psa: Change psa_import_ecp_key() signature

Change psa_import_ecp_key() signature to the signature of an import_key driver entry point. Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2025-11-04 04:32:24 -05:00 · 2020-11-08 14:54:25 +01:00 · 2020-11-08 14:54:25 +01:00 · 79cc548cf2
commit 79cc548cf2
parent 13f8b098cb
1 changed files with 39 additions and 21 deletions
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@ -536,43 +536,59 @@ static psa_status_t validate_unstructured_key_bit_size( psa_key_type_t type,
 #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
    defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)

-/** Import an ECP key from import representation to a slot
+/** Import an ECP key in binary format.
 *
- * \param[in,out] slot      The slot where to store the export representation to
- * \param[in] data          The buffer containing the import representation
- * \param[in] data_length   The amount of bytes in \p data
- * \param[out] key_buffer   The buffer containing the export representation
- * \param[in] key_buffer_size     The size of \p key_buffer in bytes
- * \param[out] key_buffer_length  The length of the data written in the key
- *                                buffer in bytes.
+ * \note The signature of this function is that of a PSA driver
+ *       import_key entry point. This function behaves as an import_key
+ *       entry point as defined in the PSA driver interface specification for
+ *       transparent drivers.
+ *
+ * \param[in]  attributes       The attributes for the key to import.
+ * \param[in]  data             The buffer containing the key data in import
+ *                              format.
+ * \param[in]  data_length      Size of the \p data buffer in bytes.
+ * \param[out] key_buffer       The buffer containing the key data in output
+ *                              format.
+ * \param[in]  key_buffer_size  Size of the \p key_buffer buffer in bytes. This
+ *                              size is greater or equal to \p data_length.
+ * \param[out] key_buffer_length  The length of the data written in \p
+ *                                key_buffer in bytes.
+ * \param[out] bits             The key size in number of bits.
+ *
+ * \retval #PSA_SUCCESS  The ECP key was imported successfully.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         The key data is not correctly formatted.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
 */
-static psa_status_t psa_import_ecp_key( psa_key_slot_t *slot,
-                                        const uint8_t *data,
-                                        size_t data_length,
-                                        uint8_t *key_buffer,
-                                        size_t key_buffer_size,
-                                        size_t *key_buffer_length )
+static psa_status_t psa_import_ecp_key(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *data, size_t data_length,
+    uint8_t *key_buffer, size_t key_buffer_size,
+    size_t *key_buffer_length, size_t *bits )
 {
    psa_status_t status;
    mbedtls_ecp_keypair *ecp = NULL;

    /* Parse input */
-    status = mbedtls_psa_ecp_load_representation( slot->attr.type,
+    status = mbedtls_psa_ecp_load_representation( attributes->core.type,
                                                  data,
                                                  data_length,
                                                  &ecp );
    if( status != PSA_SUCCESS )
        goto exit;

-    if( PSA_KEY_TYPE_ECC_GET_FAMILY( slot->attr.type ) == PSA_ECC_FAMILY_MONTGOMERY)
-        slot->attr.bits = (psa_key_bits_t) ecp->grp.nbits + 1;
+    if( PSA_KEY_TYPE_ECC_GET_FAMILY( attributes->core.type ) ==
+        PSA_ECC_FAMILY_MONTGOMERY )
+        *bits = ecp->grp.nbits + 1;
    else
-        slot->attr.bits = (psa_key_bits_t) ecp->grp.nbits;
+        *bits = ecp->grp.nbits;

    /* Re-export the data to PSA export format. There is currently no support
     * for other input formats then the export format, so this is a 1-1
     * copy operation. */
-    status = mbedtls_psa_ecp_export_key( slot->attr.type,
+    status = mbedtls_psa_ecp_export_key( attributes->core.type,
                                         ecp,
                                         key_buffer,
                                         key_buffer_size,
@ -745,10 +761,12 @@ static psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot,
            if( status != PSA_SUCCESS )
                return( status );

-            status = psa_import_ecp_key( slot,
+            status = psa_import_ecp_key( &attributes,
                                         data, data_length,
                                         slot->key.data, data_length,
-                                         &slot->key.bytes );
+                                         &slot->key.bytes,
+                                         &bit_size );
+            slot->attr.bits = (psa_key_bits_t) bit_size;
            return( status );
        }
 #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||