Change psa_generate_key_internal() signature

Change psa_generate_key_internal() signature to that of a PSA driver generate_key entry point. That way, this function can be called by the driver wrapper when a software fallback is necessary. Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2025-03-24 22:35:15 +00:00 · 2020-10-02 20:02:04 +02:00 · 2020-10-02 20:02:04 +02:00 · 2a38a6b98f
parent 9df74beea7
commit 2a38a6b98f
1 changed files with 43 additions and 21 deletions
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@ -6043,27 +6043,46 @@ static psa_status_t psa_get_key_buffer_size(
    return( PSA_SUCCESS );
 }
 /**
 * \brief Generate a key.
 *
 * \note The signature of the function is that of a PSA driver generate_key
 *       entry point.
 *
 * \param[in]  attributes         The attributes for the key to generate.
 * \param[out] key_buffer         Buffer where the key data is to be written.
 * \param[in]  key_buffer_size    Size of \p key_buffer in bytes.
 * \param[out] key_buffer_length  On success, the number of bytes written in
 *                                \p key_buffer.
 *
 * \retval #PSA_SUCCESS
 *         The key was generated successfully.
 * \retval #PSA_ERROR_INVALID_ARGUMENT
 * \retval #PSA_ERROR_NOT_SUPPORTED
 *         Key size in bits or type not supported.
 * \retval #PSA_ERROR_BUFFER_TOO_SMALL
 *         The size of \p key_buffer is too small.
 */
 static psa_status_t psa_generate_key_internal(
-    psa_key_slot_t *slot, size_t bits,
+    const psa_key_attributes_t *attributes,
-    const uint8_t *domain_parameters, size_t domain_parameters_size )
+    uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
 {
    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-    psa_key_type_t type = slot->attr.type;
+    psa_key_type_t type = attributes->core.type;
-    if( domain_parameters == NULL && domain_parameters_size != 0 )
+    if( ( attributes->domain_parameters == NULL ) &&
        ( attributes->domain_parameters_size != 0 ) )
        return( PSA_ERROR_INVALID_ARGUMENT );
    if( key_type_is_raw_bytes( type ) )
    {
-        status = psa_generate_random( slot->key.data,
+        status = psa_generate_random( key_buffer, key_buffer_size );
                                      slot->key.bytes );
        if( status != PSA_SUCCESS )
            return( status );
 #if defined(MBEDTLS_DES_C)
        if( type == PSA_KEY_TYPE_DES )
-            psa_des_set_key_parity( slot->key.data,
+            psa_des_set_key_parity( key_buffer, key_buffer_size );
                                    slot->key.bytes );
 #endif /* MBEDTLS_DES_C */
    }
    else
@ -6075,8 +6094,8 @@ static psa_status_t psa_generate_key_internal(
        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
        int exponent;
-        status = psa_read_rsa_exponent( domain_parameters,
+        status = psa_read_rsa_exponent( attributes->domain_parameters,
-                                        domain_parameters_size,
+                                        attributes->domain_parameters_size,
                                        &exponent );
        if( status != PSA_SUCCESS )
            return( status );
@ -6085,16 +6104,16 @@ static psa_status_t psa_generate_key_internal(
        ret = mbedtls_rsa_gen_key( &rsa,
                                   mbedtls_psa_get_random,
                                   MBEDTLS_PSA_RANDOM_STATE,
-                                   (unsigned int) bits,
+                                   (unsigned int) attributes->core.bits,
                                   exponent );
        if( ret != 0 )
            return( mbedtls_to_psa_error( ret ) );
        status = mbedtls_psa_rsa_export_key( type,
                                             &rsa,
-                                             slot->key.data,
+                                             key_buffer,
-                                             slot->key.bytes,
+                                             key_buffer_size,
-                                             &slot->key.bytes );
+                                             key_buffer_length );
        mbedtls_rsa_free( &rsa );
        return( status );
@ -6107,15 +6126,17 @@ static psa_status_t psa_generate_key_internal(
    {
        psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY( type );
        mbedtls_ecp_group_id grp_id =
-            mbedtls_ecc_group_of_psa( curve, bits, 0 );
+            mbedtls_ecc_group_of_psa( curve, attributes->core.bits, 0 );
        const mbedtls_ecp_curve_info *curve_info =
            mbedtls_ecp_curve_info_from_grp_id( grp_id );
        mbedtls_ecp_keypair ecp;
        int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-        if( domain_parameters_size != 0 )
+        if( attributes->domain_parameters_size != 0 )
            return( PSA_ERROR_NOT_SUPPORTED );
        if( grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL )
            return( PSA_ERROR_NOT_SUPPORTED );
        mbedtls_ecp_keypair_init( &ecp );
        ret = mbedtls_ecp_gen_key( grp_id, &ecp,
                                   mbedtls_psa_get_random,
@ -6127,15 +6148,19 @@ static psa_status_t psa_generate_key_internal(
        }
        status = mbedtls_to_psa_error(
-            mbedtls_ecp_write_key( &ecp, slot->key.data, slot->key.bytes ) );
+            mbedtls_ecp_write_key( &ecp, key_buffer, key_buffer_size ) );
        mbedtls_ecp_keypair_free( &ecp );
        if( status == PSA_SUCCESS )
            *key_buffer_length = key_buffer_size;
        return( status );
    }
    else
 #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) */
    {
        (void)key_buffer_length;
        return( PSA_ERROR_NOT_SUPPORTED );
    }
@ -6179,8 +6204,7 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes,
        goto exit;
    status = psa_generate_key_internal(
-        slot, attributes->core.bits,
+        attributes, slot->key.data, slot->key.bytes, &slot->key.bytes );
        attributes->domain_parameters, attributes->domain_parameters_size );
    if( status != PSA_SUCCESS )
        psa_remove_key_data_from_memory( slot );
@ -6194,8 +6218,6 @@ exit:
    return( status );
 }
 /****************************************************************/
 /* Module setup */
 /****************************************************************/