mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-10-19 06:11:21 +00:00
Update guards in PSA crypto library for ECDSA and DETERMINISTIC support
In the PSA crypto library, the code for verification of ECDSA is the same for both MBEDTLS_PSA_BUILTIN_ALG_ECDSA and MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA. So, the guards should allow for either one to enable the code blocks. The original implementation only had the check for ECDSA. In order to make this work, config_psa.h was updated to ensure when MBEDTLS_CRYPTO_CONFIG is disabled, the setting for DETERMINISTIC is only updated if MBEDTLS_ECDSA_C is also enabled. Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
This commit is contained in:
John Durkop
parent
e7012c7725
commit
f87e3aea16
|
|
@ -65,12 +65,14 @@ extern "C" {
|
||||||
*/
|
*/
|
||||||
#if defined(MBEDTLS_ECDSA_C)
|
#if defined(MBEDTLS_ECDSA_C)
|
||||||
#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA
|
#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA
|
||||||
#endif /* MBEDTLS_ECDSA_C */
|
|
||||||
|
|
||||||
|
// Only add in DETERMINISTIC support if ECDSA is also enabled
|
||||||
#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
|
#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
|
||||||
#define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA
|
#define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA
|
||||||
#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
|
#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
|
||||||
|
|
||||||
|
#endif /* MBEDTLS_ECDSA_C */
|
||||||
|
|
||||||
#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */
|
#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */
|
||||||
|
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
|
|
|
||||||
|
|
@ -3530,7 +3530,7 @@ static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa,
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_RSA_C */
|
#endif /* MBEDTLS_RSA_C */
|
||||||
|
|
||||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA)
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
|
||||||
/* `ecp` cannot be const because `ecp->grp` needs to be non-const
|
/* `ecp` cannot be const because `ecp->grp` needs to be non-const
|
||||||
* for mbedtls_ecdsa_sign() and mbedtls_ecdsa_sign_det()
|
* for mbedtls_ecdsa_sign() and mbedtls_ecdsa_sign_det()
|
||||||
* (even though these functions don't modify it). */
|
* (even though these functions don't modify it). */
|
||||||
|
|
@ -3629,7 +3629,7 @@ cleanup:
|
||||||
mbedtls_mpi_free( &s );
|
mbedtls_mpi_free( &s );
|
||||||
return( mbedtls_to_psa_error( ret ) );
|
return( mbedtls_to_psa_error( ret ) );
|
||||||
}
|
}
|
||||||
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) */
|
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA */
|
||||||
|
|
||||||
psa_status_t psa_sign_hash( psa_key_handle_t handle,
|
psa_status_t psa_sign_hash( psa_key_handle_t handle,
|
||||||
psa_algorithm_t alg,
|
psa_algorithm_t alg,
|
||||||
|
|
@ -3799,7 +3799,7 @@ psa_status_t psa_verify_hash( psa_key_handle_t handle,
|
||||||
#if defined(MBEDTLS_ECP_C)
|
#if defined(MBEDTLS_ECP_C)
|
||||||
if( PSA_KEY_TYPE_IS_ECC( slot->attr.type ) )
|
if( PSA_KEY_TYPE_IS_ECC( slot->attr.type ) )
|
||||||
{
|
{
|
||||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA)
|
#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
|
||||||
if( PSA_ALG_IS_ECDSA( alg ) )
|
if( PSA_ALG_IS_ECDSA( alg ) )
|
||||||
{
|
{
|
||||||
mbedtls_ecp_keypair *ecp = NULL;
|
mbedtls_ecp_keypair *ecp = NULL;
|
||||||
|
|
@ -3817,7 +3817,7 @@ psa_status_t psa_verify_hash( psa_key_handle_t handle,
|
||||||
return( status );
|
return( status );
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) */
|
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
|
||||||
{
|
{
|
||||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue