TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / 4d7ae1d8cfb1046f681d51eb9dd3c5ae05c3274f^! / . / library / psa_crypto.c
commit4d7ae1d8cfb1046f681d51eb9dd3c5ae05c3274f[log] [tgz]
authorArchana <archana.madhavan@silabs.com>Wed Jul 07 02:50:22 2021 +0530
committerArchana <archana.madhavan@silabs.com>Wed Sep 08 22:03:54 2021 +0530
tree1d4946eba55a4b2ee0c6787a1009a120dcf7a051
parentd8a83dc17235b13a3ed1bd7db8afde1d3111fc73 [diff] [blame]
Add test driver support for opaque key import

-Add test driver support to import/export while wrapping keys
 meant to be stored in the PSA core as opaque( emulating an
 SE without storage ).
-Export validate_unstructured_key_bit_size as
 psa_validate_unstructured_key_bit_size, thereby changing its scope.
-Improve the import/export test cases in test_suite_psa_crypto to also
 cover opaque keys, thereby avoiding duplication.

Signed-off-by: Archana <archana.madhavan@silabs.com>

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index d70dccb..cea165c 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c

@@ -430,8 +430,8 @@
         * defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) ||
         * defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) */
 
-static psa_status_t validate_unstructured_key_bit_size( psa_key_type_t type,
-                                                        size_t bits )
+psa_status_t psa_validate_unstructured_key_bit_size( psa_key_type_t type,
+                                                   size_t bits )
 {
     /* Check that the bit size is acceptable for the key type */
     switch( type )
@@ -560,14 +560,14 @@
 
         /* Ensure that the bytes-to-bits conversion hasn't overflown. */
         if( data_length > SIZE_MAX / 8 )
-            return( PSA_ERROR_NOT_SUPPORTED );
+            return( status );
 
         /* Enforce a size limit, and in particular ensure that the bit
          * size fits in its representation type. */
         if( ( *bits ) > PSA_MAX_KEY_BITS )
-            return( PSA_ERROR_NOT_SUPPORTED );
+            return( status );
 
-        status = validate_unstructured_key_bit_size( type, *bits );
+        status = psa_validate_unstructured_key_bit_size( attributes->core.type, *bits );
         if( status != PSA_SUCCESS )
             return( status );
 
@@ -1907,8 +1907,9 @@
         goto exit;
 
     /* In the case of a transparent key or an opaque key stored in local
-     * storage, we have to allocate a buffer to hold the generated key
-     * material. */
+     * storage( thus not in the case of the old-style secure element interface
+     * (MBEDTLS_PSA_CRYPTO_SE_C)),we have to allocate a buffer to hold the
+     * imported key material. */
     if( slot->key.data == NULL )
     {
         if( psa_key_lifetime_is_external( attributes->core.lifetime ) )
@@ -5061,7 +5062,7 @@
 
     if( key_type_is_raw_bytes( type ) )
     {
-        status = validate_unstructured_key_bit_size( type, bits );
+        status = psa_validate_unstructured_key_bit_size( type, bits );
         if( status != PSA_SUCCESS )
             return( status );
     }
@@ -5171,9 +5172,9 @@
         goto exit;
 
     /* In the case of a transparent key or an opaque key stored in local
-     * storage (thus not in the case of generating a key in a secure element
-     * or cryptoprocessor with storage), we have to allocate a buffer to
-     * hold the generated key material. */
+     * storage( thus not in the case of the old-style secure element interface
+     * (MBEDTLS_PSA_CRYPTO_SE_C)),we have to allocate a buffer to hold the
+     * imported key material. */
     if( slot->key.data == NULL )
     {
         if ( PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ) ==