diff --git a/examples/demo/client/wh_demo_client_keywrap.c b/examples/demo/client/wh_demo_client_keywrap.c index 1f404e72..dcef0a1f 100644 --- a/examples/demo/client/wh_demo_client_keywrap.c +++ b/examples/demo/client/wh_demo_client_keywrap.c @@ -79,6 +79,7 @@ int wh_DemoClient_AesGcmKeyWrap(whClientContext* client) WC_RNG rng[1]; uint8_t key[WH_DEMO_KEYWRAP_AES_KEYSIZE]; uint8_t exportedKey[WH_DEMO_KEYWRAP_AES_KEYSIZE]; + uint16_t exportedKeySz = sizeof(exportedKey); whNvmMetadata metadata = { .id = WH_CLIENT_KEYID_MAKE_WRAPPED_META( client->comm->client_id, WH_DEMO_KEYWRAP_AESGCM_WRAPKEY_ID), @@ -88,6 +89,7 @@ int wh_DemoClient_AesGcmKeyWrap(whClientContext* client) .len = WH_DEMO_KEYWRAP_AES_KEYSIZE}; whNvmMetadata exportedMetadata; uint8_t wrappedKey[WH_DEMO_KEYWRAP_AES_WRAPPED_KEYSIZE]; + uint16_t wrappedKeySz = sizeof(wrappedKey); whKeyId wrappedKeyId; const uint8_t plaintext[] = "hello, wolfSSL AES-GCM!"; @@ -131,9 +133,9 @@ int wh_DemoClient_AesGcmKeyWrap(whClientContext* client) /* Now we request the server to wrap the key using the KEK we * establish above in the first step. */ - ret = wh_Client_KeyWrap(client, WC_CIPHER_AES_GCM, WH_DEMO_KEYWRAP_KEKID, - key, sizeof(key), &metadata, wrappedKey, - sizeof(wrappedKey)); + ret = + wh_Client_KeyWrap(client, WC_CIPHER_AES_GCM, WH_DEMO_KEYWRAP_KEKID, key, + sizeof(key), &metadata, wrappedKey, &wrappedKeySz); if (ret != 0) { WOLFHSM_CFG_PRINTF("Failed to wh_Client_KeyWrap %d\n", ret); goto cleanup_rng; @@ -212,10 +214,9 @@ int wh_DemoClient_AesGcmKeyWrap(whClientContext* client) /* Exporting a wrapped key */ /* Request the server to unwrap and export the wrapped key we created */ - ret = wh_Client_KeyUnwrapAndExport(client, WC_CIPHER_AES_GCM, - WH_DEMO_KEYWRAP_KEKID, wrappedKey, - sizeof(wrappedKey), &exportedMetadata, - exportedKey, sizeof(exportedKey)); + ret = wh_Client_KeyUnwrapAndExport( + client, WC_CIPHER_AES_GCM, WH_DEMO_KEYWRAP_KEKID, wrappedKey, + sizeof(wrappedKey), &exportedMetadata, exportedKey, &exportedKeySz); if (ret != 0) { WOLFHSM_CFG_PRINTF("Failed to wh_Client_KeyUnwrapAndCache %d\n", ret); goto cleanup_aes; diff --git a/src/wh_client_keywrap.c b/src/wh_client_keywrap.c index 2a22625c..9b75ba5a 100644 --- a/src/wh_client_keywrap.c +++ b/src/wh_client_keywrap.c @@ -50,7 +50,7 @@ int wh_Client_KeyWrapRequest(whClientContext* ctx, int wh_Client_KeyWrapResponse(whClientContext* ctx, enum wc_CipherType cipherType, - void* wrappedKeyOut, uint16_t wrappedKeySz) + void* wrappedKeyOut, uint16_t* wrappedKeyInOutSz) { int ret; uint16_t group; @@ -59,7 +59,7 @@ int wh_Client_KeyWrapResponse(whClientContext* ctx, whMessageKeystore_KeyWrapResponse* resp = NULL; uint8_t* respData; - if (ctx == NULL || wrappedKeyOut == NULL) { + if (ctx == NULL || wrappedKeyOut == NULL || wrappedKeyInOutSz == NULL) { return WH_ERROR_BADARGS; } @@ -77,7 +77,7 @@ int wh_Client_KeyWrapResponse(whClientContext* ctx, } if (group != WH_MESSAGE_GROUP_KEY || action != WH_KEY_KEYWRAP || - size < sizeof(*resp) || size > sizeof(*resp) + wrappedKeySz || + size < sizeof(*resp) || size > sizeof(*resp) + resp->wrappedKeySz || resp->cipherType != cipherType) { return WH_ERROR_ABORTED; } @@ -85,10 +85,14 @@ int wh_Client_KeyWrapResponse(whClientContext* ctx, if (resp->rc != 0) { return resp->rc; } + else if (resp->wrappedKeySz > *wrappedKeyInOutSz) { + return WH_ERROR_BUFFER_SIZE; + } /* Copy the wrapped key from the response data into wrappedKeyOut */ respData = (uint8_t*)(resp + 1); - memcpy(wrappedKeyOut, respData, wrappedKeySz); + memcpy(wrappedKeyOut, respData, resp->wrappedKeySz); + *wrappedKeyInOutSz = resp->wrappedKeySz; return WH_ERROR_OK; } @@ -96,12 +100,12 @@ int wh_Client_KeyWrapResponse(whClientContext* ctx, int wh_Client_KeyWrap(whClientContext* ctx, enum wc_CipherType cipherType, uint16_t serverKeyId, void* keyIn, uint16_t keySz, whNvmMetadata* metadataIn, void* wrappedKeyOut, - uint16_t wrappedKeySz) + uint16_t* wrappedKeySz) { int ret = WH_ERROR_OK; if (ctx == NULL || keyIn == NULL || metadataIn == NULL || - wrappedKeyOut == NULL) { + wrappedKeyOut == NULL || wrappedKeySz == NULL) { return WH_ERROR_BADARGS; } @@ -159,7 +163,7 @@ int wh_Client_KeyUnwrapAndExportRequest(whClientContext* ctx, int wh_Client_KeyUnwrapAndExportResponse(whClientContext* ctx, enum wc_CipherType cipherType, whNvmMetadata* metadataOut, - void* keyOut, uint16_t keySz) + void* keyOut, uint16_t* keyInOutSz) { int ret; uint16_t group; @@ -168,7 +172,8 @@ int wh_Client_KeyUnwrapAndExportResponse(whClientContext* ctx, whMessageKeystore_KeyUnwrapAndExportResponse* resp = NULL; uint8_t* respData; - if (ctx == NULL || metadataOut == NULL || keyOut == NULL) { + if (ctx == NULL || metadataOut == NULL || keyOut == NULL || + keyInOutSz == NULL) { return WH_ERROR_BADARGS; } @@ -188,7 +193,7 @@ int wh_Client_KeyUnwrapAndExportResponse(whClientContext* ctx, if (group != WH_MESSAGE_GROUP_KEY || action != WH_KEY_KEYUNWRAPEXPORT || size < sizeof(*resp) || - size > sizeof(*resp) + sizeof(*metadataOut) + keySz || + size > sizeof(*resp) + sizeof(*metadataOut) + resp->keySz || resp->cipherType != cipherType) { return WH_ERROR_ABORTED; } @@ -196,7 +201,7 @@ int wh_Client_KeyUnwrapAndExportResponse(whClientContext* ctx, if (resp->rc != WH_ERROR_OK) { return resp->rc; } - else if (resp->keySz != keySz) { + else if (resp->keySz > *keyInOutSz) { return WH_ERROR_BUFFER_SIZE; } @@ -204,7 +209,8 @@ int wh_Client_KeyUnwrapAndExportResponse(whClientContext* ctx, * keyOut */ respData = (uint8_t*)(resp + 1); memcpy(metadataOut, respData, sizeof(*metadataOut)); - memcpy(keyOut, respData + sizeof(*metadataOut), keySz); + memcpy(keyOut, respData + sizeof(*metadataOut), resp->keySz); + *keyInOutSz = resp->keySz; return WH_ERROR_OK; } @@ -214,12 +220,12 @@ int wh_Client_KeyUnwrapAndExport(whClientContext* ctx, uint16_t serverKeyId, void* wrappedKeyIn, uint16_t wrappedKeySz, whNvmMetadata* metadataOut, void* keyOut, - uint16_t keySz) + uint16_t* keyInOutSz) { int ret = WH_ERROR_OK; if (ctx == NULL || wrappedKeyIn == NULL || metadataOut == NULL || - keyOut == NULL) + keyOut == NULL || keyInOutSz == NULL) return WH_ERROR_BADARGS; ret = wh_Client_KeyUnwrapAndExportRequest(ctx, cipherType, serverKeyId, @@ -230,7 +236,7 @@ int wh_Client_KeyUnwrapAndExport(whClientContext* ctx, do { ret = wh_Client_KeyUnwrapAndExportResponse(ctx, cipherType, metadataOut, - keyOut, keySz); + keyOut, keyInOutSz); } while (ret == WH_ERROR_NOTREADY); return ret; @@ -372,7 +378,7 @@ int wh_Client_DataWrapRequest(whClientContext* ctx, int wh_Client_DataWrapResponse(whClientContext* ctx, enum wc_CipherType cipherType, - void* wrappedDataOut, uint32_t wrappedDataSz) + void* wrappedDataOut, uint32_t* wrappedDataSz) { int ret; uint16_t group; @@ -381,7 +387,7 @@ int wh_Client_DataWrapResponse(whClientContext* ctx, whMessageKeystore_DataWrapResponse* resp = NULL; uint8_t* respData; - if (ctx == NULL || wrappedDataOut == NULL) { + if (ctx == NULL || wrappedDataOut == NULL || wrappedDataSz == NULL) { return WH_ERROR_BADARGS; } @@ -399,8 +405,7 @@ int wh_Client_DataWrapResponse(whClientContext* ctx, } if (group != WH_MESSAGE_GROUP_KEY || action != WH_KEY_DATAWRAP || - size < sizeof(*resp) || size > sizeof(*resp) + wrappedDataSz || - resp->wrappedDataSz != wrappedDataSz || + size < sizeof(*resp) || size > sizeof(*resp) + resp->wrappedDataSz || resp->cipherType != cipherType) { return WH_ERROR_ABORTED; } @@ -408,20 +413,25 @@ int wh_Client_DataWrapResponse(whClientContext* ctx, if (resp->rc != 0) { return resp->rc; } + else if (resp->wrappedDataSz > *wrappedDataSz) { + return WH_ERROR_BUFFER_SIZE; + } /* Copy the wrapped key from the response data into wrappedKeyOut */ respData = (uint8_t*)(resp + 1); - memcpy(wrappedDataOut, respData, wrappedDataSz); + memcpy(wrappedDataOut, respData, resp->wrappedDataSz); + *wrappedDataSz = resp->wrappedDataSz; return WH_ERROR_OK; } int wh_Client_DataWrap(whClientContext* ctx, enum wc_CipherType cipherType, uint16_t serverKeyId, void* dataIn, uint32_t dataInSz, - void* wrappedDataOut, uint32_t wrappedDataOutSz) + void* wrappedDataOut, uint32_t* wrappedDataInOutSz) { int ret; - if (ctx == NULL || wrappedDataOut == NULL || dataIn == NULL) { + if (ctx == NULL || wrappedDataOut == NULL || dataIn == NULL || + wrappedDataInOutSz == NULL) { return WH_ERROR_BADARGS; } @@ -433,7 +443,7 @@ int wh_Client_DataWrap(whClientContext* ctx, enum wc_CipherType cipherType, do { ret = wh_Client_DataWrapResponse(ctx, cipherType, wrappedDataOut, - wrappedDataOutSz); + wrappedDataInOutSz); } while (ret == WH_ERROR_NOTREADY); @@ -476,7 +486,7 @@ int wh_Client_DataUnwrapRequest(whClientContext* ctx, int wh_Client_DataUnwrapResponse(whClientContext* ctx, enum wc_CipherType cipherType, void* dataOut, - uint32_t dataSz) + uint32_t* dataSz) { int ret; uint16_t group; @@ -485,7 +495,7 @@ int wh_Client_DataUnwrapResponse(whClientContext* ctx, whMessageKeystore_DataUnwrapResponse* resp = NULL; uint8_t* respData; - if (ctx == NULL || dataOut == NULL) { + if (ctx == NULL || dataOut == NULL || dataSz == NULL) { return WH_ERROR_BADARGS; } @@ -503,28 +513,33 @@ int wh_Client_DataUnwrapResponse(whClientContext* ctx, } if (group != WH_MESSAGE_GROUP_KEY || action != WH_KEY_DATAUNWRAP || - size < sizeof(*resp) || size > sizeof(*resp) + dataSz || - resp->dataSz != dataSz || resp->cipherType != cipherType) { + size < sizeof(*resp) || size > sizeof(*resp) + resp->dataSz || + resp->cipherType != cipherType) { return WH_ERROR_ABORTED; } if (resp->rc != 0) { return resp->rc; } + else if (resp->dataSz > *dataSz) { + return WH_ERROR_BUFFER_SIZE; + } /* Copy the wrapped key from the response data into wrappedKeyOut */ respData = (uint8_t*)(resp + 1); - memcpy(dataOut, respData, dataSz); + memcpy(dataOut, respData, resp->dataSz); + *dataSz = resp->dataSz; return WH_ERROR_OK; } int wh_Client_DataUnwrap(whClientContext* ctx, enum wc_CipherType cipherType, uint16_t serverKeyId, void* wrappedDataIn, uint32_t wrappedDataInSz, void* dataOut, - uint32_t dataOutSz) + uint32_t* dataInOutSz) { int ret; - if (ctx == NULL || wrappedDataIn == NULL || dataOut == NULL) { + if (ctx == NULL || wrappedDataIn == NULL || dataOut == NULL || + dataInOutSz == NULL) { return WH_ERROR_BADARGS; } @@ -535,7 +550,8 @@ int wh_Client_DataUnwrap(whClientContext* ctx, enum wc_CipherType cipherType, } do { - ret = wh_Client_DataUnwrapResponse(ctx, cipherType, dataOut, dataOutSz); + ret = + wh_Client_DataUnwrapResponse(ctx, cipherType, dataOut, dataInOutSz); } while (ret == WH_ERROR_NOTREADY); diff --git a/src/wh_server_keystore.c b/src/wh_server_keystore.c index aa68a342..dcfd2479 100644 --- a/src/wh_server_keystore.c +++ b/src/wh_server_keystore.c @@ -706,8 +706,8 @@ static int _AesGcmKeyWrap(whServerContext* server, whKeyId serverKeyId, { int ret = 0; Aes aes[1]; - uint8_t authTag[WOLFHSM_KEYWRAP_AES_GCM_TAG_SIZE]; - uint8_t iv[WOLFHSM_KEYWRAP_AES_GCM_IV_SIZE]; + uint8_t authTag[WH_KEYWRAP_AES_GCM_TAG_SIZE]; + uint8_t iv[WH_KEYWRAP_AES_GCM_IV_SIZE]; uint8_t* serverKey; uint32_t serverKeySz; whNvmMetadata* serverKeyMetadata; @@ -791,8 +791,8 @@ static int _AesGcmKeyUnwrap(whServerContext* server, uint16_t serverKeyId, { int ret = 0; Aes aes[1]; - uint8_t authTag[WOLFHSM_KEYWRAP_AES_GCM_TAG_SIZE]; - uint8_t iv[WOLFHSM_KEYWRAP_AES_GCM_IV_SIZE]; + uint8_t authTag[WH_KEYWRAP_AES_GCM_TAG_SIZE]; + uint8_t iv[WH_KEYWRAP_AES_GCM_IV_SIZE]; uint8_t* serverKey; uint32_t serverKeySz; whNvmMetadata* serverKeyMetadata; @@ -858,8 +858,8 @@ static int _AesGcmDataWrap(whServerContext* server, whKeyId serverKeyId, { int ret = 0; Aes aes[1]; - uint8_t authTag[WOLFHSM_KEYWRAP_AES_GCM_TAG_SIZE]; - uint8_t iv[WOLFHSM_KEYWRAP_AES_GCM_IV_SIZE]; + uint8_t authTag[WH_KEYWRAP_AES_GCM_TAG_SIZE]; + uint8_t iv[WH_KEYWRAP_AES_GCM_IV_SIZE]; uint8_t* serverKey; uint32_t serverKeySz; whNvmMetadata* serverKeyMetadata; @@ -927,8 +927,8 @@ static int _AesGcmDataUnwrap(whServerContext* server, uint16_t serverKeyId, { int ret = 0; Aes aes[1]; - uint8_t authTag[WOLFHSM_KEYWRAP_AES_GCM_TAG_SIZE]; - uint8_t iv[WOLFHSM_KEYWRAP_AES_GCM_IV_SIZE]; + uint8_t authTag[WH_KEYWRAP_AES_GCM_TAG_SIZE]; + uint8_t iv[WH_KEYWRAP_AES_GCM_IV_SIZE]; uint8_t* serverKey; uint32_t serverKeySz; whNvmMetadata* serverKeyMetadata; @@ -1030,9 +1030,8 @@ static int _HandleKeyWrapRequest(whServerContext* server, #ifndef NO_AES #ifdef HAVE_AESGCM case WC_CIPHER_AES_GCM: { - uint16_t wrappedKeySz = WOLFHSM_KEYWRAP_AES_GCM_IV_SIZE + - WOLFHSM_KEYWRAP_AES_GCM_TAG_SIZE + - sizeof(metadata) + req->keySz; + uint16_t wrappedKeySz = + WH_KEYWRAP_AES_GCM_HEADER_SIZE + sizeof(metadata) + req->keySz; /* Check if the response data can fit the wrapped key */ if (respDataSz < wrappedKeySz) { @@ -1104,9 +1103,8 @@ static int _HandleKeyUnwrapAndExportRequest( #ifndef NO_AES #ifdef HAVE_AESGCM case WC_CIPHER_AES_GCM: { - uint16_t keySz = - req->wrappedKeySz - WOLFHSM_KEYWRAP_AES_GCM_IV_SIZE - - WOLFHSM_KEYWRAP_AES_GCM_TAG_SIZE - sizeof(*metadata); + uint16_t keySz = req->wrappedKeySz - + WH_KEYWRAP_AES_GCM_HEADER_SIZE - sizeof(*metadata); /* Check if the response data can fit the metadata + key */ if (respDataSz < sizeof(*metadata) + keySz) { @@ -1120,8 +1118,19 @@ static int _HandleKeyUnwrapAndExportRequest( return ret; } - /* Ensure unwrapped metadata has the wrapped flag set */ - if (!WH_KEYID_ISWRAPPED(metadata->id)) { + /* Dynamic keyId generation for wrapped keys is not allowed */ + if (WH_KEYID_ISERASED(metadata->id)) { + /* Wrapped keys must use explicit identifiers */ + return WH_ERROR_BADARGS; + } + + /* Extract ownership from unwrapped metadata (preserves original + * owner) */ + uint16_t wrappedKeyUser = WH_KEYID_USER(metadata->id); + uint16_t wrappedKeyType = WH_KEYID_TYPE(metadata->id); + + /* Require explicit wrapped-key encoding */ + if (wrappedKeyType != WH_KEYTYPE_WRAPPED) { return WH_ERROR_ABORTED; } @@ -1130,20 +1139,17 @@ static int _HandleKeyUnwrapAndExportRequest( return WH_ERROR_ACCESS; } - /* Validate client ownership. - * The USER field in wrapped key metadata specifies the owner. - * Only the owning client can export wrapped keys. */ - uint16_t keyUser = WH_KEYID_USER(metadata->id); - + /* Validate ownership: USER field must match requesting client. + * The USER field specifies who owns this wrapped key. */ #ifdef WOLFHSM_CFG_GLOBAL_KEYS /* Global keys (USER=0) can be exported by any client */ - if (keyUser != WH_KEYUSER_GLOBAL && - keyUser != server->comm->client_id) { + if (wrappedKeyUser != WH_KEYUSER_GLOBAL && + wrappedKeyUser != server->comm->client_id) { return WH_ERROR_ACCESS; } #else /* Without global keys, USER must match requesting client */ - if (keyUser != server->comm->client_id) { + if (wrappedKeyUser != server->comm->client_id) { return WH_ERROR_ACCESS; } #endif /* WOLFHSM_CFG_GLOBAL_KEYS */ @@ -1206,8 +1212,8 @@ static int _HandleKeyUnwrapAndCacheRequest( #ifndef NO_AES #ifdef HAVE_AESGCM case WC_CIPHER_AES_GCM: { - keySz = req->wrappedKeySz - WOLFHSM_KEYWRAP_AES_GCM_IV_SIZE - - WOLFHSM_KEYWRAP_AES_GCM_TAG_SIZE - sizeof(metadata); + keySz = req->wrappedKeySz - WH_KEYWRAP_AES_GCM_HEADER_SIZE - + sizeof(metadata); resp->cipherType = WC_CIPHER_AES_GCM; ret = _AesGcmKeyUnwrap(server, serverKeyId, wrappedKey, @@ -1315,9 +1321,8 @@ static int _HandleDataWrapRequest(whServerContext* server, #ifndef NO_AES #ifdef HAVE_AESGCM case WC_CIPHER_AES_GCM: { - uint16_t wrappedDataSz = WOLFHSM_KEYWRAP_AES_GCM_IV_SIZE + - WOLFHSM_KEYWRAP_AES_GCM_TAG_SIZE + - req->dataSz; + uint16_t wrappedDataSz = + WH_KEYWRAP_AES_GCM_HEADER_SIZE + req->dataSz; /* Check if the response data can fit the wrapped data */ if (respDataSz < wrappedDataSz) { @@ -1389,9 +1394,8 @@ static int _HandleDataUnwrapRequest(whServerContext* server, #ifndef NO_AES #ifdef HAVE_AESGCM case WC_CIPHER_AES_GCM: { - uint16_t dataSz = req->wrappedDataSz - - WOLFHSM_KEYWRAP_AES_GCM_IV_SIZE - - WOLFHSM_KEYWRAP_AES_GCM_TAG_SIZE; + uint16_t dataSz = + req->wrappedDataSz - WH_KEYWRAP_AES_GCM_HEADER_SIZE; /* Check if the response data can fit the unwrapped data */ if (respDataSz < dataSz) { diff --git a/test/wh_test_crypto.c b/test/wh_test_crypto.c index 74ca5d96..174950f1 100644 --- a/test/wh_test_crypto.c +++ b/test/wh_test_crypto.c @@ -4138,6 +4138,7 @@ int whTest_CryptoKeyUsagePolicies(whClientContext* client, WC_RNG* rng) uint8_t kek[32] = {0}; uint8_t dataKey[32] = {0}; uint8_t wrappedKey[256] = {0}; + uint16_t wrappedKeySz = sizeof(wrappedKey); whKeyId kekId = WH_KEYID_ERASED; const whKeyId wrappedId = 1; whNvmMetadata meta = {0}; @@ -4162,7 +4163,7 @@ int whTest_CryptoKeyUsagePolicies(whClientContext* client, WC_RNG* rng) /* Try to wrap - should fail */ ret = wh_Client_KeyWrap(client, WC_CIPHER_AES_GCM, kekId, dataKey, sizeof(dataKey), &meta, - wrappedKey, sizeof(wrappedKey)); + wrappedKey, &wrappedKeySz); if (ret == WH_ERROR_USAGE) { WH_TEST_PRINT(" PASS: Correctly denied key wrapping\n"); ret = 0; /* Test passed */ diff --git a/test/wh_test_keywrap.c b/test/wh_test_keywrap.c index 8ba818ac..6d675217 100644 --- a/test/wh_test_keywrap.c +++ b/test/wh_test_keywrap.c @@ -39,18 +39,18 @@ #include "wolfhsm/wh_client_crypto.h" /* Common defines */ -#define WH_TEST_KEKID 1 +#define WH_TEST_KEKID 10 /* AES GCM Specific defines */ #ifdef HAVE_AESGCM #define WH_TEST_AESGCM_KEY_OFFSET 0x1000 -#define WH_TEST_AESGCM_KEYID 2 +#define WH_TEST_AESGCM_KEYID 20 #define WH_TEST_AES_KEYSIZE 32 #define WH_TEST_AES_TEXTSIZE 16 -#define WH_TEST_AES_WRAPPED_KEYSIZE \ - (WOLFHSM_KEYWRAP_AES_GCM_IV_SIZE + WOLFHSM_KEYWRAP_AES_GCM_TAG_SIZE + \ - WH_TEST_AES_KEYSIZE + sizeof(whNvmMetadata)) +#define WH_TEST_AES_WRAPPED_KEYSIZE \ + (WH_KEYWRAP_AES_GCM_HEADER_SIZE + WH_TEST_AES_KEYSIZE + \ + sizeof(whNvmMetadata)) #endif /* HAVE_AESGCM */ @@ -84,7 +84,9 @@ static int _AesGcm_TestKeyWrap(whClientContext* client, WC_RNG* rng) int ret = 0; uint8_t plainKey[WH_TEST_AES_KEYSIZE]; uint8_t tmpPlainKey[WH_TEST_AES_KEYSIZE]; + uint16_t tmpPlainKeySz = sizeof(tmpPlainKey); uint8_t wrappedKey[WH_TEST_AES_WRAPPED_KEYSIZE]; + uint16_t wrappedKeySz = sizeof(wrappedKey); whKeyId wrappedKeyId = WH_KEYID_ERASED; whNvmMetadata metadata = { .id = WH_CLIENT_KEYID_MAKE_WRAPPED_META(client->comm->client_id, @@ -100,8 +102,8 @@ static int _AesGcm_TestKeyWrap(whClientContext* client, WC_RNG* rng) uint8_t ciphertext[sizeof(plaintext)]; uint8_t decrypted[sizeof(plaintext)]; - uint8_t tag[WOLFHSM_KEYWRAP_AES_GCM_TAG_SIZE]; - uint8_t iv[WOLFHSM_KEYWRAP_AES_GCM_IV_SIZE]; + uint8_t tag[WH_KEYWRAP_AES_GCM_TAG_SIZE]; + uint8_t iv[WH_KEYWRAP_AES_GCM_IV_SIZE]; const uint8_t aad[] = {0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, 0xab, 0xad, 0xda, 0xd2}; @@ -115,15 +117,14 @@ static int _AesGcm_TestKeyWrap(whClientContext* client, WC_RNG* rng) ret = wh_Client_KeyWrap(client, WC_CIPHER_AES_GCM, WH_TEST_KEKID, plainKey, sizeof(plainKey), &metadata, wrappedKey, - sizeof(wrappedKey)); + &wrappedKeySz); if (ret != 0) { WH_ERROR_PRINT("Failed to wh_Client_AesGcmKeyWrap %d\n", ret); return ret; } ret = wh_Client_KeyUnwrapAndCache(client, WC_CIPHER_AES_GCM, WH_TEST_KEKID, - wrappedKey, sizeof(wrappedKey), - &wrappedKeyId); + wrappedKey, wrappedKeySz, &wrappedKeyId); if (ret != 0) { WH_ERROR_PRINT("Failed to wh_Client_AesGcmKeyWrapCache %d\n", ret); return ret; @@ -178,12 +179,11 @@ static int _AesGcm_TestKeyWrap(whClientContext* client, WC_RNG* rng) return -1; } - ret = wh_Client_KeyUnwrapAndExport( - client, WC_CIPHER_AES_GCM, WH_TEST_KEKID, wrappedKey, - sizeof(wrappedKey), &tmpMetadata, tmpPlainKey, sizeof(tmpPlainKey)); + ret = wh_Client_KeyUnwrapAndExport(client, WC_CIPHER_AES_GCM, WH_TEST_KEKID, + wrappedKey, wrappedKeySz, &tmpMetadata, + tmpPlainKey, &tmpPlainKeySz); if (ret != 0) { - WH_ERROR_PRINT("Failed to wh_Client_AesGcmKeyUnwrapAndExport %d\n", - ret); + WH_ERROR_PRINT("Failed to wh_Client_KeyUnwrapAndExport %d\n", ret); return ret; } @@ -230,11 +230,12 @@ static int _AesGcm_TestDataWrap(whClientContext* client) int ret = 0; uint8_t data[] = "Example data!"; uint8_t unwrappedData[sizeof(data)] = {0}; - uint8_t wrappedData[sizeof(data) + WOLFHSM_KEYWRAP_AES_GCM_IV_SIZE + - WOLFHSM_KEYWRAP_AES_GCM_TAG_SIZE] = {0}; + uint32_t unwrappedDataSz = sizeof(unwrappedData); + uint8_t wrappedData[sizeof(data) + WH_KEYWRAP_AES_GCM_HEADER_SIZE] = {0}; + uint32_t wrappedDataSz = sizeof(wrappedData); ret = wh_Client_DataWrap(client, WC_CIPHER_AES_GCM, WH_TEST_KEKID, data, - sizeof(data), wrappedData, sizeof(wrappedData)); + sizeof(data), wrappedData, &wrappedDataSz); if (ret != WH_ERROR_OK) { WH_ERROR_PRINT("Failed to wh_Client_DataWrap %d\n", ret); return ret; @@ -242,7 +243,7 @@ static int _AesGcm_TestDataWrap(whClientContext* client) ret = wh_Client_DataUnwrap(client, WC_CIPHER_AES_GCM, WH_TEST_KEKID, wrappedData, sizeof(wrappedData), unwrappedData, - sizeof(unwrappedData)); + &unwrappedDataSz); if (ret != WH_ERROR_OK) { WH_ERROR_PRINT("Failed to wh_Client_DataUnwrap %d\n", ret); return ret; diff --git a/test/wh_test_multiclient.c b/test/wh_test_multiclient.c index 64c5f4c4..54114cf6 100644 --- a/test/wh_test_multiclient.c +++ b/test/wh_test_multiclient.c @@ -531,7 +531,9 @@ static int _testGlobalKeyWrapExport(whClientContext* client1, /* Wrapped key size = IV(12) + TAG(16) + KEYSIZE(32) + metadata */ #define WRAPPED_KEY_SIZE (12 + 16 + AES_256_KEY_SIZE + sizeof(whNvmMetadata)) uint8_t wrappedKey[WRAPPED_KEY_SIZE] = {0}; + uint16_t wrappedKeySz = sizeof(wrappedKey); uint8_t unwrappedKey[AES_256_KEY_SIZE] = {0}; + uint16_t unwrappedKeySz = sizeof(unwrappedKey); whNvmMetadata meta = {0}; WH_TEST_PRINT("Test: Key wrap with global server key\n"); @@ -553,7 +555,7 @@ static int _testGlobalKeyWrapExport(whClientContext* client1, sizeof(plainKey), &meta)); WH_TEST_RETURN_ON_FAIL(wh_Server_HandleRequestMessage(server2)); WH_TEST_RETURN_ON_FAIL(wh_Client_KeyWrapResponse( - client2, WC_CIPHER_AES_GCM, wrappedKey, sizeof(wrappedKey))); + client2, WC_CIPHER_AES_GCM, wrappedKey, &wrappedKeySz)); /* Client 1 unwraps the key using the same global server key */ WH_TEST_RETURN_ON_FAIL(wh_Client_KeyUnwrapAndExportRequest( @@ -561,7 +563,7 @@ static int _testGlobalKeyWrapExport(whClientContext* client1, sizeof(wrappedKey))); WH_TEST_RETURN_ON_FAIL(wh_Server_HandleRequestMessage(server1)); WH_TEST_RETURN_ON_FAIL(wh_Client_KeyUnwrapAndExportResponse( - client1, WC_CIPHER_AES_GCM, &meta, unwrappedKey, sizeof(unwrappedKey))); + client1, WC_CIPHER_AES_GCM, &meta, unwrappedKey, &unwrappedKeySz)); /* Verify the unwrapped key matches the original */ WH_TEST_ASSERT_RETURN(0 == @@ -597,6 +599,7 @@ static int _testGlobalKeyUnwrapCache(whClientContext* client1, uint8_t plainKey[AES_256_KEY_SIZE] = "KeyToCacheViaUnwrap123456!!"; #define WRAPPED_KEY_SIZE (12 + 16 + AES_256_KEY_SIZE + sizeof(whNvmMetadata)) uint8_t wrappedKey[WRAPPED_KEY_SIZE] = {0}; + uint16_t wrappedKeySz = sizeof(wrappedKey); uint8_t verifyBuf[AES_256_KEY_SIZE] = {0}; uint8_t label[WH_NVM_LABEL_LEN]; uint16_t labelSz = sizeof(label); @@ -623,7 +626,7 @@ static int _testGlobalKeyUnwrapCache(whClientContext* client1, sizeof(plainKey), &meta)); WH_TEST_RETURN_ON_FAIL(wh_Server_HandleRequestMessage(server1)); WH_TEST_RETURN_ON_FAIL(wh_Client_KeyWrapResponse( - client1, WC_CIPHER_AES_GCM, wrappedKey, sizeof(wrappedKey))); + client1, WC_CIPHER_AES_GCM, wrappedKey, &wrappedKeySz)); /* Client 2 unwraps and caches the key using the global server key */ serverKeyId = WH_CLIENT_KEYID_MAKE_GLOBAL(DUMMY_KEYID_1); @@ -683,7 +686,9 @@ static int _testWrappedKey_GlobalWrap_GlobalKey_Positive( uint8_t plainKey[AES_256_KEY_SIZE] = "GlobalPlainKey2Test7aXXXXXXXX!"; #define WRAPPED_KEY_SIZE (12 + 16 + AES_256_KEY_SIZE + sizeof(whNvmMetadata)) uint8_t wrappedKey[WRAPPED_KEY_SIZE] = {0}; + uint16_t wrappedKeySz = sizeof(wrappedKey); uint8_t unwrappedKey[AES_256_KEY_SIZE] = {0}; + uint16_t unwrappedKeySz = sizeof(unwrappedKey); whNvmMetadata meta = {0}; WH_TEST_DEBUG_PRINT("Test 7a: Global wrap key + Global wrapped key (Positive)\n"); @@ -705,7 +710,7 @@ static int _testWrappedKey_GlobalWrap_GlobalKey_Positive( sizeof(plainKey), &meta)); WH_TEST_RETURN_ON_FAIL(wh_Server_HandleRequestMessage(server2)); WH_TEST_RETURN_ON_FAIL(wh_Client_KeyWrapResponse( - client2, WC_CIPHER_AES_GCM, wrappedKey, sizeof(wrappedKey))); + client2, WC_CIPHER_AES_GCM, wrappedKey, &wrappedKeySz)); /* Client 1 unwraps and exports the global key */ WH_TEST_RETURN_ON_FAIL(wh_Client_KeyUnwrapAndExportRequest( @@ -713,7 +718,7 @@ static int _testWrappedKey_GlobalWrap_GlobalKey_Positive( sizeof(wrappedKey))); WH_TEST_RETURN_ON_FAIL(wh_Server_HandleRequestMessage(server1)); WH_TEST_RETURN_ON_FAIL(wh_Client_KeyUnwrapAndExportResponse( - client1, WC_CIPHER_AES_GCM, &meta, unwrappedKey, sizeof(unwrappedKey))); + client1, WC_CIPHER_AES_GCM, &meta, unwrappedKey, &unwrappedKeySz)); /* Verify the unwrapped key matches the original */ WH_TEST_ASSERT_RETURN(0 == @@ -747,7 +752,9 @@ static int _testWrappedKey_GlobalWrap_GlobalKey_NonExportable( uint8_t plainKey[AES_256_KEY_SIZE] = "GlobalPlainKey2Test7bXXXXXXXX!"; #define WRAPPED_KEY_SIZE (12 + 16 + AES_256_KEY_SIZE + sizeof(whNvmMetadata)) uint8_t wrappedKey[WRAPPED_KEY_SIZE] = {0}; + uint16_t wrappedKeySz = sizeof(wrappedKey); uint8_t unwrappedKey[AES_256_KEY_SIZE] = {0}; + uint16_t unwrappedKeySz = sizeof(unwrappedKey); whNvmMetadata meta = {0}; WH_TEST_DEBUG_PRINT("Test 7b: Global wrap key + Global wrapped key (Non-exportable)\n"); @@ -770,7 +777,7 @@ static int _testWrappedKey_GlobalWrap_GlobalKey_NonExportable( sizeof(plainKey), &meta)); WH_TEST_RETURN_ON_FAIL(wh_Server_HandleRequestMessage(server2)); WH_TEST_RETURN_ON_FAIL(wh_Client_KeyWrapResponse( - client2, WC_CIPHER_AES_GCM, wrappedKey, sizeof(wrappedKey))); + client2, WC_CIPHER_AES_GCM, wrappedKey, &wrappedKeySz)); /* Client 1 tries to unwrap and export - should fail */ WH_TEST_RETURN_ON_FAIL(wh_Client_KeyUnwrapAndExportRequest( @@ -778,7 +785,7 @@ static int _testWrappedKey_GlobalWrap_GlobalKey_NonExportable( sizeof(wrappedKey))); WH_TEST_RETURN_ON_FAIL(wh_Server_HandleRequestMessage(server1)); ret = wh_Client_KeyUnwrapAndExportResponse( - client1, WC_CIPHER_AES_GCM, &meta, unwrappedKey, sizeof(unwrappedKey)); + client1, WC_CIPHER_AES_GCM, &meta, unwrappedKey, &unwrappedKeySz); /* Should fail due to non-exportable flag */ WH_TEST_ASSERT_RETURN(ret != 0); @@ -812,7 +819,9 @@ static int _testWrappedKey_GlobalWrap_LocalKey_OwnerExport( uint8_t plainKey[AES_256_KEY_SIZE] = "LocalPlainKey2Test8aXXXXXXXXX!"; #define WRAPPED_KEY_SIZE (12 + 16 + AES_256_KEY_SIZE + sizeof(whNvmMetadata)) uint8_t wrappedKey[WRAPPED_KEY_SIZE] = {0}; + uint16_t wrappedKeySz = sizeof(wrappedKey); uint8_t unwrappedKey[AES_256_KEY_SIZE] = {0}; + uint16_t unwrappedKeySz = sizeof(unwrappedKey); whNvmMetadata meta = {0}; WH_TEST_DEBUG_PRINT("Test 8a: Global wrap key + Local wrapped key (Owner export)\n"); @@ -833,7 +842,7 @@ static int _testWrappedKey_GlobalWrap_LocalKey_OwnerExport( sizeof(plainKey), &meta)); WH_TEST_RETURN_ON_FAIL(wh_Server_HandleRequestMessage(server2)); WH_TEST_RETURN_ON_FAIL(wh_Client_KeyWrapResponse( - client2, WC_CIPHER_AES_GCM, wrappedKey, sizeof(wrappedKey))); + client2, WC_CIPHER_AES_GCM, wrappedKey, &wrappedKeySz)); /* Client 2 (owner) unwraps and exports the local key */ WH_TEST_RETURN_ON_FAIL(wh_Client_KeyUnwrapAndExportRequest( @@ -841,7 +850,7 @@ static int _testWrappedKey_GlobalWrap_LocalKey_OwnerExport( sizeof(wrappedKey))); WH_TEST_RETURN_ON_FAIL(wh_Server_HandleRequestMessage(server2)); WH_TEST_RETURN_ON_FAIL(wh_Client_KeyUnwrapAndExportResponse( - client2, WC_CIPHER_AES_GCM, &meta, unwrappedKey, sizeof(unwrappedKey))); + client2, WC_CIPHER_AES_GCM, &meta, unwrappedKey, &unwrappedKeySz)); /* Verify the unwrapped key matches the original */ WH_TEST_ASSERT_RETURN(0 == @@ -878,7 +887,9 @@ static int _testWrappedKey_GlobalWrap_LocalKey_NonOwnerFails( uint8_t plainKey[AES_256_KEY_SIZE] = "LocalPlainKey2Test8bXXXXXXXXX!"; #define WRAPPED_KEY_SIZE (12 + 16 + AES_256_KEY_SIZE + sizeof(whNvmMetadata)) uint8_t wrappedKey[WRAPPED_KEY_SIZE] = {0}; + uint16_t wrappedKeySz = sizeof(wrappedKey); uint8_t unwrappedKey[AES_256_KEY_SIZE] = {0}; + uint16_t unwrappedKeySz = sizeof(unwrappedKey); whNvmMetadata meta = {0}; whKeyId cachedKeyId = 0; @@ -900,7 +911,7 @@ static int _testWrappedKey_GlobalWrap_LocalKey_NonOwnerFails( sizeof(plainKey), &meta)); WH_TEST_RETURN_ON_FAIL(wh_Server_HandleRequestMessage(server2)); WH_TEST_RETURN_ON_FAIL(wh_Client_KeyWrapResponse( - client2, WC_CIPHER_AES_GCM, wrappedKey, sizeof(wrappedKey))); + client2, WC_CIPHER_AES_GCM, wrappedKey, &wrappedKeySz)); /* Client 1 (non-owner) tries to unwrap and export - should fail */ WH_TEST_RETURN_ON_FAIL(wh_Client_KeyUnwrapAndExportRequest( @@ -908,7 +919,7 @@ static int _testWrappedKey_GlobalWrap_LocalKey_NonOwnerFails( sizeof(wrappedKey))); WH_TEST_RETURN_ON_FAIL(wh_Server_HandleRequestMessage(server1)); ret = wh_Client_KeyUnwrapAndExportResponse( - client1, WC_CIPHER_AES_GCM, &meta, unwrappedKey, sizeof(unwrappedKey)); + client1, WC_CIPHER_AES_GCM, &meta, unwrappedKey, &unwrappedKeySz); /* Should fail - Client 1 is not the owner */ WH_TEST_ASSERT_RETURN(ret == WH_ERROR_ACCESS); @@ -953,7 +964,9 @@ static int _testWrappedKey_LocalWrap_LocalKey_SameOwner( uint8_t plainKey[AES_256_KEY_SIZE] = "LocalPlainKey2Test9aXXXXXXXXX!"; #define WRAPPED_KEY_SIZE (12 + 16 + AES_256_KEY_SIZE + sizeof(whNvmMetadata)) uint8_t wrappedKey[WRAPPED_KEY_SIZE] = {0}; + uint16_t wrappedKeySz = sizeof(wrappedKey); uint8_t unwrappedKey[AES_256_KEY_SIZE] = {0}; + uint16_t unwrappedKeySz = sizeof(unwrappedKey); whNvmMetadata meta = {0}; WH_TEST_DEBUG_PRINT("Test 9a: Local wrap key + Local wrapped key (Same owner)\n"); @@ -974,7 +987,7 @@ static int _testWrappedKey_LocalWrap_LocalKey_SameOwner( sizeof(plainKey), &meta)); WH_TEST_RETURN_ON_FAIL(wh_Server_HandleRequestMessage(server1)); WH_TEST_RETURN_ON_FAIL(wh_Client_KeyWrapResponse( - client1, WC_CIPHER_AES_GCM, wrappedKey, sizeof(wrappedKey))); + client1, WC_CIPHER_AES_GCM, wrappedKey, &wrappedKeySz)); /* Client 1 (owner) unwraps and exports the local key */ WH_TEST_RETURN_ON_FAIL(wh_Client_KeyUnwrapAndExportRequest( @@ -982,7 +995,7 @@ static int _testWrappedKey_LocalWrap_LocalKey_SameOwner( sizeof(wrappedKey))); WH_TEST_RETURN_ON_FAIL(wh_Server_HandleRequestMessage(server1)); WH_TEST_RETURN_ON_FAIL(wh_Client_KeyUnwrapAndExportResponse( - client1, WC_CIPHER_AES_GCM, &meta, unwrappedKey, sizeof(unwrappedKey))); + client1, WC_CIPHER_AES_GCM, &meta, unwrappedKey, &unwrappedKeySz)); /* Verify the unwrapped key matches the original */ WH_TEST_ASSERT_RETURN(0 == @@ -1021,7 +1034,9 @@ static int _testWrappedKey_LocalWrap_LocalKey_NoAccessWithoutWrapKey( uint8_t plainKey[AES_256_KEY_SIZE] = "LocalPlainKey2Test9bXXXXXXXXX!"; #define WRAPPED_KEY_SIZE (12 + 16 + AES_256_KEY_SIZE + sizeof(whNvmMetadata)) uint8_t wrappedKey[WRAPPED_KEY_SIZE] = {0}; + uint16_t wrappedKeySz = sizeof(wrappedKey); uint8_t unwrappedKey[AES_256_KEY_SIZE] = {0}; + uint16_t unwrappedKeySz = sizeof(unwrappedKey); whNvmMetadata meta = {0}; WH_TEST_DEBUG_PRINT( @@ -1043,7 +1058,7 @@ static int _testWrappedKey_LocalWrap_LocalKey_NoAccessWithoutWrapKey( sizeof(plainKey), &meta)); WH_TEST_RETURN_ON_FAIL(wh_Server_HandleRequestMessage(server1)); WH_TEST_RETURN_ON_FAIL(wh_Client_KeyWrapResponse( - client1, WC_CIPHER_AES_GCM, wrappedKey, sizeof(wrappedKey))); + client1, WC_CIPHER_AES_GCM, wrappedKey, &wrappedKeySz)); /* Client 2 tries to unwrap - should fail (no wrapping key) */ ret = wh_Client_KeyUnwrapAndExportRequest(client2, WC_CIPHER_AES_GCM, @@ -1051,9 +1066,8 @@ static int _testWrappedKey_LocalWrap_LocalKey_NoAccessWithoutWrapKey( sizeof(wrappedKey)); if (ret == 0) { WH_TEST_RETURN_ON_FAIL(wh_Server_HandleRequestMessage(server2)); - ret = wh_Client_KeyUnwrapAndExportResponse(client2, WC_CIPHER_AES_GCM, - &meta, unwrappedKey, - sizeof(unwrappedKey)); + ret = wh_Client_KeyUnwrapAndExportResponse( + client2, WC_CIPHER_AES_GCM, &meta, unwrappedKey, &unwrappedKeySz); } /* Should fail - Client 2 doesn't have the wrapping key */ @@ -1089,6 +1103,7 @@ static int _testWrappedKey_LocalWrap_GlobalKey_AnyCacheGlobal( uint8_t plainKey[AES_256_KEY_SIZE] = "GlobalPlainKey2Test10aXXXXXXX!"; #define WRAPPED_KEY_SIZE (12 + 16 + AES_256_KEY_SIZE + sizeof(whNvmMetadata)) uint8_t wrappedKey[WRAPPED_KEY_SIZE] = {0}; + uint16_t wrappedKeySz = sizeof(wrappedKey); uint8_t exportedKey[AES_256_KEY_SIZE] = {0}; uint8_t label[WH_NVM_LABEL_LEN]; uint16_t labelSz = sizeof(label); @@ -1115,7 +1130,7 @@ static int _testWrappedKey_LocalWrap_GlobalKey_AnyCacheGlobal( sizeof(plainKey), &meta)); WH_TEST_RETURN_ON_FAIL(wh_Server_HandleRequestMessage(server1)); WH_TEST_RETURN_ON_FAIL(wh_Client_KeyWrapResponse( - client1, WC_CIPHER_AES_GCM, wrappedKey, sizeof(wrappedKey))); + client1, WC_CIPHER_AES_GCM, wrappedKey, &wrappedKeySz)); /* Client 1 unwraps and caches to global cache */ WH_TEST_RETURN_ON_FAIL(wh_Client_KeyUnwrapAndCacheRequest( @@ -1169,7 +1184,9 @@ static int _testWrappedKey_LocalWrap_GlobalKey_NonOwnerNoWrapKey( uint8_t plainKey[AES_256_KEY_SIZE] = "GlobalPlainKey2Test10bXXXXXXX!"; #define WRAPPED_KEY_SIZE (12 + 16 + AES_256_KEY_SIZE + sizeof(whNvmMetadata)) uint8_t wrappedKey[WRAPPED_KEY_SIZE] = {0}; + uint16_t wrappedKeySz = sizeof(wrappedKey); uint8_t unwrappedKey[AES_256_KEY_SIZE] = {0}; + uint16_t unwrappedKeySz = sizeof(unwrappedKey); whNvmMetadata meta = {0}; WH_TEST_DEBUG_PRINT("Test 10b: Local wrap key + Global wrapped key (No wrap key)\n"); @@ -1191,7 +1208,7 @@ static int _testWrappedKey_LocalWrap_GlobalKey_NonOwnerNoWrapKey( sizeof(plainKey), &meta)); WH_TEST_RETURN_ON_FAIL(wh_Server_HandleRequestMessage(server1)); WH_TEST_RETURN_ON_FAIL(wh_Client_KeyWrapResponse( - client1, WC_CIPHER_AES_GCM, wrappedKey, sizeof(wrappedKey))); + client1, WC_CIPHER_AES_GCM, wrappedKey, &wrappedKeySz)); /* Client 2 tries to unwrap - should fail (no wrapping key) */ ret = wh_Client_KeyUnwrapAndExportRequest(client2, WC_CIPHER_AES_GCM, @@ -1199,9 +1216,8 @@ static int _testWrappedKey_LocalWrap_GlobalKey_NonOwnerNoWrapKey( sizeof(wrappedKey)); if (ret == 0) { WH_TEST_RETURN_ON_FAIL(wh_Server_HandleRequestMessage(server2)); - ret = wh_Client_KeyUnwrapAndExportResponse(client2, WC_CIPHER_AES_GCM, - &meta, unwrappedKey, - sizeof(unwrappedKey)); + ret = wh_Client_KeyUnwrapAndExportResponse( + client2, WC_CIPHER_AES_GCM, &meta, unwrappedKey, &unwrappedKeySz); } /* Should fail - Client 2 doesn't have the wrapping key */ diff --git a/wolfhsm/wh_client.h b/wolfhsm/wh_client.h index 27e5fc49..8109c711 100644 --- a/wolfhsm/wh_client.h +++ b/wolfhsm/wh_client.h @@ -884,13 +884,15 @@ int wh_Client_KeyExportDma(whClientContext* c, uint16_t keyId, * @param[in] keySz The size in bytes of the key material to wrap. * @param[in] metadataIn Pointer to the metadata for the wrapped key. * @param[out] wrappedKeyOut Pointer to store the wrapped key. - * @param[in] wrappedKeySz Size of the wrappedKeyOut buffer. + * @param[in/out] wrappedKeyInOutSz IN: Size of wrappedKeyOut in bytes. + * OUT: Size of the total wrapped key object + * returned by the server. OUT may be less than IN. * @return int Returns 0 on success, or a negative error code on failure. */ int wh_Client_KeyWrap(whClientContext* ctx, enum wc_CipherType cipherType, uint16_t serverKeyId, void* keyIn, uint16_t keySz, whNvmMetadata* metadataIn, void* wrappedKeyOut, - uint16_t wrappedKeySz); + uint16_t* wrappedKeyInOutSz); /** * @brief Sends a key wrap request to the server @@ -924,12 +926,14 @@ int wh_Client_KeyWrapRequest(whClientContext* ctx, * @param[in] ctx Pointer to the client context. * @param[in] cipherType Cipher used to wrap the key. * @param[out] wrappedKeyOut Pointer to store the wrapped key. - * @param[in] wrappedKeySz Size of the wrappedKeyOut buffer. + * @param[in/out] wrappedKeyInOutSz IN: Size of the wrappedKeyOut buffer. + * OUT: Size of the wrapped key object. + * OUT may be less than IN * @return int Returns 0 on success, or a negative error code on failure. */ int wh_Client_KeyWrapResponse(whClientContext* ctx, enum wc_CipherType cipherType, - void* wrappedKeyOut, uint16_t wrappedKeySz); + void* wrappedKeyOut, uint16_t* wrappedKeyInOutSz); /** * @brief Requests the server to unwrap and export a wrapped key and receives @@ -948,7 +952,9 @@ int wh_Client_KeyWrapResponse(whClientContext* ctx, * @param[in] wrappedKeySz The size in bytes of the wrapped key data. * @param[out] metadataOut Pointer to store the unwrapped key metadata. * @param[out] keyOut Pointer to store the unwrapped key. - * @param[in] keySz Size of the keyOut buffer. + * @param[in/out] keyInOutSz IN: Size of the keyOut buffer. + * OUT: Size of the exported key returned by the + * server. OUT may be less than IN. * @return int Returns 0 on success, or a negative error code on failure. */ int wh_Client_KeyUnwrapAndExport(whClientContext* ctx, @@ -956,7 +962,7 @@ int wh_Client_KeyUnwrapAndExport(whClientContext* ctx, uint16_t serverKeyId, void* wrappedKeyIn, uint16_t wrappedKeySz, whNvmMetadata* metadataOut, void* keyOut, - uint16_t keySz); + uint16_t* keyInOutSz); /** * @brief Requests the server to unwrap-and-export a wrapped key @@ -992,13 +998,15 @@ int wh_Client_KeyUnwrapAndExportRequest(whClientContext* ctx, * @param[in] cipherType Cipher used when for unwrapping the key. * @param[out] metadataOut Pointer to store the unwrapped key metadata. * @param[out] keyOut Pointer to store the unwrapped key. - * @param[in] keySz Size of the keyOut buffer. + * @param[in/out] keyInOutSz IN: Size of the keyOut buffer. + * OUT: Size of the exported key returned by the + * server. OUT may be less than IN. * @return int Returns 0 on success, or a negative error code on failure. */ int wh_Client_KeyUnwrapAndExportResponse(whClientContext* ctx, enum wc_CipherType cipherType, whNvmMetadata* metadataOut, - void* keyOut, uint16_t keySz); + void* keyOut, uint16_t* keyInOutSz); /** * @brief Requests the server to unwrap and cache a wrapped key and receives the @@ -1073,12 +1081,14 @@ int wh_Client_KeyUnwrapAndCacheResponse(whClientContext* ctx, * @param[in] dataInSz The size in bytes of the plaintext data. * @param[out] wrappedDataOut The pointer to the buffer that stores the * resulting wrapped data. - * @param[out] wrappedDataOutSz The size in bytes of the wrapped data buffer. + * @param[in/out] wrappedDataInOutSz IN: The size in bytes of wrappedDataOut + * buffer. OUT: The size of the wrapped data object returned from the server. + * OUT may be less than IN. * @return int Returns 0 on success, or a negative error code on failure. */ int wh_Client_DataWrap(whClientContext* ctx, enum wc_CipherType cipherType, uint16_t serverKeyId, void* dataIn, uint32_t dataInSz, - void* wrappedDataOut, uint32_t wrappedDataOutSz); + void* wrappedDataOut, uint32_t* wrappedDataInOutSz); /** * @brief Helper function to unwrap a wrapped data object using a specified key @@ -1094,13 +1104,15 @@ int wh_Client_DataWrap(whClientContext* ctx, enum wc_CipherType cipherType, * @param[in] wrappedDataInSz The size in bytes of the wrapped data object. * @param[out] dataOut The pointer to the buffer that stores the * resulting unwrapped data. - * @param[out] dataOutSz The size in bytes of the unwrapped data buffer. + * @param[in/out] dataInOutSz IN: The size in bytes of dataOut. + * OUT: The size of the unwrapped data object return + * by the server. OUT may be less than IN. * @return int Returns 0 on success, or a negative error code on failure. */ int wh_Client_DataUnwrap(whClientContext* ctx, enum wc_CipherType cipherType, uint16_t serverKeyId, void* wrappedDataIn, uint32_t wrappedDataInSz, void* dataOut, - uint32_t dataOutSz); + uint32_t* dataInOutSz); /* Counter functions */ int wh_Client_CounterInitRequest(whClientContext* c, whNvmId counterId, diff --git a/wolfhsm/wh_common.h b/wolfhsm/wh_common.h index a62e0c77..cfe0d936 100644 --- a/wolfhsm/wh_common.h +++ b/wolfhsm/wh_common.h @@ -133,7 +133,9 @@ typedef uint16_t whCertFlags; /* Cache public key belonging to the leaf certificate */ #define WH_CERT_FLAGS_CACHE_LEAF_PUBKEY ((whCertFlags)1 << 0) -#define WOLFHSM_KEYWRAP_AES_GCM_TAG_SIZE 16 -#define WOLFHSM_KEYWRAP_AES_GCM_IV_SIZE 12 +#define WH_KEYWRAP_AES_GCM_TAG_SIZE 16 +#define WH_KEYWRAP_AES_GCM_IV_SIZE 12 +#define WH_KEYWRAP_AES_GCM_HEADER_SIZE \ + (WH_KEYWRAP_AES_GCM_IV_SIZE + WH_KEYWRAP_AES_GCM_TAG_SIZE) #endif /* !WOLFHSM_WH_COMMON_H_ */