feedc0de/esp-idf
1
0
Fork 0
forked from espressif/esp-idf
Code Pull Requests Activity

feat(esp_security): Support ECDSA-P384 key deployment using Key Manager

Browse Source
This commit is contained in:
harshal.patil
2025-11-11 16:17:42 +05:30
parent dac0bbfcc2
commit 1c1bcf44be
9 changed files with 439 additions and 220 deletions
Download Patch File Download Diff File Expand all files Collapse all files
components/esp_security/src/esp_key_mgr.c
+69 -38
View File
@@ -142,6 +142,42 @@ static void esp_key_mgr_release_hardware(bool deployment_mode)
esp_crypto_key_mgr_enable_periph_clk(false);
}
/**
* @brief Check if a key purpose requires a secondary deployment stage
*
* Multi-part keys (256-bit XTS-AES and 384-bit ECDSA) require two deployment stages.
* This function identifies the primary purposes that need a follow-up secondary deployment.
*
* @param purpose Key purpose to check
* @return true if this purpose requires a secondary deployment, false otherwise
*/
static inline bool is_multi_stage_key_purpose(esp_key_mgr_key_purpose_t purpose)
{
return (purpose == ESP_KEY_MGR_KEY_PURPOSE_FLASH_256_1 ||
purpose == ESP_KEY_MGR_KEY_PURPOSE_PSRAM_256_1 ||
purpose == ESP_KEY_MGR_KEY_PURPOSE_ECDSA_384_H);
}
/**
* @brief Get the secondary key purpose for a given primary purpose
*
* @param primary_purpose The primary key purpose
* @return The corresponding secondary purpose, or ESP_KEY_MGR_KEY_PURPOSE_INVALID if not applicable
*/
static inline esp_key_mgr_key_purpose_t get_secondary_key_purpose(esp_key_mgr_key_purpose_t primary_purpose)
{
switch (primary_purpose) {
case ESP_KEY_MGR_KEY_PURPOSE_FLASH_256_1:
return ESP_KEY_MGR_KEY_PURPOSE_FLASH_256_2;
case ESP_KEY_MGR_KEY_PURPOSE_PSRAM_256_1:
return ESP_KEY_MGR_KEY_PURPOSE_PSRAM_256_2;
case ESP_KEY_MGR_KEY_PURPOSE_ECDSA_384_H:
return ESP_KEY_MGR_KEY_PURPOSE_ECDSA_384_L;
default:
return ESP_KEY_MGR_KEY_PURPOSE_INVALID;
}
}
static esp_key_mgr_key_purpose_t get_key_purpose(const esp_key_mgr_key_type_t key_type, const esp_key_mgr_key_len_t key_len)
{
switch (key_type) {
@@ -152,7 +188,6 @@ static esp_key_mgr_key_purpose_t get_key_purpose(const esp_key_mgr_key_type_t ke
case ESP_KEY_MGR_ECDSA_LEN_256:
return ESP_KEY_MGR_KEY_PURPOSE_ECDSA_256;
case ESP_KEY_MGR_ECDSA_LEN_384:
// TODO: Verify: (IDF-14120)
return ESP_KEY_MGR_KEY_PURPOSE_ECDSA_384_H;
default:
return ESP_KEY_MGR_KEY_PURPOSE_INVALID;
@@ -330,10 +365,7 @@ static esp_err_t key_mgr_deploy_key_aes_mode(aes_deploy_config_t *config)
ESP_LOGD(TAG, "HUK deployed successfully");
}
uint8_t key_recovery_info_index = 0;
if (config->key_purpose == ESP_KEY_MGR_KEY_PURPOSE_FLASH_256_2 || config->key_purpose == ESP_KEY_MGR_KEY_PURPOSE_PSRAM_256_2) {
key_recovery_info_index = 1;
}
uint8_t key_recovery_info_index = is_multi_stage_key_purpose(config->key_purpose) ? 0 : 1;
uint8_t *key_recovery_info = config->key_info->key_info[key_recovery_info_index].info;
@@ -380,7 +412,10 @@ static esp_err_t key_mgr_deploy_key_aes_mode(aes_deploy_config_t *config)
key_mgr_hal_read_public_info(key_recovery_info, KEY_MGR_KEY_RECOVERY_INFO_SIZE);
if (config->key_purpose != ESP_KEY_MGR_KEY_PURPOSE_FLASH_256_1 && config->key_purpose != ESP_KEY_MGR_KEY_PURPOSE_PSRAM_256_1) {
// Check if key deployment validation should be skipped for this purpose
// Primary purposes in multi-stage deployments skip validation after the first stage
// because the key is not yet completely deployed.
if (!is_multi_stage_key_purpose(config->key_purpose)) {
if (!key_mgr_hal_is_key_deployment_valid(key_type, key_len)) {
ESP_LOGE(TAG, "Key deployment is not valid");
return ESP_FAIL;
@@ -431,8 +466,8 @@ esp_err_t esp_key_mgr_deploy_key_in_aes_mode(const esp_key_mgr_aes_key_config_t
aes_deploy_config.huk_deployed = true;
if (aes_deploy_config.key_purpose == ESP_KEY_MGR_KEY_PURPOSE_FLASH_256_1 || aes_deploy_config.key_purpose == ESP_KEY_MGR_KEY_PURPOSE_PSRAM_256_1) {
aes_deploy_config.key_purpose = key_config->key_type == ESP_KEY_MGR_FLASH_XTS_AES_KEY ? ESP_KEY_MGR_KEY_PURPOSE_FLASH_256_2 : ESP_KEY_MGR_KEY_PURPOSE_PSRAM_256_2;
if (is_multi_stage_key_purpose(aes_deploy_config.key_purpose)) {
aes_deploy_config.key_purpose = get_secondary_key_purpose(aes_deploy_config.key_purpose);
aes_deploy_config.k1_encrypted = key_config->k1_encrypted[1];
esp_ret = key_mgr_deploy_key_aes_mode(&aes_deploy_config);
if (esp_ret != ESP_OK) {
@@ -493,25 +528,21 @@ static esp_err_t key_mgr_recover_key(key_recovery_config_t *config)
key_mgr_wait_for_state(ESP_KEY_MGR_STATE_LOAD);
if (config->key_purpose == ESP_KEY_MGR_KEY_PURPOSE_FLASH_256_2 || config->key_purpose == ESP_KEY_MGR_KEY_PURPOSE_PSRAM_256_2) {
if (!check_key_info_validity(&config->key_recovery_info->key_info[1])) {
ESP_LOGE(TAG, "Key info not valid");
return ESP_FAIL;
}
key_mgr_hal_write_assist_info(config->key_recovery_info->key_info[1].info, KEY_MGR_KEY_RECOVERY_INFO_SIZE);
} else {
if (!check_key_info_validity(&config->key_recovery_info->key_info[0])) {
ESP_LOGE(TAG, "Key info not valid");
return ESP_FAIL;
}
key_mgr_hal_write_assist_info(config->key_recovery_info->key_info[0].info, KEY_MGR_KEY_RECOVERY_INFO_SIZE);
uint8_t key_recovery_info_index = is_multi_stage_key_purpose(config->key_purpose) ? 0 : 1;
if (!check_key_info_validity(&config->key_recovery_info->key_info[key_recovery_info_index])) {
ESP_LOGE(TAG, "Key info not valid");
return ESP_FAIL;
}
key_mgr_hal_write_assist_info(config->key_recovery_info->key_info[key_recovery_info_index].info, KEY_MGR_KEY_RECOVERY_INFO_SIZE);
key_mgr_hal_continue();
key_mgr_wait_for_state(ESP_KEY_MGR_STATE_GAIN);
// TODO: Maybe need to extend this to ECDSA_384_L and ECDSA_384_H (IDF-14120)
if (config->key_purpose != ESP_KEY_MGR_KEY_PURPOSE_FLASH_256_1 && config->key_purpose != ESP_KEY_MGR_KEY_PURPOSE_PSRAM_256_1) {
// Check if key deployment validation should be skipped for this purpose
// Primary purposes in multi-stage deployments skip validation after the first stage
// because the key is not yet completely deployed.
if (!is_multi_stage_key_purpose(config->key_purpose)) {
if (!key_mgr_hal_is_key_deployment_valid(key_type, key_len)) {
ESP_LOGD(TAG, "Key deployment is not valid");
return ESP_FAIL;
@@ -555,8 +586,8 @@ esp_err_t esp_key_mgr_activate_key(esp_key_mgr_key_recovery_info_t *key_recovery
goto cleanup;
}
if (key_recovery_config.key_purpose == ESP_KEY_MGR_KEY_PURPOSE_FLASH_256_1 || key_recovery_config.key_purpose == ESP_KEY_MGR_KEY_PURPOSE_PSRAM_256_1) {
key_recovery_config.key_purpose = key_recovery_config.key_purpose == ESP_KEY_MGR_KEY_PURPOSE_FLASH_256_1 ? ESP_KEY_MGR_KEY_PURPOSE_FLASH_256_2 : ESP_KEY_MGR_KEY_PURPOSE_PSRAM_256_2;
if (is_multi_stage_key_purpose(key_recovery_config.key_purpose)) {
key_recovery_config.key_purpose = get_secondary_key_purpose(key_recovery_config.key_purpose);
esp_ret = key_mgr_recover_key(&key_recovery_config);
if (esp_ret != ESP_OK) {
ESP_LOGE(TAG, "Failed to recover key");
@@ -615,10 +646,7 @@ static esp_err_t key_mgr_deploy_key_ecdh0_mode(ecdh0_deploy_config_t *config)
ESP_LOGD(TAG, "HUK deployed successfully");
}
uint8_t key_recovery_info_index = 0;
if (config->key_purpose == ESP_KEY_MGR_KEY_PURPOSE_FLASH_256_2 || config->key_purpose == ESP_KEY_MGR_KEY_PURPOSE_PSRAM_256_2) {
key_recovery_info_index = 1;
}
uint8_t key_recovery_info_index = is_multi_stage_key_purpose(config->key_purpose) ? 0 : 1;
uint8_t *key_recovery_info = config->key_info->key_info[key_recovery_info_index].info;
@@ -653,7 +681,10 @@ static esp_err_t key_mgr_deploy_key_ecdh0_mode(ecdh0_deploy_config_t *config)
key_mgr_hal_read_public_info(key_recovery_info, KEY_MGR_KEY_RECOVERY_INFO_SIZE);
key_mgr_hal_read_assist_info(config->ecdh0_key_info);
if (config->key_purpose != ESP_KEY_MGR_KEY_PURPOSE_FLASH_256_1 && config->key_purpose != ESP_KEY_MGR_KEY_PURPOSE_PSRAM_256_1) {
// Check if key deployment validation should be skipped for this purpose
// Primary purposes in multi-stage deployments skip validation after the first stage
// because the key is not yet completely deployed.
if (!is_multi_stage_key_purpose(config->key_purpose)) {
if (!key_mgr_hal_is_key_deployment_valid(key_type, key_len)) {
ESP_LOGE(TAG, "Key deployment is not valid");
return ESP_FAIL;
@@ -706,8 +737,8 @@ esp_err_t esp_key_mgr_deploy_key_in_ecdh0_mode(const esp_key_mgr_ecdh0_key_confi
ecdh0_deploy_config.huk_deployed = true;
if (ecdh0_deploy_config.key_purpose == ESP_KEY_MGR_KEY_PURPOSE_FLASH_256_1 || ecdh0_deploy_config.key_purpose == ESP_KEY_MGR_KEY_PURPOSE_PSRAM_256_1) {
ecdh0_deploy_config.key_purpose = key_config->key_type == ESP_KEY_MGR_FLASH_XTS_AES_KEY ? ESP_KEY_MGR_KEY_PURPOSE_FLASH_256_2 : ESP_KEY_MGR_KEY_PURPOSE_PSRAM_256_2;
if (is_multi_stage_key_purpose(ecdh0_deploy_config.key_purpose)) {
ecdh0_deploy_config.key_purpose = get_secondary_key_purpose(ecdh0_deploy_config.key_purpose);
ecdh0_deploy_config.k1_G = key_config->k1_G[1];
ecdh0_deploy_config.ecdh0_key_info = ecdh0_key_info->k2_G[1];
esp_ret = key_mgr_deploy_key_ecdh0_mode(&ecdh0_deploy_config);
@@ -752,10 +783,7 @@ static esp_err_t key_mgr_deploy_key_random_mode(random_deploy_config_t *config)
ESP_LOGD(TAG, "HUK deployed successfully");
}
uint8_t key_recovery_info_index = 0;
if (config->key_purpose == ESP_KEY_MGR_KEY_PURPOSE_FLASH_256_2 || config->key_purpose == ESP_KEY_MGR_KEY_PURPOSE_PSRAM_256_2) {
key_recovery_info_index = 1;
}
uint8_t key_recovery_info_index = is_multi_stage_key_purpose(config->key_purpose) ? 0 : 1;
uint8_t *key_recovery_info = config->key_info->key_info[key_recovery_info_index].info;
@@ -783,7 +811,10 @@ static esp_err_t key_mgr_deploy_key_random_mode(random_deploy_config_t *config)
key_mgr_wait_for_state(ESP_KEY_MGR_STATE_GAIN);
key_mgr_hal_read_public_info(key_recovery_info, KEY_MGR_KEY_RECOVERY_INFO_SIZE);
if (config->key_purpose != ESP_KEY_MGR_KEY_PURPOSE_FLASH_256_1 && config->key_purpose != ESP_KEY_MGR_KEY_PURPOSE_PSRAM_256_1) {
// Check if key deployment validation should be skipped for this purpose
// Primary purposes in multi-stage deployments skip validation after the first stage
// because the key is not yet completely deployed.
