mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-10 19:35:27 +00:00
Move RSA key generation code to the PSA RSA specific C file
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron
parent
977c247048
commit
9e18fc1cf9
|
|
@ -5956,34 +5956,6 @@ psa_status_t mbedtls_psa_inject_entropy( const uint8_t *seed,
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_PSA_INJECT_ENTROPY */
|
#endif /* MBEDTLS_PSA_INJECT_ENTROPY */
|
||||||
|
|
||||||
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
|
|
||||||
static psa_status_t psa_read_rsa_exponent( const uint8_t *domain_parameters,
|
|
||||||
size_t domain_parameters_size,
|
|
||||||
int *exponent )
|
|
||||||
{
|
|
||||||
size_t i;
|
|
||||||
uint32_t acc = 0;
|
|
||||||
|
|
||||||
if( domain_parameters_size == 0 )
|
|
||||||
{
|
|
||||||
*exponent = 65537;
|
|
||||||
return( PSA_SUCCESS );
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Mbed TLS encodes the public exponent as an int. For simplicity, only
|
|
||||||
* support values that fit in a 32-bit integer, which is larger than
|
|
||||||
* int on just about every platform anyway. */
|
|
||||||
if( domain_parameters_size > sizeof( acc ) )
|
|
||||||
return( PSA_ERROR_NOT_SUPPORTED );
|
|
||||||
for( i = 0; i < domain_parameters_size; i++ )
|
|
||||||
acc = ( acc << 8 ) | domain_parameters[i];
|
|
||||||
if( acc > INT_MAX )
|
|
||||||
return( PSA_ERROR_NOT_SUPPORTED );
|
|
||||||
*exponent = acc;
|
|
||||||
return( PSA_SUCCESS );
|
|
||||||
}
|
|
||||||
#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) */
|
|
||||||
|
|
||||||
/** Get the key buffer size for the key material in export format
|
/** Get the key buffer size for the key material in export format
|
||||||
*
|
*
|
||||||
* \param[in] type The key type
|
* \param[in] type The key type
|
||||||
|
|
@ -6070,33 +6042,10 @@ psa_status_t psa_generate_key_internal(
|
||||||
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
|
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
|
||||||
if ( type == PSA_KEY_TYPE_RSA_KEY_PAIR )
|
if ( type == PSA_KEY_TYPE_RSA_KEY_PAIR )
|
||||||
{
|
{
|
||||||
mbedtls_rsa_context rsa;
|
return( mbedtls_psa_rsa_generate_key( attributes,
|
||||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
key_buffer,
|
||||||
int exponent;
|
key_buffer_size,
|
||||||
|
key_buffer_length ) );
|
||||||
status = psa_read_rsa_exponent( attributes->domain_parameters,
|
|
||||||
attributes->domain_parameters_size,
|
|
||||||
&exponent );
|
|
||||||
if( status != PSA_SUCCESS )
|
|
||||||
return( status );
|
|
||||||
|
|
||||||
mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE );
|
|
||||||
ret = mbedtls_rsa_gen_key( &rsa,
|
|
||||||
mbedtls_psa_get_random,
|
|
||||||
MBEDTLS_PSA_RANDOM_STATE,
|
|
||||||
(unsigned int) attributes->core.bits,
|
|
||||||
exponent );
|
|
||||||
if( ret != 0 )
|
|
||||||
return( mbedtls_to_psa_error( ret ) );
|
|
||||||
|
|
||||||
status = mbedtls_psa_rsa_export_key( type,
|
|
||||||
&rsa,
|
|
||||||
key_buffer,
|
|
||||||
key_buffer_size,
|
|
||||||
key_buffer_length );
|
|
||||||
mbedtls_rsa_free( &rsa );
|
|
||||||
|
|
||||||
return( status );
|
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) */
|
#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) */
|
||||||
|
|
|
||||||
|
|
@ -24,6 +24,7 @@
|
||||||
|
|
||||||
#include <psa/crypto.h>
|
#include <psa/crypto.h>
|
||||||
#include "psa_crypto_core.h"
|
#include "psa_crypto_core.h"
|
||||||
|
#include "psa_crypto_random_impl.h"
|
||||||
#include "psa_crypto_rsa.h"
|
#include "psa_crypto_rsa.h"
|
||||||
|
|
||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
|
|
@ -258,6 +259,66 @@ static psa_status_t rsa_export_public_key(
|
||||||
#endif /* defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
|
#endif /* defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
|
||||||
* defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
|
* defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
