psa: remove bits_is_sloppy parameter from mbedtls_ecc_group_from_psa()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
index 5368e04..e1dd822 100644
--- a/include/mbedtls/psa_util.h
+++ b/include/mbedtls/psa_util.h
@@ -144,8 +144,7 @@
* correct for \p curve.
*/
mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t curve,
- size_t bits,
- int bits_is_sloppy);
+ size_t bits);
#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
/**@}*/
diff --git a/library/pk_internal.h b/library/pk_internal.h
index 642a0c7..3d5adf8 100644
--- a/library/pk_internal.h
+++ b/library/pk_internal.h
@@ -98,13 +98,13 @@
}
opaque_key_type = psa_get_key_type(&opaque_attrs);
curve = PSA_KEY_TYPE_ECC_GET_FAMILY(opaque_key_type);
- id = mbedtls_ecc_group_from_psa(curve, psa_get_key_bits(&opaque_attrs), 0);
+ id = mbedtls_ecc_group_from_psa(curve, psa_get_key_bits(&opaque_attrs));
psa_reset_key_attributes(&opaque_attrs);
} else
#endif /* MBEDTLS_USE_PSA_CRYPTO */
{
#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
- id = mbedtls_ecc_group_from_psa(pk->ec_family, pk->ec_bits, 0);
+ id = mbedtls_ecc_group_from_psa(pk->ec_family, pk->ec_bits);
#else /* MBEDTLS_PK_USE_PSA_EC_DATA */
id = mbedtls_pk_ec_ro(*pk)->grp.id;
#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */
diff --git a/library/pkparse.c b/library/pkparse.c
index ef3aff2..5f95545 100644
--- a/library/pkparse.c
+++ b/library/pkparse.c
@@ -250,7 +250,7 @@
mbedtls_ecp_group_id ecp_group_id;
int ret;
- ecp_group_id = mbedtls_ecc_group_from_psa(pk->ec_family, pk->ec_bits, 0);
+ ecp_group_id = mbedtls_ecc_group_from_psa(pk->ec_family, pk->ec_bits);
mbedtls_ecp_keypair_init(&ecp_key);
ret = mbedtls_ecp_group_load(&(ecp_key.grp), ecp_group_id);
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index d393109..850f206 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -5708,7 +5708,7 @@
psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY(
slot->attr.type);
mbedtls_ecp_group_id grp_id =
- mbedtls_ecc_group_from_psa(curve, bits, 0);
+ mbedtls_ecc_group_from_psa(curve, bits);
if (grp_id == MBEDTLS_ECP_DP_NONE) {
ret = MBEDTLS_ERR_ASN1_INVALID_DATA;
diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c
index 3f2ec23..20ef29c 100644
--- a/library/psa_crypto_ecp.c
+++ b/library/psa_crypto_ecp.c
@@ -41,6 +41,7 @@
psa_status_t status;
mbedtls_ecp_keypair *ecp = NULL;
size_t curve_bytes = data_length;
+ size_t curve_bits_check;
int explicit_bits = (curve_bits != 0);
if (PSA_KEY_TYPE_IS_PUBLIC_KEY(type) &&
@@ -84,7 +85,7 @@
/* Load the group. */
grp_id = mbedtls_ecc_group_from_psa(PSA_KEY_TYPE_ECC_GET_FAMILY(type),
- curve_bits, !explicit_bits);
+ curve_bits);
if (grp_id == MBEDTLS_ECP_DP_NONE) {
/* We can't distinguish between a nonsensical family/size combination
* (which would warrant PSA_ERROR_INVALID_ARGUMENT) and a
@@ -96,6 +97,17 @@
goto exit;
}
+ /* Get the exact number of bits which are necessary for this key. This is
+ * used to validate the "curve_bits" input parameter (only in case it was
+ * provided).
+ * Note: we intentionally ignore the return value of mbedtls_ecc_group_to_psa()
+ * because we are only interested in the curve's bit size. */
+ mbedtls_ecc_group_to_psa(grp_id, &curve_bits_check);
+ if (explicit_bits && (curve_bits_check != curve_bits)) {
+ status = PSA_ERROR_NOT_SUPPORTED;
+ goto exit;
+ }
+
status = mbedtls_to_psa_error(
mbedtls_ecp_group_load(&ecp->grp, grp_id));
if (status != PSA_SUCCESS) {
@@ -285,7 +297,7 @@
psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY(
attributes->core.type);
mbedtls_ecp_group_id grp_id =
- mbedtls_ecc_group_from_psa(curve, attributes->core.bits, 0);
+ mbedtls_ecc_group_from_psa(curve, attributes->core.bits);
const mbedtls_ecp_curve_info *curve_info =
mbedtls_ecp_curve_info_from_grp_id(grp_id);
diff --git a/library/psa_util.c b/library/psa_util.c
index f4685db..abd7a5f 100644
--- a/library/psa_util.c
+++ b/library/psa_util.c
@@ -253,8 +253,7 @@
}
mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t curve,
- size_t bits,
- int bits_is_sloppy)
+ size_t bits)
{
switch (curve) {
case PSA_ECC_FAMILY_SECP_R1:
@@ -277,12 +276,8 @@
#endif
#if defined(PSA_WANT_ECC_SECP_R1_521)
case 521:
- return MBEDTLS_ECP_DP_SECP521R1;
case 528:
- if (bits_is_sloppy) {
- return MBEDTLS_ECP_DP_SECP521R1;
- }
- break;
+ return MBEDTLS_ECP_DP_SECP521R1;
#endif
}
break;
@@ -308,12 +303,8 @@
switch (bits) {
#if defined(PSA_WANT_ECC_MONTGOMERY_255)
case 255:
- return MBEDTLS_ECP_DP_CURVE25519;
case 256:
- if (bits_is_sloppy) {
- return MBEDTLS_ECP_DP_CURVE25519;
- }
- break;
+ return MBEDTLS_ECP_DP_CURVE25519;
#endif
#if defined(PSA_WANT_ECC_MONTGOMERY_448)
case 448:
@@ -340,7 +331,6 @@
break;
}
- (void) bits_is_sloppy;
return MBEDTLS_ECP_DP_NONE;
}
#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */