mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-19 09:40:29 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Migrate p256-m_driver_entrypoints.[hc] to new code style

Browse Source 
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
This commit is contained in:
Aditya Deshpande 2023-03-21 18:56:31 +00:00
parent ebd624e691
commit ac363d8d20
2 changed files with 68 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

116
3rdparty/p256-m/p256-m_driver_entrypoints.c vendored
View File

@ -26,20 +26,19 @@
#if defined(MBEDTLS_P256M_EXAMPLE_DRIVER_ENABLED) #if defined(MBEDTLS_P256M_EXAMPLE_DRIVER_ENABLED)
psa_status_t p256_to_psa_error( int ret ) psa_status_t p256_to_psa_error(int ret)
{ {
switch( ret ) switch (ret) {
{
case P256_SUCCESS: case P256_SUCCESS:
return( PSA_SUCCESS ); return PSA_SUCCESS;
case P256_INVALID_PUBKEY: case P256_INVALID_PUBKEY:
case P256_INVALID_PRIVKEY: case P256_INVALID_PRIVKEY:
return( PSA_ERROR_INVALID_ARGUMENT ); return PSA_ERROR_INVALID_ARGUMENT;
case P256_INVALID_SIGNATURE: case P256_INVALID_SIGNATURE:
return( PSA_ERROR_INVALID_SIGNATURE ); return PSA_ERROR_INVALID_SIGNATURE;
case P256_RANDOM_FAILED: case P256_RANDOM_FAILED:
default: default:
return( PSA_ERROR_GENERIC_ERROR ); return PSA_ERROR_GENERIC_ERROR;
} }
} }
@ -47,7 +46,7 @@ psa_status_t p256_transparent_generate_key(
const psa_key_attributes_t *attributes, const psa_key_attributes_t *attributes,
uint8_t *key_buffer, uint8_t *key_buffer,
size_t key_buffer_size, size_t key_buffer_size,
size_t *key_buffer_length ) size_t *key_buffer_length)
{ {
/* We don't use this argument, but the specification mandates the signature /* We don't use this argument, but the specification mandates the signature
* of driver entry-points. (void) used to avoid compiler warning. */ * of driver entry-points. (void) used to avoid compiler warning. */
@ -58,8 +57,9 @@ psa_status_t p256_transparent_generate_key(
/* /*
* p256-m generates a 32 byte private key, and expects to write to a buffer * p256-m generates a 32 byte private key, and expects to write to a buffer
* that is of that size. */ * that is of that size. */
if( key_buffer_size != 32 ) if (key_buffer_size != 32) {
return( status ); return status;
}
/* /*
* p256-m's keypair generation function outputs both public and private * p256-m's keypair generation function outputs both public and private
@ -67,20 +67,22 @@ psa_status_t p256_transparent_generate_key(
* private key will be written to key_buffer, which is passed to this * private key will be written to key_buffer, which is passed to this
* function as an argument. */ * function as an argument. */
uint8_t *public_key_buffer = NULL; uint8_t *public_key_buffer = NULL;
public_key_buffer = mbedtls_calloc( 1, 64); public_key_buffer = mbedtls_calloc(1, 64);
if( public_key_buffer == NULL) if (public_key_buffer == NULL) {
return( PSA_ERROR_INSUFFICIENT_MEMORY ); return PSA_ERROR_INSUFFICIENT_MEMORY;
}
status = p256_to_psa_error( status = p256_to_psa_error(
p256_gen_keypair(key_buffer, public_key_buffer) ); p256_gen_keypair(key_buffer, public_key_buffer));
if( status == PSA_SUCCESS ) if (status == PSA_SUCCESS) {
*key_buffer_length = 32; *key_buffer_length = 32;
}
/* /*
* The storage format for a SECP256R1 keypair is just the private key, so * The storage format for a SECP256R1 keypair is just the private key, so
* the public key does not need to be passed back to the caller. Therefore * the public key does not need to be passed back to the caller. Therefore
* the buffer containing it can be freed. */ * the buffer containing it can be freed. */
free( public_key_buffer ); free(public_key_buffer);
return status; return status;
} }
@ -94,7 +96,7 @@ psa_status_t p256_transparent_key_agreement(
size_t peer_key_length, size_t peer_key_length,
uint8_t *shared_secret, uint8_t *shared_secret,
size_t shared_secret_size, size_t shared_secret_size,
size_t *shared_secret_length ) size_t *shared_secret_length)
{ {
/* We don't use these arguments, but the specification mandates the /* We don't use these arguments, but the specification mandates the
* sginature of driver entry-points. (void) used to avoid compiler * sginature of driver entry-points. (void) used to avoid compiler
@ -106,14 +108,16 @@ psa_status_t p256_transparent_key_agreement(
* Check that private key = 32 bytes, peer public key = 65 bytes, * Check that private key = 32 bytes, peer public key = 65 bytes,
* and that the shared secret buffer is big enough. */ * and that the shared secret buffer is big enough. */
psa_status_t status = PSA_ERROR_NOT_SUPPORTED; psa_status_t status = PSA_ERROR_NOT_SUPPORTED;
if( key_buffer_size != 32 || shared_secret_size < 32 || if (key_buffer_size != 32 || shared_secret_size < 32 ||
peer_key_length != 65 ) peer_key_length != 65) {
return ( status ); return status;
}
status = p256_to_psa_error( status = p256_to_psa_error(
p256_ecdh_shared_secret(shared_secret, key_buffer, peer_key+1) ); p256_ecdh_shared_secret(shared_secret, key_buffer, peer_key+1));
if( status == PSA_SUCCESS ) if (status == PSA_SUCCESS) {
*shared_secret_length = 32; *shared_secret_length = 32;
}
return status; return status;
} }
@ -127,7 +131,7 @@ psa_status_t p256_transparent_sign_hash(
size_t hash_length, size_t hash_length,
uint8_t *signature, uint8_t *signature,
size_t signature_size, size_t signature_size,
size_t *signature_length ) size_t *signature_length)
{ {
/* We don't use these arguments, but the specification mandates the /* We don't use these arguments, but the specification mandates the
* sginature of driver entry-points. (void) used to avoid compiler * sginature of driver entry-points. (void) used to avoid compiler
@ -136,13 +140,15 @@ psa_status_t p256_transparent_sign_hash(
(void) alg; (void) alg;
psa_status_t status = PSA_ERROR_NOT_SUPPORTED; psa_status_t status = PSA_ERROR_NOT_SUPPORTED;
if( key_buffer_size != 32 || signature_size != 64) if (key_buffer_size != 32 || signature_size != 64) {
return( status ); return status;
}
status = p256_to_psa_error( status = p256_to_psa_error(
p256_ecdsa_sign(signature, key_buffer, hash, hash_length) ); p256_ecdsa_sign(signature, key_buffer, hash, hash_length));
if( status == PSA_SUCCESS ) if (status == PSA_SUCCESS) {
*signature_length = 64; *signature_length = 64;
}
return status; return status;
} }
@ -155,15 +161,16 @@ static psa_status_t p256_verify_hash_with_public_key(
const uint8_t *hash, const uint8_t *hash,
size_t hash_length, size_t hash_length,
const uint8_t *signature, const uint8_t *signature,
size_t signature_length ) size_t signature_length)
{ {
psa_status_t status = PSA_ERROR_NOT_SUPPORTED; psa_status_t status = PSA_ERROR_NOT_SUPPORTED;
if( key_buffer_size != 65 || signature_length != 64 || *key_buffer != 0x04 ) if (key_buffer_size != 65 || signature_length != 64 || *key_buffer != 0x04) {
return status; return status;
}
const uint8_t *public_key_buffer = key_buffer + 1; const uint8_t *public_key_buffer = key_buffer + 1;
status = p256_to_psa_error( status = p256_to_psa_error(
p256_ecdsa_verify( signature, public_key_buffer, hash, hash_length) ); p256_ecdsa_verify(signature, public_key_buffer, hash, hash_length));
return status; return status;
} }
@ -176,7 +183,7 @@ psa_status_t p256_transparent_verify_hash(
const uint8_t *hash, const uint8_t *hash,
size_t hash_length, size_t hash_length,
const uint8_t *signature, const uint8_t *signature,
size_t signature_length ) size_t signature_length)
{ {
/* We don't use this argument, but the specification mandates the signature /* We don't use this argument, but the specification mandates the signature
* of driver entry-points. (void) used to avoid compiler warning. */ * of driver entry-points. (void) used to avoid compiler warning. */
@ -185,40 +192,43 @@ psa_status_t p256_transparent_verify_hash(
psa_status_t status; psa_status_t status;
uint8_t *public_key_buffer = NULL; uint8_t *public_key_buffer = NULL;
size_t public_key_buffer_size = 65; size_t public_key_buffer_size = 65;
public_key_buffer = mbedtls_calloc( 1, public_key_buffer_size); public_key_buffer = mbedtls_calloc(1, public_key_buffer_size);
if( public_key_buffer == NULL) if (public_key_buffer == NULL) {
return( PSA_ERROR_INSUFFICIENT_MEMORY ); return PSA_ERROR_INSUFFICIENT_MEMORY;
}
size_t *public_key_length = NULL; size_t *public_key_length = NULL;
public_key_length = mbedtls_calloc( 1, sizeof(size_t) ); public_key_length = mbedtls_calloc(1, sizeof(size_t));
if( public_key_length == NULL) if (public_key_length == NULL) {
return( PSA_ERROR_INSUFFICIENT_MEMORY ); return PSA_ERROR_INSUFFICIENT_MEMORY;
}
*public_key_length = 65; *public_key_length = 65;
/* The contents of key_buffer may either be the 32 byte private key /* The contents of key_buffer may either be the 32 byte private key
* (keypair representation), or the 65 byte public key. To ensure the * (keypair representation), or the 65 byte public key. To ensure the
* latter is obtained, the public key is exported. */ * latter is obtained, the public key is exported. */
status = psa_driver_wrapper_export_public_key( status = psa_driver_wrapper_export_public_key(
attributes, attributes,
key_buffer, key_buffer,
key_buffer_size, key_buffer_size,
public_key_buffer, public_key_buffer,
public_key_buffer_size, public_key_buffer_size,
public_key_length ); public_key_length);
if( status != PSA_SUCCESS ) if (status != PSA_SUCCESS) {
goto exit; goto exit;
}
status = p256_verify_hash_with_public_key( status = p256_verify_hash_with_public_key(
public_key_buffer, public_key_buffer,
public_key_buffer_size, public_key_buffer_size,
hash, hash,
hash_length, hash_length,
signature, signature,
signature_length ); signature_length);
exit: exit:
free( public_key_buffer ); free(public_key_buffer);
free( public_key_length ); free(public_key_length);
return ( status ); return status;
} }
#endif /* MBEDTLS_P256M_EXAMPLE_DRIVER_ENABLED */ #endif /* MBEDTLS_P256M_EXAMPLE_DRIVER_ENABLED */

