lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Plug in the entry point for public key export through driver

Browse Source 
Including test.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
This commit is contained in:
Steven Cooreman
2020-10-14 14:39:20 +02:00
parent cb0a9ee33e
commit b9b844220b
7 changed files with 276 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
library/psa_crypto.c
View File

@ -1656,14 +1656,24 @@ static psa_status_t psa_internal_export_key( const psa_key_slot_t *slot,
/* Exporting private -> private */
return( psa_internal_export_key_buffer( slot, data, data_size, data_length ) );
}
/* Need to export the public part of a private key,
* so conversion is needed */
* so conversion is needed. Try the accelerators first. */
psa_status_t status = psa_driver_wrapper_export_public_key( slot,
data,
data_size,
data_length );
if( status != PSA_ERROR_NOT_SUPPORTED ||
psa_key_lifetime_is_external( slot->attr.lifetime ) )
return( status );
if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) )
{
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
mbedtls_rsa_context *rsa = NULL;
psa_status_t status = psa_load_rsa_representation(
status = psa_load_rsa_representation(
slot->attr.type,
slot->data.key.data,
slot->data.key.bytes,
@ -1692,7 +1702,7 @@ static psa_status_t psa_internal_export_key( const psa_key_slot_t *slot,
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
mbedtls_ecp_keypair *ecp = NULL;
psa_status_t status = psa_load_ecp_representation(
status = psa_load_ecp_representation(
slot->attr.type,
slot->data.key.data,
slot->data.key.bytes,

53
library/psa_crypto_driver_wrappers.c
View File

@ -438,6 +438,59 @@ psa_status_t psa_driver_wrapper_validate_key( const psa_key_attributes_t *attrib
#endif /* PSA_CRYPTO_DRIVER_PRESENT */
}
psa_status_t psa_driver_wrapper_export_public_key( const psa_key_slot_t *slot,
uint8_t *data,
size_t data_size,
size_t *data_length )
{
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
psa_key_attributes_t attributes = {
.core = slot->attr
};
switch( location )
{
case PSA_KEY_LOCATION_LOCAL_STORAGE:
/* Key is stored in the slot in export representation, so
* cycle through all known transparent accelerators */
#if defined(PSA_CRYPTO_DRIVER_TEST)
status = test_transparent_export_public_key( &attributes,
slot->data.key.data,
slot->data.key.bytes,
data,
data_size,
data_length );
/* Declared with fallback == true */
if( status != PSA_ERROR_NOT_SUPPORTED )
return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */
/* Fell through, meaning no accelerator supports this operation */
return( PSA_ERROR_NOT_SUPPORTED );
/* Add cases for opaque driver here */
#if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
return( test_opaque_export_public_key( &attributes,
slot->data.key.data,
slot->data.key.bytes,
data,
data_size,
data_length ) );
#endif /* PSA_CRYPTO_DRIVER_TEST */
default:
/* Key is declared with a lifetime not known to us */
return( status );
}
#else /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
(void) slot;
(void) data;
(void) data_size;
(void) data_length;
return( PSA_ERROR_NOT_SUPPORTED );
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
}
/*
* Cipher functions
*/

5
library/psa_crypto_driver_wrappers.h
View File

@ -55,6 +55,11 @@ psa_status_t psa_driver_wrapper_validate_key( const psa_key_attributes_t *attrib
size_t data_length,
size_t *bits );
psa_status_t psa_driver_wrapper_export_public_key( const psa_key_slot_t *slot,
uint8_t *data,
size_t data_size,
size_t *data_length );
/*
* Cipher functions
*/