mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-04-04 04:20:43 +00:00
pk: use better naming for the new key ID field
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
Valerio Setti
parent
048cd44f77
commit
4f387ef277
include/mbedtls
library
tests/src/test_helpers
@ -235,7 +235,7 @@ typedef struct mbedtls_pk_info_t mbedtls_pk_info_t;
|
|||||||
/**
|
/**
|
||||||
* \brief Public key container
|
* \brief Public key container
|
||||||
*
|
*
|
||||||
* \note The opaque_id is guarded by MBEDTLS_PSA_CRYPTO_C and not
|
* \note The priv_id is guarded by MBEDTLS_PSA_CRYPTO_C and not
|
||||||
* only by MBEDTLS_USE_PSA_CRYPTO because it can be used also
|
* only by MBEDTLS_USE_PSA_CRYPTO because it can be used also
|
||||||
* in mbedtls_pk_sign_ext for RSA keys.
|
* in mbedtls_pk_sign_ext for RSA keys.
|
||||||
*/
|
*/
|
||||||
@ -243,7 +243,7 @@ typedef struct mbedtls_pk_context {
|
|||||||
const mbedtls_pk_info_t *MBEDTLS_PRIVATE(pk_info); /**< Public key information */
|
const mbedtls_pk_info_t *MBEDTLS_PRIVATE(pk_info); /**< Public key information */
|
||||||
void *MBEDTLS_PRIVATE(pk_ctx); /**< Underlying public key context */
|
void *MBEDTLS_PRIVATE(pk_ctx); /**< Underlying public key context */
|
||||||
#if defined(MBEDTLS_PSA_CRYPTO_C)
|
#if defined(MBEDTLS_PSA_CRYPTO_C)
|
||||||
mbedtls_svc_key_id_t MBEDTLS_PRIVATE(opaque_id); /**< Key ID for opaque keys */
|
mbedtls_svc_key_id_t MBEDTLS_PRIVATE(priv_id); /**< Key ID for opaque keys */
|
||||||
#endif /* MBEDTLS_PSA_CRYPTO_C */
|
#endif /* MBEDTLS_PSA_CRYPTO_C */
|
||||||
} mbedtls_pk_context;
|
} mbedtls_pk_context;
|
||||||
|
|
||||||
|
|||||||
@ -61,7 +61,7 @@ void mbedtls_pk_init(mbedtls_pk_context *ctx)
|
|||||||
ctx->pk_info = NULL;
|
ctx->pk_info = NULL;
|
||||||
ctx->pk_ctx = NULL;
|
ctx->pk_ctx = NULL;
|
||||||
#if defined(MBEDTLS_PSA_CRYPTO_C)
|
#if defined(MBEDTLS_PSA_CRYPTO_C)
|
||||||
ctx->opaque_id = MBEDTLS_SVC_KEY_ID_INIT;
|
ctx->priv_id = MBEDTLS_SVC_KEY_ID_INIT;
|
||||||
#endif /* MBEDTLS_PSA_CRYPTO_C */
|
#endif /* MBEDTLS_PSA_CRYPTO_C */
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -183,7 +183,7 @@ int mbedtls_pk_setup_opaque(mbedtls_pk_context *ctx,
|
|||||||
}
|
}
|
||||||
|
|
||||||
ctx->pk_info = info;
|
ctx->pk_info = info;
|
||||||
ctx->opaque_id = key;
|
ctx->priv_id = key;
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -316,7 +316,7 @@ int mbedtls_pk_can_do_ext(const mbedtls_pk_context *ctx, psa_algorithm_t alg,
|
|||||||
psa_algorithm_t key_alg, key_alg2;
|
psa_algorithm_t key_alg, key_alg2;
|
||||||
psa_status_t status;
|
psa_status_t status;
|
||||||
|
|
||||||
status = psa_get_key_attributes(ctx->opaque_id, &attributes);
|
status = psa_get_key_attributes(ctx->priv_id, &attributes);
|
||||||
if (status != PSA_SUCCESS) {
|
if (status != PSA_SUCCESS) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -699,7 +699,7 @@ int mbedtls_pk_sign_ext(mbedtls_pk_type_t pk_type,
|
|||||||
if (mbedtls_pk_get_type(ctx) == MBEDTLS_PK_OPAQUE) {
|
if (mbedtls_pk_get_type(ctx) == MBEDTLS_PK_OPAQUE) {
|
||||||
psa_status_t status;
|
psa_status_t status;
|
||||||
|
|
||||||
status = psa_sign_hash(ctx->opaque_id, PSA_ALG_RSA_PSS(psa_md_alg),
|
status = psa_sign_hash(ctx->priv_id, PSA_ALG_RSA_PSS(psa_md_alg),
|
||||||
hash, hash_len,
|
hash, hash_len,
|
||||||
sig, sig_size, sig_len);
|
sig, sig_size, sig_len);
|
||||||
return PSA_PK_RSA_TO_MBEDTLS_ERR(status);
|
return PSA_PK_RSA_TO_MBEDTLS_ERR(status);
|
||||||
|
|||||||
@ -1508,7 +1508,7 @@ static size_t pk_opaque_get_bitlen(mbedtls_pk_context *pk)
|
|||||||
size_t bits;
|
size_t bits;
|
||||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||||
|
|
||||||
if (PSA_SUCCESS != psa_get_key_attributes(pk->opaque_id, &attributes)) {
|
if (PSA_SUCCESS != psa_get_key_attributes(pk->priv_id, &attributes)) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1555,7 +1555,7 @@ static int pk_opaque_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg,
