mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-05 18:40:01 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

pkparse: always check all private keys on import

Browse Source 
This allows to remove explicit calls to mbedtls_ecp_check_privkey()
in pkparse.c.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
Valerio Setti 2023-06-30 17:37:23 +02:00
parent 6b062eeed0
commit 21d42417f9
2 changed files with 1 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
library/ecp.c
View File

@ -3277,6 +3277,7 @@ int mbedtls_ecp_read_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
ECP_CURVE448_KEY_SIZE * 8 - 1, 1) ECP_CURVE448_KEY_SIZE * 8 - 1, 1)
); );
} }
MBEDTLS_MPI_CHK(mbedtls_ecp_check_privkey(&key->grp, &key->d));
} }
#endif #endif

14
library/pkparse.c
View File

@ -666,14 +666,6 @@ static int pk_parse_key_rfc8410_der(mbedtls_pk_context *pk,
return ret; return ret;
} }
/* When MBEDTLS_PK_USE_PSA_EC_DATA the key is checked while importing it
* into PSA. */
#if !defined(MBEDTLS_PK_USE_PSA_EC_DATA)
if ((ret = mbedtls_ecp_check_privkey(&eck->grp, &eck->d)) != 0) {
return ret;
}
#endif /* !MBEDTLS_PK_USE_PSA_EC_DATA */
return 0; return 0;
} }
#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */ #endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */
@ -1310,12 +1302,6 @@ static int pk_parse_key_sec1_der(mbedtls_pk_context *pk,
} }
} }
#if !defined(MBEDTLS_PK_USE_PSA_EC_DATA)
if ((ret = mbedtls_ecp_check_privkey(&eck->grp, &eck->d)) != 0) {
return ret;
}
#endif /* !MBEDTLS_PK_USE_PSA_EC_DATA */
return 0; return 0;
} }
#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ #endif /* MBEDTLS_PK_HAVE_ECC_KEYS */