lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-05 19:35:48 +03:00
Code Activity

Rework pk_ecc_set_pubkey_psa_ecp_fallback()

Browse Source 
- new semantic: sets the pubkey directly in the PK context
- new name to reflect that semantic and obey the naming scheme
- trivial case first
- documentation and better parameter names

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard
2023-07-26 23:03:35 +02:00
parent 0b8e45650f
commit 681e30b727
1 changed files with 21 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
library/pkparse.c
View File

@@ -226,18 +226,26 @@ static int pk_ecc_set_pubkey_from_prv(mbedtls_pk_context *pk,
#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) #if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
/* /*
* Create a temporary ecp_keypair for converting an EC point in compressed * Set the public key: fallback using ECP_LIGHT in the USE_PSA_EC_DATA case.
* format to an uncompressed one
* *
* Consumes everything or fails - inherited from * Normally, when MBEDTLS_PK_USE_PSA_EC_DATA is enabled, we only use PSA
* mbedtls_ecp_point_read_binary(). * functions to handle keys. However, currently psa_import_key() does not
* support compressed points. In case that support was explicitly requested,
* this fallback uses ECP functions to get the job done. This is the reason
* why MBEDTLS_PK_PARSE_EC_COMPRESSED auto-enables MBEDTLS_ECP_LIGHT.
*
* [in/out] pk: in: must have the group set, see pk_ecc_set_group().
* out: will have the public key set.
* [in] pub, pub_len: the public key as an ECPoint,
* in any format supported by ECP.
*/ */
static int pk_ecc_read_compressed(mbedtls_pk_context *pk, static int pk_ecc_set_pubkey_psa_ecp_fallback(mbedtls_pk_context *pk,
const unsigned char *in_start, size_t in_len, const unsigned char *pub,
unsigned char *out_buf, size_t out_buf_size, size_t pub_len)
size_t *out_buf_len)
{ {
#if defined(MBEDTLS_PK_PARSE_EC_COMPRESSED) #if !defined(MBEDTLS_PK_PARSE_EC_COMPRESSED)
return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
#else /* MBEDTLS_PK_PARSE_EC_COMPRESSED */
mbedtls_ecp_keypair ecp_key; mbedtls_ecp_keypair ecp_key;
mbedtls_ecp_group_id ecp_group_id; mbedtls_ecp_group_id ecp_group_id;
int ret; int ret;
@@ -250,19 +258,18 @@ static int pk_ecc_read_compressed(mbedtls_pk_context *pk,
return ret; return ret;
} }
ret = mbedtls_ecp_point_read_binary(&(ecp_key.grp), &ecp_key.Q, ret = mbedtls_ecp_point_read_binary(&(ecp_key.grp), &ecp_key.Q,
in_start, in_len); pub, pub_len);
if (ret != 0) { if (ret != 0) {
goto exit; goto exit;
} }
ret = mbedtls_ecp_point_write_binary(&(ecp_key.grp), &ecp_key.Q, ret = mbedtls_ecp_point_write_binary(&(ecp_key.grp), &ecp_key.Q,
MBEDTLS_ECP_PF_UNCOMPRESSED, MBEDTLS_ECP_PF_UNCOMPRESSED,
out_buf_len, out_buf, out_buf_size); &pk->pub_raw_len, pk->pub_raw,
sizeof(pk->pub_raw));
exit: exit:
mbedtls_ecp_keypair_free(&ecp_key); mbedtls_ecp_keypair_free(&ecp_key);
return ret; return ret;
#else /* MBEDTLS_PK_PARSE_EC_COMPRESSED */
return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
#endif /* MBEDTLS_PK_PARSE_EC_COMPRESSED */ #endif /* MBEDTLS_PK_PARSE_EC_COMPRESSED */
} }
#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ #endif /* MBEDTLS_PK_USE_PSA_EC_DATA */
@@ -291,10 +298,7 @@ static int pk_get_ecpubkey(unsigned char **p, const unsigned char *end,
if ((**p == 0x02) || (**p == 0x03)) { if ((**p == 0x02) || (**p == 0x03)) {
/* Compressed format, not supported by PSA Crypto. /* Compressed format, not supported by PSA Crypto.
* Try converting using functions from ECP_LIGHT. */ * Try converting using functions from ECP_LIGHT. */
ret = pk_ecc_read_compressed(pk, *p, len, ret = pk_ecc_set_pubkey_psa_ecp_fallback(pk, *p, len);
pk->pub_raw,
PSA_EXPORT_PUBLIC_KEY_MAX_SIZE,
&pk->pub_raw_len);
if (ret != 0) { if (ret != 0) {
return ret; return ret;
} }