Merge branch 'dev' into sign_sign

laurencelundblade · Jul 1, 2023 · 0a9af6b · 0a9af6b
2 parents ff840fa + 02fa902
commit 0a9af6b
Show file tree

Hide file tree

Showing 25 changed files with 1,648 additions and 29 deletions.
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -82,6 +82,8 @@ set(T_COSE_SRC_COMMON
     src/t_cose_recipient_enc_keywrap.c
     src/t_cose_recipient_dec_hpke.c
     src/t_cose_recipient_enc_hpke.c
+    src/t_cose_recipient_dec_esdh.c
+    src/t_cose_recipient_enc_esdh.c
     src/t_cose_qcbor_gap.c
     src/hpke.c
 )

diff --git a/Makefile.common b/Makefile.common
@@ -35,6 +35,8 @@ SRC_OBJ=src/t_cose_util.o \
         src/t_cose_recipient_enc_keywrap.o \
         src/t_cose_recipient_dec_hpke.o \
         src/t_cose_recipient_enc_hpke.o \
+        src/t_cose_recipient_dec_esdh.o \
+        src/t_cose_recipient_enc_esdh.o \
         src/hpke.o \
         src/t_cose_qcbor_gap.o
 
@@ -71,9 +73,11 @@ PUBLIC_INTERFACE=inc/t_cose/q_useful_buf.h \
                  inc/t_cose/t_cose_recipient_dec.h \
                  inc/t_cose/t_cose_recipient_dec_keywrap.h \
                  inc/t_cose/t_cose_recipient_dec_hpke.h \
+                 inc/t_cose/t_cose_recipient_dec_esdh.h \
                  inc/t_cose/t_cose_recipient_enc.h \
                  inc/t_cose/t_cose_recipient_enc_keywrap.h \
                  inc/t_cose/t_cose_recipient_enc_hpke.h \
+                 inc/t_cose/t_cose_recipient_enc_esdh.h \
                  inc/t_cose/t_cose_sign1_sign.h \
                  inc/t_cose/t_cose_sign1_verify.h \
                  inc/t_cose/t_cose_sign_sign.h \
@@ -196,6 +200,10 @@ src/t_cose_recpient_enc_hpke.o: src/t_cose_recipient_enc_hpke.c \
 src/t_cose_recpient_dec_hpke.o: src/t_cose_recipient_dec_hpke.c \
                                 src/hpke.h
 
+src/t_cose_recpient_enc_esdh.o: src/t_cose_recipient_enc_esdh.c
+
+src/t_cose_recpient_dec_esdh.o: src/t_cose_recipient_dec_esdh.c
+
 # ---- test dependencies -----
 test/t_cose_test.o: test/t_cose_test.h \
                     test/t_cose_make_test_messages.h \

diff --git a/crypto_adapters/t_cose_openssl_crypto.c b/crypto_adapters/t_cose_openssl_crypto.c
@@ -1411,6 +1411,48 @@ t_cose_crypto_free_symmetric_key(struct t_cose_key key)
 }
 
 
+/*
+ * See documentation in t_cose_crypto.h
+ */
+enum t_cose_err_t
+t_cose_crypto_export_public_key(struct t_cose_key      key,
+                                struct q_useful_buf    pk_buffer,
+                                size_t                *pk_len)
+{
+    /* TBD: This is a dummy function */
+    *pk_len = 0;
+    return T_COSE_SUCCESS;
+}
+
+
+/*
+ * See documentation in t_cose_crypto.h
+ */
+enum t_cose_err_t
+t_cose_crypto_generate_key(struct t_cose_key    *ephemeral_key,
+                           int32_t               cose_algorithm_id)
+{
+    /* TBD: This is a dummy function */
+    return T_COSE_SUCCESS;
+}
+
+
+/*
+ * See documentation in t_cose_crypto.h
+ */
+enum t_cose_err_t
+t_cose_crypto_key_agreement(const int32_t          cose_algorithm_id,
+                            struct t_cose_key      private_key,
+                            struct t_cose_key      public_key,
+                            struct q_useful_buf    symmetric_key,
+                            size_t                *symmetric_key_len
+                           )
+{
+    /* TBD: This is a dummy function */
+    *symmetric_key_len = 0;
+    return T_COSE_SUCCESS;
+}
+
 /* Compute size of ciphertext, given size of plaintext. Returns
  * SIZE_MAX if the algorithm is unknown. Also returns the tag
  * length. */
@@ -2064,6 +2106,69 @@ t_cose_crypto_kw_unwrap(int32_t                 algorithm_id,
 #endif /* !T_COSE_DISABLE_KEYWRAP */
 
 
+
+
+/*
+ * See documentation in t_cose_crypto.h
+ */
+enum t_cose_err_t
+t_cose_crypto_ecdh(struct t_cose_key      private_key,
+                   struct t_cose_key      public_key,
+                   struct q_useful_buf    shared_key_buf,
+                   struct q_useful_buf_c *shared_key)
+{
+    int           ossl_status;
+    EVP_PKEY_CTX *ctx;
+    size_t        shared_key_len;
+
+    ctx = EVP_PKEY_CTX_new((EVP_PKEY *)private_key.key.ptr, /* in: pkey */
+                           NULL);                           /* in: engine */
+    if(ctx == NULL) {
+        return T_COSE_ERR_FAIL; // TODO error code
+    }
+
+    /* Pretty sure EVP_PKEY_derive works with finite-field
+     * DH in addition to ECDH, but that is not made
+     * use of here. If finite-field DH is needed,
+     * maybe this here implementation can be wrapped
+     * by an inline function named t_cose_crypto_ffdh()
+     */
+
+    ossl_status = EVP_PKEY_derive_init(ctx);
+    if(ossl_status != 1) {
+        return T_COSE_ERR_FAIL; // TODO: error code
+    }
+
+    ossl_status = EVP_PKEY_derive_set_peer(ctx,
+                                           (EVP_PKEY *)public_key.key.ptr);
+    if(ossl_status != 1) {
+        return T_COSE_ERR_FAIL; // TODO: error code
+    }
+
+
+    ossl_status = EVP_PKEY_derive(ctx, NULL, &shared_key_len);
+    if(ossl_status != 1) {
+        return T_COSE_ERR_FAIL; // TODO: error code
+    }
+    if(shared_key_len > shared_key_buf.len) {
+        return T_COSE_ERR_FAIL; // TODO: error code
+    }
+    ossl_status = EVP_PKEY_derive(ctx, shared_key_buf.ptr, &shared_key_len);
+    if(ossl_status != 1) {
+        return T_COSE_ERR_FAIL; // TODO: error code
+    }
+
+    shared_key->ptr = shared_key_buf.ptr;
+    shared_key->len = shared_key_len;
+
+    EVP_PKEY_CTX_free(ctx);
+
+    return T_COSE_SUCCESS;
+}
+
+
+
+
 #include "openssl/kdf.h"
 
 

diff --git a/crypto_adapters/t_cose_psa_crypto.c b/crypto_adapters/t_cose_psa_crypto.c
@@ -726,14 +726,17 @@ t_cose_crypto_generate_key(struct t_cose_key    *ephemeral_key,
     psa_status_t         status;
 
    switch (cose_algorithm_id) {
+    case T_COSE_ELLIPTIC_CURVE_P_256:
     case T_COSE_HPKE_KEM_ID_P256:
         type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1);
         key_bitlen = 256;
         break;
+    case T_COSE_ELLIPTIC_CURVE_P_384:
     case T_COSE_HPKE_KEM_ID_P384:
          type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1);
          key_bitlen = 384;
          break;
+    case T_COSE_ELLIPTIC_CURVE_P_521:
     case T_COSE_HPKE_KEM_ID_P521:
          type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1);
          key_bitlen = 521;
@@ -1325,6 +1328,100 @@ t_cose_crypto_aead_decrypt(const int32_t          cose_algorithm_id,
 
 
 
+/*
+ * See documentation in t_cose_crypto.h
+ */
+
+enum t_cose_err_t
+t_cose_crypto_key_agreement(const int32_t          cose_algorithm_id,
+                            struct t_cose_key      private_key,
+                            struct t_cose_key      public_key,
+                            struct q_useful_buf    symmetric_key,
+                            size_t                *symmetric_key_len
+                           )
+{
+    psa_status_t status;
+    size_t pubKey_len;
+    enum t_cose_err_t return_value;
+    psa_algorithm_t key_agreement_alg;
+    Q_USEFUL_BUF_MAKE_STACK_UB(pubKey, T_COSE_EXPORT_PUBLIC_KEY_MAX_SIZE );
+
+    switch(cose_algorithm_id) {
+    case T_COSE_ALGORITHM_ECDH_ES_A128KW:
+    case T_COSE_ALGORITHM_ECDH_ES_A192KW:
+    case T_COSE_ALGORITHM_ECDH_ES_A256KW:
+        key_agreement_alg = PSA_ALG_ECDH;
+        break;
+    default:
+        return T_COSE_ERR_UNSUPPORTED_CONTENT_KEY_DISTRIBUTION_ALG;
+    }
+
+    /* Export public key for use with PSA Crypto API */
+    return_value = t_cose_crypto_export_public_key(
+                         public_key,
+                         pubKey,
+                         &pubKey_len);
+
+    if (return_value != T_COSE_SUCCESS) {
+        return(return_value);
+    }
+
+    /* Produce ECDH derived key */
+    status = psa_raw_key_agreement( key_agreement_alg,       // algorithm id
+                                    private_key.key.handle,  // client secret key
+                                    pubKey.ptr, pubKey_len,  // server public key
+                                    symmetric_key.ptr,       // buffer to store derived key
+                                    symmetric_key.len,       // length of the buffer for derived key
+                                    symmetric_key_len );     // length of derived key
+    if( status != PSA_SUCCESS )
+    {
+        return T_COSE_ERR_KEY_AGREEMENT_FAIL;
+    }
+
+    return T_COSE_SUCCESS;
+}
+
+
+/*
+ * See documentation in t_cose_crypto.h
+ */
+enum t_cose_err_t
+t_cose_crypto_ecdh(struct t_cose_key      private_key,
+                   struct t_cose_key      public_key,
+                   struct q_useful_buf    shared_key_buf,
+                   struct q_useful_buf_c *shared_key)
+{
+    psa_status_t         psa_status;
+    MakeUsefulBufOnStack(public_key_buf, T_COSE_EXPORT_PUBLIC_KEY_MAX_SIZE);
+    size_t               pub_key_len;
+
+    /* Export public key */
+    psa_status = psa_export_public_key((mbedtls_svc_key_id_t)public_key.key.handle, /* in: Key handle     */
+                                        public_key_buf.ptr,     /* in: PK buffer      */
+                                        public_key_buf.len,     /* in: PK buffer size */
+                                       &pub_key_len);           /* out: Result length */
+    if(psa_status != PSA_SUCCESS) {
+        return T_COSE_ERR_FAIL; // TODO: error code
+    }
+
+
+    psa_status = psa_raw_key_agreement(PSA_ALG_ECDH,
+                                       (mbedtls_svc_key_id_t)private_key.key.handle,
+                                       public_key_buf.ptr,
+                                       pub_key_len,
+                                       shared_key_buf.ptr,
+                                       shared_key_buf.len,
+                                       &(shared_key->len));
+    if(psa_status != PSA_SUCCESS) {
+        return T_COSE_ERR_FAIL; // TODO: error code
+    }
+
+    return T_COSE_SUCCESS;
+}
+
+
+
+
 
 /*
  * See documentation in t_cose_crypto.h

diff --git a/crypto_adapters/t_cose_test_crypto.c b/crypto_adapters/t_cose_test_crypto.c
@@ -389,6 +389,54 @@ t_cose_crypto_verify_eddsa(struct t_cose_key     verification_key,
 }
 
 
+/*
+ * See documentation in t_cose_crypto.h
+ */
+enum t_cose_err_t
+t_cose_crypto_export_public_key(struct t_cose_key      key,
+                                struct q_useful_buf    pk_buffer,
+                                size_t                *pk_len)
+{
+    (void)key;
+    (void)pk_buffer;
+    (void)pk_len;
+    return T_COSE_ERR_PUBLIC_KEY_EXPORT_FAILED;
+}
+
+
+/*
+ * See documentation in t_cose_crypto.h
+ */
+enum t_cose_err_t
+t_cose_crypto_generate_key(struct t_cose_key    *ephemeral_key,
+                           int32_t               cose_algorithm_id)
+{
+    (void)ephemeral_key;
+    (void)cose_algorithm_id;
+    return T_COSE_ERR_KEY_GENERATION_FAILED;
+}
+
+
+/*
+ * See documentation in t_cose_crypto.h
+ */
+enum t_cose_err_t
+t_cose_crypto_key_agreement(const int32_t          cose_algorithm_id,
+                            struct t_cose_key      private_key,
+                            struct t_cose_key      public_key,
+                            struct q_useful_buf    symmetric_key,
+                            size_t                *symmetric_key_len
+                           )
+{
+    (void)cose_algorithm_id;
+    (void)private_key;
+    (void)public_key;
+    (void)symmetric_key;
+    (void)symmetric_key_len;
+    return T_COSE_ERR_KEY_AGREEMENT_FAIL;
+}
+
+
 /*
  * See documentation in t_cose_crypto.h
  */
@@ -618,6 +666,8 @@ t_cose_crypto_kw_unwrap(int32_t                 cose_algorithm_id,
 }
 
 
+
+
 enum t_cose_err_t
 t_cose_crypto_hkdf(const int32_t               cose_hash_algorithm_id,
                    const struct q_useful_buf_c salt,