Merge pull request #16 from itayzafrir/spm-support-crypto-handles-api
Support for slots to handles crypto API changes under SPM
diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 683feb8..da3ed93 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -124,14 +124,6 @@
* application calls psa_close_key() or psa_destroy_key() or until the
* application terminates.
*
- * This function takes a key type and maximum size as arguments so that
- * the implementation can reserve a corresponding amount of memory.
- * Implementations are not required to enforce this limit: if the application
- * later tries to create a larger key or a key of a different type, it
- * is implementation-defined whether this may succeed.
- *
- * \param type The type of key that the slot will contain.
- * \param max_bits The maximum key size that the slot will contain.
* \param[out] handle On success, a handle to a volatile key slot.
*
* \retval #PSA_SUCCESS
@@ -140,13 +132,8 @@
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* There was not enough memory, or the maximum number of key slots
* has been reached.
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- * This implementation does not support this key type.
*/
-
-psa_status_t psa_allocate_key(psa_key_type_t type,
- size_t max_bits,
- psa_key_handle_t *handle);
+psa_status_t psa_allocate_key(psa_key_handle_t *handle);
/** Open a handle to an existing persistent key.
*
@@ -192,8 +179,6 @@
* area where the key material is stored. This must not
* be #PSA_KEY_LIFETIME_VOLATILE.
* \param id The persistent identifier of the key.
- * \param type The type of key that the slot will contain.
- * \param max_bits The maximum key size that the slot will contain.
* \param[out] handle On success, a handle to the newly created key slot.
* When key material is later created in this key slot,
* it will be saved to the specified persistent location.
@@ -218,8 +203,6 @@
*/
psa_status_t psa_create_key(psa_key_lifetime_t lifetime,
psa_key_id_t id,
- psa_key_type_t type,
- size_t max_bits,
psa_key_handle_t *handle);
/** Close a key handle.
@@ -261,11 +244,9 @@
* according to a different format.
*
* \param handle Handle to the slot where the key will be stored.
- * This must be a valid slot for a key of the chosen
- * type: it must have been obtained by calling
- * psa_allocate_key() or psa_create_key() with the
- * correct \p type and with a maximum size that is
- * compatible with \p data.
+ * It must have been obtained by calling
+ * psa_allocate_key() or psa_create_key() and must
+ * not contain key material yet.
* \param type Key type (a \c PSA_KEY_TYPE_XXX value). On a successful
* import, the key slot will contain a key of this type.
* \param[in] data Buffer containing the key data. The content of this
@@ -921,6 +902,33 @@
*/
psa_status_t psa_hash_abort(psa_hash_operation_t *operation);
+/** Clone a hash operation.
+ *
+ * This function copies the state of an ongoing hash operation to
+ * a new operation object. In other words, this function is equivalent
+ * to calling psa_hash_setup() on \p target_operation with the same
+ * algorithm that \p source_operation was set up for, then
+ * psa_hash_update() on \p target_operation with the same input that
+ * that was passed to \p source_operation. After this function returns, the
+ * two objects are independent, i.e. subsequent calls involving one of
+ * the objects do not affect the other object.
+ *
+ * \param[in] source_operation The active hash operation to clone.
+ * \param[in,out] target_operation The operation object to set up.
+ * It must be initialized but not active.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_BAD_STATE
+ * \p source_operation is not an active hash operation.
+ * \retval #PSA_ERROR_BAD_STATE
+ * \p target_operation is active.
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation,
+ psa_hash_operation_t *target_operation);
+
/**@}*/
/** \defgroup MAC Message authentication codes
@@ -2005,12 +2013,9 @@
* the key material is not exposed outside the isolation boundary.
*
* \param handle Handle to the slot where the key will be stored.
- * This must be a valid slot for a key of the chosen
- * type: it must have been obtained by calling
- * psa_allocate_key() or psa_create_key() with the
- * correct \p type and with a maximum size that is
- * compatible with \p bits.
- * It must not contain any key material yet.
+ * It must have been obtained by calling
+ * psa_allocate_key() or psa_create_key() and must
+ * not contain key material yet.
* \param type Key type (a \c PSA_KEY_TYPE_XXX value).
* This must be a symmetric key type.
* \param bits Key size in bits.
@@ -2232,12 +2237,9 @@
* \brief Generate a key or key pair.
*
* \param handle Handle to the slot where the key will be stored.
- * This must be a valid slot for a key of the chosen
- * type: it must have been obtained by calling
- * psa_allocate_key() or psa_create_key() with the
- * correct \p type and with a maximum size that is
- * compatible with \p bits.
- * It must not contain any key material yet.
+ * It must have been obtained by calling
+ * psa_allocate_key() or psa_create_key() and must
+ * not contain key material yet.
* \param type Key type (a \c PSA_KEY_TYPE_XXX value).
* \param bits Key size in bits.
* \param[in] extra Extra parameters for key generation. The
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 82cb158..1b961b8 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1422,6 +1422,67 @@
return( PSA_SUCCESS );
}
+psa_status_t psa_hash_clone( const psa_hash_operation_t *source_operation,
+ psa_hash_operation_t *target_operation )
+{
+ if( target_operation->alg != 0 )
+ return( PSA_ERROR_BAD_STATE );
+
+ switch( source_operation->alg )
+ {
+ case 0:
+ return( PSA_ERROR_BAD_STATE );
+#if defined(MBEDTLS_MD2_C)
+ case PSA_ALG_MD2:
+ mbedtls_md2_clone( &target_operation->ctx.md2,
+ &source_operation->ctx.md2 );
+ break;
+#endif
+#if defined(MBEDTLS_MD4_C)
+ case PSA_ALG_MD4:
+ mbedtls_md4_clone( &target_operation->ctx.md4,
+ &source_operation->ctx.md4 );
+ break;
+#endif
+#if defined(MBEDTLS_MD5_C)
+ case PSA_ALG_MD5:
+ mbedtls_md5_clone( &target_operation->ctx.md5,
+ &source_operation->ctx.md5 );
+ break;
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+ case PSA_ALG_RIPEMD160:
+ mbedtls_ripemd160_clone( &target_operation->ctx.ripemd160,
+ &source_operation->ctx.ripemd160 );
+ break;
+#endif
+#if defined(MBEDTLS_SHA1_C)
+ case PSA_ALG_SHA_1:
+ mbedtls_sha1_clone( &target_operation->ctx.sha1,
+ &source_operation->ctx.sha1 );
+ break;
+#endif
+#if defined(MBEDTLS_SHA256_C)
+ case PSA_ALG_SHA_224:
+ case PSA_ALG_SHA_256:
+ mbedtls_sha256_clone( &target_operation->ctx.sha256,
+ &source_operation->ctx.sha256 );
+ break;
+#endif
+#if defined(MBEDTLS_SHA512_C)
+ case PSA_ALG_SHA_384:
+ case PSA_ALG_SHA_512:
+ mbedtls_sha512_clone( &target_operation->ctx.sha512,
+ &source_operation->ctx.sha512 );
+ break;
+#endif
+ default:
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+
+ target_operation->alg = source_operation->alg;
+ return( PSA_SUCCESS );
+}
/****************************************************************/
diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index 8b739aa..c151c5e 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -157,13 +157,8 @@
return( psa_wipe_key_slot( slot ) );
}
-psa_status_t psa_allocate_key( psa_key_type_t type,
- size_t max_bits,
- psa_key_handle_t *handle )
+psa_status_t psa_allocate_key( psa_key_handle_t *handle )
{
- /* This implementation doesn't reserve memory for the keys. */
- (void) type;
- (void) max_bits;
*handle = 0;
return( psa_internal_allocate_key_slot( handle ) );
}
@@ -274,16 +269,10 @@
psa_status_t psa_create_key( psa_key_lifetime_t lifetime,
psa_key_id_t id,
- psa_key_type_t type,
- size_t max_bits,
psa_key_handle_t *handle )
{
psa_status_t status;
- /* This implementation doesn't reserve memory for the keys. */
- (void) type;
- (void) max_bits;
-
status = persistent_key_setup( lifetime, id, handle,
PSA_ERROR_EMPTY_SLOT );
switch( status )
diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c
index db85468..7291c34 100644
--- a/programs/psa/crypto_examples.c
+++ b/programs/psa/crypto_examples.c
@@ -176,7 +176,7 @@
status = psa_generate_random( input, sizeof( input ) );
ASSERT_STATUS( status, PSA_SUCCESS );
- status = psa_allocate_key( PSA_KEY_TYPE_AES, key_bits, &key_handle );
+ status = psa_allocate_key( &key_handle );
ASSERT_STATUS( status, PSA_SUCCESS );
status = set_key_policy( key_handle,
@@ -226,7 +226,7 @@
status = psa_generate_random( input, sizeof( input ) );
ASSERT_STATUS( status, PSA_SUCCESS );
- status = psa_allocate_key( PSA_KEY_TYPE_AES, key_bits, &key_handle );
+ status = psa_allocate_key( &key_handle );
ASSERT_STATUS( status, PSA_SUCCESS );
status = set_key_policy( key_handle,
@@ -275,7 +275,7 @@
status = psa_generate_random( input, sizeof( input ) );
ASSERT_STATUS( status, PSA_SUCCESS );
- status = psa_allocate_key( PSA_KEY_TYPE_AES, key_bits, &key_handle );
+ status = psa_allocate_key( &key_handle );
ASSERT_STATUS( status, PSA_SUCCESS );
status = set_key_policy( key_handle,
PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c
index 66f66fc..45a9b6f 100644
--- a/programs/psa/key_ladder_demo.c
+++ b/programs/psa/key_ladder_demo.c
@@ -211,9 +211,7 @@
psa_key_handle_t key_handle = 0;
psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
- PSA_CHECK( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
- PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ),
- &key_handle ) );
+ PSA_CHECK( psa_allocate_key( &key_handle ) );
psa_key_policy_set_usage( &policy,
PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT,
KDF_ALG );
@@ -263,9 +261,7 @@
SYS_CHECK( fclose( key_file ) == 0 );
key_file = NULL;
- PSA_CHECK( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
- PSA_BYTES_TO_BITS( key_size ),
- master_key_handle ) );
+ PSA_CHECK( psa_allocate_key( master_key_handle ) );
psa_key_policy_set_usage( &policy, usage, alg );
PSA_CHECK( psa_set_key_policy( *master_key_handle, &policy ) );
PSA_CHECK( psa_import_key( *master_key_handle,
@@ -318,9 +314,7 @@
* since it is no longer needed. */
PSA_CHECK( psa_close_key( *key_handle ) );
*key_handle = 0;
- PSA_CHECK( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
- PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ),
- key_handle ) );
+ PSA_CHECK( psa_allocate_key( key_handle ) );
PSA_CHECK( psa_set_key_policy( *key_handle, &policy ) );
/* Use the generator obtained from the parent key to create
* the next intermediate key. */
@@ -352,8 +346,7 @@
psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
*wrapping_key_handle = 0;
- PSA_CHECK( psa_allocate_key( PSA_KEY_TYPE_AES, WRAPPING_KEY_BITS,
- wrapping_key_handle ) );
+ PSA_CHECK( psa_allocate_key( wrapping_key_handle ) );
psa_key_policy_set_usage( &policy, usage, WRAPPING_ALG );
PSA_CHECK( psa_set_key_policy( *wrapping_key_handle, &policy ) );
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index aa0a890..4df20fd 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -527,6 +527,12 @@
PSA hash finish: bad arguments
hash_finish_bad_args:
+PSA hash clone: source state
+hash_clone_source_state:
+
+PSA hash clone: target state
+hash_clone_target_state:
+
MAC operation object initializers zero properly
mac_operation_init:
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 6916bf4..dcb08d8 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -876,8 +876,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
status = psa_import_key( handle, type, data->x, data->len );
TEST_EQUAL( status, expected_status );
if( status == PSA_SUCCESS )
@@ -907,10 +906,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( type1,
- MAX( KEY_BITS_FROM_DATA( type1, data1 ),
- KEY_BITS_FROM_DATA( type2, data2 ) ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, usage, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -954,7 +950,7 @@
length = ret;
/* Try importing the key */
- PSA_ASSERT( psa_allocate_key( type, bits, &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
status = psa_import_key( handle, type, p, length );
TEST_EQUAL( status, expected_status );
if( status == PSA_SUCCESS )
@@ -996,7 +992,7 @@
ASSERT_ALLOC( reexported, export_size );
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( type, expected_bits, &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, usage_arg, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -1042,7 +1038,7 @@
else
{
psa_key_handle_t handle2;
- PSA_ASSERT( psa_allocate_key( type, expected_bits, &handle2 ) );
+ PSA_ASSERT( psa_allocate_key( &handle2 ) );
PSA_ASSERT( psa_set_key_policy( handle2, &policy ) );
PSA_ASSERT( psa_import_key( handle2, type,
@@ -1080,8 +1076,7 @@
const uint8_t data[] = { 0x1, 0x2, 0x3, 0x4, 0x5 };
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( type, PSA_BYTES_TO_BITS( sizeof( data ) ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
/* Import the key */
PSA_ASSERT( psa_import_key( handle, type,
@@ -1131,8 +1126,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, 0,
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -1158,8 +1152,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, 0,
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, exercise_alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -1186,8 +1179,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
/* Import the key - expect failure */
status = psa_import_key( handle, type,
@@ -1218,8 +1210,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
/* Import the key - expect failure */
status = psa_import_key( handle, type,
@@ -1249,8 +1240,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
export_size = (ptrdiff_t) data->len;
@@ -1297,8 +1287,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -1348,8 +1337,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, usage, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -1389,8 +1377,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( sizeof( key ) ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy_set, usage, alg );
TEST_EQUAL( psa_key_policy_get_usage( &policy_set ), usage );
