Merge pull request #3730 from gilles-peskine-arm/psa_generate_key-curve25519
Fix psa_generate_key on Curve25519
This commit is contained in:
commit
60ca77ca75
5
ChangeLog.d/ecp_curve_list.txt
Normal file
5
ChangeLog.d/ecp_curve_list.txt
Normal file
@ -0,0 +1,5 @@
|
||||
Bugfix
|
||||
* mbedtls_ecp_curve_list() now lists Curve25519 and Curve448 under the names
|
||||
"x25519" and "x448". These curves support ECDH but not ECDSA. If you need
|
||||
only the curves that support ECDSA, filter the list with
|
||||
mbedtls_ecdsa_can_do().
|
3
ChangeLog.d/psa_generate_key-curve25519.txt
Normal file
3
ChangeLog.d/psa_generate_key-curve25519.txt
Normal file
@ -0,0 +1,3 @@
|
||||
Bugfix
|
||||
* Fix psa_generate_key() returning an error when asked to generate
|
||||
an ECC key pair on Curve25519 or secp244k1.
|
@ -546,8 +546,11 @@ static const mbedtls_ecp_curve_info ecp_supported_curves[] =
|
||||
#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
|
||||
{ MBEDTLS_ECP_DP_SECP192K1, 18, 192, "secp192k1" },
|
||||
#endif
|
||||
#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) && defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
|
||||
#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
|
||||
{ MBEDTLS_ECP_DP_CURVE25519, 29, 256, "x25519" },
|
||||
#endif
|
||||
#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
|
||||
{ MBEDTLS_ECP_DP_CURVE448, 30, 448, "x448" },
|
||||
#endif
|
||||
{ MBEDTLS_ECP_DP_NONE, 0, 0, NULL },
|
||||
};
|
||||
|
@ -6109,8 +6109,6 @@ static psa_status_t psa_generate_key_internal(
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
if( grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL )
|
||||
return( PSA_ERROR_NOT_SUPPORTED );
|
||||
if( curve_info->bit_size != bits )
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
mbedtls_ecp_keypair_init( &ecp );
|
||||
ret = mbedtls_ecp_gen_key( grp_id, &ecp,
|
||||
mbedtls_ctr_drbg_random,
|
||||
|
@ -2549,6 +2549,14 @@ PSA raw key agreement: ECDH brainpoolP512r1 (RFC 7027)
|
||||
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C
|
||||
raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f"
|
||||
|
||||
PSA raw key agreement: X25519 (RFC 7748: Alice)
|
||||
depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE25519_ENABLED:MBEDTLS_ECDH_C
|
||||
raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a":"de9edb7d7b7dc1b4d35b61c2ece435373f8343c85b78674dadfc7e146f882b4f":"4a5d9d5ba4ce2de1728e3bf480350f25e07e21c947d19e3376f09b3c1e161742"
|
||||
|
||||
PSA raw key agreement: X25519 (RFC 7748: Bob)
|
||||
depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE25519_ENABLED:MBEDTLS_ECDH_C
|
||||
raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"5dab087e624a8a4b79e17f8b83800ee66f3bb1292618b6fd1c2f8b27ff88e0eb":"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":"4a5d9d5ba4ce2de1728e3bf480350f25e07e21c947d19e3376f09b3c1e161742"
|
||||
|
||||
PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: capacity=8160
|
||||
depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C
|
||||
key_agreement_capacity:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":8160
|
||||
@ -2710,6 +2718,10 @@ depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
|
||||
# doesn't fully relate the curve with its size.
|
||||
generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_ERROR_NOT_SUPPORTED
|
||||
|
||||
PSA generate key: ECC, Curve25519, good
|
||||
depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE25519_ENABLED:MBEDTLS_ECDH_C
|
||||
generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_SUCCESS
|
||||
|
||||
PSA generate key: RSA, default e
|
||||
generate_key_rsa:512:"":PSA_SUCCESS
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user