yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

pkwrite: add internal defines for proper key buffer sizes

Browse source 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
Valerio Setti 2023-11-28 14:10:43 +01:00
parent 605f03cb76
commit d5604bacc4
1 changed files with 20 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

33
library/pkwrite.c
View file

@ -39,6 +39,21 @@
#endif #endif
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
/* Helpers for properly sizing buffers aimed at holding public keys or
* key-pairs based on build symbols. */
#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
#define PK_MAX_EC_PUBLIC_KEY_SIZE PSA_EXPORT_PUBLIC_KEY_MAX_SIZE
#define PK_MAX_EC_KEY_PAIR_SIZE MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH
#else
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#define PK_MAX_EC_PUBLIC_KEY_SIZE PSA_EXPORT_PUBLIC_KEY_MAX_SIZE
#define PK_MAX_EC_KEY_PAIR_SIZE MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH
#else
#define PK_MAX_EC_PUBLIC_KEY_SIZE MBEDTLS_ECP_MAX_PT_LEN
#define PK_MAX_EC_KEY_PAIR_SIZE MBEDTLS_ECP_MAX_BYTES
#endif
#endif
/****************************************************************************** /******************************************************************************
* Internal functions for RSA keys. * Internal functions for RSA keys.
******************************************************************************/ ******************************************************************************/
@ -205,7 +220,7 @@ static int pk_write_ec_pubkey(unsigned char **p, unsigned char *start,
const mbedtls_pk_context *pk) const mbedtls_pk_context *pk)
{ {
size_t len = 0; size_t len = 0;
uint8_t buf[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE]; uint8_t buf[PK_MAX_EC_PUBLIC_KEY_SIZE];
if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) { if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) {
if (psa_export_public_key(pk->priv_id, buf, sizeof(buf), &len) != PSA_SUCCESS) { if (psa_export_public_key(pk->priv_id, buf, sizeof(buf), &len) != PSA_SUCCESS) {
@ -230,11 +245,7 @@ static int pk_write_ec_pubkey(unsigned char **p, unsigned char *start,
const mbedtls_pk_context *pk) const mbedtls_pk_context *pk)
{ {
size_t len = 0; size_t len = 0;
#if defined(MBEDTLS_USE_PSA_CRYPTO) unsigned char buf[PK_MAX_EC_PUBLIC_KEY_SIZE];
uint8_t buf[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE];
#else
unsigned char buf[MBEDTLS_ECP_MAX_PT_LEN];
#endif /* MBEDTLS_USE_PSA_CRYPTO */
mbedtls_ecp_keypair *ec = mbedtls_pk_ec(*pk); mbedtls_ecp_keypair *ec = mbedtls_pk_ec(*pk);
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
@ -276,7 +287,7 @@ static int pk_write_ec_private(unsigned char **p, unsigned char *start,
{ {
size_t byte_length; size_t byte_length;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char tmp[MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH]; unsigned char tmp[PK_MAX_EC_KEY_PAIR_SIZE];
psa_status_t status; psa_status_t status;
if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) { if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) {
@ -304,14 +315,10 @@ static int pk_write_ec_private(unsigned char **p, unsigned char *start,
{ {
size_t byte_length; size_t byte_length;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
#if defined(MBEDTLS_USE_PSA_CRYPTO) unsigned char tmp[PK_MAX_EC_KEY_PAIR_SIZE];
unsigned char tmp[MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH];
psa_status_t status;
#else
unsigned char tmp[MBEDTLS_ECP_MAX_BYTES];
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_status_t status;
if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) { if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) {
status = psa_export_key(pk->priv_id, tmp, sizeof(tmp), &byte_length); status = psa_export_key(pk->priv_id, tmp, sizeof(tmp), &byte_length);
if (status != PSA_SUCCESS) { if (status != PSA_SUCCESS) {