AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add support for RSA in pk_opaque_sign_wrap()

Browse Source 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
This commit is contained in:
Neil Armstrong 2022-03-15 16:19:16 +01:00
parent ca5b55f0d1
commit b980c9b48c
1 changed files with 43 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
library/pk_wrap.c
View File

@ -1512,7 +1512,7 @@ static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
unsigned char *sig, size_t sig_size, size_t *sig_len, unsigned char *sig, size_t sig_size, size_t *sig_len,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{ {
#if !defined(MBEDTLS_ECDSA_C) #if !defined(MBEDTLS_ECDSA_C) && !defined(MBEDTLS_RSA_C)
((void) ctx); ((void) ctx);
((void) md_alg); ((void) md_alg);
((void) hash); ((void) hash);
@ -1523,36 +1523,62 @@ static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
((void) f_rng); ((void) f_rng);
((void) p_rng); ((void) p_rng);
return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
#else /* !MBEDTLS_ECDSA_C */ #else /* !MBEDTLS_ECDSA_C && !MBEDTLS_RSA_C */
const mbedtls_svc_key_id_t *key = (const mbedtls_svc_key_id_t *) ctx; const mbedtls_svc_key_id_t *key = (const mbedtls_svc_key_id_t *) ctx;
psa_algorithm_t alg = PSA_ALG_ECDSA( mbedtls_psa_translate_md( md_alg ) );
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_algorithm_t alg;
psa_key_type_t type; psa_key_type_t type;
psa_status_t status; psa_status_t status;
status = psa_get_key_attributes( *key, &attributes );
if( status != PSA_SUCCESS )
return( mbedtls_pk_error_from_psa_ecdca( status ) );
type = psa_get_key_type( &attributes );
psa_reset_key_attributes( &attributes );
if( ! PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) )
return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
/* PSA has its own RNG */ /* PSA has its own RNG */
(void) f_rng; (void) f_rng;
(void) p_rng; (void) p_rng;
status = psa_get_key_attributes( *key, &attributes );
if( status != PSA_SUCCESS )
return( mbedtls_pk_error_from_psa( status ) );
type = psa_get_key_type( &attributes );
psa_reset_key_attributes( &attributes );
#if defined(MBEDTLS_ECDSA_C)
if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) )
alg = PSA_ALG_ECDSA( mbedtls_psa_translate_md( md_alg ) );
else
#endif /* MBEDTLS_ECDSA_C */
#if defined(MBEDTLS_RSA_C)
if( PSA_KEY_TYPE_IS_RSA( type ) )
alg = PSA_ALG_RSA_PKCS1V15_SIGN( mbedtls_psa_translate_md( md_alg ) );
else
#endif /* MBEDTLS_RSA_C */
return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
/* make the signature */ /* make the signature */
status = psa_sign_hash( *key, alg, hash, hash_len, status = psa_sign_hash( *key, alg, hash, hash_len,
sig, sig_size, sig_len ); sig, sig_size, sig_len );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
return( mbedtls_pk_error_from_psa_ecdsa( status ) ); {
#if defined(MBEDTLS_ECDSA_C)
if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) )
return( mbedtls_pk_error_from_psa_ecdsa( status ) );
else
#endif /* MBEDTLS_ECDSA_C */
#if defined(MBEDTLS_RSA_C)
if( PSA_KEY_TYPE_IS_RSA( type ) )
return( mbedtls_pk_error_from_psa_rsa( status ) );
else
#endif /* MBEDTLS_RSA_C */
return( mbedtls_pk_error_from_psa( status ) );
}
/* transcode it to ASN.1 sequence */ #if defined(MBEDTLS_ECDSA_C)
return( pk_ecdsa_sig_asn1_from_psa( sig, sig_len, sig_size ) ); if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) )
#endif /* !MBEDTLS_ECDSA_C */ /* transcode it to ASN.1 sequence */
return( pk_ecdsa_sig_asn1_from_psa( sig, sig_len, sig_size ) );
#endif /* MBEDTLS_ECDSA_C */
return 0;
#endif /* !MBEDTLS_ECDSA_C && !MBEDTLS_RSA_C */
} }
const mbedtls_pk_info_t mbedtls_pk_ecdsa_opaque_info = { const mbedtls_pk_info_t mbedtls_pk_ecdsa_opaque_info = {