2acbed387d
In psa_generate_key_internal() for ECC keys, remove the check that the bit-size according to Mbed TLS is equal to the requested bit-size. This check was necessary back when the PSA API encoded curves and key sizes independently, in order to reject combinations such as SECP256R1 with a 512-bit size. Since the curve encoding changed to specifying a curve family and a size separately, the Mbed TLS curve id (grp_id) and the curve data (curve_info) are now determined from the size, and checking that (curve_info->bit_size == bits) is now only a redundant sanity check. This check is actually buggy, because PSA Crypto and Mbed TLS don't have exactly the same notion of key size. PSA thinks Curve25519 is 255-bit and secp224k1 is 225-bit, but Mbed TLS thinks they're 256-bit and 224-bit respectively. Removing the check allows key generation to work for these curves. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
4 lines
126 B
Plaintext
4 lines
126 B
Plaintext
Bugfix
|
|
* Fix psa_generate_key() returning an error when asked to generate
|
|
an ECC key pair on Curve25519 or secp244k1.
|