Implement, plug in and test validate_key driver entry point

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2025-08-01 10:06:53 +03:00 · 2020-10-13 17:43:44 +02:00
parent 398aee5742
commit 0452476eac
7 changed files with 208 additions and 4 deletions
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@ -977,6 +977,7 @@ psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot,
                                       size_t data_length )
 {
    psa_status_t status = PSA_SUCCESS;
+    size_t bit_size;

    /* zero-length keys are never supported. */
    if( data_length == 0 )
@ -984,7 +985,7 @@ psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot,

    if( key_type_is_raw_bytes( slot->attr.type ) )
    {
-        size_t bit_size = PSA_BYTES_TO_BITS( data_length );
+        bit_size = PSA_BYTES_TO_BITS( data_length );

        /* Ensure that the bytes-to-bits conversion hasn't overflown. */
        if( data_length > SIZE_MAX / 8 )
--- a/library/psa_crypto_driver_wrappers.c
+++ b/library/psa_crypto_driver_wrappers.c
@ -410,6 +410,34 @@ psa_status_t psa_driver_wrapper_generate_key( const psa_key_attributes_t *attrib
 #endif /* PSA_CRYPTO_DRIVER_PRESENT */
 }

+psa_status_t psa_driver_wrapper_validate_key( const psa_key_attributes_t *attributes,
+                                              const uint8_t *data,
+                                              size_t data_length,
+                                              size_t *bits )
+{
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    /* Try accelerators in turn */
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+    status = test_transparent_validate_key( attributes,
+                                            data,
+                                            data_length,
+                                            bits );
+    /* Declared with fallback == true */
+    if( status != PSA_ERROR_NOT_SUPPORTED )
+        return( status );
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+
+    return( PSA_ERROR_NOT_SUPPORTED );
+#else /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+    (void) attributes;
+    (void) data;
+    (void) data_length;
+    (void) bits;
+    return( PSA_ERROR_NOT_SUPPORTED );
+#endif /* PSA_CRYPTO_DRIVER_PRESENT */
+}
+
 /*
 * Cipher functions
 */
--- a/library/psa_crypto_driver_wrappers.h
+++ b/library/psa_crypto_driver_wrappers.h
@ -43,9 +43,18 @@ psa_status_t psa_driver_wrapper_verify_hash( psa_key_slot_t *slot,
                                             const uint8_t *signature,
                                             size_t signature_length );

+/*
+ * Key handling functions
+ */
+
 psa_status_t psa_driver_wrapper_generate_key( const psa_key_attributes_t *attributes,
                                              psa_key_slot_t *slot );

+psa_status_t psa_driver_wrapper_validate_key( const psa_key_attributes_t *attributes,
+                                              const uint8_t *data,
+                                              size_t data_length,
+                                              size_t *bits );
+
 /*
 * Cipher functions
 */