|
|||||||
(void) f_rng;
|
(void) f_rng;
|
||||||
(void) p_rng;
|
(void) p_rng;
|
||||||
|
|
||||||
status = psa_get_key_attributes(pk->opaque_id, &attributes);
|
status = psa_get_key_attributes(pk->priv_id, &attributes);
|
||||||
if (status != PSA_SUCCESS) {
|
if (status != PSA_SUCCESS) {
|
||||||
return PSA_PK_TO_MBEDTLS_ERR(status);
|
return PSA_PK_TO_MBEDTLS_ERR(status);
|
||||||
}
|
}
|
||||||
@ -1576,7 +1576,7 @@ static int pk_opaque_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg,
|
|||||||
return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
|
return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
|
||||||
|
|
||||||
/* make the signature */
|
/* make the signature */
|
||||||
status = psa_sign_hash(pk->opaque_id, alg, hash, hash_len,
|
status = psa_sign_hash(pk->priv_id, alg, hash, hash_len,
|
||||||
sig, sig_size, sig_len);
|
sig, sig_size, sig_len);
|
||||||
if (status != PSA_SUCCESS) {
|
if (status != PSA_SUCCESS) {
|
||||||
#if defined(MBEDTLS_PK_CAN_ECDSA_SIGN)
|
#if defined(MBEDTLS_PK_CAN_ECDSA_SIGN)
|
||||||
@ -1638,7 +1638,7 @@ static int pk_opaque_rsa_decrypt(mbedtls_pk_context *pk,
|
|||||||
(void) f_rng;
|
(void) f_rng;
|
||||||
(void) p_rng;
|
(void) p_rng;
|
||||||
|
|
||||||
status = psa_asymmetric_decrypt(pk->opaque_id, PSA_ALG_RSA_PKCS1V15_CRYPT,
|
status = psa_asymmetric_decrypt(pk->priv_id, PSA_ALG_RSA_PKCS1V15_CRYPT,
|
||||||
input, ilen,
|
input, ilen,
|
||||||
NULL, 0,
|
NULL, 0,
|
||||||
output, osize, olen);
|
output, osize, olen);
|
||||||
|
|||||||
@ -194,7 +194,7 @@ int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start,
|
|||||||
}
|
}
|
||||||
|
|
||||||
buffer_size = (size_t) (*p - start);
|
buffer_size = (size_t) (*p - start);
|
||||||
if (psa_export_public_key(key->opaque_id, start, buffer_size, &len)
|
if (psa_export_public_key(key->priv_id, start, buffer_size, &len)
|
||||||
!= PSA_SUCCESS) {
|
!= PSA_SUCCESS) {
|
||||||
return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
|
return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
|
||||||
} else {
|
} else {
|
||||||
@ -256,7 +256,7 @@ int mbedtls_pk_write_pubkey_der(const mbedtls_pk_context *key, unsigned char *bu
|
|||||||
psa_ecc_family_t curve;
|
psa_ecc_family_t curve;
|
||||||
size_t bits;
|
size_t bits;
|
||||||
|
|
||||||
if (PSA_SUCCESS != psa_get_key_attributes(key->opaque_id,
|
if (PSA_SUCCESS != psa_get_key_attributes(key->priv_id,
|
||||||
&attributes)) {
|
&attributes)) {
|
||||||
return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED;
|
return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -2614,7 +2614,7 @@ static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl)
|
|||||||
return MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH;
|
return MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH;
|
||||||
}
|
}
|
||||||
|
|
||||||
ssl->handshake->ecdh_psa_privkey = pk->opaque_id;
|
ssl->handshake->ecdh_psa_privkey = pk->priv_id;
|
||||||
|
|
||||||
/* Key should not be destroyed in the TLS library */
|
/* Key should not be destroyed in the TLS library */
|
||||||
ssl->handshake->ecdh_psa_privkey_is_external = 1;
|
ssl->handshake->ecdh_psa_privkey_is_external = 1;
|
||||||
|
|||||||
@ -595,7 +595,7 @@ static void test_ssl_endpoint_certificate_free(mbedtls_test_ssl_endpoint *ep)
|
|||||||
if (cert->pkey != NULL) {
|
if (cert->pkey != NULL) {
|
||||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||||
if (mbedtls_pk_get_type(cert->pkey) == MBEDTLS_PK_OPAQUE) {
|
if (mbedtls_pk_get_type(cert->pkey) == MBEDTLS_PK_OPAQUE) {
|
||||||
psa_destroy_key(cert->pkey->opaque_id);
|
psa_destroy_key(cert->pkey->priv_id);
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
mbedtls_pk_free(cert->pkey);
|
mbedtls_pk_free(cert->pkey);
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user