mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-23 10:15:40 +00:00
psa_generate_key: remove the bit-size sanity check
In psa_generate_key_internal() for ECC keys, remove the check that the bit-size according to Mbed TLS is equal to the requested bit-size. This check was necessary back when the PSA API encoded curves and key sizes independently, in order to reject combinations such as SECP256R1 with a 512-bit size. Since the curve encoding changed to specifying a curve family and a size separately, the Mbed TLS curve id (grp_id) and the curve data (curve_info) are now determined from the size, and checking that (curve_info->bit_size == bits) is now only a redundant sanity check. This check is actually buggy, because PSA Crypto and Mbed TLS don't have exactly the same notion of key size. PSA thinks Curve25519 is 255-bit and secp224k1 is 225-bit, but Mbed TLS thinks they're 256-bit and 224-bit respectively. Removing the check allows key generation to work for these curves. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
360e2c41d8
commit
2acbed387d
3
ChangeLog.d/psa_generate_key-curve25519.txt
Normal file
3
ChangeLog.d/psa_generate_key-curve25519.txt
Normal file
|
@ -0,0 +1,3 @@
|
|||
Bugfix
|
||||
* Fix psa_generate_key() returning an error when asked to generate
|
||||
an ECC key pair on Curve25519 or secp244k1.
|
|
@ -6110,8 +6110,6 @@ static psa_status_t psa_generate_key_internal(
|
|||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
if( grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL )
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
if( curve_info->bit_size != bits )
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
mbedtls_ecp_keypair_init( &ecp );
|
||||
ret = mbedtls_ecp_gen_key( grp_id, &ecp,
|
||||
mbedtls_ctr_drbg_random,
|
||||
|
|
Loading…
Reference in a new issue