mbedtls_pk_get_psa_attributes: support MBEDTLS_PK_USE_PSA_EC_DATA
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
7354f1e178
commit
f3dbc98d96
2 changed files with 38 additions and 11 deletions
13
library/pk.c
13
library/pk.c
|
@ -464,11 +464,24 @@ int mbedtls_pk_get_psa_attributes(const mbedtls_pk_context *pk,
|
|||
{
|
||||
int sign_ok = (pk_type != MBEDTLS_PK_ECKEY_DH);
|
||||
int derive_ok = (pk_type != MBEDTLS_PK_ECDSA);
|
||||
#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
|
||||
psa_key_attributes_t old_attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||
status = psa_get_key_attributes(pk->priv_id, &old_attributes);
|
||||
if (status != PSA_SUCCESS) {
|
||||
return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
|
||||
}
|
||||
psa_key_type_t old_type = psa_get_key_type(&old_attributes);
|
||||
int has_private = PSA_KEY_TYPE_IS_KEY_PAIR(old_type);
|
||||
size_t bits = psa_get_key_bits(&old_attributes);
|
||||
psa_ecc_family_t family = PSA_KEY_TYPE_ECC_GET_FAMILY(old_type);
|
||||
#else
|
||||
mbedtls_ecp_keypair *ec = mbedtls_pk_ec(*pk);
|
||||
int has_private = (ec->d.n != 0);
|
||||
size_t bits = 0;
|
||||
psa_ecc_family_t family =
|
||||
mbedtls_ecc_group_to_psa(ec->grp.id, &bits);
|
||||
#endif
|
||||
int want_private = 0;
|
||||
psa_algorithm_t alg = 0;
|
||||
switch (usage) {
|
||||
|
|
|
@ -111,7 +111,14 @@ static int pk_genkey(mbedtls_pk_context *pk, int curve_or_keybits)
|
|||
mbedtls_pk_get_type(pk) == MBEDTLS_PK_ECDSA) {
|
||||
int ret;
|
||||
|
||||
#if defined(MBEDTLS_ECP_C)
|
||||
#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
|
||||
ret = pk_genkey_ec(pk, curve_or_keybits);
|
||||
if (ret != 0) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
return 0;
|
||||
#else
|
||||
ret = mbedtls_ecp_group_load(&mbedtls_pk_ec_rw(*pk)->grp, curve_or_keybits);
|
||||
if (ret != 0) {
|
||||
return ret;
|
||||
|
@ -120,16 +127,7 @@ static int pk_genkey(mbedtls_pk_context *pk, int curve_or_keybits)
|
|||
&mbedtls_pk_ec_rw(*pk)->d,
|
||||
&mbedtls_pk_ec_rw(*pk)->Q,
|
||||
mbedtls_test_rnd_std_rand, NULL);
|
||||
#endif /* MBEDTLS_ECP_C */
|
||||
|
||||
#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
|
||||
ret = pk_genkey_ec(pk, curve_or_keybits);
|
||||
if (ret != 0) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
return 0;
|
||||
#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */
|
||||
#endif /* MBEDTLS_ECP_C && !MBEDTLS_PK_USE_PSA_EC_DATA */
|
||||
|
||||
}
|
||||
#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
|
||||
|
@ -208,8 +206,24 @@ static int pk_setup_for_type(mbedtls_pk_type_t pk_type, int want_pair,
|
|||
*psa_type = PSA_KEY_TYPE_ECC_KEY_PAIR(mbedtls_ecc_group_to_psa(grp_id, &bits));
|
||||
TEST_EQUAL(pk_genkey(pk, grp_id), 0);
|
||||
if (!want_pair) {
|
||||
#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
|
||||
psa_key_attributes_t pub_attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||
psa_set_key_type(&pub_attributes,
|
||||
PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(*psa_type));
|
||||
psa_set_key_usage_flags(&pub_attributes,
|
||||
PSA_KEY_USAGE_EXPORT |
|
||||
PSA_KEY_USAGE_COPY |
|
||||
PSA_KEY_USAGE_VERIFY_MESSAGE |
|
||||
PSA_KEY_USAGE_VERIFY_HASH);
|
||||
psa_set_key_algorithm(&pub_attributes, PSA_ALG_ECDSA_ANY);
|
||||
PSA_ASSERT(psa_destroy_key(pk->priv_id));
|
||||
PSA_ASSERT(psa_import_key(&pub_attributes,
|
||||
pk->pub_raw, pk->pub_raw_len,
|
||||
&pk->priv_id));
|
||||
#else
|
||||
mbedtls_ecp_keypair *ec = mbedtls_pk_ec(*pk);
|
||||
mbedtls_mpi_free(&ec->d);
|
||||
#endif
|
||||
}
|
||||
break;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue