Refactor key derivation setup in tests
This commit is contained in:
parent
e7e4706230
commit
f2815eaec6
@ -517,57 +517,76 @@ exit:
|
|||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static int setup_key_derivation_wrap( psa_key_derivation_operation_t* operation,
|
||||||
|
psa_key_handle_t handle,
|
||||||
|
psa_algorithm_t alg,
|
||||||
|
unsigned char* input1, size_t input1_length,
|
||||||
|
unsigned char* input2, size_t input2_length,
|
||||||
|
size_t capacity )
|
||||||
|
{
|
||||||
|
PSA_ASSERT( psa_key_derivation_setup( operation, alg ) );
|
||||||
|
if( PSA_ALG_IS_HKDF( alg ) )
|
||||||
|
{
|
||||||
|
PSA_ASSERT( psa_key_derivation_input_bytes( operation,
|
||||||
|
PSA_KEY_DERIVATION_INPUT_SALT,
|
||||||
|
input1, input1_length ) );
|
||||||
|
PSA_ASSERT( psa_key_derivation_input_key( operation,
|
||||||
|
PSA_KEY_DERIVATION_INPUT_SECRET,
|
||||||
|
handle ) );
|
||||||
|
PSA_ASSERT( psa_key_derivation_input_bytes( operation,
|
||||||
|
PSA_KEY_DERIVATION_INPUT_INFO,
|
||||||
|
input2,
|
||||||
|
input2_length ) );
|
||||||
|
}
|
||||||
|
else if( PSA_ALG_IS_TLS12_PRF( alg ) ||
|
||||||
|
PSA_ALG_IS_TLS12_PSK_TO_MS( alg ) )
|
||||||
|
{
|
||||||
|
PSA_ASSERT( psa_key_derivation_input_bytes( operation,
|
||||||
|
PSA_KEY_DERIVATION_INPUT_SEED,
|
||||||
|
input1, input1_length ) );
|
||||||
|
PSA_ASSERT( psa_key_derivation_input_key( operation,
|
||||||
|
PSA_KEY_DERIVATION_INPUT_SECRET,
|
||||||
|
handle ) );
|
||||||
|
PSA_ASSERT( psa_key_derivation_input_bytes( operation,
|
||||||
|
PSA_KEY_DERIVATION_INPUT_LABEL,
|
||||||
|
input2, input2_length ) );
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
TEST_ASSERT( ! "Key derivation algorithm not supported" );
|
||||||
|
}
|
||||||
|
|
||||||
|
PSA_ASSERT( psa_key_derivation_set_capacity( operation, capacity ) );
|
||||||
|
|
||||||
|
return( 1 );
|
||||||
|
|
||||||
|
exit:
|
||||||
|
return( 0 );
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
static int exercise_key_derivation_key( psa_key_handle_t handle,
|
static int exercise_key_derivation_key( psa_key_handle_t handle,
|
||||||
psa_key_usage_t usage,
|
psa_key_usage_t usage,
|
||||||
psa_algorithm_t alg )
|
psa_algorithm_t alg )
|
||||||
{
|
{
|
||||||
psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
|
psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
|
||||||
unsigned char label[16] = "This is a label.";
|
unsigned char input1[] = "Input 1";
|
||||||
size_t label_length = sizeof( label );
|
size_t input1_length = sizeof( input1 );
|
||||||
unsigned char seed[16] = "abcdefghijklmnop";
|
unsigned char input2[] = "Input 2";
|
||||||
size_t seed_length = sizeof( seed );
|
size_t input2_length = sizeof( input2 );
|
||||||
unsigned char output[1];
|
unsigned char output[1];
|
||||||
|
size_t capacity = sizeof( output );
|
||||||
|
|
||||||
if( usage & PSA_KEY_USAGE_DERIVE )
|
if( usage & PSA_KEY_USAGE_DERIVE )
|
||||||
{
|
{
|
||||||
PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) );
|
if( !setup_key_derivation_wrap( &operation, handle, alg,
|
||||||
if( PSA_ALG_IS_HKDF( alg ) )
|
input1, input1_length,
|
||||||
{
|
input2, input2_length, capacity ) )
|
||||||
PSA_ASSERT( psa_key_derivation_input_bytes( &operation,
|
goto exit;
|
||||||
PSA_KEY_DERIVATION_INPUT_SALT,
|
|
||||||
label,
|
|
||||||
label_length ) );
|
|
||||||
PSA_ASSERT( psa_key_derivation_input_key( &operation,
|
|
||||||
PSA_KEY_DERIVATION_INPUT_SECRET,
|
|
||||||
handle ) );
|
|
||||||
PSA_ASSERT( psa_key_derivation_input_bytes( &operation,
|
|
||||||
PSA_KEY_DERIVATION_INPUT_INFO,
|
|
||||||
seed,
|
|
||||||
seed_length ) );
|
|
||||||
}
|
|
||||||
else if( PSA_ALG_IS_TLS12_PRF( alg ) ||
|
|
||||||
PSA_ALG_IS_TLS12_PSK_TO_MS( alg ) )
|
|
||||||
{
|
|
||||||
PSA_ASSERT( psa_key_derivation_input_bytes( &operation,
|
|
||||||
PSA_KEY_DERIVATION_INPUT_SEED,
|
|
||||||
seed,
|
|
||||||
seed_length ) );
|
|
||||||
PSA_ASSERT( psa_key_derivation_input_key( &operation,
|
|
||||||
PSA_KEY_DERIVATION_INPUT_SECRET,
|
|
||||||
handle ) );
|
|
||||||
PSA_ASSERT( psa_key_derivation_input_bytes( &operation,
|
|
||||||
PSA_KEY_DERIVATION_INPUT_LABEL,
|
|
||||||
label,
|
|
||||||
label_length ) );
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
TEST_ASSERT( ! "Key derivation algorithm not supported" );
|
|
||||||
}
|
|
||||||
|
|
||||||
PSA_ASSERT( psa_key_derivation_output_bytes( &operation,
|
PSA_ASSERT( psa_key_derivation_output_bytes( &operation,
|
||||||
output,
|
output,
|
||||||
sizeof( output ) ) );
|
capacity ) );
|
||||||
PSA_ASSERT( psa_key_derivation_abort( &operation ) );
|
PSA_ASSERT( psa_key_derivation_abort( &operation ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -4362,40 +4381,11 @@ void derive_full( int alg_arg,
|
|||||||
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
|
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
|
||||||
&handle ) );
|
&handle ) );
|
||||||
|
|
||||||
PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) );
|
if( !setup_key_derivation_wrap( &operation, handle, alg,
|
||||||
PSA_ASSERT( psa_key_derivation_set_capacity( &operation,
|
input1->x, input1->len,
|
||||||
requested_capacity ) );
|
input2->x, input2->len,
|
||||||
|
requested_capacity ) )
|
||||||
/* Extraction phase. */
|
goto exit;
|
||||||
if( PSA_ALG_IS_HKDF( alg ) )
|
|
||||||
{
|
|
||||||
PSA_ASSERT( psa_key_derivation_input_bytes( &operation,
|
|
||||||
PSA_KEY_DERIVATION_INPUT_SALT,
|
|
||||||
input1->x, input1->len ) );
|
|
||||||
PSA_ASSERT( psa_key_derivation_input_key( &operation,
|
|
||||||
PSA_KEY_DERIVATION_INPUT_SECRET,
|
|
||||||
handle ) );
|
|
||||||
PSA_ASSERT( psa_key_derivation_input_bytes( &operation,
|
|
||||||
PSA_KEY_DERIVATION_INPUT_INFO,
|
|
||||||
input2->x, input2->len ) );
|
|
||||||
}
|
|
||||||
else if( PSA_ALG_IS_TLS12_PRF( alg ) ||
|
|
||||||
PSA_ALG_IS_TLS12_PSK_TO_MS( alg ) )
|
|
||||||
{
|
|
||||||
PSA_ASSERT( psa_key_derivation_input_bytes( &operation,
|
|
||||||
PSA_KEY_DERIVATION_INPUT_SEED,
|
|
||||||
input1->x, input1->len ) );
|
|
||||||
PSA_ASSERT( psa_key_derivation_input_key( &operation,
|
|
||||||
PSA_KEY_DERIVATION_INPUT_SECRET,
|
|
||||||
handle ) );
|
|
||||||
PSA_ASSERT( psa_key_derivation_input_bytes( &operation,
|
|
||||||
PSA_KEY_DERIVATION_INPUT_LABEL,
|
|
||||||
input2->x, input2->len ) );
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
TEST_ASSERT( ! "Key derivation algorithm not supported" );
|
|
||||||
}
|
|
||||||
|
|
||||||
PSA_ASSERT( psa_key_derivation_get_capacity( &operation,
|
PSA_ASSERT( psa_key_derivation_get_capacity( &operation,
|
||||||
¤t_capacity ) );
|
¤t_capacity ) );
|
||||||
|
Loading…
Reference in New Issue
Block a user