mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-03-29 08:27:02 +00:00
Apply review feedback
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
This commit is contained in:
Steven Cooreman
parent
98435ddf84
commit
ac3434fc19
|
|
@ -2325,43 +2325,41 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes,
|
||||||
if( status != PSA_SUCCESS )
|
if( status != PSA_SUCCESS )
|
||||||
goto exit;
|
goto exit;
|
||||||
|
|
||||||
if( psa_key_lifetime_is_external( psa_get_key_lifetime( attributes ) ) )
|
|
||||||
{
|
|
||||||
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
|
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
|
||||||
if( driver != NULL )
|
if( driver != NULL )
|
||||||
|
{
|
||||||
|
const psa_drv_se_t *drv = psa_get_se_driver_methods( driver );
|
||||||
|
/* The driver should set the number of key bits, however in
|
||||||
|
* case it doesn't, we initialize bits to an invalid value. */
|
||||||
|
size_t bits = PSA_MAX_KEY_BITS + 1;
|
||||||
|
if( drv->key_management == NULL ||
|
||||||
|
drv->key_management->p_import == NULL )
|
||||||
{
|
{
|
||||||
const psa_drv_se_t *drv = psa_get_se_driver_methods( driver );
|
status = PSA_ERROR_NOT_SUPPORTED;
|
||||||
/* The driver should set the number of key bits, however in
|
|
||||||
* case it doesn't, we initialize bits to an invalid value. */
|
|
||||||
size_t bits = PSA_MAX_KEY_BITS + 1;
|
|
||||||
if( drv->key_management == NULL ||
|
|
||||||
drv->key_management->p_import == NULL )
|
|
||||||
{
|
|
||||||
status = PSA_ERROR_NOT_SUPPORTED;
|
|
||||||
goto exit;
|
|
||||||
}
|
|
||||||
status = drv->key_management->p_import(
|
|
||||||
psa_get_se_driver_context( driver ),
|
|
||||||
slot->data.se.slot_number, attributes, data, data_length,
|
|
||||||
&bits );
|
|
||||||
if( status != PSA_SUCCESS )
|
|
||||||
goto exit;
|
|
||||||
if( bits > PSA_MAX_KEY_BITS )
|
|
||||||
{
|
|
||||||
status = PSA_ERROR_NOT_SUPPORTED;
|
|
||||||
goto exit;
|
|
||||||
}
|
|
||||||
slot->attr.bits = (psa_key_bits_t) bits;
|
|
||||||
}
|
|
||||||
else
|
|
||||||
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
|
|
||||||
{
|
|
||||||
/* Importing a key with external lifetime through the driver wrapper
|
|
||||||
* interface is not yet supported. Return as if this was an invalid
|
|
||||||
* lifetime. */
|
|
||||||
status = PSA_ERROR_INVALID_ARGUMENT;
|
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
status = drv->key_management->p_import(
|
||||||
|
psa_get_se_driver_context( driver ),
|
||||||
|
slot->data.se.slot_number, attributes, data, data_length,
|
||||||
|
&bits );
|
||||||
|
if( status != PSA_SUCCESS )
|
||||||
|
goto exit;
|
||||||
|
if( bits > PSA_MAX_KEY_BITS )
|
||||||
|
{
|
||||||
|
status = PSA_ERROR_NOT_SUPPORTED;
|
||||||
|
goto exit;
|
||||||
|
}
|
||||||
|
slot->attr.bits = (psa_key_bits_t) bits;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
|
||||||
|
if( psa_key_lifetime_is_external( psa_get_key_lifetime( attributes ) ) )
|
||||||
|
{
|
||||||
|
/* Importing a key with external lifetime through the driver wrapper
|
||||||
|
* interface is not yet supported. Return as if this was an invalid
|
||||||
|
* lifetime. */
|
||||||
|
status = PSA_ERROR_INVALID_ARGUMENT;
|
||||||
|
goto exit;
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -247,43 +247,35 @@ static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t *slot )
|
||||||
if( status != PSA_SUCCESS )
|
if( status != PSA_SUCCESS )
|
||||||
goto exit;
|
goto exit;
|
||||||
|
|
||||||
if( psa_key_lifetime_is_external( slot->attr.lifetime ) )
|
|
||||||
{
|
|
||||||
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
|
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
|
||||||
const psa_drv_se_t *drv;
|
/* Special handling is required for loading keys associated with a
|
||||||
psa_drv_se_context_t *drv_context;
|
* dynamically registered SE interface. */
|
||||||
if( psa_get_se_driver( slot->attr.lifetime, &drv, &drv_context ) )
|
const psa_drv_se_t *drv;
|
||||||
{
|
psa_drv_se_context_t *drv_context;
|
||||||
psa_se_key_data_storage_t *data;
|
if( psa_get_se_driver( slot->attr.lifetime, &drv, &drv_context ) )
|
||||||
if( key_data_length != sizeof( *data ) )
|
|
||||||
{
|
|
||||||
status = PSA_ERROR_STORAGE_FAILURE;
|
|
||||||
goto exit;
|
|
||||||
}
|
|
||||||
data = (psa_se_key_data_storage_t *) key_data;
|
|
||||||
memcpy( &slot->data.se.slot_number, &data->slot_number,
|
|
||||||
sizeof( slot->data.se.slot_number ) );
|
|
||||||
}
|
|
||||||
else
|
|
||||||
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
|
|
||||||
{
|
|
||||||
/* A key that is successfully loaded from storage with an
|
|
||||||
* external lifetime, but doesn't belong to an SE driver,
|
|
||||||
* must be a PSA driver-associated key which we can just
|
|
||||||
* load like an internal key. */
|
|
||||||
if ( key_data == NULL )
|
|
||||||
{
|
|
||||||
status = PSA_ERROR_STORAGE_FAILURE;
|
|
||||||
goto exit;
|
|
||||||
}
|
|
||||||
|
|
||||||
status = psa_copy_key_material_into_slot( slot, key_data, key_data_length );
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
{
|
||||||
status = psa_copy_key_material_into_slot( slot, key_data, key_data_length );
|
psa_se_key_data_storage_t *data;
|
||||||
|
if( key_data_length != sizeof( *data ) )
|
||||||
|
{
|
||||||
|
status = PSA_ERROR_STORAGE_FAILURE;
|
||||||
|
goto exit;
|
||||||
|
}
|
||||||
|
data = (psa_se_key_data_storage_t *) key_data;
|
||||||
|
memcpy( &slot->data.se.slot_number, &data->slot_number,
|
||||||
|
sizeof( slot->data.se.slot_number ) );
|
||||||
|
|
||||||
|
status = PSA_SUCCESS;
|
||||||
|
goto exit;
|
||||||
}
|
}
|
||||||
|
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
|
||||||
|
|
||||||
|
if ( key_data == NULL )
|
||||||
|
{
|
||||||
|
status = PSA_ERROR_STORAGE_FAILURE;
|
||||||
|
goto exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
status = psa_copy_key_material_into_slot( slot, key_data, key_data_length );
|
||||||
|
|
||||||
exit:
|
exit:
|
||||||
psa_free_persistent_key_data( key_data, key_data_length );
|
psa_free_persistent_key_data( key_data, key_data_length );
|
||||||
|
|
@ -360,31 +352,26 @@ psa_status_t psa_validate_key_location( psa_key_lifetime_t lifetime,
|
||||||
if ( psa_key_lifetime_is_external( lifetime ) )
|
if ( psa_key_lifetime_is_external( lifetime ) )
|
||||||
{
|
{
|
||||||
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
|
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
|
||||||
|
/* Check whether a driver is registered against this lifetime */
|
||||||
psa_se_drv_table_entry_t *driver = psa_get_se_driver_entry( lifetime );
|
psa_se_drv_table_entry_t *driver = psa_get_se_driver_entry( lifetime );
|
||||||
if( driver == NULL )
|
if( driver != NULL )
|
||||||
{
|
|
||||||
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS)
|
|
||||||
/* Key location for external keys gets checked by the wrapper */
|
|
||||||
return( PSA_SUCCESS );
|
|
||||||
#else
|
|
||||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
{
|
||||||
if (p_drv != NULL)
|
if (p_drv != NULL)
|
||||||
*p_drv = driver;
|
*p_drv = driver;
|
||||||
return( PSA_SUCCESS );
|
return( PSA_SUCCESS );
|
||||||
}
|
}
|
||||||
#else
|
#else /* MBEDTLS_PSA_CRYPTO_SE_C */
|
||||||
(void) p_drv;
|
(void) p_drv;
|
||||||
|
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
|
||||||
|
|
||||||
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS)
|
#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS)
|
||||||
/* Key location for external keys gets checked by the wrapper */
|
/* Key location for external keys gets checked by the wrapper */
|
||||||
return( PSA_SUCCESS );
|
return( PSA_SUCCESS );
|
||||||
#else
|
#else /* MBEDTLS_PSA_CRYPTO_DRIVERS */
|
||||||
|
/* No support for external lifetimes at all, or dynamic interface
|
||||||
|
* did not find driver for requested lifetime. */
|
||||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||||
#endif
|
#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */
|
||||||
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
|
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
/* Local/internal keys are always valid */
|
/* Local/internal keys are always valid */
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue