diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index a2604e1f3..cfb4bce58 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -126,16 +126,11 @@ psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, * \param curve A PSA elliptic curve identifier * (`PSA_ECC_FAMILY_xxx`). * \param bits The bit-length of a private key on \p curve. - * \param bits_is_sloppy If true, \p bits may be the bit-length rounded up - * to the nearest multiple of 8. This allows the caller - * to infer the exact curve from the length of a key - * which is supplied as a byte string. * * \return The corresponding Mbed TLS elliptic curve identifier * (`MBEDTLS_ECP_DP_xxx`). - * \return #MBEDTLS_ECP_DP_NONE if \c curve is not recognized. - * \return #MBEDTLS_ECP_DP_NONE if \p bits is not - * correct for \p curve. + * \return #MBEDTLS_ECP_DP_NONE if the combination of \c curve + * and \p bits is not recognized. */ mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t curve, size_t bits); diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c index 866ef7956..3c5aa729b 100644 --- a/library/psa_crypto_ecp.c +++ b/library/psa_crypto_ecp.c @@ -32,13 +32,16 @@ defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) -/* Helper function to verify if the provided EC's family and key bit size are - * valid. */ -static int check_ecc_parameters(psa_ecc_family_t family, size_t bits, int allow_bit_size_roundup) +/* Helper function to verify if the provided EC's family and key bit size are valid. + * + * Note: "bits" parameter is used both as input and output and it might be updated + * in case provided input value is not multiple of 8 ("sloppy" bits). + */ +static int check_ecc_parameters(psa_ecc_family_t family, size_t *bits) { switch (family) { case PSA_ECC_FAMILY_SECP_R1: - switch (bits) { + switch (*bits) { case 192: case 224: case 256: @@ -46,14 +49,13 @@ static int check_ecc_parameters(psa_ecc_family_t family, size_t bits, int allow_ case 521: return PSA_SUCCESS; case 528: - if (allow_bit_size_roundup) { - return PSA_SUCCESS; - } + *bits = 521; + return PSA_SUCCESS; } break; case PSA_ECC_FAMILY_BRAINPOOL_P_R1: - switch (bits) { + switch (*bits) { case 256: case 384: case 512: @@ -62,19 +64,18 @@ static int check_ecc_parameters(psa_ecc_family_t family, size_t bits, int allow_ break; case PSA_ECC_FAMILY_MONTGOMERY: - switch (bits) { + switch (*bits) { case 448: case 255: return PSA_SUCCESS; case 256: - if (allow_bit_size_roundup) { - return PSA_SUCCESS; - } + *bits = 255; + return PSA_SUCCESS; } break; case PSA_ECC_FAMILY_SECP_K1: - switch (bits) { + switch (*bits) { case 192: case 224: case 256: @@ -136,8 +137,7 @@ psa_status_t mbedtls_psa_ecp_load_representation( } mbedtls_ecp_keypair_init(ecp); - status = check_ecc_parameters(PSA_KEY_TYPE_ECC_GET_FAMILY(type), curve_bits, - !explicit_bits); + status = check_ecc_parameters(PSA_KEY_TYPE_ECC_GET_FAMILY(type), &curve_bits); if (status != PSA_SUCCESS) { goto exit; } diff --git a/library/psa_util.c b/library/psa_util.c index abd7a5f6b..28b028552 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -276,7 +276,6 @@ mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t curve, #endif #if defined(PSA_WANT_ECC_SECP_R1_521) case 521: - case 528: return MBEDTLS_ECP_DP_SECP521R1; #endif } @@ -303,7 +302,6 @@ mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t curve, switch (bits) { #if defined(PSA_WANT_ECC_MONTGOMERY_255) case 255: - case 256: return MBEDTLS_ECP_DP_CURVE25519; #endif #if defined(PSA_WANT_ECC_MONTGOMERY_448)