eden-emu/mbedtls
20
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Support partial export from mbedtls_ecp_keypair

Browse source 
Sometimes you don't need to have all the parts of a key pair object. Relax
the behavior of mbedtls_ecp_keypair so that you can extract just the parts
that you need.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2023-06-21 18:24:04 +02:00
parent e6886102ef
commit ba5b5d67aa
3 changed files with 23 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

9
include/mbedtls/ecp.h
View file

@ -1338,13 +1338,16 @@ mbedtls_ecp_group_id mbedtls_ecp_keypair_get_group_id(
/** /**
* \brief This function exports generic key-pair parameters. * \brief This function exports generic key-pair parameters.
* *
* Each of the output parameters can be a null pointer
* if you do not need that parameter.
*
* \param key The key pair to export from. * \param key The key pair to export from.
* \param grp Slot for exported ECP group. * \param grp Slot for exported ECP group.
* It must point to an initialized ECP group. * It must either be null or point to an initialized ECP group.
* \param d Slot for the exported secret value. * \param d Slot for the exported secret value.
* It must point to an initialized mpi. * It must either be null or point to an initialized mpi.
* \param Q Slot for the exported public value. * \param Q Slot for the exported public value.
* It must point to an initialized ECP point. * It must either be null or point to an initialized ECP point.
* *
* \return \c 0 on success, * \return \c 0 on success,
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.

6
library/ecp.c
View file

@ -3371,15 +3371,15 @@ int mbedtls_ecp_export(const mbedtls_ecp_keypair *key, mbedtls_ecp_group *grp,
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
if ((ret = mbedtls_ecp_group_copy(grp, &key->grp)) != 0) { if (grp != NULL && (ret = mbedtls_ecp_group_copy(grp, &key->grp)) != 0) {
return ret; return ret;
} }
if ((ret = mbedtls_mpi_copy(d, &key->d)) != 0) { if (d != NULL && (ret = mbedtls_mpi_copy(d, &key->d)) != 0) {
return ret; return ret;
} }
if ((ret = mbedtls_ecp_copy(Q, &key->Q)) != 0) { if (Q != NULL && (ret = mbedtls_ecp_copy(Q, &key->Q)) != 0) {
return ret; return ret;
} }

14
tests/suites/test_suite_ecp.function
View file

@ -1239,6 +1239,20 @@ void ecp_export(int id, char *Qx, char *Qy, char *d, int expected_ret, int inval
/* Check consistency with the group id */ /* Check consistency with the group id */
TEST_EQUAL(export_grp.id, TEST_EQUAL(export_grp.id,
mbedtls_ecp_keypair_get_group_id(&key)); mbedtls_ecp_keypair_get_group_id(&key));
/* Test null arguments */
mbedtls_ecp_group_free(&export_grp);
mbedtls_mpi_free(&export_d);
mbedtls_ecp_point_free(&export_Q);
mbedtls_ecp_group_init(&export_grp);
mbedtls_mpi_init(&export_d);
mbedtls_ecp_point_init(&export_Q);
TEST_EQUAL(mbedtls_ecp_export(&key, &export_grp, NULL, NULL), 0);
TEST_EQUAL(mbedtls_ecp_group_cmp(&key.grp, &export_grp), 0);
TEST_EQUAL(mbedtls_ecp_export(&key, NULL, &export_d, NULL), 0);
TEST_EQUAL(mbedtls_mpi_cmp_mpi(&key.d, &export_d), 0);
TEST_EQUAL(mbedtls_ecp_export(&key, NULL, NULL, &export_Q), 0);
TEST_EQUAL(mbedtls_ecp_point_cmp(&key.Q, &export_Q), 0);
} }
exit: exit: