Remove driver entry points for {get|set}_max_ops().

Move the global variable to the PSA layer, and just set that when calling PSA level functions. Move the internal ecp set to before each ecp call. Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2025-08-01 10:06:53 +03:00 · 2023-02-21 14:19:23 +00:00
parent f8e5b56ad8
commit a16ce9f601
4 changed files with 15 additions and 44 deletions
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@ -3153,17 +3153,18 @@ exit:
 /* Asymmetric interruptible cryptography                        */
 /****************************************************************/

+static uint32_t psa_interruptible_max_ops = PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED;
+
 void psa_interruptible_set_max_ops(uint32_t max_ops)
 {
-    psa_driver_wrapper_interruptible_set_max_ops(max_ops);
+    psa_interruptible_max_ops = max_ops;
 }

 uint32_t psa_interruptible_get_max_ops(void)
 {
-    return psa_driver_wrapper_interruptible_get_max_ops();
+    return psa_interruptible_max_ops;
 }

-
 uint32_t psa_sign_hash_get_num_ops(
    const psa_sign_hash_interruptible_operation_t *operation)
 {
@ -3458,12 +3459,8 @@ psa_status_t psa_verify_hash_abort(
 /* implementations                                              */
 /****************************************************************/

-static uint32_t mbedtls_psa_interruptible_max_ops =
-    PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED;
-
 void mbedtls_psa_interruptible_set_max_ops(uint32_t max_ops)
 {
-    mbedtls_psa_interruptible_max_ops = max_ops;

 #if (defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
    defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)) && \
@ -3476,16 +3473,13 @@ void mbedtls_psa_interruptible_set_max_ops(uint32_t max_ops)
    }

    mbedtls_ecp_set_max_ops(max_ops);
+#else
+    (void) max_ops;
 #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
        * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) &&
        * defined( MBEDTLS_ECP_RESTARTABLE ) */
 }

-uint32_t mbedtls_psa_interruptible_get_max_ops(void)
-{
-    return mbedtls_psa_interruptible_max_ops;
-}
-
 uint32_t mbedtls_psa_sign_hash_get_num_ops(
    const mbedtls_psa_sign_hash_interruptible_operation_t *operation)
 {
@ -3544,11 +3538,6 @@ psa_status_t mbedtls_psa_sign_hash_start(
    /* Ensure num_ops is zero'ed in case of context re-use. */
    operation->num_ops = 0;

-    /* Ensure default is set even if
-     * mbedtls_psa_interruptible_set_max_ops() has not been called. */
-    mbedtls_psa_interruptible_set_max_ops(
-        mbedtls_psa_interruptible_get_max_ops());
-
    status = mbedtls_psa_ecp_load_representation(attributes->core.type,
                                                 attributes->core.bits,
                                                 key_buffer,
@ -3613,6 +3602,9 @@ psa_status_t mbedtls_psa_sign_hash_complete(
    mbedtls_mpi_init(&r);
    mbedtls_mpi_init(&s);

+    /* Ensure max_ops is set to the current value (or default). */
+    mbedtls_psa_interruptible_set_max_ops(psa_interruptible_get_max_ops());
+
    if (signature_size < 2 * operation->coordinate_bytes) {
        status = PSA_ERROR_BUFFER_TOO_SMALL;
        goto exit;
@ -3764,11 +3756,6 @@ psa_status_t mbedtls_psa_verify_hash_start(
    /* Ensure num_ops is zero'ed in case of context re-use. */
    operation->num_ops = 0;

-    /* Ensure default is set even if
-     * mbedtls_psa_interruptible_set_max_ops() has not been called. */
-    mbedtls_psa_interruptible_set_max_ops(
-        mbedtls_psa_interruptible_get_max_ops());
-
    status = mbedtls_psa_ecp_load_representation(attributes->core.type,
                                                 attributes->core.bits,
                                                 key_buffer,
@ -3853,6 +3840,9 @@ psa_status_t mbedtls_psa_verify_hash_complete(

    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;

+    /* Ensure max_ops is set to the current value (or default). */
+    mbedtls_psa_interruptible_set_max_ops(psa_interruptible_get_max_ops());
+
    status = mbedtls_to_psa_error(
        mbedtls_ecdsa_verify_restartable(&operation->ctx->grp,
                                         operation->hash,
--- a/library/psa_crypto_driver_wrappers.h
+++ b/library/psa_crypto_driver_wrappers.h
@ -70,10 +70,6 @@ psa_status_t psa_driver_wrapper_verify_hash(
 * Interruptible Signature functions
 */

-void psa_driver_wrapper_interruptible_set_max_ops(uint32_t max_ops);
-
-uint32_t psa_driver_wrapper_interruptible_get_max_ops(void);
-
 uint32_t psa_driver_wrapper_sign_hash_get_num_ops(
    psa_sign_hash_interruptible_operation_t *operation);