if (!is_multi_stage_key_purpose(config->key_purpose)) {
if (!key_mgr_hal_is_key_deployment_valid(key_type, key_len)) {
ESP_LOGE(TAG, "Key deployment is not valid");
return ESP_FAIL;
@@ -833,8 +864,8 @@ esp_err_t esp_key_mgr_deploy_key_in_random_mode(const esp_key_mgr_random_key_con
random_deploy_config.huk_deployed = true;
if (random_deploy_config.key_purpose == ESP_KEY_MGR_KEY_PURPOSE_FLASH_256_1 || random_deploy_config.key_purpose == ESP_KEY_MGR_KEY_PURPOSE_PSRAM_256_1) {
random_deploy_config.key_purpose = key_config->key_type == ESP_KEY_MGR_FLASH_XTS_AES_KEY ? ESP_KEY_MGR_KEY_PURPOSE_FLASH_256_2 : ESP_KEY_MGR_KEY_PURPOSE_PSRAM_256_2;
if (is_multi_stage_key_purpose(random_deploy_config.key_purpose)) {
random_deploy_config.key_purpose = get_secondary_key_purpose(random_deploy_config.key_purpose);
esp_ret = key_mgr_deploy_key_random_mode(&random_deploy_config);
if (esp_ret != ESP_OK) {
ESP_LOGE(TAG, "Key deployment in Random mode failed");
components/hal/ecdsa_hal.c
+1 -1
View File
@@ -49,7 +49,7 @@ static void configure_ecdsa_periph(ecdsa_hal_config_t *conf)
HAL_ASSERT(false && "Key manager is not supported");
}
// Force Key Manager to use eFuse key for XTS-AES operation
// Force Key Manager to use eFuse key for ECDSA operation
key_mgr_hal_set_key_usage(ESP_KEY_MGR_ECDSA_KEY, ESP_KEY_MGR_USE_EFUSE_KEY);
#endif
}
components/hal/test_apps/crypto/main/key_manager/ecdsa_192_key.pem
+5
View File
@@ -0,0 +1,5 @@
-----BEGIN EC PRIVATE KEY-----
MF8CAQEEGDXkbV5pWiMz+DCRueuWFyVZh/evy5rYyaAKBggqhkjOPQMBAaE0AzIA
BNaaJCemMzzHS5Eo8+3Dk5cHda8oYh1FadIbVLhnJA5EHrDv8QfStCVMSwV4mKoV
4A==
-----END EC PRIVATE KEY-----
components/hal/test_apps/crypto/main/key_manager/ecdsa_256_key.pem
+3 -3
View File
@@ -1,5 +1,5 @@
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEICySt/VCEPFi962COuQDE+cXD3Bz8XjZy2O5SM1LsHsGoAoGCCqGSM49
AwEHoUQDQgAEBYu5KXarLURySNNaeZcxtBTxC0vJAM/evz9NC01IjCVQlOLJ4Y6i
3UviK3bgk+3FqpJBM+SQCqeDgd7ktPtr9Q==
MHcCAQEEIDXkbV5pWiMz+DCRueuWFyVZh/evy5rYybp9nCInR4ADoAoGCCqGSM49
AwEHoUQDQgAEtK2sL4kKVX9prPt6DqZBxJ24ZkXHnY2/oQZqnn4E1w4XtSHvIgFT
XdPWQ84RYC7IbrPmL36o0ftKY1xWtgMhFQ==
-----END EC PRIVATE KEY-----
components/hal/test_apps/crypto/main/key_manager/ecdsa_384_key.pem
+6
View File
@@ -0,0 +1,6 @@
-----BEGIN EC PRIVATE KEY-----
MIGkAgEBBDA15G1eaVojM/gwkbnrlhclWYf3r8ua2Mm6fZwiJ0eAA14RGq+Kl7Ap
1rabwaNfV2+gBwYFK4EEACKhZANiAAQSh7nvJpR8mRriSCjrNV2pAobLOigdosYt
u9I7EvTU4DmUthIIuFIoOdjkg8qvK2sucHc7sTdTx2BVwT8BeBCkTwPwqWPc5vnN
GEvVeg/3DrbA4k8MjT5z4C2cn752AM0=
-----END EC PRIVATE KEY-----
components/hal/test_apps/crypto/main/key_manager/gen_key_manager_test_cases.py
+89 -50
View File
@@ -1,6 +1,5 @@
# SPDX-FileCopyrightText: 2024-2025 Espressif Systems (Shanghai) CO LTD
# SPDX-License-Identifier: Unlicense OR CC0-1.0
import argparse
import hashlib
import hmac
import os
@@ -18,9 +17,6 @@ from cryptography.hazmat.primitives.ciphers import modes
from cryptography.utils import int_to_bytes
from ecdsa.curves import NIST256p
supported_targets = {'esp32p4', 'esp32c5'}
supported_ds_key_size = {'esp32p4': [4096, 3072, 2048, 1024], 'esp32c5': [3072, 2048, 1024]}
# Constants
TEST_COUNT = 5
STORAGE_PARTITION_OFFSET = 0x160000
@@ -100,24 +96,32 @@ def generate_xts_test_data(key: bytes, base_flash_address: int = STORAGE_PARTITI
return xts_test_data
def generate_ecdsa_256_key_and_pub_key(filename: str) -> tuple:
with open(filename, 'rb') as f:
private_number = int.from_bytes(f.read(), byteorder='big')
def generate_ecdsa_key_and_pub_key(key: bytes, key_size: int) -> tuple:
private_number = int.from_bytes(key, byteorder='big')
private_key = ec.derive_private_key(private_number, ec.SECP256R1())
if key_size == 192:
curve = ec.SECP192R1()
elif key_size == 256:
curve = ec.SECP256R1()
elif key_size == 384:
curve = ec.SECP384R1()
else:
raise ValueError(f'Unsupported key size: {key_size}')
private_key = ec.derive_private_key(private_number, curve)
pem = private_key.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.TraditionalOpenSSL,
encryption_algorithm=serialization.NoEncryption(),
)
with open('ecdsa_256_key.pem', 'wb') as pem_file:
with open(f'ecdsa_{key_size}_key.pem', 'wb') as pem_file:
pem_file.write(pem)
public_key = private_key.public_key()
pub_numbers = public_key.public_numbers()
pubx = pub_numbers.x.to_bytes(32, byteorder='little')
puby = pub_numbers.y.to_bytes(32, byteorder='little')
pubx = pub_numbers.x.to_bytes(key_size // 8, byteorder='little')
puby = pub_numbers.y.to_bytes(key_size // 8, byteorder='little')
return pubx, puby
@@ -128,20 +132,16 @@ def perform_ecc_point_multiplication(k1_int: int) -> Any:
return k1_G
def generate_k1_G(key_file_path: str) -> tuple:
def generate_k1_G(k1_bytes: bytes) -> tuple:
k1_G = []
if os.path.exists(key_file_path):
with open(key_file_path, 'rb') as key_file:
k1_bytes = key_file.read()
k1_int = int.from_bytes(k1_bytes, byteorder='big')
k1_G_point = perform_ecc_point_multiplication(k1_int)
k1_G = k1_G_point.to_bytes()[:64]
k1_int = int.from_bytes(k1_bytes, byteorder='big')
k1_G_point = perform_ecc_point_multiplication(k1_int)
k1_G = k1_G_point.to_bytes()[:64]
k1_G = k1_G[::-1]
k1_G_x = k1_G[:32]
k1_G_y = k1_G[32:]
k1_G = k1_G_y + k1_G_x
k1_G = k1_G[::-1]
k1_G_x = k1_G[:32]
k1_G_y = k1_G[32:]
k1_G = k1_G_y + k1_G_x
return k1_G, k1_G
@@ -238,14 +238,22 @@ def write_to_c_header(
init_key: bytes,
k1: bytes,
k2_info: bytes,
k1_encrypted_24: list,
k1_encrypted_24_reversed: list,
k1_encrypted_32: list,
k1_encrypted_32_reversed: list,
k1_encrypted_48: list,
k1_encrypted_48_reversed: list,
test_data_xts_aes_128: list,
k1_encrypted_64: list,
k1_encrypted_64_reversed: list,
xts_test_data_xts_aes_256: list,
pubx: bytes,
puby: bytes,
ecdsa_p192_pubx: bytes,
ecdsa_p192_puby: bytes,
ecdsa_p256_pubx: bytes,
ecdsa_p256_puby: bytes,
ecdsa_p384_pubx: bytes,
ecdsa_p384_puby: bytes,
k1_G_0: bytes,
k1_G_1: bytes,
hmac_message: bytes,
@@ -271,8 +279,12 @@ typedef struct test_xts_data {{
}} test_xts_data_t;
typedef struct test_ecdsa_data {{
uint8_t pubx[32];
uint8_t puby[32];
uint8_t ecdsa_p192_pubx[24];
uint8_t ecdsa_p192_puby[24];
uint8_t ecdsa_p256_pubx[32];
uint8_t ecdsa_p256_puby[32];
uint8_t ecdsa_p384_pubx[48];
uint8_t ecdsa_p384_puby[48];
}} test_ecdsa_data_t;
typedef struct test_hmac_data {{
@@ -297,7 +309,9 @@ typedef struct test_ds_data {{
typedef struct test_data {{
uint8_t init_key[32];
uint8_t k2_info[64];
uint8_t k1_encrypted[2][32]; // For both 256-bit and 512-bit keys
// [0] for XTS-AES-128 / ECDSA-P192 / HMAC / DS, [1] for XTS-AES-256 / ECDSA-P256
// [2] for ECDSA-P384-H, [3] for ECDSA-P384-L
uint8_t k1_encrypted[4][32];
uint8_t plaintext_data[128];
union {{
test_xts_data_t xts_test_data[TEST_COUNT];
@@ -354,10 +368,19 @@ test_data_aes_mode_t test_data_xts_aes_128 = {{
test_data_aes_mode_t test_data_ecdsa = {{
.init_key = {{ {key_to_c_format(init_key)} }},
.k2_info = {{ {key_to_c_format(k2_info)} }},
.k1_encrypted = {{ {{ {key_to_c_format(k1_encrypted_32_reversed[0])} }}, {{ }} }},
.k1_encrypted = {{
{{ {key_to_c_format(k1_encrypted_24_reversed[0])} }},
{{ {key_to_c_format(k1_encrypted_32_reversed[0])} }},
{{ {key_to_c_format(k1_encrypted_48_reversed[0])} }},
{{ {key_to_c_format(k1_encrypted_48_reversed[1])} }},
}},
.ecdsa_test_data = {{
.pubx = {{ {key_to_c_format(pubx)} }},
.puby = {{ {key_to_c_format(puby)} }}
.ecdsa_p192_pubx = {{ {key_to_c_format(ecdsa_p192_pubx)} }},
.ecdsa_p192_puby = {{ {key_to_c_format(ecdsa_p192_puby)} }},
.ecdsa_p256_pubx = {{ {key_to_c_format(ecdsa_p256_pubx)} }},
.ecdsa_p256_puby = {{ {key_to_c_format(ecdsa_p256_puby)} }},
.ecdsa_p384_pubx = {{ {key_to_c_format(ecdsa_p384_pubx)} }},
.ecdsa_p384_puby = {{ {key_to_c_format(ecdsa_p384_puby)} }},
}}
}};
"""
@@ -413,7 +436,7 @@ test_data_aes_mode_t test_data_ds = {{
file.write(header_content)
def generate_tests_cases(target: str) -> None:
def generate_tests_cases() -> None:
# Main script logic follows as per your provided structure
init_key = key_from_file_or_generate('init_key.bin', 32)
k2 = key_from_file_or_generate('k2.bin', 32)
@@ -423,28 +446,47 @@ def generate_tests_cases(target: str) -> None:
temp_result_outer = calculate_aes_cipher(temp_result_inner + rand_num, init_key)
k2_info = temp_result_outer
k1_32 = key_from_file_or_generate('k1.bin', 32)
k1_64 = key_from_file_or_generate('k1_64.bin', 64)
k1 = key_from_file_or_generate('k1_64.bin', 64)
k1_24 = k1[:24]
k1_32 = k1[:32]
k1_48 = k1[:48]
k1_64 = k1[:]
k1_24_reversed = k1_24[::-1]
k1_32_reversed = k1_32[::-1]
k1_48_1 = k1_48[:16]
k1_48_1_reversed = k1_48_1[::-1]
k1_48_2 = k1_48[16:]
k1_48_2_reversed = k1_48_2[::-1]
k1_64_1 = k1_64[:32]
k1_64_1_reversed = k1_64_1[::-1]
k1_64_2 = k1_64[32:]
k1_64_2_reversed = k1_64_2[::-1]
k1_encrypted_24 = [calculate_aes_cipher(b'\x00' * 8 + k1_24, k2)]
k1_encrypted_32 = [calculate_aes_cipher(k1_32, k2)]
k1_encrypted_48 = [calculate_aes_cipher(b'\x00' * 16 + k1_48_1, k2), calculate_aes_cipher(k1_48_2, k2)]
k1_encrypted_64 = [calculate_aes_cipher(k1_64_1, k2), calculate_aes_cipher(k1_64_2, k2)]
k1_encrypted_24_reversed = [calculate_aes_cipher(k1_24_reversed + b'\x00' * 8, k2)]
k1_encrypted_32_reversed = [calculate_aes_cipher(k1_32_reversed, k2)]
k1_encrypted_48_reversed = [
calculate_aes_cipher(k1_48_1_reversed + b'\x00' * 16, k2),
calculate_aes_cipher(k1_48_2_reversed, k2),
]
k1_encrypted_64_reversed = [calculate_aes_cipher(k1_64_1_reversed, k2), calculate_aes_cipher(k1_64_2_reversed, k2)]
test_data_xts_aes_128 = generate_xts_test_data(k1_32)
xts_test_data_xts_aes_256 = generate_xts_test_data(k1_64)
pubx, puby = generate_ecdsa_256_key_and_pub_key('k1.bin')
ecdsa_p192_pubx, ecdsa_p192_puby = generate_ecdsa_key_and_pub_key(k1_24, 192)
ecdsa_p256_pubx, ecdsa_p256_puby = generate_ecdsa_key_and_pub_key(k1_32, 256)
ecdsa_p384_pubx, ecdsa_p384_puby = generate_ecdsa_key_and_pub_key(k1_48, 384)
k1_G_0, k1_G_1 = generate_k1_G('k1.bin')
k1_G_0, k1_G_1 = generate_k1_G(k1_32)
hmac_message, hmac_result = generate_hmac_test_data(k1_32)
@@ -462,14 +504,22 @@ def generate_tests_cases(target: str) -> None:
init_key,
k1_32,
k2_info,
k1_encrypted_24,
k1_encrypted_24_reversed,
k1_encrypted_32,
k1_encrypted_32_reversed,
k1_encrypted_48,
k1_encrypted_48_reversed,
test_data_xts_aes_128,
k1_encrypted_64,
k1_encrypted_64_reversed,
xts_test_data_xts_aes_256,
pubx,
puby,
ecdsa_p192_pubx,
ecdsa_p192_puby,
ecdsa_p256_pubx,
ecdsa_p256_puby,
ecdsa_p384_pubx,
ecdsa_p384_puby,
k1_G_0,
k1_G_1,
hmac_message,
@@ -485,15 +535,4 @@ def generate_tests_cases(target: str) -> None:
if __name__ == '__main__':
parser = argparse.ArgumentParser(description="""Generates Digital Signature Test Cases""")
parser.add_argument(
'--target',
required=True,
choices=supported_targets,
help='Target to generate test cases for, different targets support different max key length',
)
args = parser.parse_args()
generate_tests_cases(args.target)
generate_tests_cases()
components/hal/test_apps/crypto/main/key_manager/key_manager_test_cases.h
+41 -26
View File
File diff suppressed because one or more lines are too long
components/hal/test_apps/crypto/main/key_manager/test_key_manager.c
+221 -102
View File
@@ -84,84 +84,88 @@ static void test_xts_aes_key_ecdh0_mode(test_data_ecdh0_mode_t *test_data)
ESP_LOG_BUFFER_HEXDUMP("Encrypted data", read_data, data_size, ESP_LOG_DEBUG);
}
#if SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_128
static void key_mgr_test_xts_aes_128_aes_mode(void)
#if SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_128 || SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_256
static void key_mgr_test_xts_aes_key_aes_mode(esp_key_mgr_key_len_t key_len, test_data_aes_mode_t *test_data)
{
static esp_key_mgr_aes_key_config_t key_config;
memcpy(key_config.k2_info, (uint8_t*) test_data_xts_aes_128.k2_info, KEY_MGR_K2_INFO_SIZE);
memcpy(key_config.k1_encrypted, (uint8_t*) test_data_xts_aes_128.k1_encrypted, KEY_MGR_K1_ENCRYPTED_SIZE);
memcpy(key_config.sw_init_key, (uint8_t*) test_data_xts_aes_128.init_key, KEY_MGR_SW_INIT_KEY_SIZE);
key_config.use_pre_generated_sw_init_key = 1;
key_config.key_type = ESP_KEY_MGR_FLASH_XTS_AES_KEY;
key_config.key_len = ESP_KEY_MGR_XTS_AES_LEN_128;
static esp_key_mgr_key_recovery_info_t key_recovery_info;
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_aes_mode(&key_config, &key_recovery_info));
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info));
test_xts_aes_key_aes_mode(&test_data_xts_aes_128);
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type));
}
static void key_mgr_test_xts_aes_128_ecdh0_mode(void)
{
static esp_key_mgr_ecdh0_key_config_t key_config;
memcpy(key_config.k1_G[0], (uint8_t*) test_data_ecdh0.k1_G[0], KEY_MGR_ECDH0_INFO_SIZE);
key_config.key_type = ESP_KEY_MGR_FLASH_XTS_AES_KEY;
key_config.key_len = ESP_KEY_MGR_XTS_AES_LEN_128;
static esp_key_mgr_key_recovery_info_t key_recovery_info;
static esp_key_mgr_ecdh0_info_t ecdh0_info;
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_ecdh0_mode(&key_config, &key_recovery_info, &ecdh0_info));
ESP_LOG_BUFFER_HEXDUMP("K2_G", ecdh0_info.k2_G[0], KEY_MGR_ECDH0_INFO_SIZE, ESP_LOG_DEBUG);
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info));
test_xts_aes_key_ecdh0_mode(&test_data_ecdh0);
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type));
}
#endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_128 */
memcpy(key_config.k2_info, (uint8_t*) test_data->k2_info, KEY_MGR_K2_INFO_SIZE);
memcpy(key_config.k1_encrypted[0], (uint8_t*) test_data->k1_encrypted[0], KEY_MGR_K1_ENCRYPTED_SIZE);
#if SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_256
static void key_mgr_test_xts_aes_256_aes_mode(void)
{
static esp_key_mgr_aes_key_config_t key_config;
memcpy(key_config.k2_info, (uint8_t*) test_data_xts_aes_256.k2_info, KEY_MGR_K2_INFO_SIZE);
memcpy(key_config.k1_encrypted[0], (uint8_t*) test_data_xts_aes_256.k1_encrypted[0], KEY_MGR_K1_ENCRYPTED_SIZE);
memcpy(key_config.k1_encrypted[1], (uint8_t*) test_data_xts_aes_256.k1_encrypted[1], KEY_MGR_K1_ENCRYPTED_SIZE);
memcpy(key_config.sw_init_key, (uint8_t*) test_data_xts_aes_256.init_key, KEY_MGR_SW_INIT_KEY_SIZE);
if (key_len == ESP_KEY_MGR_XTS_AES_LEN_256) {
memcpy(key_config.k1_encrypted[1], (uint8_t*) test_data->k1_encrypted[1], KEY_MGR_K1_ENCRYPTED_SIZE);
}
#endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_256 */
memcpy(key_config.sw_init_key, (uint8_t*) test_data->init_key, KEY_MGR_SW_INIT_KEY_SIZE);
key_config.use_pre_generated_sw_init_key = 1;
key_config.key_type = ESP_KEY_MGR_FLASH_XTS_AES_KEY;
key_config.key_len = ESP_KEY_MGR_XTS_AES_LEN_256;
key_config.key_len = key_len;
static esp_key_mgr_key_recovery_info_t key_recovery_info;
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_aes_mode(&key_config, &key_recovery_info));
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info));
test_xts_aes_key_aes_mode(&test_data_xts_aes_256);
test_xts_aes_key_aes_mode(test_data);
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type));
}
static void key_mgr_test_xts_aes_256_ecdh0_mode(void)
static void key_mgr_test_xts_aes_key_ecdh0_mode(esp_key_mgr_key_len_t key_len)
{
static esp_key_mgr_ecdh0_key_config_t key_config;
memcpy(key_config.k1_G[0], (uint8_t*) test_data_ecdh0.k1_G[0], KEY_MGR_ECDH0_INFO_SIZE);
memcpy(key_config.k1_G[1], (uint8_t*) test_data_ecdh0.k1_G[1], KEY_MGR_ECDH0_INFO_SIZE);
#if SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_256
if (key_len == ESP_KEY_MGR_XTS_AES_LEN_256) {
memcpy(key_config.k1_G[1], (uint8_t*) test_data_ecdh0.k1_G[1], KEY_MGR_ECDH0_INFO_SIZE);
}
#endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_256 */
key_config.key_type = ESP_KEY_MGR_FLASH_XTS_AES_KEY;
key_config.key_len = ESP_KEY_MGR_XTS_AES_LEN_256;
key_config.key_len = key_len;
static esp_key_mgr_key_recovery_info_t key_recovery_info;
static esp_key_mgr_ecdh0_info_t ecdh0_info;
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_ecdh0_mode(&key_config, &key_recovery_info, &ecdh0_info));
ESP_LOG_BUFFER_HEXDUMP("K2_G_0", ecdh0_info.k2_G[0], KEY_MGR_ECDH0_INFO_SIZE, ESP_LOG_DEBUG);
ESP_LOG_BUFFER_HEXDUMP("K2_G_1", ecdh0_info.k2_G[1], KEY_MGR_ECDH0_INFO_SIZE, ESP_LOG_DEBUG);
#if SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_256
if (key_len == ESP_KEY_MGR_XTS_AES_LEN_256) {
ESP_LOG_BUFFER_HEXDUMP("K2_G_1", ecdh0_info.k2_G[1], KEY_MGR_ECDH0_INFO_SIZE, ESP_LOG_DEBUG);
}
#endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_256 */
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info));
test_xts_aes_key_ecdh0_mode(&test_data_ecdh0);
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type));
}
#endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_128 || SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_256 */
#if SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_128
static void key_mgr_test_xts_aes_128_aes_mode(void)
{
key_mgr_test_xts_aes_key_aes_mode(ESP_KEY_MGR_XTS_AES_LEN_128, &test_data_xts_aes_128);
}
static void key_mgr_test_xts_aes_128_ecdh0_mode(void)
{
key_mgr_test_xts_aes_key_ecdh0_mode(ESP_KEY_MGR_XTS_AES_LEN_128);
}
#endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_128 */
#if SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_256
static void key_mgr_test_xts_aes_256_aes_mode(void)
{
key_mgr_test_xts_aes_key_aes_mode(ESP_KEY_MGR_XTS_AES_LEN_256, &test_data_xts_aes_256);
}
static void key_mgr_test_xts_aes_256_ecdh0_mode(void)
{
key_mgr_test_xts_aes_key_ecdh0_mode(ESP_KEY_MGR_XTS_AES_LEN_256);
}
#endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_256 */
#if CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS
#if SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_128 || SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_256
static void test_xts_aes_key_random_mode(void)
{
const esp_partition_t *partition = get_test_storage_partition();
@@ -177,12 +181,11 @@ static void test_xts_aes_key_random_mode(void)
}
}
#if SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_128
static void key_mgr_test_xts_aes_128_random_mode(void)
static void key_mgr_test_xts_aes_key_random_mode(esp_key_mgr_key_len_t key_len)
{
static esp_key_mgr_random_key_config_t key_config;
key_config.key_type = ESP_KEY_MGR_FLASH_XTS_AES_KEY;
key_config.key_len = ESP_KEY_MGR_XTS_AES_LEN_128;
key_config.key_len = key_len;
static esp_key_mgr_key_recovery_info_t key_recovery_info;
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_random_mode(&key_config, &key_recovery_info));
@@ -190,20 +193,19 @@ static void key_mgr_test_xts_aes_128_random_mode(void)
test_xts_aes_key_random_mode();
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type));
}
#endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_128 || SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_256 */
#if SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_128
static void key_mgr_test_xts_aes_128_random_mode(void)
{
key_mgr_test_xts_aes_key_random_mode(ESP_KEY_MGR_XTS_AES_LEN_128);
}
#endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_128 */
#if SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_256
static void key_mgr_test_xts_aes_256_random_mode(void)
{
static esp_key_mgr_random_key_config_t key_config;
key_config.key_type = ESP_KEY_MGR_FLASH_XTS_AES_KEY;
key_config.key_len = ESP_KEY_MGR_XTS_AES_LEN_256;
static esp_key_mgr_key_recovery_info_t key_recovery_info;
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_random_mode(&key_config, &key_recovery_info));
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info));
test_xts_aes_key_random_mode();
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type));
key_mgr_test_xts_aes_key_random_mode(ESP_KEY_MGR_XTS_AES_LEN_256);
}
#endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_256 */
#endif /* CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS */
@@ -211,106 +213,182 @@ static void key_mgr_test_xts_aes_256_random_mode(void)
#if SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY
#if SOC_ECDSA_SUPPORT_EXPORT_PUBKEY
extern void test_ecdsa_export_pubkey(bool is_p256, uint8_t *ecdsa_pub_x, uint8_t *ecdsa_pub_y, bool use_km_key);
extern void test_ecdsa_export_pubkey_inner(bool is_p256, uint8_t *exported_pub_x, uint8_t *exported_pub_y, bool use_km_key, uint16_t *len);
extern void test_ecdsa_export_pubkey(ecdsa_curve_t curve, uint8_t *ecdsa_pub_x, uint8_t *ecdsa_pub_y, bool use_km_key);
extern void test_ecdsa_export_pubkey_inner(ecdsa_curve_t curve, uint8_t *exported_pub_x, uint8_t *exported_pub_y, bool use_km_key, uint16_t *len);
#endif
extern void test_ecdsa_sign(bool is_p256, uint8_t* sha, uint8_t* r_le, uint8_t* s_le, bool use_km_key, ecdsa_sign_type_t k_type);
extern int test_ecdsa_verify(bool is_p256, uint8_t* sha, uint8_t* r_le, uint8_t* s_le, uint8_t *pub_x, uint8_t *pub_y);
extern void test_ecdsa_sign_and_verify(bool is_p256, uint8_t* sha, uint8_t* pub_x, uint8_t* pub_y, bool use_km_key, ecdsa_sign_type_t k_type);
extern void test_ecdsa_sign(ecdsa_curve_t curve, uint8_t* sha, uint8_t* r_le, uint8_t* s_le, bool use_km_key, ecdsa_sign_type_t k_type);
extern int test_ecdsa_verify(ecdsa_curve_t curve, uint8_t* sha, uint8_t* r_le, uint8_t* s_le, uint8_t *pub_x, uint8_t *pub_y);
extern void test_ecdsa_sign_and_verify(ecdsa_curve_t curve, uint8_t* sha, uint8_t* pub_x, uint8_t* pub_y, bool use_km_key, ecdsa_sign_type_t k_type);
/*
const uint8_t message[32] = { 0xDF, 0xDE, 0xD7, 0x4A, 0x47, 0xB1, 0x4F, 0x73, 0x00, 0x21, 0x62, 0xC7, 0x66, 0x6D, 0xA3, 0x95, 0x66, 0x19, 0x62, 0x7F, 0x71, 0x7B, 0x3C, 0x66, 0x82, 0xD3, 0x9F, 0x71, 0xAC, 0x9C, 0xC3, 0x39 };
*/
/* sha384 digest of the above message */
uint8_t sha_digest[48] = { 0xF0, 0x94, 0xC4, 0x4A, 0xF0, 0xEE, 0x68, 0xDB, 0x5B, 0x6A, 0x12, 0x84, 0xAC, 0xAF, 0x49, 0x0C, 0x24, 0xED, 0x70, 0x41, 0xE6, 0xE3, 0xBD, 0x74, 0x2B, 0x8D, 0xCF, 0x46, 0x19, 0xE1, 0xC2, 0x61, 0xCA, 0x79, 0xF3, 0x86, 0xF9, 0x04, 0xC0, 0x63, 0xC6, 0xF0, 0xEE, 0x36, 0x7C, 0x5C, 0x82, 0x89 };
/* sha256 digest of the above message */
uint8_t sha256_digest[32] = { 0x47, 0xA6, 0xEF, 0xBE, 0x39, 0x5E, 0xE4, 0xAE, 0x2B, 0xEC, 0x83, 0xB1, 0xED, 0xAF, 0xC6, 0x78, 0x57, 0x7A, 0x16, 0x8C, 0x22, 0x16, 0x13, 0xE2, 0xAC, 0xA8, 0x50, 0xD5, 0x67, 0x95, 0x9F, 0x71 };
void test_ecdsa_key_aes_mode(test_data_aes_mode_t *ecdsa_test_data, ecdsa_sign_type_t k_type)
void test_ecdsa_key_aes_mode(ecdsa_curve_t curve, uint8_t *sha_digest, uint8_t *pub_x, uint8_t *pub_y, ecdsa_sign_type_t k_type)
{
test_ecdsa_sign_and_verify(1, sha256_digest, ecdsa_test_data->ecdsa_test_data.pubx, ecdsa_test_data->ecdsa_test_data.puby, 1, k_type);
test_ecdsa_sign_and_verify(curve, sha_digest, pub_x, pub_y, 1, k_type);
#ifdef SOC_ECDSA_SUPPORT_EXPORT_PUBKEY
test_ecdsa_export_pubkey(1, ecdsa_test_data->ecdsa_test_data.pubx, ecdsa_test_data->ecdsa_test_data.puby, 1);
test_ecdsa_export_pubkey(curve, pub_x, pub_y, 1);
#endif
}
void key_mgr_test_ecdsa_key(bool is_p256, ecdsa_sign_type_t k_type)
void key_mgr_test_ecdsa_key(esp_key_mgr_key_len_t key_len, ecdsa_sign_type_t k_type)
{
uint8_t pub_x[32] = {};
uint8_t pub_y[32] = {};
uint8_t r_le[32] = {0};
uint8_t s_le[32] = {0};
uint8_t pub_x[48] = {};
uint8_t pub_y[48] = {};
uint8_t r_le[48] = {0};
uint8_t s_le[48] = {0};
test_ecdsa_sign(is_p256, sha256_digest, r_le, s_le, 1, k_type);
uint16_t sha_digest_len = 0;
ESP_LOG_BUFFER_HEXDUMP("ECDSA message sha256 digest", sha256_digest, sizeof(sha256_digest), ESP_LOG_DEBUG);
ecdsa_curve_t curve = ECDSA_CURVE_SECP192R1;
switch (key_len) {
case ESP_KEY_MGR_ECDSA_LEN_192:
sha_digest_len = 24;
curve = ECDSA_CURVE_SECP192R1;
break;
case ESP_KEY_MGR_ECDSA_LEN_256:
sha_digest_len = 32;
curve = ECDSA_CURVE_SECP256R1;
break;
#if SOC_ECDSA_SUPPORT_CURVE_P384
case ESP_KEY_MGR_ECDSA_LEN_384:
sha_digest_len = 48;
curve = ECDSA_CURVE_SECP384R1;
break;
#endif
default:
TEST_FAIL_MESSAGE("Unsupported key length");
return;
}
test_ecdsa_sign(curve, sha_digest, r_le, s_le, 1, k_type);
ESP_LOG_BUFFER_HEXDUMP("ECDSA message digest", sha_digest, sha_digest_len, ESP_LOG_DEBUG);
ESP_LOG_BUFFER_HEXDUMP("ECDSA signature r_le", r_le, sizeof(r_le), ESP_LOG_DEBUG);
ESP_LOG_BUFFER_HEXDUMP("ECDSA signature s_le", s_le, sizeof(s_le), ESP_LOG_DEBUG);
// Export the pubkey from ECDSA peripheral
uint16_t pubkey_len = 0;
test_ecdsa_export_pubkey_inner(is_p256, pub_x, pub_y, 1, &pubkey_len);
test_ecdsa_export_pubkey_inner(curve, pub_x, pub_y, 1, &pubkey_len);
ESP_LOG_BUFFER_HEXDUMP("ECDSA key pubx", pub_x, pubkey_len, ESP_LOG_DEBUG);
ESP_LOG_BUFFER_HEXDUMP("ECDSA key puby", pub_y, pubkey_len, ESP_LOG_DEBUG);
TEST_ASSERT_EQUAL(0, test_ecdsa_verify(is_p256, sha256_digest, r_le, s_le, pub_x, pub_y));
TEST_ASSERT_EQUAL(0, test_ecdsa_verify(curve, sha_digest, r_le, s_le, pub_x, pub_y));
}
static void key_mgr_test_ecdsa_p256_aes_mode(void)
/* Generic ECDSA AES mode test function */
static void key_mgr_test_ecdsa_key_aes_mode(esp_key_mgr_key_len_t key_len, test_data_aes_mode_t *test_data)
{
static esp_key_mgr_aes_key_config_t key_config;
memcpy(key_config.k2_info, (uint8_t*) test_data_ecdsa.k2_info, KEY_MGR_K2_INFO_SIZE);
memcpy(key_config.k1_encrypted, (uint8_t*) test_data_ecdsa.k1_encrypted, KEY_MGR_K1_ENCRYPTED_SIZE);
memcpy(key_config.sw_init_key, (uint8_t*) test_data_ecdsa.init_key, KEY_MGR_SW_INIT_KEY_SIZE);
ecdsa_curve_t curve = ECDSA_CURVE_SECP192R1;
uint8_t *pub_x = NULL;
uint8_t *pub_y = NULL;
memcpy(key_config.k2_info, (uint8_t*) test_data->k2_info, KEY_MGR_K2_INFO_SIZE);
if (key_len == ESP_KEY_MGR_ECDSA_LEN_192) {
memcpy(key_config.k1_encrypted[0], (uint8_t*) test_data->k1_encrypted[0], KEY_MGR_K1_ENCRYPTED_SIZE);
pub_x = test_data->ecdsa_test_data.ecdsa_p192_pubx;
pub_y = test_data->ecdsa_test_data.ecdsa_p192_puby;
curve = ECDSA_CURVE_SECP192R1;
}
else if (key_len == ESP_KEY_MGR_ECDSA_LEN_256) {
memcpy(key_config.k1_encrypted[0], (uint8_t*) test_data->k1_encrypted[1], KEY_MGR_K1_ENCRYPTED_SIZE);
pub_x = test_data->ecdsa_test_data.ecdsa_p256_pubx;
pub_y = test_data->ecdsa_test_data.ecdsa_p256_puby;
curve = ECDSA_CURVE_SECP256R1;
}
#if SOC_ECDSA_SUPPORT_CURVE_P384
else if (key_len == ESP_KEY_MGR_ECDSA_LEN_384) {
memcpy(key_config.k1_encrypted[0], (uint8_t*) test_data->k1_encrypted[2], KEY_MGR_K1_ENCRYPTED_SIZE);
memcpy(key_config.k1_encrypted[1], (uint8_t*) test_data->k1_encrypted[3], KEY_MGR_K1_ENCRYPTED_SIZE);
pub_x = test_data->ecdsa_test_data.ecdsa_p384_pubx;
pub_y = test_data->ecdsa_test_data.ecdsa_p384_puby;
curve = ECDSA_CURVE_SECP384R1;
}
#endif
memcpy(key_config.sw_init_key, (uint8_t*) test_data->init_key, KEY_MGR_SW_INIT_KEY_SIZE);
key_config.use_pre_generated_sw_init_key = 1;
key_config.key_type = ESP_KEY_MGR_ECDSA_KEY;
key_config.key_len = ESP_KEY_MGR_ECDSA_LEN_256;
key_config.key_len = key_len;
static esp_key_mgr_key_recovery_info_t key_recovery_info;
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_aes_mode(&key_config, &key_recovery_info));
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info));
#ifdef SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE
test_ecdsa_key_aes_mode(&test_data_ecdsa, ECDSA_K_TYPE_DETERMINISITIC);
#if SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE
test_ecdsa_key_aes_mode(curve, sha_digest, pub_x, pub_y, ECDSA_K_TYPE_DETERMINISITIC);
#endif
test_ecdsa_key_aes_mode(&test_data_ecdsa, ECDSA_K_TYPE_TRNG);
test_ecdsa_key_aes_mode(curve, sha_digest, pub_x, pub_y, ECDSA_K_TYPE_TRNG);
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type));
}
static void key_mgr_test_ecdsa_ecdh0_mode(void)
/* Generic ECDSA ECDH0 mode test function */
static void key_mgr_test_ecdsa_key_ecdh0_mode(esp_key_mgr_key_len_t key_len)
{
static esp_key_mgr_ecdh0_key_config_t key_config;
memcpy(key_config.k1_G[0], (uint8_t*) test_data_ecdh0.k1_G[0], KEY_MGR_ECDH0_INFO_SIZE);
#if SOC_ECDSA_SUPPORT_CURVE_P384
// For 384-bit keys, copy the second k1_G block
if (key_len == ESP_KEY_MGR_ECDSA_LEN_384) {
memcpy(key_config.k1_G[1], (uint8_t*) test_data_ecdh0.k1_G[1], KEY_MGR_ECDH0_INFO_SIZE);
}
#endif
key_config.key_type = ESP_KEY_MGR_ECDSA_KEY;
key_config.key_len = ESP_KEY_MGR_ECDSA_LEN_256;
key_config.key_len = key_len;
static esp_key_mgr_key_recovery_info_t key_recovery_info;
static esp_key_mgr_ecdh0_info_t ecdh0_info;
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_ecdh0_mode(&key_config, &key_recovery_info, &ecdh0_info));
ESP_LOG_BUFFER_HEXDUMP("K2_G", ecdh0_info.k2_G[0], KEY_MGR_ECDH0_INFO_SIZE, ESP_LOG_DEBUG);
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info));
#ifdef SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE
key_mgr_test_ecdsa_key(1, ECDSA_K_TYPE_DETERMINISITIC);
ESP_LOG_BUFFER_HEXDUMP("K2_G_0", ecdh0_info.k2_G[0], KEY_MGR_ECDH0_INFO_SIZE, ESP_LOG_DEBUG);
#if SOC_ECDSA_SUPPORT_CURVE_P384
if (key_len == ESP_KEY_MGR_ECDSA_LEN_384) {
ESP_LOG_BUFFER_HEXDUMP("K2_G_1", ecdh0_info.k2_G[1], KEY_MGR_ECDH0_INFO_SIZE, ESP_LOG_DEBUG);
}
#endif
key_mgr_test_ecdsa_key(1, ECDSA_K_TYPE_TRNG);
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info));
#if SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE
key_mgr_test_ecdsa_key(key_len, ECDSA_K_TYPE_DETERMINISITIC);
#endif
key_mgr_test_ecdsa_key(key_len, ECDSA_K_TYPE_TRNG);
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type));
}
static void key_mgr_test_ecdsa_random_mode(void)
/* Generic ECDSA random mode test function */
static void key_mgr_test_ecdsa_key_random_mode(esp_key_mgr_key_len_t key_len)
{
static esp_key_mgr_random_key_config_t key_config;
key_config.key_type = ESP_KEY_MGR_ECDSA_KEY;
key_config.key_len = ESP_KEY_MGR_ECDSA_LEN_256;
key_config.key_len = key_len;
static esp_key_mgr_key_recovery_info_t key_recovery_info;
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deploy_key_in_random_mode(&key_config, &key_recovery_info));
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_activate_key(&key_recovery_info));
if (key_len == ESP_KEY_MGR_ECDSA_LEN_256) {
#ifdef SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE
key_mgr_test_ecdsa_key(1, ECDSA_K_TYPE_DETERMINISITIC);
key_mgr_test_ecdsa_key(ECDSA_CURVE_SECP256R1, ECDSA_K_TYPE_DETERMINISITIC);
#endif
key_mgr_test_ecdsa_key(ECDSA_CURVE_SECP256R1, ECDSA_K_TYPE_TRNG);
}
#if SOC_ECDSA_SUPPORT_CURVE_P384
else if (key_len == ESP_KEY_MGR_ECDSA_LEN_384) {
#ifdef SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE
key_mgr_test_ecdsa_key(ECDSA_CURVE_SECP384R1, ECDSA_K_TYPE_DETERMINISITIC);
#endif
key_mgr_test_ecdsa_key(ECDSA_CURVE_SECP384R1, ECDSA_K_TYPE_TRNG);
}
#endif
key_mgr_test_ecdsa_key(1, ECDSA_K_TYPE_TRNG);
TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type));
}
#endif /* SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY */
@@ -339,7 +417,6 @@ static void key_mgr_test_hmac_key_aes_random_mode(const uint8_t *message, size_t
// We cannot verify the result here as the HMAC key deployed is unknown.
}
static void key_mgr_test_hmac_aes_mode(void)
{
static esp_key_mgr_aes_key_config_t key_config;
@@ -485,20 +562,52 @@ TEST(key_manager, xts_key_256_random_deployment)
#endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY */
#if SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY
TEST(key_manager, ecdsa_p192_key_aes_deployment)
{
key_mgr_test_ecdsa_key_aes_mode(ESP_KEY_MGR_ECDSA_LEN_192, &test_data_ecdsa);
}
TEST(key_manager, ecdsa_p192_key_ecdh0_deployment)
{
key_mgr_test_ecdsa_key_ecdh0_mode(ESP_KEY_MGR_ECDSA_LEN_192);
}
TEST(key_manager, ecdsa_p192_key_random_deployment)
{
key_mgr_test_ecdsa_key_random_mode(ESP_KEY_MGR_ECDSA_LEN_192);
}
TEST(key_manager, ecdsa_p256_key_aes_deployment)
{
key_mgr_test_ecdsa_p256_aes_mode();
key_mgr_test_ecdsa_key_aes_mode(ESP_KEY_MGR_ECDSA_LEN_256, &test_data_ecdsa);
}
TEST(key_manager, ecdsa_p256_key_ecdh0_deployment)
{
key_mgr_test_ecdsa_ecdh0_mode();
key_mgr_test_ecdsa_key_ecdh0_mode(ESP_KEY_MGR_ECDSA_LEN_256);
}
TEST(key_manager, ecdsa_p256_key_random_deployment)
{
key_mgr_test_ecdsa_random_mode();
key_mgr_test_ecdsa_key_random_mode(ESP_KEY_MGR_ECDSA_LEN_256);
}
#if SOC_ECDSA_SUPPORT_CURVE_P384
TEST(key_manager, ecdsa_p384_key_aes_deployment)
{
key_mgr_test_ecdsa_key_aes_mode(ESP_KEY_MGR_ECDSA_LEN_384, &test_data_ecdsa);
}
TEST(key_manager, ecdsa_p384_key_ecdh0_deployment)
{
key_mgr_test_ecdsa_key_ecdh0_mode(ESP_KEY_MGR_ECDSA_LEN_384);
}
TEST(key_manager, ecdsa_p384_key_random_deployment)
{
key_mgr_test_ecdsa_key_random_mode(ESP_KEY_MGR_ECDSA_LEN_384);
}
#endif /* SOC_ECDSA_SUPPORT_CURVE_P384 */
#endif /* SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY */
#if SOC_KEY_MANAGER_HMAC_KEY_DEPLOY
@@ -547,9 +656,19 @@ TEST_GROUP_RUNNER(key_manager)
#endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY */
#if SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY
RUN_TEST_CASE(key_manager, ecdsa_p192_key_aes_deployment);
RUN_TEST_CASE(key_manager, ecdsa_p192_key_ecdh0_deployment);
RUN_TEST_CASE(key_manager, ecdsa_p192_key_random_deployment);
RUN_TEST_CASE(key_manager, ecdsa_p256_key_aes_deployment);
RUN_TEST_CASE(key_manager, ecdsa_p256_key_ecdh0_deployment);
RUN_TEST_CASE(key_manager, ecdsa_p256_key_random_deployment);
#if SOC_ECDSA_SUPPORT_CURVE_P384
RUN_TEST_CASE(key_manager, ecdsa_p384_key_aes_deployment);
RUN_TEST_CASE(key_manager, ecdsa_p384_key_ecdh0_deployment);
RUN_TEST_CASE(key_manager, ecdsa_p384_key_random_deployment);
#endif /* SOC_ECDSA_SUPPORT_CURVE_P384 */
#endif /* SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY */
#if SOC_KEY_MANAGER_HMAC_KEY_DEPLOY
components/hal/test_apps/crypto/sdkconfig.defaults
+4
View File
@@ -1,3 +1,7 @@
CONFIG_COMPILER_STACK_CHECK=y
CONFIG_COMPILER_STACK_CHECK_MODE_STRONG=y
CONFIG_FREERTOS_WATCHPOINT_END_OF_STACK=y
CONFIG_ESP_TASK_WDT_EN=y
CONFIG_ESP_TASK_WDT_INIT=n
CONFIG_UNITY_ENABLE_FIXTURE=y