Remove psa_crypto_storage_file
Now that we have ITS over files, we no longer need a direct backend
for key storage over files. Remove psa_crypto_storage_file and its
tests.
Switch MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C and MBEDTLS_PSA_ITS_FILE_C on
by default. This preserves functionality and test coverage in the
default configuration, but forgets any key previously stored using the
file backend.
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 421fd7a..1b239a4 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -141,7 +141,6 @@
add_test_suite(psa_crypto_metadata)
add_test_suite(psa_crypto_persistent_key)
add_test_suite(psa_crypto_slot_management)
-add_test_suite(psa_crypto_storage_file)
add_test_suite(psa_its)
add_test_suite(shax)
add_test_suite(timing)
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 2806426..d995ba5 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -689,8 +689,9 @@
scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
scripts/config.pl unset MBEDTLS_FS_IO
- scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C
+ scripts/config.pl unset MBEDTLS_PSA_ITS_FILE_C
+ scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
# Note, _DEFAULT_SOURCE needs to be defined for platforms using glibc version >2.19,
# to re-enable platform integration features otherwise disabled in C99 builds
make CC=gcc CFLAGS='-Werror -Wall -Wextra -std=c99 -pedantic -O0 -D_DEFAULT_SOURCE' lib programs
@@ -870,7 +871,8 @@
scripts/config.pl unset MBEDTLS_NET_C
scripts/config.pl unset MBEDTLS_TIMING_C
scripts/config.pl unset MBEDTLS_FS_IO
- scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+ scripts/config.pl unset MBEDTLS_PSA_ITS_FILE_C
+ scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C
scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY
@@ -889,7 +891,8 @@
scripts/config.pl unset MBEDTLS_NET_C
scripts/config.pl unset MBEDTLS_TIMING_C
scripts/config.pl unset MBEDTLS_FS_IO
- scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+ scripts/config.pl unset MBEDTLS_PSA_ITS_FILE_C
+ scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C
scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY
@@ -911,7 +914,8 @@
scripts/config.pl unset MBEDTLS_NET_C
scripts/config.pl unset MBEDTLS_TIMING_C
scripts/config.pl unset MBEDTLS_FS_IO
- scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+ scripts/config.pl unset MBEDTLS_PSA_ITS_FILE_C
+ scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C
scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY
@@ -933,7 +937,8 @@
scripts/config.pl unset MBEDTLS_NET_C
scripts/config.pl unset MBEDTLS_TIMING_C
scripts/config.pl unset MBEDTLS_FS_IO
- scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+ scripts/config.pl unset MBEDTLS_PSA_ITS_FILE_C
+ scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C
scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
scripts/config.pl unset MBEDTLS_HAVE_TIME
diff --git a/tests/suites/test_suite_psa_crypto_storage_file.data b/tests/suites/test_suite_psa_crypto_storage_file.data
deleted file mode 100644
index 4b068e1..0000000
--- a/tests/suites/test_suite_psa_crypto_storage_file.data
+++ /dev/null
@@ -1,43 +0,0 @@
-PSA Storage Load verify loaded file
-depends_on:MBEDTLS_FS_IO
-load_data_from_file:1:"deadbeef":1:4:PSA_SUCCESS
-
-PSA Storage Load check slots dont share state
-depends_on:MBEDTLS_FS_IO
-load_data_from_file:2:"deadbeef":1:4:PSA_ERROR_STORAGE_FAILURE
-
-PSA Storage Load zero length file
-depends_on:MBEDTLS_FS_IO
-load_data_from_file:1:"":1:1:PSA_SUCCESS
-
-PSA Storage Load less than capacity of data buffer
-depends_on:MBEDTLS_FS_IO
-load_data_from_file:1:"deadbeef":1:5:PSA_SUCCESS
-
-PSA Storage Load nonexistent file location, should fail
-depends_on:MBEDTLS_FS_IO
-load_data_from_file:1:"deadbeef":0:4:PSA_ERROR_STORAGE_FAILURE
-
-PSA Storage Store verify stored file
-depends_on:MBEDTLS_FS_IO
-write_data_to_file:"deadbeef":PSA_SUCCESS
-
-PSA Storage Store into preexisting location, should fail
-depends_on:MBEDTLS_FS_IO
-write_data_to_prexisting_file:"psa_key_slot_1":"deadbeef":PSA_ERROR_ALREADY_EXISTS
-
-PSA Storage Store, preexisting temp_location file, should succeed
-depends_on:MBEDTLS_FS_IO
-write_data_to_prexisting_file:"psa_key_slot_0":"deadbeef":PSA_SUCCESS
-
-PSA Storage Get data size verify data size
-depends_on:MBEDTLS_FS_IO
-get_file_size:"deadbeef":4:PSA_SUCCESS:1
-
-PSA Storage Get data size verify data size zero length file
-depends_on:MBEDTLS_FS_IO
-get_file_size:"":0:PSA_SUCCESS:1
-
-PSA Storage Get data size nonexistent file location, should fail
-depends_on:MBEDTLS_FS_IO
-get_file_size:"deadbeef":4:PSA_ERROR_DOES_NOT_EXIST:0
diff --git a/tests/suites/test_suite_psa_crypto_storage_file.function b/tests/suites/test_suite_psa_crypto_storage_file.function
deleted file mode 100644
index e596be1..0000000
--- a/tests/suites/test_suite_psa_crypto_storage_file.function
+++ /dev/null
@@ -1,157 +0,0 @@
-/* BEGIN_HEADER */
-#include <stdint.h>
-#include "psa/crypto.h"
-#include "psa_crypto_storage_backend.h"
-
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void load_data_from_file( int id_to_load_arg,
- data_t *data, int should_make_file,
- int capacity_arg, int expected_status )
-{
- psa_key_id_t id_to_load = id_to_load_arg;
- char slot_location[] = "psa_key_slot_1";
- psa_status_t status;
- int ret;
- size_t file_size = 0;
- uint8_t *loaded_data = NULL;
- size_t capacity = (size_t) capacity_arg;
-
- if( should_make_file == 1 )
- {
- /* Create a file with data contents, with mask permissions. */
- FILE *file;
- file = fopen( slot_location, "wb+" );
- TEST_ASSERT( file != NULL );
- file_size = fwrite( data->x, 1, data->len, file );
- TEST_EQUAL( file_size, data->len );
- ret = fclose( file );
- TEST_EQUAL( ret, 0 );
- }
-
- /* Read from the file with psa_crypto_storage_load. */
- ASSERT_ALLOC( loaded_data, capacity );
- status = psa_crypto_storage_load( id_to_load, loaded_data, file_size );
-
- /* Check we get the expected status. */
- TEST_EQUAL( status, expected_status );
- if( status != PSA_SUCCESS )
- goto exit;
-
- /* Check that the file data and data length is what we expect. */
- ASSERT_COMPARE( data->x, data->len, loaded_data, file_size );
-
-exit:
- mbedtls_free( loaded_data );
- remove( slot_location );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void write_data_to_file( data_t *data, int expected_status )
-{
- char slot_location[] = "psa_key_slot_1";
- psa_status_t status;
- int ret;
- FILE *file;
- size_t file_size;
- size_t num_read;
- uint8_t *loaded_data = NULL;
-
- /* Write data to file. */
- status = psa_crypto_storage_store( 1, data->x, data->len );
-
- /* Check that we got the expected status. */
- TEST_EQUAL( status, expected_status );
- if( status != PSA_SUCCESS )
- goto exit;
-
- /* Check that the file length is what we expect */
- file = fopen( slot_location, "rb" );
- TEST_ASSERT( file != NULL );
- fseek( file, 0, SEEK_END );
- file_size = (size_t) ftell( file );
- fseek( file, 0, SEEK_SET );
- TEST_EQUAL( file_size, data->len );
-
- /* Check that the file contents are what we expect */
- ASSERT_ALLOC( loaded_data, data->len );
-
- num_read = fread( loaded_data, 1, file_size, file );
- TEST_EQUAL( num_read, file_size );
- ASSERT_COMPARE( data->x, data->len, loaded_data, file_size );
- ret = fclose( file );
- TEST_EQUAL( ret, 0 );
-
-exit:
- mbedtls_free( loaded_data );
- remove( slot_location );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void get_file_size( data_t *data, int expected_data_length,
- int expected_status, int should_make_file )
-{
- char slot_location[] = "psa_key_slot_1";
- psa_status_t status;
- int ret;
- size_t file_size;
-
- if( should_make_file )
- {
- /* Create a file with data contents, with mask permissions. */
- FILE *file;
- file = fopen( slot_location, "wb+" );
- TEST_ASSERT( file != NULL );
- file_size = fwrite( data->x, 1, data->len, file );
- TEST_EQUAL( file_size, data->len );
- ret = fclose( file );
- TEST_EQUAL( ret, 0 );
- }
-
- /* Check get data size is what we expect */
- status = psa_crypto_storage_get_data_length( 1, &file_size );
- TEST_EQUAL( status, expected_status );
- if( expected_status == PSA_SUCCESS )
- TEST_EQUAL( file_size, (size_t)expected_data_length );
-
-exit:
- remove( slot_location );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void write_data_to_prexisting_file( char *preexist_file_location,
- data_t *data, int expected_status )
-{
- char slot_location[] = "psa_key_slot_1";
- psa_status_t status;
- int ret;
- FILE *file;
-
- /* Create file first */
- file = fopen( preexist_file_location, "wb" );
- TEST_ASSERT( file != NULL );
- ret = fclose( file );
- TEST_EQUAL( ret, 0 );
-
- /* Write data to file. */
- status = psa_crypto_storage_store( 1, data->x, data->len );
-
- /* Check that we got the expected status. */
- TEST_EQUAL( status, expected_status );
- if( status != PSA_SUCCESS )
- goto exit;
-
-exit:
- remove( preexist_file_location );
- remove( slot_location );
-}
-/* END_CASE */