Add PSA iop export public-key setup API
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
diff --git a/tf-psa-crypto/core/psa_crypto.c b/tf-psa-crypto/core/psa_crypto.c
index 9fd908d..310dab8 100644
--- a/tf-psa-crypto/core/psa_crypto.c
+++ b/tf-psa-crypto/core/psa_crypto.c
@@ -1689,12 +1689,62 @@
}
psa_status_t psa_export_public_key_iop_setup(psa_export_public_key_iop_t *operation,
- psa_key_id_t key)
+ mbedtls_svc_key_id_t key)
{
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
+ size_t key_size = 0;
+ psa_key_attributes_t private_key_attributes;
+ psa_key_type_t private_key_type;
+ psa_key_slot_t *slot = NULL;
+
+ if (operation->id != 0 || operation->error_occurred) {
+ return PSA_ERROR_BAD_STATE;
+ }
+
+ /* We only support the builtin/Mbed TLS driver for now. */
+ operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
+
+ status = psa_get_and_lock_transparent_key_slot_with_policy(key, &slot,
+ 0,
+ 0);
+ if (status != PSA_SUCCESS) {
+ goto exit;
+ }
+
+ private_key_attributes = slot->attr;
+ if (status != PSA_SUCCESS) {
+ goto exit;
+ }
+
+ private_key_type = psa_get_key_type(&private_key_attributes);
+ if (!PSA_KEY_TYPE_IS_ECC_KEY_PAIR(private_key_type)) {
+ goto exit;
+ }
+
+ key_size = PSA_EXPORT_KEY_OUTPUT_SIZE(private_key_type,
+ psa_get_key_bits(&private_key_attributes));
+ if (key_size == 0) {
+ goto exit;
+ }
+
+ status = mbedtls_psa_ecp_export_public_key_iop_setup(&operation->ctx, slot->key.data,
+ slot->key.bytes, &private_key_attributes);
+
+exit:
+ unlock_status = psa_unregister_read_under_mutex(slot);
+ if (status != PSA_SUCCESS) {
+ psa_export_public_key_iop_abort_internal(operation);
+ operation->error_occurred = 1;
+ return status;
+ }
+ return unlock_status;
+#else
(void) operation;
(void) key;
-
return PSA_ERROR_NOT_SUPPORTED;
+#endif
}
psa_status_t psa_export_public_key_iop_complete(psa_export_public_key_iop_t *operation,