From d6ec3035a402094f7fd6a56ec18bcaf7fe464c6f Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Fri, 27 Nov 2020 18:54:57 +0100
Subject: [PATCH] psa: Move ECP key import to psa_crypto_ecp.c

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 library/psa_crypto.c     | 70 ----------------------------------------
 library/psa_crypto_ecp.c | 40 +++++++++++++++++++++++
 library/psa_crypto_ecp.h | 32 ++++++++++++++++++
 3 files changed, 72 insertions(+), 70 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 96d25b3e8..d55599e9e 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -533,76 +533,6 @@ static psa_status_t validate_unstructured_key_bit_size( psa_key_type_t type,
     return( PSA_SUCCESS );
 }
 
-#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
-    defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
-
-/** Import an ECP key in binary format.
- *
- * \note The signature of this function is that of a PSA driver
- *       import_key entry point. This function behaves as an import_key
- *       entry point as defined in the PSA driver interface specification for
- *       transparent drivers.
- *
- * \param[in]  attributes       The attributes for the key to import.
- * \param[in]  data             The buffer containing the key data in import
- *                              format.
- * \param[in]  data_length      Size of the \p data buffer in bytes.
- * \param[out] key_buffer       The buffer containing the key data in output
- *                              format.
- * \param[in]  key_buffer_size  Size of the \p key_buffer buffer in bytes. This
- *                              size is greater or equal to \p data_length.
- * \param[out] key_buffer_length  The length of the data written in \p
- *                                key_buffer in bytes.
- * \param[out] bits             The key size in number of bits.
- *
- * \retval #PSA_SUCCESS  The ECP key was imported successfully.
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         The key data is not correctly formatted.
- * \retval #PSA_ERROR_NOT_SUPPORTED
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- */
-static psa_status_t mbedtls_psa_ecp_import_key(
-    const psa_key_attributes_t *attributes,
-    const uint8_t *data, size_t data_length,
-    uint8_t *key_buffer, size_t key_buffer_size,
-    size_t *key_buffer_length, size_t *bits )
-{
-    psa_status_t status;
-    mbedtls_ecp_keypair *ecp = NULL;
-
-    /* Parse input */
-    status = mbedtls_psa_ecp_load_representation( attributes->core.type,
-                                                  data,
-                                                  data_length,
-                                                  &ecp );
-    if( status != PSA_SUCCESS )
-        goto exit;
-
-    if( PSA_KEY_TYPE_ECC_GET_FAMILY( attributes->core.type ) ==
-        PSA_ECC_FAMILY_MONTGOMERY )
-        *bits = ecp->grp.nbits + 1;
-    else
-        *bits = ecp->grp.nbits;
-
-    /* Re-export the data to PSA export format. There is currently no support
-     * for other input formats then the export format, so this is a 1-1
-     * copy operation. */
-    status = mbedtls_psa_ecp_export_key( attributes->core.type,
-                                         ecp,
-                                         key_buffer,
-                                         key_buffer_size,
-                                         key_buffer_length );
-exit:
-    /* Always free the PK object (will also free contained ECP context) */
-    mbedtls_ecp_keypair_free( ecp );
-    mbedtls_free( ecp );
-
-    return( status );
-}
-#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
-        * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */
-
 /** Return the size of the key in the given slot, in bits.
  *
  * \param[in] slot      A key slot.
diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c
index 265d1ac4d..03ba14dd7 100644
--- a/library/psa_crypto_ecp.c
+++ b/library/psa_crypto_ecp.c
@@ -151,6 +151,46 @@ exit:
 
 #if defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
     defined(BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
+
+psa_status_t mbedtls_psa_ecp_import_key(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *data, size_t data_length,
+    uint8_t *key_buffer, size_t key_buffer_size,
+    size_t *key_buffer_length, size_t *bits )
+{
+    psa_status_t status;
+    mbedtls_ecp_keypair *ecp = NULL;
+
+    /* Parse input */
+    status = mbedtls_psa_ecp_load_representation( attributes->core.type,
+                                                  data,
+                                                  data_length,
+                                                  &ecp );
+    if( status != PSA_SUCCESS )
+        goto exit;
+
+    if( PSA_KEY_TYPE_ECC_GET_FAMILY( attributes->core.type ) ==
+        PSA_ECC_FAMILY_MONTGOMERY )
+        *bits = ecp->grp.nbits + 1;
+    else
+        *bits = ecp->grp.nbits;
+
+    /* Re-export the data to PSA export format. There is currently no support
+     * for other input formats then the export format, so this is a 1-1
+     * copy operation. */
+    status = mbedtls_psa_ecp_export_key( attributes->core.type,
+                                         ecp,
+                                         key_buffer,
+                                         key_buffer_size,
+                                         key_buffer_length );
+exit:
+    /* Always free the PK object (will also free contained ECP context) */
+    mbedtls_ecp_keypair_free( ecp );
+    mbedtls_free( ecp );
+
+    return( status );
+}
+
 psa_status_t mbedtls_psa_ecp_export_key( psa_key_type_t type,
                                          mbedtls_ecp_keypair *ecp,
                                          uint8_t *data,
diff --git a/library/psa_crypto_ecp.h b/library/psa_crypto_ecp.h
index 1083c9bea..c4915b5c0 100644
--- a/library/psa_crypto_ecp.h
+++ b/library/psa_crypto_ecp.h
@@ -39,6 +39,38 @@ psa_status_t mbedtls_psa_ecp_load_representation( psa_key_type_t type,
                                                   size_t data_length,
                                                   mbedtls_ecp_keypair **p_ecp );
 
+/** Import an ECP key in binary format.
+ *
+ * \note The signature of this function is that of a PSA driver
+ *       import_key entry point. This function behaves as an import_key
+ *       entry point as defined in the PSA driver interface specification for
+ *       transparent drivers.
+ *
+ * \param[in]  attributes       The attributes for the key to import.
+ * \param[in]  data             The buffer containing the key data in import
+ *                              format.
+ * \param[in]  data_length      Size of the \p data buffer in bytes.
+ * \param[out] key_buffer       The buffer containing the key data in output
+ *                              format.
+ * \param[in]  key_buffer_size  Size of the \p key_buffer buffer in bytes. This
+ *                              size is greater or equal to \p data_length.
+ * \param[out] key_buffer_length  The length of the data written in \p
+ *                                key_buffer in bytes.
+ * \param[out] bits             The key size in number of bits.
+ *
+ * \retval #PSA_SUCCESS  The ECP key was imported successfully.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         The key data is not correctly formatted.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ */
+psa_status_t mbedtls_psa_ecp_import_key(
+    const psa_key_attributes_t *attributes,
+    const uint8_t *data, size_t data_length,
+    uint8_t *key_buffer, size_t key_buffer_size,
+    size_t *key_buffer_length, size_t *bits );
+
 /** Export an ECP key to export representation
  *
  * \param[in] type          The type of key (public/private) to export