cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-11-04 04:32:24 -05:00
Code Issues Packages Projects Releases Wiki Activity

psa: import: Move key buffer allocation

Browse Source 
Move key buffer allocation from psa_import_key_into_slot()
function up to the two functions calling it.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2020-11-28 15:14:42 +01:00
parent d6ec3035a4
commit dd04d423b5
1 changed files with 44 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
library/psa_crypto.c
View File

@ -591,12 +591,18 @@ psa_status_t psa_copy_key_material_into_slot( psa_key_slot_t *slot,
*
* Persistent storage is not affected.
*
* \param[in,out] slot The key slot to import data into.
* Its `type` field must have previously been set to
* the desired key type.
* It must not contain any key material yet.
* \param[in] data Buffer containing the key material to parse and import.
* \param data_length Size of \p data in bytes.
* \param[in,out] slot The key slot to import data into.
* Its `type` field must have previously been set to
* the desired key type.
* It must not contain any key material yet.
* \param[in] data Buffer containing the key material to parse and
* import.
* \param data_length Size of \p data in bytes.
* \param[out] key_buffer The buffer containing the export representation.
* \param[in] key_buffer_size The size of \p key_buffer in bytes. The size
* is greater or equal to \p data_length.
* \param[out] key_buffer_length The length of the data written in \p
* key_buffer in bytes.
*
* \retval #PSA_SUCCESS
* \retval #PSA_ERROR_INVALID_ARGUMENT
@ -605,7 +611,10 @@ psa_status_t psa_copy_key_material_into_slot( psa_key_slot_t *slot,
*/
static psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot,
const uint8_t *data,
size_t data_length )
size_t data_length,
uint8_t *key_buffer,
size_t key_buffer_size,
size_t *key_buffer_length )
{
psa_status_t status = PSA_SUCCESS;
size_t bit_size;
@ -631,10 +640,10 @@ static psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot,
if( status != PSA_SUCCESS )
return( status );
/* Allocate memory for the key */
status = psa_copy_key_material_into_slot( slot, data, data_length );
if( status != PSA_SUCCESS )
return( status );
/* Copy the key material. */
memcpy( key_buffer, data, data_length );
*key_buffer_length = data_length;
(void)key_buffer_size;
/* Write the actual key size to the slot.
* psa_start_key_creation() wrote the size declared by the
@ -650,16 +659,12 @@ static psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot,
.core = slot->attr
};
status = psa_allocate_buffer_to_slot( slot, data_length );
if( status != PSA_SUCCESS )
return( status );
bit_size = slot->attr.bits;
status = psa_driver_wrapper_import_key( &attributes,
data, data_length,
slot->key.data,
slot->key.bytes,
&slot->key.bytes,
key_buffer,
key_buffer_size,
key_buffer_length,
&bit_size );
if( status == PSA_SUCCESS )
{
@ -676,10 +681,7 @@ static psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot,
return( status );
}
mbedtls_platform_zeroize( slot->key.data, data_length );
mbedtls_free( slot->key.data );
slot->key.data = NULL;
slot->key.bytes = 0;
mbedtls_platform_zeroize( key_buffer, key_buffer_size );
/* Key format is not supported by any accelerator, try software fallback
* if present. */
@ -687,14 +689,10 @@ static psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot,
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
if( PSA_KEY_TYPE_IS_ECC( slot->attr.type ) )
{
status = psa_allocate_buffer_to_slot( slot, data_length );
if( status != PSA_SUCCESS )
return( status );
status = mbedtls_psa_ecp_import_key( &attributes,
data, data_length,
slot->key.data, data_length,
&slot->key.bytes,
key_buffer, key_buffer_size,
key_buffer_length,
&bit_size );
slot->attr.bits = (psa_key_bits_t) bit_size;
return( status );
@ -705,14 +703,10 @@ static psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot,
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) )
{
status = psa_allocate_buffer_to_slot( slot, data_length );
if( status != PSA_SUCCESS )
return( status );
status = mbedtls_psa_rsa_import_key( &attributes,
data, data_length,
slot->key.data, data_length,
&slot->key.bytes,
key_buffer, key_buffer_size,
key_buffer_length,
&bit_size );
slot->attr.bits = (psa_key_bits_t) bit_size;
return( status );
@ -1931,7 +1925,14 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes,
}
else
{
status = psa_import_key_into_slot( slot, data, data_length );
status = psa_allocate_buffer_to_slot( slot, data_length );
if( status != PSA_SUCCESS )
goto exit;
status = psa_import_key_into_slot( slot, data, data_length,
slot->key.data,
slot->key.bytes,
&slot->key.bytes );
if( status != PSA_SUCCESS )
goto exit;
}
@ -5234,7 +5235,14 @@ static psa_status_t psa_generate_derived_key_internal(
if( slot->attr.type == PSA_KEY_TYPE_DES )
psa_des_set_key_parity( data, bytes );
#endif /* MBEDTLS_DES_C */
status = psa_import_key_into_slot( slot, data, bytes );
status = psa_allocate_buffer_to_slot( slot, bytes );
if( status != PSA_SUCCESS )
return( status );
status = psa_import_key_into_slot( slot, data, bytes,
slot->key.data, slot->key.bytes,
&slot->key.bytes );
exit:
mbedtls_free( data );