Merge branch 'feature/support_ecdsa_key_using_key_manager' into 'master'

Feature/support ecdsa key using key manager

Closes IDF-7992

See merge request espressif/esp-idf!28908

components/mbedtls/port/ecdsa/ecdsa_alt.c

@@ -82,10 +82,12 @@ static void ecdsa_be_to_le(const uint8_t* be_point, uint8_t *le_point, uint8_t l
 int esp_ecdsa_load_pubkey(mbedtls_ecp_keypair *keypair, int efuse_blk)
 {
     int ret = -1;
-
-    if (efuse_blk < EFUSE_BLK_KEY0 || efuse_blk >= EFUSE_BLK_KEY_MAX) {
-        ESP_LOGE(TAG, "Invalid efuse block selected");
-        return ret;
+    bool use_km_key = (efuse_blk == USE_ECDSA_KEY_FROM_KEY_MANAGER)? true: false;
+    if (!use_km_key) {
+        if (efuse_blk < EFUSE_BLK_KEY0 || efuse_blk >= EFUSE_BLK_KEY_MAX) {
+            ESP_LOGE(TAG, "Invalid efuse block selected");
+            return ret;
+        }
     }
 
     ecdsa_curve_t curve;
@@ -105,20 +107,27 @@ int esp_ecdsa_load_pubkey(mbedtls_ecp_keypair *keypair, int efuse_blk)
         return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
     }
 
-    if (!esp_efuse_find_purpose(ESP_EFUSE_KEY_PURPOSE_ECDSA_KEY, &blk)) {
-        ESP_LOGE(TAG, "No efuse block with purpose ECDSA_KEY found");
-        return MBEDTLS_ERR_ECP_INVALID_KEY;
+    if (!use_km_key) {
+        if (!esp_efuse_find_purpose(ESP_EFUSE_KEY_PURPOSE_ECDSA_KEY, &blk)) {
+            ESP_LOGE(TAG, "No efuse block with purpose ECDSA_KEY found");
+            return MBEDTLS_ERR_ECP_INVALID_KEY;
+        }
     }
 
     ecdsa_hal_config_t conf = {
         .mode = ECDSA_MODE_EXPORT_PUBKEY,
         .curve = curve,
-        .use_km_key = 0, //TODO: IDF-7992
-        .efuse_key_blk = efuse_blk,
     };
 
-    esp_ecdsa_acquire_hardware();
+    if (use_km_key) {
+        conf.use_km_key = 1;
+        conf.efuse_key_blk = -1;
+    } else {
+        conf.use_km_key = 0;
+        conf.efuse_key_blk = efuse_blk;
+    }
 
+    esp_ecdsa_acquire_hardware();
     bool process_again = false;
 
     do {
@@ -151,9 +160,12 @@ int esp_ecdsa_privkey_load_mpi(mbedtls_mpi *key, int efuse_blk)
         return -1;
     }
 
-    if (efuse_blk < EFUSE_BLK_KEY0 || efuse_blk >= EFUSE_BLK_KEY_MAX) {
-        ESP_LOGE(TAG, "Invalid efuse block");
-        return -1;
+    bool use_km_key = (efuse_blk == USE_ECDSA_KEY_FROM_KEY_MANAGER)? true: false;
+    if (!use_km_key) {
+        if (efuse_blk < EFUSE_BLK_KEY0 || efuse_blk >= EFUSE_BLK_KEY_MAX) {
+            ESP_LOGE(TAG, "Invalid efuse block");
+            return -1;
+        }
     }
 
     mbedtls_mpi_init(key);
@@ -166,7 +178,11 @@ int esp_ecdsa_privkey_load_mpi(mbedtls_mpi *key, int efuse_blk)
      * `n` is used to store the efuse block which should be used as key
      */
     key->MBEDTLS_PRIVATE(s) = ECDSA_KEY_MAGIC;
-    key->MBEDTLS_PRIVATE(n) = efuse_blk;
+    if (!use_km_key) {
+        key->MBEDTLS_PRIVATE(n) = efuse_blk;
+    } else {
+        key->MBEDTLS_PRIVATE(n) = (unsigned short) USE_ECDSA_KEY_FROM_KEY_MANAGER;
+    }
     key->MBEDTLS_PRIVATE(p) = NULL;
 
     return 0;
@@ -182,9 +198,12 @@ int esp_ecdsa_privkey_load_pk_context(mbedtls_pk_context *key_ctx, int efuse_blk
         return -1;
     }
 
-    if (efuse_blk < EFUSE_BLK_KEY0 || efuse_blk >= EFUSE_BLK_KEY_MAX) {
-        ESP_LOGE(TAG, "Invalid efuse block");
-        return -1;
+    bool use_km_key = (efuse_blk == USE_ECDSA_KEY_FROM_KEY_MANAGER)? true: false;
+    if (!use_km_key) {
+        if (efuse_blk < EFUSE_BLK_KEY0 || efuse_blk >= EFUSE_BLK_KEY_MAX) {
+            ESP_LOGE(TAG, "Invalid efuse block");
+            return -1;
+        }
     }
 
     mbedtls_pk_init(key_ctx);
@@ -198,7 +217,12 @@ int esp_ecdsa_privkey_load_pk_context(mbedtls_pk_context *key_ctx, int efuse_blk
 int esp_ecdsa_set_pk_context(mbedtls_pk_context *key_ctx, esp_ecdsa_pk_conf_t *conf)
 {
     int ret = -1;
-
+    int efuse_key_block = -1;
+    if (conf->use_km_key) {
+        efuse_key_block = USE_ECDSA_KEY_FROM_KEY_MANAGER;
+    } else {
+        efuse_key_block = conf->efuse_block;
+    }
     if (!key_ctx) {
         ESP_LOGE(TAG, "mbedtls_pk_context cannot be NULL");
         return ret;
@@ -214,7 +238,7 @@ int esp_ecdsa_set_pk_context(mbedtls_pk_context *key_ctx, esp_ecdsa_pk_conf_t *c
         return ret;
     }
 
-    if ((ret = esp_ecdsa_privkey_load_pk_context(key_ctx, conf->efuse_block)) != 0) {
+    if ((ret = esp_ecdsa_privkey_load_pk_context(key_ctx, efuse_key_block)) != 0) {
         ESP_LOGE(TAG, "Loading private key context failed, esp_ecdsa_privkey_load_pk_context() returned %d", ret);
         return ret;
     }
@@ -227,7 +251,7 @@ int esp_ecdsa_set_pk_context(mbedtls_pk_context *key_ctx, esp_ecdsa_pk_conf_t *c
 
 #ifdef SOC_ECDSA_SUPPORT_EXPORT_PUBKEY
     if (conf->load_pubkey) {
-        if ((ret = esp_ecdsa_load_pubkey(keypair, conf->efuse_block)) != 0) {
+        if ((ret = esp_ecdsa_load_pubkey(keypair, efuse_key_block)) != 0) {
             ESP_LOGE(TAG, "Loading public key context failed, esp_ecdsa_load_pubkey() returned %d", ret);
             return ret;
         }
@@ -267,9 +291,15 @@ static int esp_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi* r, mbedtls_mpi* s
         return MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
     }
 
-    if (!esp_efuse_find_purpose(ESP_EFUSE_KEY_PURPOSE_ECDSA_KEY, &blk)) {
-        ESP_LOGE(TAG, "No efuse block with purpose ECDSA_KEY found");
-        return MBEDTLS_ERR_ECP_INVALID_KEY;
+    bool use_km_key = false;
+    if (d->MBEDTLS_PRIVATE(n) == (unsigned short) USE_ECDSA_KEY_FROM_KEY_MANAGER) {
+        use_km_key = true;
+    }
+    if (!use_km_key) {
+        if (!esp_efuse_find_purpose(ESP_EFUSE_KEY_PURPOSE_ECDSA_KEY, &blk)) {
+            ESP_LOGE(TAG, "No efuse block with purpose ECDSA_KEY found");
+            return MBEDTLS_ERR_ECP_INVALID_KEY;
+        }
     }
 
     ecdsa_be_to_le(msg, sha_le, len);
@@ -287,14 +317,19 @@ static int esp_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi* r, mbedtls_mpi* s
             .mode = ECDSA_MODE_SIGN_GEN,
             .curve = curve,
             .sha_mode = ECDSA_Z_USER_PROVIDED,
-            .efuse_key_blk = d->MBEDTLS_PRIVATE(n),
-            .use_km_key = 0, //TODO: IDF-7992
             .sign_type = k_type,
 #ifdef SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE
             .loop_number = deterministic_loop_number++,
 #endif /* SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE */
         };
 
