Use macros for sizes in p256-m driver
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
diff --git a/3rdparty/p256-m/p256-m_driver_entrypoints.c b/3rdparty/p256-m/p256-m_driver_entrypoints.c
index 8c8f85c..0ca5583 100644
--- a/3rdparty/p256-m/p256-m_driver_entrypoints.c
+++ b/3rdparty/p256-m/p256-m_driver_entrypoints.c
@@ -41,7 +41,17 @@
* keys is only 64 bytes; the same as PSA but without the leading byte (0x04).
* Hence, when passing public keys from PSA to p256-m, the leading byte is
* removed.
+ *
+ * Shared secret and signature have the same format between PSA and p256-m.
*/
+#define PSA_PUBKEY_SIZE 65
+#define PSA_PUBKEY_HEADER_BYTE 0x04
+#define P256_PUBKEY_SIZE 64
+#define PRIVKEY_SIZE 32
+#define SHARED_SECRET_SIZE 32
+#define SIGNATURE_SIZE 64
+
+#define CURVE_BITS 256
/* Convert between p256-m and PSA error codes */
static psa_status_t p256_to_psa_error(int ret)
@@ -69,21 +79,21 @@
size_t *bits)
{
/* Check the key size */
- if (*bits != 0 && *bits != 256) {
+ if (*bits != 0 && *bits != CURVE_BITS) {
return PSA_ERROR_NOT_SUPPORTED;
}
/* Validate the key (and its type and size) */
psa_key_type_t type = psa_get_key_type(attributes);
if (type == PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1)) {
- if (data_length != 65) {
+ if (data_length != PSA_PUBKEY_SIZE) {
return *bits == 0 ? PSA_ERROR_NOT_SUPPORTED : PSA_ERROR_INVALID_ARGUMENT;
}
if (p256_validate_pubkey(data + 1) != P256_SUCCESS) {
return PSA_ERROR_INVALID_ARGUMENT;
}
} else if (type == PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)) {
- if (data_length != 32) {
+ if (data_length != PRIVKEY_SIZE) {
return *bits == 0 ? PSA_ERROR_NOT_SUPPORTED : PSA_ERROR_INVALID_ARGUMENT;
}
if (p256_validate_privkey(data) != P256_SUCCESS) {
@@ -92,7 +102,7 @@
} else {
return PSA_ERROR_NOT_SUPPORTED;
}
- *bits = 256;
+ *bits = CURVE_BITS;
/* We only support the export format for input, so just copy. */
if (key_buffer_size < data_length) {
@@ -114,23 +124,23 @@
/* Is this the right curve? */
size_t bits = psa_get_key_bits(attributes);
psa_key_type_t type = psa_get_key_type(attributes);
- if (bits != 256 || type != PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)) {
+ if (bits != CURVE_BITS || type != PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)) {
return PSA_ERROR_NOT_SUPPORTED;
}
/* Validate sizes, as p256-m expects fixed-size buffers */
- if (key_buffer_size != 32) {
+ if (key_buffer_size != PRIVKEY_SIZE) {
return PSA_ERROR_CORRUPTION_DETECTED;
}
- if (data_size < 65) {
+ if (data_size < PSA_PUBKEY_SIZE) {
return PSA_ERROR_BUFFER_TOO_SMALL;
}
/* Output public key in the PSA export format */
- data[0] = 0x04;
+ data[0] = PSA_PUBKEY_HEADER_BYTE;
int ret = p256_public_from_private(data + 1, key_buffer);
if (ret == P256_SUCCESS) {
- *data_length = 65;
+ *data_length = PSA_PUBKEY_SIZE;
}
return p256_to_psa_error(ret);
@@ -147,7 +157,7 @@
(void) attributes;
/* Validate sizes, as p256-m expects fixed-size buffers */
- if (key_buffer_size != 32) {
+ if (key_buffer_size != PRIVKEY_SIZE) {
return PSA_ERROR_BUFFER_TOO_SMALL;
}
@@ -156,11 +166,11 @@
* keys. Allocate a buffer to which the public key will be written. The
* private key will be written to key_buffer, which is passed to this
* function as an argument. */
- uint8_t public_key_buffer[64];
+ uint8_t public_key_buffer[P256_PUBKEY_SIZE];
int ret = p256_gen_keypair(key_buffer, public_key_buffer);
if (ret == P256_SUCCESS) {
- *key_buffer_length = 32;
+ *key_buffer_length = PRIVKEY_SIZE;
}
return p256_to_psa_error(ret);
@@ -184,10 +194,10 @@
(void) alg;
/* Validate sizes, as p256-m expects fixed-size buffers */
- if (key_buffer_size != 32 || peer_key_length != 65) {
+ if (key_buffer_size != PRIVKEY_SIZE || peer_key_length != PSA_PUBKEY_SIZE) {
return PSA_ERROR_INVALID_ARGUMENT;
}
- if (shared_secret_size < 32) {
+ if (shared_secret_size < SHARED_SECRET_SIZE) {
return PSA_ERROR_BUFFER_TOO_SMALL;
}
@@ -196,7 +206,7 @@
* of the file. */
int ret = p256_ecdh_shared_secret(shared_secret, key_buffer, peer_key + 1);
if (ret == P256_SUCCESS) {
- *shared_secret_length = 32;
+ *shared_secret_length = SHARED_SECRET_SIZE;
}
return p256_to_psa_error(ret);
@@ -220,22 +230,22 @@
(void) alg;
/* Validate sizes, as p256-m expects fixed-size buffers */
- if (key_buffer_size != 32) {
+ if (key_buffer_size != PRIVKEY_SIZE) {
return PSA_ERROR_CORRUPTION_DETECTED;
}
- if (signature_size < 64) {
+ if (signature_size < SIGNATURE_SIZE) {
return PSA_ERROR_BUFFER_TOO_SMALL;
}
int ret = p256_ecdsa_sign(signature, key_buffer, hash, hash_length);
if (ret == P256_SUCCESS) {
- *signature_length = 64;
+ *signature_length = SIGNATURE_SIZE;
}
return p256_to_psa_error(ret);
}
-/* This function expects the key buffer to contain a 65 byte public key,
+/* This function expects the key buffer to contain a PSA public key,
* as exported by psa_export_public_key() */
static psa_status_t p256_verify_hash_with_public_key(
const uint8_t *key_buffer,
@@ -246,10 +256,10 @@
size_t signature_length)
{
/* Validate sizes, as p256-m expects fixed-size buffers */
- if (key_buffer_size != 65 || *key_buffer != 0x04) {
+ if (key_buffer_size != PSA_PUBKEY_SIZE || *key_buffer != PSA_PUBKEY_HEADER_BYTE) {
return PSA_ERROR_CORRUPTION_DETECTED;
}
- if (signature_length != 64) {
+ if (signature_length != SIGNATURE_SIZE) {
return PSA_ERROR_INVALID_SIGNATURE;
}
@@ -277,10 +287,10 @@
(void) alg;
psa_status_t status;
- uint8_t public_key_buffer[65];
- size_t public_key_buffer_size = 65;
+ uint8_t public_key_buffer[PSA_PUBKEY_SIZE];
+ size_t public_key_buffer_size = PSA_PUBKEY_SIZE;
- size_t public_key_length = 65;
+ size_t public_key_length = PSA_PUBKEY_SIZE;
/* As p256-m doesn't require dynamic allocation, we want to avoid it in
* the entrypoint functions as well. psa_driver_wrapper_export_public_key()
* requires size_t*, so we use a pointer to a stack variable. */