|
||||||
|
|
||||||
|
#if defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
|
||||||
|
static psa_status_t psa_read_rsa_exponent( const uint8_t *domain_parameters,
|
||||||
|
size_t domain_parameters_size,
|
||||||
|
int *exponent )
|
||||||
|
{
|
||||||
|
size_t i;
|
||||||
|
uint32_t acc = 0;
|
||||||
|
|
||||||
|
if( domain_parameters_size == 0 )
|
||||||
|
{
|
||||||
|
*exponent = 65537;
|
||||||
|
return( PSA_SUCCESS );
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Mbed TLS encodes the public exponent as an int. For simplicity, only
|
||||||
|
* support values that fit in a 32-bit integer, which is larger than
|
||||||
|
* int on just about every platform anyway. */
|
||||||
|
if( domain_parameters_size > sizeof( acc ) )
|
||||||
|
return( PSA_ERROR_NOT_SUPPORTED );
|
||||||
|
for( i = 0; i < domain_parameters_size; i++ )
|
||||||
|
acc = ( acc << 8 ) | domain_parameters[i];
|
||||||
|
if( acc > INT_MAX )
|
||||||
|
return( PSA_ERROR_NOT_SUPPORTED );
|
||||||
|
*exponent = acc;
|
||||||
|
return( PSA_SUCCESS );
|
||||||
|
}
|
||||||
|
|
||||||
|
psa_status_t mbedtls_psa_rsa_generate_key(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
|
||||||
|
{
|
||||||
|
psa_status_t status;
|
||||||
|
mbedtls_rsa_context rsa;
|
||||||
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||||
|
int exponent;
|
||||||
|
|
||||||
|
status = psa_read_rsa_exponent( attributes->domain_parameters,
|
||||||
|
attributes->domain_parameters_size,
|
||||||
|
&exponent );
|
||||||
|
if( status != PSA_SUCCESS )
|
||||||
|
return( status );
|
||||||
|
|
||||||
|
mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE );
|
||||||
|
ret = mbedtls_rsa_gen_key( &rsa,
|
||||||
|
mbedtls_psa_get_random,
|
||||||
|
MBEDTLS_PSA_RANDOM_STATE,
|
||||||
|
(unsigned int)attributes->core.bits,
|
||||||
|
exponent );
|
||||||
|
if( ret != 0 )
|
||||||
|
return( mbedtls_to_psa_error( ret ) );
|
||||||
|
|
||||||
|
status = mbedtls_psa_rsa_export_key( attributes->core.type,
|
||||||
|
&rsa, key_buffer, key_buffer_size,
|
||||||
|
key_buffer_length );
|
||||||
|
mbedtls_rsa_free( &rsa );
|
||||||
|
|
||||||
|
return( status );
|
||||||
|
}
|
||||||
|
#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) */
|
||||||
|
|
||||||
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
|
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
|
||||||
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
|
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -114,6 +114,29 @@ psa_status_t mbedtls_psa_rsa_export_public_key(
|
||||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||||
uint8_t *data, size_t data_size, size_t *data_length );
|
uint8_t *data, size_t data_size, size_t *data_length );
|
||||||
|
|
||||||
|
/**
|
||||||
|
* \brief Generate an RSA key.
|
||||||
|
*
|
||||||
|
* \note The signature of the function is that of a PSA driver generate_key
|
||||||
|
* entry point.
|
||||||
|
*
|
||||||
|
* \param[in] attributes The attributes for the RSA key to generate.
|
||||||
|
* \param[out] key_buffer Buffer where the key data is to be written.
|
||||||
|
* \param[in] key_buffer_size Size of \p key_buffer in bytes.
|
||||||
|
* \param[out] key_buffer_length On success, the number of bytes written in
|
||||||
|
* \p key_buffer.
|
||||||
|
*
|
||||||
|
* \retval #PSA_SUCCESS
|
||||||
|
* The key was successfully generated.
|
||||||
|
* \retval #PSA_ERROR_NOT_SUPPORTED
|
||||||
|
* Key length or type not supported.
|
||||||
|
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
|
||||||
|
* The size of \p key_buffer is too small.
|
||||||
|
*/
|
||||||
|
psa_status_t mbedtls_psa_rsa_generate_key(
|
||||||
|
const psa_key_attributes_t *attributes,
|
||||||
|
uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length );
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
|
* BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
|
||||||
*/
|
*/
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue