psa: key generation: Use PSA_EXPORT_KEY_OUTPUT_SIZE

Use PSA_EXPORT_KEY_OUTPUT_SIZE macro to compute the
size of the buffer to contain the generated key
instead of computing it alongside the key type and
size validation.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2021-02-08 16:10:05 +01:00
parent 9539126549
commit 3772afef0f

View file

@ -5957,24 +5957,21 @@ psa_status_t mbedtls_psa_inject_entropy( const uint8_t *seed,
} }
#endif /* MBEDTLS_PSA_INJECT_ENTROPY */ #endif /* MBEDTLS_PSA_INJECT_ENTROPY */
/** Get the key buffer size for the key material in export format /** Validate the key type and size for key generation
* *
* \param[in] type The key type * \param type The key type
* \param[in] bits The number of bits of the key * \param bits The number of bits of the key
* \param[out] key_buffer_size Minimum buffer size to contain the key material
* in export format
* *
* \retval #PSA_SUCCESS * \retval #PSA_SUCCESS
* The minimum size for a buffer to contain the key material in export * The key type and size are valid.
* format has been returned successfully.
* \retval #PSA_ERROR_INVALID_ARGUMENT * \retval #PSA_ERROR_INVALID_ARGUMENT
* The size in bits of the key is not valid. * The size in bits of the key is not valid.
* \retval #PSA_ERROR_NOT_SUPPORTED * \retval #PSA_ERROR_NOT_SUPPORTED
* The type and/or the size in bits of the key or the combination of * The type and/or the size in bits of the key or the combination of
* the two is not supported. * the two is not supported.
*/ */
static psa_status_t psa_get_key_buffer_size( static psa_status_t psa_validate_key_type_and_size_for_key_generation(
psa_key_type_t type, size_t bits, size_t *key_buffer_size ) psa_key_type_t type, size_t bits )
{ {
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
@ -5983,7 +5980,6 @@ static psa_status_t psa_get_key_buffer_size(
status = validate_unstructured_key_bit_size( type, bits ); status = validate_unstructured_key_bit_size( type, bits );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
return( status ); return( status );
*key_buffer_size = PSA_BITS_TO_BYTES( bits );
} }
else else
#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR)
@ -5996,8 +5992,6 @@ static psa_status_t psa_get_key_buffer_size(
* in psa_import_rsa_key(). */ * in psa_import_rsa_key(). */
if( bits % 8 != 0 ) if( bits % 8 != 0 )
return( PSA_ERROR_NOT_SUPPORTED ); return( PSA_ERROR_NOT_SUPPORTED );
*key_buffer_size = PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE( bits );
} }
else else
#endif /* defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) */ #endif /* defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) */
@ -6005,7 +5999,6 @@ static psa_status_t psa_get_key_buffer_size(
#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR)
if( PSA_KEY_TYPE_IS_ECC( type ) && PSA_KEY_TYPE_IS_KEY_PAIR( type ) ) if( PSA_KEY_TYPE_IS_ECC( type ) && PSA_KEY_TYPE_IS_KEY_PAIR( type ) )
{ {
*key_buffer_size = PSA_BITS_TO_BYTES( bits );
} }
else else
#endif /* defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) */ #endif /* defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) */
@ -6098,17 +6091,22 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes,
if ( PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ) == if ( PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ) ==
PSA_KEY_LOCATION_LOCAL_STORAGE ) PSA_KEY_LOCATION_LOCAL_STORAGE )
{ {
status = psa_get_key_buffer_size( attributes->core.type, status = psa_validate_key_type_and_size_for_key_generation(
attributes->core.bits, attributes->core.type, attributes->core.bits );
&key_buffer_size ); if( status != PSA_SUCCESS )
goto exit;
key_buffer_size = PSA_EXPORT_KEY_OUTPUT_SIZE(
attributes->core.type,
attributes->core.bits );
} }
else else
{ {
status = psa_driver_wrapper_get_key_buffer_size( status = psa_driver_wrapper_get_key_buffer_size(
attributes, &key_buffer_size ); attributes, &key_buffer_size );
if( status != PSA_SUCCESS )
goto exit;
} }
if( status != PSA_SUCCESS )
goto exit;
status = psa_allocate_buffer_to_slot( slot, key_buffer_size ); status = psa_allocate_buffer_to_slot( slot, key_buffer_size );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )