mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-07 13:22:46 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Reorganize & simplify mbedtls_pk_sign_ext() handling of wrapped RSA-PSS

Browse Source 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
This commit is contained in:
Neil Armstrong 2022-04-21 12:08:52 +02:00
parent 23143dca2a
commit 13e76be02b
1 changed files with 13 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
library/pk.c
View File

@ -545,42 +545,28 @@ int mbedtls_pk_sign_ext( mbedtls_pk_type_t pk_type,
if( ! mbedtls_pk_can_do( ctx, pk_type ) ) if( ! mbedtls_pk_can_do( ctx, pk_type ) )
return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
if( pk_type == MBEDTLS_PK_RSASSA_PSS &&
mbedtls_pk_get_type( ctx ) == MBEDTLS_PK_OPAQUE )
{
#if defined(MBEDTLS_RSA_C)
const mbedtls_svc_key_id_t *key = (const mbedtls_svc_key_id_t *) ctx->pk_ctx;
psa_status_t status;
/* PSA has its own RNG */
(void) f_rng;
(void) p_rng;
psa_md_alg = mbedtls_psa_translate_md( md_alg );
if( psa_md_alg == 0 )
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
status = psa_sign_hash( *key, PSA_ALG_RSA_PSS( psa_md_alg ),
hash, hash_len,
sig, sig_size, sig_len );
if( status != PSA_SUCCESS )
return( mbedtls_pk_error_from_psa_rsa( status ) );
return 0;
#else
return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
#endif /* MBEDTLS_RSA_C */
}
if( pk_type != MBEDTLS_PK_RSASSA_PSS ) if( pk_type != MBEDTLS_PK_RSASSA_PSS )
{ {
return( mbedtls_pk_sign( ctx, md_alg, hash, hash_len, return( mbedtls_pk_sign( ctx, md_alg, hash, hash_len,
sig, sig_size, sig_len, f_rng, p_rng ) ); sig, sig_size, sig_len, f_rng, p_rng ) );
} }
#if defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_RSA_C)
psa_md_alg = mbedtls_psa_translate_md( md_alg ); psa_md_alg = mbedtls_psa_translate_md( md_alg );
if( psa_md_alg == 0 ) if( psa_md_alg == 0 )
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
if( mbedtls_pk_get_type( ctx ) == MBEDTLS_PK_OPAQUE )
{
const mbedtls_svc_key_id_t *key = (const mbedtls_svc_key_id_t *) ctx->pk_ctx;
psa_status_t status;
status = psa_sign_hash( *key, PSA_ALG_RSA_PSS( psa_md_alg ),
hash, hash_len,
sig, sig_size, sig_len );
return( mbedtls_pk_error_from_psa_rsa( status ) );
}
return( mbedtls_pk_psa_rsa_sign_ext( PSA_ALG_RSA_PSS( psa_md_alg ), return( mbedtls_pk_psa_rsa_sign_ext( PSA_ALG_RSA_PSS( psa_md_alg ),
ctx->pk_ctx, hash, hash_len, ctx->pk_ctx, hash, hash_len,
sig, sig_size, sig_len ) ); sig, sig_size, sig_len ) );