@@ -1451,9 +1438,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type,
- KEY_BITS_FROM_DATA( key_type, key_data ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -1497,9 +1482,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type,
- KEY_BITS_FROM_DATA( key_type, key_data ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -1551,9 +1534,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type,
- KEY_BITS_FROM_DATA( key_type, key_data ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -1608,9 +1589,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type,
- KEY_BITS_FROM_DATA( key_type, key_data ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -1672,9 +1651,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type,
- KEY_BITS_FROM_DATA( key_type, key_data ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -1721,9 +1698,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type,
- KEY_BITS_FROM_DATA( key_type, key_data ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -1763,9 +1738,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type,
- KEY_BITS_FROM_DATA( key_type, key_data ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -1924,6 +1897,92 @@
}
/* END_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
+void hash_clone_source_state( )
+{
+ psa_algorithm_t alg = PSA_ALG_SHA_256;
+ unsigned char hash[PSA_HASH_MAX_SIZE];
+ psa_hash_operation_t op_source = PSA_HASH_OPERATION_INIT;
+ psa_hash_operation_t op_init = PSA_HASH_OPERATION_INIT;
+ psa_hash_operation_t op_setup = PSA_HASH_OPERATION_INIT;
+ psa_hash_operation_t op_finished = PSA_HASH_OPERATION_INIT;
+ psa_hash_operation_t op_aborted = PSA_HASH_OPERATION_INIT;
+ size_t hash_len;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+ PSA_ASSERT( psa_hash_setup( &op_source, alg ) );
+
+ PSA_ASSERT( psa_hash_setup( &op_setup, alg ) );
+ PSA_ASSERT( psa_hash_setup( &op_finished, alg ) );
+ PSA_ASSERT( psa_hash_finish( &op_finished,
+ hash, sizeof( hash ), &hash_len ) );
+ PSA_ASSERT( psa_hash_setup( &op_aborted, alg ) );
+ PSA_ASSERT( psa_hash_abort( &op_aborted ) );
+
+ TEST_EQUAL( psa_hash_clone( &op_source, &op_setup ),
+ PSA_ERROR_BAD_STATE );
+
+ PSA_ASSERT( psa_hash_clone( &op_source, &op_init ) );
+ PSA_ASSERT( psa_hash_finish( &op_init,
+ hash, sizeof( hash ), &hash_len ) );
+ PSA_ASSERT( psa_hash_clone( &op_source, &op_finished ) );
+ PSA_ASSERT( psa_hash_finish( &op_finished,
+ hash, sizeof( hash ), &hash_len ) );
+ PSA_ASSERT( psa_hash_clone( &op_source, &op_aborted ) );
+ PSA_ASSERT( psa_hash_finish( &op_aborted,
+ hash, sizeof( hash ), &hash_len ) );
+
+exit:
+ psa_hash_abort( &op_source );
+ psa_hash_abort( &op_init );
+ psa_hash_abort( &op_setup );
+ psa_hash_abort( &op_finished );
+ psa_hash_abort( &op_aborted );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
+void hash_clone_target_state( )
+{
+ psa_algorithm_t alg = PSA_ALG_SHA_256;
+ unsigned char hash[PSA_HASH_MAX_SIZE];
+ psa_hash_operation_t op_init = PSA_HASH_OPERATION_INIT;
+ psa_hash_operation_t op_setup = PSA_HASH_OPERATION_INIT;
+ psa_hash_operation_t op_finished = PSA_HASH_OPERATION_INIT;
+ psa_hash_operation_t op_aborted = PSA_HASH_OPERATION_INIT;
+ psa_hash_operation_t op_target = PSA_HASH_OPERATION_INIT;
+ size_t hash_len;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_hash_setup( &op_setup, alg ) );
+ PSA_ASSERT( psa_hash_setup( &op_finished, alg ) );
+ PSA_ASSERT( psa_hash_finish( &op_finished,
+ hash, sizeof( hash ), &hash_len ) );
+ PSA_ASSERT( psa_hash_setup( &op_aborted, alg ) );
+ PSA_ASSERT( psa_hash_abort( &op_aborted ) );
+
+ PSA_ASSERT( psa_hash_clone( &op_setup, &op_target ) );
+ PSA_ASSERT( psa_hash_finish( &op_target,
+ hash, sizeof( hash ), &hash_len ) );
+
+ TEST_EQUAL( psa_hash_clone( &op_init, &op_target ), PSA_ERROR_BAD_STATE );
+ TEST_EQUAL( psa_hash_clone( &op_finished, &op_target ),
+ PSA_ERROR_BAD_STATE );
+ TEST_EQUAL( psa_hash_clone( &op_aborted, &op_target ),
+ PSA_ERROR_BAD_STATE );
+
+exit:
+ psa_hash_abort( &op_target );
+ psa_hash_abort( &op_init );
+ psa_hash_abort( &op_setup );
+ psa_hash_abort( &op_finished );
+ psa_hash_abort( &op_aborted );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
/* BEGIN_CASE */
void mac_operation_init( )
{
@@ -1965,8 +2024,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy,
PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY,
alg );
@@ -2011,8 +2069,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -2059,8 +2116,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -2123,8 +2179,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -2166,8 +2221,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -2233,8 +2287,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -2303,8 +2356,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -2375,8 +2427,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -2443,8 +2494,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -2528,8 +2578,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -2631,8 +2680,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy,
PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
alg );
@@ -2697,8 +2745,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT , alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -2747,8 +2794,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT , alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -2807,9 +2853,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type,
- KEY_BITS_FROM_DATA( key_type, key_data ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -2863,9 +2907,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type,
- KEY_BITS_FROM_DATA( key_type, key_data ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -2906,9 +2948,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type,
- KEY_BITS_FROM_DATA( key_type, key_data ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy,
PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY,
alg );
@@ -2977,9 +3017,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type,
- KEY_BITS_FROM_DATA( key_type, key_data ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -3012,9 +3050,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type,
- KEY_BITS_FROM_DATA( key_type, key_data ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -3059,9 +3095,7 @@
PSA_ASSERT( psa_crypto_init( ) );
/* Import the key */
- PSA_ASSERT( psa_allocate_key( key_type,
- KEY_BITS_FROM_DATA( key_type, key_data ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
PSA_ASSERT( psa_import_key( handle, key_type,
@@ -3128,9 +3162,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type,
- KEY_BITS_FROM_DATA( key_type, key_data ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy,
PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
alg );
@@ -3198,9 +3230,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type,
- KEY_BITS_FROM_DATA( key_type, key_data ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -3264,9 +3294,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type,
- KEY_BITS_FROM_DATA( key_type, key_data ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -3349,8 +3377,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -3387,9 +3414,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( key_type,
- PSA_BYTES_TO_BITS( sizeof( key_data ) ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -3484,9 +3509,7 @@
ASSERT_ALLOC( output_buffer, output_buffer_size );
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
- PSA_BYTES_TO_BITS( key_data->len ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -3564,9 +3587,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
- PSA_BYTES_TO_BITS( key_data->len ),
- &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -3636,9 +3657,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
- PSA_BYTES_TO_BITS( key_data->len ),
- &base_handle ) );
+ PSA_ASSERT( psa_allocate_key( &base_handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
PSA_ASSERT( psa_set_key_policy( base_handle, &policy ) );
PSA_ASSERT( psa_import_key( base_handle, PSA_KEY_TYPE_DERIVE,
@@ -3650,8 +3669,7 @@
salt->x, salt->len,
label->x, label->len,
capacity ) );
- PSA_ASSERT( psa_allocate_key( derived_type, derived_bits,
- &derived_handle ) );
+ PSA_ASSERT( psa_allocate_key( &derived_handle ) );
psa_key_policy_set_usage( &policy, derived_usage, derived_alg );
PSA_ASSERT( psa_set_key_policy( derived_handle, &policy ) );
PSA_ASSERT( psa_generator_import_key( derived_handle,
@@ -3703,9 +3721,7 @@
ASSERT_ALLOC( export_buffer, capacity );
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
- PSA_BYTES_TO_BITS( key_data->len ),
- &base_handle ) );
+ PSA_ASSERT( psa_allocate_key( &base_handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
PSA_ASSERT( psa_set_key_policy( base_handle, &policy ) );
PSA_ASSERT( psa_import_key( base_handle, PSA_KEY_TYPE_DERIVE,
@@ -3727,8 +3743,7 @@
salt->x, salt->len,
label->x, label->len,
capacity ) );
- PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, derived_bits,
- &derived_handle ) );
+ PSA_ASSERT( psa_allocate_key( &derived_handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, 0 );
