yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

ssl_server2: use key opaque algs given from command line

Browse source 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
This commit is contained in:
Przemek Stekiel 2022-05-02 14:44:46 +02:00
parent 344c561292
commit b58c47a666
1 changed files with 71 additions and 40 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

111
programs/ssl/ssl_server2.c
View file

@ -2596,59 +2596,90 @@ int main( int argc, char *argv[] )
psa_algorithm_t psa_alg, psa_alg2;
psa_key_usage_t psa_usage;
if ( mbedtls_pk_get_type( &pkey ) == MBEDTLS_PK_ECKEY ||
mbedtls_pk_get_type( &pkey ) == MBEDTLS_PK_RSA )
if ( strcmp( opt.key1_opaque_alg1, DFL_KEY_OPAQUE_ALG ) != 0 )
{
if( mbedtls_pk_get_type( &pkey ) == MBEDTLS_PK_ECKEY )
ret = key_opaque_set_alg_usage( opt.key1_opaque_alg1,
opt.key1_opaque_alg2,
&psa_alg, &psa_alg2, &psa_usage );
if( ret != 0 )
{
psa_alg = PSA_ALG_ECDSA( PSA_ALG_ANY_HASH );
psa_alg2 = PSA_ALG_ECDH;
psa_usage = PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_DERIVE;
}
else
{
psa_alg = PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_ANY_HASH );
psa_alg2 = PSA_ALG_NONE;
psa_usage = PSA_KEY_USAGE_SIGN_HASH;
}
if( ( ret = mbedtls_pk_wrap_as_opaque( &pkey, &key_slot,
psa_alg,
psa_usage,
psa_alg2 ) ) != 0 )
{
mbedtls_printf( " failed\n ! "
"mbedtls_pk_wrap_as_opaque returned -0x%x\n\n", (unsigned int) -ret );
mbedtls_printf( " failed\n ! key_opaque_set_alg_usage returned -0x%x\n\n",
(unsigned int) -ret );
goto exit;
}
}
if ( mbedtls_pk_get_type( &pkey2 ) == MBEDTLS_PK_ECKEY ||
mbedtls_pk_get_type( &pkey2 ) == MBEDTLS_PK_RSA )
else
{
if( mbedtls_pk_get_type( &pkey2 ) == MBEDTLS_PK_ECKEY )
if ( mbedtls_pk_get_type( &pkey ) == MBEDTLS_PK_ECKEY ||
mbedtls_pk_get_type( &pkey ) == MBEDTLS_PK_RSA )
{
psa_alg = PSA_ALG_ECDSA( PSA_ALG_ANY_HASH );
psa_alg2 = PSA_ALG_ECDH;
psa_usage = PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_DERIVE;
}
else
{
psa_alg = PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_ANY_HASH );
psa_alg2 = PSA_ALG_NONE;
psa_usage = PSA_KEY_USAGE_SIGN_HASH;
if( mbedtls_pk_get_type( &pkey ) == MBEDTLS_PK_ECKEY )
{
psa_alg = PSA_ALG_ECDSA( PSA_ALG_ANY_HASH );
psa_alg2 = PSA_ALG_ECDH;
psa_usage = PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_DERIVE;
}
else
{
psa_alg = PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_ANY_HASH );
psa_alg2 = PSA_ALG_NONE;
psa_usage = PSA_KEY_USAGE_SIGN_HASH;
}
}
}
if( ( ret = mbedtls_pk_wrap_as_opaque( &pkey2, &key_slot2,
psa_alg,
psa_usage,
psa_alg2 ) ) != 0 )
if( ( ret = mbedtls_pk_wrap_as_opaque( &pkey, &key_slot,
psa_alg,
psa_usage,
psa_alg2 ) ) != 0 )
{
mbedtls_printf( " failed\n ! "
"mbedtls_pk_wrap_as_opaque returned -0x%x\n\n", (unsigned int) -ret );
goto exit;
}
if ( strcmp( opt.key2_opaque_alg1, DFL_KEY_OPAQUE_ALG ) != 0 )
{
ret = key_opaque_set_alg_usage( opt.key2_opaque_alg1,
opt.key2_opaque_alg2,
&psa_alg, &psa_alg2, &psa_usage );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! "
"mbedtls_pk_wrap_as_opaque returned -0x%x\n\n", (unsigned int) -ret );
mbedtls_printf( " failed\n ! key_opaque_set_alg_usage returned -0x%x\n\n",
(unsigned int) -ret );
goto exit;
}
}
else
{
if ( mbedtls_pk_get_type( &pkey2 ) == MBEDTLS_PK_ECKEY ||
mbedtls_pk_get_type( &pkey2 ) == MBEDTLS_PK_RSA )
{
if( mbedtls_pk_get_type( &pkey2 ) == MBEDTLS_PK_ECKEY )
{
psa_alg = PSA_ALG_ECDSA( PSA_ALG_ANY_HASH );
psa_alg2 = PSA_ALG_ECDH;
psa_usage = PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_DERIVE;
}
else
{
psa_alg = PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_ANY_HASH );
psa_alg2 = PSA_ALG_NONE;
psa_usage = PSA_KEY_USAGE_SIGN_HASH;
}
}
}
if( ( ret = mbedtls_pk_wrap_as_opaque( &pkey2, &key_slot2,
psa_alg,
psa_usage,
psa_alg2 ) ) != 0 )
{
mbedtls_printf( " failed\n ! "
"mbedtls_pk_wrap_as_opaque returned -0x%x\n\n", (unsigned int) -ret );
goto exit;
}
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */