Merge pull request #3547 from ronald-cron-arm/psa-openless
Openless PSA crypto APIs implementation
diff --git a/ChangeLog.d/psa-openless.txt b/ChangeLog.d/psa-openless.txt
new file mode 100644
index 0000000..2e40cdf
--- /dev/null
+++ b/ChangeLog.d/psa-openless.txt
@@ -0,0 +1,17 @@
+Features
+ * In the PSA API, it is no longer necessary to open persistent keys:
+ operations now accept the key identifier. The type psa_key_handle_t is now
+ identical to psa_key_id_t instead of being platform-defined. This bridges
+ the last major gap to compliance with the PSA Cryptography specification
+ version 1.0.0. Opening persistent keys is still supported for backward
+ compatibility, but will be deprecated and later removed in future
+ releases.
+
+Bugfix
+ * psa_set_key_id() now also sets the lifetime to persistent for keys located
+ in a secure element.
+ * Attempting to create a volatile key with a non-zero key identifier now
+ fails. Previously the key identifier was just ignored when creating a
+ volatile key.
+ * Attempting to create or register a key with a key identifier in the vendor
+ range now fails.
diff --git a/README.md b/README.md
index 2058d24..ac2a6ab 100644
--- a/README.md
+++ b/README.md
@@ -208,7 +208,7 @@
* The API distinguishes caller memory from internal memory, which allows the library to be implemented in an isolated space for additional security. Library calls can be implemented as direct function calls if isolation is not desired, and as remote procedure calls if isolation is desired.
* The structure of internal data is hidden to the application, which allows substituting alternative implementations at build time or run time, for example, in order to take advantage of hardware accelerators.
-* All access to the keys happens through handles, which allows support for external cryptoprocessors that is transparent to applications.
+* All access to the keys happens through key identifiers, which allows support for external cryptoprocessors that is transparent to applications.
* The interface to algorithms is generic, favoring algorithm agility.
* The interface is designed to be easy to use and hard to accidentally misuse.
diff --git a/docs/architecture/testing/invasive-testing.md b/docs/architecture/testing/invasive-testing.md
index 744f194..de611a5 100644
--- a/docs/architecture/testing/invasive-testing.md
+++ b/docs/architecture/testing/invasive-testing.md
@@ -100,7 +100,7 @@
* Memory.
* Files in storage (PSA API only — in the Mbed TLS API, black-box unit tests are sufficient).
-* Key handles (PSA API only).
+* Key slots (PSA API only).
* Key slots in a secure element (PSA SE HAL).
* Communication handles (PSA crypto service only).
@@ -116,7 +116,7 @@
* Zeroization of confidential data after use.
* Freeing memory.
-* Closing key handles.
+* Freeing key slots.
* Freeing key slots in a secure element.
* Deleting files in storage (PSA API only).
diff --git a/docs/getting_started.md b/docs/getting_started.md
index e274f49..15d5a31 100644
--- a/docs/getting_started.md
+++ b/docs/getting_started.md
@@ -64,7 +64,7 @@
### Importing a key
To use a key for cryptography operations in Mbed Crypto, you need to first
-import it. Importing the key creates a handle that refers to the key for use
+import it. The import operation returns the identifier of the key for use
with other function calls.
**Prerequisites to importing keys:**
@@ -76,7 +76,7 @@
{
psa_status_t status;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t handle;
+ psa_key_id_t key;
printf("Import an AES key...\t");
fflush(stdout);
@@ -95,7 +95,7 @@
psa_set_key_bits(&attributes, 128);
/* Import the key */
- status = psa_import_key(&attributes, key, key_len, &handle);
+ status = psa_import_key(&attributes, key, key_len, &key);
if (status != PSA_SUCCESS) {
printf("Failed to import key\n");
return;
@@ -106,7 +106,7 @@
psa_reset_key_attributes(&attributes);
/* Destroy the key */
- psa_destroy_key(handle);
+ psa_destroy_key(key);
mbedtls_psa_crypto_free();
}
@@ -135,7 +135,7 @@
0xa9, 0xe8, 0xcc, 0xac, 0xd0, 0xf6, 0x54, 0x5c};
uint8_t signature[PSA_SIGNATURE_MAX_SIZE] = {0};
size_t signature_length;
- psa_key_handle_t handle;
+ psa_key_id_t key;
printf("Sign a message...\t");
fflush(stdout);
@@ -154,14 +154,14 @@
psa_set_key_bits(&attributes, 1024);
/* Import the key */
- status = psa_import_key(&attributes, key, key_len, &handle);
+ status = psa_import_key(&attributes, key, key_len, &key);
if (status != PSA_SUCCESS) {
printf("Failed to import key\n");
return;
}
/* Sign message using the key */
- status = psa_sign_hash(handle, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ status = psa_sign_hash(key, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
hash, sizeof(hash),
signature, sizeof(signature),
&signature_length);
@@ -176,7 +176,7 @@
psa_reset_key_attributes(&attributes);
/* Destroy the key */
- psa_destroy_key(handle);
+ psa_destroy_key(key);
mbedtls_psa_crypto_free();
}
@@ -188,7 +188,7 @@
**Prerequisites to working with the symmetric cipher API:**
* Initialize the library with a successful call to `psa_crypto_init()`.
-* Have a handle to a symmetric key. This key's usage flags must include `PSA_KEY_USAGE_ENCRYPT` to allow encryption or `PSA_KEY_USAGE_DECRYPT` to allow decryption.
+* Have a symmetric key. This key's usage flags must include `PSA_KEY_USAGE_ENCRYPT` to allow encryption or `PSA_KEY_USAGE_DECRYPT` to allow decryption.
**To encrypt a message with a symmetric cipher:**
1. Allocate an operation (`psa_cipher_operation_t`) structure to pass to the cipher functions.
@@ -213,7 +213,7 @@
size_t iv_len;
uint8_t output[block_size];
size_t output_len;
- psa_key_handle_t handle;
+ psa_key_id_t key;
psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
printf("Encrypt with cipher...\t");
@@ -232,7 +232,7 @@
psa_set_key_algorithm(&attributes, alg);
psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
psa_set_key_bits(&attributes, 128);
- status = psa_import_key(&attributes, key, key_len, &handle);
+ status = psa_import_key(&attributes, key, key_len, &key);
if (status != PSA_SUCCESS) {
printf("Failed to import a key\n");
return;
@@ -240,7 +240,7 @@
psa_reset_key_attributes(&attributes);
/* Encrypt the plaintext */
- status = psa_cipher_encrypt_setup(&operation, handle, alg);
+ status = psa_cipher_encrypt_setup(&operation, key, alg);
if (status != PSA_SUCCESS) {
printf("Failed to begin cipher operation\n");
return;
@@ -268,7 +268,7 @@
psa_cipher_abort(&operation);
/* Destroy the key */
- psa_destroy_key(handle);
+ psa_destroy_key(key);
mbedtls_psa_crypto_free();
}
@@ -298,7 +298,7 @@
uint8_t iv[block_size] = ENCRYPTED_WITH_IV;
uint8_t output[block_size];
size_t output_len;
- psa_key_handle_t handle;
+ psa_key_id_t key;
printf("Decrypt with cipher...\t");
fflush(stdout);
@@ -316,7 +316,7 @@
psa_set_key_algorithm(&attributes, alg);
psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
psa_set_key_bits(&attributes, 128);
- status = psa_import_key(&attributes, key, key_len, &handle);
+ status = psa_import_key(&attributes, key, key_len, &key);
if (status != PSA_SUCCESS) {
printf("Failed to import a key\n");
return;
@@ -324,7 +324,7 @@
psa_reset_key_attributes(&attributes);
/* Decrypt the ciphertext */
- status = psa_cipher_decrypt_setup(&operation, handle, alg);
+ status = psa_cipher_decrypt_setup(&operation, key, alg);
if (status != PSA_SUCCESS) {
printf("Failed to begin cipher operation\n");
return;
@@ -352,7 +352,7 @@
psa_cipher_abort(&operation);
/* Destroy the key */
- psa_destroy_key(handle);
+ psa_destroy_key(key);
mbedtls_psa_crypto_free();
}
@@ -592,8 +592,8 @@
PSA_KEY_DERIVATION_OPERATION_INIT;
size_t derived_bits = 128;
size_t capacity = PSA_BITS_TO_BYTES(derived_bits);
- psa_key_handle_t base_key;
- psa_key_handle_t derived_key;
+ psa_key_id_t base_key;
+ psa_key_id_t derived_key;
printf("Derive a key (HKDF)...\t");
fflush(stdout);
@@ -702,7 +702,7 @@
size_t output_length = 0;
size_t tag_length = 16;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t handle;
+ psa_key_id_t key;
printf("Authenticate encrypt...\t");
fflush(stdout);
@@ -726,11 +726,11 @@
psa_set_key_algorithm(&attributes, PSA_ALG_CCM);
psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
psa_set_key_bits(&attributes, 128);
- status = psa_import_key(&attributes, key, sizeof(key), &handle);
+ status = psa_import_key(&attributes, key, sizeof(key), &key);
psa_reset_key_attributes(&attributes);
/* Authenticate and encrypt */
- status = psa_aead_encrypt(handle, PSA_ALG_CCM,
+ status = psa_aead_encrypt(key, PSA_ALG_CCM,
nonce, sizeof(nonce),
additional_data, sizeof(additional_data),
input_data, sizeof(input_data),
@@ -747,7 +747,7 @@
free(output_data);
/* Destroy the key */
- psa_destroy_key(handle);
+ psa_destroy_key(key);
mbedtls_psa_crypto_free();
```
@@ -756,7 +756,7 @@
```C
psa_status_t status;
- static const uint8_t key[] = {
+ static const uint8_t key_data[] = {
0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7,
0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF };
static const uint8_t nonce[] = {
@@ -773,7 +773,7 @@
size_t output_size = 0;
size_t output_length = 0;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t handle;
+ psa_key_id_t key;
printf("Authenticate decrypt...\t");
fflush(stdout);
@@ -797,7 +797,7 @@
psa_set_key_algorithm(&attributes, PSA_ALG_CCM);
psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
psa_set_key_bits(&attributes, 128);
- status = psa_import_key(&attributes, key, sizeof(key), &handle);
+ status = psa_import_key(&attributes, key_data, sizeof(key_data), &key);
if (status != PSA_SUCCESS) {
printf("Failed to import a key\n");
return;
@@ -805,7 +805,7 @@
psa_reset_key_attributes(&attributes);
/* Authenticate and decrypt */
- status = psa_aead_decrypt(handle, PSA_ALG_CCM,
+ status = psa_aead_decrypt(key, PSA_ALG_CCM,
nonce, sizeof(nonce),
additional_data, sizeof(additional_data),
input_data, sizeof(input_data),
@@ -822,7 +822,7 @@
free(output_data);
/* Destroy the key */
- psa_destroy_key(handle);
+ psa_destroy_key(key);
mbedtls_psa_crypto_free();
```
@@ -848,7 +848,7 @@
size_t exported_length = 0;
static uint8_t exported[PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits)];
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t handle;
+ psa_key_id_t key;
printf("Generate a key pair...\t");
fflush(stdout);
@@ -867,14 +867,14 @@
psa_set_key_type(&attributes,
PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1));
psa_set_key_bits(&attributes, key_bits);
- status = psa_generate_key(&attributes, &handle);
+ status = psa_generate_key(&attributes, &key);
if (status != PSA_SUCCESS) {
printf("Failed to generate key\n");
return;
}
psa_reset_key_attributes(&attributes);
- status = psa_export_public_key(handle, exported, sizeof(exported),
+ status = psa_export_public_key(key, exported, sizeof(exported),
&exported_length);
if (status != PSA_SUCCESS) {
printf("Failed to export public key %ld\n", status);
@@ -884,7 +884,7 @@
printf("Exported a public key\n");
/* Destroy the key */
- psa_destroy_key(handle);
+ psa_destroy_key(key);
mbedtls_psa_crypto_free();
```
diff --git a/docs/proposed/psa-driver-developer-guide.md b/docs/proposed/psa-driver-developer-guide.md
index c221bb2..70cb9d3 100644
--- a/docs/proposed/psa-driver-developer-guide.md
+++ b/docs/proposed/psa-driver-developer-guide.md
@@ -36,10 +36,6 @@
Mbed TLS calls driver entry points [as specified in the PSA Cryptography Driver Interface specification](psa-driver-interface.html#driver-entry-points) except as otherwise indicated in this section.
-### Key handles
-
-Mbed TLS currently implements the interface for opening and closing persistent keys from version 1.0 beta 3 of the PSA Crypto specification. As a consequence, functions that operate on an existing key take an argument of type `psa_key_handle_t` instead of `psa_key_id_t`. Functions that create a new key take an argument of type `psa_key_handle_t *` instead of `psa_key_id_t *`.
-
## Building and testing your driver
<!-- TODO -->
diff --git a/docs/proposed/psa-driver-interface.md b/docs/proposed/psa-driver-interface.md
index 56e2b29..5ec3134 100644
--- a/docs/proposed/psa-driver-interface.md
+++ b/docs/proposed/psa-driver-interface.md
@@ -580,8 +580,8 @@
psa_set_key_size(&attributes, 128);
psa_set_key_algorithm(&attributes, PSA_ALG_GCM);
psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT);
-psa_key_handle_t handle = 0;
-psa_generate_key(&attributes, &handle);
+psa_key_id_t key;
+psa_generate_key(&attributes, &key);
```
## Using opaque drivers from an application
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index fd979db..1ebb706 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -609,6 +609,11 @@
#error "MBEDTLS_PSA_ITS_FILE_C defined, but not all prerequisites"
#endif
+#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) && \
+ defined(MBEDTLS_USE_PSA_CRYPTO)
+#error "MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER defined, but it cannot coexist with MBEDTLS_USE_PSA_CRYPTO."
+#endif
+
#if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_BIGNUM_C) || \
!defined(MBEDTLS_OID_C) )
#error "MBEDTLS_RSA_C defined, but not all prerequisites"
diff --git a/include/mbedtls/cipher_internal.h b/include/mbedtls/cipher_internal.h
index d283108..2484c01 100644
--- a/include/mbedtls/cipher_internal.h
+++ b/include/mbedtls/cipher_internal.h
@@ -134,7 +134,7 @@
typedef struct
{
psa_algorithm_t alg;
- psa_key_handle_t slot;
+ psa_key_id_t slot;
mbedtls_cipher_psa_key_ownership slot_state;
} mbedtls_cipher_context_psa;
#endif /* MBEDTLS_USE_PSA_CRYPTO */
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 98f88ae..464b61e 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -1266,7 +1266,7 @@
* which is currently hard-coded to be int32_t.
*
* Note that this option is meant for internal use only and may be removed
- * without notice.
+ * without notice. It is incompatible with MBEDTLS_USE_PSA_CRYPTO.
*/
//#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h
index 22fab13..7d0f977 100644
--- a/include/mbedtls/pk.h
+++ b/include/mbedtls/pk.h
@@ -331,12 +331,13 @@
*
* \return \c 0 on success.
* \return #MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input
- * (context already used, invalid key handle).
+ * (context already used, invalid key identifier).
* \return #MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE if the key is not an
* ECC key pair.
* \return #MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure.
*/
-int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, const psa_key_handle_t key );
+int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx,
+ const psa_key_id_t key );
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
@@ -858,9 +859,9 @@
*
* \param pk Input: the EC key to import to a PSA key.
* Output: a PK context wrapping that PSA key.
- * \param handle Output: a PSA key handle.
+ * \param key Output: a PSA key identifier.
* It's the caller's responsibility to call
- * psa_destroy_key() on that handle after calling
+ * psa_destroy_key() on that key identifier after calling
* mbedtls_pk_free() on the PK context.
* \param hash_alg The hash algorithm to allow for use with that key.
*
@@ -868,7 +869,7 @@
* \return An Mbed TLS error code otherwise.
*/
int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk,
- psa_key_handle_t *handle,
+ psa_key_id_t *key,
psa_algorithm_t hash_alg );
#endif /* MBEDTLS_USE_PSA_CRYPTO */
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 03c5877..7815ad9 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1068,11 +1068,12 @@
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_USE_PSA_CRYPTO)
- psa_key_handle_t psk_opaque; /*!< PSA key slot holding opaque PSK.
- * This field should only be set via
- * mbedtls_ssl_conf_psk_opaque().
- * If either no PSK or a raw PSK have
- * been configured, this has value \c 0. */
+ psa_key_id_t psk_opaque; /*!< PSA key slot holding opaque PSK. This field
+ * should only be set via
+ * mbedtls_ssl_conf_psk_opaque().
+ * If either no PSK or a raw PSK have been
+ * configured, this has value \c 0.
+ */
#endif /* MBEDTLS_USE_PSA_CRYPTO */
unsigned char *psk; /*!< The raw pre-shared key. This field should
@@ -2819,7 +2820,7 @@
* \return An \c MBEDTLS_ERR_SSL_XXX error code on failure.
*/
int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf,
- psa_key_handle_t psk,
+ psa_key_id_t psk,
const unsigned char *psk_identity,
size_t psk_identity_len );
#endif /* MBEDTLS_USE_PSA_CRYPTO */
@@ -2865,7 +2866,7 @@
* \return An \c MBEDTLS_ERR_SSL_XXX error code on failure.
*/
int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl,
- psa_key_handle_t psk );
+ psa_key_id_t psk );
#endif /* MBEDTLS_USE_PSA_CRYPTO */
/**
diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index f41d194..577c959 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@@ -448,7 +448,7 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_key_type_t ecdh_psa_type;
uint16_t ecdh_bits;
- psa_key_handle_t ecdh_psa_privkey;
+ psa_key_id_t ecdh_psa_privkey;
unsigned char ecdh_psa_peerkey[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH];
size_t ecdh_psa_peerkey_len;
#endif /* MBEDTLS_USE_PSA_CRYPTO */
@@ -467,7 +467,7 @@
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_USE_PSA_CRYPTO)
- psa_key_handle_t psk_opaque; /*!< Opaque PSK from the callback */
+ psa_key_id_t psk_opaque; /*!< Opaque PSK from the callback */
#endif /* MBEDTLS_USE_PSA_CRYPTO */
unsigned char *psk; /*!< PSK from the callback */
size_t psk_len; /*!< Length of PSK from callback */
@@ -1066,16 +1066,16 @@
* 2. static PSK configured by \c mbedtls_ssl_conf_psk_opaque()
* Return an opaque PSK
*/
-static inline psa_key_handle_t mbedtls_ssl_get_opaque_psk(
+static inline psa_key_id_t mbedtls_ssl_get_opaque_psk(
const mbedtls_ssl_context *ssl )
{
- if( ssl->handshake->psk_opaque != 0 )
+ if( ! mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) )
return( ssl->handshake->psk_opaque );
- if( ssl->conf->psk_opaque != 0 )
+ if( ! mbedtls_svc_key_id_is_null( ssl->conf->psk_opaque ) )
return( ssl->conf->psk_opaque );
- return( 0 );
+ return( MBEDTLS_SVC_KEY_ID_INIT );
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 5ba16b9..b41a20b 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -36,16 +36,6 @@
* @{
*/
-/** \brief Key handle.
- *
- * This type represents open handles to keys. It must be an unsigned integral
- * type. The choice of type is implementation-dependent.
- *
- * 0 is not a valid key handle. How other handle values are assigned is
- * implementation-dependent.
- */
-typedef _unsigned_integral_type_ psa_key_handle_t;
-
/**@}*/
#endif /* __DOXYGEN_ONLY__ */
@@ -152,6 +142,25 @@
static void psa_set_key_id( psa_key_attributes_t *attributes,
mbedtls_svc_key_id_t key );
+#ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
+/** Set the owner identifier of a key.
+ *
+ * When key identifiers encode key owner identifiers, psa_set_key_id() does
+ * not allow to define in key attributes the owner of volatile keys as
+ * psa_set_key_id() enforces the key to be persistent.
+ *
+ * This function allows to set in key attributes the owner identifier of a
+ * key. It is intended to be used for volatile keys. For persistent keys,
+ * it is recommended to use the PSA Cryptography API psa_set_key_id() to define
+ * the owner of a key.
+ *
+ * \param[out] attributes The attribute structure to write to.
+ * \param owner_id The key owner identifier.
+ */
+static void mbedtls_set_key_owner_id( psa_key_attributes_t *attributes,
+ mbedtls_key_owner_id_t owner_id );
+#endif
+
/** Set the location of a persistent key.
*
* To make a key persistent, you must give it a persistent key identifier
@@ -348,7 +357,7 @@
* Once you have called this function on an attribute structure,
* you must call psa_reset_key_attributes() to free these resources.
*
- * \param[in] handle Handle to the key to query.
+ * \param[in] key Identifier of the key to query.
* \param[in,out] attributes On success, the attributes of the key.
* On failure, equivalent to a
* freshly-initialized structure.
@@ -364,7 +373,7 @@
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
-psa_status_t psa_get_key_attributes(psa_key_handle_t handle,
+psa_status_t psa_get_key_attributes(mbedtls_svc_key_id_t key,
psa_key_attributes_t *attributes);
/** Reset a key attribute structure to a freshly initialized state.
@@ -387,93 +396,28 @@
* @{
*/
-/** Open a handle to an existing persistent key.
+/** Remove non-essential copies of key material from memory.
*
- * Open a handle to a persistent key. A key is persistent if it was created
- * with a lifetime other than #PSA_KEY_LIFETIME_VOLATILE. A persistent key
- * always has a nonzero key identifier, set with psa_set_key_id() when
- * creating the key. Implementations may provide additional pre-provisioned
- * keys that can be opened with psa_open_key(). Such keys have an application
- * key identifier in the vendor range, as documented in the description of
- * #psa_key_id_t.
+ * If the key identifier designates a volatile key, this functions does not do
+ * anything and returns successfully.
*
- * The application must eventually close the handle with psa_close_key() or
- * psa_destroy_key() to release associated resources. If the application dies
- * without calling one of these functions, the implementation should perform
- * the equivalent of a call to psa_close_key().
+ * If the key identifier designates a persistent key, then this function will
+ * free all resources associated with the key in volatile memory. The key
+ * data in persistent storage is not affected and the key can still be used.
*
- * Some implementations permit an application to open the same key multiple
- * times. If this is successful, each call to psa_open_key() will return a
- * different key handle.
- *
- * \note Applications that rely on opening a key multiple times will not be
- * portable to implementations that only permit a single key handle to be
- * opened. See also :ref:\`key-handles\`.
- *
- * \param key The persistent identifier of the key.
- * \param[out] handle On success, a handle to the key.
+ * \param key Identifier of the key to purge.
*
* \retval #PSA_SUCCESS
- * Success. The application can now use the value of `*handle`
- * to access the key.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * The implementation does not have sufficient resources to open the
- * key. This can be due to reaching an implementation limit on the
- * number of open keys, the number of open key handles, or available
- * memory.
- * \retval #PSA_ERROR_DOES_NOT_EXIST
- * There is no persistent key with key identifier \p id.
+ * The key material will have been removed from memory if it is not
+ * currently required.
* \retval #PSA_ERROR_INVALID_ARGUMENT
- * \p id is not a valid persistent key identifier.
- * \retval #PSA_ERROR_NOT_PERMITTED
- * The specified key exists, but the application does not have the
- * permission to access it. Note that this specification does not
- * define any way to create such a key, but it may be possible
- * through implementation-specific means.
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \p key is not a valid key identifier.
* \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
-psa_status_t psa_open_key( mbedtls_svc_key_id_t key,
- psa_key_handle_t *handle );
-
-/** Close a key handle.
- *
- * If the handle designates a volatile key, this will destroy the key material
- * and free all associated resources, just like psa_destroy_key().
- *
- * If this is the last open handle to a persistent key, then closing the handle
- * will free all resources associated with the key in volatile memory. The key
- * data in persistent storage is not affected and can be opened again later
- * with a call to psa_open_key().
- *
- * Closing the key handle makes the handle invalid, and the key handle
- * must not be used again by the application.
- *
- * \note If the key handle was used to set up an active
- * :ref:\`multipart operation <multipart-operations>\`, then closing the
- * key handle can cause the multipart operation to fail. Applications should
- * maintain the key handle until after the multipart operation has finished.
- *
- * \param handle The key handle to close.
- * If this is \c 0, do nothing and return \c PSA_SUCCESS.
- *
- * \retval #PSA_SUCCESS
- * \p handle was a valid handle or \c 0. It is now closed.
- * \retval #PSA_ERROR_INVALID_HANDLE
- * \p handle is not a valid handle nor \c 0.
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_BAD_STATE
- * The library has not been previously initialized by psa_crypto_init().
- * It is implementation-dependent whether a failure to initialize
- * results in this error code.
- */
-psa_status_t psa_close_key(psa_key_handle_t handle);
+psa_status_t psa_purge_key(mbedtls_svc_key_id_t key);
/** Make a copy of a key.
*
@@ -512,7 +456,10 @@
* The effect of this function on implementation-defined attributes is
* implementation-defined.
*
- * \param source_handle The key to copy. It must be a valid key handle.
+ * \param source_key The key to copy. It must allow the usage
+ * #PSA_KEY_USAGE_COPY. If a private or secret key is
+ * being copied outside of a secure element it must
+ * also allow #PSA_KEY_USAGE_EXPORT.
* \param[in] attributes The attributes for the new key.
* They are used as follows:
* - The key type and size may be 0. If either is
@@ -526,12 +473,14 @@
* the source key and \p attributes so that
* both sets of restrictions apply, as
* described in the documentation of this function.
- * \param[out] target_handle On success, a handle to the newly created key.
+ * \param[out] target_key On success, an identifier for the newly created
+ * key. For persistent keys, this is the key
+ * identifier defined in \p attributes.
* \c 0 on failure.
*
* \retval #PSA_SUCCESS
* \retval #PSA_ERROR_INVALID_HANDLE
- * \p source_handle is invalid.
+ * \p source_key is invalid.
* \retval #PSA_ERROR_ALREADY_EXISTS
* This is an attempt to create a persistent key, and there is
* already a persistent key with the given identifier.
@@ -559,9 +508,9 @@
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
-psa_status_t psa_copy_key(psa_key_handle_t source_handle,
+psa_status_t psa_copy_key(mbedtls_svc_key_id_t source_key,
const psa_key_attributes_t *attributes,
- psa_key_handle_t *target_handle);
+ mbedtls_svc_key_id_t *target_key);
/**
@@ -572,28 +521,22 @@
* make a best effort to ensure that that the key material cannot be recovered.
*
* This function also erases any metadata such as policies and frees
- * resources associated with the key. To free all resources associated with
- * the key, all handles to the key must be closed or destroyed.
- *
- * Destroying the key makes the handle invalid, and the key handle
- * must not be used again by the application. Using other open handles to the
- * destroyed key in a cryptographic operation will result in an error.
+ * resources associated with the key.
*
* If a key is currently in use in a multipart operation, then destroying the
* key will cause the multipart operation to fail.
*
- * \param handle Handle to the key to erase.
- * If this is \c 0, do nothing and return \c PSA_SUCCESS.
+ * \param key Identifier of the key to erase. If this is \c 0, do nothing and
+ * return #PSA_SUCCESS.
*
* \retval #PSA_SUCCESS
- * \p handle was a valid handle and the key material that it
- * referred to has been erased.
- * Alternatively, \p handle is \c 0.
+ * \p key was a valid identifier and the key material that it
+ * referred to has been erased. Alternatively, \p key is \c 0.
* \retval #PSA_ERROR_NOT_PERMITTED
* The key cannot be erased because it is
* read-only, either due to a policy or due to physical restrictions.
* \retval #PSA_ERROR_INVALID_HANDLE
- * \p handle is not a valid handle nor \c 0.
+ * \p key is not a valid identifier nor \c 0.
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* There was an failure in communication with the cryptoprocessor.
* The key material may still be present in the cryptoprocessor.
@@ -611,7 +554,7 @@
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
-psa_status_t psa_destroy_key(psa_key_handle_t handle);
+psa_status_t psa_destroy_key(mbedtls_svc_key_id_t key);
/**@}*/
@@ -646,7 +589,9 @@
* \p data buffer.
* If the key size in \p attributes is nonzero,
* it must be equal to the size from \p data.
- * \param[out] handle On success, a handle to the newly created key.
+ * \param[out] key On success, an identifier to the newly created key.
+ * For persistent keys, this is the key identifier
+ * defined in \p attributes.
* \c 0 on failure.
* \param[in] data Buffer containing the key data. The content of this
* buffer is interpreted according to the type declared
@@ -691,7 +636,7 @@
psa_status_t psa_import_key(const psa_key_attributes_t *attributes,
const uint8_t *data,
size_t data_length,
- psa_key_handle_t *handle);
+ mbedtls_svc_key_id_t *key);
@@ -752,7 +697,9 @@
*
* The policy on the key must have the usage flag #PSA_KEY_USAGE_EXPORT set.
*
- * \param handle Handle to the key to export.
+ * \param key Identifier of the key to export. It must allow the
+ * usage #PSA_KEY_USAGE_EXPORT, unless it is a public
+ * key.
* \param[out] data Buffer where the key data is to be written.
* \param data_size Size of the \p data buffer in bytes.
* \param[out] data_length On success, the number of bytes
@@ -779,7 +726,7 @@
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
-psa_status_t psa_export_key(psa_key_handle_t handle,
+psa_status_t psa_export_key(mbedtls_svc_key_id_t key,
uint8_t *data,
size_t data_size,
size_t *data_length);
@@ -822,7 +769,7 @@
* Exporting a public key object or the public part of a key pair is
* always permitted, regardless of the key's usage flags.
*
- * \param handle Handle to the key to export.
+ * \param key Identifier of the key to export.
* \param[out] data Buffer where the key data is to be written.
* \param data_size Size of the \p data buffer in bytes.
* \param[out] data_length On success, the number of bytes
@@ -849,7 +796,7 @@
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
-psa_status_t psa_export_public_key(psa_key_handle_t handle,
+psa_status_t psa_export_public_key(mbedtls_svc_key_id_t key,
uint8_t *data,
size_t data_size,
size_t *data_length);
@@ -1226,7 +1173,8 @@
* about the MAC value which could allow an attacker to guess
* a valid MAC and thereby bypass security controls.
*
- * \param handle Handle to the key to use for the operation.
+ * \param key Identifier of the key to use for the operation. It
+ * must allow the usage PSA_KEY_USAGE_SIGN_MESSAGE.
* \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value
* such that #PSA_ALG_IS_MAC(\p alg) is true).
* \param[in] input Buffer containing the input message.
@@ -1241,7 +1189,7 @@
* \retval #PSA_ERROR_INVALID_HANDLE
* \retval #PSA_ERROR_NOT_PERMITTED
* \retval #PSA_ERROR_INVALID_ARGUMENT
- * \p handle is not compatible with \p alg.
+ * \p key is not compatible with \p alg.
* \retval #PSA_ERROR_NOT_SUPPORTED
* \p alg is not supported or is not a MAC algorithm.
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
@@ -1257,7 +1205,7 @@
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
-psa_status_t psa_mac_compute(psa_key_handle_t handle,
+psa_status_t psa_mac_compute(mbedtls_svc_key_id_t key,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
@@ -1267,7 +1215,8 @@
/** Calculate the MAC of a message and compare it with a reference value.
*
- * \param handle Handle to the key to use for the operation.
+ * \param key Identifier of the key to use for the operation. It
+ * must allow the usage PSA_KEY_USAGE_VERIFY_MESSAGE.
* \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value
* such that #PSA_ALG_IS_MAC(\p alg) is true).
* \param[in] input Buffer containing the input message.
@@ -1283,7 +1232,7 @@
* \retval #PSA_ERROR_INVALID_HANDLE
* \retval #PSA_ERROR_NOT_PERMITTED
* \retval #PSA_ERROR_INVALID_ARGUMENT
- * \p handle is not compatible with \p alg.
+ * \p key is not compatible with \p alg.
* \retval #PSA_ERROR_NOT_SUPPORTED
* \p alg is not supported or is not a MAC algorithm.
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
@@ -1297,7 +1246,7 @@
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
-psa_status_t psa_mac_verify(psa_key_handle_t handle,
+psa_status_t psa_mac_verify(mbedtls_svc_key_id_t key,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
@@ -1382,9 +1331,9 @@
* \param[in,out] operation The operation object to set up. It must have
* been initialized as per the documentation for
* #psa_mac_operation_t and not yet in use.
- * \param handle Handle to the key to use for the operation.
- * It must remain valid until the operation
- * terminates.
+ * \param key Identifier of the key to use for the operation. It
+ * must remain valid until the operation terminates.
+ * It must allow the usage PSA_KEY_USAGE_SIGN_MESSAGE.
* \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value
* such that #PSA_ALG_IS_MAC(\p alg) is true).
*
@@ -1393,7 +1342,7 @@
* \retval #PSA_ERROR_INVALID_HANDLE
* \retval #PSA_ERROR_NOT_PERMITTED
* \retval #PSA_ERROR_INVALID_ARGUMENT
- * \p handle is not compatible with \p alg.
+ * \p key is not compatible with \p alg.
* \retval #PSA_ERROR_NOT_SUPPORTED
* \p alg is not supported or is not a MAC algorithm.
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
@@ -1410,7 +1359,7 @@
* results in this error code.
*/
psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation,
- psa_key_handle_t handle,
+ mbedtls_svc_key_id_t key,
psa_algorithm_t alg);
/** Set up a multipart MAC verification operation.
@@ -1444,9 +1393,10 @@
* \param[in,out] operation The operation object to set up. It must have
* been initialized as per the documentation for
* #psa_mac_operation_t and not yet in use.
- * \param handle Handle to the key to use for the operation.
- * It must remain valid until the operation
- * terminates.
+ * \param key Identifier of the key to use for the operation. It
+ * must remain valid until the operation terminates.
+ * It must allow the usage
+ * PSA_KEY_USAGE_VERIFY_MESSAGE.
* \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value
* such that #PSA_ALG_IS_MAC(\p alg) is true).
*
@@ -1472,7 +1422,7 @@
* results in this error code.
*/
psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation,
- psa_key_handle_t handle,
+ mbedtls_svc_key_id_t key,
psa_algorithm_t alg);
/** Add a message fragment to a multipart MAC operation.
@@ -1639,9 +1589,8 @@
* vector). Use the multipart operation interface with a
* #psa_cipher_operation_t object to provide other forms of IV.
*
- * \param handle Handle to the key to use for the operation.
- * It must remain valid until the operation
- * terminates.
+ * \param key Identifier of the key to use for the operation.
+ * It must allow the usage #PSA_KEY_USAGE_ENCRYPT.
* \param alg The cipher algorithm to compute
* (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_CIPHER(\p alg) is true).
@@ -1659,7 +1608,7 @@
* \retval #PSA_ERROR_INVALID_HANDLE
* \retval #PSA_ERROR_NOT_PERMITTED
* \retval #PSA_ERROR_INVALID_ARGUMENT
- * \p handle is not compatible with \p alg.
+ * \p key is not compatible with \p alg.
* \retval #PSA_ERROR_NOT_SUPPORTED
* \p alg is not supported or is not a cipher algorithm.
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
@@ -1673,7 +1622,7 @@
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
-psa_status_t psa_cipher_encrypt(psa_key_handle_t handle,
+psa_status_t psa_cipher_encrypt(mbedtls_svc_key_id_t key,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
@@ -1685,9 +1634,10 @@
*
* This function decrypts a message encrypted with a symmetric cipher.
*
- * \param handle Handle to the key to use for the operation.
+ * \param key Identifier of the key to use for the operation.
* It must remain valid until the operation
- * terminates.
+ * terminates. It must allow the usage
+ * #PSA_KEY_USAGE_DECRYPT.
* \param alg The cipher algorithm to compute
* (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_CIPHER(\p alg) is true).
@@ -1705,7 +1655,7 @@
* \retval #PSA_ERROR_INVALID_HANDLE
* \retval #PSA_ERROR_NOT_PERMITTED
* \retval #PSA_ERROR_INVALID_ARGUMENT
- * \p handle is not compatible with \p alg.
+ * \p key is not compatible with \p alg.
* \retval #PSA_ERROR_NOT_SUPPORTED
* \p alg is not supported or is not a cipher algorithm.
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
@@ -1719,7 +1669,7 @@
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
-psa_status_t psa_cipher_decrypt(psa_key_handle_t handle,
+psa_status_t psa_cipher_decrypt(mbedtls_svc_key_id_t key,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
@@ -1805,9 +1755,10 @@
* \param[in,out] operation The operation object to set up. It must have
* been initialized as per the documentation for
* #psa_cipher_operation_t and not yet in use.
- * \param handle Handle to the key to use for the operation.
+ * \param key Identifier of the key to use for the operation.
* It must remain valid until the operation
- * terminates.
+ * terminates. It must allow the usage
+ * #PSA_KEY_USAGE_ENCRYPT.
* \param alg The cipher algorithm to compute
* (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_CIPHER(\p alg) is true).
@@ -1817,7 +1768,7 @@
* \retval #PSA_ERROR_INVALID_HANDLE
* \retval #PSA_ERROR_NOT_PERMITTED
* \retval #PSA_ERROR_INVALID_ARGUMENT
- * \p handle is not compatible with \p alg.
+ * \p key is not compatible with \p alg.
* \retval #PSA_ERROR_NOT_SUPPORTED
* \p alg is not supported or is not a cipher algorithm.
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
@@ -1833,7 +1784,7 @@
* results in this error code.
*/
psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
- psa_key_handle_t handle,
+ mbedtls_svc_key_id_t key,
psa_algorithm_t alg);
/** Set the key for a multipart symmetric decryption operation.
@@ -1868,9 +1819,10 @@
* \param[in,out] operation The operation object to set up. It must have
* been initialized as per the documentation for
* #psa_cipher_operation_t and not yet in use.
- * \param handle Handle to the key to use for the operation.
+ * \param key Identifier of the key to use for the operation.
* It must remain valid until the operation
- * terminates.
+ * terminates. It must allow the usage
+ * #PSA_KEY_USAGE_DECRYPT.
* \param alg The cipher algorithm to compute
* (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_CIPHER(\p alg) is true).
@@ -1880,7 +1832,7 @@
* \retval #PSA_ERROR_INVALID_HANDLE
* \retval #PSA_ERROR_NOT_PERMITTED
* \retval #PSA_ERROR_INVALID_ARGUMENT
- * \p handle is not compatible with \p alg.
+ * \p key is not compatible with \p alg.
* \retval #PSA_ERROR_NOT_SUPPORTED
* \p alg is not supported or is not a cipher algorithm.
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
@@ -1896,7 +1848,7 @@
* results in this error code.
*/
psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation,
- psa_key_handle_t handle,
+ mbedtls_svc_key_id_t key,
psa_algorithm_t alg);
/** Generate an IV for a symmetric encryption operation.
@@ -2110,7 +2062,9 @@
/** Process an authenticated encryption operation.
*
- * \param handle Handle to the key to use for the operation.
+ * \param key Identifier of the key to use for the
+ * operation. It must allow the usage
+ * #PSA_KEY_USAGE_ENCRYPT.
* \param alg The AEAD algorithm to compute
* (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_AEAD(\p alg) is true).
@@ -2141,7 +2095,7 @@
* \retval #PSA_ERROR_INVALID_HANDLE
* \retval #PSA_ERROR_NOT_PERMITTED
* \retval #PSA_ERROR_INVALID_ARGUMENT
- * \p handle is not compatible with \p alg.
+ * \p key is not compatible with \p alg.
* \retval #PSA_ERROR_NOT_SUPPORTED
* \p alg is not supported or is not an AEAD algorithm.
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
@@ -2156,7 +2110,7 @@
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
-psa_status_t psa_aead_encrypt(psa_key_handle_t handle,
+psa_status_t psa_aead_encrypt(mbedtls_svc_key_id_t key,
psa_algorithm_t alg,
const uint8_t *nonce,
size_t nonce_length,
@@ -2170,7 +2124,9 @@
/** Process an authenticated decryption operation.
*
- * \param handle Handle to the key to use for the operation.
+ * \param key Identifier of the key to use for the
+ * operation. It must allow the usage
+ * #PSA_KEY_USAGE_DECRYPT.
* \param alg The AEAD algorithm to compute
* (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_AEAD(\p alg) is true).
@@ -2201,7 +2157,7 @@
* The ciphertext is not authentic.
* \retval #PSA_ERROR_NOT_PERMITTED
* \retval #PSA_ERROR_INVALID_ARGUMENT
- * \p handle is not compatible with \p alg.
+ * \p key is not compatible with \p alg.
* \retval #PSA_ERROR_NOT_SUPPORTED
* \p alg is not supported or is not an AEAD algorithm.
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
@@ -2216,7 +2172,7 @@
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
-psa_status_t psa_aead_decrypt(psa_key_handle_t handle,
+psa_status_t psa_aead_decrypt(mbedtls_svc_key_id_t key,
psa_algorithm_t alg,
const uint8_t *nonce,
size_t nonce_length,
@@ -2312,9 +2268,10 @@
* \param[in,out] operation The operation object to set up. It must have
* been initialized as per the documentation for
* #psa_aead_operation_t and not yet in use.
- * \param handle Handle to the key to use for the operation.
+ * \param key Identifier of the key to use for the operation.
* It must remain valid until the operation
- * terminates.
+ * terminates. It must allow the usage
+ * #PSA_KEY_USAGE_ENCRYPT.
* \param alg The AEAD algorithm to compute
* (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_AEAD(\p alg) is true).
@@ -2323,10 +2280,10 @@
* Success.
* \retval #PSA_ERROR_BAD_STATE
* The operation state is not valid (it must be inactive).
- * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_INVALID_HANDLE
* \retval #PSA_ERROR_NOT_PERMITTED
* \retval #PSA_ERROR_INVALID_ARGUMENT
- * \p handle is not compatible with \p alg.
+ * \p key is not compatible with \p alg.
* \retval #PSA_ERROR_NOT_SUPPORTED
* \p alg is not supported or is not an AEAD algorithm.
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
@@ -2340,7 +2297,7 @@
* results in this error code.
*/
psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation,
- psa_key_handle_t handle,
+ mbedtls_svc_key_id_t key,
psa_algorithm_t alg);
/** Set the key for a multipart authenticated decryption operation.
@@ -2378,9 +2335,10 @@
* \param[in,out] operation The operation object to set up. It must have
* been initialized as per the documentation for
* #psa_aead_operation_t and not yet in use.
- * \param handle Handle to the key to use for the operation.
+ * \param key Identifier of the key to use for the operation.
* It must remain valid until the operation
- * terminates.
+ * terminates. It must allow the usage
+ * #PSA_KEY_USAGE_DECRYPT.
* \param alg The AEAD algorithm to compute
* (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_AEAD(\p alg) is true).
@@ -2389,10 +2347,10 @@
* Success.
* \retval #PSA_ERROR_BAD_STATE
* The operation state is not valid (it must be inactive).
- * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_INVALID_HANDLE
* \retval #PSA_ERROR_NOT_PERMITTED
* \retval #PSA_ERROR_INVALID_ARGUMENT
- * \p handle is not compatible with \p alg.
+ * \p key is not compatible with \p alg.
* \retval #PSA_ERROR_NOT_SUPPORTED
* \p alg is not supported or is not an AEAD algorithm.
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
@@ -2406,7 +2364,7 @@
* results in this error code.
*/
psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation,
- psa_key_handle_t handle,
+ mbedtls_svc_key_id_t key,
psa_algorithm_t alg);
/** Generate a random nonce for an authenticated encryption operation.
@@ -2432,7 +2390,7 @@
* Success.
* \retval #PSA_ERROR_BAD_STATE
* The operation state is not valid (it must be an active aead encrypt
- operation, with no nonce set).
+ * operation, with no nonce set).
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
* The size of the \p nonce buffer is too small.
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
@@ -2864,10 +2822,11 @@
* parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg)
* to determine the hash algorithm to use.
*
- * \param handle Handle to the key to use for the operation.
- * It must be an asymmetric key pair.
+ * \param key Identifier of the key to use for the operation.
+ * It must be an asymmetric key pair. The key must
+ * allow the usage #PSA_KEY_USAGE_SIGN_HASH.
* \param alg A signature algorithm that is compatible with
- * the type of \p handle.
+ * the type of \p key.
* \param[in] hash The hash or message to sign.
* \param hash_length Size of the \p hash buffer in bytes.
* \param[out] signature Buffer where the signature is to be written.
@@ -2883,7 +2842,7 @@
* determine a sufficient buffer size by calling
* #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg)
* where \c key_type and \c key_bits are the type and bit-size
- * respectively of \p handle.
+ * respectively of \p key.
* \retval #PSA_ERROR_NOT_SUPPORTED
* \retval #PSA_ERROR_INVALID_ARGUMENT
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
@@ -2897,7 +2856,7 @@
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
-psa_status_t psa_sign_hash(psa_key_handle_t handle,
+psa_status_t psa_sign_hash(mbedtls_svc_key_id_t key,
psa_algorithm_t alg,
const uint8_t *hash,
size_t hash_length,
@@ -2914,10 +2873,12 @@
* parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg)
* to determine the hash algorithm to use.
*
- * \param handle Handle to the key to use for the operation.
- * It must be a public key or an asymmetric key pair.
+ * \param key Identifier of the key to use for the operation. It
+ * must be a public key or an asymmetric key pair. The
+ * key must allow the usage
+ * #PSA_KEY_USAGE_VERIFY_HASH.
* \param alg A signature algorithm that is compatible with
- * the type of \p handle.
+ * the type of \p key.
* \param[in] hash The hash or message whose signature is to be
* verified.
* \param hash_length Size of the \p hash buffer in bytes.
@@ -2943,7 +2904,7 @@
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
-psa_status_t psa_verify_hash(psa_key_handle_t handle,
+psa_status_t psa_verify_hash(mbedtls_svc_key_id_t key,
psa_algorithm_t alg,
const uint8_t *hash,
size_t hash_length,
@@ -2953,11 +2914,12 @@
/**
* \brief Encrypt a short message with a public key.
*
- * \param handle Handle to the key to use for the operation.
- * It must be a public key or an asymmetric
- * key pair.
+ * \param key Identifer of the key to use for the operation.
+ * It must be a public key or an asymmetric key
+ * pair. It must allow the usage
+ * #PSA_KEY_USAGE_ENCRYPT.
* \param alg An asymmetric encryption algorithm that is
- * compatible with the type of \p handle.
+ * compatible with the type of \p key.
* \param[in] input The message to encrypt.
* \param input_length Size of the \p input buffer in bytes.
* \param[in] salt A salt or label, if supported by the
@@ -2986,7 +2948,7 @@
* determine a sufficient buffer size by calling
* #PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg)
* where \c key_type and \c key_bits are the type and bit-size
- * respectively of \p handle.
+ * respectively of \p key.
* \retval #PSA_ERROR_NOT_SUPPORTED
* \retval #PSA_ERROR_INVALID_ARGUMENT
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
@@ -3000,7 +2962,7 @@
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
-psa_status_t psa_asymmetric_encrypt(psa_key_handle_t handle,
+psa_status_t psa_asymmetric_encrypt(mbedtls_svc_key_id_t key,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
@@ -3013,10 +2975,11 @@
/**
* \brief Decrypt a short message with a private key.
