yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Improve comments on key formats

Browse source 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard 2023-09-20 09:28:02 +02:00
parent fbea9d2e7d
commit 5ca69349b5
1 changed files with 9 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
3rdparty/p256-m/p256-m_driver_entrypoints.c vendored
View file

@ -38,7 +38,7 @@
* total of 65 bytes. * total of 65 bytes.
* *
* p256-m's internal format for private keys matches PSA. Its format for public * p256-m's internal format for private keys matches PSA. Its format for public
* keys is only 64 bytes; the same as PSA but without the leading byte (0x04). * keys is only 64 bytes: the same as PSA but without the leading byte (0x04).
* Hence, when passing public keys from PSA to p256-m, the leading byte is * Hence, when passing public keys from PSA to p256-m, the leading byte is
* removed. * removed.
* *
@ -89,6 +89,7 @@ psa_status_t p256_transparent_import_key(const psa_key_attributes_t *attributes,
if (data_length != PSA_PUBKEY_SIZE) { if (data_length != PSA_PUBKEY_SIZE) {
return *bits == 0 ? PSA_ERROR_NOT_SUPPORTED : PSA_ERROR_INVALID_ARGUMENT; return *bits == 0 ? PSA_ERROR_NOT_SUPPORTED : PSA_ERROR_INVALID_ARGUMENT;
} }
/* See INFORMATION ON PSA KEY EXPORT FORMATS near top of file */
if (p256_validate_pubkey(data + 1) != P256_SUCCESS) { if (p256_validate_pubkey(data + 1) != P256_SUCCESS) {
return PSA_ERROR_INVALID_ARGUMENT; return PSA_ERROR_INVALID_ARGUMENT;
} }
@ -136,7 +137,7 @@ psa_status_t p256_transparent_export_public_key(const psa_key_attributes_t *attr
return PSA_ERROR_BUFFER_TOO_SMALL; return PSA_ERROR_BUFFER_TOO_SMALL;
} }
/* Output public key in the PSA export format */ /* See INFORMATION ON PSA KEY EXPORT FORMATS near top of file */
data[0] = PSA_PUBKEY_HEADER_BYTE; data[0] = PSA_PUBKEY_HEADER_BYTE;
int ret = p256_public_from_private(data + 1, key_buffer); int ret = p256_public_from_private(data + 1, key_buffer);
if (ret == P256_SUCCESS) { if (ret == P256_SUCCESS) {
@ -201,10 +202,9 @@ psa_status_t p256_transparent_key_agreement(
return PSA_ERROR_BUFFER_TOO_SMALL; return PSA_ERROR_BUFFER_TOO_SMALL;
} }
/* We add 1 to peer_key pointer to omit the leading byte of the public key /* See INFORMATION ON PSA KEY EXPORT FORMATS near top of file */
* representation (0x04). See information about PSA key formats at the top const uint8_t peer_key_p256m = peer_key + 1;
* of the file. */ int ret = p256_ecdh_shared_secret(shared_secret, key_buffer, peer_key_p256m);
int ret = p256_ecdh_shared_secret(shared_secret, key_buffer, peer_key + 1);
if (ret == P256_SUCCESS) { if (ret == P256_SUCCESS) {
*shared_secret_length = SHARED_SECRET_SIZE; *shared_secret_length = SHARED_SECRET_SIZE;
} }
@ -263,11 +263,9 @@ static psa_status_t p256_verify_hash_with_public_key(
return PSA_ERROR_INVALID_SIGNATURE; return PSA_ERROR_INVALID_SIGNATURE;
} }
/* We add 1 to public_key_buffer pointer to omit the leading byte of the /* See INFORMATION ON PSA KEY EXPORT FORMATS near top of file */
* public key representation (0x04). See information about PSA key formats const uint8_t *public_key_p256m = key_buffer + 1;
* at the top of the file. */ int ret = p256_ecdsa_verify(signature, public_key_p256m, hash, hash_length);
const uint8_t *public_key_buffer = key_buffer + 1;
int ret = p256_ecdsa_verify(signature, public_key_buffer, hash, hash_length);
return p256_to_psa_error(ret); return p256_to_psa_error(ret);
} }