Use macros for sizes in p256-m driver
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
parent
138bdb6b17
commit
ba63e0ce34
1 changed files with 34 additions and 24 deletions
58
3rdparty/p256-m/p256-m_driver_entrypoints.c
vendored
58
3rdparty/p256-m/p256-m_driver_entrypoints.c
vendored
|
@ -41,7 +41,17 @@
|
|||
* keys is only 64 bytes; the same as PSA but without the leading byte (0x04).
|
||||
* Hence, when passing public keys from PSA to p256-m, the leading byte is
|
||||
* removed.
|
||||
*
|
||||
* Shared secret and signature have the same format between PSA and p256-m.
|
||||
*/
|
||||
#define PSA_PUBKEY_SIZE 65
|
||||
#define PSA_PUBKEY_HEADER_BYTE 0x04
|
||||
#define P256_PUBKEY_SIZE 64
|
||||
#define PRIVKEY_SIZE 32
|
||||
#define SHARED_SECRET_SIZE 32
|
||||
#define SIGNATURE_SIZE 64
|
||||
|
||||
#define CURVE_BITS 256
|
||||
|
||||
/* Convert between p256-m and PSA error codes */
|
||||
static psa_status_t p256_to_psa_error(int ret)
|
||||
|
@ -69,21 +79,21 @@ psa_status_t p256_transparent_import_key(const psa_key_attributes_t *attributes,
|
|||
size_t *bits)
|
||||
{
|
||||
/* Check the key size */
|
||||
if (*bits != 0 && *bits != 256) {
|
||||
if (*bits != 0 && *bits != CURVE_BITS) {
|
||||
return PSA_ERROR_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
/* Validate the key (and its type and size) */
|
||||
psa_key_type_t type = psa_get_key_type(attributes);
|
||||
if (type == PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1)) {
|
||||
if (data_length != 65) {
|
||||
if (data_length != PSA_PUBKEY_SIZE) {
|
||||
return *bits == 0 ? PSA_ERROR_NOT_SUPPORTED : PSA_ERROR_INVALID_ARGUMENT;
|
||||
}
|
||||
if (p256_validate_pubkey(data + 1) != P256_SUCCESS) {
|
||||
return PSA_ERROR_INVALID_ARGUMENT;
|
||||
}
|
||||
} else if (type == PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)) {
|
||||
if (data_length != 32) {
|
||||
if (data_length != PRIVKEY_SIZE) {
|
||||
return *bits == 0 ? PSA_ERROR_NOT_SUPPORTED : PSA_ERROR_INVALID_ARGUMENT;
|
||||
}
|
||||
if (p256_validate_privkey(data) != P256_SUCCESS) {
|
||||
|
@ -92,7 +102,7 @@ psa_status_t p256_transparent_import_key(const psa_key_attributes_t *attributes,
|
|||
} else {
|
||||
return PSA_ERROR_NOT_SUPPORTED;
|
||||
}
|
||||
*bits = 256;
|
||||
*bits = CURVE_BITS;
|
||||
|
||||
/* We only support the export format for input, so just copy. */
|
||||
if (key_buffer_size < data_length) {
|
||||
|
@ -114,23 +124,23 @@ psa_status_t p256_transparent_export_public_key(const psa_key_attributes_t *attr
|
|||
/* Is this the right curve? */
|
||||
size_t bits = psa_get_key_bits(attributes);
|
||||
psa_key_type_t type = psa_get_key_type(attributes);
|
||||
if (bits != 256 || type != PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)) {
|
||||
if (bits != CURVE_BITS || type != PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)) {
|
||||
return PSA_ERROR_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
/* Validate sizes, as p256-m expects fixed-size buffers */
|
||||
if (key_buffer_size != 32) {
|
||||
if (key_buffer_size != PRIVKEY_SIZE) {
|
||||
return PSA_ERROR_CORRUPTION_DETECTED;
|
||||
}
|
||||
if (data_size < 65) {
|
||||
if (data_size < PSA_PUBKEY_SIZE) {
|
||||
return PSA_ERROR_BUFFER_TOO_SMALL;
|
||||
}
|
||||
|
||||
/* Output public key in the PSA export format */
|
||||
data[0] = 0x04;
|
||||
data[0] = PSA_PUBKEY_HEADER_BYTE;
|
||||
int ret = p256_public_from_private(data + 1, key_buffer);
|
||||
if (ret == P256_SUCCESS) {
|
||||
*data_length = 65;
|
||||
*data_length = PSA_PUBKEY_SIZE;
|
||||
}
|
||||
|
||||
return p256_to_psa_error(ret);
|
||||
|
@ -147,7 +157,7 @@ psa_status_t p256_transparent_generate_key(
|
|||
(void) attributes;
|
||||
|
||||
/* Validate sizes, as p256-m expects fixed-size buffers */
|
||||
