From 4080c91e7326c61ca3afe5776b1ee57e7d93da07 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 18 Dec 2019 20:43:03 +0100 Subject: [PATCH] pk: USE_PSA_CRYPTO: don't translate via the TLS ID Use the same translation function that the PSA crypto implementation uses. --- library/pk.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/library/pk.c b/library/pk.c index 9d4100bb98..b83ba8e71d 100644 --- a/library/pk.c +++ b/library/pk.c @@ -605,6 +605,7 @@ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, psa_ecc_curve_t curve_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t key_type; + size_t bits; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* export the private key material in the format PSA wants */ @@ -616,12 +617,12 @@ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, if( ( ret = mbedtls_mpi_write_binary( &ec->d, d, d_len ) ) != 0 ) return( ret ); - curve_id = mbedtls_ecp_curve_info_from_grp_id( ec->grp.id )->tls_id; - key_type = PSA_KEY_TYPE_ECC_KEY_PAIR( - mbedtls_psa_parse_tls_ecc_group ( curve_id ) ); + curve_id = mbedtls_ecc_group_to_psa( ec->grp.id, &bits ); + key_type = PSA_KEY_TYPE_ECC_KEY_PAIR( curve_id ); /* prepare the key attributes */ psa_set_key_type( &attributes, key_type ); + psa_set_key_bits( &attributes, bits ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); psa_set_key_algorithm( &attributes, PSA_ALG_ECDSA(hash_alg) );