ssl_test_lib: add function translate given opaque algoritms to psa
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
diff --git a/programs/ssl/ssl_test_lib.c b/programs/ssl/ssl_test_lib.c
index 094a65d..c0704d0 100644
--- a/programs/ssl/ssl_test_lib.c
+++ b/programs/ssl/ssl_test_lib.c
@@ -221,6 +221,70 @@
return 0;
}
+int key_opaque_set_alg_usage( const char *alg1, const char *alg2,
+ psa_algorithm_t *psa_alg1,
+ psa_algorithm_t *psa_alg2,
+ psa_key_usage_t *usage )
+{
+ if( strcmp( alg1, "rsa-sign-pkcs1" ) == 0 )
+ {
+ *psa_alg1 = PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_ANY_HASH );
+ *usage = PSA_KEY_USAGE_SIGN_HASH;
+ }
+ else if ( strcmp( alg1, "rsa-sign-pss" ) == 0 )
+ {
+ *psa_alg1 = PSA_ALG_RSA_PSS( PSA_ALG_ANY_HASH );
+ *usage = PSA_KEY_USAGE_SIGN_HASH;
+ }
+ else if ( strcmp( alg1, "rsa-decrypt" ) == 0 )
+ {
+ *psa_alg1 = PSA_ALG_RSA_PKCS1V15_CRYPT;
+ *usage = PSA_KEY_USAGE_DECRYPT;
+ }
+ else if ( strcmp( alg1, "ecdsa-sign" ) == 0 )
+ {
+ *psa_alg1 = PSA_ALG_ECDSA( PSA_ALG_ANY_HASH );
+ *usage = PSA_KEY_USAGE_SIGN_HASH;
+ }
+ else if ( strcmp( alg1, "ecdh" ) == 0 )
+ {
+ *psa_alg1 = PSA_ALG_ECDH;
+ *usage = PSA_KEY_USAGE_DERIVE;
+ }
+
+ if( strcmp( alg2, "rsa-sign-pkcs1" ) == 0 )
+ {
+ *psa_alg1 = PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_ANY_HASH );
+ *usage |= PSA_KEY_USAGE_SIGN_HASH;
+ }
+ else if( strcmp( alg2, "rsa-sign-pss" ) == 0 )
+ {
+ *psa_alg2 = PSA_ALG_RSA_PSS( PSA_ALG_ANY_HASH );
+ *usage |= PSA_KEY_USAGE_SIGN_HASH;
+ }
+ else if( strcmp( alg2, "rsa-decrypt" ) == 0 )
+ {
+ *psa_alg2 = PSA_ALG_RSA_PKCS1V15_CRYPT;
+ *usage |= PSA_KEY_USAGE_DECRYPT;
+ }
+ else if( strcmp( alg2, "ecdsa-sign" ) == 0 )
+ {
+ *psa_alg2 = PSA_ALG_ECDSA( PSA_ALG_ANY_HASH );
+ *usage |= PSA_KEY_USAGE_SIGN_HASH;
+ }
+ else if( strcmp( alg2, "ecdh" ) == 0 )
+ {
+ *psa_alg2 = PSA_ALG_ECDH;
+ *usage |= PSA_KEY_USAGE_DERIVE;
+ }
+ else if( strcmp( alg2, "none" ) == 0 )
+ {
+ *psa_alg2 = PSA_ALG_NONE;
+ }
+
+ return 0;
+}
+
#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
int ca_callback( void *data, mbedtls_x509_crt const *child,
mbedtls_x509_crt **candidates )
diff --git a/programs/ssl/ssl_test_lib.h b/programs/ssl/ssl_test_lib.h
index e0ee79d..618da51 100644
--- a/programs/ssl/ssl_test_lib.h
+++ b/programs/ssl/ssl_test_lib.h
@@ -240,6 +240,24 @@
*/
int key_opaque_alg_parse( const char *arg, const char **alg1, const char **alg2 );
+/** Parse given opaque key algoritms to obtain psa algs and usage
+ * that will be passed to mbedtls_pk_wrap_as_opaque().
+ *
+ *
+ * \param alg1 input string opaque key algorithm #1
+ * \param alg1 input string opaque key algorithm #2
+ * \param psa_alg1 output PSA algorithm #1
+ * \param psa_alg2 output PSA algorithm #2
+ * \param usage output key usage
+ *
+ * \return \c 0 on success.
+ * \return \c 1 on parse failure.
+ */
+int key_opaque_set_alg_usage( const char *alg1, const char *alg2,
+ psa_algorithm_t *psa_alg1,
+ psa_algorithm_t *psa_alg2,
+ psa_key_usage_t *usage );
+
#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
/* The test implementation of the PSA external RNG is insecure. When
* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG is enabled, before using any PSA crypto