mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-02-22 18:39:58 +00:00
pk: uniform naming of functions and structures in pk/pk_wrap
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
Valerio Setti
parent
884c1ec1f5
commit
76d0f9637c
@ -182,9 +182,9 @@ int mbedtls_pk_setup_opaque(mbedtls_pk_context *ctx,
|
|||||||
psa_reset_key_attributes(&attributes);
|
psa_reset_key_attributes(&attributes);
|
||||||
|
|
||||||
if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type)) {
|
if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type)) {
|
||||||
info = &mbedtls_pk_ecdsa_opaque_info;
|
info = &mbedtls_ecdsa_opaque_info;
|
||||||
} else if (type == PSA_KEY_TYPE_RSA_KEY_PAIR) {
|
} else if (type == PSA_KEY_TYPE_RSA_KEY_PAIR) {
|
||||||
info = &mbedtls_pk_rsa_opaque_info;
|
info = &mbedtls_rsa_opaque_info;
|
||||||
} else {
|
} else {
|
||||||
return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
|
return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -709,6 +709,7 @@ static int extract_ecdsa_sig(unsigned char **p, const unsigned char *end,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Common helper for ECDSA verify using PSA functions. */
|
||||||
static int ecdsa_verify_psa(unsigned char *key, size_t key_len,
|
static int ecdsa_verify_psa(unsigned char *key, size_t key_len,
|
||||||
psa_ecc_family_t curve, size_t curve_bits,
|
psa_ecc_family_t curve, size_t curve_bits,
|
||||||
const unsigned char *hash, size_t hash_len,
|
const unsigned char *hash, size_t hash_len,
|
||||||
@ -773,7 +774,7 @@ cleanup:
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int pk_opaque_ecdsa_verify_wrap(mbedtls_pk_context *pk,
|
static int ecdsa_opaque_verify_wrap(mbedtls_pk_context *pk,
|
||||||
mbedtls_md_type_t md_alg,
|
mbedtls_md_type_t md_alg,
|
||||||
const unsigned char *hash, size_t hash_len,
|
const unsigned char *hash, size_t hash_len,
|
||||||
const unsigned char *sig, size_t sig_len)
|
const unsigned char *sig, size_t sig_len)
|
||||||
@ -947,9 +948,7 @@ static int pk_ecdsa_sig_asn1_from_psa(unsigned char *sig, size_t *sig_len,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* This is the common helper used by ecdsa_sign_wrap() functions below (they
|
/* Common helper for ECDSA sign using PSA functions. */
|
||||||
* differ in having PK_USE_PSA_EC_DATA defined or not) to sign using PSA
|
|
||||||
* functions. */
|
|
||||||
static int ecdsa_sign_psa(mbedtls_svc_key_id_t key_id, mbedtls_md_type_t md_alg,
|
static int ecdsa_sign_psa(mbedtls_svc_key_id_t key_id, mbedtls_md_type_t md_alg,
|
||||||
const unsigned char *hash, size_t hash_len,
|
const unsigned char *hash, size_t hash_len,
|
||||||
unsigned char *sig, size_t sig_size, size_t *sig_len)
|
unsigned char *sig, size_t sig_size, size_t *sig_len)
|
||||||
@ -965,6 +964,7 @@ static int ecdsa_sign_psa(mbedtls_svc_key_id_t key_id, mbedtls_md_type_t md_alg,
|
|||||||
return PSA_PK_ECDSA_TO_MBEDTLS_ERR(status);
|
return PSA_PK_ECDSA_TO_MBEDTLS_ERR(status);
|
||||||
}
|
}
|
||||||
alg = psa_get_key_algorithm(&key_attr);
|
alg = psa_get_key_algorithm(&key_attr);
|
||||||
|
psa_reset_key_attributes(&key_attr);
|
||||||
|
|
||||||
if (PSA_ALG_IS_DETERMINISTIC_ECDSA(alg)) {
|
if (PSA_ALG_IS_DETERMINISTIC_ECDSA(alg)) {
|
||||||
psa_sig_md = PSA_ALG_DETERMINISTIC_ECDSA(mbedtls_md_psa_alg_from_type(md_alg));
|
psa_sig_md = PSA_ALG_DETERMINISTIC_ECDSA(mbedtls_md_psa_alg_from_type(md_alg));
|
||||||
@ -983,12 +983,7 @@ static int ecdsa_sign_psa(mbedtls_svc_key_id_t key_id, mbedtls_md_type_t md_alg,
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* The reason for having this duplicated compared to ecdsa_sign_wrap() below is
|
static int ecdsa_opaque_sign_wrap(mbedtls_pk_context *pk,
|
||||||
* that:
|
|
||||||
* - opaque keys are available as long as USE_PSA_CRYPTO is defined and even
|
|
||||||
* if !PK_USE_PSA_EC_DATA
|
|
||||||
* - opaque keys do not support PSA_ALG_DETERMINISTIC_ECDSA() */
|
|
||||||
