pkwrite: add internal defines for proper key buffer sizes
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
diff --git a/library/pkwrite.c b/library/pkwrite.c
index 30008b9..7a9cfed 100644
--- a/library/pkwrite.c
+++ b/library/pkwrite.c
@@ -39,6 +39,21 @@
#endif
#include "mbedtls/platform.h"
+/* Helpers for properly sizing buffers aimed at holding public keys or
+ * key-pairs based on build symbols. */
+#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
+#define PK_MAX_EC_PUBLIC_KEY_SIZE PSA_EXPORT_PUBLIC_KEY_MAX_SIZE
+#define PK_MAX_EC_KEY_PAIR_SIZE MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH
+#else
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#define PK_MAX_EC_PUBLIC_KEY_SIZE PSA_EXPORT_PUBLIC_KEY_MAX_SIZE
+#define PK_MAX_EC_KEY_PAIR_SIZE MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH
+#else
+#define PK_MAX_EC_PUBLIC_KEY_SIZE MBEDTLS_ECP_MAX_PT_LEN
+#define PK_MAX_EC_KEY_PAIR_SIZE MBEDTLS_ECP_MAX_BYTES
+#endif
+#endif
+
/******************************************************************************
* Internal functions for RSA keys.
******************************************************************************/
@@ -205,7 +220,7 @@
const mbedtls_pk_context *pk)
{
size_t len = 0;
- uint8_t buf[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE];
+ uint8_t buf[PK_MAX_EC_PUBLIC_KEY_SIZE];
if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) {
if (psa_export_public_key(pk->priv_id, buf, sizeof(buf), &len) != PSA_SUCCESS) {
@@ -230,11 +245,7 @@
const mbedtls_pk_context *pk)
{
size_t len = 0;
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- uint8_t buf[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE];
-#else
- unsigned char buf[MBEDTLS_ECP_MAX_PT_LEN];
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
+ unsigned char buf[PK_MAX_EC_PUBLIC_KEY_SIZE];
mbedtls_ecp_keypair *ec = mbedtls_pk_ec(*pk);
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
@@ -276,7 +287,7 @@
{
size_t byte_length;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- unsigned char tmp[MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH];
+ unsigned char tmp[PK_MAX_EC_KEY_PAIR_SIZE];
psa_status_t status;
if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) {
@@ -304,14 +315,10 @@
{
size_t byte_length;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- unsigned char tmp[MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH];
- psa_status_t status;
-#else
- unsigned char tmp[MBEDTLS_ECP_MAX_BYTES];
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
+ unsigned char tmp[PK_MAX_EC_KEY_PAIR_SIZE];
#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_status_t status;
if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) {
status = psa_export_key(pk->priv_id, tmp, sizeof(tmp), &byte_length);
if (status != PSA_SUCCESS) {