Rename functions that inject key material to an allocated handle
This commit starts a migration to a new interface for key creation. Today, the application allocates a handle, then fills its metadata, and finally injects key material. The new interface fills metadata into a temporary structure, and a handle is allocated at the same time it gets filled with both metadata and key material. This commit was obtained by moving the declaration of the old-style functions to crypto_extra.h and renaming them with the to_handle suffix, adding declarations for the new-style functions in crypto.h under their new name, and running perl -i -pe 's/\bpsa_(import|copy|generator_import|generate)_key\b/$&_to_handle/g' library/*.c tests/suites/*.function programs/psa/*.c perl -i -pe 's/\bpsa_get_key_lifetime\b/$&_from_handle/g' library/*.c tests/suites/*.function programs/psa/*.c Many functions that are specific to the old interface, and which will not remain under the same name with the new interface, are still in crypto.h for now. All functional tests should still pass. The documentation may have some broken links.
This commit is contained in:
parent
c69af209f8
commit
87a5e565f4
@ -93,6 +93,24 @@ psa_status_t psa_crypto_init(void);
|
||||
|
||||
/**@}*/
|
||||
|
||||
/** \defgroup attributes Key attributes
|
||||
* @{
|
||||
*/
|
||||
|
||||
/** The type of a structure containing key attributes.
|
||||
*
|
||||
* This is an opaque structure that can represent the metadata of a key
|
||||
* object, including the key type and size, domain parameters, usage policies,
|
||||
* location in storage, and any other similar information.
|
||||
*
|
||||
* The actual key material is not considered an attribute of a key.
|
||||
* Key attributes do not contain information that is generally considered
|
||||
* highly confidential.
|
||||
*/
|
||||
typedef struct psa_key_attributes_s psa_key_attributes_t;
|
||||
|
||||
/**@}*/
|
||||
|
||||
/** \defgroup policy Key policies
|
||||
* @{
|
||||
*/
|
||||
@ -231,26 +249,6 @@ psa_status_t psa_get_key_policy(psa_key_handle_t handle,
|
||||
* @{
|
||||
*/
|
||||
|
||||
/** \brief Retrieve the lifetime of an open key.
|
||||
*
|
||||
* \param handle Handle to query.
|
||||
* \param[out] lifetime On success, the lifetime value.
|
||||
*
|
||||
* \retval #PSA_SUCCESS
|
||||
* Success.
|
||||
* \retval #PSA_ERROR_INVALID_HANDLE
|
||||
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
|
||||
* \retval #PSA_ERROR_HARDWARE_FAILURE
|
||||
* \retval #PSA_ERROR_TAMPERING_DETECTED
|
||||
* \retval #PSA_ERROR_BAD_STATE
|
||||
* The library has not been previously initialized by psa_crypto_init().
|
||||
* It is implementation-dependent whether a failure to initialize
|
||||
* results in this error code.
|
||||
*/
|
||||
psa_status_t psa_get_key_lifetime(psa_key_handle_t handle,
|
||||
psa_key_lifetime_t *lifetime);
|
||||
|
||||
|
||||
/** Allocate a key slot for a transient key, i.e. a key which is only stored
|
||||
* in volatile memory.
|
||||
*
|
||||
@ -302,43 +300,6 @@ psa_status_t psa_open_key(psa_key_lifetime_t lifetime,
|
||||
psa_key_id_t id,
|
||||
psa_key_handle_t *handle);
|
||||
|
||||
/** Create a new persistent key slot.
|
||||
*
|
||||
* Create a new persistent key slot and return a handle to it. The handle
|
||||
* remains valid until the application calls psa_close_key() or terminates.
|
||||
* The application can open the key again with psa_open_key() until it
|
||||
* removes the key by calling psa_destroy_key().
|
||||
*
|
||||
* \param lifetime The lifetime of the key. This designates a storage
|
||||
* area where the key material is stored. This must not
|
||||
* be #PSA_KEY_LIFETIME_VOLATILE.
|
||||
* \param id The persistent identifier of the key.
|
||||
* \param[out] handle On success, a handle to the newly created key slot.
|
||||
* When key material is later created in this key slot,
|
||||
* it will be saved to the specified persistent location.
|
||||
*
|
||||
* \retval #PSA_SUCCESS
|
||||
* Success. The application can now use the value of `*handle`
|
||||
* to access the newly allocated key slot.
|
||||
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
|
||||
* \retval #PSA_ERROR_INSUFFICIENT_STORAGE
|
||||
* \retval #PSA_ERROR_ALREADY_EXISTS
|
||||
* There is already a key with the identifier \p id in the storage
|
||||
* area designated by \p lifetime.
|
||||
* \retval #PSA_ERROR_INVALID_ARGUMENT
|
||||
* \p lifetime is invalid, for example #PSA_KEY_LIFETIME_VOLATILE.
|
||||
* \retval #PSA_ERROR_INVALID_ARGUMENT
|
||||
* \p id is invalid for the specified lifetime.
|
||||
* \retval #PSA_ERROR_NOT_SUPPORTED
|
||||
* \p lifetime is not supported.
|
||||
* \retval #PSA_ERROR_NOT_PERMITTED
|
||||
* \p lifetime is valid, but the application does not have the
|
||||
* permission to create a key there.
|
||||
*/
|
||||
psa_status_t psa_create_key(psa_key_lifetime_t lifetime,
|
||||
psa_key_id_t id,
|
||||
psa_key_handle_t *handle);
|
||||
|
||||
/** Close a key handle.
|
||||
*
|
||||
* If the handle designates a volatile key, destroy the key material and
|
||||
@ -417,7 +378,8 @@ psa_status_t psa_close_key(psa_key_handle_t handle);
|
||||
* It is implementation-dependent whether a failure to initialize
|
||||
* results in this error code.
|
||||
*/
|
||||
psa_status_t psa_import_key(psa_key_handle_t handle,
|
||||
psa_status_t psa_import_key(const psa_key_attributes_t *attributes,
|
||||
psa_key_handle_t *handle,
|
||||
psa_key_type_t type,
|
||||
const uint8_t *data,
|
||||
size_t data_length);
|
||||
@ -809,8 +771,8 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle,
|
||||
* \retval #PSA_ERROR_TAMPERING_DETECTED
|
||||
*/
|
||||
psa_status_t psa_copy_key(psa_key_handle_t source_handle,
|
||||
psa_key_handle_t target_handle,
|
||||
const psa_key_policy_t *constraint);
|
||||
const psa_key_attributes_t *attributes,
|
||||
psa_key_handle_t *target_handle);
|
||||
|
||||
/**@}*/
|
||||
|
||||
@ -3006,7 +2968,8 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator,
|
||||
* It is implementation-dependent whether a failure to initialize
|
||||
* results in this error code.
|
||||
*/
|
||||
psa_status_t psa_generator_import_key(psa_key_handle_t handle,
|
||||
psa_status_t psa_generator_import_key(const psa_key_attributes_t *attributes,
|
||||
psa_key_handle_t *handle,
|
||||
psa_key_type_t type,
|
||||
size_t bits,
|
||||
psa_crypto_generator_t *generator);
|
||||
@ -3398,7 +3361,8 @@ typedef struct {
|
||||
* It is implementation-dependent whether a failure to initialize
|
||||
* results in this error code.
|
||||
*/
|
||||
psa_status_t psa_generate_key(psa_key_handle_t handle,
|
||||
psa_status_t psa_generate_key(const psa_key_attributes_t *attributes,
|
||||
psa_key_handle_t *handle,
|
||||
psa_key_type_t type,
|
||||
size_t bits,
|
||||
const void *extra,
|
||||
|
@ -202,6 +202,93 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator,
|
||||
/* FIXME Deprecated. Remove this as soon as all the tests are updated. */
|
||||
#define PSA_ALG_SELECT_RAW ((psa_algorithm_t)0x31000001)
|
||||
|
||||
/** \defgroup to_handle Key creation to allocated handle
|
||||
* @{
|
||||
*
|
||||
* The functions in this section are legacy interfaces where the properties
|
||||
* of a key object are set after allocating a handle, in constrast with the
|
||||
* preferred interface where key objects are created atomically from
|
||||
* a structure that represents the properties.
|
||||
*/
|
||||
|
||||
/** Create a new persistent key slot.
|
||||
*
|
||||
* Create a new persistent key slot and return a handle to it. The handle
|
||||
* remains valid until the application calls psa_close_key() or terminates.
|
||||
* The application can open the key again with psa_open_key() until it
|
||||
* removes the key by calling psa_destroy_key().
|
||||
*
|
||||
* \param lifetime The lifetime of the key. This designates a storage
|
||||
* area where the key material is stored. This must not
|
||||
* be #PSA_KEY_LIFETIME_VOLATILE.
|
||||
* \param id The persistent identifier of the key.
|
||||
* \param[out] handle On success, a handle to the newly created key slot.
|
||||
* When key material is later created in this key slot,
|
||||
* it will be saved to the specified persistent location.
|
||||
*
|
||||
* \retval #PSA_SUCCESS
|
||||
* Success. The application can now use the value of `*handle`
|
||||
* to access the newly allocated key slot.
|
||||
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
|
||||
* \retval #PSA_ERROR_INSUFFICIENT_STORAGE
|
||||
* \retval #PSA_ERROR_ALREADY_EXISTS
|
||||
* There is already a key with the identifier \p id in the storage
|
||||
* area designated by \p lifetime.
|
||||
* \retval #PSA_ERROR_INVALID_ARGUMENT
|
||||
* \p lifetime is invalid, for example #PSA_KEY_LIFETIME_VOLATILE.
|
||||
* \retval #PSA_ERROR_INVALID_ARGUMENT
|
||||
* \p id is invalid for the specified lifetime.
|
||||
* \retval #PSA_ERROR_NOT_SUPPORTED
|
||||
* \p lifetime is not supported.
|
||||
* \retval #PSA_ERROR_NOT_PERMITTED
|
||||
* \p lifetime is valid, but the application does not have the
|
||||
* permission to create a key there.
|
||||
*/
|
||||
psa_status_t psa_create_key(psa_key_lifetime_t lifetime,
|
||||
psa_key_id_t id,
|
||||
psa_key_handle_t *handle);
|
||||
|
||||
/** \brief Retrieve the lifetime of an open key.
|
||||
*
|
||||
* \param handle Handle to query.
|
||||
* \param[out] lifetime On success, the lifetime value.
|
||||
*
|
||||
* \retval #PSA_SUCCESS
|
||||
* Success.
|
||||
* \retval #PSA_ERROR_INVALID_HANDLE
|
||||
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
|
||||
* \retval #PSA_ERROR_HARDWARE_FAILURE
|
||||
* \retval #PSA_ERROR_TAMPERING_DETECTED
|
||||
* \retval #PSA_ERROR_BAD_STATE
|
||||
* The library has not been previously initialized by psa_crypto_init().
|
||||
* It is implementation-dependent whether a failure to initialize
|
||||
* results in this error code.
|
||||
*/
|
||||
psa_status_t psa_get_key_lifetime_from_handle(psa_key_handle_t handle,
|
||||
psa_key_lifetime_t *lifetime);
|
||||
|
||||
psa_status_t psa_import_key_to_handle(psa_key_handle_t handle,
|
||||
psa_key_type_t type,
|
||||
const uint8_t *data,
|
||||
size_t data_length);
|
||||
|
||||
psa_status_t psa_copy_key_to_handle(psa_key_handle_t source_handle,
|
||||
psa_key_handle_t target_handle,
|
||||
const psa_key_policy_t *constraint);
|
||||
|
||||
psa_status_t psa_generator_import_key_to_handle(psa_key_handle_t handle,
|
||||
psa_key_type_t type,
|
||||
size_t bits,
|
||||
psa_crypto_generator_t *generator);
|
||||
|
||||
psa_status_t psa_generate_key_to_handle(psa_key_handle_t handle,
|
||||
psa_key_type_t type,
|
||||
size_t bits,
|
||||
const void *extra,
|
||||
size_t extra_size);
|
||||
|
||||
/**@}*/
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
@ -338,7 +338,7 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx,
|
||||
return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
|
||||
|
||||
/* Populate new key slot. */
|
||||
status = psa_import_key( cipher_psa->slot,
|
||||
status = psa_import_key_to_handle( cipher_psa->slot,
|
||||
key_type, key, key_bytelen );
|
||||
if( status != PSA_SUCCESS )
|
||||
return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
|
||||
|
@ -629,7 +629,7 @@ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk,
|
||||
return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
|
||||
|
||||
/* import private key in slot */
|
||||
if( PSA_SUCCESS != psa_import_key( key, key_type, d, d_len ) )
|
||||
if( PSA_SUCCESS != psa_import_key_to_handle( key, key_type, d, d_len ) )
|
||||
return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
|
||||
|
||||
/* remember slot number to be destroyed later by caller */
|
||||
|
@ -589,7 +589,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
if( psa_import_key( key_slot, psa_type, buf + sizeof( buf ) - key_len, key_len )
|
||||
if( psa_import_key_to_handle( key_slot, psa_type, buf + sizeof( buf ) - key_len, key_len )
|
||||
!= PSA_SUCCESS )
|
||||
{
|
||||
ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA;
|
||||
|
@ -903,7 +903,7 @@ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot )
|
||||
return( status );
|
||||
}
|
||||
|
||||
psa_status_t psa_import_key( psa_key_handle_t handle,
|
||||
psa_status_t psa_import_key_to_handle( psa_key_handle_t handle,
|
||||
psa_key_type_t type,
|
||||
const uint8_t *data,
|
||||
size_t data_length )
|
||||
@ -1228,7 +1228,7 @@ static psa_status_t psa_copy_key_material( const psa_key_slot_t *source,
|
||||
status = psa_internal_export_key( source, buffer, buffer_size, &length, 0 );
|
||||
if( status != PSA_SUCCESS )
|
||||
goto exit;
|
||||
status = psa_import_key( target, source->type, buffer, length );
|
||||
status = psa_import_key_to_handle( target, source->type, buffer, length );
|
||||
|
||||
exit:
|
||||
if( buffer_size != 0 )
|
||||
@ -1237,7 +1237,7 @@ exit:
|
||||
return( status );
|
||||
}
|
||||
|
||||
psa_status_t psa_copy_key(psa_key_handle_t source_handle,
|
||||
psa_status_t psa_copy_key_to_handle(psa_key_handle_t source_handle,
|
||||
psa_key_handle_t target_handle,
|
||||
const psa_key_policy_t *constraint)
|
||||
{
|
||||
@ -3277,7 +3277,7 @@ psa_status_t psa_get_key_policy( psa_key_handle_t handle,
|
||||
/* Key Lifetime */
|
||||
/****************************************************************/
|
||||
|
||||
psa_status_t psa_get_key_lifetime( psa_key_handle_t handle,
|
||||
psa_status_t psa_get_key_lifetime_from_handle( psa_key_handle_t handle,
|
||||
psa_key_lifetime_t *lifetime )
|
||||
{
|
||||
psa_key_slot_t *slot;
|
||||
@ -3996,7 +3996,7 @@ static void psa_des_set_key_parity( uint8_t *data, size_t data_size )
|
||||
}
|
||||
#endif /* MBEDTLS_DES_C */
|
||||
|
||||
psa_status_t psa_generator_import_key( psa_key_handle_t handle,
|
||||
psa_status_t psa_generator_import_key_to_handle( psa_key_handle_t handle,
|
||||
psa_key_type_t type,
|
||||
size_t bits,
|
||||
psa_crypto_generator_t *generator )
|
||||
@ -4020,7 +4020,7 @@ psa_status_t psa_generator_import_key( psa_key_handle_t handle,
|
||||
if( type == PSA_KEY_TYPE_DES )
|
||||
psa_des_set_key_parity( data, bytes );
|
||||
#endif /* MBEDTLS_DES_C */
|
||||
status = psa_import_key( handle, type, data, bytes );
|
||||
status = psa_import_key_to_handle( handle, type, data, bytes );
|
||||
|
||||
exit:
|
||||
mbedtls_free( data );
|
||||
@ -4749,7 +4749,7 @@ psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed,
|
||||
}
|
||||
#endif /* MBEDTLS_PSA_INJECT_ENTROPY */
|
||||
|
||||
psa_status_t psa_generate_key( psa_key_handle_t handle,
|
||||
psa_status_t psa_generate_key_to_handle( psa_key_handle_t handle,
|
||||
psa_key_type_t type,
|
||||
size_t bits,
|
||||
const void *extra,
|
||||
|
@ -3148,7 +3148,7 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl )
|
||||
return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
|
||||
|
||||
/* Generate ECDH private key. */
|
||||
status = psa_generate_key( handshake->ecdh_psa_privkey,
|
||||
status = psa_generate_key_to_handle( handshake->ecdh_psa_privkey,
|
||||
PSA_KEY_TYPE_ECC_KEYPAIR( handshake->ecdh_psa_curve ),
|
||||
MBEDTLS_PSA_ECC_KEY_BITS_OF_CURVE( handshake->ecdh_psa_curve ),
|
||||
NULL, 0 );
|
||||
|
@ -544,7 +544,7 @@ static int tls_prf_generic( mbedtls_md_type_t md_type,
|
||||
if( status != PSA_SUCCESS )
|
||||
return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
|
||||
|
||||
status = psa_import_key( master_slot, PSA_KEY_TYPE_DERIVE, secret, slen );
|
||||
status = psa_import_key_to_handle( master_slot, PSA_KEY_TYPE_DERIVE, secret, slen );
|
||||
if( status != PSA_SUCCESS )
|
||||
return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
|
||||
|
||||
|
@ -179,7 +179,7 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void )
|
||||
alg );
|
||||
ASSERT_STATUS( status, PSA_SUCCESS );
|
||||
|
||||
status = psa_generate_key( key_handle, PSA_KEY_TYPE_AES, key_bits,
|
||||
status = psa_generate_key_to_handle( key_handle, PSA_KEY_TYPE_AES, key_bits,
|
||||
NULL, 0 );
|
||||
ASSERT_STATUS( status, PSA_SUCCESS );
|
||||
|
||||
@ -229,7 +229,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void )
|
||||
alg );
|
||||
ASSERT_STATUS( status, PSA_SUCCESS );
|
||||
|
||||
status = psa_generate_key( key_handle, PSA_KEY_TYPE_AES, key_bits,
|
||||
status = psa_generate_key_to_handle( key_handle, PSA_KEY_TYPE_AES, key_bits,
|
||||
NULL, 0 );
|
||||
ASSERT_STATUS( status, PSA_SUCCESS );
|
||||
|
||||
@ -277,7 +277,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void )
|
||||
alg );
|
||||
ASSERT_STATUS( status, PSA_SUCCESS );
|
||||
|
||||
status = psa_generate_key( key_handle, PSA_KEY_TYPE_AES, key_bits,
|
||||
status = psa_generate_key_to_handle( key_handle, PSA_KEY_TYPE_AES, key_bits,
|
||||
NULL, 0 );
|
||||
ASSERT_STATUS( status, PSA_SUCCESS );
|
||||
|
||||
|
@ -208,7 +208,7 @@ static psa_status_t generate( const char *key_file_name )
|
||||
KDF_ALG );
|
||||
PSA_CHECK( psa_set_key_policy( key_handle, &policy ) );
|
||||
|
||||
PSA_CHECK( psa_generate_key( key_handle,
|
||||
PSA_CHECK( psa_generate_key_to_handle( key_handle,
|
||||
PSA_KEY_TYPE_DERIVE,
|
||||
PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ),
|
||||
NULL, 0 ) );
|
||||
@ -255,7 +255,7 @@ static psa_status_t import_key_from_file( psa_key_usage_t usage,
|
||||
PSA_CHECK( psa_allocate_key( master_key_handle ) );
|
||||
psa_key_policy_set_usage( &policy, usage, alg );
|
||||
PSA_CHECK( psa_set_key_policy( *master_key_handle, &policy ) );
|
||||
PSA_CHECK( psa_import_key( *master_key_handle,
|
||||
PSA_CHECK( psa_import_key_to_handle( *master_key_handle,
|
||||
PSA_KEY_TYPE_DERIVE,
|
||||
key_data, key_size ) );
|
||||
exit:
|
||||
@ -309,7 +309,7 @@ static psa_status_t derive_key_ladder( const char *ladder[],
|
||||
PSA_CHECK( psa_set_key_policy( *key_handle, &policy ) );
|
||||
/* Use the generator obtained from the parent key to create
|
||||
* the next intermediate key. */
|
||||
PSA_CHECK( psa_generator_import_key(
|
||||
PSA_CHECK( psa_generator_import_key_to_handle(
|
||||
*key_handle,
|
||||
PSA_KEY_TYPE_DERIVE,
|
||||
PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ),
|
||||
@ -348,7 +348,7 @@ static psa_status_t derive_wrapping_key( psa_key_usage_t usage,
|
||||
WRAPPING_KEY_SALT, WRAPPING_KEY_SALT_LENGTH,
|
||||
NULL, 0,
|
||||
PSA_BITS_TO_BYTES( WRAPPING_KEY_BITS ) ) );
|
||||
PSA_CHECK( psa_generator_import_key(
|
||||
PSA_CHECK( psa_generator_import_key_to_handle(
|
||||
*wrapping_key_handle,
|
||||
PSA_KEY_TYPE_AES,
|
||||
WRAPPING_KEY_BITS,
|
||||
|
@ -97,7 +97,7 @@ psa_key_handle_t pk_psa_genkey( void )
|
||||
return( PK_PSA_INVALID_SLOT );
|
||||
|
||||
/* generate key */
|
||||
if( PSA_SUCCESS != psa_generate_key( key, type, bits, NULL, 0 ) )
|
||||
if( PSA_SUCCESS != psa_generate_key_to_handle( key, type, bits, NULL, 0 ) )
|
||||
return( PK_PSA_INVALID_SLOT );
|
||||
|
||||
return( key );
|
||||
|
@ -216,7 +216,7 @@ int exercise_mac_setup( psa_key_type_t key_type,
|
||||
PSA_ASSERT( psa_allocate_key( &handle ) );
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
PSA_ASSERT( psa_import_key( handle, key_type, key_bytes, key_length ) );
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_bytes, key_length ) );
|
||||
|
||||
*status = psa_mac_sign_setup( operation, handle, alg );
|
||||
/* Whether setup succeeded or failed, abort must succeed. */
|
||||
@ -250,7 +250,7 @@ int exercise_cipher_setup( psa_key_type_t key_type,
|
||||
PSA_ASSERT( psa_allocate_key( &handle ) );
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
PSA_ASSERT( psa_import_key( handle, key_type, key_bytes, key_length ) );
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type, key_bytes, key_length ) );
|
||||
|
||||
*status = psa_cipher_encrypt_setup( operation, handle, alg );
|
||||
/* Whether setup succeeded or failed, abort must succeed. */
|
||||
@ -1118,7 +1118,7 @@ void import( data_t *data, int type, int expected_status_arg )
|
||||
PSA_ASSERT( psa_crypto_init( ) );
|
||||
|
||||
PSA_ASSERT( psa_allocate_key( &handle ) );
|
||||
status = psa_import_key( handle, type, data->x, data->len );
|
||||
status = psa_import_key_to_handle( handle, type, data->x, data->len );
|
||||
TEST_EQUAL( status, expected_status );
|
||||
if( status == PSA_SUCCESS )
|
||||
PSA_ASSERT( psa_destroy_key( handle ) );
|
||||
@ -1151,9 +1151,9 @@ void import_twice( int alg_arg, int usage_arg,
|
||||
psa_key_policy_set_usage( &policy, usage, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
status = psa_import_key( handle, type1, data1->x, data1->len );
|
||||
status = psa_import_key_to_handle( handle, type1, data1->x, data1->len );
|
||||
TEST_EQUAL( status, expected_import1_status );
|
||||
status = psa_import_key( handle, type2, data2->x, data2->len );
|
||||
status = psa_import_key_to_handle( handle, type2, data2->x, data2->len );
|
||||
TEST_EQUAL( status, expected_import2_status );
|
||||
|
||||
if( expected_import1_status == PSA_SUCCESS ||
|
||||
@ -1193,7 +1193,7 @@ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg )
|
||||
|
||||
/* Try importing the key */
|
||||
PSA_ASSERT( psa_allocate_key( &handle ) );
|
||||
status = psa_import_key( handle, type, p, length );
|
||||
status = psa_import_key_to_handle( handle, type, p, length );
|
||||
TEST_EQUAL( status, expected_status );
|
||||
if( status == PSA_SUCCESS )
|
||||
PSA_ASSERT( psa_destroy_key( handle ) );
|
||||
@ -1242,7 +1242,7 @@ void import_export( data_t *data,
|
||||
PSA_ERROR_DOES_NOT_EXIST );
|
||||
|
||||
/* Import the key */
|
||||
PSA_ASSERT( psa_import_key( handle, type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, type,
|
||||
data->x, data->len ) );
|
||||
|
||||
/* Test the key information */
|
||||
@ -1283,7 +1283,7 @@ void import_export( data_t *data,
|
||||
PSA_ASSERT( psa_allocate_key( &handle2 ) );
|
||||
PSA_ASSERT( psa_set_key_policy( handle2, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle2, type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle2, type,
|
||||
exported,
|
||||
exported_length ) );
|
||||
PSA_ASSERT( psa_export_key( handle2,
|
||||
@ -1321,11 +1321,11 @@ void import_key_nonempty_slot( )
|
||||
PSA_ASSERT( psa_allocate_key( &handle ) );
|
||||
|
||||
/* Import the key */
|
||||
PSA_ASSERT( psa_import_key( handle, type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, type,
|
||||
data, sizeof( data ) ) );
|
||||
|
||||
/* Import the key again */
|
||||
status = psa_import_key( handle, type, data, sizeof( data ) );
|
||||
status = psa_import_key_to_handle( handle, type, data, sizeof( data ) );
|
||||
TEST_EQUAL( status, PSA_ERROR_ALREADY_EXISTS );
|
||||
|
||||
exit:
|
||||
@ -1424,7 +1424,7 @@ void export_after_import_failure( data_t *data, int type_arg,
|
||||
PSA_ASSERT( psa_allocate_key( &handle ) );
|
||||
|
||||
/* Import the key - expect failure */
|
||||
status = psa_import_key( handle, type,
|
||||
status = psa_import_key_to_handle( handle, type,
|
||||
data->x, data->len );
|
||||
TEST_EQUAL( status, expected_import_status );
|
||||
|
||||
@ -1455,7 +1455,7 @@ void cipher_after_import_failure( data_t *data, int type_arg,
|
||||
PSA_ASSERT( psa_allocate_key( &handle ) );
|
||||
|
||||
/* Import the key - expect failure */
|
||||
status = psa_import_key( handle, type,
|
||||
status = psa_import_key_to_handle( handle, type,
|
||||
data->x, data->len );
|
||||
TEST_EQUAL( status, expected_import_status );
|
||||
|
||||
@ -1489,7 +1489,7 @@ void export_after_destroy_key( data_t *data, int type_arg )
|
||||
ASSERT_ALLOC( exported, export_size );
|
||||
|
||||
/* Import the key */
|
||||
PSA_ASSERT( psa_import_key( handle, type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, type,
|
||||
data->x, data->len ) );
|
||||
|
||||
PSA_ASSERT( psa_export_key( handle, exported, export_size,
|
||||
@ -1534,7 +1534,7 @@ void import_export_public_key( data_t *data,
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
/* Import the key */
|
||||
PSA_ASSERT( psa_import_key( handle, type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, type,
|
||||
data->x, data->len ) );
|
||||
|
||||
/* Export the public key */
|
||||
@ -1584,7 +1584,7 @@ void import_and_exercise_key( data_t *data,
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
/* Import the key */
|
||||
status = psa_import_key( handle, type, data->x, data->len );
|
||||
status = psa_import_key_to_handle( handle, type, data->x, data->len );
|
||||
PSA_ASSERT( status );
|
||||
|
||||
/* Test the key information */
|
||||
@ -1626,7 +1626,7 @@ void key_policy( int usage_arg, int alg_arg )
|
||||
TEST_EQUAL( psa_key_policy_get_algorithm( &policy_set ), alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy_set ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key, sizeof( key ) ) );
|
||||
|
||||
PSA_ASSERT( psa_get_key_policy( handle, &policy_get ) );
|
||||
@ -1684,7 +1684,7 @@ void mac_key_policy( int policy_usage,
|
||||
psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key_data->x, key_data->len ) );
|
||||
|
||||
status = psa_mac_sign_setup( &operation, handle, exercise_alg );
|
||||
@ -1728,7 +1728,7 @@ void cipher_key_policy( int policy_usage,
|
||||
psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key_data->x, key_data->len ) );
|
||||
|
||||
status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg );
|
||||
@ -1780,7 +1780,7 @@ void aead_key_policy( int policy_usage,
|
||||
psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key_data->x, key_data->len ) );
|
||||
|
||||
status = psa_aead_encrypt( handle, exercise_alg,
|
||||
@ -1835,7 +1835,7 @@ void asymmetric_encryption_key_policy( int policy_usage,
|
||||
psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key_data->x, key_data->len ) );
|
||||
|
||||
PSA_ASSERT( psa_get_key_information( handle,
|
||||
@ -1903,7 +1903,7 @@ void asymmetric_signature_key_policy( int policy_usage,
|
||||
psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key_data->x, key_data->len ) );
|
||||
|
||||
status = psa_asymmetric_sign( handle, exercise_alg,
|
||||
@ -1948,7 +1948,7 @@ void derive_key_policy( int policy_usage,
|
||||
psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key_data->x, key_data->len ) );
|
||||
|
||||
status = psa_key_derivation( &generator, handle,
|
||||
@ -1988,7 +1988,7 @@ void agreement_key_policy( int policy_usage,
|
||||
psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key_data->x, key_data->len ) );
|
||||
|
||||
PSA_ASSERT( psa_key_derivation_setup( &generator, exercise_alg ) );
|
||||
@ -2026,7 +2026,7 @@ void raw_agreement_key_policy( int policy_usage,
|
||||
psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key_data->x, key_data->len ) );
|
||||
|
||||
status = raw_key_agreement_with_self( exercise_alg, handle );
|
||||
@ -2084,7 +2084,7 @@ void copy_key_policy( int source_usage_arg, int source_alg_arg,
|
||||
PSA_ASSERT( psa_allocate_key( &source_handle ) );
|
||||
psa_key_policy_set_usage( &source_policy, source_usage, source_alg );
|
||||
PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) );
|
||||
PSA_ASSERT( psa_import_key( source_handle, source_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( source_handle, source_type,
|
||||
material->x, material->len ) );
|
||||
PSA_ASSERT( psa_get_key_information( source_handle, NULL, &source_bits ) );
|
||||
|
||||
@ -2095,7 +2095,7 @@ void copy_key_policy( int source_usage_arg, int source_alg_arg,
|
||||
target_policy = psa_key_policy_init();
|
||||
|
||||
/* Copy the key. */
|
||||
PSA_ASSERT( psa_copy_key( source_handle, target_handle, p_constraint ) );
|
||||
PSA_ASSERT( psa_copy_key_to_handle( source_handle, target_handle, p_constraint ) );
|
||||
|
||||
/* Destroy the source to ensure that this doesn't affect the target. */
|
||||
PSA_ASSERT( psa_destroy_key( source_handle ) );
|
||||
@ -2170,7 +2170,7 @@ void copy_fail( int source_usage_arg, int source_alg_arg,
|
||||
PSA_ASSERT( psa_allocate_key( &source_handle ) );
|
||||
psa_key_policy_set_usage( &source_policy, source_usage, source_alg );
|
||||
PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) );
|
||||
PSA_ASSERT( psa_import_key( source_handle, source_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( source_handle, source_type,
|
||||
material->x, material->len ) );
|
||||
PSA_ASSERT( psa_get_key_information( source_handle, NULL, &source_bits ) );
|
||||
|
||||
@ -2181,7 +2181,7 @@ void copy_fail( int source_usage_arg, int source_alg_arg,
|
||||
target_policy = psa_key_policy_init();
|
||||
|
||||
/* Copy the key. */
|
||||
TEST_EQUAL( psa_copy_key( source_handle, target_handle, p_constraint ),
|
||||
TEST_EQUAL( psa_copy_key_to_handle( source_handle, target_handle, p_constraint ),
|
||||
expected_status );
|
||||
|
||||
/* Test that the target slot is unaffected. */
|
||||
@ -2588,7 +2588,7 @@ void mac_bad_order( )
|
||||
alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key, sizeof(key) ) );
|
||||
|
||||
/* Call update without calling setup beforehand. */
|
||||
@ -2715,7 +2715,7 @@ void mac_sign( int key_type_arg,
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key->x, key->len ) );
|
||||
|
||||
/* Calculate the MAC. */
|
||||
@ -2762,7 +2762,7 @@ void mac_verify( int key_type_arg,
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key->x, key->len ) );
|
||||
|
||||
PSA_ASSERT( psa_mac_verify_setup( &operation,
|
||||
@ -2882,7 +2882,7 @@ void cipher_bad_order( )
|
||||
PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
|
||||
alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key, sizeof(key) ) );
|
||||
|
||||
|
||||
@ -3040,7 +3040,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key->x, key->len ) );
|
||||
|
||||
PSA_ASSERT( psa_cipher_encrypt_setup( &operation,
|
||||
@ -3110,7 +3110,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key->x, key->len ) );
|
||||
|
||||
PSA_ASSERT( psa_cipher_encrypt_setup( &operation,
|
||||
@ -3186,7 +3186,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key->x, key->len ) );
|
||||
|
||||
PSA_ASSERT( psa_cipher_decrypt_setup( &operation,
|
||||
@ -3260,7 +3260,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key->x, key->len ) );
|
||||
|
||||
PSA_ASSERT( psa_cipher_decrypt_setup( &operation,
|
||||
@ -3327,7 +3327,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key->x, key->len ) );
|
||||
|
||||
PSA_ASSERT( psa_cipher_encrypt_setup( &operation1,
|
||||
@ -3413,7 +3413,7 @@ void cipher_verify_output_multipart( int alg_arg,
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key->x, key->len ) );
|
||||
|
||||
PSA_ASSERT( psa_cipher_encrypt_setup( &operation1,
|
||||
@ -3517,7 +3517,7 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data,
|
||||
alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key_data->x, key_data->len ) );
|
||||
|
||||
TEST_EQUAL( psa_aead_encrypt( handle, alg,
|
||||
@ -3580,7 +3580,7 @@ void aead_encrypt( int key_type_arg, data_t *key_data,
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT , alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key_data->x,
|
||||
key_data->len ) );
|
||||
|
||||
@ -3629,7 +3629,7 @@ void aead_decrypt( int key_type_arg, data_t *key_data,
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT , alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key_data->x,
|
||||
key_data->len ) );
|
||||
|
||||
@ -3688,7 +3688,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data,
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key_data->x,
|
||||
key_data->len ) );
|
||||
PSA_ASSERT( psa_get_key_information( handle,
|
||||
@ -3742,7 +3742,7 @@ void sign_fail( int key_type_arg, data_t *key_data,
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key_data->x,
|
||||
key_data->len ) );
|
||||
|
||||
@ -3785,7 +3785,7 @@ void sign_verify( int key_type_arg, data_t *key_data,
|
||||
alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key_data->x,
|
||||
key_data->len ) );
|
||||
PSA_ASSERT( psa_get_key_information( handle,
|
||||
@ -3852,7 +3852,7 @@ void asymmetric_verify( int key_type_arg, data_t *key_data,
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key_data->x,
|
||||
key_data->len ) );
|
||||
|
||||
@ -3885,7 +3885,7 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data,
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key_data->x,
|
||||
key_data->len ) );
|
||||
|
||||
@ -3929,7 +3929,7 @@ void asymmetric_encrypt( int key_type_arg,
|
||||
PSA_ASSERT( psa_allocate_key( &handle ) );
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key_data->x,
|
||||
key_data->len ) );
|
||||
|
||||
@ -3999,7 +3999,7 @@ void asymmetric_encrypt_decrypt( int key_type_arg,
|
||||
alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key_data->x,
|
||||
key_data->len ) );
|
||||
|
||||
@ -4065,7 +4065,7 @@ void asymmetric_decrypt( int key_type_arg,
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key_data->x,
|
||||
key_data->len ) );
|
||||
|
||||
@ -4129,7 +4129,7 @@ void asymmetric_decrypt_fail( int key_type_arg,
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key_data->x,
|
||||
key_data->len ) );
|
||||
|
||||
@ -4216,7 +4216,7 @@ void derive_setup( int key_type_arg,
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key_data->x,
|
||||
key_data->len ) );
|
||||
|
||||
@ -4253,7 +4253,7 @@ void test_derive_invalid_generator_state( )
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, key_type,
|
||||
key_data,
|
||||
sizeof( key_data ) ) );
|
||||
|
||||
@ -4348,7 +4348,7 @@ void derive_output( int alg_arg,
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, PSA_KEY_TYPE_DERIVE,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, PSA_KEY_TYPE_DERIVE,
|
||||
key_data->x,
|
||||
key_data->len ) );
|
||||
|
||||
@ -4445,7 +4445,7 @@ void derive_full( int alg_arg,
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
PSA_ASSERT( psa_import_key( handle, PSA_KEY_TYPE_DERIVE,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, PSA_KEY_TYPE_DERIVE,
|
||||
key_data->x,
|
||||
key_data->len ) );
|
||||
|
||||
@ -4533,7 +4533,7 @@ void derive_key_exercise( int alg_arg,
|
||||
PSA_ASSERT( psa_allocate_key( &base_handle ) );
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( base_handle, &policy ) );
|
||||
PSA_ASSERT( psa_import_key( base_handle, PSA_KEY_TYPE_DERIVE,
|
||||
PSA_ASSERT( psa_import_key_to_handle( base_handle, PSA_KEY_TYPE_DERIVE,
|
||||
key_data->x,
|
||||
key_data->len ) );
|
||||
|
||||
@ -4545,7 +4545,7 @@ void derive_key_exercise( int alg_arg,
|
||||
PSA_ASSERT( psa_allocate_key( &derived_handle ) );
|
||||
psa_key_policy_set_usage( &policy, derived_usage, derived_alg );
|
||||
PSA_ASSERT( psa_set_key_policy( derived_handle, &policy ) );
|
||||
PSA_ASSERT( psa_generator_import_key( derived_handle,
|
||||
PSA_ASSERT( psa_generator_import_key_to_handle( derived_handle,
|
||||
derived_type,
|
||||
derived_bits,
|
||||
&generator ) );
|
||||
@ -4597,7 +4597,7 @@ void derive_key_export( int alg_arg,
|
||||
PSA_ASSERT( psa_allocate_key( &base_handle ) );
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( base_handle, &policy ) );
|
||||
PSA_ASSERT( psa_import_key( base_handle, PSA_KEY_TYPE_DERIVE,
|
||||
PSA_ASSERT( psa_import_key_to_handle( base_handle, PSA_KEY_TYPE_DERIVE,
|
||||
key_data->x,
|
||||
key_data->len ) );
|
||||
|
||||
@ -4619,7 +4619,7 @@ void derive_key_export( int alg_arg,
|
||||
PSA_ASSERT( psa_allocate_key( &derived_handle ) );
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, 0 );
|
||||
PSA_ASSERT( psa_set_key_policy( derived_handle, &policy ) );
|
||||
PSA_ASSERT( psa_generator_import_key( derived_handle,
|
||||
PSA_ASSERT( psa_generator_import_key_to_handle( derived_handle,
|
||||
PSA_KEY_TYPE_RAW_DATA,
|
||||
derived_bits,
|
||||
&generator ) );
|
||||
@ -4630,7 +4630,7 @@ void derive_key_export( int alg_arg,
|
||||
PSA_ASSERT( psa_destroy_key( derived_handle ) );
|
||||
PSA_ASSERT( psa_allocate_key( &derived_handle ) );
|
||||
PSA_ASSERT( psa_set_key_policy( derived_handle, &policy ) );
|
||||
PSA_ASSERT( psa_generator_import_key( derived_handle,
|
||||
PSA_ASSERT( psa_generator_import_key_to_handle( derived_handle,
|
||||
PSA_KEY_TYPE_RAW_DATA,
|
||||
PSA_BYTES_TO_BITS( bytes2 ),
|
||||
&generator ) );
|
||||
@ -4672,7 +4672,7 @@ void key_agreement_setup( int alg_arg,
|
||||
PSA_ASSERT( psa_allocate_key( &our_key ) );
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( our_key, &policy ) );
|
||||
PSA_ASSERT( psa_import_key( our_key, our_key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( our_key, our_key_type,
|
||||
our_key_data->x,
|
||||
our_key_data->len ) );
|
||||
|
||||
@ -4719,7 +4719,7 @@ void raw_key_agreement( int alg_arg,
|
||||
PSA_ASSERT( psa_allocate_key( &our_key ) );
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( our_key, &policy ) );
|
||||
PSA_ASSERT( psa_import_key( our_key, our_key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( our_key, our_key_type,
|
||||
our_key_data->x,
|
||||
our_key_data->len ) );
|
||||
|
||||
@ -4756,7 +4756,7 @@ void key_agreement_capacity( int alg_arg,
|
||||
PSA_ASSERT( psa_allocate_key( &our_key ) );
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( our_key, &policy ) );
|
||||
PSA_ASSERT( psa_import_key( our_key, our_key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( our_key, our_key_type,
|
||||
our_key_data->x,
|
||||
our_key_data->len ) );
|
||||
|
||||
@ -4817,7 +4817,7 @@ void key_agreement_output( int alg_arg,
|
||||
PSA_ASSERT( psa_allocate_key( &our_key ) );
|
||||
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( our_key, &policy ) );
|
||||
PSA_ASSERT( psa_import_key( our_key, our_key_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( our_key, our_key_type,
|
||||
our_key_data->x,
|
||||
our_key_data->len ) );
|
||||
|
||||
@ -4932,7 +4932,7 @@ void generate_key( int type_arg,
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
/* Generate a key */
|
||||
TEST_EQUAL( psa_generate_key( handle, type, bits, NULL, 0 ),
|
||||
TEST_EQUAL( psa_generate_key_to_handle( handle, type, bits, NULL, 0 ),
|
||||
expected_status );
|
||||
|
||||
/* Test the key information */
|
||||
@ -4992,13 +4992,13 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg,
|
||||
{
|
||||
case IMPORT_KEY:
|
||||
/* Import the key */
|
||||
PSA_ASSERT( psa_import_key( handle, type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, type,
|
||||
data->x, data->len ) );
|
||||
break;
|
||||
|
||||
case GENERATE_KEY:
|
||||
/* Generate a key */
|
||||
PSA_ASSERT( psa_generate_key( handle, type, bits,
|
||||
PSA_ASSERT( psa_generate_key_to_handle( handle, type, bits,
|
||||
NULL, 0 ) );
|
||||
break;
|
||||
|
||||
@ -5009,14 +5009,14 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg,
|
||||
base_policy_alg );
|
||||
PSA_ASSERT( psa_set_key_policy(
|
||||
base_key, &base_policy_set ) );
|
||||
PSA_ASSERT( psa_import_key( base_key, PSA_KEY_TYPE_DERIVE,
|
||||
PSA_ASSERT( psa_import_key_to_handle( base_key, PSA_KEY_TYPE_DERIVE,
|
||||
data->x, data->len ) );
|
||||
/* Derive a key. */
|
||||
PSA_ASSERT( psa_key_derivation( &generator, base_key,
|
||||
base_policy_alg,
|
||||
NULL, 0, NULL, 0,
|
||||
export_size ) );
|
||||
PSA_ASSERT( psa_generator_import_key(
|
||||
PSA_ASSERT( psa_generator_import_key_to_handle(
|
||||
handle, PSA_KEY_TYPE_RAW_DATA,
|
||||
bits, &generator ) );
|
||||
break;
|
||||
|
@ -189,7 +189,7 @@ void validate_module_init_key_based( int count )
|
||||
PSA_ASSERT( status );
|
||||
mbedtls_psa_crypto_free( );
|
||||
}
|
||||
status = psa_import_key( 1, PSA_KEY_TYPE_RAW_DATA, data, sizeof( data ) );
|
||||
status = psa_import_key_to_handle( 1, PSA_KEY_TYPE_RAW_DATA, data, sizeof( data ) );
|
||||
TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
@ -98,7 +98,7 @@ void save_large_persistent_key( int data_too_large, int expected_status )
|
||||
PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
|
||||
&handle ) );
|
||||
|
||||
TEST_EQUAL( psa_import_key( handle, PSA_KEY_TYPE_RAW_DATA,
|
||||
TEST_EQUAL( psa_import_key_to_handle( handle, PSA_KEY_TYPE_RAW_DATA,
|
||||
data, data_length ),
|
||||
expected_status );
|
||||
|
||||
@ -126,7 +126,7 @@ void persistent_key_destroy( int key_id_arg, int should_store,
|
||||
|
||||
if( should_store == 1 )
|
||||
{
|
||||
PSA_ASSERT( psa_import_key(
|
||||
PSA_ASSERT( psa_import_key_to_handle(
|
||||
handle, first_type,
|
||||
first_data->x, first_data->len ) );
|
||||
}
|
||||
@ -147,7 +147,7 @@ void persistent_key_destroy( int key_id_arg, int should_store,
|
||||
/* Create another key in the same slot */
|
||||
PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
|
||||
&handle ) );
|
||||
PSA_ASSERT( psa_import_key(
|
||||
PSA_ASSERT( psa_import_key_to_handle(
|
||||
handle, second_type,
|
||||
second_data->x, second_data->len ) );
|
||||
|
||||
@ -170,7 +170,7 @@ void persistent_key_import( int key_id_arg, int type_arg, data_t *data,
|
||||
|
||||
PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
|
||||
&handle ) );
|
||||
TEST_EQUAL( psa_import_key( handle, type, data->x, data->len ),
|
||||
TEST_EQUAL( psa_import_key_to_handle( handle, type, data->x, data->len ),
|
||||
expected_status );
|
||||
|
||||
if( expected_status != PSA_SUCCESS )
|
||||
@ -179,7 +179,7 @@ void persistent_key_import( int key_id_arg, int type_arg, data_t *data,
|
||||
goto exit;
|
||||
}
|
||||
|
||||
PSA_ASSERT( psa_get_key_lifetime( handle, &lifetime ) );
|
||||
PSA_ASSERT( psa_get_key_lifetime_from_handle( handle, &lifetime ) );
|
||||
TEST_EQUAL( lifetime, PSA_KEY_LIFETIME_PERSISTENT );
|
||||
|
||||
exit:
|
||||
@ -215,10 +215,10 @@ void import_export_persistent_key( data_t *data, int type_arg,
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
|
||||
/* Import the key */
|
||||
PSA_ASSERT( psa_import_key( handle, type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, type,
|
||||
data->x, data->len ) );
|
||||
|
||||
PSA_ASSERT( psa_get_key_lifetime( handle, &lifetime_get ) );
|
||||
PSA_ASSERT( psa_get_key_lifetime_from_handle( handle, &lifetime_get ) );
|
