mbedtls_psa_ffdh_generate_key: optimize code and return fixed key size
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
This commit is contained in:
parent
2488afcd71
commit
e1621a460a
1 changed files with 13 additions and 14 deletions
|
@ -231,23 +231,22 @@ psa_status_t mbedtls_psa_ffdh_generate_key(
|
||||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||||
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||||
mbedtls_mpi_init(&P); mbedtls_mpi_init(&X);
|
mbedtls_mpi_init(&P); mbedtls_mpi_init(&X);
|
||||||
|
(void) attributes;
|
||||||
|
|
||||||
status = mbedtls_psa_ffdh_set_prime_generator(
|
status = mbedtls_psa_ffdh_set_prime_generator(key_buffer_size, &P, NULL);
|
||||||
PSA_BITS_TO_BYTES(attributes->core.bits), &P, NULL);
|
|
||||||
|
if (status != PSA_SUCCESS) {
|
||||||
|
goto cleanup;
|
||||||
|
}
|
||||||
|
|
||||||
if (status == PSA_SUCCESS) {
|
|
||||||
/* RFC7919: Traditional finite field Diffie-Hellman has each peer choose their
|
/* RFC7919: Traditional finite field Diffie-Hellman has each peer choose their
|
||||||
secret exponent from the range [2, P-2].
|
secret exponent from the range [2, P-2].
|
||||||
Select random value in range [3, P-1] and decrease it by 1. */
|
Select random value in range [3, P-1] and decrease it by 1. */
|
||||||
MBEDTLS_MPI_CHK(mbedtls_mpi_random(&X, 3, &P, mbedtls_psa_get_random,
|
MBEDTLS_MPI_CHK(mbedtls_mpi_random(&X, 3, &P, mbedtls_psa_get_random,
|
||||||
MBEDTLS_PSA_RANDOM_STATE));
|
MBEDTLS_PSA_RANDOM_STATE));
|
||||||
MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&X, &X, 1));
|
MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&X, &X, 1));
|
||||||
|
MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&X, key_buffer, key_buffer_size));
|
||||||
*key_buffer_length = mbedtls_mpi_size(&X);
|
*key_buffer_length = key_buffer_size;
|
||||||
|
|
||||||
MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&X, key_buffer,
|
|
||||||
key_buffer_size));
|
|
||||||
}
|
|
||||||
|
|
||||||
cleanup:
|
cleanup:
|
||||||
mbedtls_mpi_free(&P); mbedtls_mpi_free(&X);
|
mbedtls_mpi_free(&P); mbedtls_mpi_free(&X);
|
||||||
|
|
Loading…
Reference in a new issue