mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-23 02:45:41 +01:00
2acbed387d
In psa_generate_key_internal() for ECC keys, remove the check that the bit-size according to Mbed TLS is equal to the requested bit-size. This check was necessary back when the PSA API encoded curves and key sizes independently, in order to reject combinations such as SECP256R1 with a 512-bit size. Since the curve encoding changed to specifying a curve family and a size separately, the Mbed TLS curve id (grp_id) and the curve data (curve_info) are now determined from the size, and checking that (curve_info->bit_size == bits) is now only a redundant sanity check. This check is actually buggy, because PSA Crypto and Mbed TLS don't have exactly the same notion of key size. PSA thinks Curve25519 is 255-bit and secp224k1 is 225-bit, but Mbed TLS thinks they're 256-bit and 224-bit respectively. Removing the check allows key generation to work for these curves. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com> |
||
|---|---|---|
| .. | ||
| 00README.md | ||
| add_cipher_transparent_driver.txt | ||
| add_sign_verify_keygen_transparent_driver.txt | ||
| add-aes-ecb-to-psa.txt | ||
| adjusting sliding_window_size_PR3592.txt | ||
| bugfix_3524.txt | ||
| bugfix_PR3294.txt | ||
| comment_typo_in_mbedtls_ssl_set_bio.txt | ||
| ecp_curve_list.txt | ||
| fix-typo.txt | ||
| psa_generate_key-curve25519.txt | ||