Merge branch 'feature/add_dpp_crypto_layer' into 'master'

feature(esp_wifi):Restructure dpp crypto layer

See merge request espressif/esp-idf!30225

Author: jack0c

components/wpa_supplicant/CMakeLists.txt

@@ -202,6 +202,7 @@ endif()
 
 if(CONFIG_ESP_WIFI_DPP_SUPPORT)
     set(dpp_src "src/common/dpp.c"
+    "src/common/dpp_crypto.c"
     "esp_supplicant/src/esp_dpp.c")
 else()
     set(dpp_src "")

components/wpa_supplicant/esp_supplicant/src/crypto/crypto_mbedtls-ec.c

@@ -453,7 +453,7 @@ int crypto_ec_point_cmp(const struct crypto_ec *e,
                                  (const mbedtls_ecp_point *) b);
 }
 
-int crypto_key_compare(struct crypto_key *key1, struct crypto_key *key2)
+int crypto_ec_key_compare(struct crypto_ec_key *key1, struct crypto_ec_key *key2)
 {
     int ret = 0;
     mbedtls_entropy_context entropy;
@@ -488,7 +488,7 @@ void crypto_debug_print_point(const char *title, struct crypto_ec *e,
     wpa_hexdump(MSG_ERROR, "y:", y, 32);
 }
 
-static struct crypto_key *crypto_alloc_key(void)
+static struct crypto_ec_key *crypto_alloc_key(void)
 {
     mbedtls_pk_context *key = os_malloc(sizeof(*key));
 
@@ -498,14 +498,14 @@ static struct crypto_key *crypto_alloc_key(void)
     }
     mbedtls_pk_init(key);
 
-    return (struct crypto_key *)key;
+    return (struct crypto_ec_key *)key;
 }
 
-struct crypto_key * crypto_ec_set_pubkey_point(const struct crypto_ec_group *group,
-                                               const u8 *buf, size_t len)
+struct crypto_ec_key * crypto_ec_key_set_pub(const struct crypto_ec_group *group,
+                                             const u8 *buf, size_t len)
 {
     mbedtls_ecp_point *point = NULL;
-    struct crypto_key *pkey = NULL;
+    struct crypto_ec_key *pkey = NULL;
     int ret;
     mbedtls_pk_context *key = (mbedtls_pk_context *)crypto_alloc_key();
     mbedtls_ecp_group *ecp_grp = (mbedtls_ecp_group *)group;
@@ -543,7 +543,7 @@ struct crypto_key * crypto_ec_set_pubkey_point(const struct crypto_ec_group *gro
     mbedtls_ecp_copy(&mbedtls_pk_ec(*key)->MBEDTLS_PRIVATE(Q), point);
     mbedtls_ecp_group_load(&mbedtls_pk_ec(*key)->MBEDTLS_PRIVATE(grp), ecp_grp->id);
 
-    pkey = (struct crypto_key *)key;
+    pkey = (struct crypto_ec_key *)key;
     crypto_ec_point_deinit((struct crypto_ec_point *)point, 0);
     return pkey;
 fail:
@@ -557,21 +557,14 @@ struct crypto_key * crypto_ec_set_pubkey_point(const struct crypto_ec_group *gro
     return pkey;
 }
 
-void crypto_ec_free_key(struct crypto_key *key)
-{
-    mbedtls_pk_context *pkey = (mbedtls_pk_context *)key;
-    mbedtls_pk_free(pkey);
-    os_free(key);
-}
-
-struct crypto_ec_point *crypto_ec_get_public_key(struct crypto_key *key)
+struct crypto_ec_point *crypto_ec_key_get_public_key(struct crypto_ec_key *key)
 {
     mbedtls_pk_context *pkey = (mbedtls_pk_context *)key;
 
     return (struct crypto_ec_point *)&mbedtls_pk_ec(*pkey)->MBEDTLS_PRIVATE(Q);
 }
 
-int crypto_ec_get_priv_key_der(struct crypto_key *key, unsigned char **key_data, int *key_len)
+int crypto_ec_get_priv_key_der(struct crypto_ec_key *key, unsigned char **key_data, int *key_len)
 {
     mbedtls_pk_context *pkey = (mbedtls_pk_context *)key;
     char *der_data = os_malloc(ECP_PRV_DER_MAX_BYTES);
@@ -599,7 +592,7 @@ int crypto_ec_get_priv_key_der(struct crypto_key *key, unsigned char **key_data,
     return 0;
 }
 
-struct crypto_ec_group *crypto_ec_get_group_from_key(struct crypto_key *key)
+struct crypto_ec_group *crypto_ec_get_group_from_key(struct crypto_ec_key *key)
 {
     mbedtls_pk_context *pkey = (mbedtls_pk_context *)key;
 
@@ -614,14 +607,14 @@ int crypto_ec_key_group(struct crypto_ec_key *key)
     return iana_group;
 }
 
-struct crypto_bignum *crypto_ec_get_private_key(struct crypto_key *key)
+struct crypto_bignum *crypto_ec_key_get_private_key(struct crypto_ec_key *key)
 {
     mbedtls_pk_context *pkey = (mbedtls_pk_context *)key;
 
     return ((struct crypto_bignum *) & (mbedtls_pk_ec(*pkey)->MBEDTLS_PRIVATE(d)));
 }
 
-int crypto_ec_get_publickey_buf(struct crypto_key *key, u8 *key_buf, int len)
+int crypto_ec_get_publickey_buf(struct crypto_ec_key *key, u8 *key_buf, int len)
 {
     mbedtls_pk_context *pkey = (mbedtls_pk_context *)key;
     unsigned char buf[MBEDTLS_MPI_MAX_SIZE + 10]; /* tag, length + MPI */
@@ -644,7 +637,7 @@ int crypto_ec_get_publickey_buf(struct crypto_key *key, u8 *key_buf, int len)
     return pk_len;
 }
 
-int crypto_write_pubkey_der(struct crypto_key *key, unsigned char **key_buf)
+int crypto_write_pubkey_der(struct crypto_ec_key *key, unsigned char **key_buf)
 {
     unsigned char *buf = os_malloc(ECP_PUB_DER_MAX_BYTES);
 
@@ -669,7 +662,7 @@ int crypto_write_pubkey_der(struct crypto_key *key, unsigned char **key_buf)
     return len;
 }
 
-struct crypto_key *crypto_ec_get_key(const u8 *privkey, size_t privkey_len)
+struct crypto_ec_key *crypto_ec_key_parse_priv(const u8 *privkey, size_t privkey_len)
 {
     int ret;
     mbedtls_pk_context *kctx = (mbedtls_pk_context *)crypto_alloc_key();
@@ -685,7 +678,7 @@ struct crypto_key *crypto_ec_get_key(const u8 *privkey, size_t privkey_len)
         goto fail;
     }
 
-    return (struct crypto_key *)kctx;
+    return (struct crypto_ec_key *)kctx;
 
 fail:
     mbedtls_pk_free(kctx);
@@ -728,7 +721,7 @@ int crypto_ec_get_curve_id(const struct crypto_ec_group *group)
     return (crypto_ec_get_mbedtls_to_nist_group_id(grp->id));
 }
 
-int crypto_ecdh(struct crypto_key *key_own, struct crypto_key *key_peer,
+int crypto_ecdh(struct crypto_ec_key *key_own, struct crypto_ec_key *key_peer,
                 u8 *secret, size_t *secret_len)
 {
     mbedtls_ecdh_context *ctx = NULL;
@@ -795,7 +788,7 @@ int crypto_ecdh(struct crypto_key *key_own, struct crypto_key *key_peer,
 }
 
 int crypto_ecdsa_get_sign(unsigned char *hash,
-                          const struct crypto_bignum *r, const struct crypto_bignum *s, struct crypto_key *csign, int hash_len)
+                          const struct crypto_bignum *r, const struct crypto_bignum *s, struct crypto_ec_key *csign, int hash_len)
 {
     int ret = -1;
     mbedtls_pk_context *pkey = (mbedtls_pk_context *)csign;
@@ -820,48 +813,56 @@ int crypto_ecdsa_get_sign(unsigned char *hash,
     return  ret;
 }
 
-int crypto_edcsa_sign_verify(const unsigned char *hash,
-                             const struct crypto_bignum *r, const struct crypto_bignum *s, struct crypto_key *csign, int hlen)
+int crypto_ec_key_verify_signature_r_s(struct crypto_ec_key *csign,
+                                       const unsigned char *hash, int hlen,
+                                       const u8 *r, size_t r_len,
+                                       const u8 *s, size_t s_len)
 {
     /* (mbedtls_ecdsa_context *) */
     mbedtls_ecp_keypair *ecp_kp = mbedtls_pk_ec(*(mbedtls_pk_context *)csign);
     if (!ecp_kp) {
         return -1;
     }
 