PSA_ASSERT( psa_set_key_policy( derived_handle, &policy ) );
PSA_ASSERT( psa_generator_import_key( derived_handle,
@@ -3740,9 +3755,7 @@
&length ) );
TEST_EQUAL( length, bytes1 );
PSA_ASSERT( psa_destroy_key( derived_handle ) );
- PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA,
- PSA_BYTES_TO_BITS( bytes2 ),
- &derived_handle ) );
+ PSA_ASSERT( psa_allocate_key( &derived_handle ) );
PSA_ASSERT( psa_set_key_policy( derived_handle, &policy ) );
PSA_ASSERT( psa_generator_import_key( derived_handle,
PSA_KEY_TYPE_RAW_DATA,
@@ -3781,10 +3794,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( our_key_type,
- KEY_BITS_FROM_DATA( our_key_type,
- our_key_data ),
- &our_key ) );
+ PSA_ASSERT( psa_allocate_key( &our_key ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
PSA_ASSERT( psa_set_key_policy( our_key, &policy ) );
PSA_ASSERT( psa_import_key( our_key, our_key_type,
@@ -3820,10 +3830,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( our_key_type,
- KEY_BITS_FROM_DATA( our_key_type,
- our_key_data ),
- &our_key ) );
+ PSA_ASSERT( psa_allocate_key( &our_key ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
PSA_ASSERT( psa_set_key_policy( our_key, &policy ) );
PSA_ASSERT( psa_import_key( our_key, our_key_type,
@@ -3877,10 +3884,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( our_key_type,
- KEY_BITS_FROM_DATA( our_key_type,
- our_key_data ),
- &our_key ) );
+ PSA_ASSERT( psa_allocate_key( &our_key ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
PSA_ASSERT( psa_set_key_policy( our_key, &policy ) );
PSA_ASSERT( psa_import_key( our_key, our_key_type,
@@ -3986,7 +3990,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- PSA_ASSERT( psa_allocate_key( type, bits, &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
psa_key_policy_set_usage( &policy, usage, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -4042,7 +4046,6 @@
PSA_ASSERT( psa_crypto_init() );
PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, 1,
- type, bits,
&handle ) );
psa_key_policy_set_usage( &policy_set, policy_usage,
policy_alg );
@@ -4064,9 +4067,7 @@
case DERIVE_KEY:
/* Create base key */
- PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
- PSA_BYTES_TO_BITS( data->len ),
- &base_key ) );
+ PSA_ASSERT( psa_allocate_key( &base_key ) );
psa_key_policy_set_usage( &base_policy_set, PSA_KEY_USAGE_DERIVE,
base_policy_alg );
PSA_ASSERT( psa_set_key_policy(
diff --git a/tests/suites/test_suite_psa_crypto_hash.function b/tests/suites/test_suite_psa_crypto_hash.function
index bdb2f98..8abd4e2 100644
--- a/tests/suites/test_suite_psa_crypto_hash.function
+++ b/tests/suites/test_suite_psa_crypto_hash.function
@@ -67,6 +67,7 @@
unsigned char actual_hash[PSA_HASH_MAX_SIZE];
size_t actual_hash_length;
psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
+ psa_hash_operation_t operation2 = PSA_HASH_OPERATION_INIT;
uint32_t len = 0;
PSA_ASSERT( psa_crypto_init( ) );
@@ -78,16 +79,23 @@
PSA_ASSERT( psa_hash_update( &operation,
input->x, len ) );
+ PSA_ASSERT( psa_hash_clone( &operation, &operation2 ) );
PSA_ASSERT( psa_hash_update( &operation,
input->x + len, input->len - len ) );
+ PSA_ASSERT( psa_hash_update( &operation2,
+ input->x + len, input->len - len ) );
PSA_ASSERT( psa_hash_finish( &operation,
actual_hash, sizeof( actual_hash ),
&actual_hash_length ) );
-
ASSERT_COMPARE( expected_hash->x, expected_hash->len,
actual_hash, actual_hash_length );
+ PSA_ASSERT( psa_hash_finish( &operation2,
+ actual_hash, sizeof( actual_hash ),
+ &actual_hash_length ) );
+ ASSERT_COMPARE( expected_hash->x, expected_hash->len,
+ actual_hash, actual_hash_length );
} while( len++ != input->len );
exit:
diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function
index 939a37b..e19ef2b 100644
--- a/tests/suites/test_suite_psa_crypto_persistent_key.function
+++ b/tests/suites/test_suite_psa_crypto_persistent_key.function
@@ -97,8 +97,6 @@
PSA_ASSERT( psa_crypto_init() );
PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
- PSA_KEY_TYPE_RAW_DATA,
- PSA_BYTES_TO_BITS( data_length ),
&handle ) );
TEST_EQUAL( psa_import_key( handle, PSA_KEY_TYPE_RAW_DATA,
@@ -125,8 +123,6 @@
PSA_ASSERT( psa_crypto_init() );
PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
- first_type,
- PSA_BYTES_TO_BITS( first_data->len ),
&handle ) );
if( should_store == 1 )
@@ -151,8 +147,6 @@
/* Create another key in the same slot */
PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
- second_type,
- PSA_BYTES_TO_BITS( second_data->len ),
&handle ) );
PSA_ASSERT( psa_import_key(
handle, second_type,
@@ -176,8 +170,6 @@
PSA_ASSERT( psa_crypto_init() );
PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
- type,
- PSA_BYTES_TO_BITS( data->len ),
&handle ) );
TEST_EQUAL( psa_import_key( handle, type, data->x, data->len ),
expected_status );
@@ -217,8 +209,6 @@
PSA_ASSERT( psa_crypto_init( ) );
PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
- type,
- PSA_BYTES_TO_BITS( data->len ),
&handle ) );
psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT,
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data
index 39661b9..e8ec40c 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.data
+++ b/tests/suites/test_suite_psa_crypto_slot_management.data
@@ -1,41 +1,29 @@
Transient slot, check after closing
-transient_slot_lifecycle:PSA_KEY_TYPE_RAW_DATA:128:0:0:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE
+transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE
Transient slot, check after destroying
-transient_slot_lifecycle:PSA_KEY_TYPE_RAW_DATA:128:0:0:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY
+transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY
Transient slot, check after restart
-transient_slot_lifecycle:PSA_KEY_TYPE_RAW_DATA:128:0:0:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN
+transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN
Persistent slot, check after closing
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_RAW_DATA:128:0:0:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE
Persistent slot, check after destroying
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_RAW_DATA:128:0:0:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY
Persistent slot, check after restart
-persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_RAW_DATA:128:0:0:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN
-Attempt to overwrite: close before, same type
-create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_RAW_DATA:CLOSE_BEFORE
+Attempt to overwrite: close before
+create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:CLOSE_BEFORE
-Attempt to overwrite: close before, different type
-depends_on:MBEDTLS_AES_C
-create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_AES:CLOSE_BEFORE
+Attempt to overwrite: close after
+create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:CLOSE_AFTER
-Attempt to overwrite: close after, same type
-create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_RAW_DATA:CLOSE_AFTER
-
-Attempt to overwrite: close after, different type
-depends_on:MBEDTLS_AES_C
-create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_AES:CLOSE_AFTER
-
-Attempt to overwrite: keep open, same type
-create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_RAW_DATA:KEEP_OPEN
-
-Attempt to overwrite: keep open, different type
-depends_on:MBEDTLS_AES_C
-create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_AES:KEEP_OPEN
+Attempt to overwrite: keep open
+create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:KEEP_OPEN
Open failure: invalid identifier (0)
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
@@ -56,18 +44,18 @@
open_fail:0x7fffffff:0:PSA_ERROR_INVALID_ARGUMENT
Create failure: volatile lifetime
-create_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT
+create_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_ERROR_INVALID_ARGUMENT
Create failure: invalid lifetime
-create_fail:0x7fffffff:0:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT
+create_fail:0x7fffffff:0:PSA_ERROR_INVALID_ARGUMENT
Create failure: invalid key id (0)
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-create_fail:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT
+create_fail:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_ERROR_INVALID_ARGUMENT
Create failure: invalid key id (random seed UID)
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT
+create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_INVALID_ARGUMENT
Open not supported
depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C
@@ -75,7 +63,7 @@
Create not supported
depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C
-create_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_NOT_SUPPORTED
+create_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_NOT_SUPPORTED
Close/destroy invalid handle
invalid_handle:
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function
index 670c740..46fafcc 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.function
+++ b/tests/suites/test_suite_psa_crypto_slot_management.function
@@ -65,15 +65,13 @@
*/
/* BEGIN_CASE */
-void transient_slot_lifecycle( int type_arg, int max_bits_arg,
- int alg_arg, int usage_arg,
- data_t *key_data,
+void transient_slot_lifecycle( int alg_arg, int usage_arg,
+ int type_arg, data_t *key_data,
int close_method_arg )
{
- psa_key_type_t type = type_arg;
- size_t max_bits = max_bits_arg;
psa_algorithm_t alg = alg_arg;
psa_key_usage_t usage_flags = usage_arg;
+ psa_key_type_t type = type_arg;
close_method_t close_method = close_method_arg;
psa_key_type_t read_type;
psa_key_handle_t handle = 0;
@@ -82,7 +80,7 @@
PSA_ASSERT( psa_crypto_init( ) );
/* Get a handle and import a key. */
- PSA_ASSERT( psa_allocate_key( type, max_bits, &handle ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
TEST_ASSERT( handle != 0 );
psa_key_policy_set_usage( &policy, usage_flags, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -116,17 +114,15 @@
/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */
void persistent_slot_lifecycle( int lifetime_arg, int id_arg,
- int type_arg, int max_bits_arg,
int alg_arg, int usage_arg,
- data_t *key_data,
+ int type_arg, data_t *key_data,
int close_method_arg )
{
psa_key_lifetime_t lifetime = lifetime_arg;
psa_key_id_t id = id_arg;
- psa_key_type_t type = type_arg;
- size_t max_bits = max_bits_arg;
psa_algorithm_t alg = alg_arg;
psa_key_usage_t usage_flags = usage_arg;
+ psa_key_type_t type = type_arg;
close_method_t close_method = close_method_arg;
psa_key_type_t read_type;
psa_key_handle_t handle = 0;
@@ -137,7 +133,7 @@
PSA_ASSERT( psa_crypto_init( ) );
/* Get a handle and import a key. */
- PSA_ASSERT( psa_create_key( lifetime, id, type, max_bits, &handle ) );
+ PSA_ASSERT( psa_create_key( lifetime, id, &handle ) );
TEST_ASSERT( handle != 0 );
psa_key_policy_set_usage( &policy, usage_flags, alg );
PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
@@ -194,7 +190,6 @@
/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */
void create_existent( int lifetime_arg, int id_arg,
- int new_type_arg,
int reopen_policy_arg )
{
psa_key_lifetime_t lifetime = lifetime_arg;
@@ -203,7 +198,6 @@
psa_key_policy_t policy1 = PSA_KEY_POLICY_INIT;
psa_key_policy_t read_policy = PSA_KEY_POLICY_INIT;
psa_key_type_t type1 = PSA_KEY_TYPE_RAW_DATA;
- psa_key_type_t type2 = new_type_arg;
psa_key_type_t read_type;
const uint8_t material1[16] = "test material #1";
size_t bits1 = PSA_BYTES_TO_BITS( sizeof( material1 ) );
@@ -217,7 +211,7 @@
PSA_ASSERT( psa_crypto_init( ) );
/* Create a key. */
- PSA_ASSERT( psa_create_key( lifetime, id, type1, bits1, &handle1 ) );
+ PSA_ASSERT( psa_create_key( lifetime, id, &handle1 ) );
TEST_ASSERT( handle1 != 0 );
psa_key_policy_set_usage( &policy1, PSA_KEY_USAGE_EXPORT, 0 );
PSA_ASSERT( psa_set_key_policy( handle1, &policy1 ) );
@@ -228,7 +222,7 @@
PSA_ASSERT( psa_close_key( handle1 ) );
/* Attempt to create a new key in the same slot. */
- TEST_EQUAL( psa_create_key( lifetime, id, type2, bits1, &handle2 ),
+ TEST_EQUAL( psa_create_key( lifetime, id, &handle2 ),
PSA_ERROR_OCCUPIED_SLOT );
TEST_EQUAL( handle2, 0 );
@@ -276,13 +270,10 @@
/* BEGIN_CASE */
void create_fail( int lifetime_arg, int id_arg,
- int type_arg, int max_bits_arg,
int expected_status_arg )
{
psa_key_lifetime_t lifetime = lifetime_arg;
psa_key_id_t id = id_arg;
- psa_key_type_t type = type_arg;
- size_t max_bits = max_bits_arg;
psa_status_t expected_status = expected_status_arg;
psa_key_handle_t handle = 0xdead;
@@ -290,7 +281,7 @@
PSA_ASSERT( psa_crypto_init( ) );
- TEST_EQUAL( psa_create_key( lifetime, id, type, max_bits, &handle ),
+ TEST_EQUAL( psa_create_key( lifetime, id, &handle ),
expected_status );
TEST_EQUAL( handle, 0 );
@@ -314,7 +305,7 @@
PSA_ASSERT( psa_crypto_init( ) );
/* Allocate a handle and store a key in it. */
- PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, 1, &handle1 ) );
+ PSA_ASSERT( psa_allocate_key( &handle1 ) );
TEST_ASSERT( handle1 != 0 );
psa_key_policy_set_usage( &policy, 0, 0 );
PSA_ASSERT( psa_set_key_policy( handle1, &policy ) );
@@ -350,7 +341,6 @@
psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
uint8_t exported[sizeof( size_t )];
size_t exported_length;
- size_t max_bits = PSA_BITS_TO_BYTES( sizeof( exported ) );
ASSERT_ALLOC( handles, max_handles );
PSA_ASSERT( psa_crypto_init( ) );
@@ -358,8 +348,7 @@
for( i = 0; i < max_handles; i++ )
{
- status = psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, max_bits,
- &handles[i] );
+ status = psa_allocate_key( &handles[i] );
if( status == PSA_ERROR_INSUFFICIENT_MEMORY )
break;
PSA_ASSERT( status );