yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-03-25 19:45:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

psa: Call import software implementation as a driver

Browse source 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2020-11-28 18:06:53 +01:00
parent a0fe59f738
commit bf33c93717
2 changed files with 53 additions and 49 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

50
library/psa_crypto.c
View file

@ -622,19 +622,6 @@ psa_status_t psa_import_key_into_slot(
} }
else if( PSA_KEY_TYPE_IS_ASYMMETRIC( type ) ) else if( PSA_KEY_TYPE_IS_ASYMMETRIC( type ) )
{ {
status = psa_driver_wrapper_import_key( attributes,
data, data_length,
key_buffer,
key_buffer_size,
key_buffer_length,
bits );
if( status != PSA_ERROR_NOT_SUPPORTED )
return( status );
mbedtls_platform_zeroize( key_buffer, key_buffer_size );
/* Key format is not supported by any accelerator, try software fallback
* if present. */
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
if( PSA_KEY_TYPE_IS_ECC( type ) ) if( PSA_KEY_TYPE_IS_ECC( type ) )
@ -1865,16 +1852,23 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes,
} }
else else
{ {
status = psa_allocate_buffer_to_slot( slot, data_length ); /* In the case of a transparent key or an opaque key stored in local
if( status != PSA_SUCCESS ) * storage (thus not in the case of generating a key in a secure element
goto exit; * or cryptoprocessor with storage), we have to allocate a buffer to
* hold the generated key material. */
if( slot->key.data == NULL )
{
status = psa_allocate_buffer_to_slot( slot, data_length );
if( status != PSA_SUCCESS )
goto exit;
}
size_t bits = slot->attr.bits; size_t bits = slot->attr.bits;
status = psa_import_key_into_slot( attributes, status = psa_driver_wrapper_import_key( attributes,
data, data_length, data, data_length,
slot->key.data, slot->key.data,
slot->key.bytes, slot->key.bytes,
&slot->key.bytes, &bits ); &slot->key.bytes, &bits );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
goto exit; goto exit;
@ -5191,16 +5185,18 @@ static psa_status_t psa_generate_derived_key_internal(
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
return( status ); return( status );
slot->attr.bits = (psa_key_bits_t) bits;
psa_key_attributes_t attributes = { psa_key_attributes_t attributes = {
.core = slot->attr .core = slot->attr
}; };
status = psa_import_key_into_slot( &attributes, status = psa_driver_wrapper_import_key( &attributes,
data, bytes, data, bytes,
slot->key.data, slot->key.bytes, slot->key.data,
&slot->key.bytes, slot->key.bytes,
&bits ); &slot->key.bytes, &bits );
slot->attr.bits = (psa_key_bits_t) bits; if( bits != slot->attr.bits )
status = PSA_ERROR_INVALID_ARGUMENT;
exit: exit:
mbedtls_free( data ); mbedtls_free( data );

52
library/psa_crypto_driver_wrappers.c
View file

@ -418,30 +418,38 @@ psa_status_t psa_driver_wrapper_import_key(
size_t *key_buffer_length, size_t *key_buffer_length,
size_t *bits ) size_t *bits )
{ {
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
/* Try accelerators in turn */ psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(
#if defined(PSA_CRYPTO_DRIVER_TEST) psa_get_key_lifetime( attributes ) );
status = test_transparent_import_key( attributes,
data, data_length, switch( location )
key_buffer, key_buffer_size, {
key_buffer_length, bits ); case PSA_KEY_LOCATION_LOCAL_STORAGE:
/* Declared with fallback == true */ /* Key is stored in the slot in export representation, so
if( status != PSA_ERROR_NOT_SUPPORTED ) * cycle through all known transparent accelerators */
return( status ); #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#endif /* PSA_CRYPTO_DRIVER_TEST */ #if defined(PSA_CRYPTO_DRIVER_TEST)
status = test_transparent_import_key( attributes,
data, data_length,
key_buffer, key_buffer_size,
key_buffer_length, bits );
/* Declared with fallback == true */
if( status != PSA_ERROR_NOT_SUPPORTED )
return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
/* Fell through, meaning no accelerator supports this operation */
return( psa_import_key_into_slot( attributes,
data, data_length,
key_buffer, key_buffer_size,
key_buffer_length, bits ) );
default:
/* Key is declared with a lifetime not known to us */
(void)status;
return( PSA_ERROR_NOT_SUPPORTED );
}
return( PSA_ERROR_NOT_SUPPORTED );
#else /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
(void) attributes;
(void) data;
(void) data_length;
(void) key_buffer;
(void) key_buffer_size;
(void) key_buffer_length;
(void) bits;
return( PSA_ERROR_NOT_SUPPORTED );
#endif /* PSA_CRYPTO_DRIVER_PRESENT */
} }
psa_status_t psa_driver_wrapper_export_key( psa_status_t psa_driver_wrapper_export_key(