||||
TEST_EQUAL( lifetime_get, PSA_KEY_LIFETIME_PERSISTENT );
|
||||
|
||||
/* Test the key information */
|
||||
|
@ -84,7 +84,7 @@ void transient_slot_lifecycle( int alg_arg, int usage_arg,
|
||||
TEST_ASSERT( handle != 0 );
|
||||
psa_key_policy_set_usage( &policy, usage_flags, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
PSA_ASSERT( psa_import_key( handle, type, key_data->x, key_data->len ) );
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, type, key_data->x, key_data->len ) );
|
||||
PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) );
|
||||
TEST_EQUAL( read_type, type );
|
||||
|
||||
@ -137,7 +137,7 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg,
|
||||
TEST_ASSERT( handle != 0 );
|
||||
psa_key_policy_set_usage( &policy, usage_flags, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
PSA_ASSERT( psa_import_key( handle, type, key_data->x, key_data->len ) );
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, type, key_data->x, key_data->len ) );
|
||||
PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) );
|
||||
TEST_EQUAL( read_type, type );
|
||||
|
||||
@ -215,7 +215,7 @@ void create_existent( int lifetime_arg, int id_arg,
|
||||
TEST_ASSERT( handle1 != 0 );
|
||||
psa_key_policy_set_usage( &policy1, PSA_KEY_USAGE_EXPORT, 0 );
|
||||
PSA_ASSERT( psa_set_key_policy( handle1, &policy1 ) );
|
||||
PSA_ASSERT( psa_import_key( handle1, type1,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle1, type1,
|
||||
material1, sizeof( material1 ) ) );
|
||||
|
||||
if( reopen_policy == CLOSE_BEFORE )
|
||||
@ -334,7 +334,7 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg,
|
||||
&source_handle ) );
|
||||
psa_key_policy_set_usage( &source_policy, source_usage, source_alg );
|
||||
PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) );
|
||||
PSA_ASSERT( psa_import_key( source_handle, source_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( source_handle, source_type,
|
||||
material->x, material->len ) );
|
||||
PSA_ASSERT( psa_get_key_information( source_handle, NULL, &source_bits ) );
|
||||
|
||||
@ -349,7 +349,7 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg,
|
||||
target_policy = psa_key_policy_init();
|
||||
|
||||
/* Copy the key. */
|
||||
PSA_ASSERT( psa_copy_key( source_handle, target_handle, NULL ) );
|
||||
PSA_ASSERT( psa_copy_key_to_handle( source_handle, target_handle, NULL ) );
|
||||
|
||||
/* Destroy the source to ensure that this doesn't affect the target. */
|
||||
PSA_ASSERT( psa_destroy_key( source_handle ) );
|
||||
@ -435,7 +435,7 @@ void copy_from_empty( int source_lifetime_arg, int source_id_arg,
|
||||
PSA_ASSERT( psa_set_key_policy( target_handle, &target_policy ) );
|
||||
|
||||
/* Copy the key. */
|
||||
TEST_EQUAL( psa_copy_key( source_handle, target_handle, NULL ),
|
||||
TEST_EQUAL( psa_copy_key_to_handle( source_handle, target_handle, NULL ),
|
||||
PSA_ERROR_DOES_NOT_EXIST );
|
||||
|
||||
/* Test that the slots are unaffected. */
|
||||
@ -496,7 +496,7 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg,
|
||||
&source_handle ) );
|
||||
psa_key_policy_set_usage( &source_policy, source_usage, source_alg );
|
||||
PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) );
|
||||
PSA_ASSERT( psa_import_key( source_handle, source_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( source_handle, source_type,
|
||||
source_material->x, source_material->len ) );
|
||||
PSA_ASSERT( psa_get_key_information( source_handle, NULL, &source_bits ) );
|
||||
|
||||
@ -508,12 +508,12 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg,
|
||||
&target_handle ) );
|
||||
psa_key_policy_set_usage( &target_policy, target_usage, target_alg );
|
||||
PSA_ASSERT( psa_set_key_policy( target_handle, &target_policy ) );
|
||||
PSA_ASSERT( psa_import_key( target_handle, target_type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( target_handle, target_type,
|
||||
target_material->x, target_material->len ) );
|
||||
PSA_ASSERT( psa_get_key_information( target_handle, NULL, &target_bits ) );
|
||||
|
||||
/* Copy the key. */
|
||||
TEST_EQUAL( psa_copy_key( source_handle, target_handle, NULL ),
|
||||
TEST_EQUAL( psa_copy_key_to_handle( source_handle, target_handle, NULL ),
|
||||
PSA_ERROR_ALREADY_EXISTS );
|
||||
|
||||
/* Test that the target slot is unaffected. */
|
||||
@ -573,12 +573,12 @@ void copy_to_same( int lifetime_arg, int id_arg,
|
||||
&handle ) );
|
||||
psa_key_policy_set_usage( &policy, usage, alg );
|
||||
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
|
||||
PSA_ASSERT( psa_import_key( handle, type,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle, type,
|
||||
material->x, material->len ) );
|
||||
PSA_ASSERT( psa_get_key_information( handle, NULL, &bits ) );
|
||||
|
||||
/* Copy the key. */
|
||||
TEST_EQUAL( psa_copy_key( handle, handle, NULL ),
|
||||
TEST_EQUAL( psa_copy_key_to_handle( handle, handle, NULL ),
|
||||
PSA_ERROR_ALREADY_EXISTS );
|
||||
|
||||
/* Test that the slot is unaffected. */
|
||||
@ -624,7 +624,7 @@ void invalid_handle( )
|
||||
TEST_ASSERT( handle1 != 0 );
|
||||
psa_key_policy_set_usage( &policy, 0, 0 );
|
||||
PSA_ASSERT( psa_set_key_policy( handle1, &policy ) );
|
||||
PSA_ASSERT( psa_import_key( handle1, PSA_KEY_TYPE_RAW_DATA,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handle1, PSA_KEY_TYPE_RAW_DATA,
|
||||
material, sizeof( material ) ) );
|
||||
|
||||
/* Attempt to close and destroy some invalid handles. */
|
||||
@ -671,7 +671,7 @@ void many_transient_handles( int max_handles_arg )
|
||||
for( j = 0; j < i; j++ )
|
||||
TEST_ASSERT( handles[i] != handles[j] );
|
||||
PSA_ASSERT( psa_set_key_policy( handles[i], &policy ) );
|
||||
PSA_ASSERT( psa_import_key( handles[i], PSA_KEY_TYPE_RAW_DATA,
|
||||
PSA_ASSERT( psa_import_key_to_handle( handles[i], PSA_KEY_TYPE_RAW_DATA,
|
||||
(uint8_t *) &i, sizeof( i ) ) );
|
||||
}
|
||||
max_handles = i;
|
||||
|
Loading…
Reference in New Issue
Block a user