pkparse: always check all private keys on import
This allows to remove explicit calls to mbedtls_ecp_check_privkey()
in pkparse.c.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
diff --git a/library/ecp.c b/library/ecp.c
index 086acb3..4e28b73 100644
--- a/library/ecp.c
+++ b/library/ecp.c
@@ -3277,6 +3277,7 @@
ECP_CURVE448_KEY_SIZE * 8 - 1, 1)
);
}
+ MBEDTLS_MPI_CHK(mbedtls_ecp_check_privkey(&key->grp, &key->d));
}
#endif
diff --git a/library/pkparse.c b/library/pkparse.c
index 1091c42..fa0570c 100644
--- a/library/pkparse.c
+++ b/library/pkparse.c
@@ -666,14 +666,6 @@
return ret;
}
- /* When MBEDTLS_PK_USE_PSA_EC_DATA the key is checked while importing it
- * into PSA. */
-#if !defined(MBEDTLS_PK_USE_PSA_EC_DATA)
- if ((ret = mbedtls_ecp_check_privkey(&eck->grp, &eck->d)) != 0) {
- return ret;
- }
-#endif /* !MBEDTLS_PK_USE_PSA_EC_DATA */
-
return 0;
}
#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */
@@ -1310,12 +1302,6 @@
}
}
-#if !defined(MBEDTLS_PK_USE_PSA_EC_DATA)
- if ((ret = mbedtls_ecp_check_privkey(&eck->grp, &eck->d)) != 0) {
- return ret;
- }
-#endif /* !MBEDTLS_PK_USE_PSA_EC_DATA */
-
return 0;
}
#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */