Remove unrequired mpis from sign operation struct
These are only used at the output stage.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 748cb13..78d8702 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3511,9 +3511,6 @@
mbedtls_ecdsa_restart_init(&operation->restart_ctx);
- mbedtls_mpi_init(&operation->r);
- mbedtls_mpi_init(&operation->s);
-
operation->curve_bytes = PSA_BITS_TO_BYTES(
operation->ctx->grp.pbits);
@@ -3547,6 +3544,8 @@
size_t *signature_length)
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ mbedtls_mpi r;
+ mbedtls_mpi s;
#if (defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)) && \
@@ -3556,13 +3555,16 @@
return PSA_ERROR_BUFFER_TOO_SMALL;
}
+ mbedtls_mpi_init(&r);
+ mbedtls_mpi_init(&s);
if (PSA_ALG_ECDSA_IS_DETERMINISTIC(operation->alg)) {
+
#if defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
status = mbedtls_to_psa_error(
mbedtls_ecdsa_sign_det_restartable(&operation->ctx->grp,
- &operation->r,
- &operation->s,
+ &r,
+ &s,
&operation->ctx->d,
operation->hash,
operation->hash_length,
@@ -3577,8 +3579,8 @@
status = mbedtls_to_psa_error(
mbedtls_ecdsa_sign_restartable(&operation->ctx->grp,
- &operation->r,
- &operation->s,
+ &r,
+ &s,
&operation->ctx->d,
operation->hash,
operation->hash_length,
@@ -3593,7 +3595,7 @@
return status;
} else {
status = mbedtls_to_psa_error(
- mbedtls_mpi_write_binary(&operation->r,
+ mbedtls_mpi_write_binary(&r,
signature,
operation->curve_bytes));
@@ -3602,7 +3604,7 @@
}
status = mbedtls_to_psa_error(
- mbedtls_mpi_write_binary(&operation->s,
+ mbedtls_mpi_write_binary(&s,
signature +
operation->curve_bytes,
operation->curve_bytes));
@@ -3645,9 +3647,6 @@
mbedtls_ecdsa_restart_free(&operation->restart_ctx);
- mbedtls_mpi_free(&operation->r);
- mbedtls_mpi_free(&operation->s);
-
return PSA_SUCCESS;
#else