Change the driver calling logic for psa_sign/verify_messsage

The changed logic is to try a sign-message driver (opaque or transparent);
if there isn't one, fallback to builtin sofware and do the hashing,
then try a sign-hash driver. This will enable to the opaque driver
to fallback to software.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
This commit is contained in:
gabor-mezei-arm 2021-05-07 15:16:34 +02:00
parent f3c5c86db7
commit a7b9b202b2
No known key found for this signature in database
GPG key ID: 106F5A41ECC305BD

View file

@ -101,7 +101,33 @@ psa_status_t psa_driver_wrapper_sign_message(
return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
/* Fell through, meaning no accelerator supports this operation */
break;
/* Add cases for opaque driver here */
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TEST_DRIVER_LOCATION:
status = mbedtls_test_opaque_signature_sign_message(
attributes,
key_buffer,
key_buffer_size,
alg,
input,
input_length,
signature,
signature_size,
signature_length );
if( status != PSA_ERROR_NOT_SUPPORTED )
return( status );
break;
#endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
default:
/* Key is declared with a lifetime not known to us */
(void)status;
return( PSA_ERROR_INVALID_ARGUMENT );
}
return( psa_sign_message_builtin( attributes,
key_buffer,
key_buffer_size,
@ -111,28 +137,6 @@ psa_status_t psa_driver_wrapper_sign_message(
signature,
signature_size,
signature_length ) );
/* Add cases for opaque driver here */
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TEST_DRIVER_LOCATION:
return( mbedtls_test_opaque_signature_sign_message(
attributes,
key_buffer,
key_buffer_size,
alg,
input,
input_length,
signature,
signature_size,
signature_length ) );
#endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
default:
/* Key is declared with a lifetime not known to us */
(void)status;
return( PSA_ERROR_INVALID_ARGUMENT );
}
}
psa_status_t psa_driver_wrapper_verify_message(
@ -170,15 +174,7 @@ psa_status_t psa_driver_wrapper_verify_message(
return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
return( psa_verify_message_builtin( attributes,
key_buffer,
key_buffer_size,
alg,
input,
input_length,
signature,
signature_length ) );
break;
/* Add cases for opaque driver here */
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
@ -193,6 +189,9 @@ psa_status_t psa_driver_wrapper_verify_message(
input_length,
signature,
signature_length ) );
if( status != PSA_ERROR_NOT_SUPPORTED )
return( status );
break;
#endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
default:
@ -200,6 +199,15 @@ psa_status_t psa_driver_wrapper_verify_message(
(void)status;
return( PSA_ERROR_INVALID_ARGUMENT );
}
return( psa_verify_message_builtin( attributes,
key_buffer,
key_buffer_size,
alg,
input,
input_length,
signature,
signature_length ) );
}
psa_status_t psa_driver_wrapper_sign_hash(