+        if (use_km_key) {
+            conf.use_km_key = 1;
+            conf.efuse_key_blk = -1;
+        } else {
+            conf.use_km_key = 0;
+            conf.efuse_key_blk = d->MBEDTLS_PRIVATE(n);
+        }
         ecdsa_hal_gen_signature(&conf, sha_le, r_le, s_le, len);
 
         process_again = !ecdsa_hal_get_operation_result()

components/mbedtls/port/include/ecdsa/ecdsa_alt.h

@@ -17,6 +17,8 @@
 extern "C" {
 #endif
 
+#define USE_ECDSA_KEY_FROM_KEY_MANAGER INT_MAX
+
 /**
  * @brief ECDSA private key context initialization config structure
  * @note  Contains configuration information like the efuse key block that should be used as the private key,
@@ -28,7 +30,10 @@ typedef struct {
     uint8_t efuse_block;                    /*!< EFuse block id for ECDSA private key */
 #ifdef SOC_ECDSA_SUPPORT_EXPORT_PUBKEY
     bool load_pubkey;                       /*!< Export ECDSA public key from the hardware */
+
 #endif
+    bool use_km_key;                        /*!< Use key deployed in the key manager for ECDSA operation.
+                                                 Note: The key must be already deployed by the application and it must be activated for the lifetime of this context */
 } esp_ecdsa_pk_conf_t;  //TODO: IDF-9008 (Add a config to select the ecdsa key from the key manager peripheral)
 
 #if SOC_ECDSA_SUPPORT_EXPORT_PUBKEY || __DOXYGEN__

components/mbedtls/test_apps/main/test_mbedtls_ecdsa.c

@@ -20,9 +20,12 @@
 #include "test_utils.h"
 #include "ccomp_timer.h"
 #include "unity.h"
+#include "esp_heap_caps.h"
 
 #include "ecdsa/ecdsa_alt.h"
-
+#if SOC_KEY_MANAGER_SUPPORTED
+#include "esp_key_mgr.h"
+#endif
 #define TEST_ASSERT_MBEDTLS_OK(X) TEST_ASSERT_EQUAL_HEX32(0, -(X))
 
 #if CONFIG_NEWLIB_NANO_FORMAT
@@ -190,7 +193,25 @@ const uint8_t ecdsa192_sign_pub_y[] = {
     0x23, 0xae, 0x7e, 0x0f, 0x1f, 0x4d, 0x69, 0xd5
 };
 
-void test_ecdsa_sign(mbedtls_ecp_group_id id, const uint8_t *hash, const uint8_t *pub_x, const uint8_t *pub_y, bool is_deterministic)
+/* Big endian */
+const uint8_t init_key[] = {
+    0x4d, 0x21, 0x64, 0x21, 0x8f, 0xa2, 0xe3, 0xa0, 0xab, 0x74, 0xb5, 0xab, 0x17, 0x9a, 0x5d, 0x08, 0x58, 0xf4, 0x22, 0x03, 0xbd, 0x52, 0xe7, 0x88, 0x3c, 0x22, 0x0f, 0x95, 0x89, 0x70, 0xe1, 0x93
+};
+
+/* Big endian */
+const uint8_t k2_info[] = {
+    0xd8, 0xcd, 0x04, 0x45, 0xb4, 0x45, 0xc4, 0x15, 0xf6, 0x40, 0x1c, 0x7d, 0x90, 0x1b, 0x99, 0xa4, 0x79, 0x6b, 0xfb, 0x5b, 0x2a, 0x40, 0x60, 0xe1, 0xc1, 0xe1, 0x48, 0xcd, 0x46, 0x6b, 0x9b, 0x48, 0xda, 0x7a, 0x70, 0x0a, 0x78, 0x0b, 0x9d, 0xf9, 0x0e, 0xed, 0x91, 0xfc, 0xa5, 0xc2, 0x96, 0x05, 0x91, 0x76, 0xdb, 0x68, 0x84, 0x5d, 0x5e, 0x5b, 0xa6, 0xe9, 0x6b, 0x3b, 0x12, 0x50, 0x05, 0xc3
+};
+
+const uint8_t k1_ecdsa256_xts_encrypt[] = {
+    0x9f, 0x64, 0x80, 0x16, 0xa3, 0xab, 0x26, 0x64, 0x9b, 0xe6, 0x86, 0xcd, 0xf5, 0x14, 0x11, 0xb9, 0xb0, 0xe9, 0x87, 0xf6, 0xfe, 0x1b, 0x98, 0x0f, 0x9c, 0x3e, 0x21, 0xa7, 0xfa, 0x53, 0x47, 0x60
+};
+
+const uint8_t k1_ecdsa192_xts_encrypt[] = {
+   0x54, 0xf5, 0x97, 0xb8, 0xff, 0x1d, 0x34, 0x85, 0x8d, 0xf1, 0x43, 0xaa, 0xc0, 0x0f, 0xe2, 0x4d, 0x0b, 0xee, 0xdd, 0x89, 0x31, 0x39, 0x1b, 0xbe, 0x9b, 0x55, 0x53, 0xe0, 0xc7, 0xd9, 0x79, 0xaf
+};
+
+void test_ecdsa_sign(mbedtls_ecp_group_id id, const uint8_t *hash, const uint8_t *pub_x, const uint8_t *pub_y, bool is_deterministic, int efuse_key_block)
 {
     uint8_t r_be[MAX_ECDSA_COMPONENT_LEN] = {0};
     uint8_t s_be[MAX_ECDSA_COMPONENT_LEN] = {0};
@@ -206,11 +227,10 @@ void test_ecdsa_sign(mbedtls_ecp_group_id id, const uint8_t *hash, const uint8_t
 
     if (id == MBEDTLS_ECP_DP_SECP192R1) {
         mbedtls_ecp_group_load(&ecdsa_context.MBEDTLS_PRIVATE(grp), MBEDTLS_ECP_DP_SECP192R1);
-        esp_ecdsa_privkey_load_mpi(&key_mpi, SECP192R1_EFUSE_BLOCK);
     } else if (id == MBEDTLS_ECP_DP_SECP256R1) {
         mbedtls_ecp_group_load(&ecdsa_context.MBEDTLS_PRIVATE(grp), MBEDTLS_ECP_DP_SECP256R1);
-        esp_ecdsa_privkey_load_mpi(&key_mpi, SECP256R1_EFUSE_BLOCK);
     }
+    esp_ecdsa_privkey_load_mpi(&key_mpi, efuse_key_block);
 
     if (is_deterministic) {
         mbedtls_ecdsa_sign_det_ext(&ecdsa_context.MBEDTLS_PRIVATE(grp), &r, &s, &key_mpi, sha, HASH_LEN, 0, NULL, NULL);
@@ -235,31 +255,69 @@ void test_ecdsa_sign(mbedtls_ecp_group_id id, const uint8_t *hash, const uint8_t
 
 TEST_CASE("mbedtls ECDSA signature generation on SECP192R1", "[mbedtls][efuse_key]")
 {
-    test_ecdsa_sign(MBEDTLS_ECP_DP_SECP192R1, sha, ecdsa192_sign_pub_x, ecdsa192_sign_pub_y, false);
+    test_ecdsa_sign(MBEDTLS_ECP_DP_SECP192R1, sha, ecdsa192_sign_pub_x, ecdsa192_sign_pub_y, false, SECP192R1_EFUSE_BLOCK);
 }
 
