mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-24 05:41:05 +00:00
psa: Simplify DSA key formats
Remove front matter and DSS parameters from our DSA key formats, both keypair and public key, to make it just a representation of the integer private key, `x`, or the public key, `y`, respectively.
This commit is contained in:
parent
283dfd1613
commit
1308fb517f
|
@ -378,6 +378,15 @@ psa_status_t psa_get_key_information(psa_key_handle_t handle,
|
||||||
* psa_generate_key().
|
* psa_generate_key().
|
||||||
*
|
*
|
||||||
* The format for the required domain parameters varies by the key type.
|
* The format for the required domain parameters varies by the key type.
|
||||||
|
* - For DSA public keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY),
|
||||||
|
* the `Dss-Parms` format as defined by RFC 3279 §2.3.2.
|
||||||
|
* ```
|
||||||
|
* Dss-Parms ::= SEQUENCE {
|
||||||
|
* p INTEGER,
|
||||||
|
* q INTEGER,
|
||||||
|
* g INTEGER
|
||||||
|
* }
|
||||||
|
* ```
|
||||||
*
|
*
|
||||||
* \param handle Handle to the key to set domain parameters for.
|
* \param handle Handle to the key to set domain parameters for.
|
||||||
* \param[in] data Buffer containing the key domain parameters. The content
|
* \param[in] data Buffer containing the key domain parameters. The content
|
||||||
|
@ -470,19 +479,10 @@ psa_status_t psa_get_key_domain_parameters(psa_key_handle_t handle,
|
||||||
* coefficient INTEGER, -- (inverse of q) mod p
|
* coefficient INTEGER, -- (inverse of q) mod p
|
||||||
* }
|
* }
|
||||||
* ```
|
* ```
|
||||||
* - For DSA private keys (#PSA_KEY_TYPE_DSA_KEYPAIR), the format
|
* - For DSA private keys (#PSA_KEY_TYPE_DSA_KEYPAIR), the format is the
|
||||||
* is the non-encrypted DER encoding of the representation used by
|
* representation of the private key `x` as a big-endian byte string. The
|
||||||
* OpenSSL and OpenSSH, whose structure is described in ASN.1 as follows:
|
* length of the byte string is the private key size in bytes (leading zeroes
|
||||||
* ```
|
* are not stripped).
|
||||||
* DSAPrivateKey ::= SEQUENCE {
|
|
||||||
* version INTEGER, -- must be 0
|
|
||||||
* prime INTEGER, -- p
|
|
||||||
* subprime INTEGER, -- q
|
|
||||||
* generator INTEGER, -- g
|
|
||||||
* public INTEGER, -- y
|
|
||||||
* private INTEGER, -- x
|
|
||||||
* }
|
|
||||||
* ```
|
|
||||||
* - For elliptic curve key pairs (key types for which
|
* - For elliptic curve key pairs (key types for which
|
||||||
* #PSA_KEY_TYPE_IS_ECC_KEYPAIR is true), the format is
|
* #PSA_KEY_TYPE_IS_ECC_KEYPAIR is true), the format is
|
||||||
* a representation of the private value as a `ceiling(m/8)`-byte string
|
* a representation of the private value as a `ceiling(m/8)`-byte string
|
||||||
|
@ -556,33 +556,10 @@ psa_status_t psa_export_key(psa_key_handle_t handle,
|
||||||
* - The byte 0x04;
|
* - The byte 0x04;
|
||||||
* - `x_P` as a `ceiling(m/8)`-byte string, big-endian;
|
* - `x_P` as a `ceiling(m/8)`-byte string, big-endian;
|
||||||
* - `y_P` as a `ceiling(m/8)`-byte string, big-endian.
|
* - `y_P` as a `ceiling(m/8)`-byte string, big-endian.
|
||||||
*
|
* - For DSA public keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY), the format is the
|
||||||
* For other public key types, the format is the DER representation defined by
|
* representation of the public key `y = g^x mod p` as a big-endian byte
|
||||||
* RFC 5280 as `SubjectPublicKeyInfo`, with the `subjectPublicKey` format
|
* string. The length of the byte string is the length of the base prime `p`
|
||||||
* specified below.
|
* in bytes.
|
||||||
* ```
|
|
||||||
* SubjectPublicKeyInfo ::= SEQUENCE {
|
|
||||||
* algorithm AlgorithmIdentifier,
|
|
||||||
* subjectPublicKey BIT STRING }
|
|
||||||
* AlgorithmIdentifier ::= SEQUENCE {
|
|
||||||
* algorithm OBJECT IDENTIFIER,
|
|
||||||
* parameters ANY DEFINED BY algorithm OPTIONAL }
|
|
||||||
* ```
|
|
||||||
* - For DSA public keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY),
|
|
||||||
* the `subjectPublicKey` format is defined by RFC 3279 §2.3.2 as
|
|
||||||
* `DSAPublicKey`,
|
|
||||||
* with the OID `id-dsa`,
|
|
||||||
* and with the parameters `DSS-Parms`.
|
|
||||||
* ```
|
|
||||||
* id-dsa OBJECT IDENTIFIER ::= {
|
|
||||||
* iso(1) member-body(2) us(840) x9-57(10040) x9cm(4) 1 }
|
|
||||||
*
|
|
||||||
* Dss-Parms ::= SEQUENCE {
|
|
||||||
* p INTEGER,
|
|
||||||
* q INTEGER,
|
|
||||||
* g INTEGER }
|
|
||||||
* DSAPublicKey ::= INTEGER -- public key, Y
|
|
||||||
* ```
|
|
||||||
*
|
*
|
||||||
* \param handle Handle to the key to export.
|
* \param handle Handle to the key to export.
|
||||||
* \param[out] data Buffer where the key data is to be written.
|
* \param[out] data Buffer where the key data is to be written.
|
||||||
|
@ -2321,6 +2298,12 @@ typedef struct {
|
||||||
* specifying the public exponent. The
|
* specifying the public exponent. The
|
||||||
* default public exponent used when \p extra
|
* default public exponent used when \p extra
|
||||||
* is \c NULL is 65537.
|
* is \c NULL is 65537.
|
||||||
|
* - For an DSA key (\p type is
|
||||||
|
* #PSA_KEY_TYPE_DSA_KEYPAIR), \p extra is an
|
||||||
|
* optional structure specifying the key domain
|
||||||
|
* parameters. The key domain parameters can also be
|
||||||
|
* provided by psa_set_key_domain_parameters(),
|
||||||
|
* which documents the format of the structure.
|
||||||
* \param extra_size Size of the buffer that \p extra
|
* \param extra_size Size of the buffer that \p extra
|
||||||
* points to, in bytes. Note that if \p extra is
|
* points to, in bytes. Note that if \p extra is
|
||||||
* \c NULL then \p extra_size must be zero.
|
* \c NULL then \p extra_size must be zero.
|
||||||
|
|
Loading…
Reference in a new issue