mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-23 08:55:42 +00:00
Move RSA key generation code to the PSA RSA specific C file
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
parent
977c247048
commit
9e18fc1cf9
|
@ -5956,34 +5956,6 @@ psa_status_t mbedtls_psa_inject_entropy( const uint8_t *seed,
|
|||
}
|
||||
#endif /* MBEDTLS_PSA_INJECT_ENTROPY */
|
||||
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
|
||||
static psa_status_t psa_read_rsa_exponent( const uint8_t *domain_parameters,
|
||||
size_t domain_parameters_size,
|
||||
int *exponent )
|
||||
{
|
||||
size_t i;
|
||||
uint32_t acc = 0;
|
||||
|
||||
if( domain_parameters_size == 0 )
|
||||
{
|
||||
*exponent = 65537;
|
||||
return( PSA_SUCCESS );
|
||||
}
|
||||
|
||||
/* Mbed TLS encodes the public exponent as an int. For simplicity, only
|
||||
* support values that fit in a 32-bit integer, which is larger than
|
||||
* int on just about every platform anyway. */
|
||||
if( domain_parameters_size > sizeof( acc ) )
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
for( i = 0; i < domain_parameters_size; i++ )
|
||||
acc = ( acc << 8 ) | domain_parameters[i];
|
||||
if( acc > INT_MAX )
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
*exponent = acc;
|
||||
return( PSA_SUCCESS );
|
||||
}
|
||||
#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) */
|
||||
|
||||
/** Get the key buffer size for the key material in export format
|
||||
*
|
||||
* \param[in] type The key type
|
||||
|
@ -6070,33 +6042,10 @@ psa_status_t psa_generate_key_internal(
|
|||
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
|
||||
if ( type == PSA_KEY_TYPE_RSA_KEY_PAIR )
|
||||
{
|
||||
mbedtls_rsa_context rsa;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
int exponent;
|
||||
|
||||
status = psa_read_rsa_exponent( attributes->domain_parameters,
|
||||
attributes->domain_parameters_size,
|
||||
&exponent );
|
||||
if( status != PSA_SUCCESS )
|
||||
return( status );
|
||||
|
||||
mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE );
|
||||
ret = mbedtls_rsa_gen_key( &rsa,
|
||||
mbedtls_psa_get_random,
|
||||
MBEDTLS_PSA_RANDOM_STATE,
|
||||
(unsigned int) attributes->core.bits,
|
||||
exponent );
|
||||
if( ret != 0 )
|
||||
return( mbedtls_to_psa_error( ret ) );
|
||||
|
||||
status = mbedtls_psa_rsa_export_key( type,
|
||||
&rsa,
|
||||
key_buffer,
|
||||
key_buffer_size,
|
||||
key_buffer_length );
|
||||
mbedtls_rsa_free( &rsa );
|
||||
|
||||
return( status );
|
||||
return( mbedtls_psa_rsa_generate_key( attributes,
|
||||
key_buffer,
|
||||
key_buffer_size,
|
||||
key_buffer_length ) );
|
||||
}
|
||||
else
|
||||
#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) */
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
#include <psa/crypto.h>
|
||||
#include "psa_crypto_core.h"
|
||||
#include "psa_crypto_random_impl.h"
|
||||
#include "psa_crypto_rsa.h"
|
||||
|
||||
#include <stdlib.h>
|
||||
|
@ -258,6 +259,66 @@ static psa_status_t rsa_export_public_key(
|
|||
#endif /* defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
|
||||
* defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
|
||||
|
||||
#if defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
|
||||
static psa_status_t psa_read_rsa_exponent( const uint8_t *domain_parameters,
|
||||
size_t domain_parameters_size,
|
||||
int *exponent )
|
||||
{
|
||||
size_t i;
|
||||
uint32_t acc = 0;
|
||||
|
||||
if( domain_parameters_size == 0 )
|
||||
{
|
||||
*exponent = 65537;
|
||||
return( PSA_SUCCESS );
|
||||
}
|
||||
|
||||
/* Mbed TLS encodes the public exponent as an int. For simplicity, only
|
||||
* support values that fit in a 32-bit integer, which is larger than
|
||||
* int on just about every platform anyway. */
|
||||
if( domain_parameters_size > sizeof( acc ) )
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
for( i = 0; i < domain_parameters_size; i++ )
|
||||
acc = ( acc << 8 ) | domain_parameters[i];
|
||||
if( acc > INT_MAX )
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
*exponent = acc;
|
||||
return( PSA_SUCCESS );
|
||||
}
|
||||
|
||||
psa_status_t mbedtls_psa_rsa_generate_key(
|
||||
const psa_key_attributes_t *attributes,
|
||||
uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
|
||||
{
|
||||
psa_status_t status;
|
||||
mbedtls_rsa_context rsa;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
int exponent;
|
||||
|
||||
status = psa_read_rsa_exponent( attributes->domain_parameters,
|
||||
attributes->domain_parameters_size,
|
||||
&exponent );
|
||||
if( status != PSA_SUCCESS )
|
||||
return( status );
|
||||
|
||||
mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE );
|
||||
ret = mbedtls_rsa_gen_key( &rsa,
|
||||
mbedtls_psa_get_random,
|
||||
MBEDTLS_PSA_RANDOM_STATE,
|
||||
(unsigned int)attributes->core.bits,
|
||||
exponent );
|
||||
if( ret != 0 )
|
||||
return( mbedtls_to_psa_error( ret ) );
|
||||
|
||||
status = mbedtls_psa_rsa_export_key( attributes->core.type,
|
||||
&rsa, key_buffer, key_buffer_size,
|
||||
key_buffer_length );
|
||||
mbedtls_rsa_free( &rsa );
|
||||
|
||||
return( status );
|
||||
}
|
||||
#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) */
|
||||
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
|
||||
|
||||
|
|
|
@ -114,6 +114,29 @@ psa_status_t mbedtls_psa_rsa_export_public_key(
|
|||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
uint8_t *data, size_t data_size, size_t *data_length );
|
||||
|
||||
/**
|
||||
* \brief Generate an RSA key.
|
||||
*
|
||||
* \note The signature of the function is that of a PSA driver generate_key
|
||||
* entry point.
|
||||
*
|
||||
* \param[in] attributes The attributes for the RSA key to generate.
|
||||
* \param[out] key_buffer Buffer where the key data is to be written.
|
||||
* \param[in] key_buffer_size Size of \p key_buffer in bytes.
|
||||
* \param[out] key_buffer_length On success, the number of bytes written in
|
||||
* \p key_buffer.
|
||||
*
|
||||
* \retval #PSA_SUCCESS
|
||||
* The key was successfully generated.
|
||||
* \retval #PSA_ERROR_NOT_SUPPORTED
|
||||
* Key length or type not supported.
|
||||
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
|
||||
* The size of \p key_buffer is too small.
|
||||
*/
|
||||
psa_status_t mbedtls_psa_rsa_generate_key(
|
||||
const psa_key_attributes_t *attributes,
|
||||
uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length );
|
||||
|
||||
/*
|
||||
* BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
|
||||
*/
|
||||
|
|
Loading…
Reference in a new issue