if (key_buffer_size != 32) {
|
||||
if (key_buffer_size != PRIVKEY_SIZE) {
|
||||
return PSA_ERROR_BUFFER_TOO_SMALL;
|
||||
}
|
||||
|
||||
|
@ -156,11 +166,11 @@ psa_status_t p256_transparent_generate_key(
|
|||
* keys. Allocate a buffer to which the public key will be written. The
|
||||
* private key will be written to key_buffer, which is passed to this
|
||||
* function as an argument. */
|
||||
uint8_t public_key_buffer[64];
|
||||
uint8_t public_key_buffer[P256_PUBKEY_SIZE];
|
||||
|
||||
int ret = p256_gen_keypair(key_buffer, public_key_buffer);
|
||||
if (ret == P256_SUCCESS) {
|
||||
*key_buffer_length = 32;
|
||||
*key_buffer_length = PRIVKEY_SIZE;
|
||||
}
|
||||
|
||||
return p256_to_psa_error(ret);
|
||||
|
@ -184,10 +194,10 @@ psa_status_t p256_transparent_key_agreement(
|
|||
(void) alg;
|
||||
|
||||
/* Validate sizes, as p256-m expects fixed-size buffers */
|
||||
if (key_buffer_size != 32 || peer_key_length != 65) {
|
||||
if (key_buffer_size != PRIVKEY_SIZE || peer_key_length != PSA_PUBKEY_SIZE) {
|
||||
return PSA_ERROR_INVALID_ARGUMENT;
|
||||
}
|
||||
if (shared_secret_size < 32) {
|
||||
if (shared_secret_size < SHARED_SECRET_SIZE) {
|
||||
return PSA_ERROR_BUFFER_TOO_SMALL;
|
||||
}
|
||||
|
||||
|
@ -196,7 +206,7 @@ psa_status_t p256_transparent_key_agreement(
|
|||
* of the file. */
|
||||
int ret = p256_ecdh_shared_secret(shared_secret, key_buffer, peer_key + 1);
|
||||
if (ret == P256_SUCCESS) {
|
||||
*shared_secret_length = 32;
|
||||
*shared_secret_length = SHARED_SECRET_SIZE;
|
||||
}
|
||||
|
||||
return p256_to_psa_error(ret);
|
||||
|
@ -220,22 +230,22 @@ psa_status_t p256_transparent_sign_hash(
|
|||
(void) alg;
|
||||
|
||||
/* Validate sizes, as p256-m expects fixed-size buffers */
|
||||
if (key_buffer_size != 32) {
|
||||
if (key_buffer_size != PRIVKEY_SIZE) {
|
||||
return PSA_ERROR_CORRUPTION_DETECTED;
|
||||
}
|
||||
if (signature_size < 64) {
|
||||
if (signature_size < SIGNATURE_SIZE) {
|
||||
return PSA_ERROR_BUFFER_TOO_SMALL;
|
||||
}
|
||||
|
||||
int ret = p256_ecdsa_sign(signature, key_buffer, hash, hash_length);
|
||||
if (ret == P256_SUCCESS) {
|
||||
*signature_length = 64;
|
||||
*signature_length = SIGNATURE_SIZE;
|
||||
}
|
||||
|
||||
return p256_to_psa_error(ret);
|
||||
}
|
||||
|
||||
/* This function expects the key buffer to contain a 65 byte public key,
|
||||
/* This function expects the key buffer to contain a PSA public key,
|
||||
* as exported by psa_export_public_key() */
|
||||
static psa_status_t p256_verify_hash_with_public_key(
|
||||
const uint8_t *key_buffer,
|
||||
|
@ -246,10 +256,10 @@ static psa_status_t p256_verify_hash_with_public_key(
|
|||
size_t signature_length)
|
||||
{
|
||||
/* Validate sizes, as p256-m expects fixed-size buffers */
|
||||
if (key_buffer_size != 65 || *key_buffer != 0x04) {
|
||||
if (key_buffer_size != PSA_PUBKEY_SIZE || *key_buffer != PSA_PUBKEY_HEADER_BYTE) {
|
||||
return PSA_ERROR_CORRUPTION_DETECTED;
|
||||
}
|
||||
if (signature_length != 64) {
|
||||
if (signature_length != SIGNATURE_SIZE) {
|
||||
return PSA_ERROR_INVALID_SIGNATURE;
|
||||
}
|
||||
|
||||
|
@ -277,10 +287,10 @@ psa_status_t p256_transparent_verify_hash(
|
|||
(void) alg;
|
||||
|
||||
psa_status_t status;
|
||||
uint8_t public_key_buffer[65];
|
||||
size_t public_key_buffer_size = 65;
|
||||
uint8_t public_key_buffer[PSA_PUBKEY_SIZE];
|
||||
size_t public_key_buffer_size = PSA_PUBKEY_SIZE;
|
||||
|
||||
size_t public_key_length = 65;
|
||||
size_t public_key_length = PSA_PUBKEY_SIZE;
|
||||
/* As p256-m doesn't require dynamic allocation, we want to avoid it in
|
||||
* the entrypoint functions as well. psa_driver_wrapper_export_public_key()
|
||||
* requires size_t*, so we use a pointer to a stack variable. */
|
||||
|
|
Loading…
Reference in a new issue