Move ECP key generation code to the PSA ECP specific C file
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 1526519..0fd2469 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -34,6 +34,7 @@
#include "psa_crypto_driver_wrappers.h"
#include "psa_crypto_ecp.h"
#include "psa_crypto_rsa.h"
+#include "psa_crypto_ecp.h"
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
#include "psa_crypto_se.h"
#endif
@@ -6053,38 +6054,10 @@
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR)
if ( PSA_KEY_TYPE_IS_ECC( type ) && PSA_KEY_TYPE_IS_KEY_PAIR( type ) )
{
- psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY( type );
- mbedtls_ecp_group_id grp_id =
- mbedtls_ecc_group_of_psa( curve, attributes->core.bits, 0 );
-
- const mbedtls_ecp_curve_info *curve_info =
- mbedtls_ecp_curve_info_from_grp_id( grp_id );
- mbedtls_ecp_keypair ecp;
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- if( attributes->domain_parameters_size != 0 )
- return( PSA_ERROR_NOT_SUPPORTED );
- if( grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL )
- return( PSA_ERROR_NOT_SUPPORTED );
-
- mbedtls_ecp_keypair_init( &ecp );
- ret = mbedtls_ecp_gen_key( grp_id, &ecp,
- mbedtls_psa_get_random,
- MBEDTLS_PSA_RANDOM_STATE );
- if( ret != 0 )
- {
- mbedtls_ecp_keypair_free( &ecp );
- return( mbedtls_to_psa_error( ret ) );
- }
-
- status = mbedtls_to_psa_error(
- mbedtls_ecp_write_key( &ecp, key_buffer, key_buffer_size ) );
-
- mbedtls_ecp_keypair_free( &ecp );
-
- if( status == PSA_SUCCESS )
- *key_buffer_length = key_buffer_size;
-
- return( status );
+ return( mbedtls_psa_ecp_generate_key( attributes,
+ key_buffer,
+ key_buffer_size,
+ key_buffer_length ) );
}
else
#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) */
diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c
index 1a8f15e..95bb728 100644
--- a/library/psa_crypto_ecp.c
+++ b/library/psa_crypto_ecp.c
@@ -292,6 +292,52 @@
#endif /* defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
* defined(BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */
+#if defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR)
+psa_status_t mbedtls_psa_ecp_generate_key(
+ const psa_key_attributes_t *attributes,
+ uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+ psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY(
+ attributes->core.type );
+ mbedtls_ecp_group_id grp_id =
+ mbedtls_ecc_group_of_psa( curve, attributes->core.bits, 0 );
+
+ const mbedtls_ecp_curve_info *curve_info =
+ mbedtls_ecp_curve_info_from_grp_id( grp_id );
+ mbedtls_ecp_keypair ecp;
+
+ if( attributes->domain_parameters_size != 0 )
+ return( PSA_ERROR_NOT_SUPPORTED );
+
+ if( grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL )
+ return( PSA_ERROR_NOT_SUPPORTED );
+
+ mbedtls_ecp_keypair_init( &ecp );
+ ret = mbedtls_ecp_gen_key( grp_id, &ecp,
+ mbedtls_psa_get_random,
+ MBEDTLS_PSA_RANDOM_STATE );
+ if( ret != 0 )
+ {
+ mbedtls_ecp_keypair_free( &ecp );
+ return( mbedtls_to_psa_error( ret ) );
+ }
+
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_write_key( &ecp, key_buffer, key_buffer_size ) );
+
+ mbedtls_ecp_keypair_free( &ecp );
+
+ if( status == PSA_SUCCESS )
+ *key_buffer_length = key_buffer_size;
+
+ return( status );
+}
+#endif /* defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) */
+
+
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
diff --git a/library/psa_crypto_ecp.h b/library/psa_crypto_ecp.h
index 59b61b9..b5ccc86 100644
--- a/library/psa_crypto_ecp.h
+++ b/library/psa_crypto_ecp.h
@@ -123,6 +123,29 @@
const uint8_t *key_buffer, size_t key_buffer_size,
uint8_t *data, size_t data_size, size_t *data_length );
+/**
+ * \brief Generate an ECP key.
+ *
+ * \note The signature of the function is that of a PSA driver generate_key
+ * entry point.
+ *
+ * \param[in] attributes The attributes for the ECP key to generate.
+ * \param[out] key_buffer Buffer where the key data is to be written.
+ * \param[in] key_buffer_size Size of \p key_buffer in bytes.
+ * \param[out] key_buffer_length On success, the number of bytes written in
+ * \p key_buffer.
+ *
+ * \retval #PSA_SUCCESS
+ * The key was successfully generated.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * Key length or type not supported.
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * The size of \p key_buffer is too small.
+ */
+psa_status_t mbedtls_psa_ecp_generate_key(
+ const psa_key_attributes_t *attributes,
+ uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length );
+
/*
* BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
*/
