Use helper macro for (deterministic) ECDSA
- centralizes decision making about which version to use when
- avoids nested #ifs in pk_ecc_set_key()
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
diff --git a/library/pk_internal.h b/library/pk_internal.h
index 004660e..9becbec 100644
--- a/library/pk_internal.h
+++ b/library/pk_internal.h
@@ -117,14 +117,19 @@
#endif /* MBEDTLS_ECP_HAVE_CURVE25519 || MBEDTLS_ECP_DP_CURVE448 */
#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */
-#if defined(MBEDTLS_TEST_HOOKS)
+/* Helper for (deterministic) ECDSA */
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
+#define MBEDTLS_PK_PSA_ALG_ECDSA_MAYBE_DET PSA_ALG_DETERMINISTIC_ECDSA
+#else
+#define MBEDTLS_PK_PSA_ALG_ECDSA_MAYBE_DET PSA_ALG_ECDSA
+#endif
+#if defined(MBEDTLS_TEST_HOOKS)
MBEDTLS_STATIC_TESTABLE int mbedtls_pk_parse_key_pkcs8_encrypted_der(
mbedtls_pk_context *pk,
unsigned char *key, size_t keylen,
const unsigned char *pwd, size_t pwdlen,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
-
#endif
#endif /* MBEDTLS_PK_INTERNAL_H */
diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 436876a..53e11d5 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -1037,13 +1037,8 @@
psa_ecc_family_t curve =
mbedtls_ecc_group_to_psa(ctx->grp.id, &curve_bits);
size_t key_len = PSA_BITS_TO_BYTES(curve_bits);
-#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
- psa_algorithm_t psa_sig_md =
- PSA_ALG_DETERMINISTIC_ECDSA(mbedtls_md_psa_alg_from_type(md_alg));
-#else
- psa_algorithm_t psa_sig_md =
- PSA_ALG_ECDSA(mbedtls_md_psa_alg_from_type(md_alg));
-#endif
+ psa_algorithm_t psa_hash = mbedtls_md_psa_alg_from_type(md_alg);
+ psa_algorithm_t psa_sig_md = MBEDTLS_PK_PSA_ALG_ECDSA_MAYBE_DET(psa_hash);
((void) f_rng);
((void) p_rng);
diff --git a/library/pkparse.c b/library/pkparse.c
index 114a563..3f67786 100644
--- a/library/pkparse.c
+++ b/library/pkparse.c
@@ -504,14 +504,11 @@
psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(pk->ec_family));
psa_set_key_algorithm(&attributes, PSA_ALG_ECDH);
psa_key_usage_t flags = PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE;
+ /* Montgomery allows only ECDH, others ECDSA too */
if (pk->ec_family != PSA_ECC_FAMILY_MONTGOMERY) {
flags |= PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE;
-#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
psa_set_key_enrollment_algorithm(&attributes,
- PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH));
-#else
- psa_set_key_enrollment_algorithm(&attributes, PSA_ALG_ECDSA(PSA_ALG_ANY_HASH));
-#endif
+ MBEDTLS_PK_PSA_ALG_ECDSA_MAYBE_DET(PSA_ALG_ANY_HASH));
}
psa_set_key_usage_flags(&attributes, flags);