mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-11 14:35:29 +00:00
psa: Refactor psa_import_key()
Create a new function psa_import_key_into_slot() from psa_import_key(). This is common functionality that will be used both when importing a key and loading a key from persistent storage.
This commit is contained in:
parent
96ebf9efcf
commit
940d72c3e8
|
@ -691,23 +691,18 @@ exit:
|
||||||
}
|
}
|
||||||
#endif /* defined(MBEDTLS_ECP_C) */
|
#endif /* defined(MBEDTLS_ECP_C) */
|
||||||
|
|
||||||
psa_status_t psa_import_key( psa_key_slot_t key,
|
static psa_status_t psa_import_key_into_slot( key_slot_t *slot,
|
||||||
psa_key_type_t type,
|
const uint8_t *data,
|
||||||
const uint8_t *data,
|
size_t data_length )
|
||||||
size_t data_length )
|
|
||||||
{
|
{
|
||||||
key_slot_t *slot;
|
|
||||||
psa_status_t status = PSA_SUCCESS;
|
psa_status_t status = PSA_SUCCESS;
|
||||||
status = psa_get_empty_key_slot( key, &slot );
|
|
||||||
if( status != PSA_SUCCESS )
|
|
||||||
return( status );
|
|
||||||
|
|
||||||
if( key_type_is_raw_bytes( type ) )
|
if( key_type_is_raw_bytes( slot->type ) )
|
||||||
{
|
{
|
||||||
/* Ensure that a bytes-to-bit conversion won't overflow. */
|
/* Ensure that a bytes-to-bit conversion won't overflow. */
|
||||||
if( data_length > SIZE_MAX / 8 )
|
if( data_length > SIZE_MAX / 8 )
|
||||||
return( PSA_ERROR_NOT_SUPPORTED );
|
return( PSA_ERROR_NOT_SUPPORTED );
|
||||||
status = prepare_raw_data_slot( type,
|
status = prepare_raw_data_slot( slot->type,
|
||||||
PSA_BYTES_TO_BITS( data_length ),
|
PSA_BYTES_TO_BITS( data_length ),
|
||||||
&slot->data.raw );
|
&slot->data.raw );
|
||||||
if( status != PSA_SUCCESS )
|
if( status != PSA_SUCCESS )
|
||||||
|
@ -717,9 +712,9 @@ psa_status_t psa_import_key( psa_key_slot_t key,
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
#if defined(MBEDTLS_ECP_C)
|
#if defined(MBEDTLS_ECP_C)
|
||||||
if( PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ) )
|
if( PSA_KEY_TYPE_IS_ECC_KEYPAIR( slot->type ) )
|
||||||
{
|
{
|
||||||
status = psa_import_ec_private_key( PSA_KEY_TYPE_GET_CURVE( type ),
|
status = psa_import_ec_private_key( PSA_KEY_TYPE_GET_CURVE( slot->type ),
|
||||||
data, data_length,
|
data, data_length,
|
||||||
&slot->data.ecp );
|
&slot->data.ecp );
|
||||||
if( status != PSA_SUCCESS )
|
if( status != PSA_SUCCESS )
|
||||||
|
@ -728,14 +723,15 @@ psa_status_t psa_import_key( psa_key_slot_t key,
|
||||||
else
|
else
|
||||||
#endif /* MBEDTLS_ECP_C */
|
#endif /* MBEDTLS_ECP_C */
|
||||||
#if defined(MBEDTLS_PK_PARSE_C)
|
#if defined(MBEDTLS_PK_PARSE_C)
|
||||||
if( PSA_KEY_TYPE_IS_RSA( type ) || PSA_KEY_TYPE_IS_ECC( type ) )
|
if( PSA_KEY_TYPE_IS_RSA( slot->type ) ||
|
||||||
|
PSA_KEY_TYPE_IS_ECC( slot->type ) )
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
mbedtls_pk_context pk;
|
mbedtls_pk_context pk;
|
||||||
mbedtls_pk_init( &pk );
|
mbedtls_pk_init( &pk );
|
||||||
|
|
||||||
/* Parse the data. */
|
/* Parse the data. */
|
||||||
if( PSA_KEY_TYPE_IS_KEYPAIR( type ) )
|
if( PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
|
||||||
ret = mbedtls_pk_parse_key( &pk, data, data_length, NULL, 0 );
|
ret = mbedtls_pk_parse_key( &pk, data, data_length, NULL, 0 );
|
||||||
else
|
else
|
||||||
ret = mbedtls_pk_parse_public_key( &pk, data, data_length );
|
ret = mbedtls_pk_parse_public_key( &pk, data, data_length );
|
||||||
|
@ -746,13 +742,13 @@ psa_status_t psa_import_key( psa_key_slot_t key,
|
||||||
* If it has the expected type and passes any type-specific
|
* If it has the expected type and passes any type-specific
|
||||||
* checks, store it. */
|
* checks, store it. */
|
||||||
#if defined(MBEDTLS_RSA_C)
|
#if defined(MBEDTLS_RSA_C)
|
||||||
if( PSA_KEY_TYPE_IS_RSA( type ) )
|
if( PSA_KEY_TYPE_IS_RSA( slot->type ) )
|
||||||
status = psa_import_rsa_key( &pk, &slot->data.rsa );
|
status = psa_import_rsa_key( &pk, &slot->data.rsa );
|
||||||
else
|
else
|
||||||
#endif /* MBEDTLS_RSA_C */
|
#endif /* MBEDTLS_RSA_C */
|
||||||
#if defined(MBEDTLS_ECP_C)
|
#if defined(MBEDTLS_ECP_C)
|
||||||
if( PSA_KEY_TYPE_IS_ECC( type ) )
|
if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
|
||||||
status = psa_import_ecp_key( PSA_KEY_TYPE_GET_CURVE( type ),
|
status = psa_import_ecp_key( PSA_KEY_TYPE_GET_CURVE( slot->type ),
|
||||||
&pk, &slot->data.ecp );
|
&pk, &slot->data.ecp );
|
||||||
else
|
else
|
||||||
#endif /* MBEDTLS_ECP_C */
|
#endif /* MBEDTLS_ECP_C */
|
||||||
|
@ -773,8 +769,31 @@ psa_status_t psa_import_key( psa_key_slot_t key,
|
||||||
{
|
{
|
||||||
return( PSA_ERROR_NOT_SUPPORTED );
|
return( PSA_ERROR_NOT_SUPPORTED );
|
||||||
}
|
}
|
||||||
|
return( PSA_SUCCESS );
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
psa_status_t psa_import_key( psa_key_slot_t key,
|
||||||
|
psa_key_type_t type,
|
||||||
|
const uint8_t *data,
|
||||||
|
size_t data_length )
|
||||||
|
{
|
||||||
|
key_slot_t *slot;
|
||||||
|
psa_status_t status;
|
||||||
|
|
||||||
|
status = psa_get_empty_key_slot( key, &slot );
|
||||||
|
if( status != PSA_SUCCESS )
|
||||||
|
return( status );
|
||||||
|
|
||||||
slot->type = type;
|
slot->type = type;
|
||||||
|
|
||||||
|
status = psa_import_key_into_slot( slot, data, data_length );
|
||||||
|
if( status != PSA_SUCCESS )
|
||||||
|
{
|
||||||
|
slot->type = PSA_KEY_TYPE_NONE;
|
||||||
|
return( status );
|
||||||
|
}
|
||||||
|
|
||||||
return( PSA_SUCCESS );
|
return( PSA_SUCCESS );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue