ta: pkcs11: Fix key generation for Ed25519#5574
Conversation
| { | ||
| .attr_id = TEE_ATTR_ECC_CURVE, | ||
| .flags = TEE_TYPE_ATTR_SIZE_INDICATOR | TEE_TYPE_ATTR_GEN_KEY_REQ, | ||
| .flags = TEE_TYPE_ATTR_SIZE_INDICATOR | TEE_TYPE_ATTR_GEN_KEY_OPT, |
There was a problem hiding this comment.
Is it really what we want? See #5573. According to the GP spec (1.3.1) TEE_ATTR_ECC_CURVE is NOT a valid attribute for TEE_TYPE_ED25519_KEYPAIR.
There was a problem hiding this comment.
Agree, there no need for the CURVE attribute.
Previously the key size was deduced based on curve when
in CMD_CREATE_OBJECT.
It is reworked to get key size from PKCS11_CKA_EC_POINT.
How do you think, is it Ok?
Also removed the code for ECC_CURVE attribute.
varder
force-pushed
the
fix_pkcs11_ed25519
branch
from
a28f336 to
b20a2fe
Compare
|
Please squash the fixup, rebase onto master and properly explain what is wrong in commit 03e0743 that you are fixing. |
varder
force-pushed
the
fix_pkcs11_ed25519
branch
2 times, most recently
from
b583028 to
21dda43
Compare
Fixed |
| return 0; | ||
|
|
||
| return ec_params2tee_keysize(a_ptr, a_size); | ||
|
|
There was a problem hiding this comment.
Unnecessary blank lines around case block, here ...
| return 0; | ||
|
|
||
| return a_size * 8; | ||
|
|
etienne-lms
left a comment
etienne-lms
left a comment
There was a problem hiding this comment.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
The ECC curve is not an attribute of an Ed25519 key pair. Remove it from the key generation attribute. Add getting key size by using EC_POINT attribute. Fixes: 03e0743 ("ta: pkcs11: Add Ed25519 support") Signed-off-by: Valerii Chubar <valerii_chubar@epam.com> Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
varder
force-pushed
the
fix_pkcs11_ed25519
branch
from
bbecdcd to
2bc942f
Compare
4 participants
Fix the issues with the key generation in
OP-TEE/optee_test#618