 TEST_CASE("mbedtls ECDSA signature generation on SECP256R1", "[mbedtls][efuse_key]")
 {
-    test_ecdsa_sign(MBEDTLS_ECP_DP_SECP256R1, sha, ecdsa256_sign_pub_x, ecdsa256_sign_pub_y, false);
+    test_ecdsa_sign(MBEDTLS_ECP_DP_SECP256R1, sha, ecdsa256_sign_pub_x, ecdsa256_sign_pub_y, false, SECP256R1_EFUSE_BLOCK);
 }
 
 #ifdef SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE
 
 TEST_CASE("mbedtls ECDSA deterministic signature generation on SECP192R1", "[mbedtls][efuse_key]")
 {
-    test_ecdsa_sign(MBEDTLS_ECP_DP_SECP192R1, sha, ecdsa192_sign_pub_x, ecdsa192_sign_pub_y, true);
+    test_ecdsa_sign(MBEDTLS_ECP_DP_SECP192R1, sha, ecdsa192_sign_pub_x, ecdsa192_sign_pub_y, true, SECP192R1_EFUSE_BLOCK);
 }
 
 TEST_CASE("mbedtls ECDSA deterministic signature generation on SECP256R1", "[mbedtls][efuse_key]")
 {
-    test_ecdsa_sign(MBEDTLS_ECP_DP_SECP256R1, sha, ecdsa256_sign_pub_x, ecdsa256_sign_pub_y, true);
+    test_ecdsa_sign(MBEDTLS_ECP_DP_SECP256R1, sha, ecdsa256_sign_pub_x, ecdsa256_sign_pub_y, true, SECP256R1_EFUSE_BLOCK);
 }
 
+#endif /* SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE */
+
+#if SOC_KEY_MANAGER_SUPPORTED
+void deploy_key_in_key_manager(const uint8_t *k1_encrypted) {
+    esp_key_mgr_aes_key_config_t *key_config;
+
+    key_config = heap_caps_calloc(1, sizeof(esp_key_mgr_aes_key_config_t), MALLOC_CAP_INTERNAL);
+    TEST_ASSERT_NOT_NULL(key_config);
+    memcpy(key_config->k2_info, (uint8_t*) k2_info, KEY_MGR_K2_INFO_SIZE);
+    memcpy(key_config->k1_encrypted[0], (uint8_t*) k1_encrypted, KEY_MGR_K1_ENCRYPTED_SIZE);
+    memcpy(key_config->sw_init_key, (uint8_t*) init_key, KEY_MGR_SW_INIT_KEY_SIZE);
+    key_config->use_pre_generated_sw_init_key = 1;
+    key_config->key_type = ESP_KEY_MGR_ECDSA_KEY;
+
+    esp_key_mgr_key_recovery_info_t *key_info;
+    key_info = heap_caps_calloc(1, sizeof(esp_key_mgr_key_recovery_info_t), MALLOC_CAP_INTERNAL);
+    TEST_ASSERT_NOT_NULL(key_config);
+
+    esp_key_mgr_deploy_key_in_aes_mode(key_config, key_info);
+    printf("\nkey deployed successfully\n");
+    esp_key_mgr_activate_key(key_info);
+    free(key_info);
+    free(key_config);
+}
+
+TEST_CASE("mbedtls ECDSA signature generation on SECP192R1", "[mbedtls][key_manager_key]")
+{
+    deploy_key_in_key_manager(k1_ecdsa192_xts_encrypt);
+    test_ecdsa_sign(MBEDTLS_ECP_DP_SECP192R1, sha, ecdsa192_sign_pub_x, ecdsa192_sign_pub_y, false, USE_ECDSA_KEY_FROM_KEY_MANAGER);
+    esp_key_mgr_deactivate_key(ESP_KEY_MGR_ECDSA_KEY);
+}
+
+TEST_CASE("mbedtls ECDSA signature generation on SECP256R1", "[mbedtls][key_manager_key]")
+{
+    deploy_key_in_key_manager(k1_ecdsa256_xts_encrypt);
+    test_ecdsa_sign(MBEDTLS_ECP_DP_SECP256R1, sha, ecdsa256_sign_pub_x, ecdsa256_sign_pub_y, false, USE_ECDSA_KEY_FROM_KEY_MANAGER);
+    esp_key_mgr_deactivate_key(ESP_KEY_MGR_ECDSA_KEY);
+}
 #endif
 
 #ifdef SOC_ECDSA_SUPPORT_EXPORT_PUBKEY
 
-void test_ecdsa_export_pubkey(mbedtls_ecp_group_id id, const uint8_t *pub_x, const uint8_t *pub_y)
+void test_ecdsa_export_pubkey(mbedtls_ecp_group_id id, const uint8_t *pub_x, const uint8_t *pub_y, int efuse_key_block)
 {
     uint8_t export_pub_x[32] = {0};
     uint8_t export_pub_y[32] = {0};
@@ -268,13 +326,12 @@ void test_ecdsa_export_pubkey(mbedtls_ecp_group_id id, const uint8_t *pub_x, con
     esp_ecdsa_pk_conf_t pk_conf = {
         .grp_id = id,
         .load_pubkey = true,
+        .efuse_block = efuse_key_block,
     };
 
     if (id == MBEDTLS_ECP_DP_SECP192R1) {
-        pk_conf.efuse_block = SECP192R1_EFUSE_BLOCK;
         len = 24;
     } else if (id == MBEDTLS_ECP_DP_SECP256R1) {
-        pk_conf.efuse_block = SECP256R1_EFUSE_BLOCK;
         len = 32;
     }
 
@@ -296,15 +353,29 @@ void test_ecdsa_export_pubkey(mbedtls_ecp_group_id id, const uint8_t *pub_x, con
 
 TEST_CASE("mbedtls ECDSA export public key on SECP192R1", "[mbedtls][efuse_key]")
 {
-    test_ecdsa_export_pubkey(MBEDTLS_ECP_DP_SECP192R1, ecdsa192_sign_pub_x, ecdsa192_sign_pub_y);
+    test_ecdsa_export_pubkey(MBEDTLS_ECP_DP_SECP192R1, ecdsa192_sign_pub_x, ecdsa192_sign_pub_y, SECP192R1_EFUSE_BLOCK);
 }
 
 TEST_CASE("mbedtls ECDSA export public key on SECP256R1", "[mbedtls][efuse_key]")
 {
-    test_ecdsa_export_pubkey(MBEDTLS_ECP_DP_SECP256R1, ecdsa256_sign_pub_x, ecdsa256_sign_pub_y);
+    test_ecdsa_export_pubkey(MBEDTLS_ECP_DP_SECP256R1, ecdsa256_sign_pub_x, ecdsa256_sign_pub_y,  SECP256R1_EFUSE_BLOCK);
 }
 
+#if SOC_KEY_MANAGER_SUPPORTED
+TEST_CASE("mbedtls ECDSA export public key on SECP192R1", "[mbedtls][key_manager_key]")
+{
+    deploy_key_in_key_manager(k1_ecdsa192_xts_encrypt);
+    test_ecdsa_export_pubkey(MBEDTLS_ECP_DP_SECP192R1, ecdsa192_sign_pub_x, ecdsa192_sign_pub_y, USE_ECDSA_KEY_FROM_KEY_MANAGER);
+    esp_key_mgr_deactivate_key(ESP_KEY_MGR_ECDSA_KEY);
+}
 
+TEST_CASE("mbedtls ECDSA export public key on SECP256R1", "[mbedtls][key_manager_key]")
+{
+    deploy_key_in_key_manager(k1_ecdsa256_xts_encrypt);
+    test_ecdsa_export_pubkey(MBEDTLS_ECP_DP_SECP256R1, ecdsa256_sign_pub_x, ecdsa256_sign_pub_y,  USE_ECDSA_KEY_FROM_KEY_MANAGER);
+    esp_key_mgr_deactivate_key(ESP_KEY_MGR_ECDSA_KEY);
+}
+#endif
 #endif /* SOC_ECDSA_SUPPORT_EXPORT_PUBKEY */
 
 #endif /* CONFIG_MBEDTLS_HARDWARE_ECDSA_SIGN */