psa: Call export software implementation as a driver
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 2a4369a..10b55b8 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1575,7 +1575,7 @@
psa_key_attributes_t attributes = {
.core = slot->attr
};
- status = psa_export_key_internal( &attributes,
+ status = psa_driver_wrapper_export_key( &attributes,
slot->key.data, slot->key.bytes,
data, data_size, data_length );
@@ -1593,8 +1593,8 @@
size_t data_size,
size_t *data_length )
{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_type_t type = attributes->core.type;
- psa_key_lifetime_t lifetime = attributes->core.lifetime;
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
const psa_drv_se_t *drv;
@@ -1625,16 +1625,6 @@
data, data_size, data_length ) );
}
- /* Need to export the public part of a private key,
- * so conversion is needed. Try the accelerators first. */
- psa_status_t status = psa_driver_wrapper_export_public_key(
- attributes, key_buffer, key_buffer_size,
- data, data_size, data_length );
-
- if( status != PSA_ERROR_NOT_SUPPORTED ||
- psa_key_lifetime_is_external( lifetime ) )
- return( status );
-
if( PSA_KEY_TYPE_IS_RSA( type ) )
{
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
@@ -1740,7 +1730,7 @@
psa_key_attributes_t attributes = {
.core = slot->attr
};
- status = psa_export_public_key_internal(
+ status = psa_driver_wrapper_export_public_key(
&attributes, slot->key.data, slot->key.bytes,
data, data_size, data_length );
diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c
index a58967a..766cf10 100644
--- a/library/psa_crypto_driver_wrappers.c
+++ b/library/psa_crypto_driver_wrappers.c
@@ -444,13 +444,50 @@
#endif /* PSA_CRYPTO_DRIVER_PRESENT */
}
+psa_status_t psa_driver_wrapper_export_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ uint8_t *data, size_t data_size, size_t *data_length )
+
+{
+ psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
+ psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(
+ psa_get_key_lifetime( attributes ) );
+
+ switch( location )
+ {
+ case PSA_KEY_LOCATION_LOCAL_STORAGE:
+ return( psa_export_key_internal( attributes,
+ key_buffer,
+ key_buffer_size,
+ data,
+ data_size,
+ data_length ) );
+
+ /* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
+ return( test_opaque_export_key( attributes,
+ key_buffer,
+ key_buffer_size,
+ data,
+ data_size,
+ data_length ) );
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+ default:
+ /* Key is declared with a lifetime not known to us */
+ return( status );
+ }
+}
+
psa_status_t psa_driver_wrapper_export_public_key(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
uint8_t *data, size_t data_size, size_t *data_length )
{
-#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(
psa_get_key_lifetime( attributes ) );
@@ -460,6 +497,7 @@
case PSA_KEY_LOCATION_LOCAL_STORAGE:
/* Key is stored in the slot in export representation, so
* cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
status = test_transparent_export_public_key( attributes,
key_buffer,
@@ -471,9 +509,17 @@
if( status != PSA_ERROR_NOT_SUPPORTED )
return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
/* Fell through, meaning no accelerator supports this operation */
- return( PSA_ERROR_NOT_SUPPORTED );
+ return( psa_export_public_key_internal( attributes,
+ key_buffer,
+ key_buffer_size,
+ data,
+ data_size,
+ data_length ) );
+
/* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TEST_DRIVER_LIFETIME:
return( test_opaque_export_public_key( attributes,
@@ -483,19 +529,11 @@
data_size,
data_length ) );
#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
default:
/* Key is declared with a lifetime not known to us */
return( status );
}
-#else /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
- (void) attributes;
- (void) key_buffer;
- (void) key_buffer_size;
- (void) data;
- (void) data_size;
- (void) data_length;
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
}
/*
diff --git a/library/psa_crypto_driver_wrappers.h b/library/psa_crypto_driver_wrappers.h
index fb32b8d..27d8b64 100644
--- a/library/psa_crypto_driver_wrappers.h
+++ b/library/psa_crypto_driver_wrappers.h
@@ -53,6 +53,11 @@
uint8_t *key_buffer, size_t key_buffer_size,
size_t *key_buffer_length, size_t *bits );
+psa_status_t psa_driver_wrapper_export_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer, size_t key_buffer_size,
+ uint8_t *data, size_t data_size, size_t *data_length );
+
psa_status_t psa_driver_wrapper_export_public_key(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,