mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-24 19:35:43 +00:00
psa: Refactor psa_import_rsa_key() pk-using code
Move pk-using code to inside psa_import_rsa_key(). This aligns the shape of psa_import_rsa_key() to match that of psa_import_ec_private_key() and psa_import_ec_public_key().
This commit is contained in:
parent
0ae445f8fd
commit
ec6ff863b5
|
@ -512,28 +512,60 @@ static psa_status_t psa_check_rsa_key_byte_aligned(
|
||||||
return( status );
|
return( status );
|
||||||
}
|
}
|
||||||
|
|
||||||
static psa_status_t psa_import_rsa_key( mbedtls_pk_context *pk,
|
static psa_status_t psa_import_rsa_key( psa_key_type_t type,
|
||||||
|
const uint8_t *data,
|
||||||
|
size_t data_length,
|
||||||
mbedtls_rsa_context **p_rsa )
|
mbedtls_rsa_context **p_rsa )
|
||||||
{
|
{
|
||||||
if( mbedtls_pk_get_type( pk ) != MBEDTLS_PK_RSA )
|
psa_status_t status;
|
||||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
mbedtls_pk_context pk;
|
||||||
|
mbedtls_rsa_context *rsa;
|
||||||
|
size_t bits;
|
||||||
|
|
||||||
|
mbedtls_pk_init( &pk );
|
||||||
|
|
||||||
|
/* Parse the data. */
|
||||||
|
if( PSA_KEY_TYPE_IS_KEYPAIR( type ) )
|
||||||
|
status = mbedtls_to_psa_error(
|
||||||
|
mbedtls_pk_parse_key( &pk, data, data_length, NULL, 0 ) );
|
||||||
else
|
else
|
||||||
|
status = mbedtls_to_psa_error(
|
||||||
|
mbedtls_pk_parse_public_key( &pk, data, data_length ) );
|
||||||
|
if( status != PSA_SUCCESS )
|
||||||
|
goto exit;
|
||||||
|
|
||||||
|
/* We have something that the pkparse module recognizes. If it is a
|
||||||
|
* valid RSA key, store it. */
|
||||||
|
if( mbedtls_pk_get_type( &pk ) != MBEDTLS_PK_RSA )
|
||||||
{
|
{
|
||||||
mbedtls_rsa_context *rsa = mbedtls_pk_rsa( *pk );
|
status = PSA_ERROR_INVALID_ARGUMENT;
|
||||||
/* The size of an RSA key doesn't have to be a multiple of 8.
|
goto exit;
|
||||||
* Mbed TLS supports non-byte-aligned key sizes, but not well.
|
|
||||||
* For example, mbedtls_rsa_get_len() returns the key size in
|
|
||||||
* bytes, not in bits. */
|
|
||||||
size_t bits = PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( rsa ) );
|
|
||||||
psa_status_t status;
|
|
||||||
if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS )
|
|
||||||
return( PSA_ERROR_NOT_SUPPORTED );
|
|
||||||
status = psa_check_rsa_key_byte_aligned( rsa );
|
|
||||||
if( status != PSA_SUCCESS )
|
|
||||||
return( status );
|
|
||||||
*p_rsa = rsa;
|
|
||||||
return( PSA_SUCCESS );
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
rsa = mbedtls_pk_rsa( pk );
|
||||||
|
/* The size of an RSA key doesn't have to be a multiple of 8. Mbed TLS
|
||||||
|
* supports non-byte-aligned key sizes, but not well. For example,
|
||||||
|
* mbedtls_rsa_get_len() returns the key size in bytes, not in bits. */
|
||||||
|
bits = PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( rsa ) );
|
||||||
|
if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS )
|
||||||
|
{
|
||||||
|
status = PSA_ERROR_NOT_SUPPORTED;
|
||||||
|
goto exit;
|
||||||
|
}
|
||||||
|
status = psa_check_rsa_key_byte_aligned( rsa );
|
||||||
|
|
||||||
|
exit:
|
||||||
|
/* Free the content of the pk object only on error. */
|
||||||
|
if( status != PSA_SUCCESS )
|
||||||
|
{
|
||||||
|
mbedtls_pk_free( &pk );
|
||||||
|
return( status );
|
||||||
|
}
|
||||||
|
|
||||||
|
/* On success, store the content of the object in the RSA context. */
|
||||||
|
*p_rsa = rsa;
|
||||||
|
|
||||||
|
return( PSA_SUCCESS );
|
||||||
}
|
}
|
||||||
#endif /* defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) */
|
#endif /* defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) */
|
||||||
|
|
||||||
|
@ -687,29 +719,12 @@ psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot,
|
||||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C)
|
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C)
|
||||||
if( PSA_KEY_TYPE_IS_RSA( slot->type ) )
|
if( PSA_KEY_TYPE_IS_RSA( slot->type ) )
|
||||||
{
|
{
|
||||||
int ret;
|
status = psa_import_rsa_key( slot->type,
|
||||||
mbedtls_pk_context pk;
|
data, data_length,
|
||||||
mbedtls_pk_init( &pk );
|
&slot->data.rsa );
|
||||||
|
|
||||||
/* Parse the data. */
|
|
||||||
if( PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
|
|
||||||
ret = mbedtls_pk_parse_key( &pk, data, data_length, NULL, 0 );
|
|
||||||
else
|
|
||||||
ret = mbedtls_pk_parse_public_key( &pk, data, data_length );
|
|
||||||
if( ret != 0 )
|
|
||||||
return( mbedtls_to_psa_error( ret ) );
|
|
||||||
|
|
||||||
/* We have something that the pkparse module recognizes. If it is a
|
|
||||||
* valid RSA key, store it. */
|
|
||||||
status = psa_import_rsa_key( &pk, &slot->data.rsa );
|
|
||||||
|
|
||||||
/* Free the content of the pk object only on error. On success,
|
|
||||||
* the content of the object has been stored in the slot. */
|
|
||||||
if( status != PSA_SUCCESS )
|
if( status != PSA_SUCCESS )
|
||||||
{
|
|
||||||
mbedtls_pk_free( &pk );
|
|
||||||
return( status );
|
return( status );
|
||||||
}
|
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
#endif /* defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) */
|
#endif /* defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) */
|
||||||
|
|
Loading…
Reference in a new issue