Google Git
Sign in
android / platform / external / mbedtls / 5d5e90a61^! / .
commit5d5e90a610ffd78000e056043d2ea9184f060e52[log] [tgz]
authorHanno Becker <hanno.becker@arm.com>Fri Jan 25 16:37:10 2019 +0000
committerHanno Becker <hanno.becker@arm.com>Mon Jan 28 11:41:37 2019 +0000
tree54a6114019dbecda3f8681ee818ed6d5d02b45a4
parent37a8c0c144dbf81516f96af653db8ab67f48b506 [diff]
Adapt ecdsa_verify_wrap() to new EC public key format

Previously, PSA used SubjectPublicKeyInfo structures to serialize EC public keys.
This has recently been changed to using ECPoint structures instead, but the wrapper
making PSA ECDSA verification available through Mbed TLS' PK API hasn't yet been
adapted accordingly - which is what this commit does.

Luckily, Mbed TLS' PK API offers two functions mbedtls_pk_write_pubkey()
and mbedtls_pk_write_pubkey_der(), the latter exporting a SubjectPublicKeyInfo
structure and the former exporting an ECPoint structure in case of EC public
keys. For the adaptation of the ECDSA wrapper ecdsa_verify_wrap() it is therefore
sufficient to use mbedtls_pk_write_pubkey() instead of mbedtls_pk_write_pubkey_der().

diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 7f8abd4..332696d 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c

@@ -553,7 +553,7 @@
     int key_len;
     /* see ECP_PUB_DER_MAX_BYTES in pkwrite.c */
     unsigned char buf[30 + 2 * MBEDTLS_ECP_MAX_BYTES];
-    unsigned char *p = (unsigned char*) sig;
+    unsigned char *p;
     mbedtls_pk_info_t pk_info = mbedtls_eckey_info;
     psa_algorithm_t psa_sig_md, psa_md;
     psa_ecc_curve_t curve = mbedtls_psa_translate_ecc_group(
@@ -567,7 +567,8 @@
      * re-construct one to make it happy */
     key.pk_info = &pk_info;
     key.pk_ctx = ctx;
-    key_len = mbedtls_pk_write_pubkey_der( &key, buf, sizeof( buf ) );
+    p = buf + sizeof( buf );
+    key_len = mbedtls_pk_write_pubkey( &p, buf, &key );
     if( key_len <= 0 )
         return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
 
@@ -603,6 +604,7 @@
         goto cleanup;
     }
 
+    p = (unsigned char*) sig;
     if( ( ret = extract_ecdsa_sig( &p, sig + sig_len, buf,
                                    signature_part_size ) ) != 0 )
     {