From 5fec0860f91457d82992a940b0c0e1d6952544c4 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Mon, 19 Nov 2018 10:07:36 -0500 Subject: [PATCH] pkwrite: add opaque key handling for public key exporting Return early from mbedtls_pk_write_pubkey_der - public opaque key exporting is expected to contain all of the needed data, therefore it shouldn't be written again. --- library/pkwrite.c | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/library/pkwrite.c b/library/pkwrite.c index 8eabd889b5..d135060e44 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -46,6 +46,9 @@ #include "mbedtls/pem.h" #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#endif #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else @@ -161,6 +164,23 @@ int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start, MBEDTLS_ASN1_CHK_ADD( len, pk_write_ec_pubkey( p, start, mbedtls_pk_ec( *key ) ) ); else #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_OPAQUE ) + { + size_t buffer_size = *p - start; + psa_key_slot_t* key_slot = ( psa_key_slot_t* ) key->pk_ctx; + if ( psa_export_public_key( *key_slot, start, buffer_size, &len ) + != PSA_SUCCESS ) + { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + else + { + memmove( *p - len, start, len ); + } + } + else +#endif /* MBEDTLS_USE_PSA_CRYPTO */ return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); return( (int) len ); @@ -177,6 +197,10 @@ int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *key, unsigned char *buf, si MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, key ) ); + if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_OPAQUE ) + { + return( (int) len ); + } if( c - buf < 1 ) return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );