diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 10b55b8a9..27cc3c4f1 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1503,25 +1503,6 @@ psa_status_t psa_export_key_internal( { psa_key_type_t type = attributes->core.type; -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) - const psa_drv_se_t *drv; - psa_drv_se_context_t *drv_context; -#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) - if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) ) - { - if( ( drv->key_management == NULL ) || - ( drv->key_management->p_export == NULL ) ) - return( PSA_ERROR_NOT_SUPPORTED ); - - return( drv->key_management->p_export( - drv_context, - *( (psa_key_slot_number_t *)key_buffer ), - data, data_size, data_length ) ); - } -#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - if( key_type_is_raw_bytes( type ) || PSA_KEY_TYPE_IS_RSA( type ) || PSA_KEY_TYPE_IS_ECC( type ) ) @@ -1596,25 +1577,6 @@ psa_status_t psa_export_public_key_internal( psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_type_t type = attributes->core.type; -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) - const psa_drv_se_t *drv; - psa_drv_se_context_t *drv_context; -#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) - if( psa_get_se_driver( lifetime, &drv, &drv_context ) ) - { - if( ( drv->key_management == NULL ) || - ( drv->key_management->p_export_public == NULL ) ) - return( PSA_ERROR_NOT_SUPPORTED ); - - return( drv->key_management->p_export_public( - drv_context, - *( (psa_key_slot_number_t *)key_buffer ), - data, data_size, data_length ) ); - } - else -#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ if( PSA_KEY_TYPE_IS_RSA( type ) || PSA_KEY_TYPE_IS_ECC( type ) ) { if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 766cf108a..0cc89fe7f 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -454,6 +454,24 @@ psa_status_t psa_driver_wrapper_export_key( psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime( attributes ) ); + /* Try dynamically-registered SE interface first */ +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + const psa_drv_se_t *drv; + psa_drv_se_context_t *drv_context; + + if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) ) + { + if( ( drv->key_management == NULL ) || + ( drv->key_management->p_export == NULL ) ) + return( PSA_ERROR_NOT_SUPPORTED ); + + return( drv->key_management->p_export( + drv_context, + *( (psa_key_slot_number_t *)key_buffer ), + data, data_size, data_length ) ); + } +#endif /* PSA_CRYPTO_SE_C */ + switch( location ) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -492,6 +510,24 @@ psa_status_t psa_driver_wrapper_export_public_key( psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime( attributes ) ); + /* Try dynamically-registered SE interface first */ +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + const psa_drv_se_t *drv; + psa_drv_se_context_t *drv_context; + + if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) ) + { + if( ( drv->key_management == NULL ) || + ( drv->key_management->p_export_public == NULL ) ) + return( PSA_ERROR_NOT_SUPPORTED ); + + return( drv->key_management->p_export_public( + drv_context, + *( (psa_key_slot_number_t *)key_buffer ), + data, data_size, data_length ) ); + } +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + switch( location ) { case PSA_KEY_LOCATION_LOCAL_STORAGE: