Skip to content

Commit

Permalink
Merge pull request #20607 from mguetschow/psa-key-bits-cleanup
Browse files Browse the repository at this point in the history
sys/psa_crypto: correct use of (ECDSA) key_bits
  • Loading branch information
benpicco authored May 16, 2024
2 parents de845a6 + 15e48f0 commit 3c4b23c
Show file tree
Hide file tree
Showing 5 changed files with 14 additions and 32 deletions.
2 changes: 1 addition & 1 deletion examples/psa_crypto/example_ecdsa_p256.c
Original file line number Diff line number Diff line change
Expand Up @@ -88,7 +88,7 @@ psa_status_t example_ecdsa_p256(void)
psa_set_key_usage_flags(&pubkey_attr, PSA_KEY_USAGE_VERIFY_MESSAGE);
#endif
psa_set_key_algorithm(&pubkey_attr, ECC_ALG);
psa_set_key_bits(&pubkey_attr, PSA_BYTES_TO_BITS(pubkey_length));
psa_set_key_bits(&pubkey_attr, ECC_KEY_SIZE);
psa_set_key_type(&pubkey_attr, PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1));

status = psa_import_key(&pubkey_attr, public_key, pubkey_length, &pubkey_id);
Expand Down
26 changes: 1 addition & 25 deletions sys/include/psa_crypto/psa/crypto_sizes.h
Original file line number Diff line number Diff line change
Expand Up @@ -893,30 +893,6 @@ extern "C" {
#define PSA_EXPORT_KEY_PAIR_MAX_SIZE 0
#endif

/**
* @brief Get curve size from ECC public key
*
* @details The representation of an ECC public key is dependent on the family:
* - for twisted Edwards curves: 32B
* - for Weierstrass curves:
* - The byte 0x04;
* - `x_P` as a `ceiling(m/8)`-byte string, big-endian;
* - `y_P` as a `ceiling(m/8)`-byte string, big-endian;
* - where m is the bit size associated with the curve.
* - 1 byte + 2 * point size.
*/
#define PSA_ECC_KEY_GET_CURVE_FROM_PUBLIC_KEY(key_type, key_bits) \
(PSA_KEY_TYPE_ECC_GET_FAMILY(key_type) == PSA_ECC_FAMILY_TWISTED_EDWARDS ? 255 : \
((size_t)((key_bits - 8) / 2)))

/**
* @brief Get curve size from ECC key (public or private)
*/
#define PSA_ECC_KEY_GET_CURVE(key_type, key_bits) \
(PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(key_type) ? \
PSA_ECC_KEY_GET_CURVE_FROM_PUBLIC_KEY(key_type, key_bits) : \
(size_t)key_bits)

/**
* @brief Maximum size of the export encoding of an ECC public key.
*
Expand Down Expand Up @@ -1059,7 +1035,7 @@ extern "C" {
* If the parameters are not valid, the return value is unspecified.
*/
#define PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) \
(PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(PSA_ECC_KEY_GET_CURVE(key_type, key_bits)) : \
(PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \
((void)alg, 0))

#ifdef __cplusplus
Expand Down
14 changes: 10 additions & 4 deletions sys/psa_crypto/psa_crypto.c
Original file line number Diff line number Diff line change
Expand Up @@ -1551,6 +1551,12 @@ psa_status_t psa_builtin_import_key(const psa_key_attributes_t *attributes,
return PSA_SUCCESS;
}
else if (PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type)) {
/* key material does not match expected size */
if (data_length != PSA_EXPORT_KEY_OUTPUT_SIZE(type, attributes->bits)) {
return PSA_ERROR_INVALID_ARGUMENT;
}

/* key material too large to be represented */
if (data_length > PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) {
return PSA_ERROR_NOT_SUPPORTED;
}
Expand Down Expand Up @@ -1944,7 +1950,7 @@ psa_status_t psa_sign_hash(psa_key_id_t key,
return status;
}

if (signature_size < PSA_ECDSA_SIGNATURE_SIZE(PSA_ECC_KEY_GET_CURVE(slot->attr.type, slot->attr.bits))) {
if (signature_size < PSA_ECDSA_SIGNATURE_SIZE(slot->attr.bits)) {
return PSA_ERROR_BUFFER_TOO_SMALL;
}

Expand Down Expand Up @@ -1997,7 +2003,7 @@ psa_status_t psa_sign_message(psa_key_id_t key,
return status;
}

if (signature_size < PSA_ECDSA_SIGNATURE_SIZE(PSA_ECC_KEY_GET_CURVE(slot->attr.type, slot->attr.bits))) {
if (signature_size < PSA_ECDSA_SIGNATURE_SIZE(slot->attr.bits)) {
return PSA_ERROR_BUFFER_TOO_SMALL;
}

Expand Down Expand Up @@ -2048,7 +2054,7 @@ psa_status_t psa_verify_hash(psa_key_id_t key,
return status;
}

if (signature_length != PSA_ECDSA_SIGNATURE_SIZE(PSA_ECC_KEY_GET_CURVE(slot->attr.type, slot->attr.bits))) {
if (signature_length != PSA_ECDSA_SIGNATURE_SIZE(slot->attr.bits)) {
return PSA_ERROR_INVALID_ARGUMENT;
}

Expand Down Expand Up @@ -2105,7 +2111,7 @@ psa_status_t psa_verify_message(psa_key_id_t key,
return status;
}

if (signature_length != PSA_ECDSA_SIGNATURE_SIZE(PSA_ECC_KEY_GET_CURVE(slot->attr.type, slot->attr.bits))) {
if (signature_length != PSA_ECDSA_SIGNATURE_SIZE(slot->attr.bits)) {
return PSA_ERROR_INVALID_ARGUMENT;
}

Expand Down
2 changes: 1 addition & 1 deletion tests/sys/psa_crypto_ecdsa/example_ecdsa_p256.c
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@ psa_status_t example_ecdsa_p256(void)

psa_set_key_usage_flags(&pubkey_attr, PSA_KEY_USAGE_VERIFY_MESSAGE);
psa_set_key_algorithm(&pubkey_attr, ECC_ALG);
psa_set_key_bits(&pubkey_attr, PSA_BYTES_TO_BITS(pubkey_length));
psa_set_key_bits(&pubkey_attr, ECC_KEY_SIZE);
psa_set_key_type(&pubkey_attr, PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1));

status = psa_import_key(&pubkey_attr, public_key, pubkey_length, &pubkey_id);
Expand Down
2 changes: 1 addition & 1 deletion tests/sys/psa_crypto_se_ecdsa/example_ecdsa_p256.c
Original file line number Diff line number Diff line change
Expand Up @@ -84,7 +84,7 @@ psa_status_t example_ecdsa_p256(void)
psa_set_key_lifetime(&pubkey_attr, lifetime);
psa_set_key_usage_flags(&pubkey_attr, PSA_KEY_USAGE_VERIFY_HASH);
psa_set_key_algorithm(&pubkey_attr, ECC_ALG);
psa_set_key_bits(&pubkey_attr, PSA_BYTES_TO_BITS(pubkey_length));
psa_set_key_bits(&pubkey_attr, ECC_KEY_SIZE);
psa_set_key_type(&pubkey_attr, PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1));

status = psa_import_key(&pubkey_attr, public_key, pubkey_length, &pubkey_id);
Expand Down

0 comments on commit 3c4b23c

Please sign in to comment.