Added ECDSA sign and verify weak functions
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index a7d018b..a9c265c 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3334,6 +3334,41 @@
}
#endif /* MBEDTLS_ECDSA_C */
+// The weakly linked function "psa_asymmetric_sign_vendor_weak" which returns "PSA_ERROR_NOT_SUPPORTED" will be linked if
+// the vendor does not provide a definition for "psa_asymmetric_sign_vendor"
+psa_status_t psa_asymmetric_sign_vendor( psa_key_handle_t handle,
+ psa_algorithm_t alg,
+ const uint8_t *hash,
+ size_t hash_length,
+ uint8_t *signature,
+ size_t signature_size,
+ size_t *signature_length ) __attribute__ ((weak, alias("psa_asymmetric_sign_vendor_weak")));
+psa_status_t psa_asymmetric_sign_vendor_weak( psa_key_handle_t handle,
+ psa_algorithm_t alg,
+ const uint8_t *hash,
+ size_t hash_length,
+ uint8_t *signature,
+ size_t signature_size,
+ size_t *signature_length );
+psa_status_t psa_asymmetric_sign_vendor_weak( psa_key_handle_t handle,
+ psa_algorithm_t alg,
+ const uint8_t *hash,
+ size_t hash_length,
+ uint8_t *signature,
+ size_t signature_size,
+ size_t *signature_length )
+{
+ (void) handle;
+ (void) alg;
+ (void)hash;
+ (void)hash_length;
+ (void)signature;
+ (void)signature_size;
+ (void)signature_length;
+
+
+ return PSA_ERROR_NOT_SUPPORTED;
+}
psa_status_t psa_asymmetric_sign( psa_key_handle_t handle,
psa_algorithm_t alg,
const uint8_t *hash,
@@ -3378,6 +3413,14 @@
}
else
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+if (PSA_KEY_TYPE_IS_VENDOR_DEFINED(slot->attr.type))
+ {
+ status = psa_asymmetric_sign_vendor(handle,alg,
+ hash, hash_length,
+ signature, signature_size,
+ signature_length );
+ }
+ else
#if defined(MBEDTLS_RSA_C)
if( slot->attr.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
{
@@ -3431,7 +3474,37 @@
* memset because signature may be NULL in this case. */
return( status );
}
+// The weakly linked function "psa_asymmetric_verify_vendor_weak" which returns "PSA_ERROR_NOT_SUPPORTED" will be linked if
+// the vendor does not provide a definition for "psa_asymmetric_verify_vendor"
+psa_status_t psa_asymmetric_verify_vendor( psa_key_handle_t handle,
+ psa_algorithm_t alg,
+ const uint8_t *hash,
+ size_t hash_length,
+ uint8_t *signature,
+ size_t *signature_length ) __attribute__ ((weak, alias("psa_asymmetric_verify_vendor_weak")));
+psa_status_t psa_asymmetric_verify_vendor_weak( psa_key_handle_t handle,
+ psa_algorithm_t alg,
+ const uint8_t *hash,
+ size_t hash_length,
+ uint8_t *signature,
+ size_t *signature_length );
+psa_status_t psa_asymmetric_verify_vendor_weak( psa_key_handle_t handle,
+ psa_algorithm_t alg,
+ const uint8_t *hash,
+ size_t hash_length,
+ uint8_t *signature,
+ size_t *signature_length )
+{
+ (void) handle;
+ (void) alg;
+ (void)hash;
+ (void)hash_length;
+ (void)signature;
+ (void)signature_length;
+
+ return PSA_ERROR_NOT_SUPPORTED;
+}
psa_status_t psa_asymmetric_verify( psa_key_handle_t handle,
psa_algorithm_t alg,
const uint8_t *hash,
@@ -3464,6 +3537,13 @@
}
else
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+if (PSA_KEY_TYPE_IS_VENDOR_DEFINED(slot->attr.type))
+ {
+ status = psa_asymmetric_verify_vendor(handle,alg,
+ hash, hash_length,
+ signature, signature_length );
+ }
+ else
#if defined(MBEDTLS_RSA_C)
if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) )
{
diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h
index 0525cf1..fd09ffb 100644
--- a/library/psa_crypto_core.h
+++ b/library/psa_crypto_core.h
@@ -133,13 +133,39 @@
* \param[in,out] slot The key slot to modify.
* \param mask The mask of bits to clear.
*/
-static inline void psa_key_slot_clear_bits(psa_key_slot_t *slot,
- uint16_t mask)
+static inline void psa_key_slot_clear_bits (psa_key_slot_t * slot, uint16_t mask)
{
slot->attr.flags &= ~mask;
}
/**
+ * \brief Generate a vendor defined key or key pair.
+ *
+ * \note This function has to be defined by the vendor.
+ * A weakly linked version is provided by default and returns
+ * PSA_ERROR_NOT_SUPPORTED. Do not use this function directly;
+ * to generate a key, use psa_generate_key() instead.
+ *
+ * \param[in] slot
+ * \param[in] bits
+ * \param[in] domain_parameters
+ * \param[in] domain_parameters_size
+ *
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * If the key is persistent, the key material and the key's metadata
+ * have been saved to persistent storage.
+ *
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval Implementation dependent.
+ */
+psa_status_t psa_generate_key_vendor(psa_key_slot_t * slot,
+ size_t bits,
+ const uint8_t * domain_parameters,
+ size_t domain_parameters_size);
+
+/**
* \brief Prepare a slot for vendor defined key type.
*
* \warning This function **can** fail! Callers MUST check the return status