10
3rdparty/p256-m/p256-m_driver_entrypoints.h vendored
View File

@ -35,7 +35,7 @@
* *
* \return The corresponding PSA error code * \return The corresponding PSA error code
*/ */
psa_status_t p256_to_psa_error( int ret ); psa_status_t p256_to_psa_error(int ret);
/** Generate SECP256R1 ECC Key Pair. /** Generate SECP256R1 ECC Key Pair.
@ -61,7 +61,7 @@ psa_status_t p256_transparent_generate_key(
const psa_key_attributes_t *attributes, const psa_key_attributes_t *attributes,
uint8_t *key_buffer, uint8_t *key_buffer,
size_t key_buffer_size, size_t key_buffer_size,
size_t *key_buffer_length ); size_t *key_buffer_length);
/** Perform raw key agreement using p256-m's ECDH implementation /** Perform raw key agreement using p256-m's ECDH implementation
* \param[in] attributes The attributes of the key to use for the * \param[in] attributes The attributes of the key to use for the
@ -94,7 +94,7 @@ psa_status_t p256_transparent_key_agreement(
size_t peer_key_length, size_t peer_key_length,
uint8_t *shared_secret, uint8_t *shared_secret,
size_t shared_secret_size, size_t shared_secret_size,
size_t *shared_secret_length ); size_t *shared_secret_length);
/** Sign an already-calculated hash with a private key using p256-m's ECDSA /** Sign an already-calculated hash with a private key using p256-m's ECDSA
* implementation * implementation
@ -126,7 +126,7 @@ psa_status_t p256_transparent_sign_hash(
size_t hash_length, size_t hash_length,
uint8_t *signature, uint8_t *signature,
size_t signature_size, size_t signature_size,
size_t *signature_length ); size_t *signature_length);
/** Verify the signature of a hash using a SECP256R1 public key using p256-m's /** Verify the signature of a hash using a SECP256R1 public key using p256-m's
* ECDSA implementation. * ECDSA implementation.
@ -166,6 +166,6 @@ psa_status_t p256_transparent_verify_hash(
const uint8_t *hash, const uint8_t *hash,
size_t hash_length, size_t hash_length,
const uint8_t *signature, const uint8_t *signature,
size_t signature_length ); size_t signature_length);
#endif /* P256M_DRIVER_ENTRYPOINTS_H */ #endif /* P256M_DRIVER_ENTRYPOINTS_H */