static int pk_opaque_ecdsa_sign_wrap(mbedtls_pk_context *pk,
|
|
||||||
mbedtls_md_type_t md_alg,
|
mbedtls_md_type_t md_alg,
|
||||||
const unsigned char *hash, size_t hash_len,
|
const unsigned char *hash, size_t hash_len,
|
||||||
unsigned char *sig, size_t sig_size,
|
unsigned char *sig, size_t sig_size,
|
||||||
@ -1004,17 +999,9 @@ static int pk_opaque_ecdsa_sign_wrap(mbedtls_pk_context *pk,
|
|||||||
}
|
}
|
||||||
|
|
||||||
#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
|
#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
|
||||||
static int ecdsa_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg,
|
/* When PK_USE_PSA_EC_DATA is defined opaque and non-opaque keys end up
|
||||||
const unsigned char *hash, size_t hash_len,
|
* using the same function. */
|
||||||
unsigned char *sig, size_t sig_size, size_t *sig_len,
|
#define ecdsa_sign_wrap ecdsa_opaque_sign_wrap
|
||||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
|
|
||||||
{
|
|
||||||
((void) f_rng);
|
|
||||||
((void) p_rng);
|
|
||||||
|
|
||||||
return ecdsa_sign_psa(pk->priv_id, md_alg, hash, hash_len, sig, sig_size,
|
|
||||||
sig_len);
|
|
||||||
}
|
|
||||||
#else /* MBEDTLS_PK_USE_PSA_EC_DATA */
|
#else /* MBEDTLS_PK_USE_PSA_EC_DATA */
|
||||||
static int ecdsa_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg,
|
static int ecdsa_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg,
|
||||||
const unsigned char *hash, size_t hash_len,
|
const unsigned char *hash, size_t hash_len,
|
||||||
@ -1596,7 +1583,7 @@ const mbedtls_pk_info_t mbedtls_rsa_alt_info = {
|
|||||||
#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
|
#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
|
||||||
|
|
||||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||||
static size_t pk_opaque_get_bitlen(mbedtls_pk_context *pk)
|
static size_t opaque_get_bitlen(mbedtls_pk_context *pk)
|
||||||
{
|
{
|
||||||
size_t bits;
|
size_t bits;
|
||||||
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
|
||||||
@ -1610,24 +1597,18 @@ static size_t pk_opaque_get_bitlen(mbedtls_pk_context *pk)
|
|||||||
return bits;
|
return bits;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int pk_opaque_ecdsa_can_do(mbedtls_pk_type_t type)
|
static int ecdsa_opaque_can_do(mbedtls_pk_type_t type)
|
||||||
{
|
{
|
||||||
return type == MBEDTLS_PK_ECKEY ||
|
return type == MBEDTLS_PK_ECKEY ||
|
||||||
type == MBEDTLS_PK_ECDSA;
|
type == MBEDTLS_PK_ECDSA;
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
|
#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
|
||||||
static int pk_opaque_ecdsa_check_pair_wrap(mbedtls_pk_context *pub,
|
/* When PK_USE_PSA_EC_DATA is defined opaque and non-opaque keys end up
|
||||||
mbedtls_pk_context *prv,
|
* using the same function. */
|
||||||
int (*f_rng)(void *, unsigned char *, size_t),
|
#define ecdsa_opaque_check_pair_wrap eckey_check_pair_wrap
|
||||||
void *p_rng)
|
|
||||||
{
|
|
||||||
(void) f_rng;
|
|
||||||
(void) p_rng;
|
|
||||||
return eckey_check_pair_psa(pub, prv);
|
|
||||||
}
|
|
||||||
#else /* MBEDTLS_PK_USE_PSA_EC_DATA */
|
#else /* MBEDTLS_PK_USE_PSA_EC_DATA */
|
||||||
static int pk_opaque_ecdsa_check_pair_wrap(mbedtls_pk_context *pub,
|
static int ecdsa_opaque_check_pair_wrap(mbedtls_pk_context *pub,
|
||||||
mbedtls_pk_context *prv,
|
mbedtls_pk_context *prv,
|
||||||
int (*f_rng)(void *, unsigned char *, size_t),
|
int (*f_rng)(void *, unsigned char *, size_t),
|
||||||
void *p_rng)
|
void *p_rng)
|
||||||
@ -1662,24 +1643,24 @@ static int pk_opaque_ecdsa_check_pair_wrap(mbedtls_pk_context *pub,
|
|||||||
}
|
}
|
||||||
#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */
|
#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */
|
||||||
|
|
||||||
const mbedtls_pk_info_t mbedtls_pk_ecdsa_opaque_info = {
|
const mbedtls_pk_info_t mbedtls_ecdsa_opaque_info = {
|
||||||
.type = MBEDTLS_PK_OPAQUE,
|
.type = MBEDTLS_PK_OPAQUE,
|
||||||
.name = "Opaque",
