC_KEY_MANAGER_SUPPORTED */ + #if SOC_ECDSA_SUPPORTED #include "hal/ecdsa_types.h" #include "hal/ecdsa_hal.h" @@ -358,8 +362,8 @@ psa_status_t esp_ecdsa_transparent_verify_hash( */ static bool is_efuse_blk_valid(int high_blk, int low_blk) { - return (high_blk >= EFUSE_BLK0 && high_blk < EFUSE_BLK_MAX && - low_blk >= EFUSE_BLK0 && low_blk < EFUSE_BLK_MAX); + return ((high_blk == 0 || (high_blk >= EFUSE_BLK_KEY0 && high_blk < EFUSE_BLK_KEY_MAX)) && + (low_blk >= EFUSE_BLK_KEY0 && low_blk < EFUSE_BLK_KEY_MAX)); } #endif /* SOC_ECDSA_SUPPORT_CURVE_P384 */ @@ -442,15 +446,18 @@ static psa_status_t validate_ecdsa_opaque_key_attributes(const psa_key_attribute { esp_ecdsa_curve_t expected_curve = psa_bits_to_ecdsa_curve(PSA_BITS_TO_BYTES(psa_get_key_bits(attributes))); - if (expected_curve != opaque_key->curve) { + if (expected_curve == ESP_ECDSA_CURVE_MAX || expected_curve != opaque_key->curve) { return PSA_ERROR_INVALID_ARGUMENT; } #if CONFIG_MBEDTLS_HARDWARE_ECDSA_SIGN - if (!(opaque_key->use_km_key + if (!(0 +#if SOC_KEY_MANAGER_SUPPORTED + || opaque_key->key_recovery_info +#endif /* SOC_KEY_MANAGER_SUPPORTED */ #if CONFIG_MBEDTLS_TEE_SEC_STG_ECDSA_SIGN || opaque_key->tee_key_id -#endif +#endif /* CONFIG_MBEDTLS_TEE_SEC_STG_ECDSA_SIGN */ )) { psa_status_t status = esp_ecdsa_validate_efuse_block(opaque_key->curve, opaque_key->efuse_block); if (status != PSA_SUCCESS) { @@ -625,6 +632,17 @@ psa_status_t esp_ecdsa_opaque_sign_hash_complete( uint8_t zeroes[MAX_ECDSA_COMPONENT_LEN] = {0}; +#if SOC_KEY_MANAGER_SUPPORTED + esp_key_mgr_key_recovery_info_t *key_recovery_info = operation->opaque_key->key_recovery_info; + if (key_recovery_info) { + esp_err_t err = esp_key_mgr_activate_key(key_recovery_info); + if (err != ESP_OK) { + ESP_LOGE(TAG, "Failed to activate key: 0x%x", err); + return PSA_ERROR_INVALID_HANDLE; + } + } +#endif /* SOC_KEY_MANAGER_SUPPORTED */ + // Acquire hardware esp_ecdsa_acquire_hardware(); @@ -648,10 +666,13 @@ psa_status_t esp_ecdsa_opaque_sign_hash_complete( } #endif /* CONFIG_MBEDTLS_ECDSA_DETERMINISTIC && !SOC_ECDSA_SUPPORT_HW_DETERMINISTIC_LOOP */ +#if SOC_KEY_MANAGER_SUPPORTED // Set key source (consistent with esp_ecdsa_pk_conf_t) - if (operation->opaque_key->use_km_key) { + if (key_recovery_info) { conf.use_km_key = 1; - } else { + } else +#endif /* SOC_KEY_MANAGER_SUPPORTED */ + { conf.efuse_key_blk = operation->opaque_key->efuse_block; } @@ -683,6 +704,12 @@ psa_status_t esp_ecdsa_opaque_sign_hash_complete( esp_ecdsa_release_hardware(); +#if SOC_KEY_MANAGER_SUPPORTED + if (key_recovery_info) { + esp_key_mgr_deactivate_key(key_recovery_info->key_type); + } +#endif /* SOC_KEY_MANAGER_SUPPORTED */ + // Convert r from little-endian to big-endian and copy to output change_endianess(operation->r, signature, component_len); // Convert s from little-endian to big-endian and copy to output @@ -814,9 +841,18 @@ psa_status_t esp_ecdsa_opaque_export_public_key( .curve = opaque_key->curve, }; - if (opaque_key->use_km_key) { +#if SOC_KEY_MANAGER_SUPPORTED + esp_key_mgr_key_recovery_info_t *key_recovery_info = opaque_key->key_recovery_info; + if (key_recovery_info) { + esp_err_t err = esp_key_mgr_activate_key(key_recovery_info); + if (err != ESP_OK) { + ESP_LOGE(TAG, "Failed to activate key: 0x%x", err); + return PSA_ERROR_INVALID_HANDLE; + } conf.use_km_key = 1; - } else { + } else +#endif /* SOC_KEY_MANAGER_SUPPORTED */ + { conf.efuse_key_blk = opaque_key->efuse_block; } @@ -834,6 +870,12 @@ psa_status_t esp_ecdsa_opaque_export_public_key( esp_ecdsa_release_hardware(); +#if SOC_KEY_MANAGER_SUPPORTED + if (key_recovery_info) { + esp_key_mgr_deactivate_key(key_recovery_info->key_type); + } +#endif /* SOC_KEY_MANAGER_SUPPORTED */ + // Format: uncompressed point (ECDSA_UNCOMPRESSED_POINT_FORMAT byte followed by x and y coordinates) data[0] = ECDSA_UNCOMPRESSED_POINT_FORMAT; diff --git a/components/mbedtls/port/psa_driver/include/psa_crypto_driver_esp_ecdsa_contexts.h b/components/mbedtls/port/psa_driver/include/psa_crypto_driver_esp_ecdsa_contexts.h index 00c141aa99..78fe73a620 100644 --- a/components/mbedtls/port/psa_driver/include/psa_crypto_driver_esp_ecdsa_contexts.h +++ b/components/mbedtls/port/psa_driver/include/psa_crypto_driver_esp_ecdsa_contexts.h @@ -11,6 +11,10 @@ #include "psa/crypto_driver_common.h" #include "sdkconfig.h" +#if SOC_KEY_MANAGER_SUPPORTED +#include "esp_key_mgr.h" +#endif + #ifdef __cplusplus extern "C" { #endif @@ -46,8 +50,10 @@ typedef struct { #if CONFIG_MBEDTLS_TEE_SEC_STG_ECDSA_SIGN const char *tee_key_id; /**< TEE secure storage key id */ #endif - bool use_km_key; /**< Use key deployed in the key manager */ - uint8_t efuse_block; /**< eFuse block id for ECDSA private key */ +#if SOC_KEY_MANAGER_SUPPORTED + esp_key_mgr_key_recovery_info_t *key_recovery_info; /**< Pointer to the key recovery info for ECDSA key */ +#endif + uint8_t efuse_block; /**< eFuse block id for ECDSA private key e.g. EFUSE_BLK_KEY0, EFUSE_BLK_KEY1 */ } esp_ecdsa_opaque_key_t; #if !(__DOXYGEN__) // No need to document these structures, these are internal to the driver diff --git a/components/mbedtls/test_apps/main/test_psa_ecdsa.c b/components/mbedtls/test_apps/main/test_psa_ecdsa.c index d26d5f38ee..e750d739a6 100644 --- a/components/mbedtls/test_apps/main/test_psa_ecdsa.c +++ b/components/mbedtls/test_apps/main/test_psa_ecdsa.c @@ -301,7 +301,7 @@ const uint8_t k1_ecdsa192_encrypt[] = { 0xde, 0xe9, 0x9c, 0x89, 0xf2, 0x3b, 0x29, 0xb7, 0x9e, 0x33, 0xec, 0x76, 0x75, 0x2f, 0x3e, 0xab, 0x61, 0x06, 0x4d, 0xea, 0x05, 0x2c, 0xc3, 0x29, 0x1c, 0x7f, 0xb7, 0x3d, 0xb8, 0x1c, 0xb2, 0x17, }; -void test_ecdsa_sign(esp_ecdsa_curve_t curve, const uint8_t *hash, const uint8_t *pub_x, const uint8_t *pub_y, bool is_deterministic, int efuse_key_block) +void test_ecdsa_sign(esp_ecdsa_curve_t curve, const uint8_t *hash, const uint8_t *pub_x, const uint8_t *pub_y, bool is_deterministic, int efuse_key_block, void *key_recovery_info) { size_t hash_len = HASH_LEN; uint8_t signature[2 * MAX_ECDSA_COMPONENT_LEN]; @@ -331,13 +331,15 @@ void test_ecdsa_sign(esp_ecdsa_curve_t curve, const uint8_t *hash, const uint8_t psa_key_id_t priv_key_id = 0; psa_key_attributes_t priv_attr = PSA_KEY_ATTRIBUTES_INIT; - esp_ecdsa_opaque_key_t opaque_key = { - .curve = curve, - }; + esp_ecdsa_opaque_key_t opaque_key = { 0 }; + opaque_key.curve = curve; - if (efuse_key_block == USE_ECDSA_KEY_FROM_KEY_MANAGER) { - opaque_key.use_km_key = true; - } else { +#if SOC_KEY_MANAGER_SUPPORTED + if (key_recovery_info) { + opaque_key.key_recovery_info = (esp_key_mgr_key_recovery_info_t *) key_recovery_info; + } else +#endif /* SOC_KEY_MANAGER_SUPPORTED */ + { opaque_key.efuse_block = efuse_key_block; } @@ -373,7 +375,7 @@ TEST_CASE("mbedtls ECDSA signature generation on SECP256R1", "[mbedtls][efuse_ke if (!ecdsa_ll_is_supported()) { TEST_IGNORE_MESSAGE("ECDSA is not supported"); } - test_ecdsa_sign(ESP_ECDSA_CURVE_SECP256R1, sha, ecdsa256_pub_x, ecdsa256_pub_y, false, SECP256R1_EFUSE_BLOCK); + test_ecdsa_sign(ESP_ECDSA_CURVE_SECP256R1, sha, ecdsa256_pub_x, ecdsa256_pub_y, false, SECP256R1_EFUSE_BLOCK, NULL); } #ifdef SOC_ECDSA_SUPPORT_CURVE_P384 @@ -383,14 +385,14 @@ TEST_CASE("mbedtls ECDSA signature generation on SECP384R1", "[mbedtls][efuse_ke TEST_IGNORE_MESSAGE("ECDSA is not supported"); } uint8_t efuse_key_block = HAL_ECDSA_COMBINE_KEY_BLOCKS(SECP384R1_EFUSE_BLOCK_HIGH, SECP384R1_EFUSE_BLOCK_LOW); - test_ecdsa_sign(ESP_ECDSA_CURVE_SECP384R1, sha, ecdsa384_pub_x, ecdsa384_pub_y, false, efuse_key_block); + test_ecdsa_sign(ESP_ECDSA_CURVE_SECP384R1, sha, ecdsa384_pub_x, ecdsa384_pub_y, false, efuse_key_block, NULL); } #endif /* SOC_ECDSA_SUPPORT_CURVE_P384 */ #if SOC_KEY_MANAGER_SUPPORTED -static void deploy_key_in_key_manager(const uint8_t *k1_encrypted, esp_key_mgr_key_type_t key_type, esp_key_mgr_key_len_t key_len) { +static void deploy_key_in_key_manager(const uint8_t *k1_encrypted, esp_key_mgr_key_type_t key_type, esp_key_mgr_key_len_t key_len, esp_key_mgr_key_recovery_info_t *key_recovery_info) { esp_key_mgr_aes_key_config_t *key_config = NULL; key_config = heap_caps_calloc(1, sizeof(esp_key_mgr_aes_key_config_t), MALLOC_CAP_INTERNAL); TEST_ASSERT_NOT_NULL(key_config); @@ -402,16 +404,10 @@ static void deploy_key_in_key_manager(const uint8_t *k1_encrypted, esp_key_mgr_k memcpy(key_config->k1_encrypted[0], (uint8_t*) k1_encrypted, KEY_MGR_K1_ENCRYPTED_SIZE); memcpy(key_config->sw_init_key, (uint8_t*) init_key, KEY_MGR_SW_INIT_KEY_SIZE); - esp_key_mgr_key_recovery_info_t *key_info = NULL; - key_info = heap_caps_calloc(1, sizeof(esp_key_mgr_key_recovery_info_t), MALLOC_CAP_INTERNAL); - TEST_ASSERT_NOT_NULL(key_info); - - esp_key_mgr_deploy_key_in_aes_mode(key_config, key_info); + TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_aes_mode(key_config, key_recovery_info)); ESP_LOGI(TAG, "Key deployed successfully"); - esp_key_mgr_activate_key(key_info); - free(key_info); free(key_config); } @@ -424,9 +420,13 @@ TEST_CASE("mbedtls ECDSA signature generation on SECP256R1", "[mbedtls][key_mana TEST_IGNORE_MESSAGE("Key manager is not supported"); } - deploy_key_in_key_manager(k1_ecdsa256_encrypt, ESP_KEY_MGR_ECDSA_KEY, ESP_KEY_MGR_ECDSA_LEN_256); - test_ecdsa_sign(ESP_ECDSA_CURVE_SECP256R1, sha, ecdsa256_pub_x, ecdsa256_pub_y, false, USE_ECDSA_KEY_FROM_KEY_MANAGER); - esp_key_mgr_deactivate_key(ESP_KEY_MGR_ECDSA_KEY); + esp_key_mgr_key_recovery_info_t *key_recovery_info; + key_recovery_info = heap_caps_calloc(1, sizeof(esp_key_mgr_key_recovery_info_t), MALLOC_CAP_INTERNAL); + TEST_ASSERT_NOT_NULL(key_recovery_info); + + deploy_key_in_key_manager(k1_ecdsa256_encrypt, ESP_KEY_MGR_ECDSA_KEY, ESP_KEY_MGR_ECDSA_LEN_256, key_recovery_info); + test_ecdsa_sign(ESP_ECDSA_CURVE_SECP256R1, sha, ecdsa256_pub_x, ecdsa256_pub_y, false, USE_ECDSA_KEY_FROM_KEY_MANAGER, (void *) key_recovery_info); + free(key_recovery_info); } #endif /* SOC_KEY_MANAGER_SUPPORTED */ @@ -440,7 +440,7 @@ TEST_CASE("mbedtls ECDSA deterministic signature generation on SECP256R1", "[mbe if (!ecdsa_ll_is_deterministic_mode_supported()) { ESP_LOGI(TAG, "Skipping test because ECDSA deterministic mode is not supported."); } else { - test_ecdsa_sign(ESP_ECDSA_CURVE_SECP256R1, sha, ecdsa256_pub_x, ecdsa256_pub_y, true, SECP256R1_EFUSE_BLOCK); + test_ecdsa_sign(ESP_ECDSA_CURVE_SECP256R1, sha, ecdsa256_pub_x, ecdsa256_pub_y, true, SECP256R1_EFUSE_BLOCK, NULL); } } @@ -451,7 +451,7 @@ TEST_CASE("mbedtls ECDSA deterministic signature generation on SECP384R1", "[mbe TEST_IGNORE_MESSAGE("ECDSA is not supported"); } uint8_t efuse_key_block = HAL_ECDSA_COMBINE_KEY_BLOCKS(SECP384R1_EFUSE_BLOCK_HIGH, SECP384R1_EFUSE_BLOCK_LOW); - test_ecdsa_sign(ESP_ECDSA_CURVE_SECP384R1, sha, ecdsa384_pub_x, ecdsa384_pub_y, true, efuse_key_block); + test_ecdsa_sign(ESP_ECDSA_CURVE_SECP384R1, sha, ecdsa384_pub_x, ecdsa384_pub_y, true, efuse_key_block, NULL); } #endif /* SOC_ECDSA_SUPPORT_CURVE_P384 */ @@ -469,16 +469,20 @@ TEST_CASE("mbedtls ECDSA deterministic signature generation on SECP256R1", "[mbe if (!ecdsa_ll_is_deterministic_mode_supported()) { ESP_LOGI(TAG, "Skipping test because ECDSA deterministic mode is not supported."); } else { - deploy_key_in_key_manager(k1_ecdsa256_encrypt, ESP_KEY_MGR_ECDSA_KEY, ESP_KEY_MGR_ECDSA_LEN_256); - test_ecdsa_sign(ESP_ECDSA_CURVE_SECP256R1, sha, ecdsa256_pub_x, ecdsa256_pub_y, true, USE_ECDSA_KEY_FROM_KEY_MANAGER); - esp_key_mgr_deactivate_key(ESP_KEY_MGR_ECDSA_KEY); + esp_key_mgr_key_recovery_info_t *key_recovery_info; + key_recovery_info = heap_caps_calloc(1, sizeof(esp_key_mgr_key_recovery_info_t), MALLOC_CAP_INTERNAL); + TEST_ASSERT_NOT_NULL(key_recovery_info); + + deploy_key_in_key_manager(k1_ecdsa256_encrypt, ESP_KEY_MGR_ECDSA_KEY, ESP_KEY_MGR_ECDSA_LEN_256, key_recovery_info); + test_ecdsa_sign(ESP_ECDSA_CURVE_SECP256R1, sha, ecdsa256_pub_x, ecdsa256_pub_y, true, USE_ECDSA_KEY_FROM_KEY_MANAGER, (void *) key_recovery_info); + free(key_recovery_info); } } #endif /* SOC_KEY_MANAGER_SUPPORTED */ #endif /* SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE */ #ifdef SOC_ECDSA_SUPPORT_EXPORT_PUBKEY -void test_ecdsa_export_pubkey(esp_ecdsa_curve_t curve, const uint8_t *pub_x, const uint8_t *pub_y, int efuse_key_block) +void test_ecdsa_export_pubkey(esp_ecdsa_curve_t curve, const uint8_t *pub_x, const uint8_t *pub_y, int efuse_key_block, void *key_recovery_info) { uint8_t export_pub_key[1 + 2 * MAX_ECDSA_COMPONENT_LEN] = {0}; size_t len = 0; @@ -486,9 +490,8 @@ void test_ecdsa_export_pubkey(esp_ecdsa_curve_t curve, const uint8_t *pub_x, con psa_key_id_t priv_key_id = 0; psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; - esp_ecdsa_opaque_key_t opaque_key = { - .curve = curve, - }; + esp_ecdsa_opaque_key_t opaque_key = { 0 }; + opaque_key.curve = curve; size_t plen = 0; psa_algorithm_t sha_alg = 0; @@ -510,9 +513,12 @@ void test_ecdsa_export_pubkey(esp_ecdsa_curve_t curve, const uint8_t *pub_x, con } size_t plen_bytes = plen / 8; - if (efuse_key_block == USE_ECDSA_KEY_FROM_KEY_MANAGER) { - opaque_key.use_km_key = true; - } else { +#if SOC_KEY_MANAGER_SUPPORTED + if (key_recovery_info) { + opaque_key.key_recovery_info = (esp_key_mgr_key_recovery_info_t *) key_recovery_info; + } else +#endif + { opaque_key.efuse_block = efuse_key_block; } // Set attributes for opaque private key @@ -545,7 +551,7 @@ TEST_CASE("mbedtls ECDSA export public key on SECP256R1", "[mbedtls][efuse_key]" if (!ecdsa_ll_is_supported()) { TEST_IGNORE_MESSAGE("ECDSA is not supported"); } - test_ecdsa_export_pubkey(ESP_ECDSA_CURVE_SECP256R1, ecdsa256_pub_x, ecdsa256_pub_y, SECP256R1_EFUSE_BLOCK); + test_ecdsa_export_pubkey(ESP_ECDSA_CURVE_SECP256R1, ecdsa256_pub_x, ecdsa256_pub_y, SECP256R1_EFUSE_BLOCK, NULL); } #ifdef SOC_ECDSA_SUPPORT_CURVE_P384 @@ -555,7 +561,7 @@ TEST_CASE("mbedtls ECDSA export public key on SECP384R1", "[mbedtls][efuse_key]" TEST_IGNORE_MESSAGE("ECDSA is not supported"); } uint8_t efuse_key_block = HAL_ECDSA_COMBINE_KEY_BLOCKS(SECP384R1_EFUSE_BLOCK_HIGH, SECP384R1_EFUSE_BLOCK_LOW); - test_ecdsa_export_pubkey(ESP_ECDSA_CURVE_SECP384R1, ecdsa384_pub_x, ecdsa384_pub_y, efuse_key_block); + test_ecdsa_export_pubkey(ESP_ECDSA_CURVE_SECP384R1, ecdsa384_pub_x, ecdsa384_pub_y, efuse_key_block, NULL); } #endif /* SOC_ECDSA_SUPPORT_CURVE_P384 */ @@ -570,9 +576,13 @@ TEST_CASE("mbedtls ECDSA export public key on SECP256R1", "[mbedtls][key_manager TEST_IGNORE_MESSAGE("Key manager is not supported"); } - deploy_key_in_key_manager(k1_ecdsa256_encrypt, ESP_KEY_MGR_ECDSA_KEY, ESP_KEY_MGR_ECDSA_LEN_256); - test_ecdsa_export_pubkey(ESP_ECDSA_CURVE_SECP256R1, ecdsa256_pub_x, ecdsa256_pub_y, USE_ECDSA_KEY_FROM_KEY_MANAGER); - esp_key_mgr_deactivate_key(ESP_KEY_MGR_ECDSA_KEY); + esp_key_mgr_key_recovery_info_t *key_recovery_info; + key_recovery_info = heap_caps_calloc(1, sizeof(esp_key_mgr_key_recovery_info_t), MALLOC_CAP_INTERNAL); + TEST_ASSERT_NOT_NULL(key_recovery_info); + + deploy_key_in_key_manager(k1_ecdsa256_encrypt, ESP_KEY_MGR_ECDSA_KEY, ESP_KEY_MGR_ECDSA_LEN_256, key_recovery_info); + test_ecdsa_export_pubkey(ESP_ECDSA_CURVE_SECP256R1, ecdsa256_pub_x, ecdsa256_pub_y, USE_ECDSA_KEY_FROM_KEY_MANAGER, (void *) key_recovery_info); + free(key_recovery_info); } #endif