+    struct crypto_bignum *rb = NULL, *sb = NULL;
+    rb = crypto_bignum_init_set(r, r_len);
+    sb = crypto_bignum_init_set(s, s_len);
+
     mbedtls_ecp_group *ecp_kp_grp = &ecp_kp->MBEDTLS_PRIVATE(grp);
     mbedtls_ecp_point *ecp_kp_q = &ecp_kp->MBEDTLS_PRIVATE(Q);
     int ret = mbedtls_ecdsa_verify(ecp_kp_grp, hash, hlen,
-                                   ecp_kp_q, (mbedtls_mpi *)r, (mbedtls_mpi *)s);
+                                   ecp_kp_q, (mbedtls_mpi *)rb, (mbedtls_mpi *)sb);
     if (ret != 0) {
         wpa_printf(MSG_ERROR, "ecdsa verification failed");
+        crypto_bignum_deinit(rb, 0);
+        crypto_bignum_deinit(sb, 0);
         return ret;
     }
 
     return ret;
 }
 
-void crypto_debug_print_ec_key(const char *title, struct crypto_key *key)
+void crypto_ec_key_debug_print(struct crypto_ec_key *key, const char *title)
 {
 #ifdef DEBUG_PRINT
     mbedtls_pk_context *pkey = (mbedtls_pk_context *)key;
     mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(*pkey);
     u8 x[32], y[32], d[32];
-    wpa_printf(MSG_ERROR, "curve: %s",
+    wpa_printf(MSG_INFO, "curve: %s",
                mbedtls_ecp_curve_info_from_grp_id(ecp->MBEDTLS_PRIVATE(grp).id)->name);
     int len = mbedtls_mpi_size((mbedtls_mpi *)crypto_ec_get_prime((struct crypto_ec *)crypto_ec_get_group_from_key(key)));
 
-    wpa_printf(MSG_ERROR, "prime len is %d", len);
-    crypto_ec_point_to_bin((struct crypto_ec *)crypto_ec_get_group_from_key(key), crypto_ec_get_public_key(key), x, y);
-    crypto_bignum_to_bin(crypto_ec_get_private_key(key),
+    wpa_printf(MSG_INFO, "prime len is %d", len);
+    crypto_ec_point_to_bin((struct crypto_ec *)crypto_ec_get_group_from_key(key), crypto_ec_key_get_public_key(key), x, y);
+    crypto_bignum_to_bin(crypto_ec_key_get_private_key(key),
                          d, len, len);
-    wpa_hexdump(MSG_ERROR, "Q_x:", x, 32);
-    wpa_hexdump(MSG_ERROR, "Q_y:", y, 32);
-    wpa_hexdump(MSG_ERROR, "d:     ",  d, 32);
+    wpa_hexdump(MSG_INFO, "Q_x:", x, 32);
+    wpa_hexdump(MSG_INFO, "Q_y:", y, 32);
+    wpa_hexdump(MSG_INFO, "d:     ",  d, 32);
 #endif
 }
 
-struct crypto_key *crypto_ec_parse_subpub_key(const unsigned char *p, size_t len)
+struct crypto_ec_key *crypto_ec_parse_subpub_key(const unsigned char *p, size_t len)
 {
     int ret;
     mbedtls_pk_context *pkey = (mbedtls_pk_context *)crypto_alloc_key();
@@ -871,21 +872,21 @@ struct crypto_key *crypto_ec_parse_subpub_key(const unsigned char *p, size_t len
     }
     ret = mbedtls_pk_parse_subpubkey((unsigned char **)&p, p + len, pkey);
     if (ret == 0) {
-        return (struct crypto_key *)pkey;
+        return (struct crypto_ec_key *)pkey;
     }
 
     mbedtls_pk_free(pkey);
     os_free(pkey);
     return NULL;
 }
 
-int crypto_is_ec_key(struct crypto_key *key)
+int crypto_is_ec_key(struct crypto_ec_key *key)
 {
     int ret = mbedtls_pk_can_do((mbedtls_pk_context *)key, MBEDTLS_PK_ECKEY);
     return  ret;
 }
 
-struct crypto_key * crypto_ec_gen_keypair(u16 ike_group)
+struct crypto_ec_key * crypto_ec_key_gen(u16 ike_group)
 {
     mbedtls_pk_context *kctx = (mbedtls_pk_context *)crypto_alloc_key();
 
@@ -902,7 +903,7 @@ struct crypto_key * crypto_ec_gen_keypair(u16 ike_group)
     mbedtls_ecp_gen_key(MBEDTLS_ECP_DP_SECP256R1, mbedtls_pk_ec(*kctx), //get this from argument
                         crypto_rng_wrapper, NULL);
 
