From a7c9e09dd0f59ee6a6773d71e34f6f5180605dae Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 27 Jul 2023 14:39:50 +0200 Subject: [PATCH] pkwrite: add new internal symbol to properly size DER buffer Signed-off-by: Valerio Setti --- library/pkwrite.h | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/library/pkwrite.h b/library/pkwrite.h index bc40437d54..8cfa64b8eb 100644 --- a/library/pkwrite.h +++ b/library/pkwrite.h @@ -27,6 +27,10 @@ #include "mbedtls/pk.h" +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + /* * Max sizes of key per types. Shown as tag + len (+ content). */ @@ -74,6 +78,19 @@ #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) + +/* Find the maximum number of bytes necessary to store an EC point. When USE_PSA + * is defined this means looking for the maximum between PSA and built-in + * supported curves. */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#define MBEDTLS_PK_MAX_ECC_BYTES (PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS) > \ + MBEDTLS_ECP_MAX_BYTES ? \ + PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS) : \ + MBEDTLS_ECP_MAX_BYTES) +#else /* MBEDTLS_USE_PSA_CRYPTO */ +#define MBEDTLS_PK_MAX_ECC_BYTES MBEDTLS_ECP_MAX_BYTES +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + /* * EC public keys: * SubjectPublicKeyInfo ::= SEQUENCE { 1 + 2 @@ -85,7 +102,7 @@ * + 2 * ECP_MAX (coords) [1] * } */ -#define MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES (30 + 2 * 66) +#define MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES (30 + 2 * MBEDTLS_PK_MAX_ECC_BYTES) /* * EC private keys: @@ -96,7 +113,7 @@ * publicKey [1] BIT STRING OPTIONAL 1 + 2 + [1] above * } */ -#define MBEDTLS_PK_ECP_PRV_DER_MAX_BYTES (29 + 3 * 66) +#define MBEDTLS_PK_ECP_PRV_DER_MAX_BYTES (29 + 3 * MBEDTLS_PK_MAX_ECC_BYTES) #else /* MBEDTLS_PK_HAVE_ECC_KEYS */