From c9b7f78647b709a2a8a671b67e841b70f54ec870 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Thu, 11 Jun 2020 17:00:36 +0200 Subject: [PATCH] Rework mbedtls_ecp_write_key to remove unnecessary output parameter Signed-off-by: Steven Cooreman --- include/mbedtls/ecp.h | 10 +++++----- library/ecp.c | 5 +---- library/pkwrite.c | 3 +-- library/psa_crypto.c | 3 +-- tests/suites/test_suite_ecp.function | 25 ++++++------------------- 5 files changed, 14 insertions(+), 32 deletions(-) diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index 9248fd377..2526273fb 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -1152,20 +1152,20 @@ int mbedtls_ecp_read_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, * * \param grp_id The ECP group identifier. * \param key The private key. - * \param olen The amount of bytes written into the output buffer. - * \param buf The output buffer containing the binary representation of - * the key. (Big endian integer for Weierstrass curves, byte + * \param buf The output buffer for containing the binary representation + * of the key. (Big endian integer for Weierstrass curves, byte * string for Montgomery curves.) * \param buflen The total length of the buffer in bytes. * * \return \c 0 on success. - * \return #MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL if key is larger than buffer. + * \return #MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL if the \p key + representation is larger than the available space in \p buf. * \return #MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if the operation for * the group is not implemented. * \return Another negative error code on different kinds of failure. */ int mbedtls_ecp_write_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, - size_t *olen, unsigned char *buf, size_t buflen ); + unsigned char *buf, size_t buflen ); /** * \brief This function checks that the keypair objects diff --git a/library/ecp.c b/library/ecp.c index 0aa61f170..94c796049 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -3000,13 +3000,12 @@ cleanup: * Write a private key. */ int mbedtls_ecp_write_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, - size_t *olen, unsigned char *buf, size_t buflen ) + unsigned char *buf, size_t buflen ) { int ret = 0; ECP_VALIDATE_RET( key != NULL ); ECP_VALIDATE_RET( buf != NULL ); - ECP_VALIDATE_RET( olen != NULL ); if( ( ret = mbedtls_ecp_group_load( &key->grp, grp_id ) ) != 0 ) return( ret ); @@ -3022,7 +3021,6 @@ int mbedtls_ecp_write_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary_le( &key->d, buf, buflen ) ); - *olen = ECP_CURVE25519_KEY_SIZE; } else ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; @@ -3033,7 +3031,6 @@ int mbedtls_ecp_write_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key if( mbedtls_ecp_get_type( &key->grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS ) { MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &key->d, buf, buflen ) ); - *olen = mbedtls_mpi_size( &key->d ); } #endif diff --git a/library/pkwrite.c b/library/pkwrite.c index 914b33ff4..4288cd769 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -166,10 +166,9 @@ static int pk_write_ec_private( unsigned char **p, unsigned char *start, { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t byte_length = ( ec->grp.pbits + 7 ) / 8; - size_t output_length; unsigned char tmp[MBEDTLS_ECP_MAX_BYTES]; - ret = mbedtls_ecp_write_key( ec->grp.id, ec, &output_length, tmp, byte_length ); + ret = mbedtls_ecp_write_key( ec->grp.id, ec, tmp, byte_length ); if( ret != 0 ) goto exit; ret = mbedtls_asn1_write_octet_string( p, start, tmp, byte_length ); diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 1151d17f7..a620d3085 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1321,14 +1321,13 @@ static psa_status_t psa_internal_export_key( const psa_key_slot_t *slot, if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( slot->attr.type ) && !export_public_key ) { psa_status_t status; - size_t actual_data_size; size_t bytes = PSA_BITS_TO_BYTES( slot->attr.bits ); if( bytes > data_size ) return( PSA_ERROR_BUFFER_TOO_SMALL ); status = mbedtls_to_psa_error( mbedtls_ecp_write_key(slot->data.ecp->grp.id, slot->data.ecp, - &actual_data_size, data, bytes) ); + data, bytes) ); if( status != PSA_SUCCESS ) return( status ); memset( data + bytes, 0, data_size - bytes ); diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index 1a464ec6e..d014e8a7d 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -1089,42 +1089,29 @@ void mbedtls_ecp_read_key( int grp_id, data_t* in_key, int expected, int canonic if( canonical ) { unsigned char buf[MBEDTLS_ECP_MAX_BYTES]; - size_t olen; - ret = mbedtls_ecp_write_key( grp_id, &key, &olen, buf, in_key->len ); + ret = mbedtls_ecp_write_key( grp_id, &key, buf, in_key->len ); TEST_ASSERT( ret == 0 ); - TEST_ASSERT( olen == in_key->len ); - - mbedtls_fprintf( stdout, "written key: "); - for( size_t i = 0; i < in_key->len; i++ ) { - mbedtls_fprintf( stdout, "%02x", buf[i]); - } - mbedtls_fprintf( stdout, "\n"); ASSERT_COMPARE( in_key->x, in_key->len, - buf, olen ); + buf, in_key->len ); } else { unsigned char export1[MBEDTLS_ECP_MAX_BYTES]; - size_t olen1; - unsigned char export2[MBEDTLS_ECP_MAX_BYTES]; - size_t olen2; - ret = mbedtls_ecp_write_key( grp_id, &key, &olen1, export1, in_key->len ); + ret = mbedtls_ecp_write_key( grp_id, &key, export1, in_key->len ); TEST_ASSERT( ret == 0 ); ret = mbedtls_ecp_read_key( grp_id, &key2, export1, in_key->len ); TEST_ASSERT( ret == expected ); - ret = mbedtls_ecp_write_key( grp_id, &key2, &olen2, export2, in_key->len ); + ret = mbedtls_ecp_write_key( grp_id, &key2, export2, in_key->len ); TEST_ASSERT( ret == 0 ); - TEST_ASSERT( olen2 == olen1 ); - - ASSERT_COMPARE( export1, olen1, - export2, olen2 ); + ASSERT_COMPARE( export1, in_key->len, + export2, in_key->len ); } }