*
- * \param handle Handle to the key to use for the operation.
- * It must be an asymmetric key pair.
+ * \param key Identifier of the key to use for the operation.
+ * It must be an asymmetric key pair. It must
+ * allow the usage #PSA_KEY_USAGE_DECRYPT.
* \param alg An asymmetric encryption algorithm that is
- * compatible with the type of \p handle.
+ * compatible with the type of \p key.
* \param[in] input The message to decrypt.
* \param input_length Size of the \p input buffer in bytes.
* \param[in] salt A salt or label, if supported by the
@@ -3045,7 +3008,7 @@
* determine a sufficient buffer size by calling
* #PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg)
* where \c key_type and \c key_bits are the type and bit-size
- * respectively of \p handle.
+ * respectively of \p key.
* \retval #PSA_ERROR_NOT_SUPPORTED
* \retval #PSA_ERROR_INVALID_ARGUMENT
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
@@ -3060,7 +3023,7 @@
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
-psa_status_t psa_asymmetric_decrypt(psa_key_handle_t handle,
+psa_status_t psa_asymmetric_decrypt(mbedtls_svc_key_id_t key,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
@@ -3318,9 +3281,9 @@
* psa_key_derivation_setup() and must not
* have produced any output yet.
* \param step Which step the input data is for.
- * \param handle Handle to the key. It must have an
- * appropriate type for \p step and must
- * allow the usage #PSA_KEY_USAGE_DERIVE.
+ * \param key Identifier of the key. It must have an
+ * appropriate type for step and must allow the
+ * usage #PSA_KEY_USAGE_DERIVE.
*
* \retval #PSA_SUCCESS
* Success.
@@ -3346,7 +3309,7 @@
psa_status_t psa_key_derivation_input_key(
psa_key_derivation_operation_t *operation,
psa_key_derivation_step_t step,
- psa_key_handle_t handle);
+ mbedtls_svc_key_id_t key);
/** Perform a key agreement and use the shared secret as input to a key
* derivation.
@@ -3371,7 +3334,8 @@
* The operation must be ready for an
* input of the type given by \p step.
* \param step Which step the input data is for.
- * \param private_key Handle to the private key to use.
+ * \param private_key Identifier of the private key to use. It must
+ * allow the usage #PSA_KEY_USAGE_DERIVE.
* \param[in] peer_key Public key of the peer. The peer key must be in the
* same format that psa_import_key() accepts for the
* public key type corresponding to the type of
@@ -3415,7 +3379,7 @@
psa_status_t psa_key_derivation_key_agreement(
psa_key_derivation_operation_t *operation,
psa_key_derivation_step_t step,
- psa_key_handle_t private_key,
+ mbedtls_svc_key_id_t private_key,
const uint8_t *peer_key,
size_t peer_key_length);
@@ -3559,7 +3523,9 @@
*
* \param[in] attributes The attributes for the new key.
* \param[in,out] operation The key derivation operation object to read from.
- * \param[out] handle On success, a handle to the newly created key.
+ * \param[out] key On success, an identifier for the newly created
+ * key. For persistent keys, this is the key
+ * identifier defined in \p attributes.
* \c 0 on failure.
*
* \retval #PSA_SUCCESS
@@ -3599,7 +3565,7 @@
psa_status_t psa_key_derivation_output_key(
const psa_key_attributes_t *attributes,
psa_key_derivation_operation_t *operation,
- psa_key_handle_t *handle);
+ mbedtls_svc_key_id_t *key);
/** Abort a key derivation operation.
*
@@ -3640,7 +3606,8 @@
* (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_RAW_KEY_AGREEMENT(\p alg)
* is true).
- * \param private_key Handle to the private key to use.
+ * \param private_key Identifier of the private key to use. It must
+ * allow the usage #PSA_KEY_USAGE_DERIVE.
* \param[in] peer_key Public key of the peer. It must be
* in the same format that psa_import_key()
* accepts. The standard formats for public
@@ -3678,7 +3645,7 @@
* results in this error code.
*/
psa_status_t psa_raw_key_agreement(psa_algorithm_t alg,
- psa_key_handle_t private_key,
+ mbedtls_svc_key_id_t private_key,
const uint8_t *peer_key,
size_t peer_key_length,
uint8_t *output,
@@ -3734,7 +3701,9 @@
* attributes.
*
* \param[in] attributes The attributes for the new key.
- * \param[out] handle On success, a handle to the newly created key.
+ * \param[out] key On success, an identifier for the newly created
+ * key. For persistent keys, this is the key
+ * identifier defined in \p attributes.
* \c 0 on failure.
*
* \retval #PSA_SUCCESS
@@ -3759,7 +3728,7 @@
* results in this error code.
*/
psa_status_t psa_generate_key(const psa_key_attributes_t *attributes,
- psa_key_handle_t *handle);
+ mbedtls_svc_key_id_t *key);
/**@}*/
diff --git a/include/psa/crypto_accel_driver.h b/include/psa/crypto_accel_driver.h
index 1a193c5..4488ea8 100644
--- a/include/psa/crypto_accel_driver.h
+++ b/include/psa/crypto_accel_driver.h
@@ -75,7 +75,7 @@
* \param[in,out] p_context A structure that will contain the
* hardware-specific hash context
*
- * \retval PSA_SUCCESS Success.
+ * \retval #PSA_SUCCESS Success.
*/
typedef psa_status_t (*psa_drv_hash_setup_t)(psa_drv_hash_context_t *p_context);
@@ -120,7 +120,7 @@
* \param[out] p_output_length The number of bytes placed in `p_output` after
* success
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
* Success.
*/
typedef psa_status_t (*psa_drv_hash_finish_t)(psa_drv_hash_context_t *p_context,
@@ -188,7 +188,7 @@
* to be used in the operation
* \param[in] key_length The size in bytes of the key material
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
* Success.
*/
typedef psa_status_t (*psa_drv_accel_mac_setup_t)(psa_drv_accel_mac_context_t *p_context,
@@ -235,7 +235,7 @@
* \param[in] mac_length The size in bytes of the buffer that has been
* allocated for the `p_mac` buffer
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
* Success.
*/
typedef psa_status_t (*psa_drv_accel_mac_finish_t)(psa_drv_accel_mac_context_t *p_context,
@@ -261,7 +261,7 @@
* \param[in] mac_length The size in bytes of the data in the `p_mac`
* buffer
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
* The operation completed successfully and the comparison matched
*/
typedef psa_status_t (*psa_drv_accel_mac_finish_verify_t)(psa_drv_accel_mac_context_t *p_context,
@@ -335,7 +335,7 @@
* \param[in] p_mac The MAC data to be compared
* \param[in] mac_length The length in bytes of the `p_mac` buffer
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
* The operation completed successfully and the comparison matched
*/
typedef psa_status_t (*psa_drv_accel_mac_verify_t)(const uint8_t *p_input,
@@ -396,7 +396,7 @@
* to be used in the operation
* \param[in] key_data_size The size in bytes of the key material
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
*/
typedef psa_status_t (*psa_drv_accel_cipher_setup_t)(psa_drv_accel_cipher_context_t *p_context,
psa_encrypt_or_decrypt_t direction,
@@ -419,7 +419,7 @@
* \param[in] p_iv A buffer containing the initialization vecotr
* \param[in] iv_length The size in bytes of the contents of `p_iv`
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
*/
typedef psa_status_t (*psa_drv_accel_cipher_set_iv_t)(psa_drv_accel_cipher_context_t *p_context,
const uint8_t *p_iv,
@@ -448,7 +448,7 @@
* \param[out] p_output_length After completion, will contain the number
* of bytes placed in the `p_output` buffer
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
*/
typedef psa_status_t (*psa_drv_accel_cipher_update_t)(psa_drv_accel_cipher_context_t *p_context,
const uint8_t *p_input,
@@ -477,7 +477,7 @@
* \param[out] p_output_length After completion, will contain the number of
* bytes placed in the `p_output` buffer
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
*/
typedef psa_status_t (*psa_drv_accel_cipher_finish_t)(psa_drv_accel_cipher_context_t *p_context,
uint8_t *p_output,
@@ -499,7 +499,7 @@
* \param[in,out] p_context A hardware-specific structure for the
* previously started cipher operation
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
*/
typedef psa_status_t (*psa_drv_accel_cipher_abort_t)(psa_drv_accel_cipher_context_t *p_context);
@@ -659,7 +659,7 @@
* \param[out] p_signature_length On success, the number of bytes
* that make up the returned signature value
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
*/
typedef psa_status_t (*psa_drv_accel_asymmetric_sign_t)(const uint8_t *p_key,
size_t key_size,
@@ -697,7 +697,7 @@
* \param[in] p_signature Buffer containing the signature to verify
* \param[in] signature_length Size of the `p_signature` buffer in bytes
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
* The signature is valid.
*/
typedef psa_status_t (*psa_drv_accel_asymmetric_verify_t)(const uint8_t *p_key,
@@ -748,7 +748,7 @@
* \param[out] p_output_length On success, the number of bytes
* that make up the returned output
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
*/
typedef psa_status_t (*psa_drv_accel_asymmetric_encrypt_t)(const uint8_t *p_key,
size_t key_size,
@@ -800,7 +800,7 @@
* \param[out] p_output_length On success, the number of bytes
* that make up the returned output
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
*/
typedef psa_status_t (*psa_drv_accel_asymmetric_decrypt_t)(const uint8_t *p_key,
size_t key_size,
diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h
index 4b607b6..339ef27 100644
--- a/include/psa/crypto_compat.h
+++ b/include/psa/crypto_compat.h
@@ -34,6 +34,27 @@
extern "C" {
#endif
+/*
+ * To support both openless APIs and psa_open_key() temporarily, define
+ * psa_key_handle_t to be equal to mbedtls_svc_key_id_t. Do not mark the
+ * type and its utility macros and functions deprecated yet. This will be done
+ * in a subsequent phase.
+ */
+typedef mbedtls_svc_key_id_t psa_key_handle_t;
+
+#define PSA_KEY_HANDLE_INIT MBEDTLS_SVC_KEY_ID_INIT
+
+/** Check wether an handle is null.
+ *
+ * \param handle Handle
+ *
+ * \return Non-zero if the handle is null, zero otherwise.
+ */
+static inline int psa_key_handle_is_null( psa_key_handle_t handle )
+{
+ return( mbedtls_svc_key_id_is_null( handle ) );
+}
+
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
/*
@@ -223,6 +244,107 @@
#define PSA_DH_GROUP_CUSTOM \
MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_CUSTOM )
+/** Open a handle to an existing persistent key.
+ *
+ * Open a handle to a persistent key. A key is persistent if it was created
+ * with a lifetime other than #PSA_KEY_LIFETIME_VOLATILE. A persistent key
+ * always has a nonzero key identifier, set with psa_set_key_id() when
+ * creating the key. Implementations may provide additional pre-provisioned
+ * keys that can be opened with psa_open_key(). Such keys have an application
+ * key identifier in the vendor range, as documented in the description of
+ * #psa_key_id_t.
+ *
+ * The application must eventually close the handle with psa_close_key() or
+ * psa_destroy_key() to release associated resources. If the application dies
+ * without calling one of these functions, the implementation should perform
+ * the equivalent of a call to psa_close_key().
+ *
+ * Some implementations permit an application to open the same key multiple
+ * times. If this is successful, each call to psa_open_key() will return a
+ * different key handle.
+ *
+ * \note This API is not part of the PSA Cryptography API Release 1.0.0
+ * specification. It was defined in the 1.0 Beta 3 version of the
+ * specification but was removed in the 1.0.0 released version. This API is
+ * kept for the time being to not break applications relying on it. It is not
+ * deprecated yet but will be in the near future.
+ *
+ * \note Applications that rely on opening a key multiple times will not be
+ * portable to implementations that only permit a single key handle to be
+ * opened. See also :ref:\`key-handles\`.
+ *
+ *
+ * \param key The persistent identifier of the key.
+ * \param[out] handle On success, a handle to the key.
+ *
+ * \retval #PSA_SUCCESS
+ * Success. The application can now use the value of `*handle`
+ * to access the key.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * The implementation does not have sufficient resources to open the
+ * key. This can be due to reaching an implementation limit on the
+ * number of open keys, the number of open key handles, or available
+ * memory.
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
+ * There is no persistent key with key identifier \p id.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \p id is not a valid persistent key identifier.
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ * The specified key exists, but the application does not have the
+ * permission to access it. Note that this specification does not
+ * define any way to create such a key, but it may be possible
+ * through implementation-specific means.
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_BAD_STATE
+ * The library has not been previously initialized by psa_crypto_init().
+ * It is implementation-dependent whether a failure to initialize
+ * results in this error code.
+ */
+psa_status_t psa_open_key( mbedtls_svc_key_id_t key,
+ psa_key_handle_t *handle );
+
+/** Close a key handle.
+ *
+ * If the handle designates a volatile key, this will destroy the key material
+ * and free all associated resources, just like psa_destroy_key().
+ *
+ * If this is the last open handle to a persistent key, then closing the handle
+ * will free all resources associated with the key in volatile memory. The key
+ * data in persistent storage is not affected and can be opened again later
+ * with a call to psa_open_key().
+ *
+ * Closing the key handle makes the handle invalid, and the key handle
+ * must not be used again by the application.
+ *
+ * \note This API is not part of the PSA Cryptography API Release 1.0.0
+ * specification. It was defined in the 1.0 Beta 3 version of the
+ * specification but was removed in the 1.0.0 released version. This API is
+ * kept for the time being to not break applications relying on it. It is not
+ * deprecated yet but will be in the near future.
+ *
+ * \note If the key handle was used to set up an active
+ * :ref:\`multipart operation <multipart-operations>\`, then closing the
+ * key handle can cause the multipart operation to fail. Applications should
+ * maintain the key handle until after the multipart operation has finished.
+ *
+ * \param handle The key handle to close.
+ * If this is \c 0, do nothing and return \c PSA_SUCCESS.
+ *
+ * \retval #PSA_SUCCESS
+ * \p handle was a valid handle or \c 0. It is now closed.
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ * \p handle is not a valid handle nor \c 0.
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
+ * The library has not been previously initialized by psa_crypto_init().
+ * It is implementation-dependent whether a failure to initialize
+ * results in this error code.
+ */
+psa_status_t psa_close_key(psa_key_handle_t handle);
+
#ifdef __cplusplus
}
#endif
diff --git a/include/psa/crypto_entropy_driver.h b/include/psa/crypto_entropy_driver.h
index 6175044..9b6546e 100644
--- a/include/psa/crypto_entropy_driver.h
+++ b/include/psa/crypto_entropy_driver.h
@@ -47,7 +47,7 @@
* containing any context information for
* the implementation
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
*/
typedef psa_status_t (*psa_drv_entropy_init_t)(void *p_context);
@@ -75,7 +75,7 @@
* \param[out] p_received_entropy_bits The amount of entropy (in bits)
* actually provided in `p_buffer`
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
*/
typedef psa_status_t (*psa_drv_entropy_get_bits_t)(void *p_context,
uint8_t *p_buffer,
diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
index 71adb93..b25addc 100644
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@@ -231,6 +231,8 @@
size_t cache_slots;
/** Number of slots that are not used for anything. */
size_t empty_slots;
+ /** Number of slots that are locked. */
+ size_t locked_slots;
/** Largest key id value among open keys in internal persistent storage. */
psa_key_id_t max_open_internal_key_id;
/** Largest key id value among open keys in secure elements. */
diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h
index 4582a86..567398d 100644
--- a/include/psa/crypto_platform.h
+++ b/include/psa/crypto_platform.h
@@ -53,9 +53,6 @@
#define inline __inline
#endif
-/* Integral type representing a key handle. */
-typedef uint16_t psa_key_handle_t;
-
#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
/* Building for the PSA Crypto service on a PSA platform, a key owner is a PSA
diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h
index 46b2d64..1fae575 100644
--- a/include/psa/crypto_se_driver.h
+++ b/include/psa/crypto_se_driver.h
@@ -178,7 +178,7 @@
* \param[in] algorithm The algorithm to be used to underly the MAC
* operation
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
* Success.
*/
typedef psa_status_t (*psa_drv_se_mac_setup_t)(psa_drv_se_context_t *drv_context,
@@ -213,7 +213,7 @@
* \param[out] p_mac_length After completion, will contain the number of
* bytes placed in the `p_mac` buffer
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
* Success.
*/
typedef psa_status_t (*psa_drv_se_mac_finish_t)(void *op_context,
@@ -230,10 +230,10 @@
* will be compared against
* \param[in] mac_length The size in bytes of the value stored in `p_mac`
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
* The operation completed successfully and the MACs matched each
* other
- * \retval PSA_ERROR_INVALID_SIGNATURE
+ * \retval #PSA_ERROR_INVALID_SIGNATURE
* The operation completed successfully, but the calculated MAC did
* not match the provided MAC
*/
@@ -264,7 +264,7 @@
* \param[out] p_mac_length After completion, will contain the number of
* bytes placed in the `output` buffer
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
* Success.
*/
typedef psa_status_t (*psa_drv_se_mac_generate_t)(psa_drv_se_context_t *drv_context,
@@ -289,10 +289,10 @@
* be compared against
* \param[in] mac_length The size in bytes of `mac`
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
* The operation completed successfully and the MACs matched each
* other
- * \retval PSA_ERROR_INVALID_SIGNATURE
+ * \retval #PSA_ERROR_INVALID_SIGNATURE
* The operation completed successfully, but the calculated MAC did
* not match the provided MAC
*/
@@ -384,8 +384,8 @@
* \param[in] direction Indicates whether the operation is an encrypt
* or decrypt
*
- * \retval PSA_SUCCESS
- * \retval PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_NOT_SUPPORTED
*/
typedef psa_status_t (*psa_drv_se_cipher_setup_t)(psa_drv_se_context_t *drv_context,
void *op_context,
@@ -406,7 +406,7 @@
* \param[in] p_iv A buffer containing the initialization vector
* \param[in] iv_length The size (in bytes) of the `p_iv` buffer
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
*/
typedef psa_status_t (*psa_drv_se_cipher_set_iv_t)(void *op_context,
const uint8_t *p_iv,
@@ -428,7 +428,7 @@
* \param[out] p_output_length After completion, will contain the number
* of bytes placed in the `p_output` buffer
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
*/
typedef psa_status_t (*psa_drv_se_cipher_update_t)(void *op_context,
const uint8_t *p_input,
@@ -449,7 +449,7 @@
* \param[out] p_output_length After completion, will contain the number of
* bytes placed in the `p_output` buffer
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
*/
typedef psa_status_t (*psa_drv_se_cipher_finish_t)(void *op_context,
uint8_t *p_output,
@@ -484,8 +484,8 @@
* \param[in] output_size The allocated size in bytes of the `p_output`
* buffer
*
- * \retval PSA_SUCCESS
- * \retval PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_NOT_SUPPORTED
*/
typedef psa_status_t (*psa_drv_se_cipher_ecb_t)(psa_drv_se_context_t *drv_context,
psa_key_slot_number_t key_slot,
@@ -553,7 +553,7 @@
* \param[out] p_signature_length On success, the number of bytes
* that make up the returned signature value
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
*/
typedef psa_status_t (*psa_drv_se_asymmetric_sign_t)(psa_drv_se_context_t *drv_context,
psa_key_slot_number_t key_slot,
@@ -578,7 +578,7 @@
* \param[in] p_signature Buffer containing the signature to verify
* \param[in] signature_length Size of the `p_signature` buffer in bytes
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
* The signature is valid.
*/
typedef psa_status_t (*psa_drv_se_asymmetric_verify_t)(psa_drv_se_context_t *drv_context,
@@ -617,7 +617,7 @@
* \param[out] p_output_length On success, the number of bytes that make up
* the returned output
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
*/
typedef psa_status_t (*psa_drv_se_asymmetric_encrypt_t)(psa_drv_se_context_t *drv_context,
psa_key_slot_number_t key_slot,
@@ -657,7 +657,7 @@
* \param[out] p_output_length On success, the number of bytes
* that make up the returned output
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
*/
typedef psa_status_t (*psa_drv_se_asymmetric_decrypt_t)(psa_drv_se_context_t *drv_context,
psa_key_slot_number_t key_slot,
@@ -1195,7 +1195,7 @@
* \param[in] source_key The key to be used as the source material for
* the key derivation
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
*/
typedef psa_status_t (*psa_drv_se_key_derivation_setup_t)(psa_drv_se_context_t *drv_context,
void *op_context,
@@ -1215,7 +1215,7 @@
* \param[in] p_collateral A buffer containing the collateral data
* \param[in] collateral_size The size in bytes of the collateral
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
*/
typedef psa_status_t (*psa_drv_se_key_derivation_collateral_t)(void *op_context,
uint32_t collateral_id,
@@ -1230,7 +1230,7 @@
* \param[in] dest_key The slot where the generated key material
* should be placed
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
*/
typedef psa_status_t (*psa_drv_se_key_derivation_derive_t)(void *op_context,
psa_key_slot_number_t dest_key);
@@ -1244,7 +1244,7 @@
* \param[out] p_output_length Upon success, contains the number of bytes of
* key material placed in `p_output`
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
*/
typedef psa_status_t (*psa_drv_se_key_derivation_export_t)(void *op_context,
uint8_t *p_output,
@@ -1353,7 +1353,7 @@
* \param location The location value through which this driver will
* be exposed to applications.
* This driver will be used for all keys such that
- * `location == PSA_KEY_LIFETIME_LOCATION( lifetime )`.
+ * `location == #PSA_KEY_LIFETIME_GET_LOCATION( lifetime )`.
* The value #PSA_KEY_LOCATION_LOCAL_STORAGE is reserved
* and may not be used for drivers. Implementations
* may reserve other values.
@@ -1362,22 +1362,22 @@
* module keeps running. It is typically a global
* constant.
*
- * \return PSA_SUCCESS
+ * \return #PSA_SUCCESS
* The driver was successfully registered. Applications can now
* use \p lifetime to access keys through the methods passed to
* this function.
- * \return PSA_ERROR_BAD_STATE
+ * \return #PSA_ERROR_BAD_STATE
* This function was called after the initialization of the
* cryptography module, and this implementation does not support
* driver registration at this stage.
- * \return PSA_ERROR_ALREADY_EXISTS
+ * \return #PSA_ERROR_ALREADY_EXISTS
* There is already a registered driver for this value of \p lifetime.
- * \return PSA_ERROR_INVALID_ARGUMENT
+ * \return #PSA_ERROR_INVALID_ARGUMENT
* \p lifetime is a reserved value.
- * \return PSA_ERROR_NOT_SUPPORTED
+ * \return #PSA_ERROR_NOT_SUPPORTED
* `methods->hal_version` is not supported by this implementation.
- * \return PSA_ERROR_INSUFFICIENT_MEMORY
- * \return PSA_ERROR_NOT_PERMITTED
+ * \return #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \return #PSA_ERROR_NOT_PERMITTED
*/
psa_status_t psa_register_se_driver(
psa_key_location_t location,
diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index be0e280..6a018e1 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -374,9 +374,17 @@
static inline void psa_set_key_id( psa_key_attributes_t *attributes,
mbedtls_svc_key_id_t key )
{
+ psa_key_lifetime_t lifetime = attributes->core.lifetime;
+
attributes->core.id = key;
- if( attributes->core.lifetime == PSA_KEY_LIFETIME_VOLATILE )
- attributes->core.lifetime = PSA_KEY_LIFETIME_PERSISTENT;
+
+ if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
+ {
+ attributes->core.lifetime =
+ PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
+ PSA_KEY_LIFETIME_PERSISTENT,
+ PSA_KEY_LIFETIME_GET_LOCATION( lifetime ) );
+ }
}
static inline mbedtls_svc_key_id_t psa_get_key_id(
@@ -385,11 +393,19 @@
return( attributes->core.id );
}
+#ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
+static inline void mbedtls_set_key_owner_id( psa_key_attributes_t *attributes,
+ mbedtls_key_owner_id_t owner )
+{
+ attributes->core.id.owner = owner;
+}
+#endif
+
static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes,
psa_key_lifetime_t lifetime)
{
attributes->core.lifetime = lifetime;
- if( lifetime == PSA_KEY_LIFETIME_VOLATILE )
+ if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
{
#ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
attributes->core.id.key_id = 0;
diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h
index 923b02b..0a2ae54 100644
--- a/include/psa/crypto_types.h
+++ b/include/psa/crypto_types.h
@@ -352,7 +352,7 @@
* -# Call a key creation function: psa_import_key(), psa_generate_key(),
* psa_key_derivation_output_key() or psa_copy_key(). This function reads
* the attribute structure, creates a key with these attributes, and
- * outputs a handle to the newly created key.
+ * outputs a key identifier to the newly created key.
* -# The attribute structure is now no longer necessary.
* You may call psa_reset_key_attributes(), although this is optional
* with the workflow presented here because the attributes currently
diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h
index 3eb64d8..580b89e 100644
--- a/include/psa/crypto_values.h
+++ b/include/psa/crypto_values.h
@@ -108,7 +108,7 @@
* as applicable.
*
* Implementations shall not return this error code to indicate that a
- * key handle is invalid, but shall return #PSA_ERROR_INVALID_HANDLE
+ * key identifier is invalid, but shall return #PSA_ERROR_INVALID_HANDLE
* instead. */
#define PSA_ERROR_BAD_STATE ((psa_status_t)-137)
@@ -118,7 +118,7 @@
* combination of parameters are recognized as invalid.
*
* Implementations shall not return this error code to indicate that a
- * key handle is invalid, but shall return #PSA_ERROR_INVALID_HANDLE
+ * key identifier is invalid, but shall return #PSA_ERROR_INVALID_HANDLE
* instead.
*/
#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)-135)
@@ -266,7 +266,7 @@
* to read from a resource. */
#define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t)-143)
-/** The key handle is not valid. See also :ref:\`key-handles\`.
+/** The key identifier is not valid. See also :ref:\`key-handles\`.
*/
#define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136)
@@ -769,9 +769,9 @@
* an algorithm built from `PSA_xxx_SIGNATURE` and a specific hash. Each
* call to sign or verify a message may use a different hash.
* ```
- * psa_sign_hash(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA_256), ...);
- * psa_sign_hash(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA_512), ...);
- * psa_sign_hash(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA3_256), ...);
+ * psa_sign_hash(key, PSA_xxx_SIGNATURE(PSA_ALG_SHA_256), ...);
+ * psa_sign_hash(key, PSA_xxx_SIGNATURE(PSA_ALG_SHA_512), ...);
+ * psa_sign_hash(key, PSA_xxx_SIGNATURE(PSA_ALG_SHA3_256), ...);
* ```
*
* This value may not be used to build other algorithms that are
@@ -1452,7 +1452,7 @@
* a key derivation function.
* Usually, raw key agreement algorithms are constructed directly with
* a \c PSA_ALG_xxx macro while non-raw key agreement algorithms are
- * constructed with PSA_ALG_KEY_AGREEMENT().
+ * constructed with #PSA_ALG_KEY_AGREEMENT().
*
* \param alg An algorithm identifier (value of type #psa_algorithm_t).
*
@@ -1561,7 +1561,7 @@
/** The default lifetime for volatile keys.
*
- * A volatile key only exists as long as the handle to it is not closed.
+ * A volatile key only exists as long as the identifier to it is not destroyed.
* The key material is guaranteed to be erased on a power reset.
*
* A key with this lifetime is typically stored in the RAM area of the
@@ -1700,6 +1700,17 @@
return( id1 == id2 );
}
+/** Check whether a key identifier is null.
+ *
+ * \param key Key identifier.
+ *
+ * \return Non-zero if the key identifier is null, zero otherwise.
+ */
+static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
+{
+ return( key == 0 );
+}
+
#else /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
#define MBEDTLS_SVC_KEY_ID_INIT ( (mbedtls_svc_key_id_t){ 0, 0 } )
@@ -1732,6 +1743,17 @@
mbedtls_key_owner_id_equal( id1.owner, id2.owner ) );
}
+/** Check whether a key identifier is null.
+ *
+ * \param key Key identifier.
+ *
+ * \return Non-zero if the key identifier is null, zero otherwise.
+ */
+static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
+{
+ return( ( key.key_id == 0 ) && ( key.owner == 0 ) );
+}
+
#endif /* !MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
/**@}*/
diff --git a/library/pk.c b/library/pk.c
index 9a3bcb0..ecf002d 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -150,11 +150,12 @@
/*
* Initialise a PSA-wrapping context
*/
-int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, const psa_key_handle_t key )
+int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx,
+ const psa_key_id_t key )
{
const mbedtls_pk_info_t * const info = &mbedtls_pk_opaque_info;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t *pk_ctx;
+ psa_key_id_t *pk_ctx;
psa_key_type_t type;
if( ctx == NULL || ctx->pk_info != NULL )
@@ -174,7 +175,7 @@
ctx->pk_info = info;
- pk_ctx = (psa_key_handle_t *) ctx->pk_ctx;
+ pk_ctx = (psa_key_id_t *) ctx->pk_ctx;
*pk_ctx = key;
return( 0 );
@@ -587,12 +588,12 @@
* Currently only works for EC private keys.
*/
int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk,
- psa_key_handle_t *handle,
+ psa_key_id_t *key,
psa_algorithm_t hash_alg )
{
#if !defined(MBEDTLS_ECP_C)
((void) pk);
- ((void) handle);
+ ((void) key);
((void) hash_alg);
return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
#else
@@ -624,14 +625,14 @@
psa_set_key_algorithm( &attributes, PSA_ALG_ECDSA(hash_alg) );
/* import private key into PSA */
- if( PSA_SUCCESS != psa_import_key( &attributes, d, d_len, handle ) )
+ if( PSA_SUCCESS != psa_import_key( &attributes, d, d_len, key ) )
return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
/* make PK context wrap the key slot */
mbedtls_pk_free( pk );
mbedtls_pk_init( pk );
- return( mbedtls_pk_setup_opaque( pk, *handle ) );
+ return( mbedtls_pk_setup_opaque( pk, *key ) );
#endif /* MBEDTLS_ECP_C */
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 903c53b..107e912 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -543,7 +543,7 @@
mbedtls_ecdsa_context *ctx = ctx_arg;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle = 0;
+ psa_key_id_t key_id = 0;
psa_status_t status;
mbedtls_pk_context key;
int key_len;
@@ -576,7 +576,7 @@
status = psa_import_key( &attributes,
buf + sizeof( buf ) - key_len, key_len,
- &key_handle );
+ &key_id );
if( status != PSA_SUCCESS )
{
ret = mbedtls_psa_err_translate_pk( status );
@@ -598,7 +598,7 @@
goto cleanup;
}
- if( psa_verify_hash( key_handle, psa_sig_md,
+ if( psa_verify_hash( key_id, psa_sig_md,
hash, hash_len,
buf, 2 * signature_part_size )
!= PSA_SUCCESS )
@@ -615,7 +615,7 @@
ret = 0;
cleanup:
- psa_destroy_key( key_handle );
+ psa_destroy_key( key_id );
return( ret );
}
#else /* MBEDTLS_USE_PSA_CRYPTO */
@@ -870,7 +870,7 @@
static void *pk_opaque_alloc_wrap( void )
{
- void *ctx = mbedtls_calloc( 1, sizeof( psa_key_handle_t ) );
+ void *ctx = mbedtls_calloc( 1, sizeof( psa_key_id_t ) );
/* no _init() function to call, an calloc() already zeroized */
@@ -879,13 +879,13 @@
static void pk_opaque_free_wrap( void *ctx )
{
- mbedtls_platform_zeroize( ctx, sizeof( psa_key_handle_t ) );
+ mbedtls_platform_zeroize( ctx, sizeof( psa_key_id_t ) );
mbedtls_free( ctx );
}
static size_t pk_opaque_get_bitlen( const void *ctx )
{
- const psa_key_handle_t *key = (const psa_key_handle_t *) ctx;
+ const psa_key_id_t *key = (const psa_key_id_t *) ctx;
size_t bits;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@@ -1008,7 +1008,7 @@
((void) p_rng);
return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
#else /* !MBEDTLS_ECDSA_C */
- const psa_key_handle_t *key = (const psa_key_handle_t *) ctx;
+ const psa_key_id_t *key = (const psa_key_id_t *) ctx;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_algorithm_t alg = PSA_ALG_ECDSA( mbedtls_psa_translate_md( md_alg ) );
size_t buf_len;
diff --git a/library/pkwrite.c b/library/pkwrite.c
index b317ccf..0da3698 100644
--- a/library/pkwrite.c
+++ b/library/pkwrite.c
@@ -198,13 +198,13 @@
if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_OPAQUE )
{
size_t buffer_size;
- psa_key_handle_t* key_slot = (psa_key_handle_t*) key->pk_ctx;
+ psa_key_id_t* key_id = (psa_key_id_t*) key->pk_ctx;
if ( *p < start )
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
buffer_size = (size_t)( *p - start );
- if ( psa_export_public_key( *key_slot, start, buffer_size, &len )
+ if ( psa_export_public_key( *key_id, start, buffer_size, &len )
!= PSA_SUCCESS )
{
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
@@ -265,12 +265,12 @@
{
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_type_t key_type;
- psa_key_handle_t handle;
+ psa_key_id_t key_id;
psa_ecc_family_t curve;
size_t bits;
- handle = *((psa_key_handle_t*) key->pk_ctx );
- if( PSA_SUCCESS != psa_get_key_attributes( handle, &attributes ) )
+ key_id = *((psa_key_id_t*) key->pk_ctx );
+ if( PSA_SUCCESS != psa_get_key_attributes( key_id, &attributes ) )
return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
key_type = psa_get_key_type( &attributes );
bits = psa_get_key_bits( &attributes );
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 97b522d..235ab31 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1223,22 +1223,31 @@
return( PSA_SUCCESS );
}
-/** Retrieve a slot which must contain a key. The key must have allow all the
- * usage flags set in \p usage. If \p alg is nonzero, the key must allow
- * operations with this algorithm. */
-static psa_status_t psa_get_key_from_slot( psa_key_handle_t handle,
- psa_key_slot_t **p_slot,
- psa_key_usage_t usage,
- psa_algorithm_t alg )
+/** Get the description of a key given its identifier and policy constraints
+ * and lock it.
+ *
+ * The key must have allow all the usage flags set in \p usage. If \p alg is
+ * nonzero, the key must allow operations with this algorithm.
+ *
+ * In case of a persistent key, the function loads the description of the key
+ * into a key slot if not already done.
+ *
+ * On success, the returned key slot is locked. It is the responsibility of
+ * the caller to unlock the key slot when it does not access it anymore.
+ */
+static psa_status_t psa_get_and_lock_key_slot_with_policy(
+ mbedtls_svc_key_id_t key,
+ psa_key_slot_t **p_slot,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg )
{
- psa_status_t status;
- psa_key_slot_t *slot = NULL;
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_slot_t *slot;
- *p_slot = NULL;
-
- status = psa_get_key_slot( handle, &slot );
+ status = psa_get_and_lock_key_slot( key, p_slot );
if( status != PSA_SUCCESS )
return( status );
+ slot = *p_slot;
/* Enforce that usage policy for the key slot contains all the flags
* required by the usage parameter. There is one exception: public
@@ -1246,45 +1255,61 @@
* if they had the export flag. */
if( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->attr.type ) )
usage &= ~PSA_KEY_USAGE_EXPORT;
+
+ status = PSA_ERROR_NOT_PERMITTED;
if( ( slot->attr.policy.usage & usage ) != usage )
- return( PSA_ERROR_NOT_PERMITTED );
+ goto error;
/* Enforce that the usage policy permits the requested algortihm. */
if( alg != 0 && ! psa_key_policy_permits( &slot->attr.policy, alg ) )
- return( PSA_ERROR_NOT_PERMITTED );
+ goto error;
- *p_slot = slot;
return( PSA_SUCCESS );
+
+error:
+ *p_slot = NULL;
+ psa_unlock_key_slot( slot );
+
+ return( status );
}
-/** Retrieve a slot which must contain a transparent key.
+/** Get a key slot containing a transparent key and lock it.
*
* A transparent key is a key for which the key material is directly
* available, as opposed to a key in a secure element.
*
- * This is a temporary function to use instead of psa_get_key_from_slot()
- * until secure element support is fully implemented.
+ * This is a temporary function to use instead of
+ * psa_get_and_lock_key_slot_with_policy() until secure element support is
+ * fully implemented.
+ *
+ * On success, the returned key slot is locked. It is the responsibility of the
+ * caller to unlock the key slot when it does not access it anymore.
*/
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-static psa_status_t psa_get_transparent_key( psa_key_handle_t handle,
- psa_key_slot_t **p_slot,
- psa_key_usage_t usage,
- psa_algorithm_t alg )
+static psa_status_t psa_get_and_lock_transparent_key_slot_with_policy(
+ mbedtls_svc_key_id_t key,
+ psa_key_slot_t **p_slot,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg )
{
- psa_status_t status = psa_get_key_from_slot( handle, p_slot, usage, alg );
+ psa_status_t status = psa_get_and_lock_key_slot_with_policy( key, p_slot,
+ usage, alg );
if( status != PSA_SUCCESS )
return( status );
+
if( psa_key_slot_is_external( *p_slot ) )
{
+ psa_unlock_key_slot( *p_slot );
*p_slot = NULL;
return( PSA_ERROR_NOT_SUPPORTED );
}
+
return( PSA_SUCCESS );
}
#else /* MBEDTLS_PSA_CRYPTO_SE_C */
/* With no secure element support, all keys are transparent. */
-#define psa_get_transparent_key( handle, p_slot, usage, alg ) \
- psa_get_key_from_slot( handle, p_slot, usage, alg )
+#define psa_get_and_lock_transparent_key_slot_with_policy( key, p_slot, usage, alg ) \
+ psa_get_and_lock_key_slot_with_policy( key, p_slot, usage, alg )
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
/** Wipe key data from a slot. Preserve metadata such as the policy. */
@@ -1315,6 +1340,22 @@
psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot )
{
psa_status_t status = psa_remove_key_data_from_memory( slot );
+
+ /*
+ * As the return error code may not be handled in case of multiple errors,
+ * do our best to report an unexpected lock counter: if available
+ * call MBEDTLS_PARAM_FAILED that may terminate execution (if called as
+ * part of the execution of a test suite this will stop the test suite
+ * execution).
+ */
+ if( slot->lock_count != 1 )
+ {
+#ifdef MBEDTLS_CHECK_PARAMS
+ MBEDTLS_PARAM_FAILED( slot->lock_count == 1 );
+#endif
+ status = PSA_ERROR_CORRUPTION_DETECTED;
+ }
+
/* Multipart operations may still be using the key. This is safe
* because all multipart operation objects are independent from
* the key slot: if they need to access the key after the setup
@@ -1327,7 +1368,7 @@
return( status );
}
-psa_status_t psa_destroy_key( psa_key_handle_t handle )
+psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key )
{
psa_key_slot_t *slot;
psa_status_t status; /* status of the last operation */
@@ -1336,13 +1377,33 @@
psa_se_drv_table_entry_t *driver;
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
- if( handle == 0 )
+ if( mbedtls_svc_key_id_is_null( key ) )
return( PSA_SUCCESS );
- status = psa_get_key_slot( handle, &slot );
+ /*
+ * Get the description of the key in a key slot. In case of a persistent
+ * key, this will load the key description from persistent memory if not
+ * done yet. We cannot avoid this loading as without it we don't know if
+ * the key is operated by an SE or not and this information is needed by
+ * the current implementation.
+ */
+ status = psa_get_and_lock_key_slot( key, &slot );
if( status != PSA_SUCCESS )
return( status );
+ /*
+ * If the key slot containing the key description is under access by the
+ * library (apart from the present access), the key cannot be destroyed
+ * yet. For the time being, just return in error. Eventually (to be
+ * implemented), the key should be destroyed when all accesses have
+ * stopped.
+ */
+ if( slot->lock_count > 1 )
+ {
+ psa_unlock_key_slot( slot );
+ return( PSA_ERROR_GENERIC_ERROR );
+ }
+
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
driver = psa_get_se_driver_entry( slot->attr.lifetime );
if( driver != NULL )
@@ -1378,7 +1439,7 @@
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
- if( slot->attr.lifetime != PSA_KEY_LIFETIME_VOLATILE )
+ if( ! PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) )
{
status = psa_destroy_persistent_key( slot->attr.id );
if( overall_status == PSA_SUCCESS )
@@ -1508,15 +1569,16 @@
/** Retrieve all the publicly-accessible attributes of a key.
*/
-psa_status_t psa_get_key_attributes( psa_key_handle_t handle,
+psa_status_t psa_get_key_attributes( mbedtls_svc_key_id_t key,
psa_key_attributes_t *attributes )
{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot;
- psa_status_t status;
psa_reset_key_attributes( attributes );
- status = psa_get_key_from_slot( handle, &slot, 0, 0 );
+ status = psa_get_and_lock_key_slot_with_policy( key, &slot, 0, 0 );
if( status != PSA_SUCCESS )
return( status );
@@ -1568,7 +1630,10 @@
if( status != PSA_SUCCESS )
psa_reset_key_attributes( attributes );
- return( status );
+
+ unlock_status = psa_unlock_key_slot( slot );
+
+ return( ( status == PSA_SUCCESS ) ? unlock_status : status );
}
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
@@ -1727,13 +1792,14 @@
}
}
-psa_status_t psa_export_key( psa_key_handle_t handle,
+psa_status_t psa_export_key( mbedtls_svc_key_id_t key,
uint8_t *data,
size_t data_size,
size_t *data_length )
{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot;
- psa_status_t status;
/* Set the key to empty now, so that even when there are errors, we always
* set data_length to a value between 0 and data_size. On error, setting
@@ -1742,22 +1808,28 @@
*data_length = 0;
/* Export requires the EXPORT flag. There is an exception for public keys,
- * which don't require any flag, but psa_get_key_from_slot takes
- * care of this. */
- status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_EXPORT, 0 );
+ * which don't require any flag, but
+ * psa_get_and_lock_key_slot_with_policy() takes care of this.
+ */
+ status = psa_get_and_lock_key_slot_with_policy( key, &slot,
+ PSA_KEY_USAGE_EXPORT, 0 );
if( status != PSA_SUCCESS )
return( status );
- return( psa_internal_export_key( slot, data, data_size,
- data_length, 0 ) );
+
+ status = psa_internal_export_key( slot, data, data_size, data_length, 0 );
+ unlock_status = psa_unlock_key_slot( slot );
+
+ return( ( status == PSA_SUCCESS ) ? unlock_status : status );
}
-psa_status_t psa_export_public_key( psa_key_handle_t handle,
+psa_status_t psa_export_public_key( mbedtls_svc_key_id_t key,
uint8_t *data,
size_t data_size,
size_t *data_length )
{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot;
- psa_status_t status;
/* Set the key to empty now, so that even when there are errors, we always
* set data_length to a value between 0 and data_size. On error, setting
@@ -1766,11 +1838,14 @@
*data_length = 0;
/* Exporting a public key doesn't require a usage flag. */
- status = psa_get_key_from_slot( handle, &slot, 0, 0 );
+ status = psa_get_and_lock_key_slot_with_policy( key, &slot, 0, 0 );
if( status != PSA_SUCCESS )
return( status );
- return( psa_internal_export_key( slot, data, data_size,
- data_length, 1 ) );
+
+ status = psa_internal_export_key( slot, data, data_size, data_length, 1 );
+ unlock_status = psa_unlock_key_slot( slot );
+
+ return( ( status == PSA_SUCCESS ) ? unlock_status : status );
}
#if defined(static_assert)
@@ -1820,17 +1895,29 @@
psa_se_drv_table_entry_t **p_drv )
{
psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
+ psa_key_lifetime_t lifetime = psa_get_key_lifetime( attributes );
+ mbedtls_svc_key_id_t key = psa_get_key_id( attributes );
- status = psa_validate_key_location( psa_get_key_lifetime( attributes ),
- p_drv );
+ status = psa_validate_key_location( lifetime, p_drv );
if( status != PSA_SUCCESS )
return( status );
- status = psa_validate_key_persistence( psa_get_key_lifetime( attributes ),
- psa_get_key_id( attributes ) );
+ status = psa_validate_key_persistence( lifetime );
if( status != PSA_SUCCESS )
return( status );
+ if ( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
+ {
+ if( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key ) != 0 )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+ else
+ {
+ status = psa_validate_key_id( psa_get_key_id( attributes ), 0 );
+ if( status != PSA_SUCCESS )
+ return( status );
+ }
+
status = psa_validate_key_policy( &attributes->core.policy );
if( status != PSA_SUCCESS )
return( status );
@@ -1858,15 +1945,18 @@
*
* This function is intended to be used as follows:
* -# Call psa_start_key_creation() to allocate a key slot, prepare
- * it with the specified attributes, and assign it a handle.
+ * it with the specified attributes, and in case of a volatile key assign it
+ * a volatile key identifier.
* -# Populate the slot with the key material.
* -# Call psa_finish_key_creation() to finalize the creation of the slot.
* In case of failure at any step, stop the sequence and call
* psa_fail_key_creation().
*
+ * On success, the key slot is locked. It is the responsibility of the caller
+ * to unlock the key slot when it does not access it anymore.
+ *
* \param method An identification of the calling function.
* \param[in] attributes Key attributes for the new key.
- * \param[out] handle On success, a handle for the allocated slot.
* \param[out] p_slot On success, a pointer to the prepared slot.
* \param[out] p_drv On any return, the driver for the key, if any.
* NULL for a transparent key.
@@ -1879,11 +1969,11 @@
static psa_status_t psa_start_key_creation(
psa_key_creation_method_t method,
const psa_key_attributes_t *attributes,
- psa_key_handle_t *handle,
psa_key_slot_t **p_slot,
psa_se_drv_table_entry_t **p_drv )
{
psa_status_t status;
+ psa_key_id_t volatile_key_id;
psa_key_slot_t *slot;
(void) method;
@@ -1893,7 +1983,7 @@
if( status != PSA_SUCCESS )
return( status );
- status = psa_get_empty_key_slot( handle, p_slot );
+ status = psa_get_empty_key_slot( &volatile_key_id, p_slot );
if( status != PSA_SUCCESS )
return( status );
slot = *p_slot;
@@ -1902,9 +1992,19 @@
* creation mechanism to verify that this information is correct.
* It's automatically correct for mechanisms that use the bit-size as
* an input (generate, device) but not for those where the bit-size
- * is optional (import, copy). */
+ * is optional (import, copy). In case of a volatile key, assign it the
+ * volatile key identifier associated to the slot returned to contain its
+ * definition. */
slot->attr = attributes->core;
+ if( PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) )
+ {
+#if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+ slot->attr.id = volatile_key_id;
+#else
+ slot->attr.id.key_id = volatile_key_id;
+#endif
+ }
/* Erase external-only flags from the internal copy. To access
* external-only flags, query `attributes`. Thanks to the check
@@ -1960,7 +2060,7 @@
}
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
- return( status );
+ return( PSA_SUCCESS );
}
/** Finalize the creation of a key once its key material has been set.
