yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

New signature for pk_ecc_set_pubkey()

Browse source 
Also new name, for consistency, and documentation.

The signature **p, *end is mostly for parsing functions that may not
consume everything, and need to update the "current" pointer to reflect
what has been consumed. This is not the case here.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard 2023-07-26 23:31:01 +02:00
parent 681e30b727
commit e4c883bc8c
1 changed files with 17 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

42
library/pkparse.c
View file

@ -275,40 +275,39 @@ exit:
#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */
/*
* EC public key is an EC point
* Set the public key.
*
* The caller is responsible for clearing the structure upon failure if
* desired. Take care to pass along the possible ECP_FEATURE_UNAVAILABLE
* return code of mbedtls_ecp_point_read_binary() and leave p in a usable state.
* [in/out] pk: in: must have its group set, see pk_ecc_set_group().
* out: will have the public key set.
* [in] pub, pub_len: the raw public key (an ECPoint).
*/
static int pk_get_ecpubkey(unsigned char **p, const unsigned char *end,
mbedtls_pk_context *pk)
static int pk_ecc_set_pubkey(mbedtls_pk_context *pk,
const unsigned char *pub, size_t pub_len)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
mbedtls_svc_key_id_t key;
psa_key_attributes_t key_attrs = PSA_KEY_ATTRIBUTES_INIT;
size_t len = (size_t) (end - *p);
if (len > PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) {
if (pub_len > PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) {
return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
}
if ((**p == 0x02) || (**p == 0x03)) {
if ((*pub == 0x02) || (*pub == 0x03)) {
/* Compressed format, not supported by PSA Crypto.
* Try converting using functions from ECP_LIGHT. */
ret = pk_ecc_set_pubkey_psa_ecp_fallback(pk, *p, len);
ret = pk_ecc_set_pubkey_psa_ecp_fallback(pk, pub, pub_len);
if (ret != 0) {
return ret;
}
} else {
/* Uncompressed format */
if (len > MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN) {
if (pub_len > MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN) {
return MBEDTLS_ERR_PK_BUFFER_TOO_SMALL;
}
memcpy(pk->pub_raw, *p, len);
pk->pub_raw_len = len;
memcpy(pk->pub_raw, pub, pub_len);
pk->pub_raw_len = pub_len;
}
/* Validate the key by trying to importing it */
@ -328,18 +327,10 @@ static int pk_get_ecpubkey(unsigned char **p, const unsigned char *end,
#else /* MBEDTLS_PK_USE_PSA_EC_DATA */
mbedtls_ecp_keypair *ec_key = (mbedtls_ecp_keypair *) pk->pk_ctx;
if ((ret = mbedtls_ecp_point_read_binary(&ec_key->grp, &ec_key->Q,
(const unsigned char *) *p,
end - *p)) == 0) {
pub, pub_len)) == 0) {
ret = mbedtls_ecp_check_pubkey(&ec_key->grp, &ec_key->Q);
}
#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */
/*
* We know mbedtls_ecp_point_read_binary and pk_ecc_read_compressed either
* consumed all bytes or failed, and memcpy consumed all bytes too.
*/
*p = (unsigned char *) end;
return ret;
}
@ -900,7 +891,8 @@ int mbedtls_pk_parse_subpubkey(unsigned char **p, const unsigned char *end,
ret = pk_use_ecparams(&alg_params, pk);
}
if (ret == 0) {
ret = pk_get_ecpubkey(p, end, pk);
ret = pk_ecc_set_pubkey(pk, *p, end - *p);
*p += end - *p;
}
} else
#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
@ -1204,11 +1196,11 @@ static int pk_parse_key_sec1_der(mbedtls_pk_context *pk,
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
}
if ((ret = pk_get_ecpubkey(&p, end2, pk)) == 0) {
if ((ret = pk_ecc_set_pubkey(pk, p, end2 - p)) == 0) {
pubkey_done = 1;
} else {
/*
* The only acceptable failure mode of pk_get_ecpubkey() above
* The only acceptable failure mode of pk_ecc_set_pubkey() above
* is if the point format is not recognized.
*/
if (ret != MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE) {