yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-02-02 13:10:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

psa: Move from validate_key to import_key entry point

Browse source 
In the course of the development of the PSA unified
driver interface, the validate_key entry point for
opaque drivers has been removed and replaced by an
import_key entry point. This commit takes into account
this change of specification.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2020-11-22 14:02:39 +01:00
parent ea0f8a6d1a
commit 8328287956
5 changed files with 60 additions and 33 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

35
library/psa_crypto.c
View file

@ -1104,27 +1104,40 @@ static psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot,
else if( PSA_KEY_TYPE_IS_ASYMMETRIC( slot->attr.type ) ) else if( PSA_KEY_TYPE_IS_ASYMMETRIC( slot->attr.type ) )
{ {
/* Try validation through accelerators first. */ /* Try validation through accelerators first. */
bit_size = slot->attr.bits;
psa_key_attributes_t attributes = { psa_key_attributes_t attributes = {
.core = slot->attr .core = slot->attr
}; };
status = psa_driver_wrapper_validate_key( &attributes,
data, status = psa_allocate_buffer_to_slot( slot, data_length );
data_length,
&bit_size );
if( status == PSA_SUCCESS )
{
/* Key has been validated successfully by an accelerator.
* Copy key material into slot. */
status = psa_copy_key_material_into_slot( slot, data, data_length );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
return( status ); return( status );
bit_size = slot->attr.bits;
status = psa_driver_wrapper_import_key( &attributes,
data, data_length,
slot->key.data,
slot->key.bytes,
&slot->key.bytes,
&bit_size );
if( status == PSA_SUCCESS )
{
if( slot->attr.bits == 0 )
slot->attr.bits = (psa_key_bits_t) bit_size; slot->attr.bits = (psa_key_bits_t) bit_size;
else if( bit_size != slot->attr.bits )
return( PSA_ERROR_INVALID_ARGUMENT );
return( PSA_SUCCESS ); return( PSA_SUCCESS );
} }
else if( status != PSA_ERROR_NOT_SUPPORTED ) else
{
if( status != PSA_ERROR_NOT_SUPPORTED )
return( status ); return( status );
}
mbedtls_platform_zeroize( slot->key.data, data_length );
mbedtls_free( slot->key.data );
slot->key.data = NULL;
slot->key.bytes = 0;
/* Key format is not supported by any accelerator, try software fallback /* Key format is not supported by any accelerator, try software fallback
* if present. */ * if present. */

17
library/psa_crypto_driver_wrappers.c
View file

@ -409,19 +409,23 @@ psa_status_t psa_driver_wrapper_generate_key( const psa_key_attributes_t *attrib
#endif /* PSA_CRYPTO_DRIVER_PRESENT */ #endif /* PSA_CRYPTO_DRIVER_PRESENT */
} }
psa_status_t psa_driver_wrapper_validate_key( const psa_key_attributes_t *attributes, psa_status_t psa_driver_wrapper_import_key(
const psa_key_attributes_t *attributes,
const uint8_t *data, const uint8_t *data,
size_t data_length, size_t data_length,
uint8_t *key_buffer,
size_t key_buffer_size,
size_t *key_buffer_length,
size_t *bits ) size_t *bits )
{ {
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
/* Try accelerators in turn */ /* Try accelerators in turn */
#if defined(PSA_CRYPTO_DRIVER_TEST) #if defined(PSA_CRYPTO_DRIVER_TEST)
status = test_transparent_validate_key( attributes, status = test_transparent_import_key( attributes,
data, data, data_length,
data_length, key_buffer, key_buffer_size,
bits ); key_buffer_length, bits );
/* Declared with fallback == true */ /* Declared with fallback == true */
if( status != PSA_ERROR_NOT_SUPPORTED ) if( status != PSA_ERROR_NOT_SUPPORTED )
return( status ); return( status );
@ -432,6 +436,9 @@ psa_status_t psa_driver_wrapper_validate_key( const psa_key_attributes_t *attrib
(void) attributes; (void) attributes;
(void) data; (void) data;
(void) data_length; (void) data_length;
(void) key_buffer;
(void) key_buffer_size;
(void) key_buffer_length;
(void) bits; (void) bits;
return( PSA_ERROR_NOT_SUPPORTED ); return( PSA_ERROR_NOT_SUPPORTED );
#endif /* PSA_CRYPTO_DRIVER_PRESENT */ #endif /* PSA_CRYPTO_DRIVER_PRESENT */

9
library/psa_crypto_driver_wrappers.h
View file

@ -50,10 +50,11 @@ psa_status_t psa_driver_wrapper_verify_hash( psa_key_slot_t *slot,
psa_status_t psa_driver_wrapper_generate_key( const psa_key_attributes_t *attributes, psa_status_t psa_driver_wrapper_generate_key( const psa_key_attributes_t *attributes,
psa_key_slot_t *slot ); psa_key_slot_t *slot );
psa_status_t psa_driver_wrapper_validate_key( const psa_key_attributes_t *attributes, psa_status_t psa_driver_wrapper_import_key(
const uint8_t *data, const psa_key_attributes_t *attributes,
size_t data_length, const uint8_t *data, size_t data_length,
size_t *bits ); uint8_t *key_buffer, size_t key_buffer_size,
size_t *key_buffer_length, size_t *bits );
psa_status_t psa_driver_wrapper_export_public_key( const psa_key_slot_t *slot, psa_status_t psa_driver_wrapper_export_public_key( const psa_key_slot_t *slot,
uint8_t *data, uint8_t *data,

15
tests/include/test/drivers/key_management.h
View file

@ -58,12 +58,6 @@ psa_status_t test_opaque_generate_key(
const psa_key_attributes_t *attributes, const psa_key_attributes_t *attributes,
uint8_t *key, size_t key_size, size_t *key_length ); uint8_t *key, size_t key_size, size_t *key_length );
psa_status_t test_transparent_validate_key(
const psa_key_attributes_t *attributes,
const uint8_t *data,
size_t data_length,
size_t *bits);
psa_status_t test_transparent_export_public_key( psa_status_t test_transparent_export_public_key(
const psa_key_attributes_t *attributes, const psa_key_attributes_t *attributes,
const uint8_t *key, size_t key_length, const uint8_t *key, size_t key_length,
@ -74,5 +68,14 @@ psa_status_t test_opaque_export_public_key(
const uint8_t *key, size_t key_length, const uint8_t *key, size_t key_length,
uint8_t *data, size_t data_size, size_t *data_length ); uint8_t *data, size_t data_size, size_t *data_length );
psa_status_t test_transparent_import_key(
const psa_key_attributes_t *attributes,
const uint8_t *data,
size_t data_length,
uint8_t *key_buffer,
size_t key_buffer_size,
size_t *key_buffer_length,
size_t *bits);
#endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H */ #endif /* PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H */

5
tests/src/drivers/key_management.c
View file

@ -137,10 +137,13 @@ psa_status_t test_opaque_generate_key(
return( PSA_ERROR_NOT_SUPPORTED ); return( PSA_ERROR_NOT_SUPPORTED );
} }
psa_status_t test_transparent_validate_key( psa_status_t test_transparent_import_key(
const psa_key_attributes_t *attributes, const psa_key_attributes_t *attributes,
const uint8_t *data, const uint8_t *data,
size_t data_length, size_t data_length,
uint8_t *key_buffer,
size_t key_buffer_size,
size_t *key_buffer_length,
size_t *bits) size_t *bits)
{ {
++test_driver_key_management_hooks.hits; ++test_driver_key_management_hooks.hits;