|
.name = "Opaque",
|
||||||
.get_bitlen = pk_opaque_get_bitlen,
|
.get_bitlen = opaque_get_bitlen,
|
||||||
.can_do = pk_opaque_ecdsa_can_do,
|
.can_do = ecdsa_opaque_can_do,
|
||||||
.verify_func = pk_opaque_ecdsa_verify_wrap,
|
.verify_func = ecdsa_opaque_verify_wrap,
|
||||||
.sign_func = pk_opaque_ecdsa_sign_wrap,
|
.sign_func = ecdsa_opaque_sign_wrap,
|
||||||
.check_pair_func = pk_opaque_ecdsa_check_pair_wrap,
|
.check_pair_func = ecdsa_opaque_check_pair_wrap,
|
||||||
};
|
};
|
||||||
|
|
||||||
static int pk_opaque_rsa_can_do(mbedtls_pk_type_t type)
|
static int rsa_opaque_can_do(mbedtls_pk_type_t type)
|
||||||
{
|
{
|
||||||
return type == MBEDTLS_PK_RSA ||
|
return type == MBEDTLS_PK_RSA ||
|
||||||
type == MBEDTLS_PK_RSASSA_PSS;
|
type == MBEDTLS_PK_RSASSA_PSS;
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(MBEDTLS_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY)
|
#if defined(MBEDTLS_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY)
|
||||||
static int pk_opaque_rsa_decrypt(mbedtls_pk_context *pk,
|
static int rsa_opaque_decrypt(mbedtls_pk_context *pk,
|
||||||
const unsigned char *input, size_t ilen,
|
const unsigned char *input, size_t ilen,
|
||||||
unsigned char *output, size_t *olen, size_t osize,
|
unsigned char *output, size_t *olen, size_t osize,
|
||||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
|
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
|
||||||
@ -1702,7 +1683,7 @@ static int pk_opaque_rsa_decrypt(mbedtls_pk_context *pk,
|
|||||||
}
|
}
|
||||||
#endif /* MBEDTLS_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY */
|
#endif /* MBEDTLS_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY */
|
||||||
|
|
||||||
static int pk_opaque_rsa_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg,
|
static int rsa_opaque_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg,
|
||||||
const unsigned char *hash, size_t hash_len,
|
const unsigned char *hash, size_t hash_len,
|
||||||
unsigned char *sig, size_t sig_size, size_t *sig_len,
|
unsigned char *sig, size_t sig_size, size_t *sig_len,
|
||||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
|
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
|
||||||
@ -1757,14 +1738,14 @@ static int pk_opaque_rsa_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_
|
|||||||
#endif /* !MBEDTLS_RSA_C */
|
#endif /* !MBEDTLS_RSA_C */
|
||||||
}
|
}
|
||||||
|
|
||||||
const mbedtls_pk_info_t mbedtls_pk_rsa_opaque_info = {
|
const mbedtls_pk_info_t mbedtls_rsa_opaque_info = {
|
||||||
.type = MBEDTLS_PK_OPAQUE,
|
.type = MBEDTLS_PK_OPAQUE,
|
||||||
.name = "Opaque",
|
.name = "Opaque",
|
||||||
.get_bitlen = pk_opaque_get_bitlen,
|
.get_bitlen = opaque_get_bitlen,
|
||||||
.can_do = pk_opaque_rsa_can_do,
|
.can_do = rsa_opaque_can_do,
|
||||||
.sign_func = pk_opaque_rsa_sign_wrap,
|
.sign_func = rsa_opaque_sign_wrap,
|
||||||
#if defined(MBEDTLS_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY)
|
#if defined(MBEDTLS_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY)
|
||||||
.decrypt_func = pk_opaque_rsa_decrypt,
|
.decrypt_func = rsa_opaque_decrypt,
|
||||||
#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY */
|
#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY */
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|||||||
@ -134,8 +134,8 @@ extern const mbedtls_pk_info_t mbedtls_rsa_alt_info;
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||||
extern const mbedtls_pk_info_t mbedtls_pk_ecdsa_opaque_info;
|
extern const mbedtls_pk_info_t mbedtls_ecdsa_opaque_info;
|
||||||
extern const mbedtls_pk_info_t mbedtls_pk_rsa_opaque_info;
|
extern const mbedtls_pk_info_t mbedtls_rsa_opaque_info;
|
||||||
|
|
||||||
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
|
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
|
||||||
#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
|
#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user