From eefe47292ca04717ffca05e3b6abbc5429cc96c9 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Mon, 6 Feb 2023 15:59:09 +0000 Subject: [PATCH] Move loading of public part of ECP into function Signed-off-by: Paul Elliott --- library/psa_crypto.c | 16 +++------------- library/psa_crypto_ecp.c | 23 +++++++++++++++++------ library/psa_crypto_ecp.h | 9 +++++++++ 3 files changed, 29 insertions(+), 19 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 882cb968fe..62828bdb43 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3762,20 +3762,10 @@ psa_status_t mbedtls_psa_verify_hash_start( return status; } - /* Check whether the public part is loaded. If not, load it. */ - if (mbedtls_ecp_is_zero(&operation->ctx->Q)) { - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + int ret = mbedtls_psa_ecp_load_public_part(operation->ctx); - ret = mbedtls_ecp_mul(&operation->ctx->grp, - &operation->ctx->Q, - &operation->ctx->d, - &operation->ctx->grp.G, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE); - - if (ret != 0) { - return mbedtls_to_psa_error(ret); - } + if (ret != 0) { + return mbedtls_to_psa_error(ret); } mbedtls_ecdsa_restart_init(&operation->restart_ctx); diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c index c4ccefd757..cc80f27760 100644 --- a/library/psa_crypto_ecp.c +++ b/library/psa_crypto_ecp.c @@ -404,6 +404,21 @@ cleanup: return mbedtls_to_psa_error(ret); } +int mbedtls_psa_ecp_load_public_part(mbedtls_ecp_keypair *ecp) +{ + int ret = 0; + + /* Check whether the public part is loaded. If not, load it. */ + if (mbedtls_ecp_is_zero(&ecp->Q)) { + ret = mbedtls_ecp_mul(&ecp->grp, &ecp->Q, + &ecp->d, &ecp->grp.G, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE); + } + + return ret; +} + psa_status_t mbedtls_psa_ecdsa_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -443,12 +458,8 @@ psa_status_t mbedtls_psa_ecdsa_verify_hash( signature + curve_bytes, curve_bytes)); - /* Check whether the public part is loaded. If not, load it. */ - if (mbedtls_ecp_is_zero(&ecp->Q)) { - MBEDTLS_MPI_CHK( - mbedtls_ecp_mul(&ecp->grp, &ecp->Q, &ecp->d, &ecp->grp.G, - mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE)); - } + MBEDTLS_MPI_CHK(mbedtls_psa_ecp_load_public_part(ecp)); + ret = mbedtls_ecdsa_verify(&ecp->grp, hash, hash_length, &ecp->Q, &r, &s); diff --git a/library/psa_crypto_ecp.h b/library/psa_crypto_ecp.h index 71f9d6acca..8b567fe3bf 100644 --- a/library/psa_crypto_ecp.h +++ b/library/psa_crypto_ecp.h @@ -48,6 +48,15 @@ psa_status_t mbedtls_psa_ecp_load_representation(psa_key_type_t type, size_t data_length, mbedtls_ecp_keypair **p_ecp); +/** Load the public part of an internal ECP, if required. + * + * \param ecp The ECP context to load the public part for. + * + * \return 0 on success, otherwise an MPI error. + */ + +int mbedtls_psa_ecp_load_public_part(mbedtls_ecp_keypair *ecp); + /** Import an ECP key in binary format. * * \note The signature of this function is that of a PSA driver