Skeleton for PK_OPAQUE_PSA

This commit is contained in:
Manuel Pégourié-Gonnard 2018-10-22 12:11:15 +02:00 committed by Hanno Becker
parent 12bd57b8c8
commit 1ecf92c364
4 changed files with 77 additions and 0 deletions

View file

@ -45,6 +45,10 @@
#include "ecdsa.h" #include "ecdsa.h"
#endif #endif
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa/crypto.h"
#endif
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus) !defined(inline) && !defined(__cplusplus)
#define inline __inline #define inline __inline
@ -83,6 +87,7 @@ typedef enum {
MBEDTLS_PK_ECDSA, MBEDTLS_PK_ECDSA,
MBEDTLS_PK_RSA_ALT, MBEDTLS_PK_RSA_ALT,
MBEDTLS_PK_RSASSA_PSS, MBEDTLS_PK_RSASSA_PSS,
MBEDTLS_PK_OPAQUE_PSA,
} mbedtls_pk_type_t; } mbedtls_pk_type_t;
/** /**
@ -234,6 +239,24 @@ void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx );
*/ */
int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ); int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info );
#if defined(MBEDTLS_USE_PSA_CRYPTO)
/**
* \brief Initialize a PK context to wrap a PSA key slot.
*
* \param ctx Context to initialize. Must be empty (type NONE).
* \param key PSA key slot to wrap.
*
* \return 0 on success,
* MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input,
* MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure.
*
* \note This function replaces mbedtls_pk_setup() for contexts
* that wrap a (possibly opaque) PSA key slot instead of
* storing and manipulating the key material directly.
*/
int mbedtls_pk_setup_psa( mbedtls_pk_context *ctx, const psa_key_slot_t key );
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
/** /**
* \brief Initialize an RSA-alt context * \brief Initialize an RSA-alt context

View file

@ -135,4 +135,8 @@ extern const mbedtls_pk_info_t mbedtls_ecdsa_info;
extern const mbedtls_pk_info_t mbedtls_rsa_alt_info; extern const mbedtls_pk_info_t mbedtls_rsa_alt_info;
#endif #endif
#if defined(MBEDTLS_USE_PSA_CRYPTO)
extern const mbedtls_pk_info_t mbedtls_pk_opaque_psa_info;
#endif
#endif /* MBEDTLS_PK_WRAP_H */ #endif /* MBEDTLS_PK_WRAP_H */

View file

@ -139,6 +139,29 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info )
return( 0 ); return( 0 );
} }
#if defined(MBEDTLS_USE_PSA_CRYPTO)
/*
* Initialise a PSA-wrapping context
*/
int mbedtls_pk_setup_psa( mbedtls_pk_context *ctx, const psa_key_slot_t key )
{
const mbedtls_pk_info_t * const info = &mbedtls_pk_opaque_psa_info;
if( ctx == NULL || ctx->pk_info != NULL )
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
return( MBEDTLS_ERR_PK_ALLOC_FAILED );
/* coming soon: remember key */
(void) key;
ctx->pk_info = info;
return( 0 );
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
/* /*
* Initialize an RSA-alt context * Initialize an RSA-alt context

View file

@ -716,4 +716,31 @@ const mbedtls_pk_info_t mbedtls_rsa_alt_info = {
#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
#if defined(MBEDTLS_USE_PSA_CRYPTO)
const mbedtls_pk_info_t mbedtls_pk_opaque_psa_info = {
MBEDTLS_PK_OPAQUE_PSA,
"Opaque (PSA)",
NULL, /* coming soon: bitlen */
NULL, /* coming soon: can_do */
NULL, /* verify - will be done later */
NULL, /* coming soon: sign */
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
NULL, /* restartable verify - not relevant */
NULL, /* restartable sign - not relevant */
#endif
NULL, /* decrypt - will be done later */
NULL, /* encrypt - will be done later */
NULL, /* check_pair - could be done later or left NULL */
NULL, /* coming soon: alloc */
NULL, /* coming soon: free */
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
NULL, /* restart alloc - not relevant */
NULL, /* restart free - not relevant */
#endif
NULL, /* debug - could be done later, or even left NULL */
};
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#endif /* MBEDTLS_PK_C */ #endif /* MBEDTLS_PK_C */