-    return (struct crypto_key *)kctx;
+    return (struct crypto_ec_key *)kctx;
 fail:
     mbedtls_pk_free(kctx);
     os_free(kctx);
@@ -1018,7 +1019,7 @@ int crypto_pk_write_formatted_pubkey_der(mbedtls_pk_context *key, unsigned char
     return ((int) len);
 }
 
-int crypto_ec_write_pub_key(struct crypto_key *key, unsigned char **key_buf)
+int crypto_ec_write_pub_key(struct crypto_ec_key *key, unsigned char **key_buf)
 {
     unsigned char output_buf[1600] = {0};
     int len = crypto_pk_write_formatted_pubkey_der((mbedtls_pk_context *)key, output_buf, 1600, 1);
@@ -1036,6 +1037,23 @@ int crypto_ec_write_pub_key(struct crypto_key *key, unsigned char **key_buf)
     return len;
 }
 
+struct wpabuf * crypto_ec_key_get_subject_public_key(struct crypto_ec_key *key)
+{
+    unsigned char *der = NULL;
+    struct wpabuf *ret = NULL;
+    int der_len;
+
+    der_len = crypto_ec_write_pub_key(key, &der);
+    if (!der) {
+        wpa_printf(MSG_ERROR, "failed to get der for bootstrapping key\n");
+        return NULL;
+    }
+    ret = wpabuf_alloc_copy(der, der_len);
+
+    os_free(der);
+    return ret;
+}
+
 int crypto_mbedtls_get_grp_id(int group)
 {
     switch (group) {
@@ -1140,7 +1158,7 @@ struct wpabuf * crypto_ecdh_set_peerkey(struct crypto_ecdh *ecdh, int inc_y,
     struct crypto_bignum *bn_x = NULL;
     struct crypto_ec_point *ec_pt = NULL;
     uint8_t *px = NULL, *py = NULL, *buf = NULL;
-    struct crypto_key *pkey = NULL;
+    struct crypto_ec_key *pkey = NULL;
     struct wpabuf *sh_secret = NULL;
     int secret_key = 0;
 
@@ -1188,7 +1206,7 @@ struct wpabuf * crypto_ecdh_set_peerkey(struct crypto_ecdh *ecdh, int inc_y,
     os_memcpy(buf, px, len);
     os_memcpy(buf + len, py, len);
 
-    pkey = crypto_ec_set_pubkey_point((struct crypto_ec_group*)ACCESS_ECDH(&ctx, grp), buf, len);
+    pkey = crypto_ec_key_set_pub((struct crypto_ec_group*)ACCESS_ECDH(&ctx, grp), buf, len);
     if (!pkey) {
         wpa_printf(MSG_ERROR, "Failed to set point for peer's public key");
         goto cleanup;
@@ -1228,7 +1246,7 @@ struct wpabuf * crypto_ecdh_set_peerkey(struct crypto_ecdh *ecdh, int inc_y,
     os_free(py);
     os_free(buf);
     os_free(secret);
-    crypto_ec_free_key(pkey);
+    crypto_ec_key_deinit(pkey);
     crypto_bignum_deinit(bn_x, 1);
     crypto_ec_point_deinit(ec_pt, 1);
     mbedtls_ctr_drbg_free(&ctr_drbg);

components/wpa_supplicant/esp_supplicant/src/esp_dpp_i.h

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2020-2023 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2020-2024 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -10,7 +10,6 @@
 #include "esp_err.h"
 #include "utils/includes.h"
 #include "utils/common.h"
-
 #include "common/dpp.h"
 #include "esp_dpp.h"
 #include "esp_wifi_driver.h"
@@ -59,6 +58,11 @@ struct esp_dpp_context_t {
 int esp_supp_rx_action(uint8_t *hdr, uint8_t *payload, size_t len, uint8_t channel);
 esp_err_t esp_dpp_post_evt(uint32_t evt_id, uint32_t data);
 
+#ifdef CONFIG_TESTING_OPTIONS
+int dpp_test_gen_invalid_key(struct wpabuf *msg, const struct dpp_curve_params *curve);
+char * dpp_corrupt_connector_signature(const char *connector);
+#endif /* CONFIG_TESTING_OPTIONS */
+
 #ifdef CONFIG_ESP_WIFI_DPP_SUPPORT
 bool is_dpp_enabled(void);
 #else