From 21d42417f949fe01745870eb02b25c13bf413fdf Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 30 Jun 2023 17:37:23 +0200 Subject: [PATCH] pkparse: always check all private keys on import This allows to remove explicit calls to mbedtls_ecp_check_privkey() in pkparse.c. Signed-off-by: Valerio Setti --- library/ecp.c | 1 + library/pkparse.c | 14 -------------- 2 files changed, 1 insertion(+), 14 deletions(-) diff --git a/library/ecp.c b/library/ecp.c index 086acb35e..4e28b73a9 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -3277,6 +3277,7 @@ int mbedtls_ecp_read_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, ECP_CURVE448_KEY_SIZE * 8 - 1, 1) ); } + MBEDTLS_MPI_CHK(mbedtls_ecp_check_privkey(&key->grp, &key->d)); } #endif diff --git a/library/pkparse.c b/library/pkparse.c index 1091c424e..fa0570c07 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -666,14 +666,6 @@ static int pk_parse_key_rfc8410_der(mbedtls_pk_context *pk, return ret; } - /* When MBEDTLS_PK_USE_PSA_EC_DATA the key is checked while importing it - * into PSA. */ -#if !defined(MBEDTLS_PK_USE_PSA_EC_DATA) - if ((ret = mbedtls_ecp_check_privkey(&eck->grp, &eck->d)) != 0) { - return ret; - } -#endif /* !MBEDTLS_PK_USE_PSA_EC_DATA */ - return 0; } #endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */ @@ -1310,12 +1302,6 @@ static int pk_parse_key_sec1_der(mbedtls_pk_context *pk, } } -#if !defined(MBEDTLS_PK_USE_PSA_EC_DATA) - if ((ret = mbedtls_ecp_check_privkey(&eck->grp, &eck->d)) != 0) { - return ret; - } -#endif /* !MBEDTLS_PK_USE_PSA_EC_DATA */ - return 0; } #endif /* MBEDTLS_PK_HAVE_ECC_KEYS */