@@ -1971,18 +2071,25 @@
* See the documentation of psa_start_key_creation() for the intended use
* of this function.
*
+ * If the finalization succeeds, the function unlocks the key slot (it was
+ * locked by psa_start_key_creation()) and the key slot cannot be accessed
+ * anymore as part of the key creation process.
+ *
* \param[in,out] slot Pointer to the slot with key material.
* \param[in] driver The secure element driver for the key,
* or NULL for a transparent key.
+ * \param[out] key On success, identifier of the key. Note that the
+ * key identifier is also stored in the key slot.
*
* \retval #PSA_SUCCESS
- * The key was successfully created. The handle is now valid.
+ * The key was successfully created.
* \return If this function fails, the key slot is an invalid state.
* You must call psa_fail_key_creation() to wipe and free the slot.
*/
static psa_status_t psa_finish_key_creation(
psa_key_slot_t *slot,
- psa_se_drv_table_entry_t *driver )
+ psa_se_drv_table_entry_t *driver,
+ mbedtls_svc_key_id_t *key)
{
psa_status_t status = PSA_SUCCESS;
(void) slot;
@@ -2034,11 +2141,17 @@
return( status );
}
status = psa_crypto_stop_transaction( );
- if( status != PSA_SUCCESS )
- return( status );
}
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+ if( status == PSA_SUCCESS )
+ {
+ *key = slot->attr.id;
+ status = psa_unlock_key_slot( slot );
+ if( status != PSA_SUCCESS )
+ *key = MBEDTLS_SVC_KEY_ID_INIT;
+ }
+
return( status );
}
@@ -2160,12 +2273,14 @@
psa_status_t psa_import_key( const psa_key_attributes_t *attributes,
const uint8_t *data,
size_t data_length,
- psa_key_handle_t *handle )
+ mbedtls_svc_key_id_t *key )
{
psa_status_t status;
psa_key_slot_t *slot = NULL;
psa_se_drv_table_entry_t *driver = NULL;
+ *key = MBEDTLS_SVC_KEY_ID_INIT;
+
/* Reject zero-length symmetric keys (including raw data key objects).
* This also rejects any key which might be encoded as an empty string,
* which is never valid. */
@@ -2173,7 +2288,7 @@
return( PSA_ERROR_INVALID_ARGUMENT );
status = psa_start_key_creation( PSA_KEY_CREATION_IMPORT, attributes,
- handle, &slot, &driver );
+ &slot, &driver );
if( status != PSA_SUCCESS )
goto exit;
@@ -2214,13 +2329,11 @@
if( status != PSA_SUCCESS )
goto exit;
- status = psa_finish_key_creation( slot, driver );
+ status = psa_finish_key_creation( slot, driver, key );
exit:
if( status != PSA_SUCCESS )
- {
psa_fail_key_creation( slot, driver );
- *handle = 0;
- }
+
return( status );
}
@@ -2231,7 +2344,7 @@
psa_status_t status;
psa_key_slot_t *slot = NULL;
psa_se_drv_table_entry_t *driver = NULL;
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
/* Leaving attributes unspecified is not currently supported.
* It could make sense to query the key type and size from the
@@ -2243,19 +2356,18 @@
return( PSA_ERROR_NOT_SUPPORTED );
status = psa_start_key_creation( PSA_KEY_CREATION_REGISTER, attributes,
- &handle, &slot, &driver );
+ &slot, &driver );
if( status != PSA_SUCCESS )
goto exit;
- status = psa_finish_key_creation( slot, driver );
+ status = psa_finish_key_creation( slot, driver, &key );
exit:
if( status != PSA_SUCCESS )
- {
psa_fail_key_creation( slot, driver );
- }
+
/* Registration doesn't keep the key in RAM. */
- psa_close_key( handle );
+ psa_close_key( key );
return( status );
}
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
@@ -2275,18 +2387,21 @@
return( PSA_SUCCESS );
}
-psa_status_t psa_copy_key( psa_key_handle_t source_handle,
+psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key,
const psa_key_attributes_t *specified_attributes,
- psa_key_handle_t *target_handle )
+ mbedtls_svc_key_id_t *target_key )
{
- psa_status_t status;
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *source_slot = NULL;
psa_key_slot_t *target_slot = NULL;
psa_key_attributes_t actual_attributes = *specified_attributes;
psa_se_drv_table_entry_t *driver = NULL;
- status = psa_get_transparent_key( source_handle, &source_slot,
- PSA_KEY_USAGE_COPY, 0 );
+ *target_key = MBEDTLS_SVC_KEY_ID_INIT;
+
+ status = psa_get_and_lock_transparent_key_slot_with_policy(
+ source_key, &source_slot, PSA_KEY_USAGE_COPY, 0 );
if( status != PSA_SUCCESS )
goto exit;
@@ -2300,9 +2415,8 @@
if( status != PSA_SUCCESS )
goto exit;
- status = psa_start_key_creation( PSA_KEY_CREATION_COPY,
- &actual_attributes,
- target_handle, &target_slot, &driver );
+ status = psa_start_key_creation( PSA_KEY_CREATION_COPY, &actual_attributes,
+ &target_slot, &driver );
if( status != PSA_SUCCESS )
goto exit;
@@ -2319,14 +2433,14 @@
if( status != PSA_SUCCESS )
goto exit;
- status = psa_finish_key_creation( target_slot, driver );
+ status = psa_finish_key_creation( target_slot, driver, target_key );
exit:
if( status != PSA_SUCCESS )
- {
psa_fail_key_creation( target_slot, driver );
- *target_handle = 0;
- }
- return( status );
+
+ unlock_status = psa_unlock_key_slot( source_slot );
+
+ return( ( status == PSA_SUCCESS ) ? unlock_status : status );
}
@@ -3114,11 +3228,12 @@
#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
static psa_status_t psa_mac_setup( psa_mac_operation_t *operation,
- psa_key_handle_t handle,
+ mbedtls_svc_key_id_t key,
psa_algorithm_t alg,
int is_sign )
{
- psa_status_t status;
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot;
size_t key_bits;
psa_key_usage_t usage =
@@ -3138,7 +3253,8 @@
if( is_sign )
operation->is_sign = 1;
- status = psa_get_transparent_key( handle, &slot, usage, alg );
+ status = psa_get_and_lock_transparent_key_slot_with_policy(
+ key, &slot, usage, alg );
if( status != PSA_SUCCESS )
goto exit;
key_bits = psa_get_key_slot_bits( slot );
@@ -3227,21 +3343,24 @@
{
operation->key_set = 1;
}
- return( status );
+
+ unlock_status = psa_unlock_key_slot( slot );
+
+ return( ( status == PSA_SUCCESS ) ? unlock_status : status );
}
psa_status_t psa_mac_sign_setup( psa_mac_operation_t *operation,
- psa_key_handle_t handle,
+ mbedtls_svc_key_id_t key,
psa_algorithm_t alg )
{
- return( psa_mac_setup( operation, handle, alg, 1 ) );
+ return( psa_mac_setup( operation, key, alg, 1 ) );
}
psa_status_t psa_mac_verify_setup( psa_mac_operation_t *operation,
- psa_key_handle_t handle,
+ mbedtls_svc_key_id_t key,
psa_algorithm_t alg )
{
- return( psa_mac_setup( operation, handle, alg, 0 ) );
+ return( psa_mac_setup( operation, key, alg, 0 ) );
}
psa_status_t psa_mac_update( psa_mac_operation_t *operation,
@@ -3720,7 +3839,7 @@
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
* defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
-psa_status_t psa_sign_hash( psa_key_handle_t handle,
+psa_status_t psa_sign_hash( mbedtls_svc_key_id_t key,
psa_algorithm_t alg,
const uint8_t *hash,
size_t hash_length,
@@ -3728,8 +3847,9 @@
size_t signature_size,
size_t *signature_length )
{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot;
- psa_status_t status;
*signature_length = signature_size;
/* Immediately reject a zero-length signature buffer. This guarantees
@@ -3739,7 +3859,9 @@
if( signature_size == 0 )
return( PSA_ERROR_BUFFER_TOO_SMALL );
- status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_SIGN_HASH, alg );
+ status = psa_get_and_lock_key_slot_with_policy( key, &slot,
+ PSA_KEY_USAGE_SIGN_HASH,
+ alg );
if( status != PSA_SUCCESS )
goto exit;
if( ! PSA_KEY_TYPE_IS_KEY_PAIR( slot->attr.type ) )
@@ -3837,20 +3959,26 @@
memset( signature, '!', signature_size );
/* If signature_size is 0 then we have nothing to do. We must not call
* memset because signature may be NULL in this case. */
- return( status );
+
+ unlock_status = psa_unlock_key_slot( slot );
+
+ return( ( status == PSA_SUCCESS ) ? unlock_status : status );
}
-psa_status_t psa_verify_hash( psa_key_handle_t handle,
+psa_status_t psa_verify_hash( mbedtls_svc_key_id_t key,
psa_algorithm_t alg,
const uint8_t *hash,
size_t hash_length,
const uint8_t *signature,
size_t signature_length )
{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot;
- psa_status_t status;
- status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_VERIFY_HASH, alg );
+ status = psa_get_and_lock_key_slot_with_policy( key, &slot,
+ PSA_KEY_USAGE_VERIFY_HASH,
+ alg );
if( status != PSA_SUCCESS )
return( status );
@@ -3863,7 +3991,7 @@
signature_length );
if( status != PSA_ERROR_NOT_SUPPORTED ||
psa_key_lifetime_is_external( slot->attr.lifetime ) )
- return status;
+ goto exit;
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
@@ -3876,7 +4004,7 @@
slot->data.key.bytes,
&rsa );
if( status != PSA_SUCCESS )
- return( status );
+ goto exit;
status = psa_rsa_verify( rsa,
alg,
@@ -3884,7 +4012,7 @@
signature, signature_length );
mbedtls_rsa_free( rsa );
mbedtls_free( rsa );
- return( status );
+ goto exit;
}
else
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
@@ -3901,25 +4029,31 @@
slot->data.key.bytes,
&ecp );
if( status != PSA_SUCCESS )
- return( status );
+ goto exit;
status = psa_ecdsa_verify( ecp,
hash, hash_length,
signature, signature_length );
mbedtls_ecp_keypair_free( ecp );
mbedtls_free( ecp );
- return( status );
+ goto exit;
}
else
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
* defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
{
- return( PSA_ERROR_INVALID_ARGUMENT );
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto exit;
}
}
else
{
- return( PSA_ERROR_NOT_SUPPORTED );
+ status = PSA_ERROR_NOT_SUPPORTED;
}
+
+exit:
+ unlock_status = psa_unlock_key_slot( slot );
+
+ return( ( status == PSA_SUCCESS ) ? unlock_status : status );
}
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
@@ -3933,7 +4067,7 @@
}
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */
-psa_status_t psa_asymmetric_encrypt( psa_key_handle_t handle,
+psa_status_t psa_asymmetric_encrypt( mbedtls_svc_key_id_t key,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
@@ -3943,8 +4077,9 @@
size_t output_size,
size_t *output_length )
{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot;
- psa_status_t status;
(void) input;
(void) input_length;
@@ -3957,12 +4092,16 @@
if( ! PSA_ALG_IS_RSA_OAEP( alg ) && salt_length != 0 )
return( PSA_ERROR_INVALID_ARGUMENT );
- status = psa_get_transparent_key( handle, &slot, PSA_KEY_USAGE_ENCRYPT, alg );
+ status = psa_get_and_lock_transparent_key_slot_with_policy(
+ key, &slot, PSA_KEY_USAGE_ENCRYPT, alg );
if( status != PSA_SUCCESS )
return( status );
if( ! ( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->attr.type ) ||
PSA_KEY_TYPE_IS_KEY_PAIR( slot->attr.type ) ) )
- return( PSA_ERROR_INVALID_ARGUMENT );
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto exit;
+ }
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
@@ -4021,17 +4160,21 @@
mbedtls_rsa_free( rsa );
mbedtls_free( rsa );
- return( status );
}
else
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */
{
- return( PSA_ERROR_NOT_SUPPORTED );
+ status = PSA_ERROR_NOT_SUPPORTED;
}
+
+exit:
+ unlock_status = psa_unlock_key_slot( slot );
+
+ return( ( status == PSA_SUCCESS ) ? unlock_status : status );
}
-psa_status_t psa_asymmetric_decrypt( psa_key_handle_t handle,
+psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
@@ -4041,8 +4184,9 @@
size_t output_size,
size_t *output_length )
{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot;
- psa_status_t status;
(void) input;
(void) input_length;
@@ -4055,11 +4199,15 @@
if( ! PSA_ALG_IS_RSA_OAEP( alg ) && salt_length != 0 )
return( PSA_ERROR_INVALID_ARGUMENT );
- status = psa_get_transparent_key( handle, &slot, PSA_KEY_USAGE_DECRYPT, alg );
+ status = psa_get_and_lock_transparent_key_slot_with_policy(
+ key, &slot, PSA_KEY_USAGE_DECRYPT, alg );
if( status != PSA_SUCCESS )
return( status );
if( ! PSA_KEY_TYPE_IS_KEY_PAIR( slot->attr.type ) )
- return( PSA_ERROR_INVALID_ARGUMENT );
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto exit;
+ }
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
@@ -4071,7 +4219,7 @@
slot->data.key.bytes,
&rsa );
if( status != PSA_SUCCESS )
- return( status );
+ goto exit;
if( input_length != mbedtls_rsa_get_len( rsa ) )
{
@@ -4118,14 +4266,18 @@
rsa_exit:
mbedtls_rsa_free( rsa );
mbedtls_free( rsa );
- return( status );
}
else
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */
{
- return( PSA_ERROR_NOT_SUPPORTED );
+ status = PSA_ERROR_NOT_SUPPORTED;
}
+
+exit:
+ unlock_status = psa_unlock_key_slot( slot );
+
+ return( ( status == PSA_SUCCESS ) ? unlock_status : status );
}
@@ -4135,12 +4287,13 @@
/****************************************************************/
static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
- psa_key_handle_t handle,
+ mbedtls_svc_key_id_t key,
psa_algorithm_t alg,
mbedtls_operation_t cipher_operation )
{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
int ret = 0;
- psa_status_t status = PSA_ERROR_GENERIC_ERROR;
psa_key_slot_t *slot;
size_t key_bits;
const mbedtls_cipher_info_t *cipher_info = NULL;
@@ -4157,7 +4310,7 @@
return( PSA_ERROR_INVALID_ARGUMENT );
/* Fetch key material from key storage. */
- status = psa_get_key_from_slot( handle, &slot, usage, alg );
+ status = psa_get_and_lock_key_slot_with_policy( key, &slot, usage, alg );
if( status != PSA_SUCCESS )
goto exit;
@@ -4284,21 +4437,24 @@
}
else
psa_cipher_abort( operation );
- return( status );
+
+ unlock_status = psa_unlock_key_slot( slot );
+
+ return( ( status == PSA_SUCCESS ) ? unlock_status : status );
}
psa_status_t psa_cipher_encrypt_setup( psa_cipher_operation_t *operation,
- psa_key_handle_t handle,
+ mbedtls_svc_key_id_t key,
psa_algorithm_t alg )
{
- return( psa_cipher_setup( operation, handle, alg, MBEDTLS_ENCRYPT ) );
+ return( psa_cipher_setup( operation, key, alg, MBEDTLS_ENCRYPT ) );
}
psa_status_t psa_cipher_decrypt_setup( psa_cipher_operation_t *operation,
- psa_key_handle_t handle,
+ mbedtls_svc_key_id_t key,
psa_algorithm_t alg )
{
- return( psa_cipher_setup( operation, handle, alg, MBEDTLS_DECRYPT ) );
+ return( psa_cipher_setup( operation, key, alg, MBEDTLS_DECRYPT ) );
}
psa_status_t psa_cipher_generate_iv( psa_cipher_operation_t *operation,
@@ -4650,6 +4806,7 @@
const mbedtls_cipher_info_t *cipher_info;
union
{
+ unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
#if defined(MBEDTLS_CCM_C)
mbedtls_ccm_context ccm;
#endif /* MBEDTLS_CCM_C */
@@ -4665,6 +4822,8 @@
uint8_t tag_length;
} aead_operation_t;
+#define AEAD_OPERATION_INIT {0, 0, {0}, 0, 0, 0}
+
static void psa_aead_abort_internal( aead_operation_t *operation )
{
switch( operation->core_alg )
@@ -4680,10 +4839,12 @@
break;
#endif /* MBEDTLS_GCM_C */
}
+
+ psa_unlock_key_slot( operation->slot );
}
static psa_status_t psa_aead_setup( aead_operation_t *operation,
- psa_key_handle_t handle,
+ mbedtls_svc_key_id_t key,
psa_key_usage_t usage,
psa_algorithm_t alg )
{
@@ -4691,7 +4852,8 @@
size_t key_bits;
mbedtls_cipher_id_t cipher_id;
- status = psa_get_transparent_key( handle, &operation->slot, usage, alg );
+ status = psa_get_and_lock_transparent_key_slot_with_policy(
+ key, &operation->slot, usage, alg );
if( status != PSA_SUCCESS )
return( status );
@@ -4701,7 +4863,10 @@
mbedtls_cipher_info_from_psa( alg, operation->slot->attr.type, key_bits,
&cipher_id );
if( operation->cipher_info == NULL )
- return( PSA_ERROR_NOT_SUPPORTED );
+ {
+ status = PSA_ERROR_NOT_SUPPORTED;
+ goto cleanup;
+ }
switch( PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, 0 ) )
{
@@ -4713,7 +4878,10 @@
* The call to mbedtls_ccm_encrypt_and_tag or
* mbedtls_ccm_auth_decrypt will validate the tag length. */
if( PSA_BLOCK_CIPHER_BLOCK_SIZE( operation->slot->attr.type ) != 16 )
- return( PSA_ERROR_INVALID_ARGUMENT );
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto cleanup;
+ }
mbedtls_ccm_init( &operation->ctx.ccm );
status = mbedtls_to_psa_error(
mbedtls_ccm_setkey( &operation->ctx.ccm, cipher_id,
@@ -4732,7 +4900,10 @@
* The call to mbedtls_gcm_crypt_and_tag or
* mbedtls_gcm_auth_decrypt will validate the tag length. */
if( PSA_BLOCK_CIPHER_BLOCK_SIZE( operation->slot->attr.type ) != 16 )
- return( PSA_ERROR_INVALID_ARGUMENT );
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto cleanup;
+ }
mbedtls_gcm_init( &operation->ctx.gcm );
status = mbedtls_to_psa_error(
mbedtls_gcm_setkey( &operation->ctx.gcm, cipher_id,
@@ -4749,7 +4920,10 @@
operation->full_tag_length = 16;
/* We only support the default tag length. */
if( alg != PSA_ALG_CHACHA20_POLY1305 )
- return( PSA_ERROR_NOT_SUPPORTED );
+ {
+ status = PSA_ERROR_NOT_SUPPORTED;
+ goto cleanup;
+ }
mbedtls_chachapoly_init( &operation->ctx.chachapoly );
status = mbedtls_to_psa_error(
mbedtls_chachapoly_setkey( &operation->ctx.chachapoly,
@@ -4760,7 +4934,8 @@
#endif /* MBEDTLS_CHACHAPOLY_C */
default:
- return( PSA_ERROR_NOT_SUPPORTED );
+ status = PSA_ERROR_NOT_SUPPORTED;
+ goto cleanup;
}
if( PSA_AEAD_TAG_LENGTH( alg ) > operation->full_tag_length )
@@ -4777,7 +4952,7 @@
return( status );
}
-psa_status_t psa_aead_encrypt( psa_key_handle_t handle,
+psa_status_t psa_aead_encrypt( mbedtls_svc_key_id_t key,
psa_algorithm_t alg,
const uint8_t *nonce,
size_t nonce_length,
@@ -4790,12 +4965,12 @@
size_t *ciphertext_length )
{
psa_status_t status;
- aead_operation_t operation;
+ aead_operation_t operation = AEAD_OPERATION_INIT;
uint8_t *tag;
*ciphertext_length = 0;
- status = psa_aead_setup( &operation, handle, PSA_KEY_USAGE_ENCRYPT, alg );
+ status = psa_aead_setup( &operation, key, PSA_KEY_USAGE_ENCRYPT, alg );
if( status != PSA_SUCCESS )
return( status );
@@ -4891,7 +5066,7 @@
return( PSA_SUCCESS );
}
-psa_status_t psa_aead_decrypt( psa_key_handle_t handle,
+psa_status_t psa_aead_decrypt( mbedtls_svc_key_id_t key,
psa_algorithm_t alg,
const uint8_t *nonce,
size_t nonce_length,
@@ -4904,12 +5079,12 @@
size_t *plaintext_length )
{
psa_status_t status;
- aead_operation_t operation;
+ aead_operation_t operation = AEAD_OPERATION_INIT;
const uint8_t *tag = NULL;
*plaintext_length = 0;
- status = psa_aead_setup( &operation, handle, PSA_KEY_USAGE_DECRYPT, alg );
+ status = psa_aead_setup( &operation, key, PSA_KEY_USAGE_DECRYPT, alg );
if( status != PSA_SUCCESS )
return( status );
@@ -5426,12 +5601,14 @@
psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attributes,
psa_key_derivation_operation_t *operation,
- psa_key_handle_t *handle )
+ mbedtls_svc_key_id_t *key )
{
psa_status_t status;
psa_key_slot_t *slot = NULL;
psa_se_drv_table_entry_t *driver = NULL;
+ *key = MBEDTLS_SVC_KEY_ID_INIT;
+
/* Reject any attempt to create a zero-length key so that we don't
* risk tripping up later, e.g. on a malloc(0) that returns NULL. */
if( psa_get_key_bits( attributes ) == 0 )
@@ -5440,8 +5617,8 @@
if( ! operation->can_output_key )
return( PSA_ERROR_NOT_PERMITTED );
- status = psa_start_key_creation( PSA_KEY_CREATION_DERIVE,
- attributes, handle, &slot, &driver );
+ status = psa_start_key_creation( PSA_KEY_CREATION_DERIVE, attributes,
+ &slot, &driver );
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
if( driver != NULL )
{
@@ -5456,12 +5633,10 @@
operation );
}
if( status == PSA_SUCCESS )
- status = psa_finish_key_creation( slot, driver );
+ status = psa_finish_key_creation( slot, driver, key );
if( status != PSA_SUCCESS )
- {
psa_fail_key_creation( slot, driver );
- *handle = 0;
- }
+
return( status );
}
@@ -5854,14 +6029,14 @@
psa_status_t psa_key_derivation_input_key(
psa_key_derivation_operation_t *operation,
psa_key_derivation_step_t step,
- psa_key_handle_t handle )
+ mbedtls_svc_key_id_t key )
{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot;
- psa_status_t status;
- status = psa_get_transparent_key( handle, &slot,
- PSA_KEY_USAGE_DERIVE,
- operation->alg );
+ status = psa_get_and_lock_transparent_key_slot_with_policy(
+ key, &slot, PSA_KEY_USAGE_DERIVE, operation->alg );
if( status != PSA_SUCCESS )
{
psa_key_derivation_abort( operation );
@@ -5873,10 +6048,14 @@
if( step == PSA_KEY_DERIVATION_INPUT_SECRET )
operation->can_output_key = 1;
- return( psa_key_derivation_input_internal( operation,
- step, slot->attr.type,
- slot->data.key.data,
- slot->data.key.bytes ) );
+ status = psa_key_derivation_input_internal( operation,
+ step, slot->attr.type,
+ slot->data.key.data,
+ slot->data.key.bytes );
+
+ unlock_status = psa_unlock_key_slot( slot );
+
+ return( ( status == PSA_SUCCESS ) ? unlock_status : status );
}
@@ -6020,16 +6199,18 @@
psa_status_t psa_key_derivation_key_agreement( psa_key_derivation_operation_t *operation,
psa_key_derivation_step_t step,
- psa_key_handle_t private_key,
+ mbedtls_svc_key_id_t private_key,
const uint8_t *peer_key,
size_t peer_key_length )
{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_slot_t *slot;
- psa_status_t status;
+
if( ! PSA_ALG_IS_KEY_AGREEMENT( operation->alg ) )
return( PSA_ERROR_INVALID_ARGUMENT );
- status = psa_get_transparent_key( private_key, &slot,
- PSA_KEY_USAGE_DERIVE, operation->alg );
+ status = psa_get_and_lock_transparent_key_slot_with_policy(
+ private_key, &slot, PSA_KEY_USAGE_DERIVE, operation->alg );
if( status != PSA_SUCCESS )
return( status );
status = psa_key_agreement_internal( operation, step,
@@ -6044,27 +6225,31 @@
if( step == PSA_KEY_DERIVATION_INPUT_SECRET )
operation->can_output_key = 1;
}
- return( status );
+
+ unlock_status = psa_unlock_key_slot( slot );
+
+ return( ( status == PSA_SUCCESS ) ? unlock_status : status );
}
psa_status_t psa_raw_key_agreement( psa_algorithm_t alg,
- psa_key_handle_t private_key,
+ mbedtls_svc_key_id_t private_key,
const uint8_t *peer_key,
size_t peer_key_length,
uint8_t *output,
size_t output_size,
size_t *output_length )
{
- psa_key_slot_t *slot;
- psa_status_t status;
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_slot_t *slot = NULL;
if( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) )
{
status = PSA_ERROR_INVALID_ARGUMENT;
goto exit;
}
- status = psa_get_transparent_key( private_key, &slot,
- PSA_KEY_USAGE_DERIVE, alg );
+ status = psa_get_and_lock_transparent_key_slot_with_policy(
+ private_key, &slot, PSA_KEY_USAGE_DERIVE, alg );
if( status != PSA_SUCCESS )
goto exit;
@@ -6086,7 +6271,10 @@
psa_generate_random( output, output_size );
*output_length = output_size;
}
- return( status );
+
+ unlock_status = psa_unlock_key_slot( slot );
+
+ return( ( status == PSA_SUCCESS ) ? unlock_status : status );
}
@@ -6301,19 +6489,21 @@
}
psa_status_t psa_generate_key( const psa_key_attributes_t *attributes,
- psa_key_handle_t *handle )
+ mbedtls_svc_key_id_t *key )
{
psa_status_t status;
psa_key_slot_t *slot = NULL;
psa_se_drv_table_entry_t *driver = NULL;
+ *key = MBEDTLS_SVC_KEY_ID_INIT;
+
/* Reject any attempt to create a zero-length key so that we don't
* risk tripping up later, e.g. on a malloc(0) that returns NULL. */
if( psa_get_key_bits( attributes ) == 0 )
return( PSA_ERROR_INVALID_ARGUMENT );
- status = psa_start_key_creation( PSA_KEY_CREATION_GENERATE,
- attributes, handle, &slot, &driver );
+ status = psa_start_key_creation( PSA_KEY_CREATION_GENERATE, attributes,
+ &slot, &driver );
if( status != PSA_SUCCESS )
goto exit;
@@ -6329,12 +6519,10 @@
exit:
if( status == PSA_SUCCESS )
- status = psa_finish_key_creation( slot, driver );
+ status = psa_finish_key_creation( slot, driver, key );
if( status != PSA_SUCCESS )
- {
psa_fail_key_creation( slot, driver );
- *handle = 0;
- }
+
return( status );
}
diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h
index 8d1f1bb..f61ef95 100644
--- a/library/psa_crypto_core.h
+++ b/library/psa_crypto_core.h
@@ -36,6 +36,32 @@
typedef struct
{
psa_core_key_attributes_t attr;
+
+ /*
+ * Number of locks on the key slot held by the library.
+ *
+ * This counter is incremented by one each time a library function
+ * retrieves through one of the dedicated internal API a pointer to the
+ * key slot.
+ *
+ * This counter is decremented by one each time a library function stops
+ * accessing the key slot and states it by calling the
+ * psa_unlock_key_slot() API.
+ *
+ * This counter is used to prevent resetting the key slot while the library
+ * may access it. For example, such control is needed in the following
+ * scenarios:
+ * . In case of key slot starvation, all key slots contain the description
+ * of a key, and the library asks for the description of a persistent
+ * key not present in the key slots, the key slots currently accessed by
+ * the library cannot be reclaimed to free a key slot to load the
+ * persistent key.
+ * . In case of a multi-threaded application where one thread asks to close
+ * or purge or destroy a key while it is in used by the library through
+ * another thread.
+ */
+ size_t lock_count;
+
union
{
/* Dynamically allocated key data buffer.
@@ -74,6 +100,19 @@
return( slot->attr.type != 0 );
}
+/** Test whether a key slot is locked.
+ *
+ * A key slot is locked iff its lock counter is strictly greater than 0.
+ *
+ * \param[in] slot The key slot to test.
+ *
+ * \return 1 if the slot is locked, 0 otherwise.
+ */
+static inline int psa_is_key_slot_locked( const psa_key_slot_t *slot )
+{
+ return( slot->lock_count > 0 );
+}
+
/** Retrieve flags from psa_key_slot_t::attr::core::flags.
*
* \param[in] slot The key slot to query.
@@ -130,10 +169,10 @@
*
* \param[in,out] slot The key slot to wipe.
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
* Success. This includes the case of a key slot that was
* already fully wiped.
- * \retval PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
*/
psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot );
diff --git a/library/psa_crypto_invasive.h b/library/psa_crypto_invasive.h
index c609c77..2b4ee1f 100644
--- a/library/psa_crypto_invasive.h
+++ b/library/psa_crypto_invasive.h
@@ -62,12 +62,12 @@
* It is called by mbedtls_psa_crypto_free().
* By default this is mbedtls_entropy_free().
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
* Success.
- * \retval PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_NOT_PERMITTED
* The caller does not have the permission to configure
* entropy sources.
- * \retval PSA_ERROR_BAD_STATE
+ * \retval #PSA_ERROR_BAD_STATE
* The library has already been initialized.
*/
psa_status_t mbedtls_psa_crypto_configure_entropy_sources(
diff --git a/library/psa_crypto_its.h b/library/psa_crypto_its.h
index b671d63..11703a0 100644
--- a/library/psa_crypto_its.h
+++ b/library/psa_crypto_its.h
@@ -72,12 +72,12 @@
*
* \return A status indicating the success/failure of the operation
*
- * \retval PSA_SUCCESS The operation completed successfully
- * \retval PSA_ERROR_NOT_PERMITTED The operation failed because the provided `uid` value was already created with PSA_STORAGE_WRITE_ONCE_FLAG
- * \retval PSA_ERROR_NOT_SUPPORTED The operation failed because one or more of the flags provided in `create_flags` is not supported or is not valid
- * \retval PSA_ERROR_INSUFFICIENT_STORAGE The operation failed because there was insufficient space on the storage medium
- * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
- * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_data`)
+ * \retval #PSA_SUCCESS The operation completed successfully
+ * \retval #PSA_ERROR_NOT_PERMITTED The operation failed because the provided `uid` value was already created with PSA_STORAGE_WRITE_ONCE_FLAG
+ * \retval #PSA_ERROR_NOT_SUPPORTED The operation failed because one or more of the flags provided in `create_flags` is not supported or is not valid
+ * \retval #PSA_ERROR_INSUFFICIENT_STORAGE The operation failed because there was insufficient space on the storage medium
+ * \retval #PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
+ * \retval #PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_data`)
* is invalid, for example is `NULL` or references memory the caller cannot access
*/
psa_status_t psa_its_set(psa_storage_uid_t uid,
@@ -97,11 +97,11 @@
*
* \return A status indicating the success/failure of the operation
*
- * \retval PSA_SUCCESS The operation completed successfully
- * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided `uid` value was not found in the storage
- * \retval PSA_ERROR_INVALID_SIZE The operation failed because the data associated with provided uid is larger than `data_size`
- * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
- * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_data`, `p_data_length`)
+ * \retval #PSA_SUCCESS The operation completed successfully
+ * \retval #PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided `uid` value was not found in the storage
+ * \retval #PSA_ERROR_INVALID_SIZE The operation failed because the data associated with provided uid is larger than `data_size`
+ * \retval #PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
+ * \retval #PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_data`, `p_data_length`)
* is invalid. For example is `NULL` or references memory the caller cannot access.
* In addition, this can also happen if an invalid offset was provided.
*/
@@ -119,10 +119,10 @@
*
* \return A status indicating the success/failure of the operation
*
- * \retval PSA_SUCCESS The operation completed successfully
- * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided uid value was not found in the storage
- * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
- * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_info`)
+ * \retval #PSA_SUCCESS The operation completed successfully
+ * \retval #PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided uid value was not found in the storage
+ * \retval #PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
+ * \retval #PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the provided pointers(`p_info`)
* is invalid, for example is `NULL` or references memory the caller cannot access
*/
psa_status_t psa_its_get_info(psa_storage_uid_t uid,
@@ -135,10 +135,10 @@
*
* \return A status indicating the success/failure of the operation
*
- * \retval PSA_SUCCESS The operation completed successfully
- * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided key value was not found in the storage
- * \retval PSA_ERROR_NOT_PERMITTED The operation failed because the provided key value was created with PSA_STORAGE_WRITE_ONCE_FLAG
- * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
+ * \retval #PSA_SUCCESS The operation completed successfully
+ * \retval #PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided key value was not found in the storage
+ * \retval #PSA_ERROR_NOT_PERMITTED The operation failed because the provided key value was created with PSA_STORAGE_WRITE_ONCE_FLAG
+ * \retval #PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error)
*/
psa_status_t psa_its_remove(psa_storage_uid_t uid);
diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index 5140772..4c4ad03 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -51,30 +51,101 @@
static psa_global_data_t global_data;
-/* Access a key slot at the given handle. The handle of a key slot is
- * the index of the slot in the global slot array, plus one so that handles
- * start at 1 and not 0. */
-psa_status_t psa_get_key_slot( psa_key_handle_t handle,
- psa_key_slot_t **p_slot )
+psa_status_t psa_validate_key_id(
+ mbedtls_svc_key_id_t key, int vendor_ok )
{
+ psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key );
+
+ if( ( PSA_KEY_ID_USER_MIN <= key_id ) &&
+ ( key_id <= PSA_KEY_ID_USER_MAX ) )
+ return( PSA_SUCCESS );
+
+ if( vendor_ok &&
+ ( PSA_KEY_ID_VENDOR_MIN <= key_id ) &&
+ ( key_id <= PSA_KEY_ID_VENDOR_MAX ) )
+ return( PSA_SUCCESS );
+
+ return( PSA_ERROR_INVALID_HANDLE );
+}
+
+/** Get the description in memory of a key given its identifier and lock it.
+ *
+ * The descriptions of volatile keys and loaded persistent keys are
+ * stored in key slots. This function returns a pointer to the key slot
+ * containing the description of a key given its identifier.
+ *
+ * The function searches the key slots containing the description of the key
+ * with \p key identifier. The function does only read accesses to the key
+ * slots. The function does not load any persistent key thus does not access
+ * any storage.
+ *
+ * For volatile key identifiers, only one key slot is queried as a volatile
+ * key with identifier key_id can only be stored in slot of index
+ * ( key_id - #PSA_KEY_ID_VOLATILE_MIN ).
+ *
+ * On success, the function locks the key slot. It is the responsibility of
+ * the caller to unlock the key slot when it does not access it anymore.
+ *
+ * \param key Key identifier to query.
+ * \param[out] p_slot On success, `*p_slot` contains a pointer to the
+ * key slot containing the description of the key
+ * identified by \p key.
+ *
+ * \retval #PSA_SUCCESS
+ * The pointer to the key slot containing the description of the key
+ * identified by \p key was returned.
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ * \p key is not a valid key identifier.
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
+ * There is no key with key identifier \p key in the key slots.
+ */
+static psa_status_t psa_get_and_lock_key_slot_in_memory(
+ mbedtls_svc_key_id_t key, psa_key_slot_t **p_slot )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key );
+ size_t slot_idx;
psa_key_slot_t *slot = NULL;
- if( ! global_data.key_slots_initialized )
- return( PSA_ERROR_BAD_STATE );
+ if( psa_key_id_is_volatile( key_id ) )
+ {
+ slot = &global_data.key_slots[ key_id - PSA_KEY_ID_VOLATILE_MIN ];
- /* 0 is not a valid handle under any circumstance. This
- * implementation provides slots number 1 to N where N is the
- * number of available slots. */
- if( handle == 0 || handle > ARRAY_LENGTH( global_data.key_slots ) )
- return( PSA_ERROR_INVALID_HANDLE );
- slot = &global_data.key_slots[handle - 1];
+ /*
+ * Check if both the PSA key identifier key_id and the owner
+ * identifier of key match those of the key slot.
+ *
+ * Note that, if the key slot is not occupied, its PSA key identifier
+ * is equal to zero. This is an invalid value for a PSA key identifier
+ * and thus cannot be equal to the valid PSA key identifier key_id.
+ */
+ status = mbedtls_svc_key_id_equal( key, slot->attr.id ) ?
+ PSA_SUCCESS : PSA_ERROR_DOES_NOT_EXIST;
+ }
+ else
+ {
+ status = psa_validate_key_id( key, 1 );
+ if( status != PSA_SUCCESS )
+ return( status );
- /* If the slot isn't occupied, the handle is invalid. */
- if( ! psa_is_key_slot_occupied( slot ) )
- return( PSA_ERROR_INVALID_HANDLE );
+ for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ )
+ {
+ slot = &global_data.key_slots[ slot_idx ];
+ if( mbedtls_svc_key_id_equal( key, slot->attr.id ) )
+ break;
+ }
+ status = ( slot_idx < PSA_KEY_SLOT_COUNT ) ?
+ PSA_SUCCESS : PSA_ERROR_DOES_NOT_EXIST;
+ }
- *p_slot = slot;
- return( PSA_SUCCESS );
+ if( status == PSA_SUCCESS )
+ {
+ status = psa_lock_key_slot( slot );
+ if( status == PSA_SUCCESS )
+ *p_slot = slot;
+ }
+
+ return( status );
}
psa_status_t psa_initialize_key_slots( void )
@@ -88,29 +159,80 @@
void psa_wipe_all_key_slots( void )
{
- psa_key_handle_t key;
- for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ )
+ size_t slot_idx;
+
+ for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ )
{
- psa_key_slot_t *slot = &global_data.key_slots[key - 1];
+ psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ];
+ slot->lock_count = 1;
(void) psa_wipe_key_slot( slot );
}
global_data.key_slots_initialized = 0;
}
-psa_status_t psa_get_empty_key_slot( psa_key_handle_t *handle,
- psa_key_slot_t **p_slot )
+psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id,
+ psa_key_slot_t **p_slot )
{
- if( ! global_data.key_slots_initialized )
- return( PSA_ERROR_BAD_STATE );
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ size_t slot_idx;
+ psa_key_slot_t *selected_slot, *unlocked_persistent_key_slot;
- for( *handle = PSA_KEY_SLOT_COUNT; *handle != 0; --( *handle ) )
+ if( ! global_data.key_slots_initialized )
{
- *p_slot = &global_data.key_slots[*handle - 1];
- if( ! psa_is_key_slot_occupied( *p_slot ) )
- return( PSA_SUCCESS );
+ status = PSA_ERROR_BAD_STATE;
+ goto error;
}
+
+ selected_slot = unlocked_persistent_key_slot = NULL;
+ for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ )
+ {
+ psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ];
+ if( ! psa_is_key_slot_occupied( slot ) )
+ {
+ selected_slot = slot;
+ break;
+ }
+
+ if( ( unlocked_persistent_key_slot == NULL ) &&
+ ( ! PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) ) &&
+ ( ! psa_is_key_slot_locked( slot ) ) )
+ unlocked_persistent_key_slot = slot;
+ }
+
+ /*
+ * If there is no unused key slot and there is at least one unlocked key
+ * slot containing the description of a persistent key, recycle the first
+ * such key slot we encountered. If we later need to operate on the
+ * persistent key we are evicting now, we will reload its description from
+ * storage.
+ */
+ if( ( selected_slot == NULL ) &&
+ ( unlocked_persistent_key_slot != NULL ) )
+ {
+ selected_slot = unlocked_persistent_key_slot;
+ selected_slot->lock_count = 1;
+ psa_wipe_key_slot( selected_slot );
+ }
+
+ if( selected_slot != NULL )
+ {
+ status = psa_lock_key_slot( selected_slot );
+ if( status != PSA_SUCCESS )
+ goto error;
+
+ *volatile_key_id = PSA_KEY_ID_VOLATILE_MIN +
+ ( (psa_key_id_t)( selected_slot - global_data.key_slots ) );
+ *p_slot = selected_slot;
+
+ return( PSA_SUCCESS );
+ }
+ status = PSA_ERROR_INSUFFICIENT_MEMORY;
+
+error:
*p_slot = NULL;
- return( PSA_ERROR_INSUFFICIENT_MEMORY );
+ *volatile_key_id = 0;
+
+ return( status );
}
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
@@ -150,33 +272,71 @@
psa_free_persistent_key_data( key_data, key_data_length );
return( status );
}
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
-/** Check whether a key identifier is acceptable.
- *
- * For backward compatibility, key identifiers that were valid in a
- * past released version must remain valid, unless a migration path
- * is provided.
- *
- * \param key The key identifier to check.
- * \param vendor_ok Nonzero to allow key ids in the vendor range.
- * 0 to allow only key ids in the application range.
- *
- * \return 1 if \p key is acceptable, otherwise 0.
- */
-static int psa_is_key_id_valid( mbedtls_svc_key_id_t key, int vendor_ok )
+psa_status_t psa_get_and_lock_key_slot( mbedtls_svc_key_id_t key,
+ psa_key_slot_t **p_slot )
{
- psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key );
- if( PSA_KEY_ID_USER_MIN <= key_id && key_id <= PSA_KEY_ID_USER_MAX )
- return( 1 );
- else if( vendor_ok &&
- PSA_KEY_ID_VENDOR_MIN <= key_id &&
- key_id <= PSA_KEY_ID_VENDOR_MAX )
- return( 1 );
- else
- return( 0 );
-}
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+ *p_slot = NULL;
+ if( ! global_data.key_slots_initialized )
+ return( PSA_ERROR_BAD_STATE );
+
+ /*
+ * On success, the pointer to the slot is passed directly to the caller
+ * thus no need to unlock the key slot here.
+ */
+ status = psa_get_and_lock_key_slot_in_memory( key, p_slot );
+ if( status != PSA_ERROR_DOES_NOT_EXIST )
+ return( status );
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+ psa_key_id_t volatile_key_id;
+
+ status = psa_get_empty_key_slot( &volatile_key_id, p_slot );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ (*p_slot)->attr.lifetime = PSA_KEY_LIFETIME_PERSISTENT;
+ (*p_slot)->attr.id = key;
+
+ status = psa_load_persistent_key_into_slot( *p_slot );
+ if( status != PSA_SUCCESS )
+ psa_wipe_key_slot( *p_slot );
+
+ return( status );
+#else
+ return( PSA_ERROR_DOES_NOT_EXIST );
#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
+}
+
+psa_status_t psa_unlock_key_slot( psa_key_slot_t *slot )
+{
+ if( slot == NULL )
+ return( PSA_SUCCESS );
+
+ if( slot->lock_count > 0 )
+ {
+ slot->lock_count--;
+ return( PSA_SUCCESS );
+ }
+
+ /*
+ * As the return error code may not be handled in case of multiple errors,
+ * do our best to report if the lock counter is equal to zero: if
+ * available call MBEDTLS_PARAM_FAILED that may terminate execution (if
+ * called as part of the execution of a unit test suite this will stop the
+ * test suite execution).
+ */
+#ifdef MBEDTLS_CHECK_PARAMS
+ MBEDTLS_PARAM_FAILED( slot->lock_count > 0 );
+#endif
+
+ return( PSA_ERROR_CORRUPTION_DETECTED );
+}
+
psa_status_t psa_validate_key_location( psa_key_lifetime_t lifetime,
psa_se_drv_table_entry_t **p_drv )
{
@@ -202,8 +362,7 @@
return( PSA_SUCCESS );
}
-psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime,
- mbedtls_svc_key_id_t key )
+psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime )
{
if ( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
{
@@ -214,13 +373,8 @@
{
/* Persistent keys require storage support */
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
- if( psa_is_key_id_valid( key,
- psa_key_lifetime_is_external( lifetime ) ) )
- return( PSA_SUCCESS );
- else
- return( PSA_ERROR_INVALID_ARGUMENT );
+ return( PSA_SUCCESS );
#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
- (void) key;
return( PSA_ERROR_NOT_SUPPORTED );
#endif /* !MBEDTLS_PSA_CRYPTO_STORAGE_C */
}
@@ -232,29 +386,20 @@
psa_status_t status;
psa_key_slot_t *slot;
- *handle = 0;
-
- if( ! psa_is_key_id_valid( key, 1 ) )
- return( PSA_ERROR_INVALID_ARGUMENT );
-
- status = psa_get_empty_key_slot( handle, &slot );
- if( status != PSA_SUCCESS )
- return( status );
-
- slot->attr.lifetime = PSA_KEY_LIFETIME_PERSISTENT;
- slot->attr.id = key;
-
- status = psa_load_persistent_key_into_slot( slot );
+ status = psa_get_and_lock_key_slot( key, &slot );
if( status != PSA_SUCCESS )
{
- psa_wipe_key_slot( slot );
- *handle = 0;
+ *handle = PSA_KEY_HANDLE_INIT;
+ return( status );
}
- return( status );
+
+ *handle = key;
+
+ return( psa_unlock_key_slot( slot ) );
#else /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
(void) key;
- *handle = 0;
+ *handle = PSA_KEY_HANDLE_INIT;
return( PSA_ERROR_NOT_SUPPORTED );
#endif /* !defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
}
@@ -264,23 +409,48 @@
psa_status_t status;
psa_key_slot_t *slot;
- if( handle == 0 )
+ if( psa_key_handle_is_null( handle ) )
return( PSA_SUCCESS );
- status = psa_get_key_slot( handle, &slot );
+ status = psa_get_and_lock_key_slot_in_memory( handle, &slot );
if( status != PSA_SUCCESS )
return( status );
- return( psa_wipe_key_slot( slot ) );
+ if( slot->lock_count <= 1 )
+ return( psa_wipe_key_slot( slot ) );
+ else
+ return( psa_unlock_key_slot( slot ) );
+}
+
+psa_status_t psa_purge_key( mbedtls_svc_key_id_t key )
+{
+ psa_status_t status;
+ psa_key_slot_t *slot;
+
+ status = psa_get_and_lock_key_slot_in_memory( key, &slot );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ if( ( ! PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) ) &&
+ ( slot->lock_count <= 1 ) )
+ return( psa_wipe_key_slot( slot ) );
+ else
+ return( psa_unlock_key_slot( slot ) );
}
void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats )
{
- psa_key_handle_t key;
+ size_t slot_idx;
+
memset( stats, 0, sizeof( *stats ) );
- for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ )
+
+ for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ )
{
- const psa_key_slot_t *slot = &global_data.key_slots[key - 1];
+ const psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ];
+ if( psa_is_key_slot_locked( slot ) )
+ {
+ ++stats->locked_slots;
+ }
if( ! psa_is_key_slot_occupied( slot ) )
{
++stats->empty_slots;
diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h
index c6fecbb..ef0814a 100644
--- a/library/psa_crypto_slot_management.h
+++ b/library/psa_crypto_slot_management.h
@@ -22,32 +22,86 @@
#define PSA_CRYPTO_SLOT_MANAGEMENT_H
#include "psa/crypto.h"
+#include "psa_crypto_core.h"
#include "psa_crypto_se.h"
/* Number of key slots (plus one because 0 is not used).
* The value is a compile-time constant for now, for simplicity. */
#define PSA_KEY_SLOT_COUNT 32
-/** Access a key slot at the given handle.
+/** Range of volatile key identifiers.
*
- * \param handle Key handle to query.
- * \param[out] p_slot On success, `*p_slot` contains a pointer to the
- * key slot in memory designated by \p handle.
- *
- * \retval PSA_SUCCESS
- * Success: \p handle is a handle to `*p_slot`. Note that `*p_slot`
- * may be empty or occupied.
- * \retval PSA_ERROR_INVALID_HANDLE
- * \p handle is out of range or is not in use.
- * \retval PSA_ERROR_BAD_STATE
- * The library has not been initialized.
+ * The last PSA_KEY_SLOT_COUNT identifiers of the implementation range
+ * of key identifiers are reserved for volatile key identifiers.
+ * A volatile key identifier is equal to #PSA_KEY_ID_VOLATILE_MIN plus the
+ * index of the key slot containing the volatile key definition.
*/
-psa_status_t psa_get_key_slot( psa_key_handle_t handle,
- psa_key_slot_t **p_slot );
+
+/** The minimum value for a volatile key identifier.
+ */
+#define PSA_KEY_ID_VOLATILE_MIN ( PSA_KEY_ID_VENDOR_MAX - \
+ PSA_KEY_SLOT_COUNT + 1 )
+
+/** The maximum value for a volatile key identifier.
+ */
+#define PSA_KEY_ID_VOLATILE_MAX PSA_KEY_ID_VENDOR_MAX
+
+/** Test whether a key identifier is a volatile key identifier.
+ *
+ * \param key_id Key identifier to test.
+ *
+ * \retval 1
+ * The key identifier is a volatile key identifier.
+ * \retval 0
+ * The key identifier is not a volatile key identifier.
+ */
+static inline int psa_key_id_is_volatile( psa_key_id_t key_id )
+{
+ return( ( key_id >= PSA_KEY_ID_VOLATILE_MIN ) &&
+ ( key_id <= PSA_KEY_ID_VOLATILE_MAX ) );
+}
+
+/** Get the description of a key given its identifier and lock it.
+ *
+ * The descriptions of volatile keys and loaded persistent keys are stored in
+ * key slots. This function returns a pointer to the key slot containing the
+ * description of a key given its identifier.
+ *
+ * In case of a persistent key, the function loads the description of the key
+ * into a key slot if not already done.
+ *
+ * On success, the returned key slot is locked. It is the responsibility of
+ * the caller to unlock the key slot when it does not access it anymore.
+ *
+ * \param key Key identifier to query.
+ * \param[out] p_slot On success, `*p_slot` contains a pointer to the
+ * key slot containing the description of the key
+ * identified by \p key.
+ *
+ * \retval #PSA_SUCCESS
+ * \p *p_slot contains a pointer to the key slot containing the
+ * description of the key identified by \p key.
+ * The key slot counter has been incremented.
+ * \retval #PSA_ERROR_BAD_STATE
+ * The library has not been initialized.
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ * \p key is not a valid key identifier.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \p key is a persistent key identifier. The implementation does not
+ * have sufficient resources to load the persistent key. This can be
+ * due to a lack of empty key slot, or available memory.
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
+ * There is no key with key identifier \p key.
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_DATA_CORRUPT
+ */
+psa_status_t psa_get_and_lock_key_slot( mbedtls_svc_key_id_t key,
+ psa_key_slot_t **p_slot );
/** Initialize the key slot structures.
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
* Currently this function always succeeds.
*/
psa_status_t psa_initialize_key_slots( void );
@@ -60,19 +114,61 @@
/** Find a free key slot.
*
* This function returns a key slot that is available for use and is in its
- * ground state (all-bits-zero).
+ * ground state (all-bits-zero). On success, the key slot is locked. It is
+ * the responsibility of the caller to unlock the key slot when it does not
+ * access it anymore.
*
- * \param[out] handle On success, a slot number that can be used as a
- * handle to the slot.
- * \param[out] p_slot On success, a pointer to the slot.
+ * \param[out] volatile_key_id On success, volatile key identifier
+ * associated to the returned slot.
+ * \param[out] p_slot On success, a pointer to the slot.
*
* \retval #PSA_SUCCESS
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_BAD_STATE
*/
-psa_status_t psa_get_empty_key_slot( psa_key_handle_t *handle,
+psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id,
psa_key_slot_t **p_slot );
+/** Lock a key slot.
+ *
+ * This function increments the key slot lock counter by one.
+ *
+ * \param[in] slot The key slot.
+ *
+ * \retval #PSA_SUCCESS
+ The key slot lock counter was incremented.
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * The lock counter already reached its maximum value and was not
+ * increased.
+ */
+static inline psa_status_t psa_lock_key_slot( psa_key_slot_t *slot )
+{
+ if( slot->lock_count >= SIZE_MAX )
+ return( PSA_ERROR_CORRUPTION_DETECTED );
+
+ slot->lock_count++;
+
+ return( PSA_SUCCESS );
+}
+
+/** Unlock a key slot.
+ *
+ * This function decrements the key slot lock counter by one.
+ *
+ * \note To ease the handling of errors in retrieving a key slot
+ * a NULL input pointer is valid, and the function returns
+ * successfully without doing anything in that case.
+ *
+ * \param[in] slot The key slot.
+ * \retval #PSA_SUCCESS
+ * \p slot is NULL or the key slot lock counter has been
+ * decremented successfully.
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * The lock counter was equal to 0.
+ *
+ */
+psa_status_t psa_unlock_key_slot( psa_key_slot_t *slot );
+
/** Test whether a lifetime designates a key in an external cryptoprocessor.
*
* \param lifetime The lifetime to test.
@@ -108,18 +204,26 @@
psa_status_t psa_validate_key_location( psa_key_lifetime_t lifetime,
psa_se_drv_table_entry_t **p_drv );
-/** Validate that a key's persistence attributes are valid.
- *
- * This function checks whether a key's declared persistence level and key ID
- * attributes are valid and known to the PSA Core in its actual configuration.
+/** Validate the persistence of a key.
*
* \param[in] lifetime The key lifetime attribute.
- * \param[in] key The key identifier.
*
* \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_INVALID_ARGUMENT The key is persistent but persistent
+ * keys are not supported.
*/
-psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime,
- mbedtls_svc_key_id_t key );
+psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime );
+
+/** Validate a key identifier.
+ *
+ * \param[in] key The key identifier.
+ * \param[in] vendor_ok Non-zero to indicate that key identifiers in the
+ * vendor range are allowed, volatile key identifiers
+ * excepted \c 0 otherwise.
+ *
+ * \retval #PSA_SUCCESS The identifier is valid.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT The key identifier is not valid.
+ */
+psa_status_t psa_validate_key_id( mbedtls_svc_key_id_t key, int vendor_ok );
#endif /* PSA_CRYPTO_SLOT_MANAGEMENT_H */
diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c
index 2ab5903..1ebd20e 100644
--- a/library/psa_crypto_storage.c
+++ b/library/psa_crypto_storage.c
@@ -90,9 +90,9 @@
* \param[out] data Buffer where the data is to be written.
* \param data_size Size of the \c data buffer in bytes.
*
- * \retval PSA_SUCCESS
- * \retval PSA_ERROR_STORAGE_FAILURE
- * \retval PSA_ERROR_DOES_NOT_EXIST
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
*/
static psa_status_t psa_crypto_storage_load(
const mbedtls_svc_key_id_t key, uint8_t *data, size_t data_size )
@@ -137,10 +137,10 @@
* \param data_length The number of bytes
* that make up the data.
*
- * \retval PSA_SUCCESS
- * \retval PSA_ERROR_INSUFFICIENT_STORAGE
- * \retval PSA_ERROR_STORAGE_FAILURE
- * \retval PSA_ERROR_ALREADY_EXISTS
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INSUFFICIENT_STORAGE
+ * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_ALREADY_EXISTS
*/
static psa_status_t psa_crypto_storage_store( const mbedtls_svc_key_id_t key,
const uint8_t *data,
@@ -210,8 +210,8 @@
* is to be obtained.
* \param[out] data_length The number of bytes that make up the data.
*
- * \retval PSA_SUCCESS
- * \retval PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_STORAGE_FAILURE
*/
static psa_status_t psa_crypto_storage_get_data_length(
const mbedtls_svc_key_id_t key,
diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h
index 3def1b5..fbc94fc 100644
--- a/library/psa_crypto_storage.h
+++ b/library/psa_crypto_storage.h
@@ -93,11 +93,11 @@
* \param[in] data Buffer containing the key data.
* \param data_length The number of bytes that make up the key data.
*
- * \retval PSA_SUCCESS
- * \retval PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval PSA_ERROR_INSUFFICIENT_STORAGE
- * \retval PSA_ERROR_STORAGE_FAILURE
- * \retval PSA_ERROR_ALREADY_EXISTS
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_INSUFFICIENT_STORAGE
+ * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_ALREADY_EXISTS
*/
psa_status_t psa_save_persistent_key( const psa_core_key_attributes_t *attr,
const uint8_t *data,
@@ -122,10 +122,10 @@
* \param[out] data Pointer to an allocated key data buffer on return.
* \param[out] data_length The number of bytes that make up the key data.
*
- * \retval PSA_SUCCESS
- * \retval PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval PSA_ERROR_STORAGE_FAILURE
- * \retval PSA_ERROR_DOES_NOT_EXIST
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
*/
psa_status_t psa_load_persistent_key( psa_core_key_attributes_t *attr,
uint8_t **data,
@@ -137,10 +137,10 @@
* \param key Persistent identifier of the key to remove
* from persistent storage.
*
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
* The key was successfully removed,
* or the key did not exist.
- * \retval PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_STORAGE_FAILURE
*/
psa_status_t psa_destroy_persistent_key( const mbedtls_svc_key_id_t key );
@@ -182,10 +182,10 @@
* \param[out] attr On success, the attribute structure is filled
* with the loaded key metadata.
*
- * \retval PSA_SUCCESS
- * \retval PSA_ERROR_INSUFFICIENT_STORAGE
- * \retval PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INSUFFICIENT_STORAGE
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_STORAGE_FAILURE
*/
psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data,
size_t storage_data_length,
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 76be8ab..a8331d9 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -63,7 +63,7 @@
return( 1 );
#if defined(MBEDTLS_USE_PSA_CRYPTO)
- if( conf->psk_opaque != 0 )
+ if( ! mbedtls_svc_key_id_is_null( conf->psk_opaque ) )
return( 1 );
#endif /* MBEDTLS_USE_PSA_CRYPTO */
@@ -3802,7 +3802,7 @@
status = psa_destroy_key( handshake->ecdh_psa_privkey );
if( status != PSA_SUCCESS )
return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
- handshake->ecdh_psa_privkey = 0;
+ handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
}
else
#endif /* MBEDTLS_USE_PSA_CRYPTO &&
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index a5c5caf..e33b828 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -157,7 +157,7 @@
return( 1 );
#if defined(MBEDTLS_USE_PSA_CRYPTO)
- if( conf->psk_opaque != 0 )
+ if( ! mbedtls_svc_key_id_is_null( conf->psk_opaque ) )
return( 1 );
#endif /* MBEDTLS_USE_PSA_CRYPTO */
@@ -172,13 +172,13 @@
/* If we've used a callback to select the PSK,
* the static configuration is irrelevant. */
- if( ssl->handshake->psk_opaque != 0 )
+ if( ! mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) )
return( 1 );
return( 0 );
}
- if( ssl->conf->psk_opaque != 0 )
+ if( ! mbedtls_svc_key_id_is_null( ssl->conf->psk_opaque ) )
return( 1 );
return( 0 );
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 7cb5b8c..041578e 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -446,7 +446,7 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
static psa_status_t setup_psa_key_derivation( psa_key_derivation_operation_t* derivation,
- psa_key_handle_t slot,
+ psa_key_id_t key,
psa_algorithm_t alg,
const unsigned char* seed, size_t seed_length,
const unsigned char* label, size_t label_length,
@@ -466,7 +466,7 @@
if( status != PSA_SUCCESS )
return( status );
- if( slot == 0 )
+ if( mbedtls_svc_key_id_is_null( key ) )
{
status = psa_key_derivation_input_bytes(
derivation, PSA_KEY_DERIVATION_INPUT_SECRET,
@@ -475,8 +475,7 @@
else
{
status = psa_key_derivation_input_key(
- derivation, PSA_KEY_DERIVATION_INPUT_SECRET,
- slot );
+ derivation, PSA_KEY_DERIVATION_INPUT_SECRET, key );
}
if( status != PSA_SUCCESS )
return( status );
@@ -507,7 +506,7 @@
{
psa_status_t status;
psa_algorithm_t alg;
- psa_key_handle_t master_slot = 0;
+ psa_key_id_t master_key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_derivation_operation_t derivation =
PSA_KEY_DERIVATION_OPERATION_INIT;
@@ -521,7 +520,7 @@
* this PRF is also used to derive an IV, in particular in EAP-TLS,
* and for this use case it makes sense to have a 0-length "secret".
* Since the key API doesn't allow importing a key of length 0,
- * keep master_slot=0, which setup_psa_key_derivation() understands
+ * keep master_key=0, which setup_psa_key_derivation() understands
* to mean a 0-length "secret" input. */
if( slen != 0 )
{
@@ -530,13 +529,13 @@
psa_set_key_algorithm( &key_attributes, alg );
psa_set_key_type( &key_attributes, PSA_KEY_TYPE_DERIVE );
- status = psa_import_key( &key_attributes, secret, slen, &master_slot );
+ status = psa_import_key( &key_attributes, secret, slen, &master_key );
if( status != PSA_SUCCESS )
return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
}
status = setup_psa_key_derivation( &derivation,
- master_slot, alg,
+ master_key, alg,
random, rlen,
(unsigned char const *) label,
(size_t) strlen( label ),
@@ -544,7 +543,7 @@
if( status != PSA_SUCCESS )
{
psa_key_derivation_abort( &derivation );
- psa_destroy_key( master_slot );
+ psa_destroy_key( master_key );
return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
}
@@ -552,19 +551,19 @@
if( status != PSA_SUCCESS )
{
psa_key_derivation_abort( &derivation );
- psa_destroy_key( master_slot );
+ psa_destroy_key( master_key );
return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
}
status = psa_key_derivation_abort( &derivation );
if( status != PSA_SUCCESS )
{
- psa_destroy_key( master_slot );
+ psa_destroy_key( master_key );
return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
}
- if( master_slot != 0 )
- status = psa_destroy_key( master_slot );
+ if( ! mbedtls_svc_key_id_is_null( master_key ) )
+ status = psa_destroy_key( master_key );
if( status != PSA_SUCCESS )
return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
@@ -707,13 +706,13 @@
{
/* If we've used a callback to select the PSK,
* the static configuration is irrelevant. */
- if( ssl->handshake->psk_opaque != 0 )
+ if( ! mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) )
return( 1 );
return( 0 );
}
- if( ssl->conf->psk_opaque != 0 )
+ if( ! mbedtls_svc_key_id_is_null( ssl->conf->psk_opaque ) )
return( 1 );
return( 0 );
@@ -1514,7 +1513,7 @@
/* Perform PSK-to-MS expansion in a single step. */
psa_status_t status;
psa_algorithm_t alg;
- psa_key_handle_t psk;
+ psa_key_id_t psk;
psa_key_derivation_operation_t derivation =
PSA_KEY_DERIVATION_OPERATION_INIT;
mbedtls_md_type_t hash_alg = handshake->ciphersuite_info->mac;
@@ -4344,11 +4343,11 @@
{
/* Remove reference to existing PSK, if any. */
#if defined(MBEDTLS_USE_PSA_CRYPTO)
- if( conf->psk_opaque != 0 )
+ if( ! mbedtls_svc_key_id_is_null( conf->psk_opaque ) )
{
/* The maintenance of the PSK key slot is the
* user's responsibility. */
- conf->psk_opaque = 0;
+ conf->psk_opaque = MBEDTLS_SVC_KEY_ID_INIT;
}
/* This and the following branch should never
* be taken simultaenously as we maintain the
@@ -4432,9 +4431,9 @@
static void ssl_remove_psk( mbedtls_ssl_context *ssl )
{
#if defined(MBEDTLS_USE_PSA_CRYPTO)
- if( ssl->handshake->psk_opaque != 0 )
+ if( ! mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) )
{
- ssl->handshake->psk_opaque = 0;
+ ssl->handshake->psk_opaque = MBEDTLS_SVC_KEY_ID_INIT;
}
else
#endif /* MBEDTLS_USE_PSA_CRYPTO */
@@ -4469,7 +4468,7 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf,
- psa_key_handle_t psk_slot,
+ psa_key_id_t psk,
const unsigned char *psk_identity,
size_t psk_identity_len )
{
@@ -4478,9 +4477,9 @@
ssl_conf_remove_psk( conf );
/* Check and set opaque PSK */
- if( psk_slot == 0 )
+ if( mbedtls_svc_key_id_is_null( psk ) )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
- conf->psk_opaque = psk_slot;
+ conf->psk_opaque = psk;
/* Check and set PSK Identity */
ret = ssl_conf_set_psk_identity( conf, psk_identity,
@@ -4492,13 +4491,14 @@
}
int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl,
- psa_key_handle_t psk_slot )
+ psa_key_id_t psk )
{
- if( psk_slot == 0 || ssl->handshake == NULL )
+ if( ( mbedtls_svc_key_id_is_null( psk ) ) ||
+ ( ssl->handshake == NULL ) )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
ssl_remove_psk( ssl );
- ssl->handshake->psk_opaque = psk_slot;
+ ssl->handshake->psk_opaque = psk;
return( 0 );
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c
index 15aabf9..d165d2e 100644
--- a/programs/psa/crypto_examples.c
+++ b/programs/psa/crypto_examples.c
@@ -45,13 +45,15 @@
#if !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_AES_C) || \
!defined(MBEDTLS_CIPHER_MODE_CBC) || !defined(MBEDTLS_CIPHER_MODE_CTR) || \
- !defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
+ !defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) || \
+ defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
int main( void )
{
printf( "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_AES_C and/or "
"MBEDTLS_CIPHER_MODE_CBC and/or MBEDTLS_CIPHER_MODE_CTR "
"and/or MBEDTLS_CIPHER_MODE_WITH_PADDING "
- "not defined.\r\n" );
+ "not defined and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER"
+ " defined.\r\n" );
return( 0 );
}
#else
@@ -92,7 +94,7 @@
return( status );
}
-static psa_status_t cipher_encrypt( psa_key_handle_t key_handle,
+static psa_status_t cipher_encrypt( psa_key_id_t key,
psa_algorithm_t alg,
uint8_t * iv,
size_t iv_size,
@@ -108,7 +110,7 @@
size_t iv_len = 0;
memset( &operation, 0, sizeof( operation ) );
- status = psa_cipher_encrypt_setup( &operation, key_handle, alg );
+ status = psa_cipher_encrypt_setup( &operation, key, alg );
ASSERT_STATUS( status, PSA_SUCCESS );
status = psa_cipher_generate_iv( &operation, iv, iv_size, &iv_len );
@@ -123,7 +125,7 @@
return( status );
}
-static psa_status_t cipher_decrypt( psa_key_handle_t key_handle,
+static psa_status_t cipher_decrypt( psa_key_id_t key,
psa_algorithm_t alg,
const uint8_t * iv,
size_t iv_size,
@@ -138,7 +140,7 @@
psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
memset( &operation, 0, sizeof( operation ) );
- status = psa_cipher_decrypt_setup( &operation, key_handle, alg );
+ status = psa_cipher_decrypt_setup( &operation, key, alg );
ASSERT_STATUS( status, PSA_SUCCESS );
status = psa_cipher_set_iv( &operation, iv, iv_size );
@@ -165,7 +167,7 @@
psa_status_t status;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle = 0;
+ psa_key_id_t key = 0;
size_t output_len = 0;
uint8_t iv[block_size];
uint8_t input[block_size];
@@ -181,15 +183,15 @@
psa_set_key_type( &attributes, PSA_KEY_TYPE_AES );
psa_set_key_bits( &attributes, key_bits );
- status = psa_generate_key( &attributes, &key_handle );
+ status = psa_generate_key( &attributes, &key );
ASSERT_STATUS( status, PSA_SUCCESS );
- status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ),
+ status = cipher_encrypt( key, alg, iv, sizeof( iv ),
input, sizeof( input ), part_size,
encrypt, sizeof( encrypt ), &output_len );
ASSERT_STATUS( status, PSA_SUCCESS );
- status = cipher_decrypt( key_handle, alg, iv, sizeof( iv ),
+ status = cipher_decrypt( key, alg, iv, sizeof( iv ),
encrypt, output_len, part_size,
decrypt, sizeof( decrypt ), &output_len );
ASSERT_STATUS( status, PSA_SUCCESS );
@@ -198,7 +200,7 @@
ASSERT_STATUS( status, PSA_SUCCESS );
exit:
- psa_destroy_key( key_handle );
+ psa_destroy_key( key );
return( status );
}
@@ -215,7 +217,7 @@
psa_status_t status;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle = 0;
+ psa_key_id_t key = 0;
size_t output_len = 0;
uint8_t iv[block_size], input[input_size],
encrypt[input_size + block_size], decrypt[input_size + block_size];
@@ -229,15 +231,15 @@
psa_set_key_type( &attributes, PSA_KEY_TYPE_AES );
psa_set_key_bits( &attributes, key_bits );
- status = psa_generate_key( &attributes, &key_handle );
+ status = psa_generate_key( &attributes, &key );
ASSERT_STATUS( status, PSA_SUCCESS );
- status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ),
+ status = cipher_encrypt( key, alg, iv, sizeof( iv ),
input, sizeof( input ), part_size,
encrypt, sizeof( encrypt ), &output_len );
ASSERT_STATUS( status, PSA_SUCCESS );
- status = cipher_decrypt( key_handle, alg, iv, sizeof( iv ),
+ status = cipher_decrypt( key, alg, iv, sizeof( iv ),
encrypt, output_len, part_size,
decrypt, sizeof( decrypt ), &output_len );
ASSERT_STATUS( status, PSA_SUCCESS );
@@ -246,7 +248,7 @@
ASSERT_STATUS( status, PSA_SUCCESS );
exit:
- psa_destroy_key( key_handle );
+ psa_destroy_key( key );
return( status );
}
@@ -262,7 +264,7 @@
psa_status_t status;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle = 0;
+ psa_key_id_t key = 0;
size_t output_len = 0;
uint8_t iv[block_size], input[input_size], encrypt[input_size],
decrypt[input_size];
@@ -276,15 +278,15 @@
psa_set_key_type( &attributes, PSA_KEY_TYPE_AES );
psa_set_key_bits( &attributes, key_bits );
- status = psa_generate_key( &attributes, &key_handle );
+ status = psa_generate_key( &attributes, &key );
ASSERT_STATUS( status, PSA_SUCCESS );
- status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ),
+ status = cipher_encrypt( key, alg, iv, sizeof( iv ),
input, sizeof( input ), part_size,
encrypt, sizeof( encrypt ), &output_len );
ASSERT_STATUS( status, PSA_SUCCESS );
- status = cipher_decrypt( key_handle, alg, iv, sizeof( iv ),
+ status = cipher_decrypt( key, alg, iv, sizeof( iv ),
encrypt, output_len, part_size,
decrypt, sizeof( decrypt ), &output_len );
ASSERT_STATUS( status, PSA_SUCCESS );
@@ -293,7 +295,7 @@
ASSERT_STATUS( status, PSA_SUCCESS );
exit:
- psa_destroy_key( key_handle );
+ psa_destroy_key( key );
return( status );
}
diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c
index a3628f0..47d5de6 100644
--- a/programs/psa/key_ladder_demo.c
+++ b/programs/psa/key_ladder_demo.c
@@ -65,15 +65,17 @@
#include <psa/crypto.h>
/* If the build options we need are not enabled, compile a placeholder. */
-#if !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \
- !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_CCM_C) || \
- !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_FS_IO)
+#if !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \
+ !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_CCM_C) || \
+ !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_FS_IO) || \
+ defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
int main( void )
{
- printf("MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or "
- "MBEDTLS_AES_C and/or MBEDTLS_CCM_C and/or "
- "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_FS_IO "
- "not defined.\n");
+ printf( "MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or "
+ "MBEDTLS_AES_C and/or MBEDTLS_CCM_C and/or "
+ "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_FS_IO "
+ "not defined and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER "
+ "defined.\n" );
return( 0 );
}
#else
@@ -167,7 +169,7 @@
/* Save a key to a file. In the real world, you may want to export a derived
* key sometimes, to share it with another party. */
-static psa_status_t save_key( psa_key_handle_t key_handle,
+static psa_status_t save_key( psa_key_id_t key,
const char *output_file_name )
{
psa_status_t status = PSA_SUCCESS;
@@ -175,7 +177,7 @@
size_t key_size;
FILE *key_file = NULL;
- PSA_CHECK( psa_export_key( key_handle,
+ PSA_CHECK( psa_export_key( key,
key_data, sizeof( key_data ),
&key_size ) );
SYS_CHECK( ( key_file = fopen( output_file_name, "wb" ) ) != NULL );
@@ -197,7 +199,7 @@
static psa_status_t generate( const char *key_file_name )
{
psa_status_t status = PSA_SUCCESS;
- psa_key_handle_t key_handle = 0;
+ psa_key_id_t key = 0;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_set_key_usage_flags( &attributes,
@@ -206,12 +208,12 @@
psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE );
psa_set_key_bits( &attributes, PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ) );
- PSA_CHECK( psa_generate_key( &attributes, &key_handle ) );
+ PSA_CHECK( psa_generate_key( &attributes, &key ) );
- PSA_CHECK( save_key( key_handle, key_file_name ) );
+ PSA_CHECK( save_key( key, key_file_name ) );
exit:
- (void) psa_destroy_key( key_handle );
+ (void) psa_destroy_key( key );
return( status );
}
@@ -223,7 +225,7 @@
static psa_status_t import_key_from_file( psa_key_usage_t usage,
psa_algorithm_t alg,
const char *key_file_name,
- psa_key_handle_t *master_key_handle )
+ psa_key_id_t *master_key )
{
psa_status_t status = PSA_SUCCESS;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@@ -232,8 +234,6 @@
FILE *key_file = NULL;
unsigned char extra_byte;
- *master_key_handle = 0;
-
SYS_CHECK( ( key_file = fopen( key_file_name, "rb" ) ) != NULL );
SYS_CHECK( ( key_size = fread( key_data, 1, sizeof( key_data ),
key_file ) ) != 0 );
@@ -250,8 +250,7 @@
psa_set_key_usage_flags( &attributes, usage );
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE );
- PSA_CHECK( psa_import_key( &attributes, key_data, key_size,
- master_key_handle ) );
+ PSA_CHECK( psa_import_key( &attributes, key_data, key_size, master_key ) );
exit:
if( key_file != NULL )
fclose( key_file );
@@ -259,21 +258,22 @@
if( status != PSA_SUCCESS )
{
/* If the key creation hasn't happened yet or has failed,
- * *master_key_handle is 0. psa_destroy_key(0) is guaranteed to do
- * nothing and return PSA_ERROR_INVALID_HANDLE. */
- (void) psa_destroy_key( *master_key_handle );
- *master_key_handle = 0;
+ * *master_key is null. psa_destroy_key( 0 ) is
+ * guaranteed to do nothing and return PSA_SUCCESS. */
+ (void) psa_destroy_key( *master_key );
+ *master_key = 0;
}
return( status );
}
/* Derive the intermediate keys, using the list of labels provided on
- * the command line. On input, *key_handle is a handle to the master key.
- * This function closes the master key. On successful output, *key_handle
- * is a handle to the final derived key. */
+ * the command line. On input, *key is the master key identifier.
+ * This function destroys the master key. On successful output, *key
+ * is the identifier of the final derived key.
+ */
static psa_status_t derive_key_ladder( const char *ladder[],
size_t ladder_depth,
- psa_key_handle_t *key_handle )
+ psa_key_id_t *key )
{
psa_status_t status = PSA_SUCCESS;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@@ -297,17 +297,17 @@
DERIVE_KEY_SALT, DERIVE_KEY_SALT_LENGTH ) );
PSA_CHECK( psa_key_derivation_input_key(
&operation, PSA_KEY_DERIVATION_INPUT_SECRET,
- *key_handle ) );
+ *key ) );
PSA_CHECK( psa_key_derivation_input_bytes(
&operation, PSA_KEY_DERIVATION_INPUT_INFO,
(uint8_t*) ladder[i], strlen( ladder[i] ) ) );
/* When the parent key is not the master key, destroy it,
* since it is no longer needed. */
- PSA_CHECK( psa_close_key( *key_handle ) );
- *key_handle = 0;
+ PSA_CHECK( psa_destroy_key( *key ) );
+ *key = 0;
/* Derive the next intermediate key from the parent key. */
PSA_CHECK( psa_key_derivation_output_key( &attributes, &operation,
- key_handle ) );
+ key ) );
PSA_CHECK( psa_key_derivation_abort( &operation ) );
}
@@ -315,22 +315,22 @@
psa_key_derivation_abort( &operation );
if( status != PSA_SUCCESS )
{
- psa_close_key( *key_handle );
- *key_handle = 0;
+ psa_destroy_key( *key );
+ *key = 0;
}
return( status );
}
/* Derive a wrapping key from the last intermediate key. */
static psa_status_t derive_wrapping_key( psa_key_usage_t usage,
- psa_key_handle_t derived_key_handle,
- psa_key_handle_t *wrapping_key_handle )
+ psa_key_id_t derived_key,
+ psa_key_id_t *wrapping_key )
{
psa_status_t status = PSA_SUCCESS;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
- *wrapping_key_handle = 0;
+ *wrapping_key = 0;
/* Set up a key derivation operation from the key derived from
* the master key. */
@@ -340,7 +340,7 @@
WRAPPING_KEY_SALT, WRAPPING_KEY_SALT_LENGTH ) );
PSA_CHECK( psa_key_derivation_input_key(
&operation, PSA_KEY_DERIVATION_INPUT_SECRET,
- derived_key_handle ) );
+ derived_key ) );
PSA_CHECK( psa_key_derivation_input_bytes(
&operation, PSA_KEY_DERIVATION_INPUT_INFO,
NULL, 0 ) );
@@ -351,7 +351,7 @@
psa_set_key_type( &attributes, PSA_KEY_TYPE_AES );
psa_set_key_bits( &attributes, WRAPPING_KEY_BITS );
PSA_CHECK( psa_key_derivation_output_key( &attributes, &operation,
- wrapping_key_handle ) );
+ wrapping_key ) );
exit:
psa_key_derivation_abort( &operation );
@@ -360,7 +360,7 @@
static psa_status_t wrap_data( const char *input_file_name,
const char *output_file_name,
- psa_key_handle_t wrapping_key_handle )
+ psa_key_id_t wrapping_key )
{
psa_status_t status;
FILE *input_file = NULL;
@@ -408,7 +408,7 @@
/* Wrap the data. */
PSA_CHECK( psa_generate_random( header.iv, WRAPPING_IV_SIZE ) );
- PSA_CHECK( psa_aead_encrypt( wrapping_key_handle, WRAPPING_ALG,
+ PSA_CHECK( psa_aead_encrypt( wrapping_key, WRAPPING_ALG,
header.iv, WRAPPING_IV_SIZE,
(uint8_t *) &header, sizeof( header ),
buffer, input_size,
@@ -437,7 +437,7 @@
static psa_status_t unwrap_data( const char *input_file_name,
const char *output_file_name,
- psa_key_handle_t wrapping_key_handle )
+ psa_key_id_t wrapping_key )
{
psa_status_t status;
FILE *input_file = NULL;
@@ -489,7 +489,7 @@
input_file = NULL;
/* Unwrap the data. */
- PSA_CHECK( psa_aead_decrypt( wrapping_key_handle, WRAPPING_ALG,
+ PSA_CHECK( psa_aead_decrypt( wrapping_key, WRAPPING_ALG,
header.iv, WRAPPING_IV_SIZE,
(uint8_t *) &header, sizeof( header ),
buffer, ciphertext_size,
@@ -527,8 +527,8 @@
const char *output_file_name )
{
psa_status_t status = PSA_SUCCESS;
- psa_key_handle_t derivation_key_handle = 0;
- psa_key_handle_t wrapping_key_handle = 0;
+ psa_key_id_t derivation_key = 0;
+ psa_key_id_t wrapping_key = 0;
/* Initialize the PSA crypto library. */
PSA_CHECK( psa_crypto_init( ) );
@@ -541,30 +541,30 @@
PSA_CHECK( import_key_from_file( PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT,
KDF_ALG,
key_file_name,
- &derivation_key_handle ) );
+ &derivation_key ) );
/* Calculate the derived key for this session. */
PSA_CHECK( derive_key_ladder( ladder, ladder_depth,
- &derivation_key_handle ) );
+ &derivation_key ) );
switch( mode )
{
case MODE_SAVE:
- PSA_CHECK( save_key( derivation_key_handle, output_file_name ) );
+ PSA_CHECK( save_key( derivation_key, output_file_name ) );
break;
case MODE_UNWRAP:
PSA_CHECK( derive_wrapping_key( PSA_KEY_USAGE_DECRYPT,
- derivation_key_handle,
- &wrapping_key_handle ) );
+ derivation_key,
+ &wrapping_key ) );
PSA_CHECK( unwrap_data( input_file_name, output_file_name,
- wrapping_key_handle ) );
+ wrapping_key ) );
break;
case MODE_WRAP:
PSA_CHECK( derive_wrapping_key( PSA_KEY_USAGE_ENCRYPT,
- derivation_key_handle,
- &wrapping_key_handle ) );
+ derivation_key,
+ &wrapping_key ) );
PSA_CHECK( wrap_data( input_file_name, output_file_name,
- wrapping_key_handle ) );
+ wrapping_key ) );
break;
default:
/* Unreachable but some compilers don't realize it. */
@@ -572,11 +572,11 @@
}
exit:
- /* Close any remaining key. Deinitializing the crypto library would do
- * this anyway, but explicitly closing handles makes the code easier
- * to reuse. */
- (void) psa_close_key( derivation_key_handle );
- (void) psa_close_key( wrapping_key_handle );
+ /* Destroy any remaining key. Deinitializing the crypto library would do
+ * this anyway since they are volatile keys, but explicitly destroying
+ * keys makes the code easier to reuse. */
+ (void) psa_destroy_key( derivation_key );
+ (void) psa_destroy_key( wrapping_key );
/* Deinitialize the PSA crypto library. */
mbedtls_psa_crypto_free( );
return( status );
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 54cdd7d..fc69061 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -42,12 +42,14 @@
#if !defined(MBEDTLS_ENTROPY_C) || \
!defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \
- !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_CTR_DRBG_C)
+ !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
+ defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
int main( void )
{
- mbedtls_printf("MBEDTLS_ENTROPY_C and/or "
+ mbedtls_printf( "MBEDTLS_ENTROPY_C and/or "
"MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or "
- "MBEDTLS_NET_C and/or MBEDTLS_CTR_DRBG_C and/or not defined.\n");
+ "MBEDTLS_NET_C and/or MBEDTLS_CTR_DRBG_C and/or not defined "
+ " and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER defined.\n" );
mbedtls_exit( 0 );
}
#else
@@ -1207,7 +1209,7 @@
const char *pers = "ssl_client2";
#if defined(MBEDTLS_USE_PSA_CRYPTO)
- psa_key_handle_t slot = 0;
+ psa_key_id_t slot = 0;
psa_algorithm_t alg = 0;
psa_key_attributes_t key_attributes;
psa_status_t status;
@@ -1232,7 +1234,7 @@
mbedtls_x509_crt clicert;
mbedtls_pk_context pkey;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
- psa_key_handle_t key_slot = 0; /* invalid key slot */
+ psa_key_id_t key_slot = 0; /* invalid key slot */
#endif
#endif
char *p, *q;
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index ec3d6ad..ceeb224 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -42,12 +42,14 @@
#if !defined(MBEDTLS_ENTROPY_C) || \
!defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_SRV_C) || \
- !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_CTR_DRBG_C)
+ !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
+ defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
int main( void )
{
- mbedtls_printf("MBEDTLS_ENTROPY_C and/or "
+ mbedtls_printf( "MBEDTLS_ENTROPY_C and/or "
"MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or "
- "MBEDTLS_NET_C and/or MBEDTLS_CTR_DRBG_C and/or not defined.\n");
+ "MBEDTLS_NET_C and/or MBEDTLS_CTR_DRBG_C and/or not defined "
+ " and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER defined.\n" );
mbedtls_exit( 0 );
}
#else
@@ -1285,7 +1287,7 @@
size_t key_len;
unsigned char key[MBEDTLS_PSK_MAX_LEN];
#if defined(MBEDTLS_USE_PSA_CRYPTO)
- psa_key_handle_t slot;
+ psa_key_id_t slot;
#endif /* MBEDTLS_USE_PSA_CRYPTO */
psk_entry *next;
};
@@ -1301,7 +1303,7 @@
{
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_status_t status;
- psa_key_handle_t const slot = head->slot;
+ psa_key_id_t const slot = head->slot;
if( slot != 0 )
{
@@ -1711,7 +1713,7 @@
}
#if defined(MBEDTLS_USE_PSA_CRYPTO)
-static psa_status_t psa_setup_psk_key_slot( psa_key_handle_t *slot,
+static psa_status_t psa_setup_psk_key_slot( psa_key_id_t *slot,
psa_algorithm_t alg,
unsigned char *psk,
size_t psk_len )
@@ -1795,7 +1797,7 @@
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_algorithm_t alg = 0;
- psa_key_handle_t psk_slot = 0;
+ psa_key_id_t psk_slot = 0;
#endif /* MBEDTLS_USE_PSA_CRYPTO */
unsigned char psk[MBEDTLS_PSK_MAX_LEN];
size_t psk_len = 0;
diff --git a/scripts/config.py b/scripts/config.py
index 6c29981..ae0614a 100755
--- a/scripts/config.py
+++ b/scripts/config.py
@@ -185,6 +185,7 @@
'MBEDTLS_PKCS11_C', # build dependency (libpkcs11-helper)
'MBEDTLS_PLATFORM_NO_STD_FUNCTIONS', # removes a feature
'MBEDTLS_PSA_CRYPTO_CONFIG', # toggles old/new style PSA config
+ 'MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER', # incompatible with USE_PSA_CRYPTO
'MBEDTLS_PSA_CRYPTO_SPM', # platform dependency (PSA SPM)
'MBEDTLS_PSA_INJECT_ENTROPY', # build dependency (hook functions)
'MBEDTLS_REMOVE_3DES_CIPHERSUITES', # removes a feature
diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h
index c8013a1..01b0547 100644
--- a/tests/include/test/psa_crypto_helpers.h
+++ b/tests/include/test/psa_crypto_helpers.h
@@ -24,6 +24,7 @@
#include "test/psa_helpers.h"
#include <psa/crypto.h>
+#include <psa_crypto_slot_management.h>
static int test_helper_is_psa_pristine( int line, const char *file )
{
@@ -40,6 +41,10 @@
msg = "An external slot has not been closed properly.";
else if( stats.half_filled_slots != 0 )
msg = "A half-filled slot has not been cleared properly.";
+ else if( stats.locked_slots != 0 )
+ {
+ msg = "Some slots are still marked as locked.";
+ }
/* If the test has already failed, don't overwrite the failure
* information. Do keep the stats lookup above, because it can be
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 731e5c0..2bb2216 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -786,6 +786,18 @@
if_build_succeeded tests/context-info.sh
}
+component_test_psa_crypto_key_id_encodes_owner () {
+ msg "build: full config - USE_PSA_CRYPTO + PSA_CRYPTO_KEY_ID_ENCODES_OWNER, cmake, gcc, ASan"
+ scripts/config.py full
+ scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
+ CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ make
+
+ msg "test: full config - USE_PSA_CRYPTO + PSA_CRYPTO_KEY_ID_ENCODES_OWNER, cmake, gcc, ASan"
+ make test
+}
+
component_test_zlib_make() {
msg "build: zlib enabled, make"
scripts/config.py set MBEDTLS_ZLIB_SUPPORT
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index c6041b2..98016c6 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -100,13 +100,13 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
/*
- * Generate a key using PSA and return a handle to that key,
+ * Generate a key using PSA and return the key identifier of that key,
* or 0 if the key generation failed.
* The key uses NIST P-256 and is usable for signing with SHA-256.
*/
-psa_key_handle_t pk_psa_genkey( void )
+mbedtls_svc_key_id_t pk_psa_genkey( void )
{
- psa_key_handle_t key;
+ mbedtls_svc_key_id_t key;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
const psa_key_type_t type =
PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 );
@@ -133,7 +133,7 @@
void pk_psa_utils( )
{
mbedtls_pk_context pk, pk2;
- psa_key_handle_t key;
+ mbedtls_svc_key_id_t key;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
const char * const name = "Opaque";
@@ -151,14 +151,14 @@
TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
- TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, 0 ) ==
+ TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, MBEDTLS_SVC_KEY_ID_INIT ) ==
MBEDTLS_ERR_PK_BAD_INPUT_DATA );
mbedtls_pk_free( &pk );
mbedtls_pk_init( &pk );
key = pk_psa_genkey();
- if( key == 0 )
+ if( mbedtls_svc_key_id_is_null( key ) )
goto exit;
TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, key ) == 0 );
@@ -200,6 +200,12 @@
TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( key ) );
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &attributes );
+
mbedtls_pk_free( &pk ); /* redundant except upon error */
mbedtls_pk_free( &pk2 );
PSA_DONE( );
@@ -1220,7 +1226,7 @@
unsigned char *pkey_legacy_start, *pkey_psa_start;
size_t sig_len, klen_legacy, klen_psa;
int ret;
- psa_key_handle_t handle;
+ mbedtls_svc_key_id_t key_id;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_type_t expected_type = PSA_KEY_TYPE_ECC_KEY_PAIR( psa_curve_arg );
size_t expected_bits = expected_bits_arg;
@@ -1252,10 +1258,10 @@
pkey_legacy_start = pkey_legacy + sizeof( pkey_legacy ) - klen_legacy;
/* Turn PK context into an opaque one. */
- TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &pk, &handle,
+ TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &pk, &key_id,
PSA_ALG_SHA_256 ) == 0 );
- PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( key_id, &attributes ) );
TEST_EQUAL( psa_get_key_type( &attributes ), expected_type );
TEST_EQUAL( psa_get_key_bits( &attributes ), expected_bits );
TEST_EQUAL( psa_get_key_lifetime( &attributes ),
@@ -1280,7 +1286,7 @@
TEST_ASSERT( memcmp( pkey_psa_start, pkey_legacy_start, klen_psa ) == 0 );
mbedtls_pk_free( &pk );
- TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( handle ) );
+ TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( key_id ) );
mbedtls_pk_init( &pk );
TEST_ASSERT( mbedtls_pk_parse_public_key( &pk, pkey_legacy_start,
@@ -1289,6 +1295,12 @@
hash, sizeof hash, sig, sig_len ) == 0 );
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &attributes );
+
mbedtls_pk_free( &pk );
PSA_DONE( );
}
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 774050d..d3dca7b 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -13,12 +13,18 @@
PSA key attributes: id then back to volatile
persistence_attributes:0x1234:0x5678:PSA_KEY_LIFETIME_VOLATILE:-1:0:0:0x5678:PSA_KEY_LIFETIME_VOLATILE
+PSA key attributes: id then back to non local volatile
+persistence_attributes:0x1234:0x5678:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_VOLATILE,1):-1:0:0:0x5678:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_VOLATILE,1)
+
PSA key attributes: id then lifetime
persistence_attributes:0x1234:0x5678:3:-1:0:0x1234:0x5678:3
PSA key attributes: lifetime then id
persistence_attributes:0x1234:0x5678:3:0x1235:0x5679:0x1235:0x5679:3
+PSA key attributes: non local volatile lifetime then id
+persistence_attributes:0x1234:0x5678:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_VOLATILE,3):0x1235:0x5679:0x1235:0x5679:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_LIFETIME_PERSISTENT,3)
+
PSA key attributes: slot number
slot_number_attribute:
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index fc563cb..8e71610 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -19,6 +19,7 @@
#define HAVE_RAM_AVAILABLE_128K
#include "psa/crypto.h"
+#include "psa_crypto_slot_management.h"
/** An invalid export length that will never be set by psa_export_key(). */
static const size_t INVALID_EXPORT_LENGTH = ~0U;
@@ -107,12 +108,10 @@
#endif
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-int lifetime_is_secure_element( psa_key_lifetime_t lifetime )
+int lifetime_is_dynamic_secure_element( psa_key_lifetime_t lifetime )
{
- /* At the moment, anything that isn't a built-in lifetime is either
- * a secure element or unassigned. */
- return( lifetime != PSA_KEY_LIFETIME_VOLATILE &&
- lifetime != PSA_KEY_LIFETIME_PERSISTENT );
+ return( PSA_KEY_LIFETIME_GET_LOCATION( lifetime ) !=
+ PSA_KEY_LOCATION_LOCAL_STORAGE );
}
#else
int lifetime_is_secure_element( psa_key_lifetime_t lifetime )
@@ -228,7 +227,7 @@
return( len );
}
-int check_key_attributes_sanity( psa_key_handle_t key )
+int check_key_attributes_sanity( mbedtls_svc_key_id_t key )
{
int ok = 0;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@@ -244,8 +243,14 @@
bits = psa_get_key_bits( &attributes );
/* Persistence */
- if( lifetime == PSA_KEY_LIFETIME_VOLATILE )
- TEST_ASSERT( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) == 0 );
+ if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
+ {
+ TEST_ASSERT(
+ ( PSA_KEY_ID_VOLATILE_MIN <=
+ MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ) &&
+ ( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) <=
+ PSA_KEY_ID_VOLATILE_MAX ) );
+ }
else
{
TEST_ASSERT(
@@ -256,7 +261,7 @@
/* randomly-generated 64-bit constant, should never appear in test data */
psa_key_slot_number_t slot_number = 0xec94d4a5058a1a21;
psa_status_t status = psa_get_key_slot_number( &attributes, &slot_number );
- if( lifetime_is_secure_element( lifetime ) )
+ if( lifetime_is_dynamic_secure_element( lifetime ) )
{
/* Mbed Crypto currently always exposes the slot number to
* applications. This is not mandated by the PSA specification
@@ -287,7 +292,12 @@
ok = 1;
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
return( ok );
}
@@ -298,31 +308,29 @@
psa_mac_operation_t *operation,
psa_status_t *status )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH );
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, key_type );
- PSA_ASSERT( psa_import_key( &attributes, key_bytes, key_length,
- &handle ) );
+ PSA_ASSERT( psa_import_key( &attributes, key_bytes, key_length, &key ) );
- *status = psa_mac_sign_setup( operation, handle, alg );
+ *status = psa_mac_sign_setup( operation, key, alg );
/* Whether setup succeeded or failed, abort must succeed. */
PSA_ASSERT( psa_mac_abort( operation ) );
/* If setup failed, reproduce the failure, so that the caller can
* test the resulting state of the operation object. */
if( *status != PSA_SUCCESS )
{
- TEST_EQUAL( psa_mac_sign_setup( operation, handle, alg ),
- *status );
+ TEST_EQUAL( psa_mac_sign_setup( operation, key, alg ), *status );
}
- psa_destroy_key( handle );
+ psa_destroy_key( key );
return( 1 );
exit:
- psa_destroy_key( handle );
+ psa_destroy_key( key );
return( 0 );
}
@@ -333,35 +341,34 @@
psa_cipher_operation_t *operation,
psa_status_t *status )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT );
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, key_type );
- PSA_ASSERT( psa_import_key( &attributes, key_bytes, key_length,
- &handle ) );
+ PSA_ASSERT( psa_import_key( &attributes, key_bytes, key_length, &key ) );
- *status = psa_cipher_encrypt_setup( operation, handle, alg );
+ *status = psa_cipher_encrypt_setup( operation, key, alg );
/* Whether setup succeeded or failed, abort must succeed. */
PSA_ASSERT( psa_cipher_abort( operation ) );
/* If setup failed, reproduce the failure, so that the caller can
* test the resulting state of the operation object. */
if( *status != PSA_SUCCESS )
{
- TEST_EQUAL( psa_cipher_encrypt_setup( operation, handle, alg ),
+ TEST_EQUAL( psa_cipher_encrypt_setup( operation, key, alg ),
*status );
}
- psa_destroy_key( handle );
+ psa_destroy_key( key );
return( 1 );
exit:
- psa_destroy_key( handle );
+ psa_destroy_key( key );
return( 0 );
}
-static int exercise_mac_key( psa_key_handle_t handle,
+static int exercise_mac_key( mbedtls_svc_key_id_t key,
psa_key_usage_t usage,
psa_algorithm_t alg )
{
@@ -372,8 +379,7 @@
if( usage & PSA_KEY_USAGE_SIGN_HASH )
{
- PSA_ASSERT( psa_mac_sign_setup( &operation,
- handle, alg ) );
+ PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation,
input, sizeof( input ) ) );
PSA_ASSERT( psa_mac_sign_finish( &operation,
@@ -387,8 +393,7 @@
( usage & PSA_KEY_USAGE_SIGN_HASH ?
PSA_SUCCESS :
PSA_ERROR_INVALID_SIGNATURE );
- PSA_ASSERT( psa_mac_verify_setup( &operation,
- handle, alg ) );
+ PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation,
input, sizeof( input ) ) );
TEST_EQUAL( psa_mac_verify_finish( &operation, mac, mac_length ),
@@ -402,7 +407,7 @@
return( 0 );
}
-static int exercise_cipher_key( psa_key_handle_t handle,
+static int exercise_cipher_key( mbedtls_svc_key_id_t key,
psa_key_usage_t usage,
psa_algorithm_t alg )
{
@@ -417,8 +422,7 @@
if( usage & PSA_KEY_USAGE_ENCRYPT )
{
- PSA_ASSERT( psa_cipher_encrypt_setup( &operation,
- handle, alg ) );
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
PSA_ASSERT( psa_cipher_generate_iv( &operation,
iv, sizeof( iv ),
&iv_length ) );
@@ -440,15 +444,15 @@
if( ! ( usage & PSA_KEY_USAGE_ENCRYPT ) )
{
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
/* This should be PSA_CIPHER_GET_IV_SIZE but the API doesn't
* have this macro yet. */
iv_length = PSA_BLOCK_CIPHER_BLOCK_SIZE(
psa_get_key_type( &attributes ) );
maybe_invalid_padding = ! PSA_ALG_IS_STREAM_CIPHER( alg );
+ psa_reset_key_attributes( &attributes );
}
- PSA_ASSERT( psa_cipher_decrypt_setup( &operation,
- handle, alg ) );
+ PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) );
PSA_ASSERT( psa_cipher_set_iv( &operation,
iv, iv_length ) );
PSA_ASSERT( psa_cipher_update( &operation,
@@ -476,7 +480,7 @@
return( 0 );
}
-static int exercise_aead_key( psa_key_handle_t handle,
+static int exercise_aead_key( mbedtls_svc_key_id_t key,
psa_key_usage_t usage,
psa_algorithm_t alg )
{
@@ -489,7 +493,7 @@
if( usage & PSA_KEY_USAGE_ENCRYPT )
{
- PSA_ASSERT( psa_aead_encrypt( handle, alg,
+ PSA_ASSERT( psa_aead_encrypt( key, alg,
nonce, nonce_length,
NULL, 0,
plaintext, sizeof( plaintext ),
@@ -503,7 +507,7 @@
( usage & PSA_KEY_USAGE_ENCRYPT ?
PSA_SUCCESS :
PSA_ERROR_INVALID_SIGNATURE );
- TEST_EQUAL( psa_aead_decrypt( handle, alg,
+ TEST_EQUAL( psa_aead_decrypt( key, alg,
nonce, nonce_length,
NULL, 0,
ciphertext, ciphertext_length,
@@ -518,7 +522,7 @@
return( 0 );
}
-static int exercise_signature_key( psa_key_handle_t handle,
+static int exercise_signature_key( mbedtls_svc_key_id_t key,
psa_key_usage_t usage,
psa_algorithm_t alg )
{
@@ -547,7 +551,7 @@
* even for algorithms that allow other input sizes. */
if( hash_alg != 0 )
payload_length = PSA_HASH_SIZE( hash_alg );
- PSA_ASSERT( psa_sign_hash( handle, alg,
+ PSA_ASSERT( psa_sign_hash( key, alg,
payload, payload_length,
signature, sizeof( signature ),
&signature_length ) );
@@ -559,7 +563,7 @@
( usage & PSA_KEY_USAGE_SIGN_HASH ?
PSA_SUCCESS :
PSA_ERROR_INVALID_SIGNATURE );
- TEST_EQUAL( psa_verify_hash( handle, alg,
+ TEST_EQUAL( psa_verify_hash( key, alg,
payload, payload_length,
signature, signature_length ),
verify_status );
@@ -571,7 +575,7 @@
return( 0 );
}
-static int exercise_asymmetric_encryption_key( psa_key_handle_t handle,
+static int exercise_asymmetric_encryption_key( mbedtls_svc_key_id_t key,
psa_key_usage_t usage,
psa_algorithm_t alg )
{
@@ -582,7 +586,7 @@
if( usage & PSA_KEY_USAGE_ENCRYPT )
{
- PSA_ASSERT( psa_asymmetric_encrypt( handle, alg,
+ PSA_ASSERT( psa_asymmetric_encrypt( key, alg,
plaintext, plaintext_length,
NULL, 0,
ciphertext, sizeof( ciphertext ),
@@ -592,7 +596,7 @@
if( usage & PSA_KEY_USAGE_DECRYPT )
{
psa_status_t status =
- psa_asymmetric_decrypt( handle, alg,
+ psa_asymmetric_decrypt( key, alg,
ciphertext, ciphertext_length,
NULL, 0,
plaintext, sizeof( plaintext ),
@@ -610,7 +614,7 @@
}
static int setup_key_derivation_wrap( psa_key_derivation_operation_t* operation,
- psa_key_handle_t handle,
+ mbedtls_svc_key_id_t key,
psa_algorithm_t alg,
unsigned char* input1, size_t input1_length,
unsigned char* input2, size_t input2_length,
@@ -624,7 +628,7 @@
input1, input1_length ) );
PSA_ASSERT( psa_key_derivation_input_key( operation,
PSA_KEY_DERIVATION_INPUT_SECRET,
- handle ) );
+ key ) );
PSA_ASSERT( psa_key_derivation_input_bytes( operation,
PSA_KEY_DERIVATION_INPUT_INFO,
input2,
@@ -638,7 +642,7 @@
input1, input1_length ) );
PSA_ASSERT( psa_key_derivation_input_key( operation,
PSA_KEY_DERIVATION_INPUT_SECRET,
- handle ) );
+ key ) );
PSA_ASSERT( psa_key_derivation_input_bytes( operation,
PSA_KEY_DERIVATION_INPUT_LABEL,
input2, input2_length ) );
@@ -658,7 +662,7 @@
}
-static int exercise_key_derivation_key( psa_key_handle_t handle,
+static int exercise_key_derivation_key( mbedtls_svc_key_id_t key,
psa_key_usage_t usage,
psa_algorithm_t alg )
{
@@ -672,7 +676,7 @@
if( usage & PSA_KEY_USAGE_DERIVE )
{
- if( !setup_key_derivation_wrap( &operation, handle, alg,
+ if( !setup_key_derivation_wrap( &operation, key, alg,
input1, input1_length,
input2, input2_length, capacity ) )
goto exit;
@@ -693,7 +697,7 @@
* private key against its own public key. */
static psa_status_t key_agreement_with_self(
psa_key_derivation_operation_t *operation,
- psa_key_handle_t handle )
+ mbedtls_svc_key_id_t key )
{
psa_key_type_t private_key_type;
psa_key_type_t public_key_type;
@@ -706,29 +710,33 @@
psa_status_t status = PSA_ERROR_GENERIC_ERROR;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
private_key_type = psa_get_key_type( &attributes );
key_bits = psa_get_key_bits( &attributes );
public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( private_key_type );
public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits );
ASSERT_ALLOC( public_key, public_key_length );
- PSA_ASSERT( psa_export_public_key( handle,
- public_key, public_key_length,
+ PSA_ASSERT( psa_export_public_key( key, public_key, public_key_length,
&public_key_length ) );
status = psa_key_derivation_key_agreement(
- operation, PSA_KEY_DERIVATION_INPUT_SECRET, handle,
+ operation, PSA_KEY_DERIVATION_INPUT_SECRET, key,
public_key, public_key_length );
exit:
- mbedtls_free( public_key );
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
+ mbedtls_free( public_key );
return( status );
}
/* We need two keys to exercise key agreement. Exercise the
* private key against its own public key. */
static psa_status_t raw_key_agreement_with_self( psa_algorithm_t alg,
- psa_key_handle_t handle )
+ mbedtls_svc_key_id_t key )
{
psa_key_type_t private_key_type;
psa_key_type_t public_key_type;
@@ -743,26 +751,31 @@
psa_status_t status = PSA_ERROR_GENERIC_ERROR;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
private_key_type = psa_get_key_type( &attributes );
key_bits = psa_get_key_bits( &attributes );
public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( private_key_type );
public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits );
ASSERT_ALLOC( public_key, public_key_length );
- PSA_ASSERT( psa_export_public_key( handle,
+ PSA_ASSERT( psa_export_public_key( key,
public_key, public_key_length,
&public_key_length ) );
- status = psa_raw_key_agreement( alg, handle,
+ status = psa_raw_key_agreement( alg, key,
public_key, public_key_length,
output, sizeof( output ), &output_length );
exit:
- mbedtls_free( public_key );
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
+ mbedtls_free( public_key );
return( status );
}
-static int exercise_raw_key_agreement_key( psa_key_handle_t handle,
+static int exercise_raw_key_agreement_key( mbedtls_svc_key_id_t key,
psa_key_usage_t usage,
psa_algorithm_t alg )
{
@@ -772,7 +785,7 @@
{
/* We need two keys to exercise key agreement. Exercise the
* private key against its own public key. */
- PSA_ASSERT( raw_key_agreement_with_self( alg, handle ) );
+ PSA_ASSERT( raw_key_agreement_with_self( alg, key ) );
}
ok = 1;
@@ -780,7 +793,7 @@
return( ok );
}
-static int exercise_key_agreement_key( psa_key_handle_t handle,
+static int exercise_key_agreement_key( mbedtls_svc_key_id_t key,
psa_key_usage_t usage,
psa_algorithm_t alg )
{
@@ -793,7 +806,7 @@
/* We need two keys to exercise key agreement. Exercise the
* private key against its own public key. */
PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) );
- PSA_ASSERT( key_agreement_with_self( &operation, handle ) );
+ PSA_ASSERT( key_agreement_with_self( &operation, key ) );
PSA_ASSERT( psa_key_derivation_output_bytes( &operation,
output,
sizeof( output ) ) );
@@ -1004,7 +1017,7 @@
return( 0 );
}
-static int exercise_export_key( psa_key_handle_t handle,
+static int exercise_export_key( mbedtls_svc_key_id_t key,
psa_key_usage_t usage )
{
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@@ -1013,12 +1026,12 @@
size_t exported_length = 0;
int ok = 0;
- PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
if( ( usage & PSA_KEY_USAGE_EXPORT ) == 0 &&
! PSA_KEY_TYPE_IS_PUBLIC_KEY( psa_get_key_type( &attributes ) ) )
{
- TEST_EQUAL( psa_export_key( handle, NULL, 0, &exported_length ),
+ TEST_EQUAL( psa_export_key( key, NULL, 0, &exported_length ),
PSA_ERROR_NOT_PERMITTED );
ok = 1;
goto exit;
@@ -1028,7 +1041,7 @@
psa_get_key_bits( &attributes ) );
ASSERT_ALLOC( exported, exported_size );
- PSA_ASSERT( psa_export_key( handle,
+ PSA_ASSERT( psa_export_key( key,
exported, exported_size,
&exported_length ) );
ok = exported_key_sanity_check( psa_get_key_type( &attributes ),
@@ -1036,12 +1049,17 @@
exported, exported_length );
exit:
- mbedtls_free( exported );
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
+ mbedtls_free( exported );
return( ok );
}
-static int exercise_export_public_key( psa_key_handle_t handle )
+static int exercise_export_public_key( mbedtls_svc_key_id_t key )
{
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_type_t public_type;
@@ -1050,10 +1068,10 @@
size_t exported_length = 0;
int ok = 0;
- PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
if( ! PSA_KEY_TYPE_IS_ASYMMETRIC( psa_get_key_type( &attributes ) ) )
{
- TEST_EQUAL( psa_export_public_key( handle, NULL, 0, &exported_length ),
+ TEST_EQUAL( psa_export_public_key( key, NULL, 0, &exported_length ),
PSA_ERROR_INVALID_ARGUMENT );
return( 1 );
}
@@ -1064,7 +1082,7 @@
psa_get_key_bits( &attributes ) );
ASSERT_ALLOC( exported, exported_size );
- PSA_ASSERT( psa_export_public_key( handle,
+ PSA_ASSERT( psa_export_public_key( key,
exported, exported_size,
&exported_length ) );
ok = exported_key_sanity_check( public_type,
@@ -1072,8 +1090,13 @@
exported, exported_length );
exit:
- mbedtls_free( exported );
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
+ mbedtls_free( exported );
return( ok );
}
@@ -1096,7 +1119,7 @@
* if( ! exercise_key( ... ) ) goto exit;
* ```
*
- * \param handle The key to exercise. It should be capable of performing
+ * \param key The key to exercise. It should be capable of performing
* \p alg.
* \param usage The usage flags to assume.
* \param alg The algorithm to exercise.
@@ -1104,33 +1127,33 @@
* \retval 0 The key failed the smoke tests.
* \retval 1 The key passed the smoke tests.
*/
-static int exercise_key( psa_key_handle_t handle,
+static int exercise_key( mbedtls_svc_key_id_t key,
psa_key_usage_t usage,
psa_algorithm_t alg )
{
int ok;
- if( ! check_key_attributes_sanity( handle ) )
+ if( ! check_key_attributes_sanity( key ) )
return( 0 );
if( alg == 0 )
ok = 1; /* If no algorihm, do nothing (used for raw data "keys"). */
else if( PSA_ALG_IS_MAC( alg ) )
- ok = exercise_mac_key( handle, usage, alg );
+ ok = exercise_mac_key( key, usage, alg );
else if( PSA_ALG_IS_CIPHER( alg ) )
- ok = exercise_cipher_key( handle, usage, alg );
+ ok = exercise_cipher_key( key, usage, alg );
else if( PSA_ALG_IS_AEAD( alg ) )
- ok = exercise_aead_key( handle, usage, alg );
+ ok = exercise_aead_key( key, usage, alg );
else if( PSA_ALG_IS_SIGN( alg ) )
- ok = exercise_signature_key( handle, usage, alg );
+ ok = exercise_signature_key( key, usage, alg );
else if( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) )
- ok = exercise_asymmetric_encryption_key( handle, usage, alg );
+ ok = exercise_asymmetric_encryption_key( key, usage, alg );
else if( PSA_ALG_IS_KEY_DERIVATION( alg ) )
- ok = exercise_key_derivation_key( handle, usage, alg );
+ ok = exercise_key_derivation_key( key, usage, alg );
else if( PSA_ALG_IS_RAW_KEY_AGREEMENT( alg ) )
- ok = exercise_raw_key_agreement_key( handle, usage, alg );
+ ok = exercise_raw_key_agreement_key( key, usage, alg );
else if( PSA_ALG_IS_KEY_AGREEMENT( alg ) )
- ok = exercise_key_agreement_key( handle, usage, alg );
+ ok = exercise_key_agreement_key( key, usage, alg );
else
{
char message[40];
@@ -1141,8 +1164,8 @@
ok = 0;
}
- ok = ok && exercise_export_key( handle, usage );
- ok = ok && exercise_export_public_key( handle );
+ ok = ok && exercise_export_key( key, usage );
+ ok = ok && exercise_export_public_key( key );
return( ok );
}
@@ -1175,7 +1198,7 @@
}
-static int test_operations_on_invalid_handle( psa_key_handle_t handle )
+static int test_operations_on_invalid_key( mbedtls_svc_key_id_t key )
{
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, 0x6964 );
@@ -1187,8 +1210,8 @@
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT );
psa_set_key_algorithm( &attributes, PSA_ALG_CTR );
psa_set_key_type( &attributes, PSA_KEY_TYPE_AES );
- TEST_EQUAL( psa_get_key_attributes( handle, &attributes ),
- PSA_ERROR_INVALID_HANDLE );
+ TEST_EQUAL( psa_get_key_attributes( key, &attributes ),
+ PSA_ERROR_DOES_NOT_EXIST );
TEST_EQUAL(
MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( &attributes ) ), 0 );
TEST_EQUAL(
@@ -1199,17 +1222,21 @@
TEST_EQUAL( psa_get_key_type( &attributes ), 0 );
TEST_EQUAL( psa_get_key_bits( &attributes ), 0 );
- TEST_EQUAL( psa_export_key( handle,
- buffer, sizeof( buffer ), &length ),
- PSA_ERROR_INVALID_HANDLE );
- TEST_EQUAL( psa_export_public_key( handle,
+ TEST_EQUAL( psa_export_key( key, buffer, sizeof( buffer ), &length ),
+ PSA_ERROR_DOES_NOT_EXIST );
+ TEST_EQUAL( psa_export_public_key( key,
buffer, sizeof( buffer ), &length ),
- PSA_ERROR_INVALID_HANDLE );
+ PSA_ERROR_DOES_NOT_EXIST );
ok = 1;
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
return( ok );
}
@@ -1452,7 +1479,7 @@
{
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t type = type_arg;
psa_key_usage_t usage = usage_arg;
psa_algorithm_t alg = alg_arg;
@@ -1468,23 +1495,28 @@
status = psa_import_key( &attributes,
key_material, sizeof( key_material ),
- &handle );
+ &key );
TEST_EQUAL( status, expected_status );
if( status != PSA_SUCCESS )
goto exit;
- PSA_ASSERT( psa_get_key_attributes( handle, &got_attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) );
TEST_EQUAL( psa_get_key_type( &got_attributes ), type );
TEST_EQUAL( psa_get_key_usage_flags( &got_attributes ), usage );
TEST_EQUAL( psa_get_key_algorithm( &got_attributes ), alg );
ASSERT_NO_SLOT_NUMBER( &got_attributes );
- PSA_ASSERT( psa_destroy_key( handle ) );
- test_operations_on_invalid_handle( handle );
+ PSA_ASSERT( psa_destroy_key( key ) );
+ test_operations_on_invalid_key( key );
exit:
- psa_destroy_key( handle );
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &got_attributes );
+
+ psa_destroy_key( key );
PSA_DONE( );
}
/* END_CASE */
@@ -1496,7 +1528,7 @@
{
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t type = type_arg;
size_t attr_bits = attr_bits_arg;
psa_status_t expected_status = expected_status_arg;
@@ -1507,23 +1539,28 @@
psa_set_key_type( &attributes, type );
psa_set_key_bits( &attributes, attr_bits );
- status = psa_import_key( &attributes, data->x, data->len, &handle );
+ status = psa_import_key( &attributes, data->x, data->len, &key );
TEST_EQUAL( status, expected_status );
if( status != PSA_SUCCESS )
goto exit;
- PSA_ASSERT( psa_get_key_attributes( handle, &got_attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) );
TEST_EQUAL( psa_get_key_type( &got_attributes ), type );
if( attr_bits != 0 )
TEST_EQUAL( attr_bits, psa_get_key_bits( &got_attributes ) );
ASSERT_NO_SLOT_NUMBER( &got_attributes );
- PSA_ASSERT( psa_destroy_key( handle ) );
- test_operations_on_invalid_handle( handle );
+ PSA_ASSERT( psa_destroy_key( key ) );
+ test_operations_on_invalid_key( key );
exit:
- psa_destroy_key( handle );
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &got_attributes );
+
+ psa_destroy_key( key );
PSA_DONE( );
}
/* END_CASE */
@@ -1536,7 +1573,7 @@
size_t byte_size = byte_size_arg;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_status_t expected_status = expected_status_arg;
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_status_t status;
uint8_t *buffer = NULL;
size_t buffer_size = byte_size + 1;
@@ -1552,18 +1589,18 @@
/* Try importing the key */
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT );
psa_set_key_type( &attributes, type );
- status = psa_import_key( &attributes, buffer, byte_size, &handle );
+ status = psa_import_key( &attributes, buffer, byte_size, &key );
TEST_EQUAL( status, expected_status );
if( status == PSA_SUCCESS )
{
- PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
TEST_EQUAL( psa_get_key_type( &attributes ), type );
TEST_EQUAL( psa_get_key_bits( &attributes ),
PSA_BYTES_TO_BITS( byte_size ) );
ASSERT_NO_SLOT_NUMBER( &attributes );
memset( buffer, 0, byte_size + 1 );
- PSA_ASSERT( psa_export_key( handle, buffer, byte_size, &n ) );
+ PSA_ASSERT( psa_export_key( key, buffer, byte_size, &n ) );
for( n = 0; n < byte_size; n++ )
TEST_EQUAL( buffer[n], 'K' );
for( n = byte_size; n < buffer_size; n++ )
@@ -1571,7 +1608,13 @@
}
exit:
- psa_destroy_key( handle );
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &attributes );
+
+ psa_destroy_key( key );
PSA_DONE( );
mbedtls_free( buffer );
}
@@ -1580,7 +1623,7 @@
/* BEGIN_CASE */
void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
size_t bits = bits_arg;
psa_status_t expected_status = expected_status_arg;
psa_status_t status;
@@ -1603,11 +1646,11 @@
/* Try importing the key */
psa_set_key_type( &attributes, type );
- status = psa_import_key( &attributes, p, length, &handle );
+ status = psa_import_key( &attributes, p, length, &key );
TEST_EQUAL( status, expected_status );
if( status == PSA_SUCCESS )
- PSA_ASSERT( psa_destroy_key( handle ) );
+ PSA_ASSERT( psa_destroy_key( key ) );
exit:
mbedtls_free( buffer );
@@ -1624,7 +1667,7 @@
int expected_export_status_arg,
int canonical_input )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t type = type_arg;
psa_algorithm_t alg = alg_arg;
psa_status_t expected_export_status = expected_export_status_arg;
@@ -1648,18 +1691,16 @@
psa_set_key_type( &attributes, type );
/* Import the key */
- PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, &handle ) );
+ PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, &key ) );
/* Test the key information */
- PSA_ASSERT( psa_get_key_attributes( handle, &got_attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) );
TEST_EQUAL( psa_get_key_type( &got_attributes ), type );
TEST_EQUAL( psa_get_key_bits( &got_attributes ), (size_t) expected_bits );
ASSERT_NO_SLOT_NUMBER( &got_attributes );
/* Export the key */
- status = psa_export_key( handle,
- exported, export_size,
- &exported_length );
+ status = psa_export_key( key, exported, export_size, &exported_length );
TEST_EQUAL( status, expected_export_status );
/* The exported length must be set by psa_export_key() to a value between 0
@@ -1676,35 +1717,40 @@
goto destroy;
}
- if( ! exercise_export_key( handle, usage_arg ) )
+ if( ! exercise_export_key( key, usage_arg ) )
goto exit;
if( canonical_input )
ASSERT_COMPARE( data->x, data->len, exported, exported_length );
else
{
- psa_key_handle_t handle2;
+ mbedtls_svc_key_id_t key2 = MBEDTLS_SVC_KEY_ID_INIT;
PSA_ASSERT( psa_import_key( &attributes, exported, exported_length,
- &handle2 ) );
- PSA_ASSERT( psa_export_key( handle2,
+ &key2 ) );
+ PSA_ASSERT( psa_export_key( key2,
reexported,
export_size,
&reexported_length ) );
ASSERT_COMPARE( exported, exported_length,
reexported, reexported_length );
- PSA_ASSERT( psa_close_key( handle2 ) );
+ PSA_ASSERT( psa_destroy_key( key2 ) );
}
TEST_ASSERT( exported_length <= PSA_KEY_EXPORT_MAX_SIZE( type, psa_get_key_bits( &got_attributes ) ) );
destroy:
/* Destroy the key */
- PSA_ASSERT( psa_destroy_key( handle ) );
- test_operations_on_invalid_handle( handle );
+ PSA_ASSERT( psa_destroy_key( key ) );
+ test_operations_on_invalid_key( key );
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &got_attributes );
+
mbedtls_free( exported );
mbedtls_free( reexported );
- psa_reset_key_attributes( &got_attributes );
PSA_DONE( );
}
/* END_CASE */
@@ -1717,7 +1763,7 @@
int expected_export_status_arg,
data_t *expected_public_key )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t type = type_arg;
psa_algorithm_t alg = alg_arg;
psa_status_t expected_export_status = expected_export_status_arg;
@@ -1734,11 +1780,11 @@
psa_set_key_type( &attributes, type );
/* Import the key */
- PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, &handle ) );
+ PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, &key ) );
/* Export the public key */
ASSERT_ALLOC( exported, export_size );
- status = psa_export_public_key( handle,
+ status = psa_export_public_key( key,
exported, export_size,
&exported_length );
TEST_EQUAL( status, expected_export_status );
@@ -1746,7 +1792,7 @@
{
psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( type );
size_t bits;
- PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
bits = psa_get_key_bits( &attributes );
TEST_ASSERT( expected_public_key->len <=
PSA_KEY_EXPORT_MAX_SIZE( public_type, bits ) );
@@ -1755,9 +1801,14 @@
}
exit:
- mbedtls_free( exported );
- psa_destroy_key( handle );
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
+ mbedtls_free( exported );
+ psa_destroy_key( key );
PSA_DONE( );
}
/* END_CASE */
@@ -1768,7 +1819,7 @@
int bits_arg,
int alg_arg )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t type = type_arg;
size_t bits = bits_arg;
psa_algorithm_t alg = alg_arg;
@@ -1783,23 +1834,29 @@
psa_set_key_type( &attributes, type );
/* Import the key */
- PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, &handle ) );
+ PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, &key ) );
/* Test the key information */
- PSA_ASSERT( psa_get_key_attributes( handle, &got_attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) );
TEST_EQUAL( psa_get_key_type( &got_attributes ), type );
TEST_EQUAL( psa_get_key_bits( &got_attributes ), bits );
/* Do something with the key according to its type and permitted usage. */
- if( ! exercise_key( handle, usage, alg ) )
+ if( ! exercise_key( key, usage, alg ) )
goto exit;
- PSA_ASSERT( psa_destroy_key( handle ) );
- test_operations_on_invalid_handle( handle );
+ PSA_ASSERT( psa_destroy_key( key ) );
+ test_operations_on_invalid_key( key );
exit:
- psa_destroy_key( handle );
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &got_attributes );
+
+ psa_reset_key_attributes( &attributes );
+ psa_destroy_key( key );
PSA_DONE( );
}
/* END_CASE */
@@ -1810,7 +1867,7 @@
int usage_arg, int expected_usage_arg,
int alg_arg, int expected_alg_arg )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = type_arg;
psa_key_type_t expected_key_type = expected_type_arg;
size_t bits = bits_arg;
@@ -1828,18 +1885,23 @@
psa_set_key_type( &attributes, key_type );
psa_set_key_bits( &attributes, bits );
- PSA_ASSERT( psa_generate_key( &attributes, &handle ) );
+ PSA_ASSERT( psa_generate_key( &attributes, &key ) );
psa_reset_key_attributes( &attributes );
- PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
TEST_EQUAL( psa_get_key_type( &attributes ), expected_key_type );
TEST_EQUAL( psa_get_key_bits( &attributes ), expected_bits );
TEST_EQUAL( psa_get_key_usage_flags( &attributes ), expected_usage );
TEST_EQUAL( psa_get_key_algorithm( &attributes ), expected_alg );
exit:
- psa_destroy_key( handle );
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
+ psa_destroy_key( key );
PSA_DONE( );
}
/* END_CASE */
@@ -1896,7 +1958,7 @@
data_t *key_data,
int exercise_alg )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
psa_status_t status;
@@ -1909,9 +1971,9 @@
psa_set_key_type( &attributes, key_type );
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
- &handle ) );
+ &key ) );
- status = psa_mac_sign_setup( &operation, handle, exercise_alg );
+ status = psa_mac_sign_setup( &operation, key, exercise_alg );
if( policy_alg == exercise_alg &&
( policy_usage & PSA_KEY_USAGE_SIGN_HASH ) != 0 )
PSA_ASSERT( status );
@@ -1920,7 +1982,7 @@
psa_mac_abort( &operation );
memset( mac, 0, sizeof( mac ) );
- status = psa_mac_verify_setup( &operation, handle, exercise_alg );
+ status = psa_mac_verify_setup( &operation, key, exercise_alg );
if( policy_alg == exercise_alg &&
( policy_usage & PSA_KEY_USAGE_VERIFY_HASH ) != 0 )
PSA_ASSERT( status );
@@ -1929,7 +1991,7 @@
exit:
psa_mac_abort( &operation );
- psa_destroy_key( handle );
+ psa_destroy_key( key );
PSA_DONE( );
}
/* END_CASE */
@@ -1941,7 +2003,7 @@
data_t *key_data,
int exercise_alg )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
psa_status_t status;
@@ -1953,9 +2015,9 @@
psa_set_key_type( &attributes, key_type );
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
- &handle ) );
+ &key ) );
- status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg );
+ status = psa_cipher_encrypt_setup( &operation, key, exercise_alg );
if( policy_alg == exercise_alg &&
( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 )
PSA_ASSERT( status );
@@ -1963,7 +2025,7 @@
TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
psa_cipher_abort( &operation );
- status = psa_cipher_decrypt_setup( &operation, handle, exercise_alg );
+ status = psa_cipher_decrypt_setup( &operation, key, exercise_alg );
if( policy_alg == exercise_alg &&
( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 )
PSA_ASSERT( status );
@@ -1972,7 +2034,7 @@
exit:
psa_cipher_abort( &operation );
- psa_destroy_key( handle );
+ psa_destroy_key( key );
PSA_DONE( );
}
/* END_CASE */
@@ -1986,7 +2048,7 @@
int tag_length_arg,
int exercise_alg )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_status_t status;
unsigned char nonce[16] = {0};
@@ -2005,9 +2067,9 @@
psa_set_key_type( &attributes, key_type );
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
- &handle ) );
+ &key ) );
- status = psa_aead_encrypt( handle, exercise_alg,
+ status = psa_aead_encrypt( key, exercise_alg,
nonce, nonce_length,
NULL, 0,
NULL, 0,
@@ -2020,7 +2082,7 @@
TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
memset( tag, 0, sizeof( tag ) );
- status = psa_aead_decrypt( handle, exercise_alg,
+ status = psa_aead_decrypt( key, exercise_alg,
nonce, nonce_length,
NULL, 0,
tag, tag_length,
@@ -2033,7 +2095,7 @@
TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
exit:
- psa_destroy_key( handle );
+ psa_destroy_key( key );
PSA_DONE( );
}
/* END_CASE */
@@ -2045,7 +2107,7 @@
data_t *key_data,
int exercise_alg )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_status_t status;
size_t key_bits;
@@ -2060,15 +2122,15 @@
psa_set_key_type( &attributes, key_type );
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
- &handle ) );
+ &key ) );
- PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
key_bits = psa_get_key_bits( &attributes );
buffer_length = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits,
exercise_alg );
ASSERT_ALLOC( buffer, buffer_length );
- status = psa_asymmetric_encrypt( handle, exercise_alg,
+ status = psa_asymmetric_encrypt( key, exercise_alg,
NULL, 0,
NULL, 0,
buffer, buffer_length,
@@ -2081,7 +2143,7 @@
if( buffer_length != 0 )
memset( buffer, 0, buffer_length );
- status = psa_asymmetric_decrypt( handle, exercise_alg,
+ status = psa_asymmetric_decrypt( key, exercise_alg,
buffer, buffer_length,
NULL, 0,
buffer, buffer_length,
@@ -2093,8 +2155,13 @@
TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
exit:
- psa_destroy_key( handle );
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
+ psa_destroy_key( key );
PSA_DONE( );
mbedtls_free( buffer );
}
@@ -2108,7 +2175,7 @@
int exercise_alg,
int payload_length_arg )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_status_t status;
unsigned char payload[PSA_HASH_MAX_SIZE] = {1};
@@ -2128,9 +2195,9 @@
psa_set_key_type( &attributes, key_type );
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
- &handle ) );
+ &key ) );
- status = psa_sign_hash( handle, exercise_alg,
+ status = psa_sign_hash( key, exercise_alg,
payload, payload_length,
signature, sizeof( signature ),
&signature_length );
@@ -2140,7 +2207,7 @@
TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
memset( signature, 0, sizeof( signature ) );
- status = psa_verify_hash( handle, exercise_alg,
+ status = psa_verify_hash( key, exercise_alg,
payload, payload_length,
signature, sizeof( signature ) );
if( compatible_alg && ( policy_usage & PSA_KEY_USAGE_VERIFY_HASH ) != 0 )
@@ -2149,7 +2216,7 @@
TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
exit:
- psa_destroy_key( handle );
+ psa_destroy_key( key );
PSA_DONE( );
}
/* END_CASE */
@@ -2161,7 +2228,7 @@
data_t *key_data,
int exercise_alg )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
psa_status_t status;
@@ -2173,7 +2240,7 @@
psa_set_key_type( &attributes, key_type );
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
- &handle ) );
+ &key ) );
PSA_ASSERT( psa_key_derivation_setup( &operation, exercise_alg ) );
@@ -2188,7 +2255,7 @@
status = psa_key_derivation_input_key( &operation,
PSA_KEY_DERIVATION_INPUT_SECRET,
- handle );
+ key );
if( policy_alg == exercise_alg &&
( policy_usage & PSA_KEY_USAGE_DERIVE ) != 0 )
@@ -2198,7 +2265,7 @@
exit:
psa_key_derivation_abort( &operation );
- psa_destroy_key( handle );
+ psa_destroy_key( key );
PSA_DONE( );
}
/* END_CASE */
@@ -2211,7 +2278,7 @@
int exercise_alg,
int expected_status_arg )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_type_t key_type = key_type_arg;
psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
@@ -2225,16 +2292,16 @@
psa_set_key_type( &attributes, key_type );
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
- &handle ) );
+ &key ) );
PSA_ASSERT( psa_key_derivation_setup( &operation, exercise_alg ) );
- status = key_agreement_with_self( &operation, handle );
+ status = key_agreement_with_self( &operation, key );
TEST_EQUAL( status, expected_status );
exit:
psa_key_derivation_abort( &operation );
- psa_destroy_key( handle );
+ psa_destroy_key( key );
PSA_DONE( );
}
/* END_CASE */
@@ -2243,7 +2310,7 @@
void key_policy_alg2( int key_type_arg, data_t *key_data,
int usage_arg, int alg_arg, int alg2_arg )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT;
@@ -2258,20 +2325,26 @@
psa_set_key_enrollment_algorithm( &attributes, alg2 );
psa_set_key_type( &attributes, key_type );
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
- &handle ) );
+ &key ) );
- PSA_ASSERT( psa_get_key_attributes( handle, &got_attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) );
TEST_EQUAL( psa_get_key_usage_flags( &got_attributes ), usage );
TEST_EQUAL( psa_get_key_algorithm( &got_attributes ), alg );
TEST_EQUAL( psa_get_key_enrollment_algorithm( &got_attributes ), alg2 );
- if( ! exercise_key( handle, usage, alg ) )
+ if( ! exercise_key( key, usage, alg ) )
goto exit;
- if( ! exercise_key( handle, usage, alg2 ) )
+ if( ! exercise_key( key, usage, alg2 ) )
goto exit;
exit:
- psa_destroy_key( handle );
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &got_attributes );
+
+ psa_destroy_key( key );
PSA_DONE( );
}
/* END_CASE */
@@ -2284,7 +2357,7 @@
int exercise_alg,
int expected_status_arg )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_type_t key_type = key_type_arg;
psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
@@ -2298,15 +2371,15 @@
psa_set_key_type( &attributes, key_type );
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
- &handle ) );
+ &key ) );
- status = raw_key_agreement_with_self( exercise_alg, handle );
+ status = raw_key_agreement_with_self( exercise_alg, key );
TEST_EQUAL( status, expected_status );
exit:
psa_key_derivation_abort( &operation );
- psa_destroy_key( handle );
+ psa_destroy_key( key );
PSA_DONE( );
}
/* END_CASE */
@@ -2326,8 +2399,8 @@
psa_key_usage_t expected_usage = expected_usage_arg;
psa_algorithm_t expected_alg = expected_alg_arg;
psa_algorithm_t expected_alg2 = expected_alg2_arg;
- psa_key_handle_t source_handle = 0;
- psa_key_handle_t target_handle = 0;
+ mbedtls_svc_key_id_t source_key = MBEDTLS_SVC_KEY_ID_INIT;
+ mbedtls_svc_key_id_t target_key = MBEDTLS_SVC_KEY_ID_INIT;
uint8_t *export_buffer = NULL;
PSA_ASSERT( psa_crypto_init( ) );
@@ -2339,12 +2412,17 @@
psa_set_key_type( &source_attributes, type_arg );
PSA_ASSERT( psa_import_key( &source_attributes,
material->x, material->len,
- &source_handle ) );
- PSA_ASSERT( psa_get_key_attributes( source_handle, &source_attributes ) );
+ &source_key ) );
+ PSA_ASSERT( psa_get_key_attributes( source_key, &source_attributes ) );
/* Prepare the target attributes. */
if( copy_attributes )
+ {
target_attributes = source_attributes;
+ /* Set volatile lifetime to reset the key identifier to 0. */
+ psa_set_key_lifetime( &target_attributes, PSA_KEY_LIFETIME_VOLATILE );
+ }
+
if( target_usage_arg != -1 )
psa_set_key_usage_flags( &target_attributes, target_usage_arg );
if( target_alg_arg != -1 )
@@ -2353,14 +2431,14 @@
psa_set_key_enrollment_algorithm( &target_attributes, target_alg2_arg );
/* Copy the key. */
- PSA_ASSERT( psa_copy_key( source_handle,
- &target_attributes, &target_handle ) );
+ PSA_ASSERT( psa_copy_key( source_key,
+ &target_attributes, &target_key ) );
/* Destroy the source to ensure that this doesn't affect the target. */
- PSA_ASSERT( psa_destroy_key( source_handle ) );
+ PSA_ASSERT( psa_destroy_key( source_key ) );
/* Test that the target slot has the expected content and policy. */
- PSA_ASSERT( psa_get_key_attributes( target_handle, &target_attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( target_key, &target_attributes ) );
TEST_EQUAL( psa_get_key_type( &source_attributes ),
psa_get_key_type( &target_attributes ) );
TEST_EQUAL( psa_get_key_bits( &source_attributes ),
@@ -2373,21 +2451,26 @@
{
size_t length;
ASSERT_ALLOC( export_buffer, material->len );
- PSA_ASSERT( psa_export_key( target_handle, export_buffer,
+ PSA_ASSERT( psa_export_key( target_key, export_buffer,
material->len, &length ) );
ASSERT_COMPARE( material->x, material->len,
export_buffer, length );
}
- if( ! exercise_key( target_handle, expected_usage, expected_alg ) )
+ if( ! exercise_key( target_key, expected_usage, expected_alg ) )
goto exit;
- if( ! exercise_key( target_handle, expected_usage, expected_alg2 ) )
+ if( ! exercise_key( target_key, expected_usage, expected_alg2 ) )
goto exit;
- PSA_ASSERT( psa_close_key( target_handle ) );
+ PSA_ASSERT( psa_destroy_key( target_key ) );
exit:
+ /*
+ * Source and target key attributes may have been returned by
+ * psa_get_key_attributes() thus reset them as required.
+ */
psa_reset_key_attributes( &source_attributes );
psa_reset_key_attributes( &target_attributes );
+
PSA_DONE( );
mbedtls_free( export_buffer );
}
@@ -2404,8 +2487,8 @@
{
psa_key_attributes_t source_attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_attributes_t target_attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t source_handle = 0;
- psa_key_handle_t target_handle = 0;
+ mbedtls_svc_key_id_t source_key = MBEDTLS_SVC_KEY_ID_INIT;
+ mbedtls_svc_key_id_t target_key = MBEDTLS_SVC_KEY_ID_INIT;
PSA_ASSERT( psa_crypto_init( ) );
@@ -2416,7 +2499,7 @@
psa_set_key_type( &source_attributes, type_arg );
PSA_ASSERT( psa_import_key( &source_attributes,
material->x, material->len,
- &source_handle ) );
+ &source_key ) );
/* Prepare the target attributes. */
psa_set_key_type( &target_attributes, target_type_arg );
@@ -2426,11 +2509,11 @@
psa_set_key_enrollment_algorithm( &target_attributes, target_alg2_arg );
/* Try to copy the key. */
- TEST_EQUAL( psa_copy_key( source_handle,
- &target_attributes, &target_handle ),
+ TEST_EQUAL( psa_copy_key( source_key,
+ &target_attributes, &target_key ),
expected_status_arg );
- PSA_ASSERT( psa_destroy_key( source_handle ) );
+ PSA_ASSERT( psa_destroy_key( source_key ) );
exit:
psa_reset_key_attributes( &source_attributes );
@@ -2909,10 +2992,10 @@
/* BEGIN_CASE */
void mac_bad_order( )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = PSA_KEY_TYPE_HMAC;
psa_algorithm_t alg = PSA_ALG_HMAC(PSA_ALG_SHA_256);
- const uint8_t key[] = {
+ const uint8_t key_data[] = {
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa };
@@ -2931,7 +3014,8 @@
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, key_type );
- PSA_ASSERT( psa_import_key( &attributes, key, sizeof( key ), &handle ) );
+ PSA_ASSERT( psa_import_key( &attributes, key_data, sizeof( key_data ),
+ &key ) );
/* Call update without calling setup beforehand. */
TEST_EQUAL( psa_mac_update( &operation, input, sizeof( input ) ),
@@ -2951,16 +3035,13 @@
PSA_ASSERT( psa_mac_abort( &operation ) );
/* Call setup twice in a row. */
- PSA_ASSERT( psa_mac_sign_setup( &operation,
- handle, alg ) );
- TEST_EQUAL( psa_mac_sign_setup( &operation,
- handle, alg ),
+ PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) );
+ TEST_EQUAL( psa_mac_sign_setup( &operation, key, alg ),
PSA_ERROR_BAD_STATE );
PSA_ASSERT( psa_mac_abort( &operation ) );
/* Call update after sign finish. */
- PSA_ASSERT( psa_mac_sign_setup( &operation,
- handle, alg ) );
+ PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) );
PSA_ASSERT( psa_mac_sign_finish( &operation,
sign_mac, sizeof( sign_mac ),
@@ -2970,8 +3051,7 @@
PSA_ASSERT( psa_mac_abort( &operation ) );
/* Call update after verify finish. */
- PSA_ASSERT( psa_mac_verify_setup( &operation,
- handle, alg ) );
+ PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) );
PSA_ASSERT( psa_mac_verify_finish( &operation,
verify_mac, sizeof( verify_mac ) ) );
@@ -2980,8 +3060,7 @@
PSA_ASSERT( psa_mac_abort( &operation ) );
/* Call sign finish twice in a row. */
- PSA_ASSERT( psa_mac_sign_setup( &operation,
- handle, alg ) );
+ PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) );
PSA_ASSERT( psa_mac_sign_finish( &operation,
sign_mac, sizeof( sign_mac ),
@@ -2993,8 +3072,7 @@
PSA_ASSERT( psa_mac_abort( &operation ) );
/* Call verify finish twice in a row. */
- PSA_ASSERT( psa_mac_verify_setup( &operation,
- handle, alg ) );
+ PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) );
PSA_ASSERT( psa_mac_verify_finish( &operation,
verify_mac, sizeof( verify_mac ) ) );
@@ -3004,8 +3082,7 @@
PSA_ASSERT( psa_mac_abort( &operation ) );
/* Setup sign but try verify. */
- PSA_ASSERT( psa_mac_sign_setup( &operation,
- handle, alg ) );
+ PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) );
TEST_EQUAL( psa_mac_verify_finish( &operation,
verify_mac, sizeof( verify_mac ) ),
@@ -3013,8 +3090,7 @@
PSA_ASSERT( psa_mac_abort( &operation ) );
/* Setup verify but try sign. */
- PSA_ASSERT( psa_mac_verify_setup( &operation,
- handle, alg ) );
+ PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) );
TEST_EQUAL( psa_mac_sign_finish( &operation,
sign_mac, sizeof( sign_mac ),
@@ -3022,7 +3098,7 @@
PSA_ERROR_BAD_STATE );
PSA_ASSERT( psa_mac_abort( &operation ) );
- PSA_ASSERT( psa_destroy_key( handle ) );
+ PSA_ASSERT( psa_destroy_key( key ) );
exit:
PSA_DONE( );
@@ -3031,19 +3107,19 @@
/* BEGIN_CASE */
void mac_sign( int key_type_arg,
- data_t *key,
+ data_t *key_data,
int alg_arg,
data_t *input,
data_t *expected_mac )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
uint8_t *actual_mac = NULL;
size_t mac_buffer_size =
- PSA_MAC_FINAL_SIZE( key_type, PSA_BYTES_TO_BITS( key->len ), alg );
+ PSA_MAC_FINAL_SIZE( key_type, PSA_BYTES_TO_BITS( key_data->len ), alg );
size_t mac_length = 0;
const size_t output_sizes_to_test[] = {
0,
@@ -3063,7 +3139,8 @@
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, key_type );
- PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) );
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
for( size_t i = 0; i < ARRAY_LENGTH( output_sizes_to_test ); i++ )
{
@@ -3076,8 +3153,7 @@
ASSERT_ALLOC( actual_mac, output_size );
/* Calculate the MAC. */
- PSA_ASSERT( psa_mac_sign_setup( &operation,
- handle, alg ) );
+ PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation,
input->x, input->len ) );
TEST_EQUAL( psa_mac_sign_finish( &operation,
@@ -3097,7 +3173,7 @@
exit:
psa_mac_abort( &operation );
- psa_destroy_key( handle );
+ psa_destroy_key( key );
PSA_DONE( );
mbedtls_free( actual_mac );
}
@@ -3105,12 +3181,12 @@
/* BEGIN_CASE */
void mac_verify( int key_type_arg,
- data_t *key,
+ data_t *key_data,
int alg_arg,
data_t *input,
data_t *expected_mac )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
@@ -3125,11 +3201,11 @@
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, key_type );
- PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) );
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
/* Test the correct MAC. */
- PSA_ASSERT( psa_mac_verify_setup( &operation,
- handle, alg ) );
+ PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation,
input->x, input->len ) );
PSA_ASSERT( psa_mac_verify_finish( &operation,
@@ -3137,8 +3213,7 @@
expected_mac->len ) );
/* Test a MAC that's too short. */
- PSA_ASSERT( psa_mac_verify_setup( &operation,
- handle, alg ) );
+ PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation,
input->x, input->len ) );
TEST_EQUAL( psa_mac_verify_finish( &operation,
@@ -3149,8 +3224,7 @@
/* Test a MAC that's too long. */
ASSERT_ALLOC( perturbed_mac, expected_mac->len + 1 );
memcpy( perturbed_mac, expected_mac->x, expected_mac->len );
- PSA_ASSERT( psa_mac_verify_setup( &operation,
- handle, alg ) );
+ PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation,
input->x, input->len ) );
TEST_EQUAL( psa_mac_verify_finish( &operation,
@@ -3163,8 +3237,7 @@
{
test_set_step( i );
perturbed_mac[i] ^= 1;
- PSA_ASSERT( psa_mac_verify_setup( &operation,
- handle, alg ) );
+ PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation,
input->x, input->len ) );
TEST_EQUAL( psa_mac_verify_finish( &operation,
@@ -3176,7 +3249,7 @@
exit:
psa_mac_abort( &operation );
- psa_destroy_key( handle );
+ psa_destroy_key( key );
PSA_DONE( );
mbedtls_free( perturbed_mac );
}
@@ -3264,13 +3337,13 @@
/* BEGIN_CASE */
void cipher_bad_order( )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = PSA_KEY_TYPE_AES;
psa_algorithm_t alg = PSA_ALG_CBC_PKCS7;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
unsigned char iv[PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES)] = { 0 };
- const uint8_t key[] = {
+ const uint8_t key_data[] = {
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa };
const uint8_t text[] = {
@@ -3283,18 +3356,18 @@
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT );
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, key_type );
- PSA_ASSERT( psa_import_key( &attributes, key, sizeof( key ), &handle ) );
-
+ PSA_ASSERT( psa_import_key( &attributes, key_data, sizeof( key_data ),
+ &key ) );
/* Call encrypt setup twice in a row. */
- PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) );
- TEST_EQUAL( psa_cipher_encrypt_setup( &operation, handle, alg ),
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
+ TEST_EQUAL( psa_cipher_encrypt_setup( &operation, key, alg ),
PSA_ERROR_BAD_STATE );
PSA_ASSERT( psa_cipher_abort( &operation ) );
/* Call decrypt setup twice in a row. */
- PSA_ASSERT( psa_cipher_decrypt_setup( &operation, handle, alg ) );
- TEST_EQUAL( psa_cipher_decrypt_setup( &operation, handle, alg ),
+ PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) );
+ TEST_EQUAL( psa_cipher_decrypt_setup( &operation, key, alg ),
PSA_ERROR_BAD_STATE );
PSA_ASSERT( psa_cipher_abort( &operation ) );
@@ -3306,7 +3379,7 @@
PSA_ASSERT( psa_cipher_abort( &operation ) );
/* Generate an IV twice in a row. */
- PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) );
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
PSA_ASSERT( psa_cipher_generate_iv( &operation,
buffer, sizeof( buffer ),
&length ) );
@@ -3317,7 +3390,7 @@
PSA_ASSERT( psa_cipher_abort( &operation ) );
/* Generate an IV after it's already set. */
- PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) );
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
PSA_ASSERT( psa_cipher_set_iv( &operation,
iv, sizeof( iv ) ) );
TEST_EQUAL( psa_cipher_generate_iv( &operation,
@@ -3333,7 +3406,7 @@
PSA_ASSERT( psa_cipher_abort( &operation ) );
/* Set an IV after it's already set. */
- PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) );
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
PSA_ASSERT( psa_cipher_set_iv( &operation,
iv, sizeof( iv ) ) );
TEST_EQUAL( psa_cipher_set_iv( &operation,
@@ -3342,7 +3415,7 @@
PSA_ASSERT( psa_cipher_abort( &operation ) );
/* Set an IV after it's already generated. */
- PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) );
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
PSA_ASSERT( psa_cipher_generate_iv( &operation,
buffer, sizeof( buffer ),
&length ) );
@@ -3368,7 +3441,7 @@
PSA_ASSERT( psa_cipher_abort( &operation ) );
/* Call update after finish. */
- PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) );
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
PSA_ASSERT( psa_cipher_set_iv( &operation,
iv, sizeof( iv ) ) );
PSA_ASSERT( psa_cipher_finish( &operation,
@@ -3387,7 +3460,7 @@
PSA_ASSERT( psa_cipher_abort( &operation ) );
/* Call finish without an IV where an IV is required. */
- PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) );
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
/* Not calling update means we are encrypting an empty buffer, which is OK
* for cipher modes with padding. */
TEST_EQUAL( psa_cipher_finish( &operation,
@@ -3396,7 +3469,7 @@
PSA_ASSERT( psa_cipher_abort( &operation ) );
/* Call finish twice in a row. */
- PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) );
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
PSA_ASSERT( psa_cipher_set_iv( &operation,
iv, sizeof( iv ) ) );
PSA_ASSERT( psa_cipher_finish( &operation,
@@ -3406,7 +3479,7 @@
PSA_ERROR_BAD_STATE );
PSA_ASSERT( psa_cipher_abort( &operation ) );
- PSA_ASSERT( psa_destroy_key( handle ) );
+ PSA_ASSERT( psa_destroy_key( key ) );
exit:
psa_cipher_abort( &operation );
@@ -3416,11 +3489,11 @@
/* BEGIN_CASE */
void cipher_encrypt( int alg_arg, int key_type_arg,
- data_t *key, data_t *iv,
+ data_t *key_data, data_t *iv,
data_t *input, data_t *expected_output,
int expected_status_arg )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_status_t status;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
@@ -3438,10 +3511,10 @@
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, key_type );
- PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) );
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
- PSA_ASSERT( psa_cipher_encrypt_setup( &operation,
- handle, alg ) );
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
if( iv->len > 0 )
{
@@ -3474,20 +3547,20 @@
exit:
psa_cipher_abort( &operation );
mbedtls_free( output );
- psa_destroy_key( handle );
+ psa_destroy_key( key );
PSA_DONE( );
}
/* END_CASE */
/* BEGIN_CASE */
void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
- data_t *key, data_t *iv,
+ data_t *key_data, data_t *iv,
data_t *input,
int first_part_size_arg,
int output1_length_arg, int output2_length_arg,
data_t *expected_output )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
size_t first_part_size = first_part_size_arg;
@@ -3506,10 +3579,10 @@
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, key_type );
- PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) );
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
- PSA_ASSERT( psa_cipher_encrypt_setup( &operation,
- handle, alg ) );
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
if( iv->len > 0 )
{
@@ -3547,21 +3620,20 @@
exit:
psa_cipher_abort( &operation );
mbedtls_free( output );
- psa_destroy_key( handle );
+ psa_destroy_key( key );
PSA_DONE( );
}
/* END_CASE */
/* BEGIN_CASE */
void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
- data_t *key, data_t *iv,
+ data_t *key_data, data_t *iv,
data_t *input,
int first_part_size_arg,
int output1_length_arg, int output2_length_arg,
data_t *expected_output )
{
- psa_key_handle_t handle = 0;
-
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
size_t first_part_size = first_part_size_arg;
@@ -3580,10 +3652,10 @@
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, key_type );
- PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) );
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
- PSA_ASSERT( psa_cipher_decrypt_setup( &operation,
- handle, alg ) );
+ PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) );
if( iv->len > 0 )
{
@@ -3622,18 +3694,18 @@
exit:
psa_cipher_abort( &operation );
mbedtls_free( output );
- psa_destroy_key( handle );
+ psa_destroy_key( key );
PSA_DONE( );
}
/* END_CASE */
/* BEGIN_CASE */
void cipher_decrypt( int alg_arg, int key_type_arg,
- data_t *key, data_t *iv,
+ data_t *key_data, data_t *iv,
data_t *input, data_t *expected_output,
int expected_status_arg )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_status_t status;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
@@ -3651,10 +3723,10 @@
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, key_type );
- PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) );
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
- PSA_ASSERT( psa_cipher_decrypt_setup( &operation,
- handle, alg ) );
+ PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) );
if( iv->len > 0 )
{
@@ -3687,17 +3759,17 @@
exit:
psa_cipher_abort( &operation );
mbedtls_free( output );
- psa_destroy_key( handle );
+ psa_destroy_key( key );
PSA_DONE( );
}
/* END_CASE */
/* BEGIN_CASE */
void cipher_verify_output( int alg_arg, int key_type_arg,
- data_t *key,
+ data_t *key_data,
data_t *input )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
unsigned char iv[16] = {0};
@@ -3720,12 +3792,11 @@
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, key_type );
- PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) );
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
- PSA_ASSERT( psa_cipher_encrypt_setup( &operation1,
- handle, alg ) );
- PSA_ASSERT( psa_cipher_decrypt_setup( &operation2,
- handle, alg ) );
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation1, key, alg ) );
+ PSA_ASSERT( psa_cipher_decrypt_setup( &operation2, key, alg ) );
if( alg != PSA_ALG_ECB_NO_PADDING )
{
@@ -3778,7 +3849,7 @@
psa_cipher_abort( &operation2 );
mbedtls_free( output1 );
mbedtls_free( output2 );
- psa_destroy_key( handle );
+ psa_destroy_key( key );
PSA_DONE( );
}
/* END_CASE */
@@ -3786,11 +3857,11 @@
/* BEGIN_CASE */
void cipher_verify_output_multipart( int alg_arg,
int key_type_arg,
- data_t *key,
+ data_t *key_data,
data_t *input,
int first_part_size_arg )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
size_t first_part_size = first_part_size_arg;
@@ -3814,12 +3885,11 @@
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, key_type );
- PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) );
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
- PSA_ASSERT( psa_cipher_encrypt_setup( &operation1,
- handle, alg ) );
- PSA_ASSERT( psa_cipher_decrypt_setup( &operation2,
- handle, alg ) );
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation1, key, alg ) );
+ PSA_ASSERT( psa_cipher_decrypt_setup( &operation2, key, alg ) );
if( alg != PSA_ALG_ECB_NO_PADDING )
{
@@ -3890,7 +3960,7 @@
psa_cipher_abort( &operation2 );
mbedtls_free( output1 );
mbedtls_free( output2 );
- psa_destroy_key( handle );
+ psa_destroy_key( key );
PSA_DONE( );
}
/* END_CASE */
@@ -3903,7 +3973,7 @@
data_t *input_data,
int expected_result_arg )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
unsigned char *output_data = NULL;
@@ -3930,9 +4000,9 @@
psa_set_key_type( &attributes, key_type );
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
- &handle ) );
+ &key ) );
- TEST_EQUAL( psa_aead_encrypt( handle, alg,
+ TEST_EQUAL( psa_aead_encrypt( key, alg,
nonce->x, nonce->len,
additional_data->x,
additional_data->len,
@@ -3950,7 +4020,7 @@
TEST_EQUAL( input_data->len,
PSA_AEAD_DECRYPT_OUTPUT_SIZE( alg, output_length ) );
- TEST_EQUAL( psa_aead_decrypt( handle, alg,
+ TEST_EQUAL( psa_aead_decrypt( key, alg,
nonce->x, nonce->len,
additional_data->x,
additional_data->len,
@@ -3964,7 +4034,7 @@
}
exit:
- psa_destroy_key( handle );
+ psa_destroy_key( key );
mbedtls_free( output_data );
mbedtls_free( output_data2 );
PSA_DONE( );
@@ -3979,7 +4049,7 @@
data_t *input_data,
data_t *expected_result )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
unsigned char *output_data = NULL;
@@ -4002,9 +4072,9 @@
psa_set_key_type( &attributes, key_type );
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
- &handle ) );
+ &key ) );
- PSA_ASSERT( psa_aead_encrypt( handle, alg,
+ PSA_ASSERT( psa_aead_encrypt( key, alg,
nonce->x, nonce->len,
additional_data->x, additional_data->len,
input_data->x, input_data->len,
@@ -4015,7 +4085,7 @@
output_data, output_length );
exit:
- psa_destroy_key( handle );
+ psa_destroy_key( key );
mbedtls_free( output_data );
PSA_DONE( );
}
@@ -4030,7 +4100,7 @@
data_t *expected_data,
int expected_result_arg )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
unsigned char *output_data = NULL;
@@ -4055,9 +4125,9 @@
psa_set_key_type( &attributes, key_type );
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
- &handle ) );
+ &key ) );
- TEST_EQUAL( psa_aead_decrypt( handle, alg,
+ TEST_EQUAL( psa_aead_decrypt( key, alg,
nonce->x, nonce->len,
additional_data->x,
additional_data->len,
@@ -4071,7 +4141,7 @@
output_data, output_length );
exit:
- psa_destroy_key( handle );
+ psa_destroy_key( key );
mbedtls_free( output_data );
PSA_DONE( );
}
@@ -4103,7 +4173,7 @@
int alg_arg, data_t *input_data,
data_t *output_data )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
size_t key_bits;
@@ -4119,8 +4189,8 @@
psa_set_key_type( &attributes, key_type );
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
- &handle ) );
- PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
+ &key ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
key_bits = psa_get_key_bits( &attributes );
/* Allocate a buffer which has the size advertized by the
@@ -4132,7 +4202,7 @@
ASSERT_ALLOC( signature, signature_size );
/* Perform the signature. */
- PSA_ASSERT( psa_sign_hash( handle, alg,
+ PSA_ASSERT( psa_sign_hash( key, alg,
input_data->x, input_data->len,
signature, signature_size,
&signature_length ) );
@@ -4143,7 +4213,7 @@
#if defined(MBEDTLS_TEST_DEPRECATED)
memset( signature, 0, signature_size );
signature_length = INVALID_EXPORT_LENGTH;
- PSA_ASSERT( psa_asymmetric_sign( handle, alg,
+ PSA_ASSERT( psa_asymmetric_sign( key, alg,
input_data->x, input_data->len,
signature, signature_size,
&signature_length ) );
@@ -4152,8 +4222,13 @@
#endif /* MBEDTLS_TEST_DEPRECATED */
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
- psa_destroy_key( handle );
+
+ psa_destroy_key( key );
mbedtls_free( signature );
PSA_DONE( );
}
@@ -4164,7 +4239,7 @@
int alg_arg, data_t *input_data,
int signature_size_arg, int expected_status_arg )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
size_t signature_size = signature_size_arg;
@@ -4183,9 +4258,9 @@
psa_set_key_type( &attributes, key_type );
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
- &handle ) );
+ &key ) );
- actual_status = psa_sign_hash( handle, alg,
+ actual_status = psa_sign_hash( key, alg,
input_data->x, input_data->len,
signature, signature_size,
&signature_length );
@@ -4198,7 +4273,7 @@
#if defined(MBEDTLS_TEST_DEPRECATED)
signature_length = INVALID_EXPORT_LENGTH;
- TEST_EQUAL( psa_asymmetric_sign( handle, alg,
+ TEST_EQUAL( psa_asymmetric_sign( key, alg,
input_data->x, input_data->len,
signature, signature_size,
&signature_length ),
@@ -4208,7 +4283,7 @@
exit:
psa_reset_key_attributes( &attributes );
- psa_destroy_key( handle );
+ psa_destroy_key( key );
mbedtls_free( signature );
PSA_DONE( );
}
@@ -4218,7 +4293,7 @@
void sign_verify( int key_type_arg, data_t *key_data,
int alg_arg, data_t *input_data )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
size_t key_bits;
@@ -4234,8 +4309,8 @@
psa_set_key_type( &attributes, key_type );
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
- &handle ) );
- PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
+ &key ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
key_bits = psa_get_key_bits( &attributes );
/* Allocate a buffer which has the size advertized by the
@@ -4247,7 +4322,7 @@
ASSERT_ALLOC( signature, signature_size );
/* Perform the signature. */
- PSA_ASSERT( psa_sign_hash( handle, alg,
+ PSA_ASSERT( psa_sign_hash( key, alg,
input_data->x, input_data->len,
signature, signature_size,
&signature_length ) );
@@ -4256,7 +4331,7 @@
TEST_ASSERT( signature_length > 0 );
/* Use the library to verify that the signature is correct. */
- PSA_ASSERT( psa_verify_hash( handle, alg,
+ PSA_ASSERT( psa_verify_hash( key, alg,
input_data->x, input_data->len,
signature, signature_length ) );
@@ -4266,15 +4341,20 @@
* detected as invalid. Flip a bit at the beginning, not at the end,
* because ECDSA may ignore the last few bits of the input. */
input_data->x[0] ^= 1;
- TEST_EQUAL( psa_verify_hash( handle, alg,
+ TEST_EQUAL( psa_verify_hash( key, alg,
input_data->x, input_data->len,
signature, signature_length ),
PSA_ERROR_INVALID_SIGNATURE );
}
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
- psa_destroy_key( handle );
+
+ psa_destroy_key( key );
mbedtls_free( signature );
PSA_DONE( );
}
@@ -4285,7 +4365,7 @@
int alg_arg, data_t *hash_data,
data_t *signature_data )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@@ -4299,14 +4379,14 @@
psa_set_key_type( &attributes, key_type );
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
- &handle ) );
+ &key ) );
- PSA_ASSERT( psa_verify_hash( handle, alg,
+ PSA_ASSERT( psa_verify_hash( key, alg,
hash_data->x, hash_data->len,
signature_data->x, signature_data->len ) );
#if defined(MBEDTLS_TEST_DEPRECATED)
- PSA_ASSERT( psa_asymmetric_verify( handle, alg,
+ PSA_ASSERT( psa_asymmetric_verify( key, alg,
hash_data->x, hash_data->len,
signature_data->x,
signature_data->len ) );
@@ -4315,7 +4395,7 @@
exit:
psa_reset_key_attributes( &attributes );
- psa_destroy_key( handle );
+ psa_destroy_key( key );
PSA_DONE( );
}
/* END_CASE */
@@ -4326,7 +4406,7 @@
data_t *signature_data,
int expected_status_arg )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
psa_status_t actual_status;
@@ -4340,15 +4420,15 @@
psa_set_key_type( &attributes, key_type );
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
- &handle ) );
+ &key ) );
- actual_status = psa_verify_hash( handle, alg,
+ actual_status = psa_verify_hash( key, alg,
hash_data->x, hash_data->len,
signature_data->x, signature_data->len );
TEST_EQUAL( actual_status, expected_status );
#if defined(MBEDTLS_TEST_DEPRECATED)
- TEST_EQUAL( psa_asymmetric_verify( handle, alg,
+ TEST_EQUAL( psa_asymmetric_verify( key, alg,
hash_data->x, hash_data->len,
signature_data->x, signature_data->len ),
expected_status );
@@ -4356,7 +4436,7 @@
exit:
psa_reset_key_attributes( &attributes );
- psa_destroy_key( handle );
+ psa_destroy_key( key );
PSA_DONE( );
}
/* END_CASE */
@@ -4370,7 +4450,7 @@
int expected_output_length_arg,
int expected_status_arg )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
size_t expected_output_length = expected_output_length_arg;
@@ -4389,16 +4469,16 @@
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, key_type );
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
- &handle ) );
+ &key ) );
/* Determine the maximum output length */
- PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
key_bits = psa_get_key_bits( &attributes );
output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg );
ASSERT_ALLOC( output, output_size );
/* Encrypt the input */
- actual_status = psa_asymmetric_encrypt( handle, alg,
+ actual_status = psa_asymmetric_encrypt( key, alg,
input_data->x, input_data->len,
label->x, label->len,
output, output_size,
@@ -4413,7 +4493,7 @@
output_length = ~0;
if( output_size != 0 )
memset( output, 0, output_size );
- actual_status = psa_asymmetric_encrypt( handle, alg,
+ actual_status = psa_asymmetric_encrypt( key, alg,
input_data->x, input_data->len,
NULL, label->len,
output, output_size,
@@ -4423,8 +4503,13 @@
}
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
- psa_destroy_key( handle );
+
+ psa_destroy_key( key );
mbedtls_free( output );
PSA_DONE( );
}
@@ -4437,7 +4522,7 @@
data_t *input_data,
data_t *label )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
size_t key_bits;
@@ -4456,10 +4541,10 @@
psa_set_key_type( &attributes, key_type );
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
- &handle ) );
+ &key ) );
/* Determine the maximum ciphertext length */
- PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
key_bits = psa_get_key_bits( &attributes );
output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg );
ASSERT_ALLOC( output, output_size );
@@ -4469,7 +4554,7 @@
/* We test encryption by checking that encrypt-then-decrypt gives back
* the original plaintext because of the non-optional random
* part of encryption process which prevents using fixed vectors. */
- PSA_ASSERT( psa_asymmetric_encrypt( handle, alg,
+ PSA_ASSERT( psa_asymmetric_encrypt( key, alg,
input_data->x, input_data->len,
label->x, label->len,
output, output_size,
@@ -4478,7 +4563,7 @@
* it looks sensible. */
TEST_ASSERT( output_length <= output_size );
- PSA_ASSERT( psa_asymmetric_decrypt( handle, alg,
+ PSA_ASSERT( psa_asymmetric_decrypt( key, alg,
output, output_length,
label->x, label->len,
output2, output2_size,
@@ -4487,8 +4572,13 @@
output2, output2_length );
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
- psa_destroy_key( handle );
+
+ psa_destroy_key( key );
mbedtls_free( output );
mbedtls_free( output2 );
PSA_DONE( );
@@ -4503,7 +4593,7 @@
data_t *label,
data_t *expected_data )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
unsigned char *output = NULL;
@@ -4521,9 +4611,9 @@
psa_set_key_type( &attributes, key_type );
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
- &handle ) );
+ &key ) );
- PSA_ASSERT( psa_asymmetric_decrypt( handle, alg,
+ PSA_ASSERT( psa_asymmetric_decrypt( key, alg,
input_data->x, input_data->len,
label->x, label->len,
output,
@@ -4539,7 +4629,7 @@
output_length = ~0;
if( output_size != 0 )
memset( output, 0, output_size );
- PSA_ASSERT( psa_asymmetric_decrypt( handle, alg,
+ PSA_ASSERT( psa_asymmetric_decrypt( key, alg,
input_data->x, input_data->len,
NULL, label->len,
output,
@@ -4551,7 +4641,7 @@
exit:
psa_reset_key_attributes( &attributes );
- psa_destroy_key( handle );
+ psa_destroy_key( key );
mbedtls_free( output );
PSA_DONE( );
}
@@ -4566,7 +4656,7 @@
int output_size_arg,
int expected_status_arg )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
unsigned char *output = NULL;
@@ -4585,9 +4675,9 @@
psa_set_key_type( &attributes, key_type );
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
- &handle ) );
+ &key ) );
- actual_status = psa_asymmetric_decrypt( handle, alg,
+ actual_status = psa_asymmetric_decrypt( key, alg,
input_data->x, input_data->len,
label->x, label->len,
output, output_size,
@@ -4602,7 +4692,7 @@
output_length = ~0;
if( output_size != 0 )
memset( output, 0, output_size );
- actual_status = psa_asymmetric_decrypt( handle, alg,
+ actual_status = psa_asymmetric_decrypt( key, alg,
input_data->x, input_data->len,
NULL, label->len,
output, output_size,
@@ -4613,7 +4703,7 @@
exit:
psa_reset_key_attributes( &attributes );
- psa_destroy_key( handle );
+ psa_destroy_key( key );
mbedtls_free( output );
PSA_DONE( );
}
@@ -4705,12 +4795,14 @@
expected_status_arg2,
expected_status_arg3};
data_t *inputs[] = {input1, input2, input3};
- psa_key_handle_t handles[] = {0, 0, 0};
+ mbedtls_svc_key_id_t keys[] = { MBEDTLS_SVC_KEY_ID_INIT,
+ MBEDTLS_SVC_KEY_ID_INIT,
+ MBEDTLS_SVC_KEY_ID_INIT };
psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
size_t i;
psa_key_type_t output_key_type = output_key_type_arg;
- psa_key_handle_t output_handle = 0;
+ mbedtls_svc_key_id_t output_key = MBEDTLS_SVC_KEY_ID_INIT;
psa_status_t expected_output_status = expected_output_status_arg;
psa_status_t actual_output_status;
@@ -4728,19 +4820,19 @@
psa_set_key_type( &attributes, key_types[i] );
PSA_ASSERT( psa_import_key( &attributes,
inputs[i]->x, inputs[i]->len,
- &handles[i] ) );
+ &keys[i] ) );
if( PSA_KEY_TYPE_IS_KEY_PAIR( key_types[i] ) &&
steps[i] == PSA_KEY_DERIVATION_INPUT_SECRET )
{
// When taking a private key as secret input, use key agreement
// to add the shared secret to the derivation
- TEST_EQUAL( key_agreement_with_self( &operation, handles[i] ),
+ TEST_EQUAL( key_agreement_with_self( &operation, keys[i] ),
expected_statuses[i] );
}
else
{
TEST_EQUAL( psa_key_derivation_input_key( &operation, steps[i],
- handles[i] ),
+ keys[i] ),
expected_statuses[i] );
}
}
@@ -4760,7 +4852,7 @@
psa_set_key_bits( &attributes, 8 );
actual_output_status =
psa_key_derivation_output_key( &attributes, &operation,
- &output_handle );
+ &output_key );
}
else
{
@@ -4773,9 +4865,9 @@
exit:
psa_key_derivation_abort( &operation );
- for( i = 0; i < ARRAY_LENGTH( handles ); i++ )
- psa_destroy_key( handles[i] );
- psa_destroy_key( output_handle );
+ for( i = 0; i < ARRAY_LENGTH( keys ); i++ )
+ psa_destroy_key( keys[i] );
+ psa_destroy_key( output_key );
PSA_DONE( );
}
/* END_CASE */
@@ -4784,7 +4876,7 @@
void test_derive_invalid_key_derivation_state( int alg_arg )
{
psa_algorithm_t alg = alg_arg;
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
size_t key_type = PSA_KEY_TYPE_DERIVE;
psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
unsigned char input1[] = "Input 1";
@@ -4806,10 +4898,10 @@
PSA_ASSERT( psa_import_key( &attributes,
key_data, sizeof( key_data ),
- &handle ) );
+ &key ) );
/* valid key derivation */
- if( !setup_key_derivation_wrap( &operation, handle, alg,
+ if( !setup_key_derivation_wrap( &operation, key, alg,
input1, input1_length,
input2, input2_length,
capacity ) )
@@ -4826,7 +4918,7 @@
exit:
psa_key_derivation_abort( &operation );
- psa_destroy_key( handle );
+ psa_destroy_key( key );
PSA_DONE( );
}
/* END_CASE */
@@ -4872,7 +4964,9 @@
psa_algorithm_t alg = alg_arg;
psa_key_derivation_step_t steps[] = {step1_arg, step2_arg, step3_arg};
data_t *inputs[] = {input1, input2, input3};
- psa_key_handle_t handles[] = {0, 0, 0};
+ mbedtls_svc_key_id_t keys[] = { MBEDTLS_SVC_KEY_ID_INIT,
+ MBEDTLS_SVC_KEY_ID_INIT,
+ MBEDTLS_SVC_KEY_ID_INIT };
size_t requested_capacity = requested_capacity_arg;
psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
uint8_t *expected_outputs[2] =
@@ -4914,10 +5008,9 @@
case PSA_KEY_DERIVATION_INPUT_SECRET:
PSA_ASSERT( psa_import_key( &attributes,
inputs[i]->x, inputs[i]->len,
- &handles[i] ) );
+ &keys[i] ) );
PSA_ASSERT( psa_key_derivation_input_key(
- &operation, steps[i],
- handles[i] ) );
+ &operation, steps[i], keys[i] ) );
break;
default:
PSA_ASSERT( psa_key_derivation_input_bytes(
@@ -4969,8 +5062,8 @@
exit:
mbedtls_free( output_buffer );
psa_key_derivation_abort( &operation );
- for( i = 0; i < ARRAY_LENGTH( handles ); i++ )
- psa_destroy_key( handles[i] );
+ for( i = 0; i < ARRAY_LENGTH( keys ); i++ )
+ psa_destroy_key( keys[i] );
PSA_DONE( );
}
/* END_CASE */
@@ -4982,7 +5075,7 @@
data_t *input2,
int requested_capacity_arg )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_algorithm_t alg = alg_arg;
size_t requested_capacity = requested_capacity_arg;
psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
@@ -4998,9 +5091,9 @@
psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE );
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
- &handle ) );
+ &key ) );
- if( !setup_key_derivation_wrap( &operation, handle, alg,
+ if( !setup_key_derivation_wrap( &operation, key, alg,
input1->x, input1->len,
input2->x, input2->len,
requested_capacity ) )
@@ -5033,7 +5126,7 @@
exit:
psa_key_derivation_abort( &operation );
- psa_destroy_key( handle );
+ psa_destroy_key( key );
PSA_DONE( );
}
/* END_CASE */
@@ -5048,8 +5141,8 @@
int derived_usage_arg,
int derived_alg_arg )
{
- psa_key_handle_t base_handle = 0;
- psa_key_handle_t derived_handle = 0;
+ mbedtls_svc_key_id_t base_key = MBEDTLS_SVC_KEY_ID_INIT;
+ mbedtls_svc_key_id_t derived_key = MBEDTLS_SVC_KEY_ID_INIT;
psa_algorithm_t alg = alg_arg;
psa_key_type_t derived_type = derived_type_arg;
size_t derived_bits = derived_bits_arg;
@@ -5066,10 +5159,10 @@
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE );
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
- &base_handle ) );
+ &base_key ) );
/* Derive a key. */
- if ( setup_key_derivation_wrap( &operation, base_handle, alg,
+ if ( setup_key_derivation_wrap( &operation, base_key, alg,
input1->x, input1->len,
input2->x, input2->len, capacity ) )
goto exit;
@@ -5079,22 +5172,27 @@
psa_set_key_type( &attributes, derived_type );
psa_set_key_bits( &attributes, derived_bits );
PSA_ASSERT( psa_key_derivation_output_key( &attributes, &operation,
- &derived_handle ) );
+ &derived_key ) );
/* Test the key information */
- PSA_ASSERT( psa_get_key_attributes( derived_handle, &got_attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( derived_key, &got_attributes ) );
TEST_EQUAL( psa_get_key_type( &got_attributes ), derived_type );
TEST_EQUAL( psa_get_key_bits( &got_attributes ), derived_bits );
/* Exercise the derived key. */
- if( ! exercise_key( derived_handle, derived_usage, derived_alg ) )
+ if( ! exercise_key( derived_key, derived_usage, derived_alg ) )
goto exit;
exit:
- psa_key_derivation_abort( &operation );
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &got_attributes );
- psa_destroy_key( base_handle );
- psa_destroy_key( derived_handle );
+
+ psa_key_derivation_abort( &operation );
+ psa_destroy_key( base_key );
+ psa_destroy_key( derived_key );
PSA_DONE( );
}
/* END_CASE */
@@ -5107,8 +5205,8 @@
int bytes1_arg,
int bytes2_arg )
{
- psa_key_handle_t base_handle = 0;
- psa_key_handle_t derived_handle = 0;
+ mbedtls_svc_key_id_t base_key = MBEDTLS_SVC_KEY_ID_INIT;
+ mbedtls_svc_key_id_t derived_key = MBEDTLS_SVC_KEY_ID_INIT;
psa_algorithm_t alg = alg_arg;
size_t bytes1 = bytes1_arg;
size_t bytes2 = bytes2_arg;
@@ -5128,10 +5226,10 @@
psa_set_key_algorithm( &base_attributes, alg );
psa_set_key_type( &base_attributes, PSA_KEY_TYPE_DERIVE );
PSA_ASSERT( psa_import_key( &base_attributes, key_data->x, key_data->len,
- &base_handle ) );
+ &base_key ) );
/* Derive some material and output it. */
- if( !setup_key_derivation_wrap( &operation, base_handle, alg,
+ if( !setup_key_derivation_wrap( &operation, base_key, alg,
input1->x, input1->len,
input2->x, input2->len, capacity ) )
goto exit;
@@ -5142,7 +5240,7 @@
PSA_ASSERT( psa_key_derivation_abort( &operation ) );
/* Derive the same output again, but this time store it in key objects. */
- if( !setup_key_derivation_wrap( &operation, base_handle, alg,
+ if( !setup_key_derivation_wrap( &operation, base_key, alg,
input1->x, input1->len,
input2->x, input2->len, capacity ) )
goto exit;
@@ -5152,16 +5250,16 @@
psa_set_key_type( &derived_attributes, PSA_KEY_TYPE_RAW_DATA );
psa_set_key_bits( &derived_attributes, PSA_BYTES_TO_BITS( bytes1 ) );
PSA_ASSERT( psa_key_derivation_output_key( &derived_attributes, &operation,
- &derived_handle ) );
- PSA_ASSERT( psa_export_key( derived_handle,
+ &derived_key ) );
+ PSA_ASSERT( psa_export_key( derived_key,
export_buffer, bytes1,
&length ) );
TEST_EQUAL( length, bytes1 );
- PSA_ASSERT( psa_destroy_key( derived_handle ) );
+ PSA_ASSERT( psa_destroy_key( derived_key ) );
psa_set_key_bits( &derived_attributes, PSA_BYTES_TO_BITS( bytes2 ) );
PSA_ASSERT( psa_key_derivation_output_key( &derived_attributes, &operation,
- &derived_handle ) );
- PSA_ASSERT( psa_export_key( derived_handle,
+ &derived_key ) );
+ PSA_ASSERT( psa_export_key( derived_key,
export_buffer + bytes1, bytes2,
&length ) );
TEST_EQUAL( length, bytes2 );
@@ -5174,8 +5272,8 @@
mbedtls_free( output_buffer );
mbedtls_free( export_buffer );
psa_key_derivation_abort( &operation );
- psa_destroy_key( base_handle );
- psa_destroy_key( derived_handle );
+ psa_destroy_key( base_key );
+ psa_destroy_key( derived_key );
PSA_DONE( );
}
/* END_CASE */
@@ -5186,8 +5284,8 @@
int type_arg, int bits_arg,
int expected_status_arg )
{
- psa_key_handle_t base_handle = 0;
- psa_key_handle_t derived_handle = 0;
+ mbedtls_svc_key_id_t base_key = MBEDTLS_SVC_KEY_ID_INIT;
+ mbedtls_svc_key_id_t derived_key = MBEDTLS_SVC_KEY_ID_INIT;
psa_algorithm_t alg = alg_arg;
psa_key_type_t type = type_arg;
size_t bits = bits_arg;
@@ -5202,9 +5300,9 @@
psa_set_key_algorithm( &base_attributes, alg );
psa_set_key_type( &base_attributes, PSA_KEY_TYPE_DERIVE );
PSA_ASSERT( psa_import_key( &base_attributes, key_data->x, key_data->len,
- &base_handle ) );
+ &base_key ) );
- if( !setup_key_derivation_wrap( &operation, base_handle, alg,
+ if( !setup_key_derivation_wrap( &operation, base_key, alg,
input1->x, input1->len,
input2->x, input2->len, SIZE_MAX ) )
goto exit;
@@ -5214,13 +5312,13 @@
psa_set_key_type( &derived_attributes, type );
psa_set_key_bits( &derived_attributes, bits );
TEST_EQUAL( psa_key_derivation_output_key( &derived_attributes, &operation,
- &derived_handle ),
+ &derived_key ),
expected_status );
exit:
psa_key_derivation_abort( &operation );
- psa_destroy_key( base_handle );
- psa_destroy_key( derived_handle );
+ psa_destroy_key( base_key );
+ psa_destroy_key( derived_key );
PSA_DONE( );
}
/* END_CASE */
@@ -5231,7 +5329,7 @@
data_t *our_key_data, data_t *peer_key_data,
int expected_status_arg )
{
- psa_key_handle_t our_key = 0;
+ mbedtls_svc_key_id_t our_key = MBEDTLS_SVC_KEY_ID_INIT;
psa_algorithm_t alg = alg_arg;
psa_algorithm_t our_key_alg = our_key_alg_arg;
psa_key_type_t our_key_type = our_key_type_arg;
@@ -5280,7 +5378,7 @@
data_t *peer_key_data,
data_t *expected_output )
{
- psa_key_handle_t our_key = 0;
+ mbedtls_svc_key_id_t our_key = MBEDTLS_SVC_KEY_ID_INIT;
psa_algorithm_t alg = alg_arg;
psa_key_type_t our_key_type = our_key_type_arg;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@@ -5317,7 +5415,7 @@
data_t *peer_key_data,
int expected_capacity_arg )
{
- psa_key_handle_t our_key = 0;
+ mbedtls_svc_key_id_t our_key = MBEDTLS_SVC_KEY_ID_INIT;
psa_algorithm_t alg = alg_arg;
psa_key_type_t our_key_type = our_key_type_arg;
psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
@@ -5377,7 +5475,7 @@
data_t *peer_key_data,
data_t *expected_output1, data_t *expected_output2 )
{
- psa_key_handle_t our_key = 0;
+ mbedtls_svc_key_id_t our_key = MBEDTLS_SVC_KEY_ID_INIT;
psa_algorithm_t alg = alg_arg;
psa_key_type_t our_key_type = our_key_type_arg;
psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
@@ -5491,7 +5589,7 @@
int alg_arg,
int expected_status_arg )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t type = type_arg;
psa_key_usage_t usage = usage_arg;
size_t bits = bits_arg;
@@ -5508,22 +5606,27 @@
psa_set_key_bits( &attributes, bits );
/* Generate a key */
- TEST_EQUAL( psa_generate_key( &attributes, &handle ), expected_status );
+ TEST_EQUAL( psa_generate_key( &attributes, &key ), expected_status );
if( expected_status != PSA_SUCCESS )
goto exit;
/* Test the key information */
- PSA_ASSERT( psa_get_key_attributes( handle, &got_attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) );
TEST_EQUAL( psa_get_key_type( &got_attributes ), type );
TEST_EQUAL( psa_get_key_bits( &got_attributes ), bits );
/* Do something with the key according to its type and permitted usage. */
- if( ! exercise_key( handle, usage, alg ) )
+ if( ! exercise_key( key, usage, alg ) )
goto exit;
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &got_attributes );
- psa_destroy_key( handle );
+
+ psa_destroy_key( key );
PSA_DONE( );
}
/* END_CASE */
@@ -5533,7 +5636,7 @@
data_t *e_arg,
int expected_status_arg )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t type = PSA_KEY_TYPE_RSA_KEY_PAIR;
size_t bits = bits_arg;
psa_key_usage_t usage = PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT;
@@ -5568,12 +5671,12 @@
psa_set_key_bits( &attributes, bits );
/* Generate a key */
- TEST_EQUAL( psa_generate_key( &attributes, &handle ), expected_status );
+ TEST_EQUAL( psa_generate_key( &attributes, &key ), expected_status );
if( expected_status != PSA_SUCCESS )
goto exit;
/* Test the key information */
- PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
TEST_EQUAL( psa_get_key_type( &attributes ), type );
TEST_EQUAL( psa_get_key_bits( &attributes ), bits );
PSA_ASSERT( psa_get_key_domain_parameters( &attributes,
@@ -5585,11 +5688,11 @@
ASSERT_COMPARE( e_read_buffer, e_read_length, e_arg->x, e_arg->len );
/* Do something with the key according to its type and permitted usage. */
- if( ! exercise_key( handle, usage, alg ) )
+ if( ! exercise_key( key, usage, alg ) )
goto exit;
/* Export the key and check the public exponent. */
- PSA_ASSERT( psa_export_public_key( handle,
+ PSA_ASSERT( psa_export_public_key( key,
exported, exported_size,
&exported_length ) );
{
@@ -5623,8 +5726,13 @@
}
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes() or
+ * set by psa_set_key_domain_parameters() thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
- psa_destroy_key( handle );
+
+ psa_destroy_key( key );
PSA_DONE( );
mbedtls_free( e_read_buffer );
mbedtls_free( exported );
@@ -5639,8 +5747,8 @@
{
mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, 1 );
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t handle = 0;
- psa_key_handle_t base_key = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+ mbedtls_svc_key_id_t base_key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t type = type_arg;
size_t bits = bits_arg;
psa_key_usage_t usage_flags = usage_flags_arg;
@@ -5671,12 +5779,12 @@
case IMPORT_KEY:
/* Import the key */
PSA_ASSERT( psa_import_key( &attributes, data->x, data->len,
- &handle ) );
+ &key ) );
break;
case GENERATE_KEY:
/* Generate a key */
- PSA_ASSERT( psa_generate_key( &attributes, &handle ) );
+ PSA_ASSERT( psa_generate_key( &attributes, &key ) );
break;
case DERIVE_KEY:
@@ -5701,10 +5809,10 @@
NULL, 0 ) );
PSA_ASSERT( psa_key_derivation_output_key( &attributes,
&operation,
- &handle ) );
+ &key ) );
PSA_ASSERT( psa_key_derivation_abort( &operation ) );
PSA_ASSERT( psa_destroy_key( base_key ) );
- base_key = 0;
+ base_key = MBEDTLS_SVC_KEY_ID_INIT;
}
break;
}
@@ -5713,7 +5821,7 @@
/* Export the key if permitted by the key policy. */
if( usage_flags & PSA_KEY_USAGE_EXPORT )
{
- PSA_ASSERT( psa_export_key( handle,
+ PSA_ASSERT( psa_export_key( key,
first_export, export_size,
&first_exported_length ) );
if( generation_method == IMPORT_KEY )
@@ -5722,13 +5830,12 @@
}
/* Shutdown and restart */
- PSA_ASSERT( psa_close_key( handle ) );
+ PSA_ASSERT( psa_purge_key( key ) );
PSA_DONE();
PSA_ASSERT( psa_crypto_init() );
/* Check key slot still contains key data */
- PSA_ASSERT( psa_open_key( key_id, &handle ) );
- PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
TEST_ASSERT( mbedtls_svc_key_id_equal(
psa_get_key_id( &attributes ), key_id ) );
TEST_EQUAL( psa_get_key_lifetime( &attributes ),
@@ -5741,7 +5848,7 @@
/* Export the key again if permitted by the key policy. */
if( usage_flags & PSA_KEY_USAGE_EXPORT )
{
- PSA_ASSERT( psa_export_key( handle,
+ PSA_ASSERT( psa_export_key( key,
second_export, export_size,
&second_exported_length ) );
ASSERT_COMPARE( first_export, first_exported_length,
@@ -5749,23 +5856,21 @@
}
/* Do something with the key according to its type and permitted usage. */
- if( ! exercise_key( handle, usage_flags, alg ) )
+ if( ! exercise_key( key, usage_flags, alg ) )
goto exit;
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
mbedtls_free( first_export );
mbedtls_free( second_export );
psa_key_derivation_abort( &operation );
psa_destroy_key( base_key );
- if( handle == 0 )
- {
- /* In case there was a test failure after creating the persistent key
- * but while it was not open, try to re-open the persistent key
- * to delete it. */
- (void) psa_open_key( key_id, &handle );
- }
- psa_destroy_key( handle );
+ psa_destroy_key( key );
PSA_DONE();
}
/* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function
index a0140d2..4154188 100644
--- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function
+++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function
@@ -19,7 +19,7 @@
{
psa_status_t force_status = force_status_arg;
psa_status_t expected_status = expected_status_arg;
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_algorithm_t alg = PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 );
uint8_t signature[64];
@@ -34,7 +34,7 @@
psa_set_key_algorithm( &attributes, alg );
psa_import_key( &attributes,
key_input->x, key_input->len,
- &handle );
+ &key );
test_driver_signature_sign_hooks.forced_status = force_status;
if( fake_output == 1 )
@@ -43,7 +43,7 @@
test_driver_signature_sign_hooks.forced_output_length = expected_output->len;
}
- actual_status = psa_sign_hash( handle, alg,
+ actual_status = psa_sign_hash( key, alg,
data_input->x, data_input->len,
signature, sizeof( signature ),
&signature_length );
@@ -57,7 +57,7 @@
exit:
psa_reset_key_attributes( &attributes );
- psa_destroy_key( handle );
+ psa_destroy_key( key );
PSA_DONE( );
test_driver_signature_sign_hooks = test_driver_signature_hooks_init();
}
@@ -73,7 +73,7 @@
{
psa_status_t force_status = force_status_arg;
psa_status_t expected_status = expected_status_arg;
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_algorithm_t alg = PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 );
psa_status_t actual_status;
@@ -88,7 +88,7 @@
psa_set_key_algorithm( &attributes, alg );
psa_import_key( &attributes,
key_input->x, key_input->len,
- &handle );
+ &key );
}
else
{
@@ -98,12 +98,12 @@
psa_set_key_algorithm( &attributes, alg );
psa_import_key( &attributes,
key_input->x, key_input->len,
- &handle );
+ &key );
}
test_driver_signature_verify_hooks.forced_status = force_status;
- actual_status = psa_verify_hash( handle, alg,
+ actual_status = psa_verify_hash( key, alg,
data_input->x, data_input->len,
signature_input->x, signature_input->len );
TEST_EQUAL( actual_status, expected_status );
@@ -111,7 +111,7 @@
exit:
psa_reset_key_attributes( &attributes );
- psa_destroy_key( handle );
+ psa_destroy_key( key );
PSA_DONE( );
test_driver_signature_verify_hooks = test_driver_signature_hooks_init();
}
@@ -124,7 +124,7 @@
{
psa_status_t force_status = force_status_arg;
psa_status_t expected_status = expected_status_arg;
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_algorithm_t alg = PSA_ALG_ECDSA( PSA_ALG_SHA_256 );
const uint8_t *expected_output = NULL;
@@ -152,13 +152,13 @@
PSA_ASSERT( psa_crypto_init( ) );
- actual_status = psa_generate_key( &attributes, &handle );
+ actual_status = psa_generate_key( &attributes, &key );
TEST_EQUAL( test_driver_key_management_hooks.hits, 1 );
TEST_EQUAL( actual_status, expected_status );
if( actual_status == PSA_SUCCESS )
{
- psa_export_key( handle, actual_output, sizeof(actual_output), &actual_output_length );
+ psa_export_key( key, actual_output, sizeof(actual_output), &actual_output_length );
if( fake_output->len > 0 )
{
@@ -178,7 +178,7 @@
}
exit:
psa_reset_key_attributes( &attributes );
- psa_destroy_key( handle );
+ psa_destroy_key( key );
PSA_DONE( );
test_driver_key_management_hooks = test_driver_key_management_hooks_init();
}
@@ -193,7 +193,7 @@
psa_status_t force_status = force_status_arg;
psa_status_t expected_status = expected_status_arg;
psa_key_type_t key_type = key_type_arg;
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_status_t actual_status;
test_driver_key_management_hooks = test_driver_key_management_hooks_init();
@@ -207,12 +207,12 @@
PSA_ASSERT( psa_crypto_init( ) );
- actual_status = psa_import_key( &attributes, key_input->x, key_input->len, &handle );
+ actual_status = psa_import_key( &attributes, key_input->x, key_input->len, &key );
TEST_EQUAL( test_driver_key_management_hooks.hits, 1 );
TEST_EQUAL( actual_status, expected_status );
exit:
psa_reset_key_attributes( &attributes );
- psa_destroy_key( handle );
+ psa_destroy_key( key );
PSA_DONE( );
test_driver_key_management_hooks = test_driver_key_management_hooks_init();
}
@@ -220,13 +220,13 @@
/* BEGIN_CASE */
void cipher_encrypt( int alg_arg, int key_type_arg,
- data_t *key, data_t *iv,
+ data_t *key_data, data_t *iv,
data_t *input, data_t *expected_output,
int mock_output_arg,
int force_status_arg,
int expected_status_arg )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_status_t status;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
@@ -247,10 +247,10 @@
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, key_type );
- PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) );
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
- PSA_ASSERT( psa_cipher_encrypt_setup( &operation,
- handle, alg ) );
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
test_driver_cipher_hooks.hits = 0;
@@ -305,7 +305,7 @@
exit:
psa_cipher_abort( &operation );
mbedtls_free( output );
- psa_destroy_key( handle );
+ psa_destroy_key( key );
PSA_DONE( );
test_driver_cipher_hooks = test_driver_cipher_hooks_init();
}
@@ -313,13 +313,13 @@
/* BEGIN_CASE */
void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
- data_t *key, data_t *iv,
+ data_t *key_data, data_t *iv,
data_t *input,
int first_part_size_arg,
int output1_length_arg, int output2_length_arg,
data_t *expected_output )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
size_t first_part_size = first_part_size_arg;
@@ -339,10 +339,10 @@
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, key_type );
- PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) );
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
- PSA_ASSERT( psa_cipher_encrypt_setup( &operation,
- handle, alg ) );
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
test_driver_cipher_hooks.hits = 0;
@@ -390,7 +390,7 @@
exit:
psa_cipher_abort( &operation );
mbedtls_free( output );
- psa_destroy_key( handle );
+ psa_destroy_key( key );
PSA_DONE( );
test_driver_cipher_hooks = test_driver_cipher_hooks_init();
}
@@ -398,14 +398,13 @@
/* BEGIN_CASE */
void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
- data_t *key, data_t *iv,
+ data_t *key_data, data_t *iv,
data_t *input,
int first_part_size_arg,
int output1_length_arg, int output2_length_arg,
data_t *expected_output )
{
- psa_key_handle_t handle = 0;
-
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
size_t first_part_size = first_part_size_arg;
@@ -425,10 +424,10 @@
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, key_type );
- PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) );
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
- PSA_ASSERT( psa_cipher_decrypt_setup( &operation,
- handle, alg ) );
+ PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) );
TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
test_driver_cipher_hooks.hits = 0;
@@ -478,7 +477,7 @@
exit:
psa_cipher_abort( &operation );
mbedtls_free( output );
- psa_destroy_key( handle );
+ psa_destroy_key( key );
PSA_DONE( );
test_driver_cipher_hooks = test_driver_cipher_hooks_init();
}
@@ -486,13 +485,13 @@
/* BEGIN_CASE */
void cipher_decrypt( int alg_arg, int key_type_arg,
- data_t *key, data_t *iv,
+ data_t *key_data, data_t *iv,
data_t *input, data_t *expected_output,
int mock_output_arg,
int force_status_arg,
int expected_status_arg )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_status_t status;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
@@ -513,10 +512,10 @@
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, key_type );
- PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) );
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
- PSA_ASSERT( psa_cipher_decrypt_setup( &operation,
- handle, alg ) );
+ PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) );
TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
test_driver_cipher_hooks.hits = 0;
@@ -570,7 +569,7 @@
exit:
psa_cipher_abort( &operation );
mbedtls_free( output );
- psa_destroy_key( handle );
+ psa_destroy_key( key );
PSA_DONE( );
test_driver_cipher_hooks = test_driver_cipher_hooks_init();
}
@@ -578,10 +577,10 @@
/* BEGIN_CASE */
void cipher_entry_points( int alg_arg, int key_type_arg,
- data_t *key, data_t *iv,
+ data_t *key_data, data_t *iv,
data_t *input )
{
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_status_t status;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
@@ -601,12 +600,12 @@
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, key_type );
- PSA_ASSERT( psa_import_key( &attributes, key->x, key->len, &handle ) );
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
/* Test setup call, encrypt */
test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR;
- status = psa_cipher_encrypt_setup( &operation,
- handle, alg );
+ status = psa_cipher_encrypt_setup( &operation, key, alg );
/* When setup fails, it shouldn't call any further entry points */
TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
@@ -616,8 +615,7 @@
TEST_EQUAL( test_driver_cipher_hooks.hits, 0 );
/* Test setup call failure, decrypt */
- status = psa_cipher_decrypt_setup( &operation,
- handle, alg );
+ status = psa_cipher_decrypt_setup( &operation, key, alg );
/* When setup fails, it shouldn't call any further entry points */
TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
@@ -628,8 +626,7 @@
/* Test IV setting failure */
test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
- status = psa_cipher_encrypt_setup( &operation,
- handle, alg );
+ status = psa_cipher_encrypt_setup( &operation, key, alg );
TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
test_driver_cipher_hooks.hits = 0;
@@ -651,8 +648,7 @@
/* Test IV generation failure */
test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
- status = psa_cipher_encrypt_setup( &operation,
- handle, alg );
+ status = psa_cipher_encrypt_setup( &operation, key, alg );
TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
test_driver_cipher_hooks.hits = 0;
@@ -674,8 +670,7 @@
/* Test update failure */
test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
- status = psa_cipher_encrypt_setup( &operation,
- handle, alg );
+ status = psa_cipher_encrypt_setup( &operation, key, alg );
TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
test_driver_cipher_hooks.hits = 0;
@@ -705,8 +700,7 @@
/* Test finish failure */
test_driver_cipher_hooks.forced_status = PSA_SUCCESS;
- status = psa_cipher_encrypt_setup( &operation,
- handle, alg );
+ status = psa_cipher_encrypt_setup( &operation, key, alg );
TEST_EQUAL( test_driver_cipher_hooks.hits, 1 );
TEST_EQUAL( status, test_driver_cipher_hooks.forced_status );
test_driver_cipher_hooks.hits = 0;
@@ -745,7 +739,7 @@
exit:
psa_cipher_abort( &operation );
mbedtls_free( output );
- psa_destroy_key( handle );
+ psa_destroy_key( key );
PSA_DONE( );
test_driver_cipher_hooks = test_driver_cipher_hooks_init();
}
diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function
index fd4ff21..62ef6e2 100644
--- a/tests/suites/test_suite_psa_crypto_init.function
+++ b/tests/suites/test_suite_psa_crypto_init.function
@@ -185,7 +185,7 @@
psa_status_t status;
uint8_t data[10] = { 0 };
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t handle = 0xdead;
+ mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make( 0xdead, 0xdead );
int i;
for( i = 0; i < count; i++ )
@@ -195,9 +195,9 @@
PSA_DONE( );
}
psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
- status = psa_import_key( &attributes, data, sizeof( data ), &handle );
+ status = psa_import_key( &attributes, data, sizeof( data ), &key );
TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
- TEST_EQUAL( handle, 0 );
+ TEST_ASSERT( mbedtls_svc_key_id_is_null( key ) );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data
index 98db74d..93f0fc0 100644
--- a/tests/suites/test_suite_psa_crypto_persistent_key.data
+++ b/tests/suites/test_suite_psa_crypto_persistent_key.data
@@ -46,6 +46,18 @@
depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
persistent_key_import:256:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":1:PSA_SUCCESS
+Persistent key import (RSA) invalid key id (VENDOR_MIN)
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+persistent_key_import:256:PSA_KEY_ID_VENDOR_MIN:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_ERROR_INVALID_HANDLE
+
+Persistent key import (RSA) invalid key id (VOLATILE_MIN)
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+persistent_key_import:256:PSA_KEY_ID_VOLATILE_MIN:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_ERROR_INVALID_HANDLE
+
+Persistent key import (RSA) invalid key id (VENDOR_MAX)
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+persistent_key_import:256:PSA_KEY_ID_VENDOR_MAX:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_ERROR_INVALID_HANDLE
+
Persistent key import garbage data, should fail
depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
persistent_key_import:256:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"11111111":0:PSA_ERROR_INVALID_ARGUMENT
diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function
index 7ee17f9..8e10158 100644
--- a/tests/suites/test_suite_psa_crypto_persistent_key.function
+++ b/tests/suites/test_suite_psa_crypto_persistent_key.function
@@ -10,6 +10,7 @@
#include <stdint.h>
#include "test/psa_crypto_helpers.h"
+#include "psa_crypto_slot_management.h"
#include "psa_crypto_storage.h"
#include "mbedtls/md.h"
@@ -117,7 +118,6 @@
void save_large_persistent_key( int data_length_arg, int expected_status )
{
mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, 42 );
- psa_key_handle_t handle = 0;
uint8_t *data = NULL;
size_t data_length = data_length_arg;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@@ -129,11 +129,11 @@
psa_set_key_id( &attributes, key_id );
psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
- TEST_EQUAL( psa_import_key( &attributes, data, data_length, &handle ),
+ TEST_EQUAL( psa_import_key( &attributes, data, data_length, &key_id ),
expected_status );
if( expected_status == PSA_SUCCESS )
- PSA_ASSERT( psa_destroy_key( handle ) );
+ PSA_ASSERT( psa_destroy_key( key_id ) );
exit:
mbedtls_free( data );
@@ -149,7 +149,7 @@
{
mbedtls_svc_key_id_t key_id =
mbedtls_svc_key_id_make( owner_id_arg, key_id_arg );
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t returned_key_id = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t first_type = (psa_key_type_t) first_type_arg;
psa_key_type_t second_type = (psa_key_type_t) second_type_arg;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@@ -160,24 +160,21 @@
psa_set_key_type( &attributes, first_type );
PSA_ASSERT( psa_import_key( &attributes, first_data->x, first_data->len,
- &handle ) );
+ &returned_key_id ) );
if( restart )
{
- psa_close_key( handle );
+ psa_close_key( key_id );
PSA_DONE();
PSA_ASSERT( psa_crypto_init() );
- PSA_ASSERT( psa_open_key( key_id, &handle ) );
}
TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 1 );
/* Destroy the key */
- PSA_ASSERT( psa_destroy_key( handle ) );
+ PSA_ASSERT( psa_destroy_key( key_id ) );
/* Check key slot storage is removed */
TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 );
- TEST_EQUAL( psa_open_key( key_id, &handle ), PSA_ERROR_DOES_NOT_EXIST );
- TEST_EQUAL( handle, 0 );
/* Shutdown and restart */
PSA_DONE();
@@ -187,9 +184,9 @@
psa_set_key_id( &attributes, key_id );
psa_set_key_type( &attributes, second_type );
PSA_ASSERT( psa_import_key( &attributes, second_data->x, second_data->len,
- &handle ) );
+ &returned_key_id ) );
- PSA_ASSERT( psa_destroy_key( handle ) );
+ PSA_ASSERT( psa_destroy_key( key_id ) );
exit:
PSA_DONE();
@@ -203,45 +200,52 @@
{
mbedtls_svc_key_id_t key_id =
mbedtls_svc_key_id_make( owner_id_arg, key_id_arg );
+ mbedtls_svc_key_id_t returned_key_id;
psa_key_type_t type = (psa_key_type_t) type_arg;
- psa_key_handle_t handle = 0;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
PSA_ASSERT( psa_crypto_init() );
psa_set_key_id( &attributes, key_id );
psa_set_key_type( &attributes, type );
- TEST_EQUAL( psa_import_key( &attributes, data->x, data->len, &handle ),
+ TEST_EQUAL( psa_import_key( &attributes, data->x, data->len, &returned_key_id ),
expected_status );
if( expected_status != PSA_SUCCESS )
{
+ TEST_ASSERT( mbedtls_svc_key_id_is_null( returned_key_id ) );
TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 );
goto exit;
}
+ TEST_ASSERT( mbedtls_svc_key_id_equal( returned_key_id, key_id ) );
+
if( restart )
{
- psa_close_key( handle );
+ PSA_ASSERT( psa_purge_key( key_id ) );
PSA_DONE();
PSA_ASSERT( psa_crypto_init() );
- PSA_ASSERT( psa_open_key( key_id, &handle ) );
}
psa_reset_key_attributes( &attributes );
- PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
- TEST_ASSERT( mbedtls_svc_key_id_equal(
- psa_get_key_id( &attributes ), key_id ) );
+ PSA_ASSERT( psa_get_key_attributes( key_id, &attributes ) );
+ TEST_ASSERT( mbedtls_svc_key_id_equal( psa_get_key_id( &attributes ),
+ key_id ) );
TEST_EQUAL( psa_get_key_lifetime( &attributes ),
PSA_KEY_LIFETIME_PERSISTENT );
TEST_EQUAL( psa_get_key_type( &attributes ), type );
TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 );
TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 );
- PSA_ASSERT( psa_destroy_key( handle ) );
+ PSA_ASSERT( psa_destroy_key( key_id ) );
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
psa_destroy_persistent_key( key_id );
PSA_DONE();
}
@@ -254,7 +258,7 @@
{
mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, 42 );
psa_key_type_t type = (psa_key_type_t) type_arg;
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t returned_key_id = MBEDTLS_SVC_KEY_ID_INIT;
unsigned char *exported = NULL;
size_t export_size = data->len;
size_t exported_length;
@@ -269,20 +273,20 @@
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT );
/* Import the key */
- PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, &handle ) );
+ PSA_ASSERT( psa_import_key( &attributes, data->x, data->len,
+ &returned_key_id ) );
if( restart )
{
- psa_close_key( handle );
+ PSA_ASSERT( psa_purge_key( key_id ) );
PSA_DONE();
PSA_ASSERT( psa_crypto_init() );
- PSA_ASSERT( psa_open_key( key_id, &handle ) );
}
/* Test the key information */
psa_reset_key_attributes( &attributes );
- PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( key_id, &attributes ) );
TEST_ASSERT( mbedtls_svc_key_id_equal(
psa_get_key_id( &attributes ), key_id ) );
TEST_EQUAL( psa_get_key_lifetime( &attributes ),
@@ -299,17 +303,22 @@
psa_destroy_persistent_key( key_id );
}
/* Export the key */
- PSA_ASSERT( psa_export_key( handle, exported, export_size,
+ PSA_ASSERT( psa_export_key( key_id, exported, export_size,
&exported_length ) );
ASSERT_COMPARE( data->x, data->len, exported, exported_length );
/* Destroy the key */
- PSA_ASSERT( psa_destroy_key( handle ) );
+ PSA_ASSERT( psa_destroy_key( key_id ) );
TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 );
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
mbedtls_free( exported );
PSA_DONE( );
psa_destroy_persistent_key( key_id );
diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data
index e5eee58..18d1d74 100644
--- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data
+++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data
@@ -148,10 +148,19 @@
register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:1:-1:PSA_ERROR_NOT_SUPPORTED
Key registration: key id out of range
-register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VENDOR_MAX+1:-1:PSA_ERROR_INVALID_ARGUMENT
+register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VENDOR_MAX+1:-1:PSA_ERROR_INVALID_HANDLE
-Key registration: key id in vendor range
-register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VENDOR_MAX:1:PSA_SUCCESS
+Key registration: key id min vendor
+register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VENDOR_MIN:1:PSA_ERROR_INVALID_HANDLE
+
+Key registration: key id max vendor except volatile
+register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VOLATILE_MIN-1:1:PSA_ERROR_INVALID_HANDLE
+
+Key registration: key id min volatile
+register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VOLATILE_MIN:1:PSA_ERROR_INVALID_HANDLE
+
+Key registration: key id max volatile
+register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VOLATILE_MAX:1:PSA_ERROR_INVALID_HANDLE
Import-sign-verify: sign in driver, ECDSA
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function
index 8584e5e..1add9b4 100644
--- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function
+++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function
@@ -3,6 +3,7 @@
#include "psa/crypto_se_driver.h"
#include "psa_crypto_se.h"
+#include "psa_crypto_slot_management.h"
#include "psa_crypto_storage.h"
/* Invasive peeking: check the persistent data */
@@ -367,7 +368,7 @@
size_t *data_length )
{
psa_status_t status;
- psa_key_handle_t handle;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
(void) context;
@@ -379,11 +380,11 @@
status = psa_import_key( &attributes,
ram_slots[slot_number].content,
PSA_BITS_TO_BYTES( ram_slots[slot_number].bits ),
- &handle );
+ &key );
if( status != PSA_SUCCESS )
return( status );
- status = psa_export_public_key( handle, data, data_size, data_length );
- psa_destroy_key( handle );
+ status = psa_export_public_key( key, data, data_size, data_length );
+ psa_destroy_key( key );
return( PSA_SUCCESS );
}
@@ -450,7 +451,7 @@
{
ram_slot_t *slot;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_status_t status = PSA_ERROR_GENERIC_ERROR;
(void) context;
@@ -463,13 +464,13 @@
DRIVER_ASSERT( psa_import_key( &attributes,
slot->content,
PSA_BITS_TO_BYTES( slot->bits ),
- &handle ) == PSA_SUCCESS );
- status = psa_sign_hash( handle, alg,
+ &key ) == PSA_SUCCESS );
+ status = psa_sign_hash( key, alg,
hash, hash_length,
signature, signature_size, signature_length );
exit:
- psa_destroy_key( handle );
+ psa_destroy_key( key );
return( status );
}
@@ -483,7 +484,7 @@
{
ram_slot_t *slot;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_status_t status = PSA_ERROR_GENERIC_ERROR;
(void) context;
@@ -496,20 +497,18 @@
DRIVER_ASSERT( psa_import_key( &attributes,
slot->content,
PSA_BITS_TO_BYTES( slot->bits ),
- &handle ) ==
+ &key ) ==
PSA_SUCCESS );
- status = psa_verify_hash( handle, alg,
+ status = psa_verify_hash( key, alg,
hash, hash_length,
signature, signature_length );
exit:
- psa_destroy_key( handle );
+ psa_destroy_key( key );
return( status );
}
-
-
/****************************************************************/
/* Other test helper functions */
/****************************************************************/
@@ -524,13 +523,13 @@
/* Check that the attributes of a key reported by psa_get_key_attributes()
* are consistent with the attributes used when creating the key. */
static int check_key_attributes(
- psa_key_handle_t handle,
+ mbedtls_svc_key_id_t key,
const psa_key_attributes_t *reference_attributes )
{
int ok = 0;
psa_key_attributes_t actual_attributes = PSA_KEY_ATTRIBUTES_INIT;
- PSA_ASSERT( psa_get_key_attributes( handle, &actual_attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &actual_attributes ) );
TEST_ASSERT( mbedtls_svc_key_id_equal(
psa_get_key_id( &actual_attributes ),
@@ -579,6 +578,12 @@
ok = 1;
exit:
+ /*
+ * Actual key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &actual_attributes );
+
return( ok );
}
@@ -654,7 +659,7 @@
* mostly bogus parameters: the goal is to ensure that there is no memory
* corruption or crash. This test function is most useful when run under
* an environment with sanity checks such as ASan or MSan. */
-static int smoke_test_key( psa_key_handle_t handle )
+static int smoke_test_key( mbedtls_svc_key_id_t key )
{
int ok = 0;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@@ -664,54 +669,54 @@
PSA_KEY_DERIVATION_OPERATION_INIT;
uint8_t buffer[80]; /* large enough for a public key for ECDH */
size_t length;
- psa_key_handle_t handle2 = 0;
+ mbedtls_svc_key_id_t key2 = MBEDTLS_SVC_KEY_ID_INIT;
- SMOKE_ASSERT( psa_get_key_attributes( handle, &attributes ) );
+ SMOKE_ASSERT( psa_get_key_attributes( key, &attributes ) );
- SMOKE_ASSERT( psa_export_key( handle,
+ SMOKE_ASSERT( psa_export_key( key,
buffer, sizeof( buffer ), &length ) );
- SMOKE_ASSERT( psa_export_public_key( handle,
+ SMOKE_ASSERT( psa_export_public_key( key,
buffer, sizeof( buffer ), &length ) );
- SMOKE_ASSERT( psa_copy_key( handle, &attributes, &handle2 ) );
- if( handle2 != 0 )
- PSA_ASSERT( psa_close_key( handle2 ) );
+ SMOKE_ASSERT( psa_copy_key( key, &attributes, &key2 ) );
+ if( ! mbedtls_svc_key_id_is_null( key2 ) )
+ PSA_ASSERT( psa_destroy_key( key2 ) );
- SMOKE_ASSERT( psa_mac_sign_setup( &mac_operation, handle, PSA_ALG_CMAC ) );
+ SMOKE_ASSERT( psa_mac_sign_setup( &mac_operation, key, PSA_ALG_CMAC ) );
PSA_ASSERT( psa_mac_abort( &mac_operation ) );
- SMOKE_ASSERT( psa_mac_verify_setup( &mac_operation, handle,
+ SMOKE_ASSERT( psa_mac_verify_setup( &mac_operation, key,
PSA_ALG_HMAC( PSA_ALG_SHA_256 ) ) );
PSA_ASSERT( psa_mac_abort( &mac_operation ) );
- SMOKE_ASSERT( psa_cipher_encrypt_setup( &cipher_operation, handle,
+ SMOKE_ASSERT( psa_cipher_encrypt_setup( &cipher_operation, key,
PSA_ALG_CTR ) );
PSA_ASSERT( psa_cipher_abort( &cipher_operation ) );
- SMOKE_ASSERT( psa_cipher_decrypt_setup( &cipher_operation, handle,
+ SMOKE_ASSERT( psa_cipher_decrypt_setup( &cipher_operation, key,
PSA_ALG_CTR ) );
PSA_ASSERT( psa_cipher_abort( &cipher_operation ) );
- SMOKE_ASSERT( psa_aead_encrypt( handle, PSA_ALG_CCM,
+ SMOKE_ASSERT( psa_aead_encrypt( key, PSA_ALG_CCM,
buffer, sizeof( buffer ),
NULL, 0,
buffer, sizeof( buffer),
buffer, sizeof( buffer), &length ) );
- SMOKE_ASSERT( psa_aead_decrypt( handle, PSA_ALG_CCM,
+ SMOKE_ASSERT( psa_aead_decrypt( key, PSA_ALG_CCM,
buffer, sizeof( buffer ),
NULL, 0,
buffer, sizeof( buffer),
buffer, sizeof( buffer), &length ) );
- SMOKE_ASSERT( psa_sign_hash( handle, PSA_ALG_ECDSA_ANY,
+ SMOKE_ASSERT( psa_sign_hash( key, PSA_ALG_ECDSA_ANY,
buffer, 32,
buffer, sizeof( buffer ), &length ) );
- SMOKE_ASSERT( psa_verify_hash( handle, PSA_ALG_ECDSA_ANY,
+ SMOKE_ASSERT( psa_verify_hash( key, PSA_ALG_ECDSA_ANY,
buffer, 32,
buffer, sizeof( buffer ) ) );
- SMOKE_ASSERT( psa_asymmetric_encrypt( handle, PSA_ALG_RSA_PKCS1V15_CRYPT,
+ SMOKE_ASSERT( psa_asymmetric_encrypt( key, PSA_ALG_RSA_PKCS1V15_CRYPT,
buffer, 10, NULL, 0,
buffer, sizeof( buffer ), &length ) );
- SMOKE_ASSERT( psa_asymmetric_decrypt( handle, PSA_ALG_RSA_PKCS1V15_CRYPT,
+ SMOKE_ASSERT( psa_asymmetric_decrypt( key, PSA_ALG_RSA_PKCS1V15_CRYPT,
buffer, sizeof( buffer ), NULL, 0,
buffer, sizeof( buffer ), &length ) );
@@ -724,12 +729,12 @@
NULL, 0 ) );
SMOKE_ASSERT( psa_key_derivation_input_key( &derivation_operation,
PSA_KEY_DERIVATION_INPUT_SECRET,
- handle ) );
+ key ) );
PSA_ASSERT( psa_key_derivation_abort( &derivation_operation ) );
/* If the key is asymmetric, try it in a key agreement, both as
* part of a derivation operation and standalone. */
- if( psa_export_public_key( handle, buffer, sizeof( buffer ), &length ) ==
+ if( psa_export_public_key( key, buffer, sizeof( buffer ), &length ) ==
PSA_SUCCESS )
{
psa_algorithm_t alg =
@@ -742,11 +747,11 @@
SMOKE_ASSERT( psa_key_derivation_key_agreement(
&derivation_operation,
PSA_KEY_DERIVATION_INPUT_SECRET,
- handle, buffer, length ) );
+ key, buffer, length ) );
PSA_ASSERT( psa_key_derivation_abort( &derivation_operation ) );
SMOKE_ASSERT( psa_raw_key_agreement(
- alg, handle, buffer, length,
+ alg, key, buffer, length,
buffer, sizeof( buffer ), &length ) );
}
#endif /* MBEDTLS_SHA256_C */
@@ -754,7 +759,12 @@
ok = 1;
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
psa_reset_key_attributes( &attributes );
+
return( ok );
}
@@ -880,7 +890,8 @@
psa_key_lifetime_t lifetime = (psa_key_lifetime_t) lifetime_arg;
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t returned_id = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_key_handle_t handle;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
const uint8_t key_material[3] = {0xfa, 0xca, 0xde};
uint8_t exported[sizeof( key_material )];
@@ -909,8 +920,7 @@
psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
PSA_ASSERT( psa_import_key( &attributes,
key_material, sizeof( key_material ),
- &handle ) );
-
+ &returned_id ) );
if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
{
@@ -940,7 +950,8 @@
if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
{
/* Check that the PSA core has no knowledge of the volatile key */
- TEST_ASSERT( psa_open_key( id, &handle ) == PSA_ERROR_DOES_NOT_EXIST );
+ TEST_ASSERT( psa_open_key( returned_id, &handle ) ==
+ PSA_ERROR_DOES_NOT_EXIST );
/* Drop data from our mockup driver */
ram_slots_reset();
@@ -948,20 +959,16 @@
/* Re-import key */
PSA_ASSERT( psa_import_key( &attributes,
- key_material, sizeof( key_material ),
- &handle ) );
+ key_material, sizeof( key_material ),
+ &returned_id ) );
}
else
{
-
- /* Check we can re-open the persistent key */
+ /* Check the persistent key file */
if( ! check_persistent_data( location,
&ram_shadow_slot_usage,
sizeof( ram_shadow_slot_usage ) ) )
goto exit;
-
- /* Check that the PSA core still knows about the key */
- PSA_ASSERT( psa_open_key( id, &handle ) );
}
}
@@ -972,23 +979,28 @@
psa_set_key_bits( &attributes,
PSA_BYTES_TO_BITS( sizeof( key_material ) ) );
psa_set_key_slot_number( &attributes, min_slot );
- if( ! check_key_attributes( handle, &attributes ) )
+
+ if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
+ attributes.core.id = returned_id;
+ else
+ psa_set_key_id( &attributes, returned_id );
+
+ if( ! check_key_attributes( returned_id, &attributes ) )
goto exit;
/* Test the key data. */
- PSA_ASSERT( psa_export_key( handle,
+ PSA_ASSERT( psa_export_key( returned_id,
exported, sizeof( exported ),
&exported_length ) );
ASSERT_COMPARE( key_material, sizeof( key_material ),
exported, exported_length );
- PSA_ASSERT( psa_destroy_key( handle ) );
- handle = 0;
+ PSA_ASSERT( psa_destroy_key( returned_id ) );
if( ! check_persistent_data( location,
&ram_shadow_slot_usage,
sizeof( ram_shadow_slot_usage ) ) )
goto exit;
- TEST_EQUAL( psa_open_key( id, &handle ),
+ TEST_EQUAL( psa_open_key( returned_id, &handle ),
PSA_ERROR_DOES_NOT_EXIST );
/* Test that the key has been erased from the designated slot. */
@@ -1014,7 +1026,8 @@
psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t returned_id;
+ psa_key_handle_t handle;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
const uint8_t key_material[3] = {0xfa, 0xca, 0xde};
@@ -1041,7 +1054,7 @@
psa_set_key_slot_number( &attributes, wanted_slot );
status = psa_import_key( &attributes,
key_material, sizeof( key_material ),
- &handle );
+ &returned_id );
TEST_EQUAL( status, expected_status );
if( status != PSA_SUCCESS )
@@ -1061,7 +1074,6 @@
&ram_shadow_slot_usage,
sizeof( ram_shadow_slot_usage ) ) )
goto exit;
- PSA_ASSERT( psa_open_key( id, &handle ) );
}
/* Test that the key was created in the expected slot. */
@@ -1069,18 +1081,22 @@
/* Test that the key is reported with the correct attributes,
* including the expected slot. */
- PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( id, &attributes ) );
- PSA_ASSERT( psa_destroy_key( handle ) );
- handle = 0;
+ PSA_ASSERT( psa_destroy_key( id ) );
if( ! check_persistent_data( location,
&ram_shadow_slot_usage,
sizeof( ram_shadow_slot_usage ) ) )
goto exit;
- TEST_EQUAL( psa_open_key( id, &handle ),
- PSA_ERROR_DOES_NOT_EXIST );
+ TEST_EQUAL( psa_open_key( id, &handle ), PSA_ERROR_DOES_NOT_EXIST );
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &attributes );
+
PSA_DONE( );
ram_slots_reset( );
psa_purge_storage( );
@@ -1098,7 +1114,8 @@
psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t returned_id;
+ psa_key_handle_t handle;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
TEST_USES_KEY_ID( id );
@@ -1126,13 +1143,13 @@
psa_set_key_type( &attributes, type );
PSA_ASSERT( psa_import_key( &attributes,
key_material->x, key_material->len,
- &handle ) );
+ &returned_id ) );
if( ! check_persistent_data( location,
&shadow_counter, sizeof( shadow_counter ) ) )
goto exit;
/* Do stuff with the key. */
- if( ! smoke_test_key( handle ) )
+ if( ! smoke_test_key( id ) )
goto exit;
/* Restart and try again. */
@@ -1142,18 +1159,15 @@
if( ! check_persistent_data( location,
&shadow_counter, sizeof( shadow_counter ) ) )
goto exit;
- PSA_ASSERT( psa_open_key( id, &handle ) );
- if( ! smoke_test_key( handle ) )
+ if( ! smoke_test_key( id ) )
goto exit;
/* We're done. */
- PSA_ASSERT( psa_destroy_key( handle ) );
- handle = 0;
+ PSA_ASSERT( psa_destroy_key( id ) );
if( ! check_persistent_data( location,
&shadow_counter, sizeof( shadow_counter ) ) )
goto exit;
- TEST_EQUAL( psa_open_key( id, &handle ),
- PSA_ERROR_DOES_NOT_EXIST );
+ TEST_EQUAL( psa_open_key( id, &handle ), PSA_ERROR_DOES_NOT_EXIST );
exit:
PSA_DONE( );
@@ -1172,7 +1186,7 @@
psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t returned_id;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
TEST_USES_KEY_ID( id );
@@ -1192,7 +1206,7 @@
psa_set_key_lifetime( &attributes, lifetime );
psa_set_key_type( &attributes, type );
psa_set_key_bits( &attributes, bits );
- TEST_EQUAL( psa_generate_key( &attributes, &handle ),
+ TEST_EQUAL( psa_generate_key( &attributes, &returned_id ),
PSA_ERROR_NOT_SUPPORTED );
exit:
@@ -1213,7 +1227,8 @@
psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t returned_id;
+ psa_key_handle_t handle;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
TEST_USES_KEY_ID( id );
@@ -1240,13 +1255,13 @@
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, type );
psa_set_key_bits( &attributes, bits );
- PSA_ASSERT( psa_generate_key( &attributes, &handle ) );
+ PSA_ASSERT( psa_generate_key( &attributes, &returned_id ) );
if( ! check_persistent_data( location,
&shadow_counter, sizeof( shadow_counter ) ) )
goto exit;
/* Do stuff with the key. */
- if( ! smoke_test_key( handle ) )
+ if( ! smoke_test_key( id ) )
goto exit;
/* Restart and try again. */
@@ -1256,18 +1271,15 @@
if( ! check_persistent_data( location,
&shadow_counter, sizeof( shadow_counter ) ) )
goto exit;
- PSA_ASSERT( psa_open_key( id, &handle ) );
- if( ! smoke_test_key( handle ) )
+ if( ! smoke_test_key( id ) )
goto exit;
/* We're done. */
- PSA_ASSERT( psa_destroy_key( handle ) );
- handle = 0;
+ PSA_ASSERT( psa_destroy_key( id ) );
if( ! check_persistent_data( location,
&shadow_counter, sizeof( shadow_counter ) ) )
goto exit;
- TEST_EQUAL( psa_open_key( id, &handle ),
- PSA_ERROR_DOES_NOT_EXIST );
+ TEST_EQUAL( psa_open_key( id, &handle ), PSA_ERROR_DOES_NOT_EXIST );
exit:
PSA_DONE( );
@@ -1295,8 +1307,8 @@
psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
- psa_key_handle_t drv_handle = 0; /* key managed by the driver */
- psa_key_handle_t sw_handle = 0; /* transparent key */
+ mbedtls_svc_key_id_t returned_id;
+ mbedtls_svc_key_id_t sw_key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t sw_attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_attributes_t drv_attributes;
uint8_t signature[PSA_SIGNATURE_MAX_SIZE];
@@ -1351,11 +1363,11 @@
if( generating )
{
psa_set_key_bits( &drv_attributes, bits );
- PSA_ASSERT( psa_generate_key( &drv_attributes, &drv_handle ) );
+ PSA_ASSERT( psa_generate_key( &drv_attributes, &returned_id ) );
/* Since we called a generate method that does not actually
* generate material, store the desired result of generation in
* the mock secure element storage. */
- PSA_ASSERT( psa_get_key_attributes( drv_handle, &drv_attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( id, &drv_attributes ) );
TEST_EQUAL( key_material->len, PSA_BITS_TO_BYTES( bits ) );
memcpy( ram_slots[ram_min_slot].content, key_material->x,
key_material->len );
@@ -1364,7 +1376,7 @@
{
PSA_ASSERT( psa_import_key( &drv_attributes,
key_material->x, key_material->len,
- &drv_handle ) );
+ &returned_id ) );
}
/* Either import the same key in software, or export the driver's
@@ -1375,20 +1387,20 @@
case SIGN_IN_DRIVER_AND_PARALLEL_CREATION:
PSA_ASSERT( psa_import_key( &sw_attributes,
key_material->x, key_material->len,
- &sw_handle ) );
+ &sw_key ) );
break;
case SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC:
{
uint8_t public_key[PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE( PSA_VENDOR_ECC_MAX_CURVE_BITS )];
size_t public_key_length;
- PSA_ASSERT( psa_export_public_key( drv_handle,
+ PSA_ASSERT( psa_export_public_key( id,
public_key, sizeof( public_key ),
&public_key_length ) );
psa_set_key_type( &sw_attributes,
PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( type ) );
PSA_ASSERT( psa_import_key( &sw_attributes,
public_key, public_key_length,
- &sw_handle ) );
+ &sw_key ) );
break;
}
}
@@ -1399,16 +1411,14 @@
case SIGN_IN_DRIVER_AND_PARALLEL_CREATION:
case SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC:
PSA_ASSERT_VIA_DRIVER(
- psa_sign_hash( drv_handle,
- alg,
+ psa_sign_hash( id, alg,
input->x, input->len,
signature, sizeof( signature ),
&signature_length ),
PSA_SUCCESS );
break;
case SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION:
- PSA_ASSERT( psa_sign_hash( sw_handle,
- alg,
+ PSA_ASSERT( psa_sign_hash( sw_key, alg,
input->x, input->len,
signature, sizeof( signature ),
&signature_length ) );
@@ -1416,30 +1426,36 @@
}
/* Verify with both keys. */
- PSA_ASSERT( psa_verify_hash( sw_handle, alg,
+ PSA_ASSERT( psa_verify_hash( sw_key, alg,
input->x, input->len,
signature, signature_length ) );
PSA_ASSERT_VIA_DRIVER(
- psa_verify_hash( drv_handle, alg,
+ psa_verify_hash( id, alg,
input->x, input->len,
signature, signature_length ),
PSA_SUCCESS );
/* Change the signature and verify again. */
signature[0] ^= 1;
- TEST_EQUAL( psa_verify_hash( sw_handle, alg,
+ TEST_EQUAL( psa_verify_hash( sw_key, alg,
input->x, input->len,
signature, signature_length ),
PSA_ERROR_INVALID_SIGNATURE );
PSA_ASSERT_VIA_DRIVER(
- psa_verify_hash( drv_handle, alg,
+ psa_verify_hash( id, alg,
input->x, input->len,
signature, signature_length ),
PSA_ERROR_INVALID_SIGNATURE );
exit:
- psa_destroy_key( drv_handle );
- psa_destroy_key( sw_handle );
+ /*
+ * Driver key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &drv_attributes );
+
+ psa_destroy_key( id );
+ psa_destroy_key( sw_key );
PSA_DONE( );
ram_slots_reset( );
psa_purge_storage( );
@@ -1460,9 +1476,9 @@
psa_drv_se_key_management_t key_management;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg );
+ psa_key_handle_t handle;
size_t bit_size = 48;
psa_key_slot_number_t wanted_slot = 0x123456789;
- psa_key_handle_t handle = 0;
psa_status_t status;
TEST_USES_KEY_ID( id );
@@ -1498,10 +1514,8 @@
goto exit;
/* Test that the key exists and has the expected attributes. */
- PSA_ASSERT( psa_open_key( id, &handle ) );
- if( ! check_key_attributes( handle, &attributes ) )
+ if( ! check_key_attributes( id, &attributes ) )
goto exit;
- PSA_ASSERT( psa_close_key( handle ) );
#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
mbedtls_svc_key_id_t invalid_id =
@@ -1509,22 +1523,21 @@
TEST_EQUAL( psa_open_key( invalid_id, &handle ), PSA_ERROR_DOES_NOT_EXIST );
#endif
+ PSA_ASSERT( psa_purge_key( id ) );
+
/* Restart and try again. */
PSA_DONE( );
PSA_ASSERT( psa_register_se_driver( location, &driver ) );
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_open_key( id, &handle ) );
- if( ! check_key_attributes( handle, &attributes ) )
+ if( ! check_key_attributes( id, &attributes ) )
goto exit;
/* This time, destroy the key. */
- PSA_ASSERT( psa_destroy_key( handle ) );
- handle = 0;
- TEST_EQUAL( psa_open_key( id, &handle ),
- PSA_ERROR_DOES_NOT_EXIST );
+ PSA_ASSERT( psa_destroy_key( id ) );
+ TEST_EQUAL( psa_open_key( id, &handle ), PSA_ERROR_DOES_NOT_EXIST );
exit:
psa_reset_key_attributes( &attributes );
- psa_destroy_key( handle );
+ psa_destroy_key( id );
PSA_DONE( );
psa_purge_storage( );
memset( &validate_slot_number_directions, 0,
diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function
index 7d4a591..629c924 100644
--- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function
+++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function
@@ -333,7 +333,7 @@
psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t returned_id;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
const uint8_t key_material[3] = {0xfa, 0xca, 0xde};
@@ -357,7 +357,7 @@
psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
TEST_ASSERT( psa_import_key( &attributes,
key_material, sizeof( key_material ),
- &handle ) == expected_result );
+ &returned_id ) == expected_result );
TEST_ASSERT( mock_allocate_data.called == 1 );
TEST_ASSERT( mock_import_data.called ==
@@ -385,7 +385,7 @@
if( expected_result == PSA_SUCCESS )
{
- PSA_ASSERT( psa_destroy_key( handle ) );
+ PSA_ASSERT( psa_destroy_key( id ) );
TEST_ASSERT( mock_destroy_data.called == 1 );
}
exit:
@@ -402,7 +402,7 @@
psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t returned_id;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
const uint8_t key_material[3] = {0xfa, 0xca, 0xde};
uint8_t exported[sizeof( key_material )];
@@ -428,15 +428,15 @@
psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
PSA_ASSERT( psa_import_key( &attributes,
key_material, sizeof( key_material ),
- &handle ) );
+ &returned_id ) );
- TEST_ASSERT( psa_export_key( handle,
- exported, sizeof( exported ),
- &exported_length ) == expected_result );
+ TEST_ASSERT( psa_export_key( id,
+ exported, sizeof( exported ),
+ &exported_length ) == expected_result );
TEST_ASSERT( mock_export_data.called == 1 );
- PSA_ASSERT( psa_destroy_key( handle ) );
+ PSA_ASSERT( psa_destroy_key( id ) );
TEST_ASSERT( mock_destroy_data.called == 1 );
@@ -456,7 +456,7 @@
psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t returned_id;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
mock_allocate_data.return_value = mock_alloc_return_value;
@@ -477,7 +477,7 @@
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT );
psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
psa_set_key_bits( &attributes, 8 );
- TEST_ASSERT( psa_generate_key( &attributes, &handle ) == expected_result );
+ TEST_ASSERT( psa_generate_key( &attributes, &returned_id) == expected_result );
TEST_ASSERT( mock_allocate_data.called == 1 );
TEST_ASSERT( mock_generate_data.called ==
( mock_alloc_return_value == PSA_SUCCESS? 1 : 0 ) );
@@ -504,7 +504,7 @@
if( expected_result == PSA_SUCCESS )
{
- PSA_ASSERT( psa_destroy_key( handle ) );
+ PSA_ASSERT( psa_destroy_key( id ) );
TEST_ASSERT( mock_destroy_data.called == 1 );
}
@@ -523,7 +523,7 @@
psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t returned_id;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
const uint8_t key_material[3] = {0xfa, 0xca, 0xde};
uint8_t exported[sizeof( key_material )];
@@ -549,13 +549,13 @@
PSA_ASSERT( psa_import_key( &attributes,
key_material, sizeof( key_material ),
- &handle ) );
+ &returned_id ) );
- TEST_ASSERT( psa_export_public_key( handle, exported, sizeof(exported),
+ TEST_ASSERT( psa_export_public_key( id, exported, sizeof(exported),
&exported_length ) == expected_result );
TEST_ASSERT( mock_export_public_data.called == 1 );
- PSA_ASSERT( psa_destroy_key( handle ) );
+ PSA_ASSERT( psa_destroy_key( id ) );
TEST_ASSERT( mock_destroy_data.called == 1 );
exit:
@@ -573,7 +573,7 @@
psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t returned_id;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
const uint8_t key_material[3] = {0xfa, 0xca, 0xde};
psa_algorithm_t algorithm = PSA_ALG_ECDSA(PSA_ALG_SHA_256);
@@ -607,16 +607,16 @@
PSA_ASSERT( psa_import_key( &attributes,
key_material, sizeof( key_material ),
- &handle ) );
+ &returned_id ) );
- TEST_ASSERT( psa_sign_hash( handle, algorithm,
+ TEST_ASSERT( psa_sign_hash( id, algorithm,
hash, sizeof( hash ),
signature, sizeof( signature ),
&signature_length)
== expected_result );
TEST_ASSERT( mock_sign_data.called == 1 );
- PSA_ASSERT( psa_destroy_key( handle ) );
+ PSA_ASSERT( psa_destroy_key( id ) );
TEST_ASSERT( mock_destroy_data.called == 1 );
exit:
@@ -634,7 +634,7 @@
psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 );
- psa_key_handle_t handle = 0;
+ mbedtls_svc_key_id_t returned_id;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
const uint8_t key_material[3] = {0xfa, 0xca, 0xde};
psa_algorithm_t algorithm = PSA_ALG_ECDSA(PSA_ALG_SHA_256);
@@ -667,15 +667,15 @@
PSA_ASSERT( psa_import_key( &attributes,
key_material, sizeof( key_material ),
- &handle ) );
+ &returned_id ) );
- TEST_ASSERT( psa_verify_hash( handle, algorithm,
+ TEST_ASSERT( psa_verify_hash( id, algorithm,
hash, sizeof( hash ),
signature, sizeof( signature ) )
== expected_result );
TEST_ASSERT( mock_verify_data.called == 1 );
- PSA_ASSERT( psa_destroy_key( handle ) );
+ PSA_ASSERT( psa_destroy_key( id ) );
TEST_ASSERT( mock_destroy_data.called == 1 );
exit:
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data
index e16089d..396cdfb 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.data
+++ b/tests/suites/test_suite_psa_crypto_slot_management.data
@@ -1,65 +1,82 @@
Transient slot, check after closing
-transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE
+transient_slot_lifecycle:0x1:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING
Transient slot, check after closing and restarting
-transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE_WITH_SHUTDOWN
+transient_slot_lifecycle:0x13:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING_WITH_SHUTDOWN
Transient slot, check after destroying
-transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY
+transient_slot_lifecycle:0x135:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING
Transient slot, check after destroying and restarting
-transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY_WITH_SHUTDOWN
+transient_slot_lifecycle:0x1357:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN
Transient slot, check after restart with live handles
-transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN
+transient_slot_lifecycle:0x13579:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_SHUTDOWN
Persistent slot, check after closing, id=min
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:124:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:124:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING
Persistent slot, check after closing and restarting, id=min
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:125:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:125:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING_WITH_SHUTDOWN
Persistent slot, check after destroying, id=min
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:126:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:126:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING
Persistent slot, check after destroying and restarting, id=min
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:127:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:127:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN
+
+Persistent slot, check after purging, id=min
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:200:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_PURGING
+
+Persistent slot, check after purging and restarting, id=min
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:201:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_PURGING_WITH_SHUTDOWN
Persistent slot, check after restart with live handle, id=min
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:128:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:128:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_SHUTDOWN
Persistent slot, check after closing, id=max
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:129:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:129:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING
Persistent slot, check after destroying, id=max
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:130:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:130:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING
+
+Persistent slot, check after purging, id=max
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:202:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_PURGING
Persistent slot, check after restart, id=max
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:131:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:131:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_SHUTDOWN
Persistent slot: ECP keypair (ECDSA, exportable), close
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:132:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:132:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_CLOSING
Persistent slot: ECP keypair (ECDSA, exportable), close+restart
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:133:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE_WITH_SHUTDOWN
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:133:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_CLOSING_WITH_SHUTDOWN
+
+Persistent slot: ECP keypair (ECDSA, exportable), purge
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:132:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_PURGING
Persistent slot: ECP keypair (ECDSA, exportable), restart
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:134:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:134:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_SHUTDOWN
Persistent slot: ECP keypair (ECDH+ECDSA, exportable), close
depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:135:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:135:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_CLOSING
Persistent slot: ECP keypair (ECDH+ECDSA, exportable), close+restart
depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:136:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_CLOSE_WITH_SHUTDOWN
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:136:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_CLOSING_WITH_SHUTDOWN
+
+Persistent slot: ECP keypair (ECDH+ECDSA, exportable), purge
+depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:135:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_PURGING
Persistent slot: ECP keypair (ECDH+ECDSA, exportable), restart
depends_on:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:137:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":CLOSE_BY_SHUTDOWN
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:137:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_SHUTDOWN
Attempt to overwrite: close before
create_existent:PSA_KEY_LIFETIME_PERSISTENT:0x1736:1:CLOSE_BEFORE
@@ -72,15 +89,15 @@
Open failure: invalid identifier (0)
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-open_fail:0:PSA_ERROR_INVALID_ARGUMENT
+open_fail:0:PSA_ERROR_INVALID_HANDLE
Open failure: invalid identifier (random seed UID)
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-open_fail:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_INVALID_ARGUMENT
+open_fail:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_INVALID_HANDLE
Open failure: invalid identifier (reserved range)
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-open_fail:PSA_KEY_ID_VENDOR_MAX + 1:PSA_ERROR_INVALID_ARGUMENT
+open_fail:PSA_KEY_ID_VENDOR_MAX + 1:PSA_ERROR_INVALID_HANDLE
Open failure: invalid identifier (implementation range)
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
@@ -95,19 +112,22 @@
Create failure: invalid key id (0)
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-create_fail:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_ERROR_INVALID_ARGUMENT
+create_fail:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_ERROR_INVALID_HANDLE
+
+Create failure: invalid key id (1) for a volatile key
+create_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_ERROR_INVALID_ARGUMENT
Create failure: invalid key id (random seed UID)
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_INVALID_ARGUMENT
+create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_INVALID_HANDLE
Create failure: invalid key id (reserved range)
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_VENDOR_MAX + 1:PSA_ERROR_INVALID_ARGUMENT
+create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_VENDOR_MAX + 1:PSA_ERROR_INVALID_HANDLE
Create failure: invalid key id (implementation range)
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MAX + 1:PSA_ERROR_INVALID_ARGUMENT
+create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_ID_USER_MAX + 1:PSA_ERROR_INVALID_HANDLE
Open not supported
depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C
@@ -156,13 +176,33 @@
invalid_handle:INVALID_HANDLE_0:PSA_SUCCESS:PSA_ERROR_INVALID_HANDLE
invalid handle: never opened
-invalid_handle:INVALID_HANDLE_UNOPENED:PSA_ERROR_INVALID_HANDLE:PSA_ERROR_INVALID_HANDLE
+invalid_handle:INVALID_HANDLE_UNOPENED:PSA_ERROR_DOES_NOT_EXIST:PSA_ERROR_DOES_NOT_EXIST
invalid handle: already closed
-invalid_handle:INVALID_HANDLE_CLOSED:PSA_ERROR_INVALID_HANDLE:PSA_ERROR_INVALID_HANDLE
+invalid_handle:INVALID_HANDLE_CLOSED:PSA_ERROR_DOES_NOT_EXIST:PSA_ERROR_DOES_NOT_EXIST
invalid handle: huge
invalid_handle:INVALID_HANDLE_HUGE:PSA_ERROR_INVALID_HANDLE:PSA_ERROR_INVALID_HANDLE
-Open many transient handles
-many_transient_handles:42
+Open many transient keys
+many_transient_keys:42
+
+# Eviction from a key slot to be able to import a new persistent key.
+Key slot eviction to import a new persistent key
+key_slot_eviction_to_import_new_key:PSA_KEY_LIFETIME_PERSISTENT
+
+# Eviction from a key slot to be able to import a new volatile key.
+Key slot eviction to import a new volatile key
+key_slot_eviction_to_import_new_key:PSA_KEY_LIFETIME_VOLATILE
+
+# Check that non reusable key slots are not deleted/overwritten in case of key
+# slot starvation:
+# . An attempt to access a persistent key while all RAM key slots are occupied
+# by volatile keys fails and does not lead to volatile key data to be
+# spoiled.
+# . With all key slot in use with one containing a persistent key, an attempt
+# to copy the persistent key fails (the persistent key slot cannot be
+# reclaimed as it is accessed by the copy process) without the persistent key
+# data and volatile key data being spoiled.
+Non reusable key slots integrity in case of key slot starvation
+non_reusable_key_slots_integrity_in_case_of_key_slot_starvation
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function
index fa3dd6e..57d4789 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.function
+++ b/tests/suites/test_suite_psa_crypto_slot_management.function
@@ -2,16 +2,32 @@
#include <stdint.h>
#include "test/psa_crypto_helpers.h"
+#include "psa_crypto_slot_management.h"
#include "psa_crypto_storage.h"
typedef enum
{
- CLOSE_BY_CLOSE, /**< Close the handle(s). */
- CLOSE_BY_DESTROY, /**< Destroy the handle(s). */
- CLOSE_BY_SHUTDOWN, /**< Deinit and reinit without closing handles. */
- CLOSE_BY_CLOSE_WITH_SHUTDOWN, /**< Close handle(s) then deinit/reinit. */
- CLOSE_BY_DESTROY_WITH_SHUTDOWN, /**< Destroy handle(s) then deinit/reinit. */
-} close_method_t;
+ /**< Close key(s) */
+ INVALIDATE_BY_CLOSING,
+
+ /**< Destroy key(s) */
+ INVALIDATE_BY_DESTROYING,
+
+ /**< Purge key(s) */
+ INVALIDATE_BY_PURGING,
+
+ /**< Terminate and reinitialize without closing/destroying keys */
+ INVALIDATE_BY_SHUTDOWN,
+
+ /**< Close key(s) then terminate and re-initialize */
+ INVALIDATE_BY_CLOSING_WITH_SHUTDOWN,
+
+ /**< Destroy key(s) then terminate and re-initialize */
+ INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN,
+
+ /**< Purge key(s) then terminate and re-initialize */
+ INVALIDATE_BY_PURGING_WITH_SHUTDOWN,
+} invalidate_method_t;
typedef enum
{
@@ -73,23 +89,29 @@
#define TEST_USES_KEY_ID( key_id ) ( (void) ( key_id ) )
#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
-/** Apply \p close_method to invalidate the specified handles:
+/** Apply \p invalidate_method to invalidate the specified key:
* close it, destroy it, or do nothing;
*/
-static int invalidate_handle( close_method_t close_method,
- psa_key_handle_t handle )
+static int invalidate_key( invalidate_method_t invalidate_method,
+ mbedtls_svc_key_id_t key )
{
- switch( close_method )
+ switch( invalidate_method )
{
- case CLOSE_BY_CLOSE:
- case CLOSE_BY_CLOSE_WITH_SHUTDOWN:
- PSA_ASSERT( psa_close_key( handle ) );
+ /* Closing the key invalidate only volatile keys, not persistent ones. */
+ case INVALIDATE_BY_CLOSING:
+ case INVALIDATE_BY_CLOSING_WITH_SHUTDOWN:
+ PSA_ASSERT( psa_close_key( key ) );
break;
- case CLOSE_BY_DESTROY:
- case CLOSE_BY_DESTROY_WITH_SHUTDOWN:
- PSA_ASSERT( psa_destroy_key( handle ) );
+ case INVALIDATE_BY_DESTROYING:
+ case INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN:
+ PSA_ASSERT( psa_destroy_key( key ) );
break;
- case CLOSE_BY_SHUTDOWN:
+ /* Purging the key just purges RAM data of persistent keys. */
+ case INVALIDATE_BY_PURGING:
+ case INVALIDATE_BY_PURGING_WITH_SHUTDOWN:
+ PSA_ASSERT( psa_purge_key( key ) );
+ break;
+ case INVALIDATE_BY_SHUTDOWN:
break;
}
return( 1 );
@@ -97,20 +119,22 @@
return( 0 );
}
-/** Restart the PSA subsystem if \p close_method says so. */
-static int invalidate_psa( close_method_t close_method )
+/** Restart the PSA subsystem if \p invalidate_method says so. */
+static int invalidate_psa( invalidate_method_t invalidate_method )
{
- switch( close_method )
+ switch( invalidate_method )
{
- case CLOSE_BY_CLOSE:
- case CLOSE_BY_DESTROY:
+ case INVALIDATE_BY_CLOSING:
+ case INVALIDATE_BY_DESTROYING:
+ case INVALIDATE_BY_PURGING:
return( 1 );
- case CLOSE_BY_CLOSE_WITH_SHUTDOWN:
- case CLOSE_BY_DESTROY_WITH_SHUTDOWN:
+ case INVALIDATE_BY_CLOSING_WITH_SHUTDOWN:
+ case INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN:
+ case INVALIDATE_BY_PURGING_WITH_SHUTDOWN:
/* All keys must have been closed. */
PSA_DONE( );
break;
- case CLOSE_BY_SHUTDOWN:
+ case INVALIDATE_BY_SHUTDOWN:
/* Some keys may remain behind, and we're testing that this
* properly closes them. */
mbedtls_psa_crypto_free( );
@@ -133,41 +157,81 @@
*/
/* BEGIN_CASE */
-void transient_slot_lifecycle( int usage_arg, int alg_arg,
+void transient_slot_lifecycle( int owner_id_arg,
+ int usage_arg, int alg_arg,
int type_arg, data_t *key_data,
- int close_method_arg )
+ int invalidate_method_arg )
{
psa_algorithm_t alg = alg_arg;
psa_key_usage_t usage_flags = usage_arg;
psa_key_type_t type = type_arg;
- close_method_t close_method = close_method_arg;
- psa_key_handle_t handle = 0;
+ invalidate_method_t invalidate_method = invalidate_method_arg;
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
PSA_ASSERT( psa_crypto_init( ) );
/* Import a key. */
+#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+ mbedtls_key_owner_id_t owner_id = owner_id_arg;
+
+ mbedtls_set_key_owner_id( &attributes, owner_id );
+#else
+ (void)owner_id_arg;
+#endif
+
psa_set_key_usage_flags( &attributes, usage_flags );
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, type );
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
- &handle ) );
- TEST_ASSERT( handle != 0 );
- PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
+ &key ) );
+ TEST_ASSERT( ! mbedtls_svc_key_id_is_null( key ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
TEST_EQUAL( psa_get_key_type( &attributes ), type );
+ psa_reset_key_attributes( &attributes );
- /* Do something that invalidates the handle. */
- if( ! invalidate_handle( close_method, handle ) )
+#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+ {
+ psa_key_handle_t handle;
+ mbedtls_svc_key_id_t key_with_invalid_owner =
+ mbedtls_svc_key_id_make( owner_id + 1,
+ MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key ) );
+
+ TEST_ASSERT( mbedtls_key_owner_id_equal(
+ owner_id,
+ MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( key ) ) );
+ TEST_EQUAL( psa_open_key( key_with_invalid_owner, &handle ),
+ PSA_ERROR_DOES_NOT_EXIST );
+ }
+#endif
+
+ /*
+ * Purge the key and make sure that it is still valid, as purging a
+ * volatile key shouldn't invalidate/destroy it.
+ */
+ PSA_ASSERT( psa_purge_key( key ) );
+ PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
+ TEST_EQUAL( psa_get_key_type( &attributes ), type );
+ psa_reset_key_attributes( &attributes );
+
+ /* Do something that invalidates the key. */
+ if( ! invalidate_key( invalidate_method, key ) )
goto exit;
- if( ! invalidate_psa( close_method ) )
+ if( ! invalidate_psa( invalidate_method ) )
goto exit;
- /* Test that the handle is now invalid. */
- TEST_EQUAL( psa_get_key_attributes( handle, &attributes ),
- PSA_ERROR_INVALID_HANDLE );
- TEST_EQUAL( psa_close_key( handle ), PSA_ERROR_INVALID_HANDLE );
+ /* Test that the key is now invalid. */
+ TEST_EQUAL( psa_get_key_attributes( key, &attributes ),
+ PSA_ERROR_DOES_NOT_EXIST );
+ TEST_EQUAL( psa_close_key( key ), PSA_ERROR_DOES_NOT_EXIST );
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &attributes );
+
PSA_DONE( );
}
/* END_CASE */
@@ -176,7 +240,7 @@
void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg,
int usage_arg, int alg_arg, int alg2_arg,
int type_arg, data_t *key_data,
- int close_method_arg )
+ int invalidate_method_arg )
{
psa_key_lifetime_t lifetime = lifetime_arg;
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg );
@@ -184,8 +248,9 @@
psa_algorithm_t alg2 = alg2_arg;
psa_key_usage_t usage_flags = usage_arg;
psa_key_type_t type = type_arg;
- close_method_t close_method = close_method_arg;
- psa_key_handle_t handle = 0;
+ invalidate_method_t invalidate_method = invalidate_method_arg;
+ mbedtls_svc_key_id_t returned_id = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_key_handle_t handle = PSA_KEY_HANDLE_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_attributes_t read_attributes = PSA_KEY_ATTRIBUTES_INIT;
uint8_t *reexported = NULL;
@@ -194,14 +259,13 @@
#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
mbedtls_svc_key_id_t wrong_owner_id =
mbedtls_svc_key_id_make( owner_id_arg + 1, id_arg );
- psa_key_handle_t invalid_handle = 0;
+ mbedtls_svc_key_id_t invalid_svc_key_id = MBEDTLS_SVC_KEY_ID_INIT;
#endif
TEST_USES_KEY_ID( id );
PSA_ASSERT( psa_crypto_init( ) );
- /* Get a handle and import a key. */
psa_set_key_id( &attributes, id );
psa_set_key_lifetime( &attributes, lifetime );
psa_set_key_type( &attributes, type );
@@ -209,15 +273,15 @@
psa_set_key_algorithm( &attributes, alg );
psa_set_key_enrollment_algorithm( &attributes, alg2 );
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
- &handle ) );
- TEST_ASSERT( handle != 0 );
+ &returned_id ) );
+ TEST_ASSERT( mbedtls_svc_key_id_equal( id, returned_id ) );
#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
- TEST_EQUAL( psa_open_key( wrong_owner_id, &invalid_handle ),
+ TEST_EQUAL( psa_open_key( wrong_owner_id, &invalid_svc_key_id ),
PSA_ERROR_DOES_NOT_EXIST );
#endif
- PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( id, &attributes ) );
TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime );
TEST_ASSERT( mbedtls_svc_key_id_equal(
psa_get_key_id( &attributes ), id ) );
@@ -226,15 +290,16 @@
TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), alg2 );
TEST_EQUAL( psa_get_key_type( &attributes ), type );
- /* Close the key and reopen it. */
- PSA_ASSERT( psa_close_key( handle ) );
+ /* Close the key and then open it. */
+ PSA_ASSERT( psa_close_key( id ) );
#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
- TEST_EQUAL( psa_open_key( wrong_owner_id, &invalid_handle ),
+ TEST_EQUAL( psa_open_key( wrong_owner_id, &invalid_svc_key_id ),
PSA_ERROR_DOES_NOT_EXIST );
#endif
PSA_ASSERT( psa_open_key( id, &handle ) );
+ TEST_ASSERT( ! psa_key_handle_is_null( handle ) );
PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) );
TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime );
TEST_ASSERT( mbedtls_svc_key_id_equal(
@@ -244,28 +309,27 @@
TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), alg2 );
TEST_EQUAL( psa_get_key_type( &attributes ), type );
- /* Do something that invalidates the handle. */
- if( ! invalidate_handle( close_method, handle ) )
+ /*
+ * Do something that wipes key data in volatile memory or destroy the
+ * key.
+ */
+ if( ! invalidate_key( invalidate_method, id ) )
goto exit;
- if( ! invalidate_psa( close_method ) )
+ if( ! invalidate_psa( invalidate_method ) )
goto exit;
- /* Test that the handle is now invalid. */
- TEST_EQUAL( psa_get_key_attributes( handle, &read_attributes ),
- PSA_ERROR_INVALID_HANDLE );
- psa_reset_key_attributes( &read_attributes );
- TEST_EQUAL( psa_close_key( handle ), PSA_ERROR_INVALID_HANDLE );
-
- /* Try to reopen the key. If we destroyed it, check that it doesn't
+ /* Try to reaccess the key. If we destroyed it, check that it doesn't
* exist. Otherwise check that it still exists and has the expected
* content. */
- switch( close_method )
+ switch( invalidate_method )
{
- case CLOSE_BY_CLOSE:
- case CLOSE_BY_CLOSE_WITH_SHUTDOWN:
- case CLOSE_BY_SHUTDOWN:
+ case INVALIDATE_BY_CLOSING:
+ case INVALIDATE_BY_CLOSING_WITH_SHUTDOWN:
+ case INVALIDATE_BY_PURGING:
+ case INVALIDATE_BY_PURGING_WITH_SHUTDOWN:
+ case INVALIDATE_BY_SHUTDOWN:
PSA_ASSERT( psa_open_key( id, &handle ) );
- PSA_ASSERT( psa_get_key_attributes( handle, &read_attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( id, &read_attributes ) );
TEST_EQUAL( psa_get_key_lifetime( &attributes ),
psa_get_key_lifetime( &read_attributes ) );
TEST_ASSERT( mbedtls_svc_key_id_equal(
@@ -283,30 +347,41 @@
if( usage_flags & PSA_KEY_USAGE_EXPORT )
{
ASSERT_ALLOC( reexported, key_data->len );
- PSA_ASSERT( psa_export_key( handle,
- reexported, key_data->len,
+ PSA_ASSERT( psa_export_key( id, reexported, key_data->len,
&reexported_length ) );
ASSERT_COMPARE( key_data->x, key_data->len,
reexported, reexported_length );
}
else
{
- TEST_EQUAL( psa_export_key( handle,
- NULL, 0,
- &reexported_length ),
+ TEST_EQUAL( psa_export_key( id, NULL, 0, &reexported_length ),
PSA_ERROR_NOT_PERMITTED );
}
PSA_ASSERT( psa_close_key( handle ) );
break;
- case CLOSE_BY_DESTROY:
- case CLOSE_BY_DESTROY_WITH_SHUTDOWN:
- TEST_EQUAL( psa_open_key( id, &handle ),
+ case INVALIDATE_BY_DESTROYING:
+ case INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN:
+ /*
+ * Test that the key handle and identifier are now not refering to an
+ * existing key.
+ */
+ TEST_EQUAL( psa_get_key_attributes( handle, &read_attributes ),
+ PSA_ERROR_DOES_NOT_EXIST );
+ TEST_EQUAL( psa_close_key( handle ), PSA_ERROR_DOES_NOT_EXIST );
+ TEST_EQUAL( psa_get_key_attributes( id, &read_attributes ),
PSA_ERROR_DOES_NOT_EXIST );
break;
}
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &attributes );
+ psa_reset_key_attributes( &read_attributes );
+
PSA_DONE( );
psa_purge_key_storage( );
mbedtls_free( reexported );
@@ -319,7 +394,7 @@
{
psa_key_lifetime_t lifetime = lifetime_arg;
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg );
- psa_key_handle_t handle1 = 0, handle2 = 0;
+ mbedtls_svc_key_id_t returned_id = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_type_t type1 = PSA_KEY_TYPE_RAW_DATA;
const uint8_t material1[5] = "a key";
@@ -340,26 +415,24 @@
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT );
psa_set_key_algorithm( &attributes, 0 );
PSA_ASSERT( psa_import_key( &attributes, material1, sizeof( material1 ),
- &handle1 ) );
- TEST_ASSERT( handle1 != 0 );
+ &returned_id ) );
+ TEST_ASSERT( mbedtls_svc_key_id_equal( id, returned_id ) );
if( reopen_policy == CLOSE_BEFORE )
- PSA_ASSERT( psa_close_key( handle1 ) );
+ PSA_ASSERT( psa_close_key( id ) );
/* Attempt to create a new key in the same slot. */
TEST_EQUAL( psa_import_key( &attributes, material2, sizeof( material2 ),
- &handle2 ),
+ &returned_id ),
PSA_ERROR_ALREADY_EXISTS );
- TEST_EQUAL( handle2, 0 );
+ TEST_ASSERT( mbedtls_svc_key_id_is_null( returned_id ) );
if( reopen_policy == CLOSE_AFTER )
- PSA_ASSERT( psa_close_key( handle1 ) );
- if( reopen_policy == CLOSE_BEFORE || reopen_policy == CLOSE_AFTER )
- PSA_ASSERT( psa_open_key( id, &handle1 ) );
+ PSA_ASSERT( psa_close_key( id ) );
/* Check that the original key hasn't changed. */
psa_reset_key_attributes( &attributes );
- PSA_ASSERT( psa_get_key_attributes( handle1, &attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( id, &attributes ) );
TEST_ASSERT( mbedtls_svc_key_id_equal(
psa_get_key_id( &attributes ), id ) );
TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime );
@@ -368,15 +441,21 @@
TEST_EQUAL( psa_get_key_usage_flags( &attributes ), PSA_KEY_USAGE_EXPORT );
TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 );
- PSA_ASSERT( psa_export_key( handle1,
+ PSA_ASSERT( psa_export_key( id,
reexported, sizeof( reexported ),
&reexported_length ) );
ASSERT_COMPARE( material1, sizeof( material1 ),
reexported, reexported_length );
- PSA_ASSERT( psa_close_key( handle1 ) );
+ PSA_ASSERT( psa_close_key( id ) );
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &attributes );
+
PSA_DONE( );
psa_purge_key_storage( );
}
@@ -388,12 +467,12 @@
{
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, id_arg );
psa_status_t expected_status = expected_status_arg;
- psa_key_handle_t handle = 0xdead;
+ psa_key_handle_t handle = mbedtls_svc_key_id_make( 0xdead, 0xdead );
PSA_ASSERT( psa_crypto_init( ) );
TEST_EQUAL( psa_open_key( id, &handle ), expected_status );
- TEST_EQUAL( handle, 0 );
+ TEST_ASSERT( psa_key_handle_is_null( handle ) );
exit:
PSA_DONE( );
@@ -408,20 +487,32 @@
mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, id_arg );
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_status_t expected_status = expected_status_arg;
- psa_key_handle_t handle = 0xdead;
+ mbedtls_svc_key_id_t returned_id =
+ mbedtls_svc_key_id_make( 0xdead, 0xdead );
uint8_t material[1] = {'k'};
TEST_USES_KEY_ID( id );
PSA_ASSERT( psa_crypto_init( ) );
- psa_set_key_id( &attributes, id );
psa_set_key_lifetime( &attributes, lifetime );
+ if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
+ {
+ /*
+ * Not possible to set a key identifier different from 0 through
+ * PSA key attributes APIs thus accessing to the attributes
+ * directly.
+ */
+ attributes.core.id = id;
+ }
+ else
+ psa_set_key_id( &attributes, id );
+
psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
TEST_EQUAL( psa_import_key( &attributes, material, sizeof( material ),
- &handle ),
+ &returned_id ),
expected_status );
- TEST_EQUAL( handle, 0 );
+ TEST_ASSERT( mbedtls_svc_key_id_is_null( returned_id ) );
exit:
PSA_DONE( );
@@ -447,16 +538,17 @@
mbedtls_svc_key_id_make( source_owner_id_arg, source_id_arg );
psa_key_usage_t source_usage = source_usage_arg;
psa_algorithm_t source_alg = source_alg_arg;
- psa_key_handle_t source_handle = 0;
psa_key_attributes_t source_attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_type_t source_type = type_arg;
+ mbedtls_svc_key_id_t returned_source_id = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_lifetime_t target_lifetime = target_lifetime_arg;
mbedtls_svc_key_id_t target_id =
mbedtls_svc_key_id_make( target_owner_id_arg, target_id_arg );
psa_key_usage_t target_usage = target_usage_arg;
psa_algorithm_t target_alg = target_alg_arg;
- psa_key_handle_t target_handle = 0;
psa_key_attributes_t target_attributes = PSA_KEY_ATTRIBUTES_INIT;
+ mbedtls_svc_key_id_t returned_target_id = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_key_handle_t target_handle = PSA_KEY_HANDLE_INIT;
psa_key_usage_t expected_usage = expected_usage_arg;
psa_algorithm_t expected_alg = expected_alg_arg;
psa_algorithm_t expected_alg2 = expected_alg2_arg;
@@ -477,9 +569,10 @@
psa_set_key_enrollment_algorithm( &source_attributes, source_alg2_arg );
PSA_ASSERT( psa_import_key( &source_attributes,
material->x, material->len,
- &source_handle ) );
+ &returned_source_id ) );
/* Update the attributes with the bit size. */
- PSA_ASSERT( psa_get_key_attributes( source_handle, &source_attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( returned_source_id,
+ &source_attributes ) );
/* Prepare the target slot. */
psa_set_key_id( &target_attributes, target_id );
@@ -490,15 +583,15 @@
psa_set_key_enrollment_algorithm( &target_attributes, target_alg2_arg );
/* Copy the key. */
- PSA_ASSERT( psa_copy_key( source_handle,
- &target_attributes, &target_handle ) );
+ PSA_ASSERT( psa_copy_key( returned_source_id,
+ &target_attributes, &returned_target_id ) );
/* Destroy the source to ensure that this doesn't affect the target. */
- PSA_ASSERT( psa_destroy_key( source_handle ) );
+ PSA_ASSERT( psa_destroy_key( returned_source_id ) );
/* If the target key is persistent, restart the system to make
* sure that the material is still alive. */
- if( target_lifetime != PSA_KEY_LIFETIME_VOLATILE )
+ if( ! PSA_KEY_LIFETIME_IS_VOLATILE( target_lifetime ) )
{
mbedtls_psa_crypto_free( );
PSA_ASSERT( psa_crypto_init( ) );
@@ -507,9 +600,10 @@
/* Test that the target slot has the expected content. */
psa_reset_key_attributes( &target_attributes );
- PSA_ASSERT( psa_get_key_attributes( target_handle, &target_attributes ) );
+ PSA_ASSERT( psa_get_key_attributes( returned_target_id,
+ &target_attributes ) );
- if( target_lifetime != PSA_KEY_LIFETIME_VOLATILE )
+ if( ! PSA_KEY_LIFETIME_IS_VOLATILE( target_lifetime ) )
{
TEST_ASSERT( mbedtls_svc_key_id_equal(
target_id, psa_get_key_id( &target_attributes ) ) );
@@ -517,10 +611,9 @@
else
{
#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
- TEST_EQUAL( MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( target_id ),
+ TEST_EQUAL( MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( returned_target_id ),
target_owner_id_arg );
#endif
- TEST_EQUAL( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( target_id ), 0 );
}
TEST_EQUAL( target_lifetime, psa_get_key_lifetime( &target_attributes ) );
@@ -535,7 +628,7 @@
{
size_t length;
ASSERT_ALLOC( export_buffer, material->len );
- PSA_ASSERT( psa_export_key( target_handle, export_buffer,
+ PSA_ASSERT( psa_export_key( returned_target_id, export_buffer,
material->len, &length ) );
ASSERT_COMPARE( material->x, material->len,
export_buffer, length );
@@ -544,14 +637,21 @@
{
size_t length;
/* Check that the key is actually non-exportable. */
- TEST_EQUAL( psa_export_key( target_handle, export_buffer,
+ TEST_EQUAL( psa_export_key( returned_target_id, export_buffer,
material->len, &length ),
PSA_ERROR_NOT_PERMITTED );
}
- PSA_ASSERT( psa_destroy_key( target_handle ) );
+ PSA_ASSERT( psa_destroy_key( returned_target_id ) );
exit:
+ /*
+ * Source and target key attributes may have been returned by
+ * psa_get_key_attributes() thus reset them as required.
+ */
+ psa_reset_key_attributes( &source_attributes );
+ psa_reset_key_attributes( &target_attributes );
+
PSA_DONE( );
mbedtls_free( export_buffer );
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
@@ -573,16 +673,16 @@
mbedtls_svc_key_id_make( 1, source_id_arg );
psa_key_usage_t source_usage = source_usage_arg;
psa_algorithm_t source_alg = source_alg_arg;
- psa_key_handle_t source_handle = 0;
psa_key_type_t source_type = source_type_arg;
+ mbedtls_svc_key_id_t returned_source_id = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_lifetime_t target_lifetime = target_lifetime_arg;
mbedtls_svc_key_id_t target_id =
mbedtls_svc_key_id_make( 1, target_id_arg );
psa_key_usage_t target_usage = target_usage_arg;
psa_algorithm_t target_alg = target_alg_arg;
- psa_key_handle_t target_handle = 0;
psa_key_type_t target_type = target_type_arg;
- psa_key_handle_t new_handle = 0xdead;
+ mbedtls_svc_key_id_t returned_target_id = MBEDTLS_SVC_KEY_ID_INIT;
+ mbedtls_svc_key_id_t new_key = MBEDTLS_SVC_KEY_ID_INIT;
uint8_t *export_buffer = NULL;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_attributes_t attributes1 = PSA_KEY_ATTRIBUTES_INIT;
@@ -594,7 +694,7 @@
PSA_ASSERT( psa_crypto_init( ) );
/* Populate the source slot. */
- if( source_lifetime != PSA_KEY_LIFETIME_VOLATILE )
+ if( ! PSA_KEY_LIFETIME_IS_VOLATILE( source_lifetime ) )
{
psa_set_key_id( &attributes, source_id );
psa_set_key_lifetime( &attributes, source_lifetime );
@@ -604,12 +704,12 @@
psa_set_key_algorithm( &attributes, source_alg );
PSA_ASSERT( psa_import_key( &attributes,
source_material->x, source_material->len,
- &source_handle ) );
+ &returned_source_id ) );
/* Populate the target slot. */
if( mbedtls_svc_key_id_equal( target_id, source_id ) )
{
- target_handle = source_handle;
+ returned_target_id = returned_source_id;
}
else
{
@@ -620,20 +720,21 @@
psa_set_key_algorithm( &attributes1, target_alg );
PSA_ASSERT( psa_import_key( &attributes1,
target_material->x, target_material->len,
- &target_handle ) );
+ &returned_target_id ) );
}
- PSA_ASSERT( psa_get_key_attributes( target_handle, &attributes1 ) );
+
+ PSA_ASSERT( psa_get_key_attributes( returned_target_id, &attributes1 ) );
/* Make a copy attempt. */
psa_set_key_id( &attributes, target_id );
psa_set_key_lifetime( &attributes, target_lifetime );
- TEST_EQUAL( psa_copy_key( source_handle,
- &attributes, &new_handle ),
+ TEST_EQUAL( psa_copy_key( returned_source_id,
+ &attributes, &new_key ),
PSA_ERROR_ALREADY_EXISTS );
- TEST_EQUAL( new_handle , 0 );
+ TEST_ASSERT( mbedtls_svc_key_id_is_null( new_key ) );
/* Test that the target slot is unaffected. */
- PSA_ASSERT( psa_get_key_attributes( target_handle, &attributes2 ) );
+ PSA_ASSERT( psa_get_key_attributes( returned_target_id, &attributes2 ) );
TEST_ASSERT( mbedtls_svc_key_id_equal(
psa_get_key_id( &attributes1 ),
psa_get_key_id( &attributes2 ) ) );
@@ -651,17 +752,24 @@
{
size_t length;
ASSERT_ALLOC( export_buffer, target_material->len );
- PSA_ASSERT( psa_export_key( target_handle, export_buffer,
+ PSA_ASSERT( psa_export_key( returned_target_id, export_buffer,
target_material->len, &length ) );
ASSERT_COMPARE( target_material->x, target_material->len,
export_buffer, length );
}
- PSA_ASSERT( psa_destroy_key( source_handle ) );
- if( target_handle != source_handle )
- PSA_ASSERT( psa_destroy_key( target_handle ) );
+ PSA_ASSERT( psa_destroy_key( returned_source_id ) );
+ if( ! mbedtls_svc_key_id_equal( target_id, source_id ) )
+ PSA_ASSERT( psa_destroy_key( returned_target_id ) );
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &attributes1 );
+ psa_reset_key_attributes( &attributes2 );
+
PSA_DONE( );
mbedtls_free( export_buffer );
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
@@ -674,8 +782,9 @@
void invalid_handle( int handle_construction,
int close_status_arg, int usage_status_arg )
{
- psa_key_handle_t valid_handle = 0;
- psa_key_handle_t invalid_handle = 0;
+ psa_key_handle_t valid_handle = PSA_KEY_HANDLE_INIT;
+ psa_key_handle_t invalid_handle = PSA_KEY_HANDLE_INIT;
+ psa_key_id_t key_id;
psa_status_t close_status = close_status_arg;
psa_status_t usage_status = usage_status_arg;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@@ -690,23 +799,35 @@
PSA_ASSERT( psa_import_key( &attributes,
material, sizeof( material ),
&valid_handle ) );
- TEST_ASSERT( valid_handle != 0 );
+ TEST_ASSERT( ! psa_key_handle_is_null( valid_handle ) );
/* Construct an invalid handle as specified in the test case data. */
switch( handle_construction )
{
case INVALID_HANDLE_0:
- invalid_handle = 0;
+ invalid_handle = PSA_KEY_HANDLE_INIT;
break;
case INVALID_HANDLE_UNOPENED:
- /* We can't easily construct a handle that's never been opened
- * without knowing how the implementation constructs handle
- * values. The current test code assumes that valid handles
- * are in a range between 1 and some maximum. */
- if( valid_handle == 1 )
- invalid_handle = 2;
+
+ /*
+ * MBEDTLS_SVC_KEY_ID_GET_KEY_ID( valid_handle ) is a volatile
+ * key identifier as the imported key is a volatile key. Volatile
+ * key identifiers are in the range from PSA_KEY_ID_VOLATILE_MIN
+ * to PSA_KEY_ID_VOLATILE_MAX included. Thus pick a key identifier
+ * in the range from PSA_KEY_ID_VOLATILE_MIN to
+ * PSA_KEY_ID_VOLATILE_MAX different from
+ * MBEDTLS_SVC_KEY_ID_GET_KEY_ID( valid_handle ) to build an
+ * unopened and thus invalid identifier.
+ */
+
+ if( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( valid_handle ) ==
+ PSA_KEY_ID_VOLATILE_MIN )
+ key_id = PSA_KEY_ID_VOLATILE_MIN + 1;
else
- invalid_handle = valid_handle - 1;
+ key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( valid_handle ) - 1;
+
+ invalid_handle =
+ mbedtls_svc_key_id_make( 0, key_id );
break;
case INVALID_HANDLE_CLOSED:
PSA_ASSERT( psa_import_key( &attributes,
@@ -715,7 +836,8 @@
PSA_ASSERT( psa_destroy_key( invalid_handle ) );
break;
case INVALID_HANDLE_HUGE:
- invalid_handle = (psa_key_handle_t) ( -1 );
+ invalid_handle =
+ mbedtls_svc_key_id_make( 0, PSA_KEY_ID_VENDOR_MAX + 1 );
break;
default:
TEST_ASSERT( ! "unknown handle construction" );
@@ -735,56 +857,255 @@
PSA_ASSERT( psa_close_key( valid_handle ) );
exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &attributes );
+
PSA_DONE( );
}
/* END_CASE */
/* BEGIN_CASE */
-void many_transient_handles( int max_handles_arg )
+void many_transient_keys( int max_keys_arg )
{
- psa_key_handle_t *handles = NULL;
- size_t max_handles = max_handles_arg;
+ mbedtls_svc_key_id_t *keys = NULL;
+ size_t max_keys = max_keys_arg;
size_t i, j;
psa_status_t status;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
uint8_t exported[sizeof( size_t )];
size_t exported_length;
- ASSERT_ALLOC( handles, max_handles );
+ ASSERT_ALLOC( keys, max_keys );
PSA_ASSERT( psa_crypto_init( ) );
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT );
psa_set_key_algorithm( &attributes, 0 );
psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
- for( i = 0; i < max_handles; i++ )
+ for( i = 0; i < max_keys; i++ )
{
status = psa_import_key( &attributes,
(uint8_t *) &i, sizeof( i ),
- &handles[i] );
+ &keys[i] );
if( status == PSA_ERROR_INSUFFICIENT_MEMORY )
break;
PSA_ASSERT( status );
- TEST_ASSERT( handles[i] != 0 );
+ TEST_ASSERT( ! mbedtls_svc_key_id_is_null( keys[i] ) );
for( j = 0; j < i; j++ )
- TEST_ASSERT( handles[i] != handles[j] );
+ TEST_ASSERT( ! mbedtls_svc_key_id_equal( keys[i], keys[j] ) );
}
- max_handles = i;
+ max_keys = i;
- for( i = 1; i < max_handles; i++ )
+ for( i = 1; i < max_keys; i++ )
{
- PSA_ASSERT( psa_close_key( handles[i - 1] ) );
- PSA_ASSERT( psa_export_key( handles[i],
+ PSA_ASSERT( psa_close_key( keys[i - 1] ) );
+ PSA_ASSERT( psa_export_key( keys[i],
exported, sizeof( exported ),
&exported_length ) );
ASSERT_COMPARE( exported, exported_length,
(uint8_t *) &i, sizeof( i ) );
}
- PSA_ASSERT( psa_close_key( handles[i - 1] ) );
+ PSA_ASSERT( psa_close_key( keys[i - 1] ) );
exit:
PSA_DONE( );
- mbedtls_free( handles );
+ mbedtls_free( keys );
}
/* END_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */
+void key_slot_eviction_to_import_new_key( int lifetime_arg )
+{
+ psa_key_lifetime_t lifetime = (psa_key_lifetime_t)lifetime_arg;
+ size_t i;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ uint8_t exported[sizeof( size_t )];
+ size_t exported_length;
+ mbedtls_svc_key_id_t key, returned_key_id;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT );
+ psa_set_key_algorithm( &attributes, 0 );
+ psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
+
+ /*
+ * Create PSA_KEY_SLOT_COUNT persistent keys.
+ */
+ for( i = 0; i < PSA_KEY_SLOT_COUNT; i++ )
+ {
+ key = mbedtls_svc_key_id_make( i, i + 1 );
+ psa_set_key_id( &attributes, key );
+ PSA_ASSERT( psa_import_key( &attributes,
+ (uint8_t *) &i, sizeof( i ),
+ &returned_key_id ) );
+ TEST_ASSERT( mbedtls_svc_key_id_equal( returned_key_id, key ) );
+ }
+
+ /*
+ * Create a new persistent or volatile key. When creating the key,
+ * one of the descriptions of the previously created persistent keys
+ * is removed from the RAM key slots. This makes room to store its
+ * description in RAM.
+ */
+ i = PSA_KEY_SLOT_COUNT;
+ key = mbedtls_svc_key_id_make( i, i + 1 );
+ psa_set_key_id( &attributes, key );
+ psa_set_key_lifetime( &attributes, lifetime );
+
+ PSA_ASSERT( psa_import_key( &attributes,
+ (uint8_t *) &i, sizeof( i ),
+ &returned_key_id ) );
+ if( lifetime != PSA_KEY_LIFETIME_VOLATILE )
+ TEST_ASSERT( mbedtls_svc_key_id_equal( returned_key_id, key ) );
+ else
+ TEST_ASSERT( psa_key_id_is_volatile(
+ MBEDTLS_SVC_KEY_ID_GET_KEY_ID( returned_key_id ) ) );
+
+ /*
+ * Check that we can export all ( PSA_KEY_SLOT_COUNT + 1 ) keys,
+ * that they have the expected value and destroy them. In that process,
+ * the description of the persistent key that was evicted from the RAM
+ * slots when creating the last key is restored in a RAM slot to export
+ * its value.
+ */
+ for( i = 0; i <= PSA_KEY_SLOT_COUNT; i++ )
+ {
+ if( i < PSA_KEY_SLOT_COUNT )
+ key = mbedtls_svc_key_id_make( i, i + 1 );
+ else
+ key = returned_key_id;
+
+ PSA_ASSERT( psa_export_key( key,
+ exported, sizeof( exported ),
+ &exported_length ) );
+ ASSERT_COMPARE( exported, exported_length,
+ (uint8_t *) &i, sizeof( i ) );
+ PSA_ASSERT( psa_destroy_key( key ) );
+ }
+
+exit:
+ PSA_DONE( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */
+void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation( )
+{
+ psa_status_t status;
+ size_t i;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ uint8_t exported[sizeof( size_t )];
+ size_t exported_length;
+ mbedtls_svc_key_id_t persistent_key = MBEDTLS_SVC_KEY_ID_INIT;
+ mbedtls_svc_key_id_t persistent_key2 = MBEDTLS_SVC_KEY_ID_INIT;
+ mbedtls_svc_key_id_t returned_key_id = MBEDTLS_SVC_KEY_ID_INIT;
+ mbedtls_svc_key_id_t *keys = NULL;
+
+ TEST_ASSERT( PSA_KEY_SLOT_COUNT >= 1 );
+
+ ASSERT_ALLOC( keys, PSA_KEY_SLOT_COUNT );
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ psa_set_key_usage_flags( &attributes,
+ PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY );
+ psa_set_key_algorithm( &attributes, 0 );
+ psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
+
+ /*
+ * Create a persistent key
+ */
+ persistent_key = mbedtls_svc_key_id_make( 0x100, 0x205 );
+ psa_set_key_id( &attributes, persistent_key );
+ PSA_ASSERT( psa_import_key( &attributes,
+ (uint8_t *) &persistent_key,
+ sizeof( persistent_key ),
+ &returned_key_id ) );
+ TEST_ASSERT( mbedtls_svc_key_id_equal( returned_key_id, persistent_key ) );
+
+ /*
+ * Create PSA_KEY_SLOT_COUNT volatile keys
+ */
+ psa_set_key_lifetime( &attributes, PSA_KEY_LIFETIME_VOLATILE );
+ for( i = 0; i < PSA_KEY_SLOT_COUNT; i++ )
+ {
+ PSA_ASSERT( psa_import_key( &attributes,
+ (uint8_t *) &i, sizeof( i ),
+ &keys[i]) );
+ }
+ psa_reset_key_attributes( &attributes );
+
+ /*
+ * Check that we cannot access the persistent key as all slots are
+ * occupied by volatile keys and the implementation needs to load the
+ * persistent key description in a slot to be able to access it.
+ */
+ status = psa_get_key_attributes( persistent_key, &attributes );
+ TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_MEMORY );
+
+ /*
+ * Check we can export the volatile key created last and that it has the
+ * expected value. Then, destroy it.
+ */
+ PSA_ASSERT( psa_export_key( keys[PSA_KEY_SLOT_COUNT - 1],
+ exported, sizeof( exported ),
+ &exported_length ) );
+ i = PSA_KEY_SLOT_COUNT - 1;
+ ASSERT_COMPARE( exported, exported_length, (uint8_t *) &i, sizeof( i ) );
+ PSA_ASSERT( psa_destroy_key( keys[PSA_KEY_SLOT_COUNT - 1] ) );
+
+ /*
+ * Check that we can now access the persistent key again.
+ */
+ PSA_ASSERT( psa_get_key_attributes( persistent_key, &attributes ) );
+ TEST_ASSERT( mbedtls_svc_key_id_equal( attributes.core.id,
+ persistent_key ) );
+
+ /*
+ * Check that we cannot copy the persistent key as all slots are occupied
+ * by the persistent key and the volatile keys and the slot containing the
+ * persistent key cannot be reclaimed as it contains the key to copy.
+ */
+ persistent_key2 = mbedtls_svc_key_id_make( 0x100, 0x204 );
+ psa_set_key_id( &attributes, persistent_key2 );
+ status = psa_copy_key( persistent_key, &attributes, &returned_key_id );
+ TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_MEMORY );
+
+ /*
+ * Check we can export the remaining volatile keys and that they have the
+ * expected values.
+ */
+ for( i = 0; i < ( PSA_KEY_SLOT_COUNT - 1 ); i++ )
+ {
+ PSA_ASSERT( psa_export_key( keys[i],
+ exported, sizeof( exported ),
+ &exported_length ) );
+ ASSERT_COMPARE( exported, exported_length,
+ (uint8_t *) &i, sizeof( i ) );
+ PSA_ASSERT( psa_destroy_key( keys[i] ) );
+ }
+
+ /*
+ * Check we can export the persistent key and that it have the expected
+ * value.
+ */
+
+ PSA_ASSERT( psa_export_key( persistent_key, exported, sizeof( exported ),
+ &exported_length ) );
+ ASSERT_COMPARE( exported, exported_length,
+ (uint8_t *) &persistent_key, sizeof( persistent_key ) );
+exit:
+ /*
+ * Key attributes may have been returned by psa_get_key_attributes()
+ * thus reset them as required.
+ */
+ psa_reset_key_attributes( &attributes );
+
+ psa_destroy_key( persistent_key );
+ PSA_DONE( );
+ mbedtls_free( keys );
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index 31d6000..9f2007d 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -161,7 +161,7 @@
int cert_type )
{
mbedtls_pk_context key;
- psa_key_handle_t slot = 0;
+ mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT;
psa_algorithm_t md_alg_psa;
mbedtls_x509write_csr req;
unsigned char buf[4096];
@@ -178,7 +178,7 @@
mbedtls_pk_init( &key );
TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 );
- TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &key, &slot, md_alg_psa ) == 0 );
+ TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &key, &key_id, md_alg_psa ) == 0 );
mbedtls_x509write_csr_init( &req );
mbedtls_x509write_csr_set_md_alg( &req, md_type );
@@ -202,7 +202,7 @@
exit:
mbedtls_x509write_csr_free( &req );
mbedtls_pk_free( &key );
- psa_destroy_key( slot );
+ psa_destroy_key( key_id );
PSA_DONE( );
}
/* END_CASE */
