Use driver-wrapper functions for psa_sign/verify_message

To avoid code duplication of the old-style SE interface usage
call psa_driver_wrapper_sign/verify_hash function instead of
the direct internal functions.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
This commit is contained in:
gabor-mezei-arm 2021-04-29 16:53:58 +02:00
parent 84255a5add
commit fc8d0aedd6
No known key found for this signature in database
GPG key ID: 106F5A41ECC305BD
2 changed files with 2 additions and 68 deletions

View file

@ -3038,7 +3038,7 @@ psa_status_t psa_sign_message_internal(
return status; return status;
} }
return psa_sign_hash_internal( return psa_driver_wrapper_sign_hash(
attributes, key_buffer, key_buffer_size, attributes, key_buffer, key_buffer_size,
alg, hash, hash_length, alg, hash, hash_length,
signature, signature_size, signature_length ); signature, signature_size, signature_length );
@ -3082,7 +3082,7 @@ psa_status_t psa_verify_message_internal(
return status; return status;
} }
return psa_verify_hash_internal( return psa_driver_wrapper_verify_hash(
attributes, key_buffer, key_buffer_size, attributes, key_buffer, key_buffer_size,
alg, hash, hash_length, alg, hash, hash_length,
signature, signature_length ); signature, signature_length );

View file

@ -76,39 +76,6 @@ psa_status_t psa_driver_wrapper_sign_message(
size_t *signature_length ) size_t *signature_length )
{ {
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
/* Try dynamically-registered SE interface first */
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
const psa_drv_se_t *drv;
psa_drv_se_context_t *drv_context;
if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) )
{
if( drv->asymmetric == NULL ||
drv->asymmetric->p_sign == NULL )
{
/* Key is defined in SE, but we have no way to exercise it */
return( PSA_ERROR_NOT_SUPPORTED );
}
size_t hash_length;
uint8_t hash[PSA_HASH_MAX_SIZE];
status = psa_driver_wrapper_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ),
input, input_length,
hash, sizeof( hash ),
&hash_length );
if( status != PSA_ERROR_NOT_SUPPORTED )
return( status );
return( drv->asymmetric->p_sign(
drv_context, *( (psa_key_slot_number_t *)key_buffer ),
alg, hash, hash_length,
signature, signature_size, signature_length ) );
}
#endif /* PSA_CRYPTO_SE_C */
psa_key_location_t location = psa_key_location_t location =
PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
@ -179,39 +146,6 @@ psa_status_t psa_driver_wrapper_verify_message(
size_t signature_length ) size_t signature_length )
{ {
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
/* Try dynamically-registered SE interface first */
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
const psa_drv_se_t *drv;
psa_drv_se_context_t *drv_context;
if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) )
{
if( drv->asymmetric == NULL ||
drv->asymmetric->p_verify == NULL )
{
/* Key is defined in SE, but we have no way to exercise it */
return( PSA_ERROR_NOT_SUPPORTED );
}
size_t hash_length;
uint8_t hash[PSA_HASH_MAX_SIZE];
status = psa_driver_wrapper_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ),
input, input_length,
hash, sizeof( hash ),
&hash_length );
if( status != PSA_ERROR_NOT_SUPPORTED )
return( status );
return( drv->asymmetric->p_verify(
drv_context, *( (psa_key_slot_number_t *)key_buffer ),
alg, hash, hash_length,
signature, signature_length ) );
}
#endif /* PSA_CRYPTO_SE_C */
psa_key_location_t location = psa_key_location_t location =
PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );