yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

psa_internal_export_key function for common code.

Browse source 
create psa_internal_export_key function for common code in psa_export_key and psa_export_public_key.
This commit is contained in:
Moran Peker 2018-04-16 18:16:20 +03:00 committed by itayzafrir
parent 4ff99f36a7
commit a998bc6ac9
1 changed files with 54 additions and 79 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

133
library/psa_crypto.c
View file

@ -457,23 +457,28 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
return( PSA_SUCCESS );
}
psa_status_t psa_export_key(psa_key_slot_t key,
uint8_t *data,
size_t data_size,
size_t *data_length)
static psa_status_t psa_internal_export_key(psa_key_slot_t key,
uint8_t *data,
size_t data_size,
size_t *data_length,
int export_public_key)
{
key_slot_t *slot;
if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
return( PSA_ERROR_EMPTY_SLOT );
slot = &global_data.key_slots[key];
slot = &global_data.key_slots[ key ];
if( slot->type == PSA_KEY_TYPE_NONE )
return( PSA_ERROR_EMPTY_SLOT );
if( !( slot->policy.usage & PSA_KEY_USAGE_EXPORT ) )
return( PSA_ERROR_NOT_PERMITTED );
if( ( export_public_key ) && ( !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) || PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) ) )
return( PSA_ERROR_INVALID_ARGUMENT );
if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) )
if( ( !export_public_key) && PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) )
{
if( slot->data.raw.bytes > data_size )
return( PSA_ERROR_BUFFER_TOO_SMALL );
@ -483,41 +488,51 @@ psa_status_t psa_export_key(psa_key_slot_t key,
}
else
#if defined(MBEDTLS_PK_WRITE_C)
if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ||
PSA_KEY_TYPE_IS_ECC( slot->type ) )
{
mbedtls_pk_context pk;
int ret;
mbedtls_pk_init( &pk );
if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ||
PSA_KEY_TYPE_IS_ECC( slot->type ) )
{
pk.pk_info = &mbedtls_rsa_info;
pk.pk_ctx = slot->data.rsa;
mbedtls_pk_context pk;
int ret;
mbedtls_pk_init( &pk );
if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
{
pk.pk_info = &mbedtls_rsa_info;
pk.pk_ctx = slot->data.rsa;
}
else
{
pk.pk_info = &mbedtls_eckey_info;
pk.pk_ctx = slot->data.ecp;
}
if( ( ! export_public_key ) && PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
ret = mbedtls_pk_write_key_der( &pk, data, data_size );
else
ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size );
if ( ret < 0 )
return( mbedtls_to_psa_error( ret ) );
*data_length = ret;
return( PSA_SUCCESS );
}
else
{
pk.pk_info = &mbedtls_eckey_info;
pk.pk_ctx = slot->data.ecp;
}
if( PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
ret = mbedtls_pk_write_key_der( &pk, data, data_size );
else
ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size );
if( ret < 0 )
return( mbedtls_to_psa_error( ret ) );
*data_length = ret;
return( PSA_SUCCESS );
}
else
#endif /* defined(MBEDTLS_PK_WRITE_C) */
{
/* This shouldn't happen in the reference implementation, but
it is valid for a special-purpose implementation to omit
support for exporting certain key types. */
return( PSA_ERROR_NOT_SUPPORTED );
}
{
/* This shouldn't happen in the reference implementation, but
it is valid for a special-purpose implementation to omit
support for exporting certain key types. */
return( PSA_ERROR_NOT_SUPPORTED );
}
}
psa_status_t psa_export_key(psa_key_slot_t key,
uint8_t *data,
size_t data_size,
size_t *data_length)
{
return psa_internal_export_key( key, data, data_size,
data_length, 0 );
}
@ -526,50 +541,10 @@ psa_status_t psa_export_public_key(psa_key_slot_t key,
size_t data_size,
size_t *data_length)
{
key_slot_t *slot;
if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
return( PSA_ERROR_EMPTY_SLOT );
slot = &global_data.key_slots[key];
if( slot->type == PSA_KEY_TYPE_NONE )
return( PSA_ERROR_EMPTY_SLOT );
if( !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) || PSA_KEY_TYPE_IS_KEYPAIR(slot->type) ) )
return( PSA_ERROR_INVALID_ARGUMENT );
#if defined(MBEDTLS_PK_WRITE_C)
if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ||
PSA_KEY_TYPE_IS_ECC( slot->type ) )
{
mbedtls_pk_context pk;
int ret;
mbedtls_pk_init( &pk );
if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
{
pk.pk_info = &mbedtls_rsa_info;
pk.pk_ctx = slot->data.rsa;
}
else
{
pk.pk_info = &mbedtls_eckey_info;
pk.pk_ctx = slot->data.ecp;
}
ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size );
if( ret < 0 )
return( mbedtls_to_psa_error( ret ) );
*data_length = ret;
return( PSA_SUCCESS );
}
#endif /* defined(MBEDTLS_PK_WRITE_C) */
/* This shouldn't happen in the reference implementation, but
it is valid for a special-purpose implementation to omit
support for exporting certain key types. */
return( PSA_ERROR_NOT_SUPPORTED );
return psa_internal_export_key( key, data, data_size,
data_length, 1 );
}
/****************************************************************/
/* Message digests */
/****************************************************************/